php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #70295 Segmentation fault with setrawcookie
Submitted: 2015-08-18 22:52 UTC Modified: -
From: neclimdul at gmail dot com Assigned:
Status: Closed Package: *Network Functions
PHP Version: 7.0.0beta3 OS: linux
Private report: No CVE-ID:
 [2015-08-18 22:52 UTC] neclimdul at gmail dot com
Description:
------------
setrawcookie seems to be the cause of this bug but it actually requires a couple things to trigger. The rawurlencode and the PDO statement seem required.

I'm not sure how to get gdb working right with php-fpm where I triggered this bug. Because of the cookie involved it obviously doesn't work from the command line though.

Test script:
---------------
<?php

setrawcookie('cookie', rawurlencode('value'), $_SERVER['REQUEST_TIME'] + 31536000, '/');
$dbh = new PDO('mysql:host=localhost;dbname=data', 'root', '');


Expected result:
----------------
cookie is set

Actual result:
--------------
502 response and SIGSEGV in log

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2015-08-18 23:33 UTC] bwoebi@php.net
Automatic comment on behalf of bobwei9@hotmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=4df77a6c5852a8ba0ccb1a10e01a49c71d1f54b5
Log: Fixed bug #70295 (Segmentation fault with setrawcookie)
 [2015-08-18 23:33 UTC] bwoebi@php.net
-Status: Open +Status: Closed
 [2015-08-18 23:52 UTC] neclimdul at gmail dot com
So fast it made my head spin. Confirmed it fixed the failure in Drupal we where seeing! Thanks!
 [2015-09-03 18:10 UTC] ab@php.net
Automatic comment on behalf of bobwei9@hotmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=4df77a6c5852a8ba0ccb1a10e01a49c71d1f54b5
Log: Fixed bug #70295 (Segmentation fault with setrawcookie)
 [2016-07-20 11:36 UTC] davey@php.net
Automatic comment on behalf of bobwei9@hotmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=4df77a6c5852a8ba0ccb1a10e01a49c71d1f54b5
Log: Fixed bug #70295 (Segmentation fault with setrawcookie)
 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Sun Apr 30 18:01:35 2017 UTC