ID: 31433
User updated by: dgrimes at scvl dot com
Reported By: dgrimes at scvl dot com
Status: Open
Bug Type: Reproducible crash
Operating System: SCO OpenServer 5
PHP Version: 4CVS, 5CVS (2005-01-22)
New Comment:
After additional testing I found that MAXPATHLEN needs to be increased
to 4096. Although 1024 kept PHP from core dumpping, certain functions
like shell_exec would not execute properly.
Dean
Previous Comments:
------------------------------------------------------------------------
[2005-01-28 05:06:14] dgrimes at scvl dot com
Here is the fix:
main/php.h
set MAXPATHLEN from 256 to 1024
diff -c php.h.org php.h
*** php.h.org Thu Jan 27 20:54:04 2005
--- php.h Thu Jan 27 20:56:13 2005
***************
*** 250,256 ****
# ifdef PATH_MAX
# define MAXPATHLEN PATH_MAX
# else
! # define MAXPATHLEN 256 /* Should be safe for any weird systems
that do no
t define it */
# endif
#endif
--- 250,256 ----
# ifdef PATH_MAX
# define MAXPATHLEN PATH_MAX
# else
! # define MAXPATHLEN 1024 /* Should be safe for any weird systems
that do n
ot define it */
# endif
#endif
------------------------------------------------------------------------
[2005-01-26 17:36:42] dgrimes at scvl dot com
SCO sent this to me:
Dean, Please have a look at this TA and let me know if you think this
will help your situation. It appears that this is applicable to
OSr5.0.0 to 5.0.6.
Thanks,
Todd
*********************** TA # 100815 **********************************
Calling realpath(S) from within my program causes a core dump.
KEYWORDS: v5 5.0.0 osr5 openserver dev sys development system ds getcwd
realpath memory fault coredump core dump ENGREF LTD-246-807
RELEASE: SCO OpenServer Development System Release 5.0.0
PROBLEM: If I make a call to realpath(S) from within my source I find
that, when compiled, the resulting binary will terminate with
the error:
Memory fault(coredump)
CAUSE: The character buffer passed to realpath(S) is being passed
to
a function called pathcanon(). This function is calling
getcwd(S)
with a buffer size of 4096 bytes. getcwd(S) clears this
buffer
and overruns the stack causing the core dump.
SOLUTION: This problem has been reported to SCO Engineering.
To work around this problem, make sure that the character
buffer passed to realpath(S) is 4096 bytes in size:
char buff[4096];
realpath(filename, buff);
where 'filename' is the name of the file whose path you wish
to resolve.
--------------------------------------
Thanks,
Dean
------------------------------------------------------------------------
[2005-01-26 06:18:49] [EMAIL PROTECTED]
See also bug #23665
------------------------------------------------------------------------
[2005-01-26 06:14:08] [EMAIL PROTECTED]
You could ask SCO support why the realpath() function is called from
libsocket.so.2 and not from libc.so.1..
------------------------------------------------------------------------
[2005-01-26 05:49:06] [EMAIL PROTECTED]
Can you provide the above backtrace but using the snapshot?
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/31433
--
Edit this bug report at http://bugs.php.net/?id=31433&edit=1
