ID: 14515
Updated by: sterling
Reported By: [EMAIL PROTECTED]
Old Status: Analyzed
Status: Critical
Old Bug Type: PCRE related
Bug Type: Reproducible crash
Operating System: linux 2.4.16
PHP Version: 4.1.0
New Comment:
Not a PCRE bug, but a general bug related to the misuse of PCRE.
Previous Comments:
------------------------------------------------------------------------
[2002-01-26 20:09:29] [EMAIL PROTECTED]
Could you provide "short & complete" script that segfaults?
>From the backtrace, I changed Category to "PCRE related" for now.
------------------------------------------------------------------------
[2002-01-09 06:05:08] [EMAIL PROTECTED]
I have the same problem, but in a bit different condition.
php compile options: (php 4.1.1 with apache 1.3.22)
./configure --prefix=/usr/local/plesk/apache\
--with-system-regex\
--with-apache=/home/admin/apache/apache_1.3.22\
--with-config-file-path=/usr/local/plesk/apache/etc\
--with-db3=/usr/local/BerkeleyDB.3.2\
--enable-calendar\
--disable-debug\
--disable-pear\
--enable-track-vars\
--with-swf=/usr/local\
--with-mysql=/usr/local/plesk/mysql\
--with-imap\
--without-imap-ssl\
--with-mcrypt=/usr/local\
--with-dom=/usr/local\
--with-pcre\
--with-zlib-dir=/usr/local/include\
--with-mod_charset\
--enable-ftp\
--with-curl=/usr/local/include/curl\
--with-openssl=/usr/local/ssl\
--with-java=/usr/java/jdk1.3.1_01\
--with-zip=/usr/local\
--with-gd=/home/admin/apache/gd-1.8.4\
--with-jpeg-dir=/home/admin/apache/jpeg-6b\
--with-freetype-dir=/home/admin/apache/freetype-2.0.5\
--with-png-dir=/home/admin/apache/libpng-1.2.1\
the problem exactly occurs when I change the URL from http:// to
https:// or vice versa. (They have the same base directory). Which I
have open first on a new browser, it works, other not. PHP code is
similar. Something may be related with the headers sent to browser.
(sorry for broken english)
------------------------------------------------------------------------
[2001-12-15 08:27:52] [EMAIL PROTECTED]
sorry, forgot the stacktrace:
(gdb) bt
#0 0x40a0e333 in php_pcre_replace (regex=0x40ab8b11
"/realm=\"(.*?)\"/i", regex_len=16,
subject=0x8184455 " Basic realm=\"DB-RW-Access\"", subject_len=27,
replace_val=0x81844a4,
is_callable_replace=0, result_len=0xbfffc19c, limit=-1) at
php_pcre.c:768
#1 0x409bf494 in sapi_add_header_ex (header_line=0x8184444
"WWW-Authenticate",
header_line_len=44, duplicate=1 '\001', replace=1 '\001') at
SAPI.c:467
#2 0x40a4b7af in zif_header (ht=1, return_value=0x8184404,
this_ptr=0x0, return_value_used=0)
at head.c:56
#3 0x40996697 in execute (op_array=0x81840e4) at
./zend_execute.c:1590
#4 0x409a8364 in zend_execute_scripts (type=8, retval=0x0,
file_count=3) at zend.c:814
#5 0x409bb8e1 in php_execute_script (primary_file=0xbffff268) at
main.c:1309
#6 0x409b6220 in apache_php_module_main (r=0x816a250,
display_source_mode=0) at sapi_apache.c:90
#7 0x409b71a0 in send_php (r=0x816a250, display_source_mode=0,
filename=0x816bdc8
"/usr/local/WWW/marticole/htdocs/PRIVATE/Hausverwaltung/resthof.php")
at mod_php4.c:575
#8 0x409b7223 in send_parsed_php (r=0x816a250) at mod_php4.c:590
#9 0x806e019 in ap_invoke_handler ()
#10 0x8083aef in process_request_internal ()
#11 0x8083b62 in ap_process_request ()
#12 0x807a696 in child_main ()
#13 0x807a875 in make_child ()
#14 0x807a9f6 in startup_children ()
#15 0x807b07c in standalone_main ()
#16 0x807b8cc in main ()
#17 0x40620c6f in __libc_start_main () from /lib/libc.so.6
(gdb)
------------------------------------------------------------------------
[2001-12-15 08:23:37] [EMAIL PROTECTED]
The only way to get some output was starting the apache inside gdb. I
got the following:
(gdb) run -X -f /usr/local/apache/conf/httpd.conf
Starting program: /usr/local/apache/bin/httpd -X -f
/usr/local/apache/conf/httpd.conf
[New Thread 1024 (LWP 7109)]
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 1024 (LWP 7109)]
0x40a0e333 in php_pcre_replace (regex=0x40ab8b11 "/realm=\"(.*?)\"/i",
regex_len=16,
subject=0x8184455 " Basic realm=\"DB-RW-Access\"", subject_len=27,
replace_val=0x81844a4,
is_callable_replace=0, result_len=0xbfffc19c, limit=-1) at
php_pcre.c:768
768 if ('\\' == *walk || '$' == *walk) {
(gdb)
------------------------------------------------------------------------
[2001-12-14 18:41:15] [EMAIL PROTECTED]
Could you provide backtrace?
http://bugs.php.net/bugs-generating-backtrace.php
Please read how to report bug link also.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/?id=14515
Edit this bug report at http://bugs.php.net/?id=14515&edit=1
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
