ID: 14497
Updated by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
Status: Analyzed
Bug Type: Session related
Operating System: FreeBSD 4.4-Stable
PHP Version: 4.1.0, 4-2001121
New Comment:
Since ver 4.1.2 was released Feb 27 and the post of Feb 2 says the fix
has been commited to the CVS and because of this line in the NEWS:
'Fixed a crash in the session module (Yasuo)', I'm assuming the fix was
commited in ver 4.1.2. If not, then this is probably a moot post.
Nonetheless, I'm still having this problem. I'm currently using the
work around (return '') and httpd no longer seg faults but returning
php booleans does cause the crash.
My server info: linux 2.2.19, apache 1.3.24, php 4.1.2 and Ying Zhang's
mysql session handlers.
This is the backtrace I've gotten from it:
Program received signal SIGSEGV, Segmentation fault.
0x81ace4a in _zend_is_inconsistent (ht=0x0, file=0x82905e4
"zend_hash.c",
line=975) at zend_hash.c:84
84 if (ht->inconsistent==HT_OK) {
--
Thanks.
Previous Comments:
------------------------------------------------------------------------
[2002-02-02 22:18:22] [EMAIL PROTECTED]
This bug has been fixed in CVS.
------------------------------------------------------------------------
[2002-01-06 22:23:57] [EMAIL PROTECTED]
I've not committed the fix for this bug yet, but you can work around
the segfault.
Return string when there is no data to read or failed to write. (i.e.
return '';) User session save handler expect string data, if you return
other than string, it segfualts.
------------------------------------------------------------------------
[2001-12-21 03:36:49] [EMAIL PROTECTED]
Assigned to myself. By the I updated this bug report, I know the fix,
but I forgot what is was now :(
I'll work on this after I finish things have to do....
------------------------------------------------------------------------
[2001-12-19 23:00:15] [EMAIL PROTECTED]
Is this fixed?
Anyone mind if I fix this and commit?
--
Yasuo Ohgaki
------------------------------------------------------------------------
[2001-12-14 16:00:04] [EMAIL PROTECTED]
I had already tried out your user handlers (as you can see from the bug
report). Your handlers weren't causing the crash but were helping in
making the crash happen. (I would guess that the initialization of the
internal data structures from your handlers allowed the invalid "return
false;" pointer to be fubar'd in such a way to cause a segfault.)
Read the bug report, it's all there, including on how I was reproducing
the crash.
Your session handlers have a few problems when there is concurrent
access for the same session id. (It *DOES* happen, especially with
AvantGo clients, trust me on this one) You also do not check for
expiration in your session_read. Since garbage collection doesn't
happen on every single access, there's a possibility that stale data
would get loaded.
Also, since your session handlers aren't mentioned anywhere on the PHP
website under the session documentation, as well as not stressing the
fact that returning false will cause data corruption, it still doesn't
really address the issue.
Personally I don't think the doing something in a script language
should cause a low-level crash. I believe there was another recent bug
dealing with the xslt extension that explained this issue well: "But
PHP generating nice corefiles is not ok."
At most I think PHP should return an error when the data isn't what was
expected, not segfault, or core, or crash.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/14497
--
Edit this bug report at http://bugs.php.net/?id=14497&edit=1
