php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #56217 sigsegv 11 pdf_get_parameter
Submitted: 2004-10-22 10:08 UTC Modified: 2004-10-22 10:26 UTC
From: gyro at eunet dot yu Assigned: rjs (profile)
Status: Closed Package: pdflib (PECL)
PHP Version: 4.3.3 OS: Linux FC2
Private report: No CVE-ID: None
 [2004-10-22 10:08 UTC] gyro at eunet dot yu
Description:
------------
I've installed pdflib on a Fedora Core 2 apache 2.0.50-2, with php-4.3.8 and then with 2.0.54 and php-4.3.9 with a same result.
I'm using PDFlib-6.0.0p1 from pdflib gmbh site and in first i was using their dso modules but result was the same.

I rebuilded all packages with debug code in but i had to move to pdflib-2.0.2 to be able to monitor what is going on. (their dso for lib6 are stripped and so are php i386 binaries from distribution)

When i commented this lines out in pdf.c
/*              convert_to_double_ex(argv[2]);
                modifier = Z_DVAL_PP(argv[2]); */
                modifier = 0.0;
everything worked like charm. I can see that modifier param in php5 is not mandatory any more but i'm still using 4.3.x so it should.
I can do two things:
include third param in calling the function or you can modify source to comply with 4.3.x specs.
you should adress this bug(?) cause pear install pdflib does not work on 4.3.x version
Thanks

Reproduce code:
---------------
try pdflib on FC2. with pdf_get_parameter
all test.php work. don't rely on them.

the only thing you can see is:
tail /var/log/httpd/error_log
[Thu Oct 21 02:40:09 2004] [notice] Apache/2.0.50 (Fedora) configured -- resuming normal operations
[Thu Oct 21 03:14:50 2004] [notice] child pid 7871 exit signal Segmentation fault (11)
[Thu Oct 21 03:17:55 2004] [notice] child pid 7864 exit signal Segmentation fault (11)
...


Expected result:
----------------
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -150486912 (LWP 7834)]
0x038a72a8 in zif_pdf_get_parameter (ht=0, return_value=0x968411c,
    this_ptr=0x0, return_value_used=1)
    at /tmp/tmpcXddU2/pdflib-2.0.2/pdf.c:4245
4245                    convert_to_double_ex(argv[2]);
(gdb)

Actual result:
--------------
(gdb) bt
#0  0x038a72a8 in zif_pdf_get_parameter (ht=0, return_value=0x968411c,
    this_ptr=0x0, return_value_used=1)
    at /tmp/tmpcXddU2/pdflib-2.0.2/pdf.c:4245
#1  0x0114f935 in execute (op_array=0x95aba24)
    at /usr/src/redhat/BUILD/php-4.3.9/Zend/zend_execute.c:1640
#2  0x0114f5fc in execute (op_array=0x9357d4c)
    at /usr/src/redhat/BUILD/php-4.3.9/Zend/zend_execute.c:1684
#3  0x0114f5fc in execute (op_array=0x9357a8c)
    at /usr/src/redhat/BUILD/php-4.3.9/Zend/zend_execute.c:1684
#4  0x0114f5fc in execute (op_array=0x9356ab4)
    at /usr/src/redhat/BUILD/php-4.3.9/Zend/zend_execute.c:1684
#5  0x0114f5fc in execute (op_array=0x90c4494)
    at /usr/src/redhat/BUILD/php-4.3.9/Zend/zend_execute.c:1684
#6  0x0113e02f in zend_execute_scripts (type=8, retval=0x0, file_count=3)
    at /usr/src/redhat/BUILD/php-4.3.9/Zend/zend.c:891
#7  0x0110a43f in php_execute_script (primary_file=0xfef64c70)
    at /usr/src/redhat/BUILD/php-4.3.9/main/main.c:1735
#8  0x011554cf in php_handler (r=0x90acd88)
    at /usr/src/redhat/BUILD/php-4.3.9/sapi/apache2handler/sapi_apache2.c:555
#9  0x00ef1ed8 in ap_run_handler (r=0x90acd88)
    at /usr/src/redhat/BUILD/httpd-2.0.52/server/config.c:156
#10 0x00ef257e in ap_invoke_handler (r=0x90acd88)
    at /usr/src/redhat/BUILD/httpd-2.0.52/server/config.c:368
#11 0x00eee7e6 in ap_process_request (r=0x90acd88)
    at /usr/src/redhat/BUILD/httpd-2.0.52/modules/http/http_request.c:246
#12 0x00ee966d in ap_process_http_connection (c=0x90a6b30)
    at /usr/src/redhat/BUILD/httpd-2.0.52/modules/http/http_core.c:250
#13 0x00efce68 in ap_run_process_connection (c=0x90a6b30)
    at /usr/src/redhat/BUILD/httpd-2.0.52/server/connection.c:42
#14 0x00efd208 in ap_process_connection (c=0x90a6b30, csd=0x376)
    at /usr/src/redhat/BUILD/httpd-2.0.52/server/connection.c:175
#15 0x00ef010b in child_main (child_num_arg=886)
    at /usr/src/redhat/BUILD/httpd-2.0.52/server/mpm/prefork/prefork.c:609
#16 0x00ef0337 in make_child (s=0x0, slot=0)
    at /usr/src/redhat/BUILD/httpd-2.0.52/server/mpm/prefork/prefork.c:649
#17 0x00ef03bc in startup_children (number_to_start=8)
    at /usr/src/redhat/BUILD/httpd-2.0.52/server/mpm/prefork/prefork.c:721
#18 0x00ef0cfe in ap_mpm_run (_pconf=0x2, plog=0x8f96150, s=0x8f6de48)
    at /usr/src/redhat/BUILD/httpd-2.0.52/server/mpm/prefork/prefork.c:940
---Type <return> to continue, or q <return> to quit---
#19 0x00ef7d51 in main (argc=2, argv=0xfef65074)
    at /usr/src/redhat/BUILD/httpd-2.0.52/server/main.c:618
(gdb)


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-10-22 10:26 UTC] rjs@php.net
This bug has been fixed in CVS.

In case this was a PHP problem, snapshots of the sources are packaged
every three hours; this change will be in the next snapshot. You can
grab the snapshot at http://snaps.php.net/.
 
In case this was a documentation problem, the fix will show up soon at
http://www.php.net/manual/.

In case this was a PHP.net website problem, the change will show
up on the PHP.net site and on the mirror sites in short time.
 
Thank you for the report, and for helping us make PHP better.

This bug is fixed already in the current CVS version.

The next PECL package pdlib-2.0.3.tgz will include this bugfix, also the binaries in the next PDFlib maintainance Release (6.0.1).
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Fri Jan 24 11:01:24 2020 UTC