php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #62826 mysqli_debug() failing due to mysqlnd trace_alloc being NULL
Submitted: 2012-08-15 12:29 UTC Modified: 2013-08-03 14:56 UTC
From: nikic@php.net Assigned: nikic (profile)
Status: Closed Package: MySQLi related
PHP Version: master-Git-2012-08-15 (Git) OS:
Private report: No CVE-ID: None
 [2012-08-15 12:29 UTC] nikic@php.net
Description:
------------
The following tests for mysqli_debug() are failing:

mysqli_debug() [ext/mysqli/tests/mysqli_debug.phpt]
mysqli_debug() - append to trace file [ext/mysqli/tests/mysqli_debug_append.phpt]
mysqli_debug() - all control string options supported by both mysqlnd and libmysql except oOaA [ext/mysqli/tests/mysqli_debug_mysqlnd_control_string.phpt]
mysqli_debug() - mysqlnd only control strings [ext/mysqli/tests/mysqli_debug_mysqlnd_only.phpt]

The relevant valgrind output is:

$ USE_ZEND_ALLOC=0 valgrind sapi/cli/php ext/mysqli/tests/mysqli_debug_mysqlnd_only.php

==9350== Invalid read of size 4
==9350==    at 0x854A171: _mysqlnd_pecalloc (mysqlnd_alloc.c:199)
==9350==    by 0x856A0AD: php_mysqlnd_protocol_get_command_packet_pub (mysqlnd_wireprotocol.c:2261)
==9350==    by 0x8533C37: php_mysqlnd_conn_data_simple_command_send_request_pub (mysqlnd.c:337)
==9350==    by 0x85345FB: php_mysqlnd_conn_data_simple_command_pub (mysqlnd.c:376)
==9350==    by 0x853D0B2: php_mysqlnd_conn_data_send_query_pub (mysqlnd.c:1180)
==9350==    by 0x853CA98: php_mysqlnd_conn_data_query_pub (mysqlnd.c:1155)
==9350==    by 0x8317F17: zif_mysqli_query (mysqli_nonapi.c:598)
==9350==    by 0x869697E: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:643)
==9350==    by 0x869E5DE: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:2298)
==9350==    by 0x8694C2B: execute (zend_vm_execute.h:411)
==9350==    by 0x86591B6: zend_execute_scripts (zend.c:1286)
==9350==    by 0x85BBD37: php_execute_script (main.c:2459)
==9350==  Address 0x88 is not stack'd, malloc'd or (recently) free'd
==9350== 
==9350== 
==9350== Process terminating with default action of signal 11 (SIGSEGV)
==9350==  Access not within mapped region at address 0x88
==9350==    at 0x854A171: _mysqlnd_pecalloc (mysqlnd_alloc.c:199)
==9350==    by 0x856A0AD: php_mysqlnd_protocol_get_command_packet_pub (mysqlnd_wireprotocol.c:2261)
==9350==    by 0x8533C37: php_mysqlnd_conn_data_simple_command_send_request_pub (mysqlnd.c:337)
==9350==    by 0x85345FB: php_mysqlnd_conn_data_simple_command_pub (mysqlnd.c:376)
==9350==    by 0x853D0B2: php_mysqlnd_conn_data_send_query_pub (mysqlnd.c:1180)
==9350==    by 0x853CA98: php_mysqlnd_conn_data_query_pub (mysqlnd.c:1155)
==9350==    by 0x8317F17: zif_mysqli_query (mysqli_nonapi.c:598)
==9350==    by 0x869697E: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:643)
==9350==    by 0x869E5DE: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:2298)
==9350==    by 0x8694C2B: execute (zend_vm_execute.h:411)
==9350==    by 0x86591B6: zend_execute_scripts (zend.c:1286)
==9350==    by 0x85BBD37: php_execute_script (main.c:2459)

The issue seems to be that the trace_alloc mysqlnd global is NULL, so the dereference segfaults.




Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2013-08-03 14:56 UTC] nikic@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: nikic
 [2013-08-03 14:56 UTC] nikic@php.net
I think this issue was already solved in the meantime :)
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Mar 28 17:01:29 2024 UTC