From: Operating system: Linux PHP version: 5.3.9 Package: Apache2 related Bug Type: Bug Bug description:php crash after http post without content type header set
Description: ------------ I wrote some software which post a binary (image) to our server. phplib crashes at the end of a http post without the content type header set. Version apache: [root@www ~]# /usr/sbin/httpd -V Server version: Apache/2.2.3 Server built: Oct 20 2011 17:00:12 Server's Module Magic Number: 20051115:3 Server loaded: APR 1.2.7, APR-Util 1.2.7 Compiled using: APR 1.2.7, APR-Util 1.2.7 Architecture: 64-bit Server MPM: Prefork threaded: no forked: yes (variable process count) Server compiled with.... -D APACHE_MPM_DIR="server/mpm/prefork" -D APR_HAS_SENDFILE -D APR_HAS_MMAP -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) -D APR_USE_SYSVSEM_SERIALIZE -D APR_USE_PTHREAD_SERIALIZE -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT -D APR_HAS_OTHER_CHILD -D AP_HAVE_RELIABLE_PIPED_LOGS -D DYNAMIC_MODULE_LIMIT=128 -D HTTPD_ROOT="/etc/httpd" -D SUEXEC_BIN="/usr/sbin/suexec" -D DEFAULT_PIDLOG="run/httpd.pid" -D DEFAULT_SCOREBOARD="logs/apache_runtime_status" -D DEFAULT_LOCKFILE="logs/accept.lock" -D DEFAULT_ERRORLOG="logs/error_log" -D AP_TYPES_CONFIG_FILE="conf/mime.types" -D SERVER_CONFIG_FILE="conf/httpd.conf" On kill/error/fault I found in error_log: Sat Jan 28 12:56:09 2012] [notice] child pid 17077 exit signal Segmentation fault (11), possible coredump in /tmp So made a coredump: gdb: bt all: [sorry, no debug mode, its commercial server, can't recompile etc] Core was generated by `/usr/sbin/httpd -k start'. Program terminated with signal 11, Segmentation fault. #0 0x00007fe25c5696c0 in zend_hash_num_elements () from /etc/httpd/modules/libphp5.so (gdb) bt full #0 0x00007fe25c5696c0 in zend_hash_num_elements () from /etc/httpd/modules/libphp5.so No symbol table info available. #1 0x00007fe25c519606 in php_register_variable_ex () from /etc/httpd/modules/libphp5.so No symbol table info available. #2 0x00007fe25c432625 in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #3 0x00007fe25c51a0e9 in php_std_post_handler () from /etc/httpd/modules/libphp5.so No symbol table info available. #4 0x00007fe25c513dd3 in sapi_handle_post () from /etc/httpd/modules/libphp5.so No symbol table info available. #5 0x00007fe25c519d2b in php_default_treat_data () from /etc/httpd/modules/libphp5.so No symbol table info available. #6 0x00007fe257248134 in mbstr_treat_data () from /usr/lib64/php/modules/mbstring.so No symbol table info available. #7 0x00007fe25c51a2a1 in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #8 0x00007fe25c50ab65 in php_request_startup () from /etc/httpd/modules/libphp5.so No symbol table info available. #9 0x00007fe25c5e66d8 in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #10 0x00007fe268e89aca in ap_run_handler () No symbol table info available. #11 0x00007fe268e8cf58 in ap_invoke_handler () No symbol table info available. #12 0x00007fe268e97a18 in ap_process_request () No symbol table info available. #13 0x00007fe268e94c50 in ?? () No symbol table info available. #14 0x00007fe268e90d52 in ap_run_process_connection () No symbol table info available. #15 0x00007fe268e9be49 in ?? () No symbol table info available. #16 0x00007fe268e9c0da in ?? () No symbol table info available. #17 0x00007fe268e9c190 in ?? () No symbol table info available. #18 0x00007fe268e9ce7b in ap_mpm_run () No symbol table info available. #19 0x00007fe268e76e48 in main () No symbol table info available. Test script: --------------- Qt source for posting binary without content type set: QString filename = QFileDialog::getOpenFileName(this); QFile* f = new QFile(filename); f->open(QFile::ReadOnly); QNetworkAccessManager* manager = new QNetworkAccessManager(this); QNetworkRequest req(QUrl("http://www.server.com/post.php")); // uncomment line below for bypassing error // req.setHeader(QNetworkRequest::ContentTypeHeader,"image/jpeg"); QNetworkReply* rep = manager->post(req,f); f->setParent(rep); -- Edit bug report at https://bugs.php.net/bug.php?id=60928&edit=1 -- Try a snapshot (PHP 5.4): https://bugs.php.net/fix.php?id=60928&r=trysnapshot54 Try a snapshot (PHP 5.3): https://bugs.php.net/fix.php?id=60928&r=trysnapshot53 Try a snapshot (trunk): https://bugs.php.net/fix.php?id=60928&r=trysnapshottrunk Fixed in SVN: https://bugs.php.net/fix.php?id=60928&r=fixed Fixed in SVN and need be documented: https://bugs.php.net/fix.php?id=60928&r=needdocs Fixed in release: https://bugs.php.net/fix.php?id=60928&r=alreadyfixed Need backtrace: https://bugs.php.net/fix.php?id=60928&r=needtrace Need Reproduce Script: https://bugs.php.net/fix.php?id=60928&r=needscript Try newer version: https://bugs.php.net/fix.php?id=60928&r=oldversion Not developer issue: https://bugs.php.net/fix.php?id=60928&r=support Expected behavior: https://bugs.php.net/fix.php?id=60928&r=notwrong Not enough info: https://bugs.php.net/fix.php?id=60928&r=notenoughinfo Submitted twice: https://bugs.php.net/fix.php?id=60928&r=submittedtwice register_globals: https://bugs.php.net/fix.php?id=60928&r=globals PHP 4 support discontinued: https://bugs.php.net/fix.php?id=60928&r=php4 Daylight Savings: https://bugs.php.net/fix.php?id=60928&r=dst IIS Stability: https://bugs.php.net/fix.php?id=60928&r=isapi Install GNU Sed: https://bugs.php.net/fix.php?id=60928&r=gnused Floating point limitations: https://bugs.php.net/fix.php?id=60928&r=float No Zend Extensions: https://bugs.php.net/fix.php?id=60928&r=nozend MySQL Configuration Error: https://bugs.php.net/fix.php?id=60928&r=mysqlcfg