Edit report at https://bugs.php.net/bug.php?id=64836&edit=1
ID: 64836 Updated by: a...@php.net Reported by: r dot biegel at gmx dot at Summary: segfault in softmagic.c Status: Feedback Type: Bug Package: Unknown/Other Function Operating System: Gentoo Linux PHP Version: 5.4.15 Assigned To: ab Block user comment: N Private report: N New Comment: @r dot biegel at gmx dot at Exactly, and the same way you could see with which options finfo_open() was invoked. That were very helpful. Thanks Previous Comments: ------------------------------------------------------------------------ [2013-05-17 15:56:07] a...@php.net @r dot biegel at gmx dot at Could you at least share the file it crashes on please? You can do that walking back in the stack when using gdb. Let me know if you need help with that. ------------------------------------------------------------------------ [2013-05-17 11:48:28] r dot biegel at gmx dot at Downloaded a snapshot today, bug still exists. What commit are you referring to? This bug seems to affect GIFs, but note that it is not this one which is about mp3 files: https://bugs.php.net/bug.php?id=64830 ------------------------------------------------------------------------ [2013-05-14 17:53:58] paj...@php.net The fix for this bug has been committed. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. For Windows: http://windows.php.net/snapshots/ Thank you for the report, and for helping us make PHP better. ------------------------------------------------------------------------ [2013-05-14 16:49:33] r dot biegel at gmx dot at Description: ------------ PHP segfaults when going through the typo3 upgrade wizzard (4.5 -> 6.1) Not shure what's going on, but line 1610 in softmagic.c says: offset += ms->c.li[cont_level-1].off; but cont_level seems to be 0. ====== Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7fffdbfef700 (LWP 20398)] 0x00007fffeeec2e6f in mget (ms=0x7fffd40f1410, s=0x7fffd4704760 "GIF89a", m=0x7fffe8509268, nbytes=4749, o=0, cont_level=0, mode=32, text=0, flip=0, recursion_level=1, printed_something=0x7fffdbfebdd4, need_separator=0x7fffdbfebdd8, returnval=0x7fffdbfebd24) at ext/fileinfo/libmagic/softmagic.c:1610 ====== #0 0x00007fffeeec2e6f in mget (ms=0x7fffd40f1410, s=0x7fffd4704760 "GIF89a", m=0x7fffe8509268, nbytes=4749, o=0, cont_level=0, mode=32, text=0, flip=0, recursion_level=1, printed_something=0x7fffdbfebdd4, need_separator=0x7fffdbfebdd8, returnval=0x7fffdbfebd24) at ext/fileinfo/libmagic/softmagic.c:1610 #1 0x00007fffeeebedec in match (ms=0x7fffd40f1410, magic=0x7fffe83b70e8, nmagic=9629, s=0x7fffd4704760 "GIF89a", nbytes=4749, offset=0, mode=32, text=0, flip=0, recursion_level=0, printed_something=0x7fffdbfebdd4, need_separator=0x7fffdbfebdd8, returnval=0x7fffdbfebd24) at ext/fileinfo/libmagic/softmagic.c:157 #2 0x00007fffeeebeb1d in file_softmagic (ms=0x7fffd40f1410, buf=0x7fffd4704760 "GIF89a", nbytes=4749, mode=32, text=0) at ext/fileinfo/libmagic/softmagic.c:82 #3 0x00007fffeeebc3a5 in file_buffer (ms=0x7fffd40f1410, stream=0x7fffd46d7998, inname=0x0, buf=0x7fffd4704760, nb=4749) at ext/fileinfo/libmagic/funcs.c:238 #4 0x00007fffeeebd698 in file_or_stream (ms=0x7fffd40f1410, inname=0x0, stream=0x7fffd46d7998) at ext/fileinfo/libmagic/magic.c:412 #5 0x00007fffeeebd441 in magic_stream (ms=0x7fffd40f1410, stream=0x7fffd46d7998) at ext/fileinfo/libmagic/magic.c:344 #6 0x00007fffeeeae9b8 in _php_finfo_get_type (ht=2, return_value=0x7fffd46e4e68, return_value_ptr=0x0, this_ptr=0x7fffd46e4e38, return_value_used=1, tsrm_ls=0x7fffd4008900, mode=2, mimetype_emu=0) at ext/fileinfo/fileinfo.c:540 #7 0x00007fffeeeaec40 in zif_finfo_file (ht=2, return_value=0x7fffd46e4e68, return_value_ptr=0x0, this_ptr=0x7fffd46e4e38, return_value_used=1, tsrm_ls=0x7fffd4008900) at ext/fileinfo/fileinfo.c:578 #8 0x00007fffef2f0972 in zend_do_fcall_common_helper_SPEC ( execute_data=0x7ffff7e5db28, tsrm_ls=0x7fffd4008900) at Zend/zend_vm_execute.h:643 #9 0x00007fffef2f1dde in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER ( execute_data=0x7ffff7e5db28, tsrm_ls=0x7fffd4008900) at Zend/zend_vm_execute.h:754 #10 0x00007fffef2ee767 in execute (op_array=0x7fffd45da558, tsrm_ls=0x7fffd4008900) at Zend/zend_vm_execute.h:410 #11 0x00007fffef2a453e in zend_execute_scripts (type=8, tsrm_ls=0x7fffd4008900, retval=0x0, file_count=3) at Zend/zend.c:1315 #12 0x00007fffef1e6053 in php_execute_script (primary_file=0x7fffdbfeea30, tsrm_ls=0x7fffd4008900) at main/main.c:2492 #13 0x00007fffef423efb in php_handler (r=0x7fffd4004980) at sapi/apache2handler/sapi_apache2.c:667 #14 0x00005555555ba9c6 in ap_run_handler (r=0x7fffd4004980) at config.c:169 #15 0x00005555555bb56d in ap_invoke_handler (r=0x7fffd4004980) at config.c:432 #16 0x00005555555db438 in ap_process_async_request (r=0x7fffd4004980) at http_request.c:317 #17 0x00005555555db543 in ap_process_request (r=0x7fffd4004980) at http_request.c:363 #18 0x00005555555d721a in ap_process_http_sync_connection (c=0x7fffe4003228) at http_core.c:190 #19 0x00005555555d7353 in ap_process_http_connection (c=0x7fffe4003228) at http_core.c:231 #20 0x00005555555ca23d in ap_run_process_connection (c=0x7fffe4003228) at connection.c:41 #21 0x00005555555ca828 in ap_process_connection (c=0x7fffe4003228, csd=0x7fffe4003010) at connection.c:202 #22 0x00005555555e5e36 in process_socket (thd=0x5555558a8a78, p=0x7fffe4002f98, sock=0x7fffe4003010, my_child_num=0, my_thread_num=20, bucket_alloc=0x7fffd40008e8) at worker.c:620 #23 0x00005555555e6e1e in worker_thread (thd=0x5555558a8a78, dummy=0x7fffe4000f80) at worker.c:979 #24 0x00007ffff6713f6b in start_thread () from /lib64/libpthread.so.0 #25 0x00007ffff6248d8d in clone () from /lib64/libc.so.6 ====== ./php-config --configure-options --prefix=/usr --build=x86_64-pc-linux-gnu --host=x86_64-pc-linux-gnu --mandir=/usr/share/man --infodir=/usr/share/info --datadir=/usr/share --sysconfdir=/etc --localstatedir=/var/lib --prefix=/usr/lib64/php5.4 --mandir=/usr/lib64/php5.4/man --infodir=/usr/lib64/php5.4/info --libdir=/usr/lib64/php5.4/lib --with-libdir=lib64 --without-pear --enable-maintainer-zts --disable-bcmath --with-bz2=/usr --disable-calendar --enable-ctype --without-curl --without-curlwrappers --enable-dom --without-enchant --disable-exif --enable-fileinfo --enable-filter --enable-ftp --with-gettext=/usr --without-gmp --enable-hash --without-mhash --with-iconv --disable-intl --disable-ipv6 --enable-json --without-kerberos --enable-libxml --with-libxml-dir=/usr --enable-mbstring --with-mcrypt=/usr --without-mssql --with-onig=/usr --with-openssl=/usr --with-openssl-dir=/usr --disable-pcntl --enable-phar --enable-pdo --without-pgsql --enable-posix --without-pspell --without-recode --enable-simplexml --disable-shmop --without-snmp --enable-soap --enable-sockets --without-sqlite3 --without-sybase-ct --enable-sysvmsg --enable-sysvsem --enable-sysvshm --without-tidy --enable-tokenizer --disable-wddx --enable-xml --disable-xmlreader --disable-xmlwriter --without-xmlrpc --without-xsl --enable-zip --with-zlib=/usr --disable-debug --enable-dba --without-cdb --with-db4=/usr --disable-flatfile --with-gdbm=/usr --disable-inifile --without-qdbm --with-freetype-dir=/usr --with-t1lib=/usr --disable-gd-jis-conv --with-jpeg-dir=/usr --with-png-dir=/usr --without-xpm-dir --with-gd --with-imap=/usr --with-imap-ssl=/usr --with-ldap=/usr --without-ldap-sasl --with-mysql=/usr --with-mysql-sock=/var/run/mysqld/mysqld.sock --with-mysqli=/usr/bin/mysql_config --without-pdo-dblib --with-pdo-mysql=/usr --without-pdo-pgsql --without-pdo-sqlite --without-pdo-odbc --with-readline=/usr --without-libedit --without-mm --with-pic --with-pcre-regex=/usr --with-pcre-dir=/usr --with-config-file-path=/etc/php/apache2-php5.4 --with-config-file-scan-dir=/etc/php/apache2-php5.4/ext-active --disable-embed --disable-cli --disable-cgi --disable-fpm --with-apxs2=/usr/sbin/apxs ------------------------------------------------------------------------ -- Edit this bug report at https://bugs.php.net/bug.php?id=64836&edit=1
