From: [EMAIL PROTECTED] Operating system: Debian Linux unstable PHP version: 4.2.3 PHP Bug Type: IMAP related Bug description: imap_headerinfo() segfaults
When the number of e-mail addresses in message's "To:" header (propably cc, from and 'friends' too) exceeds 128 elements imap_headerinfo() may segfault. More addresses -> more propable to crash. Up to 128 addresses per header -> no crashes. Little non-debug-mode backtrace: #0 0x4013a7e8 in free () from /lib/libc.so.6 #1 0x4013a4ca in malloc () from /lib/libc.so.6 #2 0x40139ca4 in malloc () from /lib/libc.so.6 #3 0x4025aab5 in _emalloc () from /usr/lib/apache/1.3/libphp4.so #4 0x4027685f in zend_hash_add_or_update () from /usr/lib/apache/1.3/libphp4.so #5 0x4027555c in add_property_string_ex () from /usr/lib/apache/1.3/libphp4.so #6 0x447dbb71 in zif_imap_mime_header_decode () from /usr/lib/php4/20020429/imap.so #7 0x447dbdce in zif_imap_mime_header_decode () from /usr/lib/php4/20020429/imap.so #8 0x447d455d in zif_imap_headerinfo () from /usr/lib/php4/20020429/imap.so #9 0x40265517 in execute () from /usr/lib/apache/1.3/libphp4.so #10 0x4053e6a3 in file_is_shm_ignored () from /etc/php4/apache/php_accelerator_1.3.3.so #11 0x40280b06 in php_execute_script () from /usr/lib/apache/1.3/libphp4.so #12 0x4027c61e in apache_php_module_main () from /usr/lib/apache/1.3/libphp4.so #13 0x4027d11e in php_restore_umask () from /usr/lib/apache/1.3/libphp4.so #14 0x4027d185 in php_restore_umask () from /usr/lib/apache/1.3/libphp4.so #15 0x08053a84 in ap_invoke_handler () #16 0x0806338c in ap_some_auth_required () #17 0x08063671 in ap_internal_redirect () #18 0x40016d23 in _init () from /usr/lib/apache/1.3/mod_dir.so #19 0x08053a84 in ap_invoke_handler () #20 0x0806338c in ap_some_auth_required () #21 0x080633e8 in ap_process_request () #22 0x0805cbcb in ap_child_terminate () #23 0x0805cd5c in ap_child_terminate () #24 0x0805ce79 in ap_child_terminate () #25 0x0805d355 in ap_child_terminate () #26 0x0805da5d in main () #27 0x400e50bf in __libc_start_main () from /lib/libc.so.6 -- Edit bug report at http://bugs.php.net/?id=20654&edit=1 -- Try a CVS snapshot: http://bugs.php.net/fix.php?id=20654&r=trysnapshot Fixed in CVS: http://bugs.php.net/fix.php?id=20654&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=20654&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=20654&r=needtrace Try newer version: http://bugs.php.net/fix.php?id=20654&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=20654&r=support Expected behavior: http://bugs.php.net/fix.php?id=20654&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=20654&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=20654&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=20654&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=20654&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=20654&r=dst IIS Stability: http://bugs.php.net/fix.php?id=20654&r=isapi