ID: 41451
Updated by: [EMAIL PROTECTED]
Reported By: farayi dot nyamadzawo at unodc dot org
-Status: Open
+Status: Bogus
Bug Type: Filesystem function related
Operating System: Redhat
PHP Version: 5.2.2
New Comment:
I don't think a segfault somewhere deep inside of /lib/libcrypto.so.4
has something to do with PHP.
Try updating OpenSSL or reporting it to OpenSSL developers, there is
not much we can do about it.
Previous Comments:
------------------------------------------------------------------------
[2007-05-21 15:08:07] farayi dot nyamadzawo at unodc dot org
I have tried the latest php 5 snapshot and still i get the same problem
. please see below the backtrace information.
Core was generated by `php interface.php -fconfig/refreshprojects.xml
-rRefreshP
rojects'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /lib/libcrypt.so.1...done.
Loaded symbols for /lib/libcrypt.so.1
Reading symbols from /usr/local/lib/libexslt.so.0...done.
Loaded symbols for /usr/local/lib/libexslt.so.0
Reading symbols from /lib/tls/libpthread.so.0...done.
Loaded symbols for /lib/tls/libpthread.so.0
Reading symbols from /lib/tls/libm.so.6...done.
Loaded symbols for /lib/tls/libm.so.6
Reading symbols from /lib/tls/librt.so.1...done.
Loaded symbols for /lib/tls/librt.so.1
Reading symbols from /usr/lib/libldap-2.2.so.7...done.
Loaded symbols for /usr/lib/libldap-2.2.so.7
Reading symbols from /usr/lib/liblber-2.2.so.7...done.
Loaded symbols for /usr/lib/liblber-2.2.so.7
Reading symbols from /usr/local/lib/libfreetype.so.6...done.
Loaded symbols for /usr/local/lib/libfreetype.so.6
Reading symbols from /usr/local/lib/libpng12.so.0...done.
Loaded symbols for /usr/local/lib/libpng12.so.0
Reading symbols from /usr/local/lib/libjpeg.so.62...done.
Loaded symbols for /usr/local/lib/libjpeg.so.62
Reading symbols from /usr/lib/libcurl.so.3...done.
Loaded symbols for /usr/lib/libcurl.so.3
Reading symbols from /lib/libresolv.so.2...done.
Loaded symbols for /lib/libresolv.so.2
Reading symbols from /lib/libdl.so.2...done.
Loaded symbols for /lib/libdl.so.2
Reading symbols from /lib/libnsl.so.1...done.
Loaded symbols for /lib/libnsl.so.1
Reading symbols from /lib/libssl.so.4...done.
Loaded symbols for /lib/libssl.so.4
Reading symbols from /lib/libcrypto.so.4...done.
Loaded symbols for /lib/libcrypto.so.4
Reading symbols from /usr/lib/libgssapi_krb5.so.2...done.
Loaded symbols for /usr/lib/libgssapi_krb5.so.2
Reading symbols from /usr/lib/libkrb5.so.3...done.
Loaded symbols for /usr/lib/libkrb5.so.3
Reading symbols from /lib/libcom_err.so.2...done.
Loaded symbols for /lib/libcom_err.so.2
Reading symbols from /usr/lib/libk5crypto.so.3...done.
Loaded symbols for /usr/lib/libk5crypto.so.3
Reading symbols from /usr/lib/libidn.so.11...done.
Loaded symbols for /usr/lib/libidn.so.11
Reading symbols from /usr/local/lib/libxslt.so.1...done.
Loaded symbols for /usr/local/lib/libxslt.so.1
Reading symbols from /usr/lib/libxml2.so.2...done.
Loaded symbols for /usr/lib/libxml2.so.2
Reading symbols from /lib/tls/libc.so.6...done.
Loaded symbols for /lib/tls/libc.so.6
Reading symbols from /usr/lib/libz.so.1...done.
Loaded symbols for /usr/lib/libz.so.1
Reading symbols from /lib/ld-linux.so.2...done.
Loaded symbols for /lib/ld-linux.so.2
Reading symbols from /usr/lib/libsasl2.so.2...done.
Loaded symbols for /usr/lib/libsasl2.so.2
Reading symbols from /lib/libnss_files.so.2...done.
Loaded symbols for /lib/libnss_files.so.2
Reading symbols from /lib/libnss_dns.so.2...done.
Loaded symbols for /lib/libnss_dns.so.2
#0 0x00bb78e7 in ASN1_template_free () from /lib/libcrypto.so.4
(gdb) bt
#0 0x00bb78e7 in ASN1_template_free () from /lib/libcrypto.so.4
#1 0x00bb7873 in ASN1_primitive_free () from /lib/libcrypto.so.4
#2 0x00bb7983 in ASN1_item_free () from /lib/libcrypto.so.4
#3 0x00bb2d3c in X509_CERT_AUX_free () from /lib/libcrypto.so.4
#4 0x00bb299a in X509_CINF_free () from /lib/libcrypto.so.4
#5 0x00bb77b3 in ASN1_primitive_free () from /lib/libcrypto.so.4
#6 0x00bb7983 in ASN1_item_free () from /lib/libcrypto.so.4
#7 0x00bb2ac1 in X509_free () from /lib/libcrypto.so.4
#8 0x00b9d5eb in sk_pop_free () from /lib/libcrypto.so.4
#9 0x00c5c737 in ssl_sess_cert_free () from /lib/libssl.so.4
#10 0x00c5d4a9 in SSL_SESSION_free () from /lib/libssl.so.4
#11 0x00c5b24b in SSL_free () from /lib/libssl.so.4
#12 0x080c7fdd in php_openssl_sockop_close (stream=0xb7d0da80,
close_handle=1)
at /home/adam/php5.2-200705211030/ext/openssl/xp_ssl.c:267
#13 0x082c1505 in _php_stream_free (stream=0xb7d0da80,
close_options=3)
at /home/adam/php5.2-200705211030/main/streams/streams.c:346
#14 0x082554a4 in zif_file_get_contents (ht=1,
return_value=0xb7bfc3c4,
return_value_ptr=0x0, this_ptr=0x0, return_value_used=1)
at /home/adam/php5.2-200705211030/ext/standard/file.c:574
#15 0x08302dca in zend_do_fcall_common_helper_SPEC
(execute_data=0xbfec1070)
at /home/adam/php5.2-200705211030/Zend/zend_vm_execute.h:200
#16 0x08302551 in execute (op_array=0xb7d1c9f8)
at /home/adam/php5.2-200705211030/Zend/zend_vm_execute.h:92
---Type <return> to continue, or q <return> to quit---
#17 0x0830279d in zend_do_fcall_common_helper_SPEC
(execute_data=0xbfec2b50)
at /home/adam/php5.2-200705211030/Zend/zend_vm_execute.h:234
#18 0x08302551 in execute (op_array=0xb7d18ca0)
at /home/adam/php5.2-200705211030/Zend/zend_vm_execute.h:92
#19 0x0830279d in zend_do_fcall_common_helper_SPEC
(execute_data=0xbfec5920)
at /home/adam/php5.2-200705211030/Zend/zend_vm_execute.h:234
#20 0x08302551 in execute (op_array=0xb7d8989c)
at /home/adam/php5.2-200705211030/Zend/zend_vm_execute.h:92
#21 0x0830279d in zend_do_fcall_common_helper_SPEC
(execute_data=0xbfec6200)
at /home/adam/php5.2-200705211030/Zend/zend_vm_execute.h:234
#22 0x08302551 in execute (op_array=0xa651690)
at /home/adam/php5.2-200705211030/Zend/zend_vm_execute.h:92
#23 0x0830279d in zend_do_fcall_common_helper_SPEC
(execute_data=0xbfec6430)
at /home/adam/php5.2-200705211030/Zend/zend_vm_execute.h:234
#24 0x08302551 in execute (op_array=0xb7fb0844)
at /home/adam/php5.2-200705211030/Zend/zend_vm_execute.h:92
#25 0x082e9361 in zend_execute_scripts (type=8, retval=0x0,
file_count=3)
at /home/adam/php5.2-200705211030/Zend/zend.c:1134
#26 0x082b1a79 in php_execute_script (primary_file=0xbfec8890)
at /home/adam/php5.2-200705211030/main/main.c:1794
#27 0x083639a7 in main (argc=4, argv=0xbfec8964)
at /home/adam/php5.2-200705211030/sapi/cli/php_cli.c:1138
(gdb)
------------------------------------------------------------------------
[2007-05-20 21:29:48] [EMAIL PROTECTED]
Please try using this CVS snapshot:
http://snaps.php.net/php5.2-latest.tar.gz
For Windows (zip):
http://snaps.php.net/win32/php5.2-win32-latest.zip
For Windows (installer):
http://snaps.php.net/win32/php5.2-win32-installer-latest.msi
I wasn't able to reproduce your problem using your function with either
a local file, an file from an ftp server or from an http site. If the
problem still exists with a current snapshot please give more
information what kind of file you're trying to transfer and a gdb
backtrace. Thanks.
------------------------------------------------------------------------
[2007-05-20 18:29:38] farayi dot nyamadzawo at unodc dot org
The following function also gives a error
*** glibc detected *** free(): invalid next size (normal): 0x00632898
***
function upload_file_from_url($filename, $url, $dir = 'transfer/docs/',
$overwrite_uid = false)
{
//ver. 2.0
if($fp = fopen($url,"rb")) //file exists
{
//generate UNQ name
$filename = $filename;
$filetype = 'application/octet-stream';
$fileinfo = pathinfo($filename);
$fname = $fileinfo['filename'];
$filedata = @file_get_contents($url);
if(!$filedata) return false;
$filesize = strlen($filedata);
if($filesize == 0)
{
return false;
}
//check file exists
$exists = true;
$i = 0;
while(file_exists($root.$dir.$fname.'.'.$fileinfo['extension']))
{
$i++;
$fname.= '-'.$i;
}
$filepath = $fname.'.'.$fileinfo['extension'];
//store file
if(!file_put_contents($root.$dir.$filepath, $filedata)) return
false;
return array('name' => $filename,'size'=>$filesize, 'path'=>
$filepath);
}
else
{
return false;
}
}
------------------------------------------------------------------------
[2007-05-20 18:14:32] farayi dot nyamadzawo at unodc dot org
Description:
------------
I am running the below script from command line.it gives me a
segmentation error when it is trying to download files and save them and
return any arraz.
I get the following error
glibc detected *** free(): invalid next size
function attached below
./configure --with-apxs2=/usr/local/apache2/bin/apxs --with-openssl
--with-zlib --enable-bcmath --enable-calendar --with-curl
--enable-dom --enable-exif --with-gd --with-jpeg-dir=/usr
--with-png-dir=/usr --with-freetype-dir=/usr --with-iconv
--enable-json --with-mysql --enable-xml --with-xsl --enable-zip
--enable-shared --with-ldap=/usr --with-mysqli --enable-mbstring
PHP 5.2.2 (cli)
Archive_Tar 1.3.2 stable
Console_Getopt 1.2.2 stable
DB 1.7.11 stable
PEAR 1.5.4 stable
Structures_Graph 1.0.2 stable
Reproduce code:
---------------
function upload_file_from_url($filename, $url, $dir = 'transfer/docs/',
$overwrite_uid = false)
{
//ver. 2.0
//error_reporting(E_ALL);
if($fp = fopen($url,"rb")) //file exists
{
logmsg ("DEBUG:UPLOAD - open remote file.");
//generate UNQ name
$filename = $filename;
$filetype = 'application/octet-stream';
$fileinfo = pathinfo($filename);
$fname = $fileinfo['filename'];
$filedata = '';
logmsg ("DEBUG:UPLOAD - read remote file.");
while (!feof($fp)) {
$filedata .= fread($fp, 8192);
}
if(!$filedata)
{
fclose($fp);
return false;
}
logmsg ("DEBUG:UPLOAD - reading done!");
logmsg ("DEBUG:UPLOAD - check file size");
$filesize = strlen($filedata);
if($filesize == 0)
{
fclose($fp);
return false;
}
logmsg ("DEBUG:UPLOAD - size is ok:{$filesize}");
logmsg ("DEBUG:UPLOAD - check existance of filename");
//check file exists
$exists = true;
$i = 0;
while(file_exists($this->web_root.$dir.$fname.'.'.$fileinfo['extension']))
{
$i++;
$fname.= '-'.$i;
}
$filepath = $fname.'.'.$fileinfo['extension'];
logmsg ("DEBUG:UPLOAD - check name done. using - ".$filepath);
logmsg ("DEBUG:UPLOAD - copy data..");
//store file
$fpl = fopen($this->web_root.$dir.$filepath,"w");
if($fpl)
{
fwrite($fpl,$filedata,$filesize);
fclose($fpl);
}
else
{
fclose($fp);
return false;
}
fclose($fp);
logmsg ("DEBUG:UPLOAD - data copied - done.");
return array('name' => $filename,'size'=>$filesize, 'path'=>
$filepath);
}
else
{
return false;
}
}
Expected result:
----------------
download files from website , store and return array
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=41451&edit=1
