php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #48880 Random Appearing open_basedir problem
Submitted: 2009-07-10 17:49 UTC Modified: 2009-07-31 21:10 UTC
Votes:26
Avg. Score:4.8 ± 0.5
Reproduced:23 of 24 (95.8%)
Same Version:23 (100.0%)
Same OS:11 (47.8%)
From: brwarner at rogers dot com Assigned:
Status: Closed Package: Safe Mode/open_basedir
PHP Version: 5.3SVN-2009-07-27 (snap) OS: *
Private report: No CVE-ID:
 [2009-07-10 17:49 UTC] brwarner at rogers dot com

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-07-10 18:10 UTC] jani@php.net
What apache version are you using? PHP as CGI or module? Which module?
 [2009-07-10 18:18 UTC] brwarner at rogers dot com
I am using Apache version 2.2.11
I downloaded the VC6 Thread Safe Installer Binary from the windows PHP 
download site, and these are the lines the installer placed into the 
httpd configuration file:

#BEGIN PHP INSTALLER EDITS - REMOVE ONLY ON UNINSTALL
PHPIniDir "C:/Program Files/PHP/"
LoadModule php5_module "C:/Program Files/PHP/php5apache2_2.dll"
#END PHP INSTALLER EDITS - REMOVE ONLY ON UNINSTALL
 [2009-07-10 18:22 UTC] jani@php.net
Is open_basedir set in httpd.conf or in some .htaccess file?
And does this happen _only_ with PHP 5.3.0 ?
 [2009-07-10 18:27 UTC] brwarner at rogers dot com
In the httpd file the following line includes the virtual hosts file

# Virtual hosts
Include conf/extra/httpd-vhosts.conf

In that file here is what the virtual host for that specific domain is

<VirtualHost *:80>
	ServerName brwarner.co.cc
	ServerAlias www.brwarner.co.cc 127.0.0.1
	DocumentRoot "C:/www/brwarner.co.cc"
	php_admin_value open_basedir 
"C:\www\brwarner.co.cc;C:\svn;C:\Program 
Files\PHP\PEAR;C:\WINDOWS\Temp;C:\djgpp"
	php_admin_value short_open_tag "Off"
	ErrorLog "C:/www/logs/brwarner_error.log"
	ErrorDocument 404 /error404.php
</VirtualHost>

I have several other virtual hosts with look practically idential.

I have never seen this in any other version of PHP besides 5.3.0 and 
not before I upgraded, and I have had these sites working for a while 
so if it was there I probably would have seen it.
 [2009-07-12 11:09 UTC] te at powie dot de

 [2009-07-12 15:03 UTC] brwarner at rogers dot com
Yes, they also appear to have ASCII characters outside those of letters, 
numbers, and symbols. Almost like it is being corrupted.
 [2009-07-12 15:05 UTC] pajoye@php.net
not windows specific (given the comments)
 [2009-07-12 18:49 UTC] patrick at patrickpatoray dot com
I am having the same problem on Mac OS X 10.5.7.  

Intermittent failures.  It will work after a refresh or two.  Each 
time, it seems to have a slightly 
different allowed path(s).  I've pasted a few example error lines 
below:


Warning: Unknown: open_basedir restriction in effect. 
File(/www/htdocs/common/functions/class.Base.php) is 
not within the allowed path(s): (X-Powered-By: PHP/5.3.0) in Unknown 
on line 0

Warning: Unknown: open_basedir restriction in effect. 
File(/www/htdocs/common/functions/class.Base.php) is 
not within the allowed path(s): (Mozilla/5.0 (Macintosh; U; Intel Mac 
OS X 10_5_7; en-us) AppleWebKit/530.18 
(KHTML, like Gecko) Version/4.0.1 Safari/530.18) in Unknown on line 0

Warning: Unknown: open_basedir restriction in effect. 
File(/www/htdocs/common/functions/class.Base.php) is 
not within the allowed path(s): ( Mac OS X 10_5_7; en-us) 
AppleWebKit/530.19.2 (KHTML, like Gecko) 
Version/4.0.2 Safari/530.19) in Unknown on line 0

Warning: Unknown: open_basedir restriction in effect. 
File(/www/htdocs/common/functions/class.Base.php) is 
not within the allowed path(s): (&#65533;O) in Unknown on line 0


I am using Apache 2.2.11 with PHP configured as a module.  Thread 
safety is disabled.

I am setting open_basedir for each virtual host using php_admin_value

The file class.Base.php is included via an auto_prepend line in 
httpd.conf (not on a virtual host basis, but 
for all virtual hosts), which is why it shows "in Unknown on line 0" 
for each error message

As mentioned by brwarner, I have never seen this in any other version 
of PHP until 5.3.0.
 [2009-07-12 20:47 UTC] gwynne@php.net
I set up a build of 5.3 (latest SVN) with Apache 2.2.11, set php_admin_value open_basedir, and ran the whole mess through valgrind. Here're the results:

==63247== Invalid read of size 1
==63247==    at 0x100C4974B: OnUpdateBaseDir (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00B5A: zend_alter_ini_entry_ex (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D008C3: zend_alter_ini_entry (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DF0C5D: apply_config (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DEFF53: php_handler (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100001C2A: ap_run_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x1000024DD: ap_invoke_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x100038579: ap_process_request (in /sw/httpd/bin/httpd)
==63247==    by 0x100034E3C: ap_process_http_connection (in /sw/httpd/bin/httpd)
==63247==    by 0x100012356: ap_run_process_connection (in /sw/httpd/bin/httpd)
==63247==    by 0x1000127A6: ap_process_connection (in /sw/httpd/bin/httpd)
==63247==    by 0x10005EC22: child_main (in /sw/httpd/bin/httpd)
==63247==  Address 0x1037727b0 is 0 bytes inside a block of size 17 free'd
==63247==    at 0x1000BDAEF: free (vg_replace_malloc.c:324)
==63247==    by 0x100CB259C: _efree (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CFFF97: zend_restore_ini_entry_cb (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00042: zend_restore_ini_entry_wrapper (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CF5F03: zend_hash_apply (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00225: zend_ini_deactivate (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CE28D7: zend_deactivate (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100C40DC2: php_request_shutdown (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DEFBB9: php_apache_request_dtor (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DF05B9: php_handler (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100001C2A: ap_run_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x1000024DD: ap_invoke_handler (in /sw/httpd/bin/httpd)
==63247== 
==63247== Invalid read of size 1
==63247==    at 0x100C49C20: php_check_open_basedir_ex (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100C497EA: OnUpdateBaseDir (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00B5A: zend_alter_ini_entry_ex (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D008C3: zend_alter_ini_entry (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DF0C5D: apply_config (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DEFF53: php_handler (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100001C2A: ap_run_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x1000024DD: ap_invoke_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x100038579: ap_process_request (in /sw/httpd/bin/httpd)
==63247==    by 0x100034E3C: ap_process_http_connection (in /sw/httpd/bin/httpd)
==63247==    by 0x100012356: ap_run_process_connection (in /sw/httpd/bin/httpd)
==63247==    by 0x1000127A6: ap_process_connection (in /sw/httpd/bin/httpd)
==63247==  Address 0x1037727b0 is 0 bytes inside a block of size 17 free'd
==63247==    at 0x1000BDAEF: free (vg_replace_malloc.c:324)
==63247==    by 0x100CB259C: _efree (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CFFF97: zend_restore_ini_entry_cb (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00042: zend_restore_ini_entry_wrapper (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CF5F03: zend_hash_apply (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00225: zend_ini_deactivate (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CE28D7: zend_deactivate (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100C40DC2: php_request_shutdown (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DEFBB9: php_apache_request_dtor (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DF05B9: php_handler (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100001C2A: ap_run_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x1000024DD: ap_invoke_handler (in /sw/httpd/bin/httpd)
==63247== 
==63247== Invalid read of size 1
==63247==    at 0x1000BEF96: strlen (mc_replace_strmem.c:275)
==63247==    by 0x100CB2A6F: _estrdup (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100C49C6E: php_check_open_basedir_ex (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100C497EA: OnUpdateBaseDir (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00B5A: zend_alter_ini_entry_ex (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D008C3: zend_alter_ini_entry (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DF0C5D: apply_config (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DEFF53: php_handler (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100001C2A: ap_run_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x1000024DD: ap_invoke_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x100038579: ap_process_request (in /sw/httpd/bin/httpd)
==63247==    by 0x100034E3C: ap_process_http_connection (in /sw/httpd/bin/httpd)
==63247==  Address 0x1037727b0 is 0 bytes inside a block of size 17 free'd
==63247==    at 0x1000BDAEF: free (vg_replace_malloc.c:324)
==63247==    by 0x100CB259C: _efree (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CFFF97: zend_restore_ini_entry_cb (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00042: zend_restore_ini_entry_wrapper (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CF5F03: zend_hash_apply (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00225: zend_ini_deactivate (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CE28D7: zend_deactivate (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100C40DC2: php_request_shutdown (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DEFBB9: php_apache_request_dtor (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DF05B9: php_handler (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100001C2A: ap_run_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x1000024DD: ap_invoke_handler (in /sw/httpd/bin/httpd)
==63247== 
==63247== Invalid read of size 1
==63247==    at 0x1000BEFA3: strlen (mc_replace_strmem.c:275)
==63247==    by 0x100CB2A6F: _estrdup (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100C49C6E: php_check_open_basedir_ex (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100C497EA: OnUpdateBaseDir (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00B5A: zend_alter_ini_entry_ex (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D008C3: zend_alter_ini_entry (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DF0C5D: apply_config (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DEFF53: php_handler (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100001C2A: ap_run_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x1000024DD: ap_invoke_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x100038579: ap_process_request (in /sw/httpd/bin/httpd)
==63247==    by 0x100034E3C: ap_process_http_connection (in /sw/httpd/bin/httpd)
==63247==  Address 0x1037727b1 is 1 bytes inside a block of size 17 free'd
==63247==    at 0x1000BDAEF: free (vg_replace_malloc.c:324)
==63247==    by 0x100CB259C: _efree (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CFFF97: zend_restore_ini_entry_cb (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00042: zend_restore_ini_entry_wrapper (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CF5F03: zend_hash_apply (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00225: zend_ini_deactivate (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CE28D7: zend_deactivate (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100C40DC2: php_request_shutdown (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DEFBB9: php_apache_request_dtor (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DF05B9: php_handler (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100001C2A: ap_run_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x1000024DD: ap_invoke_handler (in /sw/httpd/bin/httpd)
==63247== 
==63247== Invalid read of size 1
==63247==    at 0x1000BFF30: memcpy (mc_replace_strmem.c:482)
==63247==    by 0x100CB2AB8: _estrdup (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100C49C6E: php_check_open_basedir_ex (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100C497EA: OnUpdateBaseDir (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00B5A: zend_alter_ini_entry_ex (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D008C3: zend_alter_ini_entry (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DF0C5D: apply_config (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DEFF53: php_handler (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100001C2A: ap_run_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x1000024DD: ap_invoke_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x100038579: ap_process_request (in /sw/httpd/bin/httpd)
==63247==    by 0x100034E3C: ap_process_http_connection (in /sw/httpd/bin/httpd)
==63247==  Address 0x1037727c0 is 16 bytes inside a block of size 17 free'd
==63247==    at 0x1000BDAEF: free (vg_replace_malloc.c:324)
==63247==    by 0x100CB259C: _efree (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CFFF97: zend_restore_ini_entry_cb (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00042: zend_restore_ini_entry_wrapper (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CF5F03: zend_hash_apply (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00225: zend_ini_deactivate (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CE28D7: zend_deactivate (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100C40DC2: php_request_shutdown (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DEFBB9: php_apache_request_dtor (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DF05B9: php_handler (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100001C2A: ap_run_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x1000024DD: ap_invoke_handler (in /sw/httpd/bin/httpd)
==63247== 
==63247== Invalid read of size 1
==63247==    at 0x1000BFF35: memcpy (mc_replace_strmem.c:482)
==63247==    by 0x100CB2AB8: _estrdup (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100C49C6E: php_check_open_basedir_ex (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100C497EA: OnUpdateBaseDir (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00B5A: zend_alter_ini_entry_ex (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D008C3: zend_alter_ini_entry (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DF0C5D: apply_config (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DEFF53: php_handler (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100001C2A: ap_run_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x1000024DD: ap_invoke_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x100038579: ap_process_request (in /sw/httpd/bin/httpd)
==63247==    by 0x100034E3C: ap_process_http_connection (in /sw/httpd/bin/httpd)
==63247==  Address 0x1037727bf is 15 bytes inside a block of size 17 free'd
==63247==    at 0x1000BDAEF: free (vg_replace_malloc.c:324)
==63247==    by 0x100CB259C: _efree (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CFFF97: zend_restore_ini_entry_cb (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00042: zend_restore_ini_entry_wrapper (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CF5F03: zend_hash_apply (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00225: zend_ini_deactivate (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CE28D7: zend_deactivate (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100C40DC2: php_request_shutdown (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DEFBB9: php_apache_request_dtor (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DF05B9: php_handler (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100001C2A: ap_run_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x1000024DD: ap_invoke_handler (in /sw/httpd/bin/httpd)
==63247== 
==63247== Invalid read of size 1
==63247==    at 0x1000BFF3C: memcpy (mc_replace_strmem.c:482)
==63247==    by 0x100CB2AB8: _estrdup (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100C49C6E: php_check_open_basedir_ex (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100C497EA: OnUpdateBaseDir (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00B5A: zend_alter_ini_entry_ex (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D008C3: zend_alter_ini_entry (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DF0C5D: apply_config (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DEFF53: php_handler (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100001C2A: ap_run_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x1000024DD: ap_invoke_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x100038579: ap_process_request (in /sw/httpd/bin/httpd)
==63247==    by 0x100034E3C: ap_process_http_connection (in /sw/httpd/bin/httpd)
==63247==  Address 0x1037727be is 14 bytes inside a block of size 17 free'd
==63247==    at 0x1000BDAEF: free (vg_replace_malloc.c:324)
==63247==    by 0x100CB259C: _efree (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CFFF97: zend_restore_ini_entry_cb (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00042: zend_restore_ini_entry_wrapper (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CF5F03: zend_hash_apply (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00225: zend_ini_deactivate (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CE28D7: zend_deactivate (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100C40DC2: php_request_shutdown (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DEFBB9: php_apache_request_dtor (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DF05B9: php_handler (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100001C2A: ap_run_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x1000024DD: ap_invoke_handler (in /sw/httpd/bin/httpd)
==63247== 
==63247== Invalid read of size 1
==63247==    at 0x1000BFF43: memcpy (mc_replace_strmem.c:482)
==63247==    by 0x100CB2AB8: _estrdup (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100C49C6E: php_check_open_basedir_ex (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100C497EA: OnUpdateBaseDir (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00B5A: zend_alter_ini_entry_ex (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D008C3: zend_alter_ini_entry (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DF0C5D: apply_config (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DEFF53: php_handler (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100001C2A: ap_run_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x1000024DD: ap_invoke_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x100038579: ap_process_request (in /sw/httpd/bin/httpd)
==63247==    by 0x100034E3C: ap_process_http_connection (in /sw/httpd/bin/httpd)
==63247==  Address 0x1037727bd is 13 bytes inside a block of size 17 free'd
==63247==    at 0x1000BDAEF: free (vg_replace_malloc.c:324)
==63247==    by 0x100CB259C: _efree (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CFFF97: zend_restore_ini_entry_cb (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00042: zend_restore_ini_entry_wrapper (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CF5F03: zend_hash_apply (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00225: zend_ini_deactivate (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CE28D7: zend_deactivate (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100C40DC2: php_request_shutdown (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DEFBB9: php_apache_request_dtor (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DF05B9: php_handler (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100001C2A: ap_run_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x1000024DD: ap_invoke_handler (in /sw/httpd/bin/httpd)
==63247== 
==63247== Invalid read of size 1
==63247==    at 0x1000BFF70: memcpy (mc_replace_strmem.c:482)
==63247==    by 0x100CB2AB8: _estrdup (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100C49C6E: php_check_open_basedir_ex (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100C497EA: OnUpdateBaseDir (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00B5A: zend_alter_ini_entry_ex (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D008C3: zend_alter_ini_entry (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DF0C5D: apply_config (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DEFF53: php_handler (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100001C2A: ap_run_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x1000024DD: ap_invoke_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x100038579: ap_process_request (in /sw/httpd/bin/httpd)
==63247==    by 0x100034E3C: ap_process_http_connection (in /sw/httpd/bin/httpd)
==63247==  Address 0x1037727b0 is 0 bytes inside a block of size 17 free'd
==63247==    at 0x1000BDAEF: free (vg_replace_malloc.c:324)
==63247==    by 0x100CB259C: _efree (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CFFF97: zend_restore_ini_entry_cb (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00042: zend_restore_ini_entry_wrapper (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CF5F03: zend_hash_apply (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100D00225: zend_ini_deactivate (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100CE28D7: zend_deactivate (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100C40DC2: php_request_shutdown (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DEFBB9: php_apache_request_dtor (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100DF05B9: php_handler (in /opt/httpd-2.2.11/modules/libphp5.so)
==63247==    by 0x100001C2A: ap_run_handler (in /sw/httpd/bin/httpd)
==63247==    by 0x1000024DD: ap_invoke_handler (in /sw/httpd/bin/httpd)

 [2009-07-13 09:59 UTC] jarda at jyxo dot com
Same problem in Debian Etch.
 [2009-07-19 22:10 UTC] ninzya at inbox dot lv

 [2009-07-20 18:32 UTC] hristozov at gmail dot com
The same problem - Apache 2.2.11 and PHP 5.3.0 on Linux 2.6.29.

The configure options:
'./configure' \
'--with-apxs2=/www/bin/apxs' \
'--enable-mbstring' \
'--with-gd' \
'--enable-exif' \
'--with-mysql' \
'--with-zlib-dir=/usr/include' \
'--with-jpeg-dir=/usr/lib' \
'--with-freetype-dir=/usr/include' \
'--with-gettext=/usr/bin' \
'--with-curl' \
'--disable-cgi' \

The actual error:
[Mon Jul 20 21:25:51 2009] [error] [client x.x.x.x] PHP Warning:  Unknown: open_basedir restriction in effect. File(/path/to/blog/index.php) is not within the allowed path(s): (\xd4\xba-\b\xd4\xba-\b&lt;\xf6\x93\b) in Unknown on line 0
[Mon Jul 20 21:25:51 2009] [error] [client x.x.x.x] PHP Warning:  Unknown: failed to open stream: Operation not permitted in Unknown on line 0
[Mon Jul 20 21:25:51 2009] [error] [client x.x.x.x] PHP Fatal error:  Unknown: Failed opening required '/path/to/blog/index.php' (include_path='.:/usr/local/lib/php') in Unknown on line 0

And the fragment from the Apache config:
php_flag engine on
php_value open_basedir "/path/to/blog/:/tmp"
 [2009-07-22 14:56 UTC] rs at qcm dot cz
Still no go. Tested with snapshot php5.3-200907221230.
 [2009-07-22 16:19 UTC] hristozov at gmail dot com
The problem persists with 200907221430.
 [2009-07-25 16:06 UTC] server at grow-werbeagentur dot de
Confirm this Bug.

Still persists with 200907251430

went back to 5.2.10 now, cause this is very anyoing..

The weird thing though is, that I tested the 5.3.0 release on our dev server first with no errors at all but when installing it on our production servers, which are configured exactly the same as our dev, I get this random open_basedir error..

weird..
 [2009-07-26 07:17 UTC] duchesne7 at gmail dot com
I confirm this bug under Fedora 11 x64 with Apache 2.2.10 and PHP 5.3.0 (also tryed last SVN with no luck).
Seems to be some sort of memory corruption since I sometimes see HTTP headers in the allowed paths, like:

File(/home/cpanel/index.php) is not within the allowed 
path(s): (ww\tX-Powered-By: P) in Unknown on line 0

It happens whenever open_basedir is modified at runtime (either with php_admin_value in httpd.conf or with an extension that I use which reset open_basedir according to regex rules before script execution.)
 [2009-07-29 20:38 UTC] ninzya at inbox dot lv
I hit this bug quite frequently. I have noticed that it occurs after some time while apache is running, even if you don't actually request any pages. You can leave apache working for an hour, or two, and then request any php file - the result is this bug. Maybe it is somehow connected to PHP operations it does periodically (GC or something).

One thing is clear - open_basedir's path (string it is referring to) is being corrupted and memory overwritten. Either it is done by overwriting this memory, or by change of memory location open_basedir's string ptr is pointing to.
 [2009-07-30 02:15 UTC] brwarner at rogers dot com
Sorry, I didn't know I had to change it to "open," this is my first bug 
report.
This bug still happens to mean, and it gets annoying especially when 
javascript is used to load other pages for information - as then 
javascript has a bunch of errors making the page appear wrong as opposed 
to even showing an error message.)
 [2009-07-30 13:19 UTC] tobias dot rausch at web dot de

 [2009-07-31 03:34 UTC] starcraftmazter at gmail dot com
I think this bug is closely related to 48744
http://bugs.php.net/bug.php?id=48744

To say what I said in the other bug report,

I can confirm that I have a very similar issue. I have been running PHP
with open_basedir for quite some time. I upgraded to php 5.3.0 recently,
previously having ran php 5.2.5. Immediately after installing the newly
compiled version, the issues began.

The problem as I experience it, is that the "open_basedir" setting seems
to be composed of random, non latin1 characters (displayed as symbols by
the browser). I cannot draw any reasons as to which users are affected
by this or why, but it does not happen to everyone - it is seemingly
random.

I am using CentOS 5.3 with the latest cPanel 11 on CURRENT which manages
the open_basedir. I am using Apache 2.2.6.

My compile string is as follows;

'./configure' '--prefix=/usr/local'
'--with-apxs2=/usr/local/apache/bin/apxs' '--enable-bcmath'
'--enable-calendar' '--enable-exif' '--enable-ftp'
'--enable-gd-native-ttf' '--enable-libxml' '--enable-mbstring'
'--enable-soap' '--enable-sockets' '--enable-zip' '--with-bz2'
'--with-curl=/opt/curlssl/' '--with-curlwrappers'
'--with-freetype-dir=/usr' '--with-gd' '--with-gettext'
'--with-imap=/opt/php_with_imap_client/' '--with-imap-ssl=/usr'
'--with-jpeg-dir=/usr' '--with-kerberos' '--with-libdir=lib64'
'--with-libxml-dir=/opt/xml2' '--with-libxml-dir=/opt/xml2/'
'--with-mcrypt=/opt/libmcrypt/' '--with-mhash=/opt/mhash/'
'--with-openssl-dir=/usr' '--with-pic' '--with-png-dir=/usr'
'--with-xpm-dir=/usr' '--with-xsl=/opt/xslt/' '--with-zlib'
'--with-zlib-dir=/usr' '--with-openssl=/usr' '--with-mysql'
'--with-mysqli' '--with-pgsql' '--with-sqlite=shared'
'--enable-pdo=shared' '--with-pdo-sqlite=shared'
'--with-pdo-mysql=shared' '--with-pdo-pgsql=shared'
'--with-magickwand=/usr/local/bin'

You can check other relevant settings here:
http://liway.com/test.php

For reference, here is the screenshot of the exact error message which
one of the accounts is getting, which shows the open_basedir setting
being composed of weird characters.
http://img75.imageshack.us/img75/6261/screenshot1a.png
The situation involves phpbb3 trying to include parts of itself, so I am
confident that it should be allowed, as it's in the same directory or
close directories within a single account home folder.

The second screenshot is of the relevant open_basedir setting in the
httpd.conf file. I have checked the settings against those in the
virtual hosts of other accounts where open_basedir works without errors,
and I can confirm that they are absolutely identical (apart from the
actual home directory).
http://img75.imageshack.us/img75/626/screenshot2w.png

Needless to say, this is a very serious issue, as open_basedir is an
extremely important security measure for those of us who don't run
suPHP, and now it is impossible to use it because of these problems.

I'm available daily for testing, hope this bug report will get some new
attention for developers.

Cheers
 [2009-07-31 21:09 UTC] svn@php.net
Automatic comment from SVN on behalf of rasmus
Revision: http://svn.php.net/viewvc/?view=revision&revision=286602
Log: Fix bug #48880
The ini entry was being corrupted because it wasn't being set
on the ACTIVATE and DEACTIVATE stages.
 [2009-07-31 21:10 UTC] rasmus@php.net
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 [2013-05-11 15:14 UTC] spam2 at rhsoft dot net
i see this randomly with Apache 2.4.4 and PHP 5.4.14/5.4.15 on Fedora x86_64 and it seems for me that this problem came back a short time ago because it is very new for me and i have this only seen with a PHP6-snapshot years ago until now
 [2013-05-11 15:19 UTC] spam2 at rhsoft dot net
easy to reproduce: 

* ab -c 30 -n 50000 http://first-host/
* hit reload with disabled cache in your browser on the second vhost
 [2013-05-11 16:09 UTC] spam2 at rhsoft dot net
https://github.com/zend-dev/ZendOptimizerPlus/issues/94
"opcache.use_cwd = 0" reintroduces https://bugs.php.net/bug.php?id=48880
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Thu Apr 17 12:01:59 2014 UTC