PHP :: Bug #58534 :: rar_open() crashes apache

Bug #58534	rar_open() crashes apache
Submitted:	2009-02-02 14:20 UTC	Modified:	2009-11-20 20:17 UTC
From:	eugene at synergy dot co dot ke	Assigned:
Status:	No Feedback	Package:	rar (PECL)
PHP Version:	5.2.5	OS:	Windows
Private report:	No	CVE-ID:	None

View Developer Edit

[2009-02-02 14:20 UTC] eugene at synergy dot co dot ke

Description:
------------
rar_open() causes php.exe (5.2.8) on Windows (2K/XP/2k3) to crush whether run as an Apache (2.2.6) module or in standalone mode

Reproduce code:
---------------
<?php
  $rar = rar_open("C:/test.rar");
  if ($rar==false) throw new Exception("Open error");
  rar_close($rar);
?>

Expected result:
----------------
code should run to end without incident

Actual result:
--------------
when code gets to rar_open() a windows error window comes up
Title: "php.exe - Application Error" 
Text: "The instruction at 0x0215b357 referenced memory at 0x0218fffc. the memory could not be written..."

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2009-02-03 03:16 UTC] tony at daylessday dot org

Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php for *NIX and
http://bugs.php.net/bugs-generating-backtrace-win32.php for Win32

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.

See http://bugs.php.net/bugs-generating-backtrace-win32.php

[2009-02-04 11:39 UTC] eugene at synergy dot co dot ke

Thread 0 - System ID 1228
Entry point   php!mainCRTStartup 
Create time   04/02/2009 7:30:26 PM 
Time spent in user mode   0 Days 0:0:0.40 
Time spent in kernel mode   0 Days 0:0:0.150 






Function     Arg 1     Arg 2     Arg 3   Source 
php_rar!Unpack::CorrHuff+47     021c3d9c     021c599c     00c0fa7c    
php_rar!Unpack::InitHuff+9a     021b41f8     020f9b21     00000000    
php_rar!Unpack::Init+46     00000000     00000000     020f80aa    
php_rar!CmdExtract::CmdExtract+41     00c0fb20     017fda80     00000000    
php_rar!RAROpenArchiveEx+5a     00c0fa7c     1000c100     017fd980    
php_rar!RAROpenArchive+41     017fda80     00c0fbd0     017fc278    
php_rar!zif_rar_open+f8     017fc768     017fc780     00000000    
php5ts!zend_do_fcall_common_helper_SPEC+7d9     00c0fbd0     01673e90     017fbfaa    
php5ts!ZEND_DO_FCALL_SPEC_CONST_HANDLER+e5     00000000     01673e90     01673e90    
php5ts!execute+1c5     017fbfb8     01673e90     00000000    
php5ts!zend_execute_scripts+107     00000008     01673e90     00000000    
php5ts!php_execute_script+20d     00c0fec8     01673e90     0012f308    
php!main+c07     00000004     01673da0     01672bf8    
php!mainCRTStartup+e3     0012f308     00000012     7ffdf000    
KERNEL32!DosDateTimeToFileTime+c64     00402fc2     00000000     000000c8    




PHP_RAR!UNPACK::CORRHUFF+47In php__PID__2004__Date__02_04_2009__Time_07_30_56PM__384__Second_Chance_Exception_C0000005.dmp the assembly instruction at php_rar!Unpack::CorrHuff+47 in F:\Program Files\PHP\ext\php_rar.dll from The PHP Group has caused an access violation exception (0xC0000005) when trying to write to memory location 0x0211fffc on thread 0

Module Information 
Image Name: F:\Program Files\PHP\ext\php_rar.dll   Symbol Type:  PDB 
Base address: 0x020f0000   Time Stamp:  Sat May 03 01:05:27 2008  
Checksum: 0x00000000   Comments:   
COM DLL: False   Company Name:  The PHP Group 
ISAPIExtension: False   File Description:  Antony Dovgal 
ISAPIFilter: False   File Version:  5.2.6.6 
Managed DLL: False   Internal Name:  php_rar.dll 
VB DLL: False   Legal Copyright:  Copyright ? 1997-2007 The PHP Group 
Loaded Image Name:  php_rar.dll   Legal Trademarks:  PHP 
Mapped Image Name:  F:\Program Files\PHP\ext\php_rar.dll   Original filename:  php_rar.dll 
Module name:  php_rar   Private Build:   
Single Threaded:  False   Product Name:  PHP php_rar.dll 
Module Size:  172.00 KBytes   Product Version:  5.2.6 
Symbol File Name:  F:\Program Files\PHP\dbg\php_rar.pdb   Special Build:  &

[2009-02-05 03:33 UTC] tony at daylessday dot org

The backtrace shows that the problem lies within the bundled unrar library. 
Which version is used in your extension? See phpinfo() for this information.
Current CVS version includes 3.7.8; if you have an older one, you might want to wait for PECL Win32 builds to reappear and try with newer version of the extension.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Dec 21 11:01:30 2024 UTC