#24189 [Bgs->Opn]: big problem on stream function

Wed, 07 Jul 2004 01:55:59 -0700 

 ID:               24189
 Updated by:       [EMAIL PROTECTED]
 Reported By:      anton at valuehost dot ru
-Status:           Bogus
+Status:           Open
 Bug Type:         Sockets related
 Operating System: FreeBSD 4.8
 PHP Version:      4.3.2


Previous Comments:
------------------------------------------------------------------------

[2004-07-01 13:53:43] jorton at redhat dot com

This is a real bug.

The issue is that fd_set is a fixed-size array, and if FD_SET is passed
an fd number greater than FD_SETSIZE, it has undefined behaviour, i.e.
it overruns the array and corrupts memory.

All uses of select() in PHP look to be unsafe because of this.  The
proper fix is to use poll() on platforms where it is available, and to
always check that fd < FD_SETSIZE before using FD_SET.

------------------------------------------------------------------------

[2003-06-15 16:34:13] [EMAIL PROTECTED]

let's keep this bogus..


------------------------------------------------------------------------

[2003-06-15 11:02:43] anton at valuehost dot ru

Do not want to help well and it is not necessary, in backtrace I and
itself can understand.

------------------------------------------------------------------------

[2003-06-15 10:58:08] [EMAIL PROTECTED]

Not enough information -> bogus. (get rid of the zendoptimizer on some
machine and provide a backtrace, otherwise -> not bug)


------------------------------------------------------------------------

[2003-06-15 10:55:20] anton at valuehost dot ru

In it that all and the problem, on dev server to us was not possible to
receive this mistake.
The problem arises on production a level what from scripts of users of
her causes to understand not really, we hold over 25000 sites.

We at once find out any mistakes and we celebrate them quickly enough,
and this of us has led up a blind alley :(

But I can tell precisely, that all functions which work with socket
cease to work, what that restriction on work mod_php is imposed.

------------------------------------------------------------------------

The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
    http://bugs.php.net/24189

-- 
Edit this bug report at http://bugs.php.net/?id=24189&edit=1

Reply via email to