ID: 42728 Updated by: [EMAIL PROTECTED] Reported By: nyos at nyos dot homelinux dot net -Status: Open +Status: Bogus Bug Type: Reproducible crash Operating System: Kubuntu linux 7.04 Feisty Fawn PHP Version: 5.2.4 New Comment:
Sorry, but your problem does not imply a bug in PHP itself. For a list of more appropriate places to ask for help using PHP, please visit http://www.php.net/support.php as this bug system is not the appropriate forum for asking support questions. Due to the volume of reports we can not explain in detail here why your report is not a bug. The support channels will be able to provide an explanation for you. Thank you for your interest in PHP. >From the backtrace it would seem that the crash is happening in your libtidy and not PHP. I've tried to reproduce the crash with both of your examples and it works fine here, and no errors are reported by valgrind. Previous Comments: ------------------------------------------------------------------------ [2007-09-22 04:15:29] nyos at nyos dot homelinux dot net Thanks for your fast reply. I've compiled 5.2.4 with ./configure --enable-debug --with-tidy command line switches. Here's the backtrace. Core was generated by `/home/nyos/webmasters/tidybug/src/php-5.2.4/sapi/cli/php ./tidy.php'. Program terminated with signal 11, Segmentation fault. #0 0xb7f7e3d8 in tidyGetChild () from /usr/lib/libtidy-0.99.so.0 (gdb) bt #0 0xb7f7e3d8 in tidyGetChild () from /usr/lib/libtidy-0.99.so.0 #1 0x082b5f98 in tidy_add_default_properties (obj=0x854bda0, type=is_node) at /home/nyos/webmasters/tidybug/src/php-5.2.4/ext/tidy/tidy.c:811 #2 0x082b64c8 in php_tidy_create_node (ht=1, return_value=0x854b4b0, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1, node=is_body_node) at /home/nyos/webmasters/tidybug/src/php-5.2.4/ext/tidy/tidy.c:902 #3 0x082b8e09 in zif_tidy_get_body (ht=1, return_value=0x854b4b0, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1) at /home/nyos/webmasters/tidybug/src/php-5.2.4/ext/tidy/tidy.c:1548 #4 0x083469a1 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfb3c5e0) at /home/nyos/webmasters/tidybug/src/php-5.2.4/Zend/zend_vm_execute.h:200 #5 0x0834c257 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0xbfb3c5e0) at /home/nyos/webmasters/tidybug/src/php-5.2.4/Zend/zend_vm_execute.h:1681 #6 0x083464f1 in execute (op_array=0x854ade0) at /home/nyos/webmasters/tidybug/src/php-5.2.4/Zend/zend_vm_execute.h:92 #7 0x08321b41 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /home/nyos/webmasters/tidybug/src/php-5.2.4/Zend/zend.c:1134 #8 0x082cdc05 in php_execute_script (primary_file=0xbfb3e958) at /home/nyos/webmasters/tidybug/src/php-5.2.4/main/main.c:1982 #9 0x0839b5a1 in main (argc=2, argv=0xbfb3eac4) at /home/nyos/webmasters/tidybug/src/php-5.2.4/sapi/cli/php_cli.c:1140 (gdb) frame 6 #6 0x083464f1 in execute (op_array=0x854ade0) at /home/nyos/webmasters/tidybug/src/php-5.2.4/Zend/zend_vm_execute.h:92 92 if (EX(opline)->handler(&execute_data TSRMLS_CC) > 0) { ------------------------------------------------------------------------ [2007-09-21 16:44:45] [EMAIL PROTECTED] Thank you for this bug report. To properly diagnose the problem, we need a backtrace to see what is happening behind the scenes. To find out how to generate a backtrace, please read http://bugs.php.net/bugs-generating-backtrace.php for *NIX and http://bugs.php.net/bugs-generating-backtrace-win32.php for Win32 Once you have generated a backtrace, please submit it to this bug report and change the status back to "Open". Thank you for helping us make PHP better. ------------------------------------------------------------------------ [2007-09-21 14:50:38] nyos at nyos dot homelinux dot net Description: ------------ Tidy (libtidy, php-tidy) fails on a (syntactically) incorrect page. This mustn't happen of course. A segmentation fault might be caused by a buffer overrun, or a wandering pointer, which might be a security issue as well. (However, breaking into a bot using tidy through this bug is very unlikely.) Tidy's purpose is to correct incorrect pages, so it needs to be error-proof. versions: ubuntu feisty default install + kubuntu-desktop + up-to date system, however, I'm not sure even if it's a bug in php or in tidy Package: tidy Version: 20051018-1 Package: libtidy-0.99-0 Version: 20051018-1 Package: php5-tidy Version: 5.2.1-0ubuntu1.4 (this is the newest version in package, but I didn't see anything about this bug, so possibly it's still a bug) Reproduce code: --------------- <? /* // this won't work either $file_data=' <html> <frameset > </frameset> </html> '; */ $file_data=' <frameset > </frameset> '; $t=tidy_parse_string(trim($file_data)); $t->cleanRepair(); echo "following line segfaults..\n"; $body=tidy_get_body($t); echo "..or works?\n"; ?> Expected result: ---------------- $body=null, warning, or anything else.. Actual result: -------------- [EMAIL PROTECTED]:~/webmasters/tidybug$ ./tidy.php following line segfaults.. Segmentation fault (core dumped) ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=42728&edit=1
