ID: 24189 Updated by: [EMAIL PROTECTED] Reported By: anton at valuehost dot ru -Status: Bogus +Status: Open Bug Type: Sockets related Operating System: FreeBSD 4.8 PHP Version: 4.3.2
Previous Comments: ------------------------------------------------------------------------ [2004-07-01 13:53:43] jorton at redhat dot com This is a real bug. The issue is that fd_set is a fixed-size array, and if FD_SET is passed an fd number greater than FD_SETSIZE, it has undefined behaviour, i.e. it overruns the array and corrupts memory. All uses of select() in PHP look to be unsafe because of this. The proper fix is to use poll() on platforms where it is available, and to always check that fd < FD_SETSIZE before using FD_SET. ------------------------------------------------------------------------ [2003-06-15 16:34:13] [EMAIL PROTECTED] let's keep this bogus.. ------------------------------------------------------------------------ [2003-06-15 11:02:43] anton at valuehost dot ru Do not want to help well and it is not necessary, in backtrace I and itself can understand. ------------------------------------------------------------------------ [2003-06-15 10:58:08] [EMAIL PROTECTED] Not enough information -> bogus. (get rid of the zendoptimizer on some machine and provide a backtrace, otherwise -> not bug) ------------------------------------------------------------------------ [2003-06-15 10:55:20] anton at valuehost dot ru In it that all and the problem, on dev server to us was not possible to receive this mistake. The problem arises on production a level what from scripts of users of her causes to understand not really, we hold over 25000 sites. We at once find out any mistakes and we celebrate them quickly enough, and this of us has led up a blind alley :( But I can tell precisely, that all functions which work with socket cease to work, what that restriction on work mod_php is imposed. ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/24189 -- Edit this bug report at http://bugs.php.net/?id=24189&edit=1