From: temnota at kmv dot ru Operating system: Linux RH7.3 PHP version: 4.3.4 PHP Bug Type: MySQL related Bug description: phpmyadmin-2.5.4 + mysql-4.0.15 = crash
Description: ------------ When i try to browse mysql table structure in phpmyadmin it crash. php crash into Zend/zend_API.c:add_property_string_ex but incorrect parametrs coming from mysql module. mysql compilled as shared module Actual result: -------------- #0 0x401cfe27 in strlen () from /lib/libc.so.6 #1 0x404757b6 in add_property_string_ex (arg=0x848a6ac, key=0x40858409 "def", key_len=4, str=0x9 <Address 0x9 out of bounds>, duplicate=1) at /usr/src/redhat/BUILD/php-4.3.4/Zend/zend_API.c:980 #2 0x40856b1a in zif_mysql_fetch_field (ht=1, return_value=0x848a6ac, this_ptr=0x0, return_value_used=1) at /usr/src/redhat/BUILD/php-4.3.4/ext/mysql/php_mysql.c:2163 #3 0x40488463 in execute (op_array=0x8357b78) at /usr/src/redhat/BUILD/php-4.3.4/Zend/zend_execute.c:1616 #4 0x4048863f in execute (op_array=0x82bdd5c) at /usr/src/redhat/BUILD/php-4.3.4/Zend/zend_execute.c:1660 #5 0x4047308c in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /usr/src/redhat/BUILD/php-4.3.4/Zend/zend.c:884 #6 0x40445871 in php_execute_script (primary_file=0xbffff470) at /usr/src/redhat/BUILD/php-4.3.4/main/main.c:1729 #7 0x4049043e in apache_php_module_main (r=0x8139e5c, display_source_mode=0) at /usr/src/redhat/BUILD/php-4.3.4/sapi/apache/sapi_apache.c:54 #8 0x40491173 in send_php (r=0x8139e5c, display_source_mode=0, filename=0x0) at /usr/src/redhat/BUILD/php-4.3.4/sapi/apache/mod_php4.c:620 #9 0x404911d3 in send_parsed_php (r=0x8139e5c) at /usr/src/redhat/BUILD/php-4.3.4/sapi/apache/mod_php4.c:635 #10 0x0805ce63 in ap_invoke_handler () #11 0x08073ea7 in process_request_internal () #12 0x08073f08 in ap_process_request () #13 0x080695c1 in child_main () #14 0x08069790 in make_child () #15 0x08069904 in startup_children () #16 0x08069ff4 in standalone_main () #17 0x0806a873 in main () #18 0x4016d1c4 in __libc_start_main () from /lib/libc.so.6 and other backtrace Breakpoint 2, add_property_string_ex (arg=0x848a6bc, key=0x40894a53 "def", key_len=4, str=0xb <Address 0xb out of bounds>, duplicate=1) at /usr/src/redhat/BUILD/php-4.3.4/Zend/zend_API.c:977 977 MAKE_STD_ZVAL(tmp); (gdb) bt #0 add_property_string_ex (arg=0x848a6bc, key=0x40894a53 "def", key_len=4, str=0xb <Address 0xb out of bounds>, duplicate=1) at /usr/src/redhat/BUILD/php-4.3.4/Zend/zend_API.c:977 #1 0x40892f2c in zif_mysql_fetch_field (ht=1, return_value=0x848a6bc, this_ptr=0x0, return_value_used=1) at /usr/src/redhat/BUILD/php-4.3.4/ext/mysql/php_mysql.c:2163 #2 0x404bf51f in execute (op_array=0x8357b78) at /usr/src/redhat/BUILD/php-4.3.4/Zend/zend_execute.c:1616 [skipp] (gdb) return Make add_property_string_ex return now? (y or n) y #0 0x40892f2c in zif_mysql_fetch_field (ht=1, return_value=0x848a6bc, this_ptr=0x0, return_value_used=1) at /usr/src/redhat/BUILD/php-4.3.4/ext/mysql/php_mysql.c:2163 2163 add_property_string(return_value, "def",(mysql_field->def?mysql_field->def:empty_string), 1); (gdb) print mysql_field[0] $2 = {name = 0x8451750 "idp", table = 0x8451748 "bufer", org_table = 0x0, db = 0x3 <Address 0x3 out of bounds>, def = 0xb <Address 0xb out of bounds>, length = 7, max_length = 49667, flags = 0, decimals = 138745696, type = 138745688} (gdb) cont -- Edit bug report at http://bugs.php.net/?id=26208&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=26208&r=trysnapshot4 Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=26208&r=trysnapshot5 Fixed in CVS: http://bugs.php.net/fix.php?id=26208&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=26208&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=26208&r=needtrace Try newer version: http://bugs.php.net/fix.php?id=26208&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=26208&r=support Expected behavior: http://bugs.php.net/fix.php?id=26208&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=26208&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=26208&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=26208&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=26208&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=26208&r=dst IIS Stability: http://bugs.php.net/fix.php?id=26208&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=26208&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=26208&r=float