php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #74000 Segfault in zm_deactivate_user_filters
Submitted: 2017-01-26 07:11 UTC Modified: -
From: aseering at gmail dot com Assigned:
Status: Open Package: Reproducible crash
PHP Version: 7.0.15 OS: Linux - Ubuntu 16.04
Private report: No CVE-ID:
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: aseering at gmail dot com
New email:
PHP Version: OS:

 

 [2017-01-26 07:11 UTC] aseering at gmail dot com
Description:
------------
I use the AfterLogic Light webmail program, written in PHP.  When I send an e-mail, PHP segfaults.  This is 100% reproducible; the stack always looks essentially the same.

I unfortunately don't have a tight reproducer at this time.  I do have a core file, and have posted a stack trace.  I can look into potentially coming up with a tighter reproducer if what's going on is not apparent from the core file or stack trace.

Test script:
---------------
http://www.afterlogic.org/download/webmail-lite-php

Actual result:
--------------
#0  0x00007f26e1949798 in ?? () from /usr/lib/apache2/modules/libphp7.0.so
#1  0x00007f26e19c8605 in zend_hash_destroy () from /usr/lib/apache2/modules/libphp7.0.so
#2  0x00007f26e1949ce9 in zm_deactivate_user_filters () from /usr/lib/apache2/modules/libphp7.0.so
#3  0x00007f26e18f254a in zm_deactivate_basic () from /usr/lib/apache2/modules/libphp7.0.so
#4  0x00007f26e19bdf74 in zend_deactivate_modules () from /usr/lib/apache2/modules/libphp7.0.so
#5  0x00007f26e1955d65 in php_request_shutdown () from /usr/lib/apache2/modules/libphp7.0.so
#6  0x00007f26e1a4d817 in ?? () from /usr/lib/apache2/modules/libphp7.0.so
#7  0x000055ac58a835a0 in ap_run_handler (r=r@entry=0x7f26cddae0a0) at config.c:169
#8  0x000055ac58a83b26 in ap_invoke_handler (r=r@entry=0x7f26cddae0a0) at config.c:433
#9  0x000055ac58a9afc2 in ap_process_async_request (r=0x7f26cddae0a0) at http_request.c:410
#10 0x000055ac58a9b170 in ap_process_request (r=r@entry=0x7f26cddae0a0) at http_request.c:445
#11 0x000055ac58a9723e in ap_process_http_sync_connection (c=0x7f26e6389290) at http_core.c:210
#12 ap_process_http_connection (c=0x7f26e6389290) at http_core.c:251
#13 0x000055ac58a8d510 in ap_run_process_connection (c=c@entry=0x7f26e6389290) at connection.c:41
#14 0x000055ac58a8d920 in ap_process_connection (c=c@entry=0x7f26e6389290, csd=<optimized out>) at connection.c:213
#15 0x00007f26e1fa27e9 in child_main (child_num_arg=child_num_arg@entry=1, child_bucket=child_bucket@entry=0) at prefork.c:723
#16 0x00007f26e1fa2a74 in make_child (s=0x7f26e654b470, slot=slot@entry=1, bucket=0) at prefork.c:824
#17 0x00007f26e1fa2aeb in startup_children (number_to_start=4) at prefork.c:843
#18 0x00007f26e1fa3ac7 in prefork_run (_pconf=<optimized out>, plog=0x7f26e6548028, s=0x7f26e654b470) at prefork.c:1010
#19 0x000055ac58a67abe in ap_run_mpm (pconf=0x7f26e657b028, plog=0x7f26e6548028, s=0x7f26e654b470) at mpm_common.c:94
#20 0x000055ac58a61160 in main (argc=3, argv=0x7ffd0bc11e58) at main.c:777

Patches

Add a Patch

Pull Requests

Add a Pull Request

 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Tue Aug 29 15:01:52 2017 UTC