php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #62205 php-fpm segfaults (null passed to strstr)
Submitted: 2012-06-01 08:35 UTC Modified: 2012-06-01 09:31 UTC
From: alp at rsu dot ru Assigned: fat
Status: Closed Package: Unknown/Other Function
PHP Version: 5.4Git-2012-06-01 (Git) OS: ubuntu linux 12.04
Private report: No CVE-ID:
 [2012-06-01 08:35 UTC] alp at rsu dot ru
Description:
------------
In sapi/fpm/fpm/fpm_status.c NULL can be passed to strstr, which leads to php-fpm crash with:
(gdb) bt
#0  __strstr_sse42 (s1=0x0, s2=<optimized out>) at ../sysdeps/x86_64/multiarch/strstr.c:175
#1  0x0000000000736d13 in fpm_status_handle_request () at /home/alp/build/php5-5.3.10/sapi/fpm/fpm/fpm_status.c:128
#2  0x000000000042b4ab in main (argc=11237155, argv=0x0) at /home/alp/build/php5-5.3.10/sapi/fpm/fpm/fpm_main.c:1809

The crash happens when monitoring software access php-fpm status page.


Patches

fpm_status_not_null_patch (last revision 2012-06-01 08:36 UTC) by alp at rsu dot ru)

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-06-01 08:40 UTC] laruence@php.net
-Assigned To: +Assigned To: fat
 [2012-06-01 08:46 UTC] laruence@php.net
the patch looks good, but it is better assign this to fat, and ask for his 
reviewing :) thanks
 [2012-06-01 08:49 UTC] fat@php.net
I'm on it.

I've found this bug few days ago and I was waiting to finitsh something in the 
fpm_status code to fix this bug.

I'll fix this now but I won't use the patch as there's something cleaner to check 
the presence of some parameters in the query string.

i'll try to push this patch this morning.
 [2012-06-01 09:27 UTC] fat@php.net
Automatic comment on behalf of fat
Revision: http://git.php.net/?p=php-src.git;a=commit;h=38ca8cb7a12548b44b942ddd4fb2628b70bc6612
Log: - Fixed bug #62205 (php-fpm segfaults (null passed to strstr))
 [2012-06-01 09:30 UTC] fat@php.net
Automatic comment on behalf of fat
Revision: http://git.php.net/?p=php-src.git;a=commit;h=238caeb63c4f4faf67b9f8de62a753eb3e954dbe
Log: - Fixed bug #62205 (php-fpm segfaults (null passed to strstr))
 [2012-06-01 09:30 UTC] fat@php.net
Automatic comment on behalf of fat
Revision: http://git.php.net/?p=php-src.git;a=commit;h=4fc989fbbd0405d200872219b409f685a495f3aa
Log: - Fixed bug #62205 (php-fpm segfaults (null passed to strstr))
 [2012-06-01 09:31 UTC] fat@php.net
-Status: Assigned +Status: Closed
 [2012-06-01 09:31 UTC] fat@php.net
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.


 [2012-06-03 21:26 UTC] felipe@php.net
Automatic comment on behalf of fat
Revision: http://git.php.net/?p=php-src.git;a=commit;h=38ca8cb7a12548b44b942ddd4fb2628b70bc6612
Log: - Fixed bug #62205 (php-fpm segfaults (null passed to strstr))
 [2012-06-03 21:26 UTC] felipe@php.net
Automatic comment on behalf of fat
Revision: http://git.php.net/?p=php-src.git;a=commit;h=238caeb63c4f4faf67b9f8de62a753eb3e954dbe
Log: - Fixed bug #62205 (php-fpm segfaults (null passed to strstr))
 [2012-07-24 23:35 UTC] rasmus@php.net
Automatic comment on behalf of fat
Revision: http://git.php.net/?p=php-src.git;a=commit;h=4fc989fbbd0405d200872219b409f685a495f3aa
Log: - Fixed bug #62205 (php-fpm segfaults (null passed to strstr))
 [2013-11-17 09:32 UTC] laruence@php.net
Automatic comment on behalf of fat
Revision: http://git.php.net/?p=php-src.git;a=commit;h=4fc989fbbd0405d200872219b409f685a495f3aa
Log: - Fixed bug #62205 (php-fpm segfaults (null passed to strstr))
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Fri Apr 18 05:03:21 2014 UTC