from:"misc at sopic dot com"

#29656 [NEW]: $mysqli-num_rows causes segfault

2004-08-13 Thread misc at sopic dot com

From: misc at sopic dot com
Operating system: Suse Linux 9.0
PHP version:  5.0.1
PHP Bug Type: Reproducible crash
Bug description:  $mysqli-num_rows causes segfault

Description:

Execution of the code below causes Apache 2.0.49 (Prefork) to exit with a
segfault.

Apache error_log:
[Fri Aug 13 17:03:35 2004] [notice] child pid 7022 exit signal
Segmentation fault (11)
[Fri Aug 13 17:10:07 2004] [notice] child pid 7023 exit signal
Segmentation fault (11)
[Fri Aug 13 17:10:08 2004] [notice] child pid 7024 exit signal
Segmentation fault (11)
[Fri Aug 13 17:10:08 2004] [notice] child pid 7026 exit signal
Segmentation fault (11)
[Fri Aug 13 17:10:08 2004] [notice] child pid 7168 exit signal
Segmentation fault (11)

'./configure' '--with-apxs2=/usr/local/apache2-php5/bin/apxs'
'--without-mysql' '--with-mysqli=/usr/local/mysql-4.1/bin/mysql_config'
'--with-zlib' '--with-xml' '--with-gd' '--with-ttf=/usr'
'--with-jpeg-dir=/usr' '--with-xpm-dir=/usr' '--enable-gd-native-ttf'
'--with-mcrypt=/usr' '--enable-calendar' '--enable-bcmath' '--with-dom'
'--with-xmlrpc' '--with-gettext' '--with-ftp' '--enable-shared'
'--enable-memory-limit' '--with-freetype-dir=/usr' '--with-ldap=/usr'
'--disable-short-tags' '--with-dom=/usr' '--enable-debug'

MySQL is self compiled MySQL 4.1.3-beta.

Reproduce code:
---
?php
echo date('r').hr;
$mysqli = new mysqli(localhost, root, , test, '3307',
'/tmp/mysql-4.1.sock');
if (mysqli_connect_errno()) {
   printf(Connect failed: %s\n, mysqli_connect_error());
   exit();
}
print_r($mysqli);
if ($result = $mysqli-query(SELECT * FROM test)) {
   $row_cnt = $result-num_rows;
   printf(Result set has %d rows.\n, $row_cnt);
   $result-close();
}
$mysqli-close();
? 

Expected result:

Int with number of affected rows.

Actual result:
--
[New Thread 16384 (LWP 7410)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 7410)]
0x403162fc in mysqli_read_property (object=0x820895c, member=0x820d7ec,
type=0) at /usr/local/src/php-5.0.1/ext/mysqli/mysqli.c:204
204 if (!obj-ptr ||
(gdb) bt
#0  0x403162fc in mysqli_read_property (object=0x820895c,
member=0x820d7ec, type=0) at
/usr/local/src/php-5.0.1/ext/mysqli/mysqli.c:204
#1  0x40496db2 in zend_fetch_property_address_read (result=0x820d7c0,
op1=0x820d7d4, op2=0x820d7e8, Ts=0xbfffcc90, type=0)
at /usr/local/src/php-5.0.1/Zend/zend_execute.c:1158
#2  0x40499700 in zend_fetch_obj_r_handler (execute_data=0xbfffcf50,
opline=0x820d7bc, op_array=0x8208804)
at /usr/local/src/php-5.0.1/Zend/zend_execute.c:2129
#3  0x4049776e in execute (op_array=0x8208804) at
/usr/local/src/php-5.0.1/Zend/zend_execute.c:1400
#4  0x40473fcd in zend_execute_scripts (type=8, retval=0x0, file_count=3)
at /usr/local/src/php-5.0.1/Zend/zend.c:1061
#5  0x4042c967 in php_execute_script (primary_file=0xb200) at
/usr/local/src/php-5.0.1/main/main.c:1627
#6  0x404a46ee in php_handler (r=0x81f7888) at
/usr/local/src/php-5.0.1/sapi/apache2handler/sapi_apache2.c:535
#7  0x0807d83b in ap_run_handler (r=0x81f7888) at config.c:152
#8  0x0807ddbe in ap_invoke_handler (r=0x81f7888) at config.c:358
#9  0x0806c98b in ap_process_request (r=0x81f7888) at http_request.c:246
#10 0x080686ac in ap_process_http_connection (c=0x81f3098) at
http_core.c:250
#11 0x080874db in ap_run_process_connection (c=0x81f3098) at
connection.c:42
#12 0x0807c31d in child_main (child_num_arg=2) at prefork.c:609
#13 0x0807c42d in make_child (s=0x80dbf18, slot=0) at prefork.c:649
#14 0x0807c4f4 in startup_children (number_to_start=5) at prefork.c:721
#15 0x0807cb5d in ap_mpm_run (_pconf=0x80d97e8, plog=0x81118c8, s=0x0) at
prefork.c:940
#16 0x08081f7a in main (argc=2, argv=0xb584) at main.c:617

-- 
Edit bug report at http://bugs.php.net/?id=29656edit=1
-- 
Try a CVS snapshot (php4):  http://bugs.php.net/fix.php?id=29656r=trysnapshot4
Try a CVS snapshot (php5):  http://bugs.php.net/fix.php?id=29656r=trysnapshot5
Fixed in CVS:   http://bugs.php.net/fix.php?id=29656r=fixedcvs
Fixed in release:   http://bugs.php.net/fix.php?id=29656r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=29656r=needtrace
Need Reproduce Script:  http://bugs.php.net/fix.php?id=29656r=needscript
Try newer version:  http://bugs.php.net/fix.php?id=29656r=oldversion
Not developer issue:http://bugs.php.net/fix.php?id=29656r=support
Expected behavior:  http://bugs.php.net/fix.php?id=29656r=notwrong
Not enough info:http://bugs.php.net/fix.php?id=29656r=notenoughinfo
Submitted twice:http://bugs.php.net/fix.php?id=29656r=submittedtwice
register_globals:   http://bugs.php.net/fix.php?id=29656r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=29656r=php3
Daylight Savings:   http://bugs.php.net/fix.php?id=29656r=dst
IIS Stability:  http://bugs.php.net/fix.php?id=29656r=isapi
Install GNU Sed

#29437 [NEW]: array_walk_recursive causes segfault

2004-07-28 Thread misc at sopic dot com

From: misc at sopic dot com
Operating system: Suse Linux 9.0
PHP version:  5.0.0
PHP Bug Type: Reproducible crash
Bug description:  array_walk_recursive causes segfault

Description:

Execution of the code below causes Apache 2.0.49 (Prefork) to exit with a
segfault.

Apache error_log:

[Wed Jul 28 23:25:22 2004] [notice] child pid 30256 exit signal
Segmentation fault (11)
[Wed Jul 28 23:25:23 2004] [notice] child pid 30252 exit signal
Segmentation fault (11)
[Wed Jul 28 23:25:23 2004] [notice] child pid 32257 exit signal
Segmentation fault (11)
[Wed Jul 28 23:25:24 2004] [notice] child pid 32314 exit signal
Segmentation fault (11)
[Wed Jul 28 23:25:25 2004] [notice] child pid 32316 exit signal
Segmentation fault (11)

'./configure' '--with-apxs2=/usr/local/apache2-php5/bin/apxs'
'--with-mysql=/usr/local/mysql' '--with-zlib' '--with-xml' '--with-gd'
'--with-ttf=/usr' '--with-jpeg-dir=/usr' '--with-xpm-dir=/usr'
'--enable-gd-native-ttf' '--with-mcrypt=/usr' '--enable-calendar'
'--enable-bcmath' '--with-dom' '--with-xmlrpc' '--with-gettext'
'--with-ftp' '--enable-shared' '--enable-memory-limit'
'--with-freetype-dir=/usr' '--with-ldap=/usr' '--disable-short-tags'
'--with-dom=/usr'

Reproduce code:
---
?php 

function mysqlEscapeArray ($array)
{
if (!is_array($array)) {
return false;   
}

function my_escape_function ($value, $key)
{
$value = mysql_escape_string($value);
}

array_walk_recursive($array, 'my_escape_function');

return true;
}

$foobar = array('test' = array(foo = Zack's Laptop));
mysqlEscapeArray($foobar);

?

Expected result:

Array with escaped values

Actual result:
--
[New Thread 16384 (LWP 9165)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 9165)]
0x401ab05a in _int_malloc () from /lib/i686/libc.so.6
(gdb) bt
#0  0x401ab05a in _int_malloc () from /lib/i686/libc.so.6
#1  0x401aa06c in malloc () from /lib/i686/libc.so.6
#2  0x403f34e6 in _emalloc (size=256) at
/usr/local/src/php-5.0.0/Zend/zend_alloc.c:182
#3  0x40406957 in zend_stack_init (stack=0x404cd2dc) at
/usr/local/src/php-5.0.0/Zend/zend_stack.c:28
#4  0x403fd9eb in shutdown_executor () at
/usr/local/src/php-5.0.0/Zend/zend_execute_API.c:232
#5  0x40408060 in zend_deactivate () at
/usr/local/src/php-5.0.0/Zend/zend.c:819
#6  0x403d0e50 in php_request_shutdown (dummy=0x0) at
/usr/local/src/php-5.0.0/main/main.c:1212
#7  0x4043b1da in php_apache_request_dtor (r=0x81ed8b0) at
/usr/local/src/php-5.0.0/sapi/apache2handler/sapi_apache2.c:435
#8  0x4043b5fd in php_handler (r=0x81ed8b0) at
/usr/local/src/php-5.0.0/sapi/apache2handler/sapi_apache2.c:551
#9  0x0807d83b in ap_run_handler (r=0x81ed8b0) at config.c:152
#10 0x0807ddbe in ap_invoke_handler (r=0x81ed8b0) at config.c:358
#11 0x0806c98b in ap_process_request (r=0x81ed8b0) at http_request.c:246
#12 0x080686ac in ap_process_http_connection (c=0x81e90c0) at
http_core.c:250
#13 0x080874db in ap_run_process_connection (c=0x81e90c0) at
connection.c:42
#14 0x0807c31d in child_main (child_num_arg=1076259452) at prefork.c:609
#15 0x0807c42d in make_child (s=0x80dbf18, slot=0) at prefork.c:649
#16 0x0807c4f4 in startup_children (number_to_start=5) at prefork.c:721
#17 0x0807cb5d in ap_mpm_run (_pconf=0x80d97e8, plog=0x81118c8, s=0x0) at
prefork.c:940
#18 0x08081f7a in main (argc=2, argv=0xb594) at main.c:617

-- 
Edit bug report at http://bugs.php.net/?id=29437edit=1
-- 
Try a CVS snapshot (php4):  http://bugs.php.net/fix.php?id=29437r=trysnapshot4
Try a CVS snapshot (php5):  http://bugs.php.net/fix.php?id=29437r=trysnapshot5
Fixed in CVS:   http://bugs.php.net/fix.php?id=29437r=fixedcvs
Fixed in release:   http://bugs.php.net/fix.php?id=29437r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=29437r=needtrace
Need Reproduce Script:  http://bugs.php.net/fix.php?id=29437r=needscript
Try newer version:  http://bugs.php.net/fix.php?id=29437r=oldversion
Not developer issue:http://bugs.php.net/fix.php?id=29437r=support
Expected behavior:  http://bugs.php.net/fix.php?id=29437r=notwrong
Not enough info:http://bugs.php.net/fix.php?id=29437r=notenoughinfo
Submitted twice:http://bugs.php.net/fix.php?id=29437r=submittedtwice
register_globals:   http://bugs.php.net/fix.php?id=29437r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=29437r=php3
Daylight Savings:   http://bugs.php.net/fix.php?id=29437r=dst
IIS Stability:  http://bugs.php.net/fix.php?id=29437r=isapi
Install GNU Sed:http://bugs.php.net/fix.php?id=29437r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=29437r=float

#29656 [NEW]: $mysqli-num_rows causes segfault

#29437 [NEW]: array_walk_recursive causes segfault

2 matches

Site Navigation

Mail list logo

Footer information