Bug #63236 [Opn->Csd]: Executable permission on various source files
Edit report at https://bugs.php.net/bug.php?id=63236&edit=1 ID: 63236 Updated by: larue...@php.net Reported by:r...@php.net Summary:Executable permission on various source files -Status: Open +Status: Closed Type: Bug Package:*General Issues Operating System: GNU/Linux PHP Version:5.4Git-2012-10-08 (Git) Block user comment: N Private report: N New Comment: Automatic comment on behalf of laruence Revision: http://git.php.net/?p=php-src.git;a=commit;h=6284ef112ef870b791b8dfab36a39c4664744cc5 Log: Fixed bug #63236 (Executable permission on various source files) Previous Comments: [2012-10-08 07:55:14] r...@php.net Description: Not a big issue, but easy to fix one. This raises some warnings (rpmlint) for packaging on the "debuginfo" package. Test script: --- find . -name \*.[ch] -executable Expected result: empty result Actual result: -- ./Zend/zend_iterators.c ./Zend/zend_build.h ./Zend/zend_interfaces.h ./Zend/zend_interfaces.c ./Zend/zend_iterators.h ./ext/sqlite/libsqlite/src/config_static.w32.h ./ext/pcntl/pcntl.c ./ext/interbase/php_ibase_includes.h ./ext/com_dotnet/com_persist.c ./ext/enchant/enchant.c ./ext/pdo_oci/php_pdo_oci_int.h ./ext/pdo_oci/php_pdo_oci.h ./ext/pdo_oci/oci_statement.c ./ext/pdo_oci/oci_driver.c ./ext/pdo_oci/pdo_oci.c ./ext/mbstring/libmbfl/filters/mbfilter_iso8859_16.h ./ext/mbstring/libmbfl/filters/mbfilter_iso8859_16.c ./ext/mbstring/libmbfl/mbfl/mbfl_defs.h ./ext/mbstring/oniguruma/enc/utf32_le.c ./ext/mbstring/oniguruma/enc/utf32_be.c ./ext/mbstring/oniguruma/enc/utf16_be.c ./ext/mbstring/oniguruma/enc/utf16_le.c ./ext/mbstring/oniguruma/regext.c ./ext/pdo_mysql/pdo_mysql.c ./ext/pdo_mysql/mysql_statement.c ./ext/pdo_mysql/mysql_driver.c ./ext/pdo_mysql/php_pdo_mysql.h ./ext/pdo_mysql/php_pdo_mysql_int.h ./ext/pdo/php_pdo.h ./ext/pdo/php_pdo_int.h ./ext/pdo/pdo_stmt.c ./ext/pdo/pdo.c ./ext/pdo/php_pdo_driver.h ./ext/pdo/pdo_dbh.c ./ext/spl/spl_exceptions.c ./ext/spl/spl_functions.h ./ext/spl/spl_exceptions.h ./ext/spl/spl_functions.c ./ext/spl/spl_array.h ./ext/spl/spl_observer.c ./ext/spl/spl_directory.h ./ext/spl/spl_directory.c ./ext/spl/spl_array.c ./ext/spl/php_spl.c ./ext/spl/spl_engine.h ./ext/spl/spl_iterators.c ./ext/spl/php_spl.h ./ext/spl/spl_iterators.h ./ext/spl/spl_observer.h ./ext/spl/spl_engine.c ./ext/simplexml/sxe.h ./ext/simplexml/php_simplexml_exports.h ./ext/simplexml/sxe.c ./ext/dba/php_db1.h ./ext/dba/dba_db1.c ./ext/dba/dba_qdbm.c ./ext/pdo_odbc/odbc_stmt.c ./ext/pdo_odbc/php_pdo_odbc_int.h ./ext/pdo_odbc/pdo_odbc.c ./ext/pdo_odbc/odbc_driver.c ./ext/standard/winver.h ./main/streams/glob_wrapper.c ./main/streams/php_stream_glob_wrapper.h ./main/streams/streams.c ./main/php_streams.h ./win32/globals.c ./win32/php_win32_globals.h -- Edit this bug report at https://bugs.php.net/bug.php?id=63236&edit=1
Bug #63235 [Opn->Csd]: buffer overflow in use of SQLGetDiagRec
Edit report at https://bugs.php.net/bug.php?id=63235&edit=1
ID: 63235
Updated by: larue...@php.net
Reported by:r...@php.net
Summary:buffer overflow in use of SQLGetDiagRec
-Status: Open
+Status: Closed
Type: Bug
Package:PDO related
Operating System: GNU/Linux
PHP Version:5.4.7
Block user comment: N
Private report: N
New Comment:
Automatic comment on behalf of laruence
Revision:
http://git.php.net/?p=php-src.git;a=commit;h=45e0d452c5c369f0141fde780a6cbdd35d8f55b4
Log: Fixed bug #63235 (buffer overflow in use of SQLGetDiagRec)
Previous Comments:
[2012-10-09 04:58:21] r...@php.net
@laruence: thanks, but I don't have commit right on php-src (only on pecl)
[2012-10-09 02:12:59] larue...@php.net
yeah, I think you can commit that patch. thanks
[2012-10-08 18:14:02] r...@php.net
@laruence, I agree, but is this case should rather be SQL_MAX_MESSAGE_LENGTH+1
as used in unixODBC source code.
But this have no risk as this is (mostly) protected by the buffer_length arg.
>From extract_sql_error_rec function source code
(unixODBC-2.3.1/DriverManager/SQLGetDiagRec.c)
if ( sqlstate )
strcpy((char*) sqlstate, "0" );
Here is the buffer overflow issue (no length protection).
[2012-10-08 15:35:02] larue...@php.net
maybe the discard_buf should also be consistent with struct
pdo_odbc_errinfo.last_err_msg
which is "char last_err_msg[SQL_MAX_MESSAGE_LENGTH];"
diff is:
diff --git a/ext/pdo_odbc/odbc_driver.c b/ext/pdo_odbc/odbc_driver.c
index 84a147b..2176051 100755
--- a/ext/pdo_odbc/odbc_driver.c
+++ b/ext/pdo_odbc/odbc_driver.c
@@ -114,8 +114,8 @@ void pdo_odbc_error(pdo_dbh_t *dbh, pdo_stmt_t *stmt,
PDO_ODBC_HSTMT statement,
* diagnostic records (which can be generated by PRINT statements
* in the query, for instance). */
while (rc == SQL_SUCCESS || rc == SQL_SUCCESS_WITH_INFO) {
- char discard_state[5];
- char discard_buf[1024];
+ char discard_state[6];
+ char discard_buf[SQL_MAX_MESSAGE_LENGTH];
SQLINTEGER code;
rc = SQLGetDiagRec(htype, eh, recno++, discard_state, &code,
discard_buf, sizeof(discard_buf)-1,
&errmsgsize);
[2012-10-08 07:37:02] r...@php.net
The following patch has been added/updated:
Patch Name: php-5.3.3-pdo-overflow.patch
Revision: 1349681821
URL:
https://bugs.php.net/patch-display.php?bug=63235&patch=php-5.3.3-pdo-overflow.patch&revision=1349681821
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
https://bugs.php.net/bug.php?id=63235
--
Edit this bug report at https://bugs.php.net/bug.php?id=63235&edit=1
Req #63242 [Opn]: Default error page in PHP built-in web server uses outdated html/css
Edit report at https://bugs.php.net/bug.php?id=63242&edit=1 ID: 63242 Updated by: re...@php.net Reported by:pascal dot chevrel at free dot fr Summary:Default error page in PHP built-in web server uses outdated html/css Status: Open Type: Feature/Change Request Package:Built-in web server Operating System: Linux PHP Version:5.4.7 Block user comment: N Private report: N New Comment: It's nice to have modern, but the appearance should be consist on PHP itself(VI). PHP use the BLUE a lot, kind of the color of PHP. as the color yellow, It looks like an error page of django :) and the built-in server is just for testing purpose, If possible, I'd PHP redesign its Visual Identity System to be more modern. And, yes there is a PHP.net alpha there: http://www.php.net/my.php (enable it at the bottom). but seems didn't active for a long time. Previous Comments: [2012-10-08 17:53:00] pascal dot chevrel at free dot fr Here is a after/before screenshot: http://chevrel.org/images/phpbugs/bug63242.png Note that I chose yellow for the error header instead of blue because this is the color used in the terminal for such errors, blue is not usually an error associated to errors. [2012-10-08 17:41:00] pascal dot chevrel at free dot fr Description: The default error page in the built-in webserver is very ugly. Looking at the history of the file in the git repository, these styles and html were copied from the phpinfo styling created in 2002 with CSS selectors that had Netscape 4/IE4 compatibility in mind. Appearances matter :) It makes this new PHP feature look already outdated. I am going to attach a patch that: * will make it look a bit more modern and works in responsive mode too * will remove unused css rules from the code * will add an html5 doctype to the error page * will remove unnecesary html attributes in html5 (I noticed that there are 2 tests in the sapi/cli/tests folder that reproduce some of this html, I don't know how tests work for php but I can give a shot at updating the expected results of the tests in the patch if required) -- Edit this bug report at https://bugs.php.net/bug.php?id=63242&edit=1
Bug #63235 [Opn]: buffer overflow in use of SQLGetDiagRec
Edit report at https://bugs.php.net/bug.php?id=63235&edit=1
ID: 63235
Updated by: r...@php.net
Reported by:r...@php.net
Summary:buffer overflow in use of SQLGetDiagRec
Status: Open
Type: Bug
Package:PDO related
Operating System: GNU/Linux
PHP Version:5.4.7
Block user comment: N
Private report: N
New Comment:
@laruence: thanks, but I don't have commit right on php-src (only on pecl)
Previous Comments:
[2012-10-09 02:12:59] larue...@php.net
yeah, I think you can commit that patch. thanks
[2012-10-08 18:14:02] r...@php.net
@laruence, I agree, but is this case should rather be SQL_MAX_MESSAGE_LENGTH+1
as used in unixODBC source code.
But this have no risk as this is (mostly) protected by the buffer_length arg.
>From extract_sql_error_rec function source code
(unixODBC-2.3.1/DriverManager/SQLGetDiagRec.c)
if ( sqlstate )
strcpy((char*) sqlstate, "0" );
Here is the buffer overflow issue (no length protection).
[2012-10-08 15:35:02] larue...@php.net
maybe the discard_buf should also be consistent with struct
pdo_odbc_errinfo.last_err_msg
which is "char last_err_msg[SQL_MAX_MESSAGE_LENGTH];"
diff is:
diff --git a/ext/pdo_odbc/odbc_driver.c b/ext/pdo_odbc/odbc_driver.c
index 84a147b..2176051 100755
--- a/ext/pdo_odbc/odbc_driver.c
+++ b/ext/pdo_odbc/odbc_driver.c
@@ -114,8 +114,8 @@ void pdo_odbc_error(pdo_dbh_t *dbh, pdo_stmt_t *stmt,
PDO_ODBC_HSTMT statement,
* diagnostic records (which can be generated by PRINT statements
* in the query, for instance). */
while (rc == SQL_SUCCESS || rc == SQL_SUCCESS_WITH_INFO) {
- char discard_state[5];
- char discard_buf[1024];
+ char discard_state[6];
+ char discard_buf[SQL_MAX_MESSAGE_LENGTH];
SQLINTEGER code;
rc = SQLGetDiagRec(htype, eh, recno++, discard_state, &code,
discard_buf, sizeof(discard_buf)-1,
&errmsgsize);
[2012-10-08 07:37:02] r...@php.net
The following patch has been added/updated:
Patch Name: php-5.3.3-pdo-overflow.patch
Revision: 1349681821
URL:
https://bugs.php.net/patch-display.php?bug=63235&patch=php-5.3.3-pdo-overflow.patch&revision=1349681821
[2012-10-08 07:36:51] r...@php.net
Description:
Already report on internals http://marc.info/?t=13426268866&r=1&w=2
Discard state is 5 char long, so buffer must be 6.
Trivial fix attached.
(could apply in all branches)
--
Edit this bug report at https://bugs.php.net/bug.php?id=63235&edit=1
Bug #63240 [Opn]: stream_get_line return contains delimiter string
Edit report at https://bugs.php.net/bug.php?id=63240&edit=1
ID: 63240
Updated by: datib...@php.net
Reported by:scope at planetavent dot de
Summary:stream_get_line return contains delimiter string
Status: Open
Type: Bug
Package:Streams related
Operating System: Windows Server 2008 / RHEL 6.2
PHP Version:5.3.17
Block user comment: N
Private report: N
New Comment:
Reduced test:
$file = __DIR__ . '/input_dummy.txt';
$data = str_repeat( '.', 8189 ) . '';
file_put_contents( $file, $data );
$fh = fopen( $file, "rb" );
$delimiter = "MM";
stream_get_line($fh, 4096, $delimiter);
stream_get_line($fh, 4096, $delimiter);
if ($delimiter === stream_get_line($fh, 4096, $delimiter)) {
echo "BROKEN";
} else {
echo "OK";
}
fclose($fh);
unlink($file);
The amount of dots seems to be related to the used buffer length:
( + 3) % ( x 2) == 0
The length of the delimiter also seems to play a role, but I'm not sure what
that would be.
Previous Comments:
[2012-10-08 16:03:38] scope at planetavent dot de
Description:
On specific file input stream_get_line returns a "line" that actually contains
the delimiter.
PHP 5.3.10 does not show this problem, PHP versions from 5.3.11 to 5.3.17 do.
PHP 5.4.7 seems to be affected as well.
Bug #44607 seems to be related, but was fixed long time ago.
Test script:
---
https://bugs.php.net/bug.php?id=63240&edit=1
Bug #63235 [Opn]: buffer overflow in use of SQLGetDiagRec
Edit report at https://bugs.php.net/bug.php?id=63235&edit=1
ID: 63235
Updated by: larue...@php.net
Reported by:r...@php.net
Summary:buffer overflow in use of SQLGetDiagRec
Status: Open
Type: Bug
Package:PDO related
Operating System: GNU/Linux
PHP Version:5.4.7
Block user comment: N
Private report: N
New Comment:
yeah, I think you can commit that patch. thanks
Previous Comments:
[2012-10-08 18:14:02] r...@php.net
@laruence, I agree, but is this case should rather be SQL_MAX_MESSAGE_LENGTH+1
as used in unixODBC source code.
But this have no risk as this is (mostly) protected by the buffer_length arg.
>From extract_sql_error_rec function source code
(unixODBC-2.3.1/DriverManager/SQLGetDiagRec.c)
if ( sqlstate )
strcpy((char*) sqlstate, "0" );
Here is the buffer overflow issue (no length protection).
[2012-10-08 15:35:02] larue...@php.net
maybe the discard_buf should also be consistent with struct
pdo_odbc_errinfo.last_err_msg
which is "char last_err_msg[SQL_MAX_MESSAGE_LENGTH];"
diff is:
diff --git a/ext/pdo_odbc/odbc_driver.c b/ext/pdo_odbc/odbc_driver.c
index 84a147b..2176051 100755
--- a/ext/pdo_odbc/odbc_driver.c
+++ b/ext/pdo_odbc/odbc_driver.c
@@ -114,8 +114,8 @@ void pdo_odbc_error(pdo_dbh_t *dbh, pdo_stmt_t *stmt,
PDO_ODBC_HSTMT statement,
* diagnostic records (which can be generated by PRINT statements
* in the query, for instance). */
while (rc == SQL_SUCCESS || rc == SQL_SUCCESS_WITH_INFO) {
- char discard_state[5];
- char discard_buf[1024];
+ char discard_state[6];
+ char discard_buf[SQL_MAX_MESSAGE_LENGTH];
SQLINTEGER code;
rc = SQLGetDiagRec(htype, eh, recno++, discard_state, &code,
discard_buf, sizeof(discard_buf)-1,
&errmsgsize);
[2012-10-08 07:37:02] r...@php.net
The following patch has been added/updated:
Patch Name: php-5.3.3-pdo-overflow.patch
Revision: 1349681821
URL:
https://bugs.php.net/patch-display.php?bug=63235&patch=php-5.3.3-pdo-overflow.patch&revision=1349681821
[2012-10-08 07:36:51] r...@php.net
Description:
Already report on internals http://marc.info/?t=13426268866&r=1&w=2
Discard state is 5 char long, so buffer must be 6.
Trivial fix attached.
(could apply in all branches)
--
Edit this bug report at https://bugs.php.net/bug.php?id=63235&edit=1
[PHP-BUG] Bug #63244 [NEW]: PDO fetch is inconsistent with MySQL's bit column
From: juzna dot cz at gmail dot com
Operating system: Ubuntu
PHP version: 5.3.17
Package: PDO related
Bug Type: Bug
Bug description:PDO fetch is inconsistent with MySQL's bit column
Description:
Suppose MySQL database with a column of type bit(1).
Then fetching value from this column gives a binary string ("\0", "\1") in
PHP5.3
and numeric string ("0", "1") in 5.4.
I'd expect to obtain a boolean, but numeric string would be a good enough.
But it
must be consistent in both PHP versions.
Test script:
---
$res = $connection->query("SELECT * FROM bittest");
$row = $res->fetch();
dump($row);
Assert::same(0, $row->id);
Assert::same(false, $row->flag);
$row = $res->fetch();
dump($row);
Assert::same(1, $row->id);
Assert::same(true, $row->flag);
Expected result:
// 5.3.17
Nette\Database\Row(2) {
id => 0
flag => "\00"
}
Nette\Database\Row(2) {
id => 1
flag => "\01"
}
// PHP 5.4.7
Nette\Database\Row(2) {
id => 0
flag => "0"
}
Nette\Database\Row(2) {
id => 1
flag => "1"
}
Actual result:
--
Both PHP versions the same.
--
Edit bug report at https://bugs.php.net/bug.php?id=63244&edit=1
--
Try a snapshot (PHP 5.4):
https://bugs.php.net/fix.php?id=63244&r=trysnapshot54
Try a snapshot (PHP 5.3):
https://bugs.php.net/fix.php?id=63244&r=trysnapshot53
Try a snapshot (trunk):
https://bugs.php.net/fix.php?id=63244&r=trysnapshottrunk
Fixed in SVN: https://bugs.php.net/fix.php?id=63244&r=fixed
Fixed in release: https://bugs.php.net/fix.php?id=63244&r=alreadyfixed
Need backtrace: https://bugs.php.net/fix.php?id=63244&r=needtrace
Need Reproduce Script: https://bugs.php.net/fix.php?id=63244&r=needscript
Try newer version: https://bugs.php.net/fix.php?id=63244&r=oldversion
Not developer issue:https://bugs.php.net/fix.php?id=63244&r=support
Expected behavior: https://bugs.php.net/fix.php?id=63244&r=notwrong
Not enough info:
https://bugs.php.net/fix.php?id=63244&r=notenoughinfo
Submitted twice:
https://bugs.php.net/fix.php?id=63244&r=submittedtwice
register_globals: https://bugs.php.net/fix.php?id=63244&r=globals
PHP 4 support discontinued: https://bugs.php.net/fix.php?id=63244&r=php4
Daylight Savings: https://bugs.php.net/fix.php?id=63244&r=dst
IIS Stability: https://bugs.php.net/fix.php?id=63244&r=isapi
Install GNU Sed:https://bugs.php.net/fix.php?id=63244&r=gnused
Floating point limitations: https://bugs.php.net/fix.php?id=63244&r=float
No Zend Extensions: https://bugs.php.net/fix.php?id=63244&r=nozend
MySQL Configuration Error: https://bugs.php.net/fix.php?id=63244&r=mysqlcfg
Bug #63235 [Opn]: buffer overflow in use of SQLGetDiagRec
Edit report at https://bugs.php.net/bug.php?id=63235&edit=1
ID: 63235
Updated by: r...@php.net
Reported by:r...@php.net
Summary:buffer overflow in use of SQLGetDiagRec
Status: Open
Type: Bug
Package:PDO related
Operating System: GNU/Linux
PHP Version:5.4.7
Block user comment: N
Private report: N
New Comment:
@laruence, I agree, but is this case should rather be SQL_MAX_MESSAGE_LENGTH+1
as used in unixODBC source code.
But this have no risk as this is (mostly) protected by the buffer_length arg.
>From extract_sql_error_rec function source code
(unixODBC-2.3.1/DriverManager/SQLGetDiagRec.c)
if ( sqlstate )
strcpy((char*) sqlstate, "0" );
Here is the buffer overflow issue (no length protection).
Previous Comments:
[2012-10-08 15:35:02] larue...@php.net
maybe the discard_buf should also be consistent with struct
pdo_odbc_errinfo.last_err_msg
which is "char last_err_msg[SQL_MAX_MESSAGE_LENGTH];"
diff is:
diff --git a/ext/pdo_odbc/odbc_driver.c b/ext/pdo_odbc/odbc_driver.c
index 84a147b..2176051 100755
--- a/ext/pdo_odbc/odbc_driver.c
+++ b/ext/pdo_odbc/odbc_driver.c
@@ -114,8 +114,8 @@ void pdo_odbc_error(pdo_dbh_t *dbh, pdo_stmt_t *stmt,
PDO_ODBC_HSTMT statement,
* diagnostic records (which can be generated by PRINT statements
* in the query, for instance). */
while (rc == SQL_SUCCESS || rc == SQL_SUCCESS_WITH_INFO) {
- char discard_state[5];
- char discard_buf[1024];
+ char discard_state[6];
+ char discard_buf[SQL_MAX_MESSAGE_LENGTH];
SQLINTEGER code;
rc = SQLGetDiagRec(htype, eh, recno++, discard_state, &code,
discard_buf, sizeof(discard_buf)-1,
&errmsgsize);
[2012-10-08 07:37:02] r...@php.net
The following patch has been added/updated:
Patch Name: php-5.3.3-pdo-overflow.patch
Revision: 1349681821
URL:
https://bugs.php.net/patch-display.php?bug=63235&patch=php-5.3.3-pdo-overflow.patch&revision=1349681821
[2012-10-08 07:36:51] r...@php.net
Description:
Already report on internals http://marc.info/?t=13426268866&r=1&w=2
Discard state is 5 char long, so buffer must be 6.
Trivial fix attached.
(could apply in all branches)
--
Edit this bug report at https://bugs.php.net/bug.php?id=63235&edit=1
Req #63242 [Com]: Default error page in PHP built-in web server uses outdated html/css
Edit report at https://bugs.php.net/bug.php?id=63242&edit=1 ID: 63242 Comment by: pascal dot chevrel at free dot fr Reported by:pascal dot chevrel at free dot fr Summary:Default error page in PHP built-in web server uses outdated html/css Status: Open Type: Feature/Change Request Package:Built-in web server Operating System: Linux PHP Version:5.4.7 Block user comment: N Private report: N New Comment: Here is a after/before screenshot: http://chevrel.org/images/phpbugs/bug63242.png Note that I chose yellow for the error header instead of blue because this is the color used in the terminal for such errors, blue is not usually an error associated to errors. Previous Comments: [2012-10-08 17:41:00] pascal dot chevrel at free dot fr Description: The default error page in the built-in webserver is very ugly. Looking at the history of the file in the git repository, these styles and html were copied from the phpinfo styling created in 2002 with CSS selectors that had Netscape 4/IE4 compatibility in mind. Appearances matter :) It makes this new PHP feature look already outdated. I am going to attach a patch that: * will make it look a bit more modern and works in responsive mode too * will remove unused css rules from the code * will add an html5 doctype to the error page * will remove unnecesary html attributes in html5 (I noticed that there are 2 tests in the sapi/cli/tests folder that reproduce some of this html, I don't know how tests work for php but I can give a shot at updating the expected results of the tests in the patch if required) -- Edit this bug report at https://bugs.php.net/bug.php?id=63242&edit=1
[PHP-BUG] Req #63242 [NEW]: Default error page in PHP built-in web server uses outdated html/css
From: pascal dot chevrel at free dot fr Operating system: Linux PHP version: 5.4.7 Package: Built-in web server Bug Type: Feature/Change Request Bug description:Default error page in PHP built-in web server uses outdated html/css Description: The default error page in the built-in webserver is very ugly. Looking at the history of the file in the git repository, these styles and html were copied from the phpinfo styling created in 2002 with CSS selectors that had Netscape 4/IE4 compatibility in mind. Appearances matter :) It makes this new PHP feature look already outdated. I am going to attach a patch that: * will make it look a bit more modern and works in responsive mode too * will remove unused css rules from the code * will add an html5 doctype to the error page * will remove unnecesary html attributes in html5 (I noticed that there are 2 tests in the sapi/cli/tests folder that reproduce some of this html, I don't know how tests work for php but I can give a shot at updating the expected results of the tests in the patch if required) -- Edit bug report at https://bugs.php.net/bug.php?id=63242&edit=1 -- Try a snapshot (PHP 5.4): https://bugs.php.net/fix.php?id=63242&r=trysnapshot54 Try a snapshot (PHP 5.3): https://bugs.php.net/fix.php?id=63242&r=trysnapshot53 Try a snapshot (trunk): https://bugs.php.net/fix.php?id=63242&r=trysnapshottrunk Fixed in SVN: https://bugs.php.net/fix.php?id=63242&r=fixed Fixed in release: https://bugs.php.net/fix.php?id=63242&r=alreadyfixed Need backtrace: https://bugs.php.net/fix.php?id=63242&r=needtrace Need Reproduce Script: https://bugs.php.net/fix.php?id=63242&r=needscript Try newer version: https://bugs.php.net/fix.php?id=63242&r=oldversion Not developer issue:https://bugs.php.net/fix.php?id=63242&r=support Expected behavior: https://bugs.php.net/fix.php?id=63242&r=notwrong Not enough info: https://bugs.php.net/fix.php?id=63242&r=notenoughinfo Submitted twice: https://bugs.php.net/fix.php?id=63242&r=submittedtwice register_globals: https://bugs.php.net/fix.php?id=63242&r=globals PHP 4 support discontinued: https://bugs.php.net/fix.php?id=63242&r=php4 Daylight Savings: https://bugs.php.net/fix.php?id=63242&r=dst IIS Stability: https://bugs.php.net/fix.php?id=63242&r=isapi Install GNU Sed:https://bugs.php.net/fix.php?id=63242&r=gnused Floating point limitations: https://bugs.php.net/fix.php?id=63242&r=float No Zend Extensions: https://bugs.php.net/fix.php?id=63242&r=nozend MySQL Configuration Error: https://bugs.php.net/fix.php?id=63242&r=mysqlcfg
Req #62968 [Opn->Nab]: Unable to Run PHP with IIS 7.X
Edit report at https://bugs.php.net/bug.php?id=62968&edit=1 ID: 62968 Updated by: mattfic...@php.net Reported by:bankim dot rana at strixsystems dot com Summary:Unable to Run PHP with IIS 7.X -Status: Open +Status: Not a bug Type: Feature/Change Request Package:IIS related Operating System: windows 2008 64 bit R2 sp1 PHP Version:5.4.6 Block user comment: N Private report: N New Comment: Sorry, but your problem does not imply a bug in PHP itself. For a list of more appropriate places to ask for help using PHP, please visit http://www.php.net/support.php as this bug system is not the appropriate forum for asking support questions. Due to the volume of reports we can not explain in detail here why your report is not a bug. The support channels will be able to provide an explanation for you. Thank you for your interest in PHP. ISAPI is not supported by PHP. You should not use it. You should use FastCGI instead. If instructions, tutorials, etc... weren't clear on this, then let us know because that will need to be fixed. For instructions on how to setup PHP with IIS, see this link: http://www.iis.net/learn/application-frameworks/install-and-configure-php-applications-on-iis/using-fastcgi-to-host-php-applications-on-iis. You can also try WebPI and PHP Manager, both available on iis.net. Previous Comments: [2012-08-29 13:31:17] bankim dot rana at strixsystems dot com Description: We are getting "HTTP Error 500.0 - Internal Server Error" while run any php file on IIS 7 and above on windows 2008 R2 sp1 OS with 64 bit. Details about error Module IsapiModule -> Requested URL http://localhost:80/phpinfo.php Notification ExecuteRequestHandler - Physical Path C:\inetpub\wwwroot\phpinfo.php Handler PHP-ISPAI - Logon Method Anonymous Error Code 0x8007007e - Logon User Anonymous Test script: --- Expected result: it shuld display php.ini configuration -- Edit this bug report at https://bugs.php.net/bug.php?id=62968&edit=1
[PHP-BUG] Bug #63241 [NEW]: PHP fails to open Windows deduplicated files
From: daniel dot stelter-gliese at innogames dot de Operating system: Windows Server 2012 PHP version: 5.4.7 Package: Win32API related Bug Type: Bug Bug description:PHP fails to open Windows deduplicated files Description: Opening a file that was deduplicated by Windows Server 2012 deduplication fails with "No such file or directory". The behavior can be reproduced locally and through SMB shares (on Win7 and Win8 clients). I've tried 5.3.15 and 5.4.7 - judging from the code latest snapshots are affected, too. I could trace this to a problem with reparse points: deduplication adds the new reparse tag IO_REPARSE_TAG_DEDUP. There seems to be no documentation on this tag, so I could only interpret it as a flag to be ignored. The attached patch simply treats a IO_REPARSE_TAG_DEDUP file as a substitute on the same path, which worked well. Test script: --- $path = 'S:\\test.exe'; var_dump(filesize($path)); var_dump(realpath($path)); var_dump(strlen(file_get_contents($path))); var_dump(fopen($path, 'rb')); Expected result: int(5448704) string(50) "S:\test.exe" int(5448704) resource(6) of type (stream) Actual result: -- int(5448704) bool(false) Warning: file_get_contents(S:\test.exe): failed to open stream: No such file or directory in C:\php-sdk\php54dev\vc9\x64\ php-5.4.7-src\x64\Release\test.php on line 6 int(0) Warning: fopen(S:\test.exe): failed to op en stream: No such file or directory in C:\php-sdk\php54dev\vc9\x64\php-5.4.7-sr c\x64\Release\test.php on line 7 bool(false) -- Edit bug report at https://bugs.php.net/bug.php?id=63241&edit=1 -- Try a snapshot (PHP 5.4): https://bugs.php.net/fix.php?id=63241&r=trysnapshot54 Try a snapshot (PHP 5.3): https://bugs.php.net/fix.php?id=63241&r=trysnapshot53 Try a snapshot (trunk): https://bugs.php.net/fix.php?id=63241&r=trysnapshottrunk Fixed in SVN: https://bugs.php.net/fix.php?id=63241&r=fixed Fixed in release: https://bugs.php.net/fix.php?id=63241&r=alreadyfixed Need backtrace: https://bugs.php.net/fix.php?id=63241&r=needtrace Need Reproduce Script: https://bugs.php.net/fix.php?id=63241&r=needscript Try newer version: https://bugs.php.net/fix.php?id=63241&r=oldversion Not developer issue:https://bugs.php.net/fix.php?id=63241&r=support Expected behavior: https://bugs.php.net/fix.php?id=63241&r=notwrong Not enough info: https://bugs.php.net/fix.php?id=63241&r=notenoughinfo Submitted twice: https://bugs.php.net/fix.php?id=63241&r=submittedtwice register_globals: https://bugs.php.net/fix.php?id=63241&r=globals PHP 4 support discontinued: https://bugs.php.net/fix.php?id=63241&r=php4 Daylight Savings: https://bugs.php.net/fix.php?id=63241&r=dst IIS Stability: https://bugs.php.net/fix.php?id=63241&r=isapi Install GNU Sed:https://bugs.php.net/fix.php?id=63241&r=gnused Floating point limitations: https://bugs.php.net/fix.php?id=63241&r=float No Zend Extensions: https://bugs.php.net/fix.php?id=63241&r=nozend MySQL Configuration Error: https://bugs.php.net/fix.php?id=63241&r=mysqlcfg
[PHP-BUG] Bug #63240 [NEW]: stream_get_line return contains delimiter string
From: scope at planetavent dot de Operating system: Windows Server 2008 / RHEL 6.2 PHP version: 5.3.17 Package: Streams related Bug Type: Bug Bug description:stream_get_line return contains delimiter string Description: On specific file input stream_get_line returns a "line" that actually contains the delimiter. PHP 5.3.10 does not show this problem, PHP versions from 5.3.11 to 5.3.17 do. PHP 5.4.7 seems to be affected as well. Bug #44607 seems to be related, but was fixed long time ago. Test script: --- https://bugs.php.net/bug.php?id=63240&edit=1 -- Try a snapshot (PHP 5.4): https://bugs.php.net/fix.php?id=63240&r=trysnapshot54 Try a snapshot (PHP 5.3): https://bugs.php.net/fix.php?id=63240&r=trysnapshot53 Try a snapshot (trunk): https://bugs.php.net/fix.php?id=63240&r=trysnapshottrunk Fixed in SVN: https://bugs.php.net/fix.php?id=63240&r=fixed Fixed in release: https://bugs.php.net/fix.php?id=63240&r=alreadyfixed Need backtrace: https://bugs.php.net/fix.php?id=63240&r=needtrace Need Reproduce Script: https://bugs.php.net/fix.php?id=63240&r=needscript Try newer version: https://bugs.php.net/fix.php?id=63240&r=oldversion Not developer issue:https://bugs.php.net/fix.php?id=63240&r=support Expected behavior: https://bugs.php.net/fix.php?id=63240&r=notwrong Not enough info: https://bugs.php.net/fix.php?id=63240&r=notenoughinfo Submitted twice: https://bugs.php.net/fix.php?id=63240&r=submittedtwice register_globals: https://bugs.php.net/fix.php?id=63240&r=globals PHP 4 support discontinued: https://bugs.php.net/fix.php?id=63240&r=php4 Daylight Savings: https://bugs.php.net/fix.php?id=63240&r=dst IIS Stability: https://bugs.php.net/fix.php?id=63240&r=isapi Install GNU Sed:https://bugs.php.net/fix.php?id=63240&r=gnused Floating point limitations: https://bugs.php.net/fix.php?id=63240&r=float No Zend Extensions: https://bugs.php.net/fix.php?id=63240&r=nozend MySQL Configuration Error: https://bugs.php.net/fix.php?id=63240&r=mysqlcfg
Bug #63235 [Opn]: buffer overflow in use of SQLGetDiagRec
Edit report at https://bugs.php.net/bug.php?id=63235&edit=1
ID: 63235
Updated by: larue...@php.net
Reported by:r...@php.net
Summary:buffer overflow in use of SQLGetDiagRec
Status: Open
Type: Bug
Package:PDO related
Operating System: GNU/Linux
PHP Version:5.4.7
Block user comment: N
Private report: N
New Comment:
maybe the discard_buf should also be consistent with struct
pdo_odbc_errinfo.last_err_msg
which is "char last_err_msg[SQL_MAX_MESSAGE_LENGTH];"
diff is:
diff --git a/ext/pdo_odbc/odbc_driver.c b/ext/pdo_odbc/odbc_driver.c
index 84a147b..2176051 100755
--- a/ext/pdo_odbc/odbc_driver.c
+++ b/ext/pdo_odbc/odbc_driver.c
@@ -114,8 +114,8 @@ void pdo_odbc_error(pdo_dbh_t *dbh, pdo_stmt_t *stmt,
PDO_ODBC_HSTMT statement,
* diagnostic records (which can be generated by PRINT statements
* in the query, for instance). */
while (rc == SQL_SUCCESS || rc == SQL_SUCCESS_WITH_INFO) {
- char discard_state[5];
- char discard_buf[1024];
+ char discard_state[6];
+ char discard_buf[SQL_MAX_MESSAGE_LENGTH];
SQLINTEGER code;
rc = SQLGetDiagRec(htype, eh, recno++, discard_state, &code,
discard_buf, sizeof(discard_buf)-1,
&errmsgsize);
Previous Comments:
[2012-10-08 07:37:02] r...@php.net
The following patch has been added/updated:
Patch Name: php-5.3.3-pdo-overflow.patch
Revision: 1349681821
URL:
https://bugs.php.net/patch-display.php?bug=63235&patch=php-5.3.3-pdo-overflow.patch&revision=1349681821
[2012-10-08 07:36:51] r...@php.net
Description:
Already report on internals http://marc.info/?t=13426268866&r=1&w=2
Discard state is 5 char long, so buffer must be 6.
Trivial fix attached.
(could apply in all branches)
--
Edit this bug report at https://bugs.php.net/bug.php?id=63235&edit=1
Bug #63219 [Asn->Csd]: Segfault when aliasing trait method when autoloader throws excpetion
Edit report at https://bugs.php.net/bug.php?id=63219&edit=1
ID: 63219
Updated by: larue...@php.net
Reported by:maciej dot sz at gmail dot com
Summary:Segfault when aliasing trait method when autoloader
throws excpetion
-Status: Assigned
+Status: Closed
Type: Bug
Package:Reproducible crash
Operating System: 3.2.0-31-generic #50-Ubuntu
PHP Version:5.4Git-2012-10-04 (snap)
Assigned To:laruence
Block user comment: N
Private report: N
New Comment:
Automatic comment on behalf of laruence
Revision:
http://git.php.net/?p=php-src.git;a=commit;h=67611c67fa5a3b2c199d41ef7df3307308c56faa
Log: Fixed bug #63219 (Segfault when aliasing trait method when autoloader
throws excpetion)
Previous Comments:
[2012-10-08 07:06:14] dmi...@php.net
I think you patch is OK. Please commit it.
[2012-10-05 01:57:57] larue...@php.net
I think there is no need to call autoload in USE block, and it should check the
fetch result, I have attached a patch,
but I am not sure what the warning message should be...
[2012-10-05 01:56:09] larue...@php.net
The following patch has been added/updated:
Patch Name: bug63219.patch
Revision: 1349402169
URL:
https://bugs.php.net/patch-display.php?bug=63219&patch=bug63219.patch&revision=1349402169
[2012-10-04 18:43:59] maciej dot sz at gmail dot com
Description:
Class contains "use" statement of a trait. Method alias statement for that
trait contains a typo in the trait name. The autoloader throws exception and
then the segfault occurs.
(gdb) p zend_fetch_class(cur_method_ref->class_name, cur_method_ref->cname_len,
14)
$5 = (zend_class_entry *) 0x0
Test script:
---
---
file TFoo.php
inconsistent==HT_OK) {
(gdb) bt
#0 0x009863c8 in _zend_is_inconsistent (ht=0x28,
file=0xfb0948 "/home/maciek/Downloads/php-5.4.7/Zend/zend_hash.c", line=969)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_hash.c:54
#1 0x009890f5 in zend_hash_exists (ht=0x28, arKey=0x77fc5aa0
"foomethodd", nKeyLength=11)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_hash.c:969
#2 0x00952839 in zend_traits_init_trait_structures (ce=0x77fc5108)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_compile.c:4037
#3 0x00953a4a in zend_do_bind_traits (ce=0x77fc5108)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_compile.c:4370
#4 0x009b79ee in ZEND_BIND_TRAITS_SPEC_HANDLER
(execute_data=0x77f88500)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_vm_execute.h:1027
#5 0x009b42f6 in execute (op_array=0x77fc0da8)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_vm_execute.h:410
#6 0x009639b8 in zend_call_function (fci=0x7fffa1a0,
fci_cache=0x7fffa1f0)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_execute_API.c:958
#7 0x009956b5 in zend_call_method (object_pp=0x0, obj_ce=0x0,
fn_proxy=0x77fc41e0,
function_name=0x77fc17f8 "closure::__invoke\001", function_name_len=22,
retval_ptr_ptr=0x7fffa2e0, param_count=1, arg1=0x77fbf5d0, arg2=0x0)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_interfaces.c:97
#8 0x007a087c in zif_spl_autoload_call (ht=1,
return_value=0x77fc40d8,
return_value_ptr=0x7fffa728, this_ptr=0x0, return_value_used=1)
at /home/maciek/Downloads/php-5.4.7/ext/spl/php_spl.c:436
#9 0x00963b92 in zend_call_function (fci=0x7fffa670,
fci_cache=0x7fffa6c0)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_execute_API.c:980
#10 0x00964520 in zend_lookup_class_ex (name=0x77eb72f8 "bar\\C",
name_length=5,
key=0x77fc24d8, use_autoload=1, ce=0x7fffa7c0)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_execute_API.c:1127
#11 0x00965230 in zend_fetch_class_by_name (class_name=0x77eb72f8
"bar\\C",
class_name_len=5, key=0x77fc24d8, fetch_type=4)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_execute_API.c:1607
#12 0x009b8690 in ZEND_FETCH_CLASS_SPEC_CONST_HANDLER
(execute_data=0x77f880e8)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_vm_execute.h:1173
#13 0x009b42f6 in execute (op_array=0x77fc04c8)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_vm_execute.h:410
#14 0x00976e13 in zend_execute_scripts (type=8, retval=0x0,
file_count=3)
at /home/maciek/Downloads/php-5.4.7/Zend/zend.c:1286
#15 0x008e9732 in php_execute_script (primary_file=0x7fffce40)
at /home/maciek/Downloads/php-5.4.7/main/main.c:2473
#16 0x00abfa95 in do_cli (argc=2, argv=0x7f
Bug #61579 [Com]: Segfault preg_replace "/'(\\\\'|\\\\{2}|[^'])*'/" with a long string
Edit report at https://bugs.php.net/bug.php?id=61579&edit=1
ID: 61579
Comment by: serge dot rivest at gmail dot com
Reported by:robin at byte dot nl
Summary:Segfault preg_replace "/'('|{2}|[^'])*'/"
with a long string
Status: Feedback
Type: Bug
Package:PCRE related
Operating System: Debian 2.6.
PHP Version:5.3.10
Block user comment: N
Private report: N
New Comment:
I guess that's a question for the people in charge of Zend DB, where this
pattern
originates.
I'm just a user ;)
Previous Comments:
[2012-10-08 10:00:31] ni...@php.net
I don't know what exactly the problem is you're facing, but there is a good
chance that it's just a stack overflow or similar caused by a very inefficient
regex.
You might be able to fix it simply by using "/'('|{2}|[^']+)*'/".
The right approach though would be "/'[^']*(?:.[^']*)*'/".
[2012-10-08 09:46:09] serge dot rivest at gmail dot com
It does appear to be failing on this line:
foreach ($db->fetchAll($sql) as $a)
Very very likely it's just running out of memory. Although every time it
crashes
we also get this in /var/log/syslog:
Oct 8 20:01:39 dev kernel: [726784.383723] php5-fpm[8644]: segfault at
7fff6b8a2f00 ip 7f6607c80a7a sp 7fff6b8a2e90 error 6 in
libpcre.so.3.12.1[7f6607c6e000+3c000]
Which is bizarre. Might just be a regexp in the DB driver which is being run
when
the process runs out of memory... Hrm, time to try Serges idea of using xdebug.
And we see:
0.8160 12868128 -> PDO->quote()
/www/studyladder.dev222/zendframework/Zend/Db/Adapter/Pdo/Abstract.php:296
0.8160 12868344 -> substr()
/www/studyladder.dev222/zendframework/Zend/Db/Statement.php:198
0.8160 12868456 -> str_replace()
/www/studyladder.dev222/zendframework/Zend/Db/Statement.php:199
0.8160 12868472 -> preg_replace()
/www/studyladder.dev222/zendframework/Zend/Db/Statement.php:204
So, probably not running out of memory. This is the code it's crashing on:
// get a version of the SQL statement with all quoted
// values and delimited identifiers stripped out
// remove "foo\"bar"
$sql = preg_replace("/$q($qe|{2}|[^$q])*$q/", '', $sql);
Don't really know what it is doing, but the regexp looks like this:
/'(\\'|\\{2}|[^'])*'/
And the query it is crashing on does have a long literal string in it with
single
quotes. Tried changing the query to use a long literal string with double
quotes
and that fixes it. Phew.
[2012-03-31 18:24:38] yohg...@php.net
Cannot reproduce. Could you download source and test against it?
It seems your system's pcrelib problem.
[2012-03-31 11:18:42] robin at byte dot nl
Looked a bit deeper/cleaner:
The preg_replace failes when the string between single quotes is equal or
longer than 3399 bytes including quotes... 3487 already did seem like an odd
number ;)
cleaner would be if you take $string = "'...3397chars...'";
then it fails with segfault,
$string = "'...less than 3397 chars...'"; works fine.
[2012-03-31 10:53:49] robin at byte dot nl
Description:
When i use this preg_replace with a long string (3487+ bytes) and single quotes
it ends up with a segfault...
$str = preg_replace("/'('|{2}|[^'])*'/", '', $string);
with a string longer than 3487 bytes containing multiple quotes.
results in:
php[26779]: segfault at bf737da8 ip b73e4d43 sp bf737c30 error 6 in
libpcre.so.3.12.1[b73d4000+28000]
Test script:
---
Expected result:
Remove everything between single quotes.
Actual result:
--
Segmentation fault
[25236001.27] php[29917]: segfault at bf37ddc8 ip b744cd43 sp bf37dc50
error 6 in libpcre.so.3.12.1[b743c000+28000]
--
Edit this bug report at https://bugs.php.net/bug.php?id=61579&edit=1
Bug #63108 [Csd->Nab]: ZipArchive uncompress bug
Edit report at https://bugs.php.net/bug.php?id=63108&edit=1
ID: 63108
Updated by: paj...@php.net
Reported by:sharqgm at gmail dot com
Summary:ZipArchive uncompress bug
-Status: Closed
+Status: Not a bug
Type: Bug
Package:Zip Related
Operating System: windows 7
PHP Version:5.3.17
Assigned To:ab
Block user comment: N
Private report: N
Previous Comments:
[2012-10-07 22:42:35] sharqgm at gmail dot com
OK. Thanks for your help. The problem caused by different things. I dont know
yet
what, but it related to joomla and not PHP. :)
[2012-10-02 07:31:14] sharqgm at gmail dot com
- extratched and zipped on local server
- The zip compression is checked: OK. (filesize same)
- After upload, the filesize is: OK.
- After unzip, the filesize is: DIFFERENT...
Server: 25,822,309 Files: 4854 Dirs: 1131
Local : 18,258,381 Files: 4854 Dirs: 1131
Size on Disk: 30,134,453
File: Joomla_2.5.6-Stable-Full_Package.zip
Intresting... :S
[2012-10-01 08:02:15] a...@php.net
I don't get exactly - is a zip file damaged after upload? Does zip ext extract
it locally?
Were it possible you to post that zip file (or another one which causes the zip
ext to work wrong)?
[2012-09-18 08:26:30] sharqgm at gmail dot com
Description:
Some info: I use ziparchive because in my project (joomla) have a lot of small
files and the upload time is too long (50-120 minute)
What I did:
- Zipped a fresh copy of joomla
- uploaded to the server
- extratched by ZipArchive
My keywords and description metadatas are missing. It seems like there is a bug
with the newline caracter, because when I see the source, there is just a mass
of
unformatted code, but on localhost OK. When I avoid this process and uploaded
files directly everything ok. So the problem come from the ZipArchive.
(sorry for the poor description, I'm not prof, just wanted to notice :))
Test script:
---
$zip = new ZipArchive;
$res = $zip->open('un.zip');
if ($res === TRUE) {
$zip->extractTo('./');
$zip->close();
echo 'ok';
} else {
echo 'failed';
}
Actual result:
--
Keyword and desc meta tag-s missing.
New lines missing from the most part of the code.
--
Edit this bug report at https://bugs.php.net/bug.php?id=63108&edit=1
Bug #61579 [Com]: Segfault preg_replace "/'(\\\\'|\\\\{2}|[^'])*'/" with a long string
Edit report at https://bugs.php.net/bug.php?id=61579&edit=1
ID: 61579
Comment by: ni...@php.net
Reported by:robin at byte dot nl
Summary:Segfault preg_replace "/'('|{2}|[^'])*'/"
with a long string
Status: Feedback
Type: Bug
Package:PCRE related
Operating System: Debian 2.6.
PHP Version:5.3.10
Block user comment: N
Private report: N
New Comment:
I don't know what exactly the problem is you're facing, but there is a good
chance that it's just a stack overflow or similar caused by a very inefficient
regex.
You might be able to fix it simply by using "/'('|{2}|[^']+)*'/".
The right approach though would be "/'[^']*(?:.[^']*)*'/".
Previous Comments:
[2012-10-08 09:46:09] serge dot rivest at gmail dot com
It does appear to be failing on this line:
foreach ($db->fetchAll($sql) as $a)
Very very likely it's just running out of memory. Although every time it
crashes
we also get this in /var/log/syslog:
Oct 8 20:01:39 dev kernel: [726784.383723] php5-fpm[8644]: segfault at
7fff6b8a2f00 ip 7f6607c80a7a sp 7fff6b8a2e90 error 6 in
libpcre.so.3.12.1[7f6607c6e000+3c000]
Which is bizarre. Might just be a regexp in the DB driver which is being run
when
the process runs out of memory... Hrm, time to try Serges idea of using xdebug.
And we see:
0.8160 12868128 -> PDO->quote()
/www/studyladder.dev222/zendframework/Zend/Db/Adapter/Pdo/Abstract.php:296
0.8160 12868344 -> substr()
/www/studyladder.dev222/zendframework/Zend/Db/Statement.php:198
0.8160 12868456 -> str_replace()
/www/studyladder.dev222/zendframework/Zend/Db/Statement.php:199
0.8160 12868472 -> preg_replace()
/www/studyladder.dev222/zendframework/Zend/Db/Statement.php:204
So, probably not running out of memory. This is the code it's crashing on:
// get a version of the SQL statement with all quoted
// values and delimited identifiers stripped out
// remove "foo\"bar"
$sql = preg_replace("/$q($qe|{2}|[^$q])*$q/", '', $sql);
Don't really know what it is doing, but the regexp looks like this:
/'(\\'|\\{2}|[^'])*'/
And the query it is crashing on does have a long literal string in it with
single
quotes. Tried changing the query to use a long literal string with double
quotes
and that fixes it. Phew.
[2012-03-31 18:24:38] yohg...@php.net
Cannot reproduce. Could you download source and test against it?
It seems your system's pcrelib problem.
[2012-03-31 11:18:42] robin at byte dot nl
Looked a bit deeper/cleaner:
The preg_replace failes when the string between single quotes is equal or
longer than 3399 bytes including quotes... 3487 already did seem like an odd
number ;)
cleaner would be if you take $string = "'...3397chars...'";
then it fails with segfault,
$string = "'...less than 3397 chars...'"; works fine.
[2012-03-31 10:53:49] robin at byte dot nl
Description:
When i use this preg_replace with a long string (3487+ bytes) and single quotes
it ends up with a segfault...
$str = preg_replace("/'('|{2}|[^'])*'/", '', $string);
with a string longer than 3487 bytes containing multiple quotes.
results in:
php[26779]: segfault at bf737da8 ip b73e4d43 sp bf737c30 error 6 in
libpcre.so.3.12.1[b73d4000+28000]
Test script:
---
Expected result:
Remove everything between single quotes.
Actual result:
--
Segmentation fault
[25236001.27] php[29917]: segfault at bf37ddc8 ip b744cd43 sp bf37dc50
error 6 in libpcre.so.3.12.1[b743c000+28000]
--
Edit this bug report at https://bugs.php.net/bug.php?id=61579&edit=1
Bug #61579 [Com]: Segfault preg_replace "/'(\\\\'|\\\\{2}|[^'])*'/" with a long string
Edit report at https://bugs.php.net/bug.php?id=61579&edit=1
ID: 61579
Comment by: serge dot rivest at gmail dot com
Reported by:robin at byte dot nl
Summary:Segfault preg_replace "/'('|{2}|[^'])*'/"
with a long string
Status: Feedback
Type: Bug
Package:PCRE related
Operating System: Debian 2.6.
PHP Version:5.3.10
Block user comment: N
Private report: N
New Comment:
It does appear to be failing on this line:
foreach ($db->fetchAll($sql) as $a)
Very very likely it's just running out of memory. Although every time it
crashes
we also get this in /var/log/syslog:
Oct 8 20:01:39 dev kernel: [726784.383723] php5-fpm[8644]: segfault at
7fff6b8a2f00 ip 7f6607c80a7a sp 7fff6b8a2e90 error 6 in
libpcre.so.3.12.1[7f6607c6e000+3c000]
Which is bizarre. Might just be a regexp in the DB driver which is being run
when
the process runs out of memory... Hrm, time to try Serges idea of using xdebug.
And we see:
0.8160 12868128 -> PDO->quote()
/www/studyladder.dev222/zendframework/Zend/Db/Adapter/Pdo/Abstract.php:296
0.8160 12868344 -> substr()
/www/studyladder.dev222/zendframework/Zend/Db/Statement.php:198
0.8160 12868456 -> str_replace()
/www/studyladder.dev222/zendframework/Zend/Db/Statement.php:199
0.8160 12868472 -> preg_replace()
/www/studyladder.dev222/zendframework/Zend/Db/Statement.php:204
So, probably not running out of memory. This is the code it's crashing on:
// get a version of the SQL statement with all quoted
// values and delimited identifiers stripped out
// remove "foo\"bar"
$sql = preg_replace("/$q($qe|{2}|[^$q])*$q/", '', $sql);
Don't really know what it is doing, but the regexp looks like this:
/'(\\'|\\{2}|[^'])*'/
And the query it is crashing on does have a long literal string in it with
single
quotes. Tried changing the query to use a long literal string with double
quotes
and that fixes it. Phew.
Previous Comments:
[2012-03-31 18:24:38] yohg...@php.net
Cannot reproduce. Could you download source and test against it?
It seems your system's pcrelib problem.
[2012-03-31 11:18:42] robin at byte dot nl
Looked a bit deeper/cleaner:
The preg_replace failes when the string between single quotes is equal or
longer than 3399 bytes including quotes... 3487 already did seem like an odd
number ;)
cleaner would be if you take $string = "'...3397chars...'";
then it fails with segfault,
$string = "'...less than 3397 chars...'"; works fine.
[2012-03-31 10:53:49] robin at byte dot nl
Description:
When i use this preg_replace with a long string (3487+ bytes) and single quotes
it ends up with a segfault...
$str = preg_replace("/'('|{2}|[^'])*'/", '', $string);
with a string longer than 3487 bytes containing multiple quotes.
results in:
php[26779]: segfault at bf737da8 ip b73e4d43 sp bf737c30 error 6 in
libpcre.so.3.12.1[b73d4000+28000]
Test script:
---
Expected result:
Remove everything between single quotes.
Actual result:
--
Segmentation fault
[25236001.27] php[29917]: segfault at bf37ddc8 ip b744cd43 sp bf37dc50
error 6 in libpcre.so.3.12.1[b743c000+28000]
--
Edit this bug report at https://bugs.php.net/bug.php?id=61579&edit=1
Bug #63231 [Opn]: force-cgi-redirect does not works under FastCGI
Edit report at https://bugs.php.net/bug.php?id=63231&edit=1
ID: 63231
User updated by:phodur at zoznam dot sk
Reported by:phodur at zoznam dot sk
Summary:force-cgi-redirect does not works under FastCGI
Status: Open
Type: Bug
Package:CGI/CLI related
Operating System: FreeBSD (all UNIX like OS)
PHP Version:5.3.17
Block user comment: N
Private report: N
New Comment:
Just a quick followup to the original post.
I have discovered, that force cgi redirect mechanism does not works because
another
bug in mod_fastcgi.
Mod_fastcgi by defaul do not pass any env variables from PHP process when
executing
PHP (not only PHP). It clears ENV simillary to suexec wrapper. There is flag
you can
pass to FastCGIConfig directive, but it do not works as expected. By inspecting
the
source of mod_fastcgi, I can state, that when you pass ENV to FastCGI process
using
this directive, mod_fastcgi uses it's value as it is in the stage the Apache
process
was started (not when the request is actually executed).
Grrr
Previous Comments:
[2012-10-07 00:14:29] phodur at zoznam dot sk
Description:
This is same as #37157. But may be I will better describe the problem. Because
Dmitry closed #37157 as NOT A BUG.
Ok, test environment is Apache 2.2.X with PHP 5.3.X. Base Apache config is:
--- CUT ---
Alias /php-bin//www/php-bin/php5
Options ExecCGI
SetHandler fastcgi-script
AddHandler php5-script .php
Action php5-script /php-bin/php5
--- CUT ---
FastCGI (mod_fastcgi) related config is (this is not important for reproducing
this bug, it is provided only FYI):
--- CUT ---
FastCgiIpcDir /var/run/apache22/fastcgi/
FastCgiWrapper On
FastCgiConfig -idle-timeout 30 -killInterval 300
-maxClassProcesses 1 -maxProcesses 100 -minProcesses 0 -pass-header
HTTP_AUTHORIZATION -restart-delay 2 -singleThreshold 100
--- CUT ---
PHP was compiled only with CGI SAPI support and is run with following wrapper
(it's /www/php-bin/php5 file mentioned earlier):
--- CUT ---
#!/bin/sh
PHP_CGI=/usr/local/bin/php-cgi
PHP_FCGI_CHILDREN=4
PHP_FCGI_MAX_REQUESTS=500
export PHP_FCGI_CHILDREN
export PHP_FCGI_MAX_REQUESTS
exec $PHP_CGI
--- CUT ---
Ok, last but not least the PHP's FastCGI config:
--- CUT ---
;doc_root
;user_dir
cgi.force_redirect = 1
cgi.fix_pathinfo = 0
--- CUT ---
Ok, so when you hit:
http://[domain]/index.php
it works, the Apache translates this request according to Action directive to
http://[domain]/php-bin/php5/index.php
and you will see the results.
When you hit http://[domain]/php-bin/php5/index.php directly, it will also
works (FastCGI PHP SAPI incorrectly does not check the REDIRECT_STATUS
environmental variable for value of 200).
When you change PHP cgi.fix_pathinfo to 1 (so the environmental variables
conforms to FastCGI/CGI specs), the last request incorrectly determine the
/www/php-bin/php5 as the PHP script and executes it. This is because one of the
main jobs of FastCGI/CGI SAPI is to determine WHAT to execute. When
fix_pathinfo is set to 1, it uses also REDIRECT_URL env variable, which is not
set when you access directly interpreter with passed script as PATH_INFO
(http://[domain]/php-bin/php5/index.php).
The only workaround at this time is use mod_rewrite and disable access to the
interpreter:
RewriteEngine on
RewriteCond %{ENV:REDIRECT_STATUS} !200
RewriteRule ^/php-bin/php5 - [F]
Conclusion, this is NOT actually mod_fastcgi and/or configuration issue, this
is really bug in FastCGI/CGI SAPI of PHP (in opossite what Dmitry says in
#37157)
Test script:
---
See above
Expected result:
See above
Actual result:
--
See above
--
Edit this bug report at https://bugs.php.net/bug.php?id=63231&edit=1
[PHP-BUG] Bug #63236 [NEW]: Executable permission on various source files
From: remi Operating system: GNU/Linux PHP version: 5.4Git-2012-10-08 (Git) Package: *General Issues Bug Type: Bug Bug description:Executable permission on various source files Description: Not a big issue, but easy to fix one. This raises some warnings (rpmlint) for packaging on the "debuginfo" package. Test script: --- find . -name \*.[ch] -executable Expected result: empty result Actual result: -- ./Zend/zend_iterators.c ./Zend/zend_build.h ./Zend/zend_interfaces.h ./Zend/zend_interfaces.c ./Zend/zend_iterators.h ./ext/sqlite/libsqlite/src/config_static.w32.h ./ext/pcntl/pcntl.c ./ext/interbase/php_ibase_includes.h ./ext/com_dotnet/com_persist.c ./ext/enchant/enchant.c ./ext/pdo_oci/php_pdo_oci_int.h ./ext/pdo_oci/php_pdo_oci.h ./ext/pdo_oci/oci_statement.c ./ext/pdo_oci/oci_driver.c ./ext/pdo_oci/pdo_oci.c ./ext/mbstring/libmbfl/filters/mbfilter_iso8859_16.h ./ext/mbstring/libmbfl/filters/mbfilter_iso8859_16.c ./ext/mbstring/libmbfl/mbfl/mbfl_defs.h ./ext/mbstring/oniguruma/enc/utf32_le.c ./ext/mbstring/oniguruma/enc/utf32_be.c ./ext/mbstring/oniguruma/enc/utf16_be.c ./ext/mbstring/oniguruma/enc/utf16_le.c ./ext/mbstring/oniguruma/regext.c ./ext/pdo_mysql/pdo_mysql.c ./ext/pdo_mysql/mysql_statement.c ./ext/pdo_mysql/mysql_driver.c ./ext/pdo_mysql/php_pdo_mysql.h ./ext/pdo_mysql/php_pdo_mysql_int.h ./ext/pdo/php_pdo.h ./ext/pdo/php_pdo_int.h ./ext/pdo/pdo_stmt.c ./ext/pdo/pdo.c ./ext/pdo/php_pdo_driver.h ./ext/pdo/pdo_dbh.c ./ext/spl/spl_exceptions.c ./ext/spl/spl_functions.h ./ext/spl/spl_exceptions.h ./ext/spl/spl_functions.c ./ext/spl/spl_array.h ./ext/spl/spl_observer.c ./ext/spl/spl_directory.h ./ext/spl/spl_directory.c ./ext/spl/spl_array.c ./ext/spl/php_spl.c ./ext/spl/spl_engine.h ./ext/spl/spl_iterators.c ./ext/spl/php_spl.h ./ext/spl/spl_iterators.h ./ext/spl/spl_observer.h ./ext/spl/spl_engine.c ./ext/simplexml/sxe.h ./ext/simplexml/php_simplexml_exports.h ./ext/simplexml/sxe.c ./ext/dba/php_db1.h ./ext/dba/dba_db1.c ./ext/dba/dba_qdbm.c ./ext/pdo_odbc/odbc_stmt.c ./ext/pdo_odbc/php_pdo_odbc_int.h ./ext/pdo_odbc/pdo_odbc.c ./ext/pdo_odbc/odbc_driver.c ./ext/standard/winver.h ./main/streams/glob_wrapper.c ./main/streams/php_stream_glob_wrapper.h ./main/streams/streams.c ./main/php_streams.h ./win32/globals.c ./win32/php_win32_globals.h -- Edit bug report at https://bugs.php.net/bug.php?id=63236&edit=1 -- Try a snapshot (PHP 5.4): https://bugs.php.net/fix.php?id=63236&r=trysnapshot54 Try a snapshot (PHP 5.3): https://bugs.php.net/fix.php?id=63236&r=trysnapshot53 Try a snapshot (trunk): https://bugs.php.net/fix.php?id=63236&r=trysnapshottrunk Fixed in SVN: https://bugs.php.net/fix.php?id=63236&r=fixed Fixed in release: https://bugs.php.net/fix.php?id=63236&r=alreadyfixed Need backtrace: https://bugs.php.net/fix.php?id=63236&r=needtrace Need Reproduce Script: https://bugs.php.net/fix.php?id=63236&r=needscript Try newer version: https://bugs.php.net/fix.php?id=63236&r=oldversion Not developer issue:https://bugs.php.net/fix.php?id=63236&r=support Expected behavior: https://bugs.php.net/fix.php?id=63236&r=notwrong Not enough info: https://bugs.php.net/fix.php?id=63236&r=notenoughinfo Submitted twice: https://bugs.php.net/fix.php?id=63236&r=submittedtwice register_globals: https://bugs.php.net/fix.php?id=63236&r=globals PHP 4 support discontinued: https://bugs.php.net/fix.php?id=63236&r=php4 Daylight Savings: https://bugs.php.net/fix.php?id=63236&r=dst IIS Stability: https://bugs.php.net/fix.php?id=63236&r=isapi Install GNU Sed:https://bugs.php.net/fix.php?id=63236&r=gnused Floating point limitations: https://bugs.php.net/fix.php?id=63236&r=float No Zend Extensions: https://bugs.php.net/fix.php?id=63236&r=nozend MySQL Configuration Error: https://bugs.php.net/fix.php?id=63236&r=mysqlcfg
Bug #63235 [PATCH]: buffer overflow in use of SQLGetDiagRec
Edit report at https://bugs.php.net/bug.php?id=63235&edit=1 ID: 63235 Patch added by: r...@php.net Reported by:r...@php.net Summary:buffer overflow in use of SQLGetDiagRec Status: Open Type: Bug Package:PDO related Operating System: GNU/Linux PHP Version:5.4.7 Block user comment: N Private report: N New Comment: The following patch has been added/updated: Patch Name: php-5.3.3-pdo-overflow.patch Revision: 1349681821 URL: https://bugs.php.net/patch-display.php?bug=63235&patch=php-5.3.3-pdo-overflow.patch&revision=1349681821 Previous Comments: [2012-10-08 07:36:51] r...@php.net Description: Already report on internals http://marc.info/?t=13426268866&r=1&w=2 Discard state is 5 char long, so buffer must be 6. Trivial fix attached. (could apply in all branches) -- Edit this bug report at https://bugs.php.net/bug.php?id=63235&edit=1
[PHP-BUG] Bug #63235 [NEW]: buffer overflow in use of SQLGetDiagRec
From: remi Operating system: GNU/Linux PHP version: 5.4.7 Package: PDO related Bug Type: Bug Bug description:buffer overflow in use of SQLGetDiagRec Description: Already report on internals http://marc.info/?t=13426268866&r=1&w=2 Discard state is 5 char long, so buffer must be 6. Trivial fix attached. (could apply in all branches) -- Edit bug report at https://bugs.php.net/bug.php?id=63235&edit=1 -- Try a snapshot (PHP 5.4): https://bugs.php.net/fix.php?id=63235&r=trysnapshot54 Try a snapshot (PHP 5.3): https://bugs.php.net/fix.php?id=63235&r=trysnapshot53 Try a snapshot (trunk): https://bugs.php.net/fix.php?id=63235&r=trysnapshottrunk Fixed in SVN: https://bugs.php.net/fix.php?id=63235&r=fixed Fixed in release: https://bugs.php.net/fix.php?id=63235&r=alreadyfixed Need backtrace: https://bugs.php.net/fix.php?id=63235&r=needtrace Need Reproduce Script: https://bugs.php.net/fix.php?id=63235&r=needscript Try newer version: https://bugs.php.net/fix.php?id=63235&r=oldversion Not developer issue:https://bugs.php.net/fix.php?id=63235&r=support Expected behavior: https://bugs.php.net/fix.php?id=63235&r=notwrong Not enough info: https://bugs.php.net/fix.php?id=63235&r=notenoughinfo Submitted twice: https://bugs.php.net/fix.php?id=63235&r=submittedtwice register_globals: https://bugs.php.net/fix.php?id=63235&r=globals PHP 4 support discontinued: https://bugs.php.net/fix.php?id=63235&r=php4 Daylight Savings: https://bugs.php.net/fix.php?id=63235&r=dst IIS Stability: https://bugs.php.net/fix.php?id=63235&r=isapi Install GNU Sed:https://bugs.php.net/fix.php?id=63235&r=gnused Floating point limitations: https://bugs.php.net/fix.php?id=63235&r=float No Zend Extensions: https://bugs.php.net/fix.php?id=63235&r=nozend MySQL Configuration Error: https://bugs.php.net/fix.php?id=63235&r=mysqlcfg
Bug #63219 [Asn]: Segfault when aliasing trait method when autoloader throws excpetion
Edit report at https://bugs.php.net/bug.php?id=63219&edit=1
ID: 63219
Updated by: dmi...@php.net
Reported by:maciej dot sz at gmail dot com
Summary:Segfault when aliasing trait method when autoloader
throws excpetion
Status: Assigned
Type: Bug
Package:Reproducible crash
Operating System: 3.2.0-31-generic #50-Ubuntu
PHP Version:5.4Git-2012-10-04 (snap)
-Assigned To:dmitry
+Assigned To:laruence
Block user comment: N
Private report: N
New Comment:
I think you patch is OK. Please commit it.
Previous Comments:
[2012-10-05 01:57:57] larue...@php.net
I think there is no need to call autoload in USE block, and it should check the
fetch result, I have attached a patch,
but I am not sure what the warning message should be...
[2012-10-05 01:56:09] larue...@php.net
The following patch has been added/updated:
Patch Name: bug63219.patch
Revision: 1349402169
URL:
https://bugs.php.net/patch-display.php?bug=63219&patch=bug63219.patch&revision=1349402169
[2012-10-04 18:43:59] maciej dot sz at gmail dot com
Description:
Class contains "use" statement of a trait. Method alias statement for that
trait contains a typo in the trait name. The autoloader throws exception and
then the segfault occurs.
(gdb) p zend_fetch_class(cur_method_ref->class_name, cur_method_ref->cname_len,
14)
$5 = (zend_class_entry *) 0x0
Test script:
---
---
file TFoo.php
inconsistent==HT_OK) {
(gdb) bt
#0 0x009863c8 in _zend_is_inconsistent (ht=0x28,
file=0xfb0948 "/home/maciek/Downloads/php-5.4.7/Zend/zend_hash.c", line=969)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_hash.c:54
#1 0x009890f5 in zend_hash_exists (ht=0x28, arKey=0x77fc5aa0
"foomethodd", nKeyLength=11)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_hash.c:969
#2 0x00952839 in zend_traits_init_trait_structures (ce=0x77fc5108)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_compile.c:4037
#3 0x00953a4a in zend_do_bind_traits (ce=0x77fc5108)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_compile.c:4370
#4 0x009b79ee in ZEND_BIND_TRAITS_SPEC_HANDLER
(execute_data=0x77f88500)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_vm_execute.h:1027
#5 0x009b42f6 in execute (op_array=0x77fc0da8)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_vm_execute.h:410
#6 0x009639b8 in zend_call_function (fci=0x7fffa1a0,
fci_cache=0x7fffa1f0)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_execute_API.c:958
#7 0x009956b5 in zend_call_method (object_pp=0x0, obj_ce=0x0,
fn_proxy=0x77fc41e0,
function_name=0x77fc17f8 "closure::__invoke\001", function_name_len=22,
retval_ptr_ptr=0x7fffa2e0, param_count=1, arg1=0x77fbf5d0, arg2=0x0)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_interfaces.c:97
#8 0x007a087c in zif_spl_autoload_call (ht=1,
return_value=0x77fc40d8,
return_value_ptr=0x7fffa728, this_ptr=0x0, return_value_used=1)
at /home/maciek/Downloads/php-5.4.7/ext/spl/php_spl.c:436
#9 0x00963b92 in zend_call_function (fci=0x7fffa670,
fci_cache=0x7fffa6c0)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_execute_API.c:980
#10 0x00964520 in zend_lookup_class_ex (name=0x77eb72f8 "bar\\C",
name_length=5,
key=0x77fc24d8, use_autoload=1, ce=0x7fffa7c0)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_execute_API.c:1127
#11 0x00965230 in zend_fetch_class_by_name (class_name=0x77eb72f8
"bar\\C",
class_name_len=5, key=0x77fc24d8, fetch_type=4)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_execute_API.c:1607
#12 0x009b8690 in ZEND_FETCH_CLASS_SPEC_CONST_HANDLER
(execute_data=0x77f880e8)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_vm_execute.h:1173
#13 0x009b42f6 in execute (op_array=0x77fc04c8)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_vm_execute.h:410
#14 0x00976e13 in zend_execute_scripts (type=8, retval=0x0,
file_count=3)
at /home/maciek/Downloads/php-5.4.7/Zend/zend.c:1286
#15 0x008e9732 in php_execute_script (primary_file=0x7fffce40)
at /home/maciek/Downloads/php-5.4.7/main/main.c:2473
#16 0x00abfa95 in do_cli (argc=2, argv=0x7fffe228)
at /home/maciek/Downloads/php-5.4.7/sapi/cli/php_cli.c:988
#17 0x00ac0bce in main (argc=2, argv=0x7fffe228)
at /home/maciek/Downloads/php-5.4.7/sapi/cli/php_cli.c:1364
(gdb) f 2
#2 0x00952839 in zend_traits_init_trait_structures (ce=0x77fc5108)
at /home/maciek/Downloads/php-5.4.7/Zend/zend_compil
