Edit report at http://bugs.php.net/bug.php?id=51977&edit=1
ID: 51977 Updated by: fel...@php.net Reported by: znfwhy at 163 dot com Summary: thttpd segfault on X86_64? -Status: Open +Status: Assigned Type: Bug Package: Other web server Operating System: Debian Squeeze PHP Version: 5.2.13 -Assigned To: +Assigned To: sas Previous Comments: ------------------------------------------------------------------------ [2010-06-03 05:08:56] znfwhy at 163 dot com Recompiled php5 with --enable-debug, and backtrace info listed below. But this issue is cased by line 1770, file sapi/thttpd/thttpd_patch of php5. Type miss match whiling convert pointer to int on X86_64. (gdb) bt #0 0x0000003d7d278d80 in strlen () from /lib/libc.so.6 #1 0x0000003d7d278ab6 in strdup () from /lib/libc.so.6 #2 0x000000000043b693 in thttpd_request_ctor () at php_thttpd.c:458 #3 0x000000000043b848 in thttpd_real_php_request (hc=0xa1f300, show_source=0) at php_thttpd.c:671 #4 0x000000000043b938 in thttpd_php_request (hc=0xa1f300, show_source=0) at php_thttpd.c:704 #5 0x0000000000432c44 in really_start_request (hc=0xa1f300, nowP=0x7fff4b0bba20) at libhttpd.c:3708 #6 0x0000000000433077 in httpd_start_request (hc=0xa1f300, nowP=0x7fff4b0bba20) at libhttpd.c:3801 #7 0x000000000042707c in boot_request (c=0x9fb880, tvP=0x7fff4b0bba20) at thttpd.c:1548 #8 0x00000000004277a3 in handle_read_body (c=0x9fb880, tvP=0x7fff4b0bba20) at thttpd.c:1774 #9 0x0000000000424a7d in main (argc=3, argv=0x7fff4b0bcc68) at thttpd.c:617 ------------------------------------------------------------------------ [2010-06-02 17:26:22] johan...@php.net The thttpd code isn't really maintained since 2005. I looked throught code but couldn't find the relevant strdup call. Could you please recompile PHP using --enable-debug and then generate a "bt full", maybe the issue can be found then. ------------------------------------------------------------------------ [2010-06-02 17:18:29] znfwhy at 163 dot com Description: ------------ HTTP POST with 16KB more content will cause thttpd segfault on X86_64. here is the back trace result: ... Program received signal SIGSEGV, Segmentation fault. 0x0000003d7d278d80 in strlen () from /lib/libc.so.6 (gdb) bt #0 0x0000003d7d278d80 in strlen () from /lib/libc.so.6 #1 0x0000003d7d278ab6 in strdup () from /lib/libc.so.6 #2 0x0000000000432cf0 in thttpd_php_request () #3 0x000000000042d7bb in httpd_start_request () #4 0x0000000000423a84 in _start () Test script: --------------- <html> <head> PHP5 test page </head> <body> <div id=main style="width: 130px; height: 130px;"> <form method="POST" enctype="text/html" action="/test.php"> <textarea name=test> </textarea> <input type="submit" value="submit"> </form> </div> </body> </html> Expected result: ---------------- info of PHP5 printed by test.php. Actual result: -------------- nothing, but thttpd exit with segfault. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/bug.php?id=51977&edit=1