From: [EMAIL PROTECTED]
Operating system: FreeBSD6
PHP version: 5.3CVS-2008-09-13 (CVS)
PHP Bug Type: Filesystem function related
Bug description: finfo_open() segfaults with wrong file name in 64-bit machine
Description:
------------
See below.
Reproduce code:
---------------
Starting program: /usr/home/felipe/php5/sapi/cli/php -r 'print
finfo_open(NULL, PHP_INT_MAX);'
warning: Unable to get location for thread creation breakpoint: generic
error
[New LWP 100130]
[New Thread 0xbad000 (LWP 100130)]
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xbad000 (LWP 100130)]
0x0000000801cd2520 in strlen () from /lib/libc.so.6
(gdb) bt
#0 0x0000000801cd2520 in strlen () from /lib/libc.so.6
#1 0x0000000000672713 in vspprintf (pbuf=0x7fffffffdb98, max_len=0,
format=0x7fffffffdc08 "", ap=0x7fffffffdbd0)
at /usr/home/felipe/php5/main/spprintf.c:564
#2 0x00000000004ba7a3 in file_error_core (ms=0xbd64c8, error=0,
f=0x9713b4 "bad magic in `%s'", va=0x7fffffffdbd0, lineno=0)
at /usr/home/felipe/php5/ext/fileinfo/libmagic/funcs.c:96
#3 0x00000000004ba904 in file_error (ms=0x400, error=5128,
f=0x7fffffffdc08 "") at
/usr/home/felipe/php5/ext/fileinfo/libmagic/funcs.c:119
#4 0x00000000004b9127 in apprentice_1 (ms=0xbd64c8, fn=0xbd6610
"/usr/home/felipe/php5/9223372036854775807", action=0, mlist=0xbd6650)
at /usr/home/felipe/php5/ext/fileinfo/libmagic/apprentice.c:1904
#5 0x00000000004b926d in file_apprentice (ms=0xbd64c8, fn=0x0, action=0)
at /usr/home/felipe/php5/ext/fileinfo/libmagic/apprentice.c:336
#6 0x00000000004bb078 in magic_load (ms=0xbd64c8, magicfile=0x1408 <Error
reading address 0x1408: Bad address>)
at /usr/home/felipe/php5/ext/fileinfo/libmagic/magic.c:192
#7 0x00000000004b5f3f in zif_finfo_open (ht=1024, return_value=0xbd5640,
return_value_ptr=0x7fffffffdc08, this_ptr=0x0, return_value_used=12,
tsrm_ls=0xba4640) at
/usr/home/felipe/php5/ext/fileinfo/fileinfo.c:351
#8 0x00000000006ed5a5 in zend_do_fcall_common_helper_SPEC
(execute_data=0xef5040, tsrm_ls=0xba4640) at zend_vm_execute.h:315
#9 0x00000000006ec792 in execute (op_array=0xbd5d70, tsrm_ls=0xba4640) at
zend_vm_execute.h:104
#10 0x00000000006bb866 in zend_eval_string (str=0xbd5d70 "\004]�",
retval_ptr=0x0, string_name=0x0, tsrm_ls=0xba4640)
at /usr/home/felipe/php5/Zend/zend_execute_API.c:1118
#11 0x00000000006bba1b in zend_eval_string_ex (str=0x400 <Error reading
address 0x400: Bad address>, retval_ptr=0x1408,
string_name=0x7fffffffdc08 "", handle_exceptions=1, tsrm_ls=0xba4640)
at /usr/home/felipe/php5/Zend/zend_execute_API.c:1153
#12 0x000000000076c00f in main (argc=3, argv=0x7fffffffe878) at
/usr/home/felipe/php5/sapi/cli/php_cli.c:1219
--
Edit bug report at http://bugs.php.net/?id=46071&edit=1
--
Try a CVS snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=46071&r=trysnapshot52
Try a CVS snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=46071&r=trysnapshot53
Try a CVS snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=46071&r=trysnapshot60
Fixed in CVS: http://bugs.php.net/fix.php?id=46071&r=fixedcvs
Fixed in release:
http://bugs.php.net/fix.php?id=46071&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=46071&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=46071&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=46071&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=46071&r=support
Expected behavior: http://bugs.php.net/fix.php?id=46071&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=46071&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=46071&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=46071&r=globals
PHP 4 support discontinued: http://bugs.php.net/fix.php?id=46071&r=php4
Daylight Savings: http://bugs.php.net/fix.php?id=46071&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=46071&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=46071&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=46071&r=float
No Zend Extensions: http://bugs.php.net/fix.php?id=46071&r=nozend
MySQL Configuration Error: http://bugs.php.net/fix.php?id=46071&r=mysqlcfg
