|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2018-01-23 17:16 UTC] dpa-bugs at aegee dot org
Description: ------------ When PHP is compiled with ./configure --disable-ipv6 and CURL supports IPv6, then an implicit curl_setopt($connection, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4); must exist in ext/curl/. Otherwise php-fpm crashes, until adding the above line in the <?php code. Test script: --------------- This is what valgrind reports: ==16016== Thread 2: ==16016== Use of uninitialised value of size 8 ==16016== at 0x964380C: __libc_res_nsearch (res_query.c:395) ==16016== by 0x1A6108E1: ??? ==16016== by 0xDE1B13B: gaih_inet (getaddrinfo.c:870) ==16016== by 0xDE1C85C: getaddrinfo (getaddrinfo.c:2426) ==16016== by 0x858ABB3: Curl_getaddrinfo_ex (curl_addrinfo.c:124) ==16016== by 0x85955B0: getaddrinfo_thread (asyn-thread.c:279) ==16016== by 0x8592FBA: curl_thread_create_thunk (curl_threads.c:57) ==16016== by 0xA272063: start_thread (pthread_create.c:309) ==16016== by 0xDE2F62C: clone (clone.S:111) ==16016== Uninitialised value was created by a stack allocation ==16016== at 0x1A610859: ??? ==16016== ==16016== Invalid read of size 4 ==16016== at 0x964380C: __libc_res_nsearch (res_query.c:395) ==16016== by 0x1A6108E1: ??? ==16016== by 0xDE1B13B: gaih_inet (getaddrinfo.c:870) ==16016== by 0xDE1C85C: getaddrinfo (getaddrinfo.c:2426) ==16016== by 0x858ABB3: Curl_getaddrinfo_ex (curl_addrinfo.c:124) ==16016== by 0x85955B0: getaddrinfo_thread (asyn-thread.c:279) ==16016== by 0x8592FBA: curl_thread_create_thunk (curl_threads.c:57) ==16016== by 0xA272063: start_thread (pthread_create.c:309) ==16016== by 0xDE2F62C: clone (clone.S:111) ==16016== Address 0x2 is not stack'd, malloc'd or (recently) free'd ==16016== ==16016== Process terminating with default action of signal 11 (SIGSEGV): dumping core ==16016== Access not within mapped region at address 0x2 ==16016== at 0x964380C: __libc_res_nsearch (res_query.c:395) ==16016== by 0x1A6108E1: ??? ==16016== by 0xDE1B13B: gaih_inet (getaddrinfo.c:870) ==16016== by 0xDE1C85C: getaddrinfo (getaddrinfo.c:2426) ==16016== by 0x858ABB3: Curl_getaddrinfo_ex (curl_addrinfo.c:124) ==16016== by 0x85955B0: getaddrinfo_thread (asyn-thread.c:279) ==16016== by 0x8592FBA: curl_thread_create_thunk (curl_threads.c:57) ==16016== by 0xA272063: start_thread (pthread_create.c:309) ==16016== by 0xDE2F62C: clone (clone.S:111) ==16016== If you believe this happened as a result of a stack ==16016== overflow in your program's main thread (unlikely but ==16016== possible), you can try to increase the size of the ==16016== main thread stack using the --main-stacksize= flag. ==16016== The main thread stack size used in this run was 8388608. ==16016== PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2020 The PHP GroupAll rights reserved. |
Last updated: Sat Mar 28 21:01:22 2020 UTC |
Proposed patch: --- php-7.1.13/ext/curl/interface.c.orig 2018-01-24 14:07:06.844000000 +0000 +++ php-7.1.13/ext/curl/interface.c 2018-01-24 14:15:23.436000000 +0000 @@ -1953,6 +1953,9 @@ #endif curl_easy_setopt(ch->cp, CURLOPT_DNS_CACHE_TIMEOUT, 120); curl_easy_setopt(ch->cp, CURLOPT_MAXREDIRS, 20); /* prevent infinite redirects */ +#if !ENABLE_IPV6 && LIBCURL_VERSION_NUM >= 0x070a08 /* 7.10.8 */ + curl_easy_setopt(ch->cp, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4); +#endif cainfo = INI_STR("openssl.cafile"); if (!(cainfo && cainfo[0] != '\0')) { @@ -2310,6 +2313,12 @@ case CURLOPT_MUTE: #endif lval = zval_get_long(zvalue); +#if !ENABLE_IPV6 && LIBCURL_VERSION_NUM >= 0x070a08 /* Available since 7.10.8 */ + if (option == CURLOPT_IPRESOLVE && lval == CURL_IPRESOLVE_V6) { + php_error_docref(NULL, E_WARNING, "CURL_IPRESOLVE_V6 cannot be activated as php is compiled without IPv6 support"); + return 1; + } +#endif #if LIBCURL_VERSION_NUM >= 0x71304 if ((option == CURLOPT_PROTOCOLS || option == CURLOPT_REDIR_PROTOCOLS) && (PG(open_basedir) && *PG(open_basedir)) && (lval & CURLPROTO_FILE)) {