Edit report at http://bugs.php.net/bug.php?id=51350&edit=1
ID: 51350 Comment by: tyra3l at gmail dot com Reported by: slogster at gmail dot com Summary: recursively including non existing file causes segfault Status: Bogus Type: Bug Package: Reproducible crash Operating System: freebsd & linux PHP Version: 5.2.13 New Comment: should worth to reading it. could you at least give me the year for that discussion? I think, that in this case the script should terminate by memory exhaustion (memory_limit) or time_limit exhaustion, not with segfault. In a managed language I shouldn't be able to do stack overflow from userspace. At least not this easily. Previous Comments: ------------------------------------------------------------------------ [2010-03-22 21:29:00] paj...@php.net That's known and there is no bug per se here. Not everything the suhosin patch does is the right thing to do to solve a problem. As far as I remember there was a (long) discussion on internals about this. You may find it interesting. ------------------------------------------------------------------------ [2010-03-22 21:25:05] tyra3l at gmail dot com suhosin protects against infinite recursion since 2006. if you can crash the php engine from userland, then you can reset the seed http://www.baohx.com/extras/zendcon/lesserknownsecurityproblemsinphpapplications.pdf page 33: attacker can get fresh seed by crashing php. so its not only an inconvinience, but can be a security problem also. Tyrael ------------------------------------------------------------------------ [2010-03-22 17:45:16] johan...@php.net Recusrion in PHP leads to a stack overflow for the process, which we can't properly handle ourselves so the operating system terminates the PHP process. This is the expected behavior. ------------------------------------------------------------------------ [2010-03-22 17:08:20] slogster at gmail dot com Description: ------------ function a(){include("/nofile"); a();} a(); /nofine is non existing file Test script: --------------- function a(){include("/nofile"); a();} a(); /nofile is non existing file Expected result: ---------------- should not segfault Actual result: -------------- segfault ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/bug.php?id=51350&edit=1