php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #61259 "Segment Fault" executing a prepared statement with PDO-Mysql
Submitted: 2012-03-03 03:58 UTC Modified: 2012-04-26 06:10 UTC
From: uabitesoj at gmail dot com Assigned: mysql (profile)
Status: Closed Package: PDO related
PHP Version: 5.3.10 OS: Linux 2.6.18 Centos 5.7
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: uabitesoj at gmail dot com
New email:
PHP Version: OS:

 

 [2012-03-03 03:58 UTC] uabitesoj at gmail dot com
Description:
------------
Now I'm using php-5.3.10.

Executing a prepared sql statemente with pdo-mysql produces a "Segmento Fault" error.

The configure line used to compile php is:
./configure \
--prefix=/usr/lib/php-5.3.10 \
--exec-prefix=/usr/lib/php-5.3.10 \
--with-apxs2=/usr/local/apache2/bin/apxs \
--with-config-file-path=/etc \
--enable-zip \
--enable-debug \
--with-curl=/usr/local \
--with-readline \
--enable-mbstring \
--with-mysqli=mysqlnd \
--with-pdo-mysql \
--with-mysql-sock=/var/lib/mysql/mysqld.sock \
--with-openssl \
--with-zlib \
--with-gd


Test script:
---------------
<?php
$dbh = new PDO('mysql:host=localhost;dbname=acceso', 'dbuser', 'dbpass');
$sql = 'INSERT INTO user (id, nombre, login, passwd) VALUES (?, ?, ?, ?)';
$stm = $dbh->prepare($sql);
$stm->bindValue(1, 0);
$stm->bindValue(2, 'Name, Last Name, etc. etc.');
$stm->bindValue(3, 'log_name');
$stm->bindValue(4, SHA1('log_name', FALSE));
$stm->execute();
echo 'New user record saved in DB';
?>

Expected result:
----------------
Echoed 'New user record saved in DB' and a new record in "user" table.

Actual result:
--------------
GNU gdb (GDB) Red Hat Enterprise Linux (7.0.1-37.el5_7.1)
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "i386-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/bin/php...done.
(gdb) run ExecutePrepared.php
Starting program: /usr/bin/php ExecutePrepared.php
warning: .dynamic section for "/lib/libc.so.6" is not at the expected address
warning: difference appears to be caused by prelink, adjusting expectations
[Thread debugging using libthread_db enabled]

Program received signal SIGSEGV, Segmentation fault.
0x08325563 in mysqlnd_cset_escape_slashes (cset=0x0, newstr=0x89db217 "p", escapestr=0x89dca6c "Name, Last name, etc., etc.",
    escapestr_len=27) at /d/software/Php/php-5.3.10/ext/mysqlnd/mysqlnd_charset.c:718
718                     if (cset->char_maxlen > 1 && (len = cset->mb_valid(escapestr, end))) {
(gdb) bt
#0  0x08325563 in mysqlnd_cset_escape_slashes (cset=0x0, newstr=0x89db217 "p", escapestr=0x89dca6c "Name, Last name, etc., etc.",
    escapestr_len=27) at /d/software/Php/php-5.3.10/ext/mysqlnd/mysqlnd_charset.c:718
#1  0x081f6a55 in mysql_handle_quoter (dbh=0x89dc118, unquoted=0x89dca6c "Name, Last name, etc., etc.", unquotedlen=27,
    quoted=0x89de1a0, quotedlen=0x89de19c, paramtype=PDO_PARAM_STR) at /d/software/Php/php-5.3.10/ext/pdo_mysql/mysql_driver.c:337
#2  0x081f5f89 in pdo_parse_params (stmt=0x89ddbec,
    inquery=0x89ddd0c "INSERT INTO user (id, nombre, login, passwd) VALUES (?, ?, ?, ?)", inquery_len=64, outquery=0x89ddc38,
    outquery_len=0x89ddc3c) at /d/software/Php/php-5.3.10/ext/pdo/pdo_sql_parser.c:585
#3  0x081f2d59 in zim_PDOStatement_execute (ht=0, return_value=0x89ddeec, return_value_ptr=0x0, this_ptr=0x89dc1ec,
    return_value_used=0) at /d/software/Php/php-5.3.10/ext/pdo/pdo_stmt.c:497
#4  0x083b2619 in zend_do_fcall_common_helper_SPEC (execute_data=0x8a0dcc8)
    at /d/software/Php/php-5.3.10/Zend/zend_vm_execute.h:320
#5  0x083b1ca8 in execute (op_array=0x89db224) at /d/software/Php/php-5.3.10/Zend/zend_vm_execute.h:107
#6  0x0838ced7 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /d/software/Php/php-5.3.10/Zend/zend.c:1236
#7  0x0833b5de in php_execute_script (primary_file=0xbfffe5ac) at /d/software/Php/php-5.3.10/main/main.c:2308
#8  0x0840f37b in main (argc=2, argv=0xbfffe714) at /d/software/Php/php-5.3.10/sapi/cli/php_cli.c:1184



Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-03-05 00:29 UTC] johannes@php.net
-Status: Open +Status: Feedback -Assigned To: +Assigned To: mysql
 [2012-03-05 00:29 UTC] johannes@php.net
Please try using this snapshot:

  http://snaps.php.net/php5.3-latest.tar.gz
 
For Windows:

  http://windows.php.net/snapshots/

Your configure line is confusing.

--with-mysqli=mysqlnd \
--with-pdo-mysql \
--with-mysql-sock=/var/lib/mysql/mysqld.sock \

myslqi is using myslqnd whereas pdo_mysql is using libmysql from it's default location. Is that really your configuration? It is suggested to use mysqlnd for both.

--with-mysqli=mysqlnd \
--with-pdo-mysql=myslqnd

your backtrace indicates a conflict there (as it is referring to mysqlnd which shouldn't be used by PDO with the given configuration)

I couldn't reproduce with a pure myslqnd build. Please verify your configuration.
 [2012-03-07 00:38 UTC] uabitesoj at gmail dot com
Thank you for your reply.

I recompiled my php with the suggested options for --with_mysqli and --with_pdo_mysql, and also I tried using the last snapshot. In all cases again I get a "Segment Fault" error.

The backtrace points to some problem in "mysqlnd_cset_escape_slashes" function.
 [2012-03-20 11:56 UTC] mj@php.net
Can you please provide us with the exact schema definition of the MySQL table 
"user" that you referring to?
 [2012-03-27 00:41 UTC] uabitesoj at gmail dot com
-Status: Feedback +Status: Assigned
 [2012-03-27 00:41 UTC] uabitesoj at gmail dot com
The schema of the table "user" is

CREATE TABLE IF NOT EXISTS `user` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `nombre` varchar(254) NOT NULL,
  `login` varchar(254) NOT NULL,
  `passwd` varchar(254) NOT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1;

But the problem is in "mysqlnd_cset_escape_slashes" function.
I don't have much experience with C language but it is extrange that "cset" has a 0 value and afterwards is used as an struct pointer: "cset->char_maxlen" and "cset->mb_valid(escapestr, end)".
 [2012-04-26 06:10 UTC] uabitesoj at gmail dot com
-Status: Assigned +Status: Closed
 [2012-04-26 06:10 UTC] uabitesoj at gmail dot com
Nobody answer! php-5.4.0 has the same problem.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Mar 28 13:01:28 2024 UTC