php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #6407 PHP crashes on invalid password
Submitted: 2000-08-28 16:05 UTC Modified: 2006-07-17 08:11 UTC
From: christopher at currie dot com Assigned:
Status: No Feedback Package: OCI8 related
PHP Version: 4.0.1pl2 OS: Solaris 2.6
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2000-08-28 16:05 UTC] christopher at currie dot com
PHP4 will core dump if it tries to login to Oracle with an incorrect password. The same script prints the following debugging info if the password is correct:

--- start of output ---
Testing Oracle Connection...

OCIDebug: _oci_open_server new conn=0 dname=mysid
OCIDebug: _oci_open_session new sess=2 user=gooduid
OCIDebug: oci_do_connect: id=3


Done.
--- end of output ---

GDB backtrace is at the bottom of this message.

----
Script is as follows:

<?

  echo "Testing Oracle Connection...<br><br>\n";

  putenv("ORACLE_SID=mysid");
  putenv("ORACLE_HOME=/app/oracle/product/8.0.5");
  
  OCIInternalDebug(1);
  
  $conn = OCILogon('gooduid','badpass','mysid');
  
  echo "<br><br>Done.<br><br>\n";
  
?>

Apache config:

SSL_BASE=../openssl-0.9.5a \
RSA_BASE=../rsaref-2.0/local \
EAPI_mm=../mm-1.1.3 \
./configure \
  --prefix=${HOME}/local/apache \
  --enable-module=so \
  --enable-shared=access \
  --enable-shared=actions \
  --enable-shared=alias \
  --enable-shared=asis \
  --enable-shared=auth \
  --enable-shared=autoindex \
  --enable-shared=cgi \
  --enable-shared=dir \
  --enable-shared=env \
  --enable-shared=imap \
  --enable-shared=include \
  --enable-shared=info \
  --enable-shared=log_config \
  --enable-shared=mime \
  --enable-shared=negotiation \
  --enable-shared=setenvif \
  --enable-shared=status \
  --enable-shared=userdir \
  --enable-module=ssl \
  --enable-shared=ssl \
  --disable-rule=SSL_COMPAT \
  --enable-rule=SSL_SDBM \
  --enable-rule=SSL_EXPERIMENTAL \
  --enable-rule=SSL_VENDOR

PHP config:
CC=/opt/SUNWspro/bin/cc \
./configure \
    --prefix=${HOME}/local \
    --with-config-file-path=${HOME}/local/lib \
    --with-apxs=${HOME}/local/apache/bin/apxs \
    --with-oci8=${ORACLE_HOME} \
    --without-mysql 

----
GDB session:


ccurrie@dev03:apache> gdb bin/httpd core
GNU gdb 5.0
Copyright 2000 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "sparc-sun-solaris2.6"...
Core was generated by `/home/ccurrie/local/apache/bin/httpd'.
Program terminated with signal 11, Segmentation Fault.
Reading symbols from /usr/lib/libsocket.so.1...done.
Loaded symbols for /usr/lib/libsocket.so.1
Reading symbols from /usr/lib/libnsl.so.1...done.
Loaded symbols for /usr/lib/libnsl.so.1
Reading symbols from /usr/lib/libdl.so.1...done.
Loaded symbols for /usr/lib/libdl.so.1
Reading symbols from /usr/lib/libc.so.1...done.
Loaded symbols for /usr/lib/libc.so.1
Reading symbols from /usr/lib/libmp.so.2...done.
Loaded symbols for /usr/lib/libmp.so.2
Reading symbols from /usr/platform/SUNW,Ultra-4/lib/libc_psr.so.1...done.
Loaded symbols for /usr/platform/SUNW,Ultra-4/lib/libc_psr.so.1
Reading symbols from /home/ccurrie/local/apache/libexec/mod_env.so...done.
Loaded symbols for /home/ccurrie/local/apache/libexec/mod_env.so
Reading symbols from /home/ccurrie/local/apache/libexec/mod_log_config.so...
done.
Loaded symbols for /home/ccurrie/local/apache/libexec/mod_log_config.so
Reading symbols from /home/ccurrie/local/apache/libexec/mod_mime.so...done.
Loaded symbols for /home/ccurrie/local/apache/libexec/mod_mime.so
Reading symbols from /home/ccurrie/local/apache/libexec/mod_negotiation.so...
done.
Loaded symbols for /home/ccurrie/local/apache/libexec/mod_negotiation.so
Reading symbols from /home/ccurrie/local/apache/libexec/mod_status.so...done.
Loaded symbols for /home/ccurrie/local/apache/libexec/mod_status.so
Reading symbols from /home/ccurrie/local/apache/libexec/mod_include.so...done.
Loaded symbols for /home/ccurrie/local/apache/libexec/mod_include.so
Reading symbols from /home/ccurrie/local/apache/libexec/mod_autoindex.so...
done.
Loaded symbols for /home/ccurrie/local/apache/libexec/mod_autoindex.so
Reading symbols from /home/ccurrie/local/apache/libexec/mod_dir.so...done.
Loaded symbols for /home/ccurrie/local/apache/libexec/mod_dir.so
Reading symbols from /home/ccurrie/local/apache/libexec/mod_cgi.so...done.
Loaded symbols for /home/ccurrie/local/apache/libexec/mod_cgi.so
Reading symbols from /home/ccurrie/local/apache/libexec/mod_asis.so...done.
Loaded symbols for /home/ccurrie/local/apache/libexec/mod_asis.so
Reading symbols from /home/ccurrie/local/apache/libexec/mod_imap.so...done.
Loaded symbols for /home/ccurrie/local/apache/libexec/mod_imap.so
Reading symbols from /home/ccurrie/local/apache/libexec/mod_actions.so...done.
Loaded symbols for /home/ccurrie/local/apache/libexec/mod_actions.so
Reading symbols from /home/ccurrie/local/apache/libexec/mod_userdir.so...done.
Loaded symbols for /home/ccurrie/local/apache/libexec/mod_userdir.so
Reading symbols from /home/ccurrie/local/apache/libexec/mod_alias.so...done.
Loaded symbols for /home/ccurrie/local/apache/libexec/mod_alias.so
Reading symbols from /home/ccurrie/local/apache/libexec/mod_access.so...done.
Loaded symbols for /home/ccurrie/local/apache/libexec/mod_access.so
Reading symbols from /home/ccurrie/local/apache/libexec/mod_auth.so...done.
Loaded symbols for /home/ccurrie/local/apache/libexec/mod_auth.so
Reading symbols from /home/ccurrie/local/apache/libexec/mod_setenvif.so...done.
Loaded symbols for /home/ccurrie/local/apache/libexec/mod_setenvif.so
Reading symbols from /home/ccurrie/local/apache/libexec/libphp4.so...done.
Loaded symbols for /home/ccurrie/local/apache/libexec/libphp4.so
Reading symbols from /usr/lib/libpam.so.1...done.
Loaded symbols for /usr/lib/libpam.so.1
Reading symbols from /app/oracle/product/8.0.5/lib/libclntsh.so.1.0...done.
Loaded symbols for /app/oracle/product/8.0.5/lib/libclntsh.so.1.0
Reading symbols from /usr/lib/libresolv.so.2...done.
Loaded symbols for /usr/lib/libresolv.so.2
Reading symbols from /usr/lib/libm.so.1...done.
Loaded symbols for /usr/lib/libm.so.1
Reading symbols from /usr/ucblib/libucb.so.1...done.
Loaded symbols for /usr/ucblib/libucb.so.1
Reading symbols from /usr/lib/libelf.so.1...done.
Loaded symbols for /usr/lib/libelf.so.1
Reading symbols from /usr/lib/libaio.so.1...done.
Loaded symbols for /usr/lib/libaio.so.1
#0  0xeecde090 in kpufhndl ()
   from /app/oracle/product/8.0.5/lib/libclntsh.so.1.0
(gdb) where
#0  0xeecde090 in kpufhndl ()
   from /app/oracle/product/8.0.5/lib/libclntsh.so.1.0
#1  0xef225818 in _oci_close_session ()
   from /home/ccurrie/local/apache/libexec/libphp4.so
#2  0xef2254b0 in _oci_open_session ()
   from /home/ccurrie/local/apache/libexec/libphp4.so
#3  0xef226738 in oci_do_connect ()
   from /home/ccurrie/local/apache/libexec/libphp4.so
#4  0xef22bbd0 in php_if_ocilogon ()
   from /home/ccurrie/local/apache/libexec/libphp4.so
#5  0xef1c844c in execute () from /home/ccurrie/local/apache/libexec/libphp4.so
#6  0xef1fff10 in php_execute_script ()
   from /home/ccurrie/local/apache/libexec/libphp4.so
#7  0xef1f9258 in apache_php_module_main ()
   from /home/ccurrie/local/apache/libexec/libphp4.so
#8  0xef1fa620 in send_php ()
   from /home/ccurrie/local/apache/libexec/libphp4.so
#9  0xef1fa6bc in send_parsed_php ()
   from /home/ccurrie/local/apache/libexec/libphp4.so
#10 0x21a98 in ap_invoke_handler ()
#11 0x3e918 in process_request_internal ()
#12 0x3e99c in ap_process_request ()
#13 0x32334 in child_main ()
#14 0x326e8 in make_child ()
#15 0x32c60 in perform_idle_server_maintenance ()
#16 0x334c4 in standalone_main ()
#17 0x33e10 in main ()


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2000-10-18 10:37 UTC] sniper@php.net
Please try setting those environment variables
mentioned here: http://www.php.net/manual/ref.oci8.php
in the shell before starting Apache.

--Jani
 [2000-11-27 09:46 UTC] sniper@php.net
No feedback. 
 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Sun Nov 19 01:31:42 2017 UTC