PHP :: Bug #81280 :: cli.prompt leads to segmentation fault

Bug #81280	cli.prompt leads to segmentation fault
Submitted:	2021-07-23 06:10 UTC	Modified:	2021-07-30 15:21 UTC
From:	easteregg at verfriemelt dot org	Assigned:
Status:	Closed	Package:	*General Issues
PHP Version:	8.0.8	OS:	Debian GNU/Linux 11 (bullseye)
Private report:	No	CVE-ID:	None

View Developer Edit

[2021-07-23 06:10 UTC] easteregg at verfriemelt dot org

Description:
------------
i wanted to improve my interactive shellprompt...



Test script:
---------------
echo cli.prompt="»" > test.ini
PHPRC=`pwd`/test.ini php -a

Expected result:
----------------
Interactive mode enabled

»

Actual result:
--------------
Interactive mode enabled

[1]    2825134 segmentation fault (core dumped)  php -a

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2021-07-23 06:18 UTC] easteregg at verfriemelt dot org

sorry, i forgot to mention, that this will only occur with unicode characters, hence the example with "»"

[2021-07-23 08:01 UTC] patrickallaert@php.net

I can't reproduce this one, any chance to provide a gdb backtrace?

Does it happen too with the following?

$ php -n -d cli.prompt="»" -a

[2021-07-23 08:31 UTC] easteregg at verfriemelt dot org

with -n it does not segfault but shows no prompt at all.

gdb trace:

Reading symbols from /usr/bin/php...
Reading symbols from /usr/lib/debug/.build-id/b5/86e7d17af20d6d58923a72e13bcd4d4c2c9295.debug...
(gdb) r
Starting program: /usr/bin/php -d cli.prompt=» -a
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Interactive mode enabled


Program received signal SIGSEGV, Segmentation fault.
0x00007ffff2fb66e5 in ?? () from /lib/x86_64-linux-gnu/libedit.so.2
(gdb) bt
#0  0x00007ffff2fb66e5 in ?? () from /lib/x86_64-linux-gnu/libedit.so.2
#1  0x00007ffff2fb78db in ?? () from /lib/x86_64-linux-gnu/libedit.so.2
#2  0x00007ffff2fb6e57 in ?? () from /lib/x86_64-linux-gnu/libedit.so.2
#3  0x00007ffff2fb7258 in el_wgets () from /lib/x86_64-linux-gnu/libedit.so.2
#4  0x00007ffff2fb1d63 in el_gets () from /lib/x86_64-linux-gnu/libedit.so.2
#5  0x00007ffff2fc5486 in readline () from /lib/x86_64-linux-gnu/libedit.so.2
#6  0x00007ffff31528e4 in readline_shell_run () at ./ext/readline/readline_cli.c:624
#7  0x00005555558a25dd in do_cli (argc=4, argv=0x555555a35ed0) at ./sapi/cli/php_cli.c:947
#8  0x000055555566767b in main (argc=4, argv=0x555555a35ed0) at ./sapi/cli/php_cli.c:1336
(gdb)

[2021-07-23 13:51 UTC] cmb@php.net

FWIW, this works on Windows (except that setting the option via
command line causes a assertion violation, because isalnum expects
a number in range -1 to 255[1] while by default char gets promoted
to int as if from type signed char[2]).

And well, the documentation is meager; it does not even mention
the meaning of the escape characters[3].

[1] <https://github.com/php/php-src/blob/php-7.4.21/sapi/cli/php_cli.c#L1252>
[2] <https://docs.microsoft.com/en-us/cpp/cpp/char-wchar-t-char16-t-char32-t?view=msvc-160>
[3] <https://github.com/php/php-src/blob/php-7.4.21/ext/readline/readline_cli.c#L143-L181>

[2021-07-23 15:15 UTC] easteregg at verfriemelt dot org

i tried to play around with this issue some more, and noticed, i am not even able to input "»" in the interactive mode.

some other cli tools, like for example psql ( postgresql client ) uses readline aswell, and i know for a fact, that those handle » just fine on windows and linux.

[2021-07-30 15:21 UTC] cmb@php.net

The segfault has already been reported as bug #76989.

[2021-08-11 08:35 UTC] git@php.net

Automatic comment on behalf of krakjoe
Revision: https://github.com/php/php-src/commit/a2e051921a325fb0368afe0909f469a8d20dbb44
Log: Fix bug #81280 refuse to allow unicode chars in prompts

[2021-08-11 08:35 UTC] git@php.net

-Status: Open +Status: Closed

[2022-02-08 13:34 UTC] pardon at vimp dot com

I can reproduce this error within interactive PHP shell:

$ php -a
Interactive mode enabled

php > $gitName = shell_exec('git config user.name');
php > echo $gitName;
Christoph René Pardon
php > echo readline('confirm ' . $gitName) . PHP_EOL;
[1]    1306364 segmentation fault  php -a

[2022-02-08 13:41 UTC] pardon at vimp dot com

Addition: my PHP version is 8.0.15

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Nov 21 11:01:29 2024 UTC