PHP :: Bug #49823 :: Segmentation fault after infinite recursion loop, affects <= 5.2.11

Bug #49823	Segmentation fault after infinite recursion loop, affects <= 5.2.11
Submitted:	2009-10-09 14:27 UTC	Modified:	2009-10-09 14:31 UTC
From:	radek dot karpowicz at gmail dot com	Assigned:
Status:	Not a bug	Package:	Reproducible crash
PHP Version:	5.2.11	OS:	Gentoo/Linux
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	radek dot karpowicz at gmail dot com
New email:
PHP Version:		OS:

New/Additional Comment:

[2009-10-09 14:27 UTC] radek dot karpowicz at gmail dot com

Description:
------------
After running php into infinite recursion loop by defining function and executing it, binary will output segmentation fault.

Same bug here: #15522

http://bugs.php.net/bug.php?id=15522

Why it's not patched since 4.1.1?

Reproduce code:
---------------
<?php
function foo() {

  foo();
}

foo();
?>

Expected result:
----------------
Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 261900 bytes) in /bug.php on line 4

Actual result:
--------------
Segmentation fault

GDB Trace:

Starting program: /php-5.2.11/sapi/cli/php -f /bug.php
[Thread debugging using libthread_db enabled]
[New Thread 0xb7be16c0 (LWP 832)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb7be16c0 (LWP 832)]
0x082d8a25 in zend_mm_check_ptr (heap=0x845f1d8, ptr=0x852040c, silent=1, __zend_filename=0x8432a34 "/php-5.2.11/Zend/zend_vm_execute.h", __zend_lineno=766, __zend_orig_filename=0x0, __zend_orig_lineno=0)
    at /home/radekk/tmp/php-5.2.11/Zend/zend_alloc.c:1439
1439			if (memcmp(end_magic, &_mem_block_end_magic, END_MAGIC_SIZE)==0) {

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2009-10-09 14:28 UTC] pajoye@php.net

See the other bug reports about that to get an explanation > bogus.

[2009-10-09 14:31 UTC] radek dot karpowicz at gmail dot com

There should be something like max_depth_level for functions... In php 5.3 it works fine.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu May 09 04:01:31 2024 UTC