php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #7913 crash on http HEAD when ob_start used in index.php
Submitted: 2000-11-21 18:33 UTC Modified: 2001-04-29 10:47 UTC
From: raarts at netland dot nl Assigned:
Status: Closed Package: Output Control
PHP Version: 4.0.3pl1 OS: linux-alpha 2.2.16-3 redhat 6.2
Private report: No CVE-ID: None
 [2000-11-21 18:33 UTC] raarts at netland dot nl
See subject. The php script I used contained
*only* an ob_start() and after that some normal
HTML. The GET command did not result in a crash,
the HEAD command did.

Here is the spec file I used to create apache+php:

%define contentdir /gar/www
%define apache_ver 1.3.14
%define mod_ssl_ver 2.7.1
%define php_ver 4.0.3pl1
%define gd_ver 1.8.3

Summary: The most widely used Web server on the Internet.
Name: apache-upwatch
Version: %{apache_ver}
Release: 25
Group: System Environment/Daemons
Source: ftp://ftp.apache.org/apache/dist/apache_%{version}.tar.gz
Source1: ftp://ftp.modssl.org/source/mod_ssl-%{mod_ssl_ver}-%{version}.tar.gz
Source2: spacer48.png
Source3: apache-index.html
Source4: poweredby.png
Source5: httpd.init
Source6: apache.logrotate
Source7: apache-access.conf
Source8: apache-httpd.conf
Source9: apache-srm.conf
Source10: ftp://ftp.cohprog.com/pub/apache/module/1.3.0/mod_bandwidth.c
Source11: mod_put.c
Source12: http://www.snert.com/Software/Throttle/mod_throttle208.tgz
Source13: SSL-Certificate-Creation
Source14: php-%{php_ver}.tar.gz
Source15: gd-%{gd_ver}.tar.gz
Patch0: apache_1.3.12-eapi-2.6.4.patch
Patch1: apache_1.3.12-redhat.patch
Patch2: apache-1.3.11-apxs.patch
Patch3: apache_1.3.12-phhttpd-eapi.patch
Patch4: apache_1.3.12-piranha.patch
Patch5: mod_ssl-2.6.4-tty.patch
Patch6: gd-ttf.patch

Copyright: Freely distributable and usable
BuildRoot: %{_tmppath}/apache-root
BuildPrereq: findutils, openssl-devel, perl
Requires: /etc/mime.types, gawk, file
Prereq: /sbin/chkconfig, /bin/mktemp, /bin/rm, /bin/mv, /bin/sed, mailcap, grep
Prereq: textutils, /usr/sbin/useradd, /etc/init.d
Provides: webserver

%description
Apache is a powerful, full-featured, efficient and freely-available
Web server. Apache is also the most popular Web server on the
Internet.

Install the apache package if you need a Web server.

%package -n mod_ssl
Group: System Environment/Daemons
Version: %{mod_ssl_ver}
Summary: HTTPS (HTTP over SSL) support for the Apache Web server.
Requires: apache-upwatch = %{apache_ver}-%{release}
Prereq: openssl, dev

%description -n mod_ssl
The mod_ssl package contains mod_ssl %{mod_ssl_ver}, the server module that
adds SSL support to the Apache Web server.  If you need a secure web
server, install this package and read http://localhost/manual/mod/mod_ssl/
for documentation about how to configure the SSL support.

%package devel
Version: %{apache_ver}
Group: Development/Libraries
Summary: Development tools for the Apache Web server.
Obsoletes: secureweb-devel

%description devel
The apache-devel package contains the APXS binary and other files that
you'll need to build Dynamic Shared Objects (DSOs) for Apache.

If you are installing the Apache Web server, and you want to be
able to compile or develop additional modules for Apache, you'll
need to install this package.

%package manual
Version: %{apache_ver}
Group: Documentation
Summary: Documentation for the Apache Web server.

%description manual
The apache-manual package contains the complete manual and reference
guide for the Apache Web server.  If you need Apache documentation
installed on the local machine, install this package.  The information
can also be found on the Web at http://www.apache.org/docs/.

%prep
%setup -q -n apache_%{version} -a 1 -a 12 -a 14 -a 15

#%patch0 -p1 -b .eapi
pushd mod_ssl-%{mod_ssl_ver}-%{version}
%configure --with-apache=`cd ..;pwd` --with-eapi-only
popd

%patch1 -p1 -b .redhat
%patch2 -p1 -b .apxs
#%patch3 -p1 -b .phttpd-eapi
%patch4 -p1 -b .piranha
pushd mod_ssl-%{mod_ssl_ver}-%{version}
%patch5 -p2 -b .tty
popd

pushd gd-%{gd_ver}
%patch6 -p0 -b .ttf
popd

%build
TARGET_PLATFORM=%{_target_platform}
%define _target_platform --target=${TARGET_PLATFORM}

pushd mod_ssl-%{mod_ssl_ver}-%{version}
%configure --with-apache=`cd ..;pwd`
popd

pushd gd-%{gd_ver}
make
popd

# configure once for php
./configure

pushd php-%{php_ver}
./configure \
        --prefix=%{_prefix} \
        --with-apache=`cd ..;pwd` \
        --with-mysql=%{_prefix} \
        --enable-debug \
        --enable-pic \
        --enable-inline-optimization \
        --with-exec-dir=%{_bindir} \
        --with-regex=system \
        --with-gettext \
        --with-gd=../gd-%{gd_ver} \
        --with-jpeg-dir=%{_prefix} \
        --with-png \
        --with-zlib \
        --with-gdbm \
        --enable-debugger \
        --enable-magic-quotes \
        --enable-safe-mode \
        --enable-sysvsem \
        --enable-sysvshm \
        --enable-track-vars \
        --enable-trans-sid \
        --enable-ftp \
        --with-xml

#       --target=%{_target_platform} \

make
make install

popd

EXTRA_CFLAGS=-g ./configure \
        --prefix=%{_prefix} \
        --exec-prefix=%{_prefix} \
        --bindir=%{_bindir} \
        --sbindir=%{_sbindir} \
        --libexecdir=%{_libdir}/apache \
        --mandir=%{_mandir} \
        --localstatedir=%{_localstatedir} \
        --sysconfdir=%{_sysconfdir}/httpd/conf \
        --datadir=%{contentdir} \
        --includedir=%{_includedir}/apache \
        --libexecdir=%{_libdir}/apache \
        --iconsdir=%{contentdir}/icons \
        --htdocsdir=%{contentdir}/html \
        --cgidir=%{contentdir}/cgi-bin \
        --runtimedir=%{_var}/httpd \
        --logfiledir=%{_var}/log/httpd \
        --proxycachedir=%{_var}/cache/httpd \
        --add-module=$RPM_SOURCE_DIR/mod_bandwidth.c \
        --add-module=$RPM_SOURCE_DIR/mod_put.c \
        --activate-module=src/modules/throttle/mod_throttle.o \
        --activate-module=src/modules/php4/libphp4.a \
        --enable-module=all \
        --enable-shared=ssl \
        --enable-rule=EAPI \
        --disable-rule=WANTHSREGEX \
        --disable-module=auth_dbm \
        --with-perl=%{__perl} \
        --enable-suexec \
        --suexec-docroot=%{contentdir}/html \
        --without-execstrip \
        --suexec-caller=apache
make

%install
[ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
%{makeinstall} sysconfdir=$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf \
        includedir=$RPM_BUILD_ROOT%{_includedir}/apache \
        libexecdir=$RPM_BUILD_ROOT%{_libdir}/apache \
        iconsdir=$RPM_BUILD_ROOT%{contentdir}/icons \
        htdocsdir=$RPM_BUILD_ROOT%{contentdir}/html \
        cgidir=$RPM_BUILD_ROOT%{contentdir}/cgi-bin \
        runtimedir=$RPM_BUILD_ROOT%{_var}/httpd \
        logfiledir=$RPM_BUILD_ROOT%{_var}/log/httpd \
        proxycachedir=$RPM_BUILD_ROOT%{_var}/cache/httpd

# remove apachectl; we have our own SYSV init stuff
rm $RPM_BUILD_ROOT%{_sbindir}/apachectl
rm $RPM_BUILD_ROOT%{_mandir}/man8/apachectl.8

# install SYSV init stuff
mkdir -p $RPM_BUILD_ROOT/etc/rc.d/init.d
install -m755 $RPM_SOURCE_DIR/httpd.init \
        $RPM_BUILD_ROOT/etc/rc.d/init.d/httpd

# install log rotation stuff
mkdir -p $RPM_BUILD_ROOT/etc/logrotate.d
install -m644 $RPM_SOURCE_DIR/apache.logrotate \
        $RPM_BUILD_ROOT/etc/logrotate.d/apache

ln -s ../../var/log/httpd $RPM_BUILD_ROOT/etc/httpd/logs
ln -s ../../usr/lib/apache $RPM_BUILD_ROOT/etc/httpd/modules

install -m644 $RPM_SOURCE_DIR/apache-index.html \
        $RPM_BUILD_ROOT%{contentdir}/html/index.html
install -m644 $RPM_SOURCE_DIR/poweredby.png \
        $RPM_BUILD_ROOT%{contentdir}/html

# replace Apache's default config files with our own versions
install -m644 $RPM_SOURCE_DIR/apache-access.conf \
        $RPM_BUILD_ROOT/etc/httpd/conf/access.conf

install -m644 $RPM_SOURCE_DIR/apache-httpd.conf \
        $RPM_BUILD_ROOT/etc/httpd/conf/httpd.conf

install -m644 $RPM_SOURCE_DIR/apache-srm.conf \
        $RPM_BUILD_ROOT/etc/httpd/conf/srm.conf

# Remove default keys and certs, install docs, and point to the right makefile.
mkdir -p $RPM_BUILD_ROOT%{contentdir}/html/manual/mod/mod_ssl/
install -m644 mod_ssl-%{mod_ssl_ver}-%{version}/pkg.ssldoc/*.{html,gif,jpg} \
        $RPM_BUILD_ROOT%{contentdir}/html/manual/mod/mod_ssl/
rm -f $RPM_BUILD_ROOT/etc/httpd/conf/ssl.*/server.*
ln -s ../../../usr/share/ssl/certs/Makefile $RPM_BUILD_ROOT/etc/httpd/conf

# install apache source code for devel package
#mkdir -p $RPM_BUILD_ROOT/usr/src
#tar xzf $RPM_SOURCE_DIR/apache_%{version}.tar.gz -C $RPM_BUILD_ROOT/usr/src
find $RPM_BUILD_ROOT -type f | \
        xargs grep -l "/usr/local/bin/perl5" | \
        xargs perl -pi -e "s|/usr/local/bin/perl5|/usr/bin/perl|g;"
find $RPM_BUILD_ROOT -type f | \
        xargs grep -l "/usr/local/bin/perl" | \
        xargs perl -pi -e "s|/usr/local/bin/perl|/usr/bin/perl|g;"

# clean up apxs
sed "s^$RPM_BUILD_ROOT^^g" $RPM_BUILD_ROOT%{_sbindir}/apxs > apxs.tmp && \
cat apxs.tmp > $RPM_BUILD_ROOT%{_sbindir}/apxs

%clean
rm -rf $RPM_BUILD_ROOT

%post
/sbin/chkconfig --add httpd
# safely add .htm to mime types if it is not already there
[ -f /etc/mime.types ] || exit 0
TEMPTYPES=`/bin/mktemp /tmp/mimetypes.XXXXXX`
[ -z "$TEMPTYPES" ] && {
  echo "could not make temporary file, htm not added to /etc/mime.types" >&2
  exit 1
}
( grep -v "^text/html"  /etc/mime.types
  types=$(grep "^text/html" /etc/mime.types | cut -f2-)
  echo -en "text/html\t\t\t"
  for val in $types ; do
      if [ "$val" = "htm" ] ; then
          continue
      fi
      echo -n "$val "
  done
  echo "htm"
) > $TEMPTYPES
cat $TEMPTYPES > /etc/mime.types && /bin/rm -f $TEMPTYPES

%pre
# Add the "apache" user
/usr/sbin/useradd -c "Apache" -u 48 \
        -s /bin/false -r -d /var/www apache 2> /dev/null || :

%preun
if [ $1 = 0 ]; then
        /sbin/service httpd stop > /dev/null 2>&1
        /sbin/chkconfig --del httpd
fi

%files
%defattr(-,root,root)
%dir /etc/httpd/conf
%config /etc/httpd/conf/access.conf
%config /etc/httpd/conf/srm.conf
%config /etc/httpd/conf/httpd.conf

/etc/httpd/logs
/etc/httpd/modules
%config /etc/logrotate.d/apache
%config /etc/rc.d/init.d/httpd

%dir %{contentdir}
%{contentdir}/cgi-bin
%dir %{contentdir}/html
%config(noreplace) %{contentdir}/html/index.html
%{contentdir}/html/poweredby.png
%{contentdir}/icons

%dir %{_libdir}/apache
%{_libdir}/apache/httpd.exp
#%{_libdir}/apache/libproxy.so
#%{_libdir}/apache/mod*.so

%{_mandir}/man1/*
%{_mandir}/man8/ab.8*
%{_mandir}/man8/httpd.8*
%{_mandir}/man8/logresolve.8*
%{_mandir}/man8/rotatelogs.8*
%{_mandir}/man8/suexec.8*

%{_sbindir}/ab
%{_sbindir}/httpd
%{_sbindir}/logresolve
%{_sbindir}/rotatelogs
%attr(0711,root,root) %{_sbindir}/suexec
%{_bindir}/*

%attr(-,apache,apache) %dir %{_var}/cache/httpd
%dir %{_var}/log/httpd

%files manual
%defattr(-,root,root)
%dir %{contentdir}/html/manual
%{contentdir}/html/manual/LICENSE
%{contentdir}/html/manual/*.html
%{contentdir}/html/manual/images
%{contentdir}/html/manual/misc
%{contentdir}/html/manual/search
%{contentdir}/html/manual/vhosts
%dir %{contentdir}/html/manual/mod
%{contentdir}/html/manual/mod/*.html

%files devel
%defattr(-,root,root)
%{_includedir}/apache
%{_sbindir}/apxs
%{_mandir}/man8/apxs.8*

%post -n mod_ssl
/sbin/ldconfig
umask 077

if [ ! -f %{_sysconfdir}/httpd/conf/ssl.key/server.key ] ; then
%{_bindir}/openssl genrsa -rand /proc/apm:/proc/cpuinfo:/proc/dma:/proc/filesystems:/proc/interrupts:/proc/ioports:/proc/pci:/proc/rtc:/proc/uptime 1024 > %{_sysconfdir}/httpd/conf/ssl.key/server.key 2> /dev/null
fi

if [ ! -f %{_sysconfdir}/httpd/conf/ssl.crt/server.crt ] ; then
cat << EOF | %{_bindir}/openssl req -new -key %{_sysconfdir}/httpd/conf/ssl.key/server.key -x509 -days 365 -out %{_sysconfdir}/httpd/conf/ssl.crt/server.crt 2>/dev/null
--
SomeState
SomeCity
SomeOrganization
SomeOrganizationalUnit
localhost.localdomain
root@localhost.localdomain
EOF
fi

%files -n mod_ssl
%defattr(-,root,root)
%doc $RPM_SOURCE_DIR/SSL-Certificate-Creation
%{contentdir}/html/manual/mod/mod_ssl/
%{_libdir}/apache/libssl.so
%{_sysconfdir}/httpd/conf/Makefile
%attr(0700,root,root) %dir %{_sysconfdir}/httpd/conf/ssl.*
%{_sysconfdir}/httpd/conf/ssl.*/*



GNU gdb 5.0
Copyright 2000 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "alpha-redhat-linux"...
(gdb) b zend_bailout
Breakpoint 1 at 0x1200fa4e8: file zend.c, line 446.
(gdb) run -X
Starting program: /usr/src/redhat/BUILD/apache_1.3.14/src/httpd -X


at this point I connected to port 80 an typed:

HEAD / HTTP/1.0\n
\n

Breakpoint 1, zend_bailout () at zend.c:446
446             CG(unclean_shutdown) = 1;
(gdb) where
#0  zend_bailout () at zend.c:446
#1  0x1200ccf14 in php_end_ob_buffer (send_buffer=1) at output.c:157
(gdb) bt full
#0  zend_bailout () at zend.c:446
No locals.
#1  0x1200ccf14 in php_end_ob_buffer (send_buffer=1) at output.c:157
        final_buffer = 0x0
        final_buffer_length = 229
        alternate_buffer = (zval *) 0x11ffff650
(gdb) n
442     {
(gdb)
zend_bailout () at zend.c:447
447             longjmp(EG(bailout), FAILURE);
(gdb)
446             CG(unclean_shutdown) = 1;
(gdb) where
#0  zend_bailout () at zend.c:446
#1  0x12003bd54 in sapi_apache_send_headers (sapi_headers=0x12044de20) at mod_php4.c:226
#2  0x1200cd560 in php_ub_body_write (
    str=0x12044de20 "<html>\n<HEAD>\n<META HTTP-EQUIV=\"REFRESH\" content=\"0;URL=\">\n</HEAD>\n<body bgcolor=\"#ffffff\">\nPlease pres
s <a href=>here</a> if it does not work by itself.\n</body>\n</html>\n<!-- $Id: index.php,v 1.6 1999"..., str_length=229)
    at output.c:358
(gdb) n
442     {
(gdb) n
446             CG(unclean_shutdown) = 1;
(gdb) n
447             longjmp(EG(bailout), FAILURE);
(gdb) where
#0  zend_bailout () at zend.c:447
#1  0x1200cd5a0 in php_ub_body_write (
    str=0x12044de20 "<html>\n<HEAD>\n<META HTTP-EQUIV=\"REFRESH\" content=\"0;URL=\">\n</HEAD>\n<body bgcolor=\"#ffffff\">\nPlease pres
s <a href=>here</a> if it does not work by itself.\n</body>\n</html>\n<!-- $Id: index.php,v 1.6 1999"..., str_length=229)
    at output.c:368
#2  0x1200ccf14 in php_end_ob_buffer (send_buffer=1) at output.c:157
#3  0x1200ccfb8 in php_end_ob_buffers (send_buffer=1) at output.c:172
#4  0x12010d500 in apache_php_module_main (r=0x1203993d0, display_source_mode=0) at sapi_apache.c:93
#5  0x12003c928 in send_php (r=0x12043d520, display_source_mode=0, filename=0x12043dfc8 "/home/uwat/www/index.php") at mod_php4.c:510
#6  0x12003c9ac in send_parsed_php (r=0x12043d520) at mod_php4.c:521
#7  0x12018b77c in ap_invoke_handler (r=0x12043d520) at http_config.c:516
#8  0x1201ab590 in process_request_internal (r=0x12043d520) at http_request.c:1282
#9  0x1201abc1c in ap_internal_redirect (new_uri=0x12043d4f8 "/index.php", r=0x120419680) at http_request.c:1409
#10 0x120163920 in handle_dir (r=0x120419680) at mod_dir.c:173
#11 0x12018b77c in ap_invoke_handler (r=0x120419680) at http_config.c:516
#12 0x1201ab590 in process_request_internal (r=0x120419680) at http_request.c:1282
#13 0x1201ab654 in ap_process_request (r=0x120419680) at http_request.c:1298
#14 0x12019ec18 in child_main (child_num_arg=0) at http_main.c:4299
#15 0x12019eeac in make_child (s=0x12039d890, slot=0, now=974849140) at http_main.c:4412
#16 0x12019f0f0 in startup_children (number_to_start=8) at http_main.c:4494
#17 0x12019fa88 in standalone_main (argc=2, argv=0x11ffffa68) at http_main.c:4782
#18 0x1201a0574 in main (argc=2, argv=0x11ffffa68) at http_main.c:5124
#19 0x200010698e4 in __libc_start_main (main=0x1201a0060 <main>, argc=2, argv=0x11ffffa68, init=0x1200264e0 <_init>,
---Type <return> to continue, or q <return> to quit---
    fini=0x1201fc0a0 <_fini>, rtld_fini=0x2000011d910 <_dl_debug_impcalls>, stack_end=0x11ffffa50)
    at ../sysdeps/generic/libc-start.c:92
(gdb) n
warning: Cannot insert breakpoint -43:
Cannot access memory at address 0x2
(gdb) n
 
Breakpoint 1, zend_bailout () at zend.c:446
446             CG(unclean_shutdown) = 1;
(gdb)
442     {
(gdb)
zend_bailout () at zend.c:447
447             longjmp(EG(bailout), FAILURE);
(gdb)
446             CG(unclean_shutdown) = 1;
(gdb)
442     {
(gdb)
446             CG(unclean_shutdown) = 1;
(gdb)
447             longjmp(EG(bailout), FAILURE);
(gdb)
warning: Cannot insert breakpoint -43:
Cannot access memory at address 0x2
(gdb)
 
Program received signal SIGILL, Illegal instruction.
0x120393588 in output_globals ()
(gdb)  

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2001-01-07 18:46 UTC] sniper@php.net
Does this happen with latest snapshot from http://snaps.php.net/ ?

--Jani
 [2001-01-08 08:12 UTC] sniper@php.net
User feedback:
--------------

Yes, it does happen with 200101072345.

--------------

Note: I can not reproduce this.

--Jani

 [2001-01-09 13:19 UTC] sniper@php.net
Note: This happens ONLY on Alpha's (not on i386).
 [2001-04-29 10:47 UTC] andi@php.net
Please try 4.0.5 which should be out tomorrow and open a new bug report if this still doesn't work.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sun Dec 01 20:01:29 2024 UTC