ID: 11806
User Update by: [EMAIL PROTECTED]
Old-Status: Feedback
Status: Open
Bug Type: Reproducible crash
Operating system: Linux 2.2.16
PHP Version: 4.0.6
Description: Using $string = md5($string); crashed HTTP child processes

Update:

I have compiled php-4.0.6 with --enable-debug to try and get a backtrace, but when I 
do, the bug vanishes and the same code no longer crashed my httpd child process.. 

Here is some detailed info:

PHP 4.0.6 config line:
./configure  --with-mysql --with-gd --enable-track-vars --with-jpeg-dir=/usr/local/lib 

--enable-bcmath --with-apache=../apache_1.3.20 --enable-ftp --enable-sockets 
--with-mcrypt --enable-debug

and for Apache 1.3.20

EAPI_MM="../mm-1.1.3" \
SSL_BASE="../openssl-0.9.6a" \
./configure \
"--enable-module=ssl" \
"--with-layout=RedHat" \
"--activate-module=src/modules/php4/libphp4.a" \
"--enable-module=rewrite" \

The script that is causing this error is:
http://www.nerdnet.com/compose.phps

As you can see, a use submits a form, which is the source of $cipher, an alphanumeric 
string, which is then encrypted and other actions take place after.

I am not using the Zend Optimizer or anything unusual here at all... If I run the 
httpd thru gdb and reproduce the crash it gives me an error in 
shutdown_memory_manager() when it crashes, but not much else since the bug disappears 
when I compile in debug into PHP...  If any more info is needed let me know... Thanks 
PHP team, you guys rule!!!

Joe



Previous Comments:
---------------------------------------------------------------------------

[2001-06-30 05:10:11] [EMAIL PROTECTED]

Can you please post your script as .txt file on the web, so that I can check how the 
$cipher is generated?
And is it possibly for you to make a backtrace of this crash 
(http://www.php.net/bugs-generating-backtrace.php) as I couldn't reproduce it.

Derick

---------------------------------------------------------------------------

[2001-06-29 14:04:25] [EMAIL PROTECTED]

PHP Options:
'./configure' '--with-mysql' '--with-gd' '--enable-track-vars' 
'--with-jpeg-dir=/usr/local/lib' '--enable-bcmath' '--with-apache=../apache_1.3.20' 
'--enable-ftp' '--enable-sockets' '--with-mcrypt'

The problem I am having is:

When using the code:

$cipher = md5($cipher); httpd crashes the current child process with:

[Fri Jun 29 10:54:49 2001] [notice] child pid 9766 exit signal Segmentation fault (11)
[Fri Jun 29 10:54:50 2001] [notice] child pid 9920 exit signal Segmentation fault (11)

The page then fails to load, returning nothing to the browser.

Also, I have another function called CleanSring($string);  which looks like:

function CleanString($string)
{
        $string = strip_tags($string);
        $string = 
preg_replace("/</?(html|head|meta|title|body|font|img|.jpg|.gif|.vbs|script|tr|table|text).*>/","",$string);

        $string = 
preg_replace("/</?(HTML|HEAD|META|TITLE|BODY|FONT|IMG|.JPG|.GIF|.VBS|SCRIPT|TR|TABLE|TEXT).*>/","",$string);

        $string = preg_replace("/<[^>]*>/","",$string);
        return $string;
}

Calling this function like:

$string = CleanString($string); causes the same problem.

Whats weird is I call md5() again below the problem code:

    $now = date("r");
    $thisID = md5(substr(makeID(), 0, 16));
    $onetimepass = substr(md5($thisID), 0, 8);

And neither of these causes the same problem, even when being used in the same 
document.



---------------------------------------------------------------------------


Full Bug description available at: http://bugs.php.net/?id=11806


-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to