#31273 [Fbk-Opn]: Analog of #29402 for php 4.3.x

[rvs at angara dot ru]

 ID:   31273
 User updated by:  rvs at angara dot ru
 Reported By:  rvs at angara dot ru
-Status:   Feedback
+Status:   Open
 Bug Type: OCI8 related
 Operating System: Solaris 9
 PHP Version:  4.3.10
 New Comment:

Ok this modification method works,
it's a pity that no permanent patch
will be provided for 4.3.x...
Suggest to mark this bug RESOLVED.


Previous Comments:


[2004-12-24 10:28:52] [EMAIL PROTECTED]

The patch mentioned in #29402 will not be backported to 4.3.x branch,
so you need to figure out where your libs are and change /lib in
ext/oci8/config.m4 to the right dir (/lib32, probably ?). Run
./buildconf after that and it should work.
Tell me if something will go wrong.

OR you can get latest stable 5.0.x release and it will work for you
without any modifications.



[2004-12-23 21:25:55] rvs at angara dot ru

Ok tried latest snapshot. The bug still not fixed.
./configure fails due to wrong oracle library model
chosen, please see the config.log entry:

configure:67926: checking for fork
configure:67954: gcc -o conftest -DEAPI  -D_POSIX_PTHREAD_SEMANTICS
-L/usr/local/BerkeleyDB.3.3/lib  -R/usr/ucblib -L/usr/ucblib
-R/usr/local/lib/gcc-lib/sparc-sun-solaris2.9/3.3.1
-L/usr/local/lib/gcc-lib/sparc-sun-solaris2.9/3.3.1
-R/usr/local/ssl/lib -L/usr/local/ssl/lib -R/usr/local/lib
-L/usr/local/lib -R/usr/local/BerkeleyDB.3.3/lib
-L/usr/local/BerkeleyDB.3.3/lib -R/export/home/rvs/src/imap-2002e/lib
-L/export/home/rvs/src/imap-2002e/lib -R/oracle/orahome/oracle9i/lib
-L/oracle/orahome/oracle9i/lib conftest.c -lsybdb -lmcrypt -lltdl
-lldap -llber -lcrypt -lpam -liconv -lintl -lgd -lz -ldb-3.3 -ldb-3.3
-lcurl -lz -lssl -lcrypto -lresolv -lm -ldl -lnsl -lsocket  -lgcc
-lcurl -lz -lssl -lcrypto -ldl -lsocket -lnsl -lz -lxml2 -lz -liconv
-lm -lsocket -lnsl -lnsl -lsocket -lgen -ldl -lclntsh 15
ld: fatal: file /oracle/orahome/oracle9i/lib/libclntsh.so: wrong ELF
class: ELFCLASS64
ld: fatal: File processing errors. No output written to conftest
collect2: ld returned 1 exit status
configure: failed program was:
#line 67931 configure
#include confdefs.h
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char fork(); below.  */
#include assert.h
/* Override any gcc2 internal prototype to avoid an error.  */
/* We use char because int might match the return type of a gcc2
builtin and then its argument prototype would still apply.  */
char fork();

int main() {

/* The GNU C library defines this for functions which it implements
to always fail with ENOSYS.  Some functions are actually named
something starting with __ and the normal name is an alias.  */
#if defined (__stub_fork) || defined (__stub___fork)
choke me
#else
fork();
#endif

; return 0; }



[2004-12-23 21:16:09] [EMAIL PROTECTED]

Please try using this CVS snapshot:

  http://snaps.php.net/php4-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-STABLE-latest.zip



[2004-12-23 21:04:20] rvs at angara dot ru

Description:

The same situation as in #29402 encountered
with php 4.3.10 + Oracle 9.2.0.
The ./configure script fails, and php won't compile.
In 4.3.x this issue is not fixed.







-- 
Edit this bug report at http://bugs.php.net/?id=31273edit=1

#31273 [Opn-Csd]: Analog of #29402 for php 4.3.x

[rvs at angara dot ru]

 ID:   31273
 User updated by:  rvs at angara dot ru
 Reported By:  rvs at angara dot ru
-Status:   Open
+Status:   Closed
 Bug Type: OCI8 related
 Operating System: Solaris 9
 PHP Version:  4.3.10
 New Comment:

The bug seems to be resolved.


Previous Comments:


[2004-12-24 10:47:56] rvs at angara dot ru

Ok this modification method works,
it's a pity that no permanent patch
will be provided for 4.3.x...
Suggest to mark this bug RESOLVED.



[2004-12-24 10:28:52] [EMAIL PROTECTED]

The patch mentioned in #29402 will not be backported to 4.3.x branch,
so you need to figure out where your libs are and change /lib in
ext/oci8/config.m4 to the right dir (/lib32, probably ?). Run
./buildconf after that and it should work.
Tell me if something will go wrong.

OR you can get latest stable 5.0.x release and it will work for you
without any modifications.



[2004-12-23 21:25:55] rvs at angara dot ru

Ok tried latest snapshot. The bug still not fixed.
./configure fails due to wrong oracle library model
chosen, please see the config.log entry:

configure:67926: checking for fork
configure:67954: gcc -o conftest -DEAPI  -D_POSIX_PTHREAD_SEMANTICS
-L/usr/local/BerkeleyDB.3.3/lib  -R/usr/ucblib -L/usr/ucblib
-R/usr/local/lib/gcc-lib/sparc-sun-solaris2.9/3.3.1
-L/usr/local/lib/gcc-lib/sparc-sun-solaris2.9/3.3.1
-R/usr/local/ssl/lib -L/usr/local/ssl/lib -R/usr/local/lib
-L/usr/local/lib -R/usr/local/BerkeleyDB.3.3/lib
-L/usr/local/BerkeleyDB.3.3/lib -R/export/home/rvs/src/imap-2002e/lib
-L/export/home/rvs/src/imap-2002e/lib -R/oracle/orahome/oracle9i/lib
-L/oracle/orahome/oracle9i/lib conftest.c -lsybdb -lmcrypt -lltdl
-lldap -llber -lcrypt -lpam -liconv -lintl -lgd -lz -ldb-3.3 -ldb-3.3
-lcurl -lz -lssl -lcrypto -lresolv -lm -ldl -lnsl -lsocket  -lgcc
-lcurl -lz -lssl -lcrypto -ldl -lsocket -lnsl -lz -lxml2 -lz -liconv
-lm -lsocket -lnsl -lnsl -lsocket -lgen -ldl -lclntsh 15
ld: fatal: file /oracle/orahome/oracle9i/lib/libclntsh.so: wrong ELF
class: ELFCLASS64
ld: fatal: File processing errors. No output written to conftest
collect2: ld returned 1 exit status
configure: failed program was:
#line 67931 configure
#include confdefs.h
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char fork(); below.  */
#include assert.h
/* Override any gcc2 internal prototype to avoid an error.  */
/* We use char because int might match the return type of a gcc2
builtin and then its argument prototype would still apply.  */
char fork();

int main() {

/* The GNU C library defines this for functions which it implements
to always fail with ENOSYS.  Some functions are actually named
something starting with __ and the normal name is an alias.  */
#if defined (__stub_fork) || defined (__stub___fork)
choke me
#else
fork();
#endif

; return 0; }



[2004-12-23 21:16:09] [EMAIL PROTECTED]

Please try using this CVS snapshot:

  http://snaps.php.net/php4-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-STABLE-latest.zip



[2004-12-23 21:04:20] rvs at angara dot ru

Description:

The same situation as in #29402 encountered
with php 4.3.10 + Oracle 9.2.0.
The ./configure script fails, and php won't compile.
In 4.3.x this issue is not fixed.







-- 
Edit this bug report at http://bugs.php.net/?id=31273edit=1

#31273 [Csd]: Analog of #29402 for php 4.3.x

[rvs at angara dot ru]

 ID:   31273
 User updated by:  rvs at angara dot ru
 Reported By:  rvs at angara dot ru
 Status:   Closed
 Bug Type: OCI8 related
 Operating System: Solaris 9
 PHP Version:  4.3.10
 New Comment:

I see the patch #29402 for php 5.0.x
is not incorporated into config.m4 in
php 5.0.3 release and even in latest stable snapshot.
So we still need some modifications of config.m4.
Why not incorporate the patch permanently?


Previous Comments:


[2004-12-24 10:50:13] rvs at angara dot ru

The bug seems to be resolved.



[2004-12-24 10:47:56] rvs at angara dot ru

Ok this modification method works,
it's a pity that no permanent patch
will be provided for 4.3.x...
Suggest to mark this bug RESOLVED.



[2004-12-24 10:28:52] [EMAIL PROTECTED]

The patch mentioned in #29402 will not be backported to 4.3.x branch,
so you need to figure out where your libs are and change /lib in
ext/oci8/config.m4 to the right dir (/lib32, probably ?). Run
./buildconf after that and it should work.
Tell me if something will go wrong.

OR you can get latest stable 5.0.x release and it will work for you
without any modifications.



[2004-12-23 21:25:55] rvs at angara dot ru

Ok tried latest snapshot. The bug still not fixed.
./configure fails due to wrong oracle library model
chosen, please see the config.log entry:

configure:67926: checking for fork
configure:67954: gcc -o conftest -DEAPI  -D_POSIX_PTHREAD_SEMANTICS
-L/usr/local/BerkeleyDB.3.3/lib  -R/usr/ucblib -L/usr/ucblib
-R/usr/local/lib/gcc-lib/sparc-sun-solaris2.9/3.3.1
-L/usr/local/lib/gcc-lib/sparc-sun-solaris2.9/3.3.1
-R/usr/local/ssl/lib -L/usr/local/ssl/lib -R/usr/local/lib
-L/usr/local/lib -R/usr/local/BerkeleyDB.3.3/lib
-L/usr/local/BerkeleyDB.3.3/lib -R/export/home/rvs/src/imap-2002e/lib
-L/export/home/rvs/src/imap-2002e/lib -R/oracle/orahome/oracle9i/lib
-L/oracle/orahome/oracle9i/lib conftest.c -lsybdb -lmcrypt -lltdl
-lldap -llber -lcrypt -lpam -liconv -lintl -lgd -lz -ldb-3.3 -ldb-3.3
-lcurl -lz -lssl -lcrypto -lresolv -lm -ldl -lnsl -lsocket  -lgcc
-lcurl -lz -lssl -lcrypto -ldl -lsocket -lnsl -lz -lxml2 -lz -liconv
-lm -lsocket -lnsl -lnsl -lsocket -lgen -ldl -lclntsh 15
ld: fatal: file /oracle/orahome/oracle9i/lib/libclntsh.so: wrong ELF
class: ELFCLASS64
ld: fatal: File processing errors. No output written to conftest
collect2: ld returned 1 exit status
configure: failed program was:
#line 67931 configure
#include confdefs.h
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char fork(); below.  */
#include assert.h
/* Override any gcc2 internal prototype to avoid an error.  */
/* We use char because int might match the return type of a gcc2
builtin and then its argument prototype would still apply.  */
char fork();

int main() {

/* The GNU C library defines this for functions which it implements
to always fail with ENOSYS.  Some functions are actually named
something starting with __ and the normal name is an alias.  */
#if defined (__stub_fork) || defined (__stub___fork)
choke me
#else
fork();
#endif

; return 0; }



[2004-12-23 21:16:09] [EMAIL PROTECTED]

Please try using this CVS snapshot:

  http://snaps.php.net/php4-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-STABLE-latest.zip



The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/31273

-- 
Edit this bug report at http://bugs.php.net/?id=31273edit=1

#31273 [NEW]: Analog of #29402 for php 4.3.x

[rvs at angara dot ru]

From: rvs at angara dot ru
Operating system: Solaris 9
PHP version:  4.3.10
PHP Bug Type: OCI8 related
Bug description:  Analog of #29402 for php 4.3.x

Description:

The same situation as in #29402 encountered
with php 4.3.10 + Oracle 9.2.0.
The ./configure script fails, and php won't compile.
In 4.3.x this issue is not fixed.



-- 
Edit bug report at http://bugs.php.net/?id=31273edit=1
-- 
Try a CVS snapshot (php4):   http://bugs.php.net/fix.php?id=31273r=trysnapshot4
Try a CVS snapshot (php5.0): 
http://bugs.php.net/fix.php?id=31273r=trysnapshot50
Try a CVS snapshot (php5.1): 
http://bugs.php.net/fix.php?id=31273r=trysnapshot51
Fixed in CVS:http://bugs.php.net/fix.php?id=31273r=fixedcvs
Fixed in release:http://bugs.php.net/fix.php?id=31273r=alreadyfixed
Need backtrace:  http://bugs.php.net/fix.php?id=31273r=needtrace
Need Reproduce Script:   http://bugs.php.net/fix.php?id=31273r=needscript
Try newer version:   http://bugs.php.net/fix.php?id=31273r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=31273r=support
Expected behavior:   http://bugs.php.net/fix.php?id=31273r=notwrong
Not enough info: 
http://bugs.php.net/fix.php?id=31273r=notenoughinfo
Submitted twice: 
http://bugs.php.net/fix.php?id=31273r=submittedtwice
register_globals:http://bugs.php.net/fix.php?id=31273r=globals
PHP 3 support discontinued:  http://bugs.php.net/fix.php?id=31273r=php3
Daylight Savings:http://bugs.php.net/fix.php?id=31273r=dst
IIS Stability:   http://bugs.php.net/fix.php?id=31273r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=31273r=gnused
Floating point limitations:  http://bugs.php.net/fix.php?id=31273r=float
No Zend Extensions:  http://bugs.php.net/fix.php?id=31273r=nozend
MySQL Configuration Error:   http://bugs.php.net/fix.php?id=31273r=mysqlcfg

#31273 [Fbk-Opn]: Analog of #29402 for php 4.3.x

[rvs at angara dot ru]

 ID:   31273
 User updated by:  rvs at angara dot ru
 Reported By:  rvs at angara dot ru
-Status:   Feedback
+Status:   Open
 Bug Type: OCI8 related
 Operating System: Solaris 9
 PHP Version:  4.3.10
 New Comment:

Ok tried latest snapshot. The bug still not fixed.
./configure fails due to wrong oracle library model
chosen, please see the config.log entry:

configure:67926: checking for fork
configure:67954: gcc -o conftest -DEAPI  -D_POSIX_PTHREAD_SEMANTICS
-L/usr/local/BerkeleyDB.3.3/lib  -R/usr/ucblib -L/usr/ucblib
-R/usr/local/lib/gcc-lib/sparc-sun-solaris2.9/3.3.1
-L/usr/local/lib/gcc-lib/sparc-sun-solaris2.9/3.3.1
-R/usr/local/ssl/lib -L/usr/local/ssl/lib -R/usr/local/lib
-L/usr/local/lib -R/usr/local/BerkeleyDB.3.3/lib
-L/usr/local/BerkeleyDB.3.3/lib -R/export/home/rvs/src/imap-2002e/lib
-L/export/home/rvs/src/imap-2002e/lib -R/oracle/orahome/oracle9i/lib
-L/oracle/orahome/oracle9i/lib conftest.c -lsybdb -lmcrypt -lltdl
-lldap -llber -lcrypt -lpam -liconv -lintl -lgd -lz -ldb-3.3 -ldb-3.3
-lcurl -lz -lssl -lcrypto -lresolv -lm -ldl -lnsl -lsocket  -lgcc
-lcurl -lz -lssl -lcrypto -ldl -lsocket -lnsl -lz -lxml2 -lz -liconv
-lm -lsocket -lnsl -lnsl -lsocket -lgen -ldl -lclntsh 15
ld: fatal: file /oracle/orahome/oracle9i/lib/libclntsh.so: wrong ELF
class: ELFCLASS64
ld: fatal: File processing errors. No output written to conftest
collect2: ld returned 1 exit status
configure: failed program was:
#line 67931 configure
#include confdefs.h
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char fork(); below.  */
#include assert.h
/* Override any gcc2 internal prototype to avoid an error.  */
/* We use char because int might match the return type of a gcc2
builtin and then its argument prototype would still apply.  */
char fork();

int main() {

/* The GNU C library defines this for functions which it implements
to always fail with ENOSYS.  Some functions are actually named
something starting with __ and the normal name is an alias.  */
#if defined (__stub_fork) || defined (__stub___fork)
choke me
#else
fork();
#endif

; return 0; }


Previous Comments:


[2004-12-23 21:16:09] [EMAIL PROTECTED]

Please try using this CVS snapshot:

  http://snaps.php.net/php4-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-STABLE-latest.zip



[2004-12-23 21:04:20] rvs at angara dot ru

Description:

The same situation as in #29402 encountered
with php 4.3.10 + Oracle 9.2.0.
The ./configure script fails, and php won't compile.
In 4.3.x this issue is not fixed.







-- 
Edit this bug report at http://bugs.php.net/?id=31273edit=1

#29652 [Com]: number of FD to ocius.msg is growing

[rvs at angara dot ru]

 ID:   29652
 Comment by:   rvs at angara dot ru
 Reported By:  yannick at agl dot fr
 Status:   Feedback
 Bug Type: OCI8 related
 Operating System: Linux Redhat 7.3
 PHP Version:  4.3.7
 New Comment:

Tony I've sent you an experiment results
in reply to your private email. Hope you
did received it.


Previous Comments:


[2004-09-16 18:48:56] rvs at angara dot ru

Well the backtrace is quite simple:

GNU gdb 6.2.1
This GDB was configured as sparc-sun-solaris2.9...
Core was generated by `./php ./x.php'.
Program terminated with signal 11, Segmentation fault.
[SKIPPED READING SYMBOLS]
(gdb) bt
#0  0x002c4b74 in shutdown_memory_manager ()
#1  0x0027d3d0 in php_module_shutdown ()
#2  0x0033525c in main ()



[2004-09-16 14:42:22] [EMAIL PROTECTED]

Please, generate a gdb backtrace, it works fine for me.



[2004-09-16 14:35:01] rvs at angara dot ru

Yes it works perfectly for FDs but introduces segfault at php shutdown,
when I use the code:

for ($i=0; $i  200; $i++)
 {
$c1 = @ociplogon($valid_user, $valid_password, $db);
 }

Note that the credentials are valid here.
It seems that the ENV handle is freed more than once somewhere :-)



[2004-09-16 14:16:51] [EMAIL PROTECTED]

Well, yes, of course Solaris  Linux clients are different, but initial
report states that this issue was reproduced under Linux.
I updated the patch (revers the old one before applying this), you can
get at the same URL.
Btw, this version of the patch should fix another issue: it reports
memleaks for me with ocilogon() and invalid password/login. 
Try it out and tell me if it works under Solaris.



[2004-09-16 11:47:03] rvs at angara dot ru

P.S. I think you can't reproduce this under Linux because of the Oracle
Client software design for Linux may be quite different from Solaris'
one.



The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/29652

-- 
Edit this bug report at http://bugs.php.net/?id=29652edit=1

#29652 [Com]: number of FD to ocius.msg is growing

[rvs at angara dot ru]

 ID:   29652
 Comment by:   rvs at angara dot ru
 Reported By:  yannick at agl dot fr
 Status:   Feedback
 Bug Type: OCI8 related
 Operating System: Linux Redhat 7.3
 PHP Version:  4.3.7
 New Comment:

Tried your patch, it resolves the problem partially.

In fact, only one bad case remains:
C'. using ocilogon()/ociplogon() with invalid credentials.

I mean if you use ocinlogon() with invalid credentials, all works
because the ENV handle is freed for exclusive session explictly by your
patch. So I suppose you should free ENV handle explicitly in the case of
a failed connection/invalid logon also.
Then all will work fine, hope :-)

How about these patches for 4.3.x?

Sergei


Previous Comments:


[2004-09-16 07:49:13] [EMAIL PROTECTED]

Please, try this patch:
http://tony2001.phpclub.net/dev/tmp/bug29652.diff.txt
It was done against HEAD, so please use latest snapshot from
http://snaps.php.net

The problem becomes complicated because I still can't reproduce this
under Linux and Apache 1.3.31, no matter with or without the patch.



[2004-09-15 14:58:08] rvs at angara dot ru

Also note that PHP 5 has similar code for OCIEnvNlsCreate() and frees
environment handle (OCI_HTYPE_ENV) only at shutdown.
So the problem seems to be in PHP 5 also.

Sergei V. Rozinov
Leading RISC-Systems engineer
JSC Sibron, RUSSIA



[2004-09-15 13:59:10] rvs at angara dot ru

I have the same error on php4.3.8/ora9.2.0.1.0/Solaris 9/sparc.

Some details: the .msb file descriptors grow in the following cases:
A. using ocinlogon()
B. using ocilogon() and working as a Apache module
C. using oci*logon() with invalid credentials.

The following code of case C may exhaust filedescriptor limit very
easily and quickly.

for ($i=0; $i  200; $i++)
 @ocilogon($i, $i, $db);

After extensive researching I've found that:
1. the .msb file openings occur when OCIEnvNlsCreate() is called.
2. in ext/oci8.c,v 1.183.2.12 line 2257, function _oci_open_session()
the OCIEnvNlsCreate() invoked when session is not persistent, not
cached, or is exclusive.
3. if the session setup is unsuccessful, the environment handle is not
freed.
4. the environment handle is freed only when PHP shuts down, see line
613.

The result will be filedescriptor and memory leakage in all cases A,B,C
mentioned above. This could lead to security/DOS problem for websites
which use ocilogon()/ocinlogon() or passthrough Oracle authentication
in their php scripts.

Recommendations, workaround:
1. in module mode, avoid using ocilogon(), use ociplogon() instead.
2. avoid using Oracle pass-through authentication (i.e. when username
and password for ociplogon() is given from the website user).
3. fixing oci8.c code to free env handle at least after unsuccessful
logon is necessary.

With regards,
Sergei V. Rozinov
Leading RISC-Systems engineer
JSC Sibron, RUSSIA



[2004-08-23 16:19:59] yannick at agl dot fr

oci library: 9.2.0.3



[2004-08-23 16:08:47] esartoni at omniaglobal dot net

Hey Yannick, could you please tell us what version of oci libraries are
you using?

With php 4.3.8 using oci 8.1.7.0.0 i have no problem at all.



The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/29652

-- 
Edit this bug report at http://bugs.php.net/?id=29652edit=1

#29652 [Com]: number of FD to ocius.msg is growing

[rvs at angara dot ru]

 ID:   29652
 Comment by:   rvs at angara dot ru
 Reported By:  yannick at agl dot fr
 Status:   Feedback
 Bug Type: OCI8 related
 Operating System: Linux Redhat 7.3
 PHP Version:  4.3.7
 New Comment:

P.S. I think you can't reproduce this under Linux because of the Oracle
Client software design for Linux may be quite different from Solaris'
one.


Previous Comments:


[2004-09-16 11:42:04] rvs at angara dot ru

Tried your patch, it resolves the problem partially.

In fact, only one bad case remains:
C'. using ocilogon()/ociplogon() with invalid credentials.

I mean if you use ocinlogon() with invalid credentials, all works
because the ENV handle is freed for exclusive session explictly by your
patch. So I suppose you should free ENV handle explicitly in the case of
a failed connection/invalid logon also.
Then all will work fine, hope :-)

How about these patches for 4.3.x?

Sergei



[2004-09-16 07:49:13] [EMAIL PROTECTED]

Please, try this patch:
http://tony2001.phpclub.net/dev/tmp/bug29652.diff.txt
It was done against HEAD, so please use latest snapshot from
http://snaps.php.net

The problem becomes complicated because I still can't reproduce this
under Linux and Apache 1.3.31, no matter with or without the patch.



[2004-09-15 14:58:08] rvs at angara dot ru

Also note that PHP 5 has similar code for OCIEnvNlsCreate() and frees
environment handle (OCI_HTYPE_ENV) only at shutdown.
So the problem seems to be in PHP 5 also.

Sergei V. Rozinov
Leading RISC-Systems engineer
JSC Sibron, RUSSIA



[2004-09-15 13:59:10] rvs at angara dot ru

I have the same error on php4.3.8/ora9.2.0.1.0/Solaris 9/sparc.

Some details: the .msb file descriptors grow in the following cases:
A. using ocinlogon()
B. using ocilogon() and working as a Apache module
C. using oci*logon() with invalid credentials.

The following code of case C may exhaust filedescriptor limit very
easily and quickly.

for ($i=0; $i  200; $i++)
 @ocilogon($i, $i, $db);

After extensive researching I've found that:
1. the .msb file openings occur when OCIEnvNlsCreate() is called.
2. in ext/oci8.c,v 1.183.2.12 line 2257, function _oci_open_session()
the OCIEnvNlsCreate() invoked when session is not persistent, not
cached, or is exclusive.
3. if the session setup is unsuccessful, the environment handle is not
freed.
4. the environment handle is freed only when PHP shuts down, see line
613.

The result will be filedescriptor and memory leakage in all cases A,B,C
mentioned above. This could lead to security/DOS problem for websites
which use ocilogon()/ocinlogon() or passthrough Oracle authentication
in their php scripts.

Recommendations, workaround:
1. in module mode, avoid using ocilogon(), use ociplogon() instead.
2. avoid using Oracle pass-through authentication (i.e. when username
and password for ociplogon() is given from the website user).
3. fixing oci8.c code to free env handle at least after unsuccessful
logon is necessary.

With regards,
Sergei V. Rozinov
Leading RISC-Systems engineer
JSC Sibron, RUSSIA



[2004-08-23 16:19:59] yannick at agl dot fr

oci library: 9.2.0.3



The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/29652

-- 
Edit this bug report at http://bugs.php.net/?id=29652edit=1

#29652 [Com]: number of FD to ocius.msg is growing

[rvs at angara dot ru]

 ID:   29652
 Comment by:   rvs at angara dot ru
 Reported By:  yannick at agl dot fr
 Status:   Feedback
 Bug Type: OCI8 related
 Operating System: Linux Redhat 7.3
 PHP Version:  4.3.7
 New Comment:

Yes it works perfectly for FDs but introduces segfault at php shutdown,
when I use the code:

for ($i=0; $i  200; $i++)
 {
$c1 = @ociplogon($valid_user, $valid_password, $db);
 }

Note that the credentials are valid here.
It seems that the ENV handle is freed more than once somewhere :-)


Previous Comments:


[2004-09-16 14:16:51] [EMAIL PROTECTED]

Well, yes, of course Solaris  Linux clients are different, but initial
report states that this issue was reproduced under Linux.
I updated the patch (revers the old one before applying this), you can
get at the same URL.
Btw, this version of the patch should fix another issue: it reports
memleaks for me with ocilogon() and invalid password/login. 
Try it out and tell me if it works under Solaris.



[2004-09-16 11:47:03] rvs at angara dot ru

P.S. I think you can't reproduce this under Linux because of the Oracle
Client software design for Linux may be quite different from Solaris'
one.



[2004-09-16 11:42:04] rvs at angara dot ru

Tried your patch, it resolves the problem partially.

In fact, only one bad case remains:
C'. using ocilogon()/ociplogon() with invalid credentials.

I mean if you use ocinlogon() with invalid credentials, all works
because the ENV handle is freed for exclusive session explictly by your
patch. So I suppose you should free ENV handle explicitly in the case of
a failed connection/invalid logon also.
Then all will work fine, hope :-)

How about these patches for 4.3.x?

Sergei



[2004-09-16 07:49:13] [EMAIL PROTECTED]

Please, try this patch:
http://tony2001.phpclub.net/dev/tmp/bug29652.diff.txt
It was done against HEAD, so please use latest snapshot from
http://snaps.php.net

The problem becomes complicated because I still can't reproduce this
under Linux and Apache 1.3.31, no matter with or without the patch.



[2004-09-15 14:58:08] rvs at angara dot ru

Also note that PHP 5 has similar code for OCIEnvNlsCreate() and frees
environment handle (OCI_HTYPE_ENV) only at shutdown.
So the problem seems to be in PHP 5 also.

Sergei V. Rozinov
Leading RISC-Systems engineer
JSC Sibron, RUSSIA



The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/29652

-- 
Edit this bug report at http://bugs.php.net/?id=29652edit=1

#29652 [Com]: number of FD to ocius.msg is growing

[rvs at angara dot ru]

 ID:   29652
 Comment by:   rvs at angara dot ru
 Reported By:  yannick at agl dot fr
 Status:   Feedback
 Bug Type: OCI8 related
 Operating System: Linux Redhat 7.3
 PHP Version:  4.3.7
 New Comment:

Well the backtrace is quite simple:

GNU gdb 6.2.1
This GDB was configured as sparc-sun-solaris2.9...
Core was generated by `./php ./x.php'.
Program terminated with signal 11, Segmentation fault.
[SKIPPED READING SYMBOLS]
(gdb) bt
#0  0x002c4b74 in shutdown_memory_manager ()
#1  0x0027d3d0 in php_module_shutdown ()
#2  0x0033525c in main ()


Previous Comments:


[2004-09-16 14:42:22] [EMAIL PROTECTED]

Please, generate a gdb backtrace, it works fine for me.



[2004-09-16 14:35:01] rvs at angara dot ru

Yes it works perfectly for FDs but introduces segfault at php shutdown,
when I use the code:

for ($i=0; $i  200; $i++)
 {
$c1 = @ociplogon($valid_user, $valid_password, $db);
 }

Note that the credentials are valid here.
It seems that the ENV handle is freed more than once somewhere :-)



[2004-09-16 14:16:51] [EMAIL PROTECTED]

Well, yes, of course Solaris  Linux clients are different, but initial
report states that this issue was reproduced under Linux.
I updated the patch (revers the old one before applying this), you can
get at the same URL.
Btw, this version of the patch should fix another issue: it reports
memleaks for me with ocilogon() and invalid password/login. 
Try it out and tell me if it works under Solaris.



[2004-09-16 11:47:03] rvs at angara dot ru

P.S. I think you can't reproduce this under Linux because of the Oracle
Client software design for Linux may be quite different from Solaris'
one.



[2004-09-16 11:42:04] rvs at angara dot ru

Tried your patch, it resolves the problem partially.

In fact, only one bad case remains:
C'. using ocilogon()/ociplogon() with invalid credentials.

I mean if you use ocinlogon() with invalid credentials, all works
because the ENV handle is freed for exclusive session explictly by your
patch. So I suppose you should free ENV handle explicitly in the case of
a failed connection/invalid logon also.
Then all will work fine, hope :-)

How about these patches for 4.3.x?

Sergei



The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/29652

-- 
Edit this bug report at http://bugs.php.net/?id=29652edit=1

#29652 [Com]: number of FD to ocius.msg is growing

[rvs at angara dot ru]

 ID:   29652
 Comment by:   rvs at angara dot ru
 Reported By:  yannick at agl dot fr
 Status:   Open
 Bug Type: OCI8 related
 Operating System: Linux Redhat 7.3
 PHP Version:  4.3.7
 New Comment:

I have the same error on php4.3.8/ora9.2.0.1.0/Solaris 9/sparc.

Some details: the .msb file descriptors grow in the following cases:
A. using ocinlogon()
B. using ocilogon() and working as a Apache module
C. using oci*logon() with invalid credentials.

The following code of case C may exhaust filedescriptor limit very
easily and quickly.

for ($i=0; $i  200; $i++)
 @ocilogon($i, $i, $db);

After extensive researching I've found that:
1. the .msb file openings occur when OCIEnvNlsCreate() is called.
2. in ext/oci8.c,v 1.183.2.12 line 2257, function _oci_open_session()
the OCIEnvNlsCreate() invoked when session is not persistent, not
cached, or is exclusive.
3. if the session setup is unsuccessful, the environment handle is not
freed.
4. the environment handle is freed only when PHP shuts down, see line
613.

The result will be filedescriptor and memory leakage in all cases A,B,C
mentioned above. This could lead to security/DOS problem for websites
which use ocilogon()/ocinlogon() or passthrough Oracle authentication
in their php scripts.

Recommendations, workaround:
1. in module mode, avoid using ocilogon(), use ociplogon() instead.
2. avoid using Oracle pass-through authentication (i.e. when username
and password for ociplogon() is given from the website user).
3. fixing oci8.c code to free env handle at least after unsuccessful
logon is necessary.

With regards,
Sergei V. Rozinov
Leading RISC-Systems engineer
JSC Sibron, RUSSIA


Previous Comments:


[2004-08-23 16:19:59] yannick at agl dot fr

oci library: 9.2.0.3



[2004-08-23 16:08:47] esartoni at omniaglobal dot net

Hey Yannick, could you please tell us what version of oci libraries are
you using?

With php 4.3.8 using oci 8.1.7.0.0 i have no problem at all.



[2004-08-20 14:43:46] yannick at agl dot fr

i tried with 4.3.8 without HAVE_OCI_9_2
there is no problem. if i defined HAVE_OCI_9_2 the issue occurs.



[2004-08-20 10:26:00] yannick at agl dot fr

tested with php 4.2.3 and php 5.0.1, there is no problem



[2004-08-20 09:13:04] esartoni at omniaglobal dot net

tony, i've already tested it with php 4.3.8 (cannot try with php 5) and
with Solaris SunOS always gives the same problem. I'll try with the
latest snapshot but always in the 4.x tree.



The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/29652

-- 
Edit this bug report at http://bugs.php.net/?id=29652edit=1

#29652 [Com]: number of FD to ocius.msg is growing

[rvs at angara dot ru]

 ID:   29652
 Comment by:   rvs at angara dot ru
 Reported By:  yannick at agl dot fr
 Status:   Open
 Bug Type: OCI8 related
 Operating System: Linux Redhat 7.3
 PHP Version:  4.3.7
 New Comment:

Also note that PHP 5 has similar code for OCIEnvNlsCreate() and frees
environment handle (OCI_HTYPE_ENV) only at shutdown.
So the problem seems to be in PHP 5 also.

Sergei V. Rozinov
Leading RISC-Systems engineer
JSC Sibron, RUSSIA


Previous Comments:


[2004-09-15 13:59:10] rvs at angara dot ru

I have the same error on php4.3.8/ora9.2.0.1.0/Solaris 9/sparc.

Some details: the .msb file descriptors grow in the following cases:
A. using ocinlogon()
B. using ocilogon() and working as a Apache module
C. using oci*logon() with invalid credentials.

The following code of case C may exhaust filedescriptor limit very
easily and quickly.

for ($i=0; $i  200; $i++)
 @ocilogon($i, $i, $db);

After extensive researching I've found that:
1. the .msb file openings occur when OCIEnvNlsCreate() is called.
2. in ext/oci8.c,v 1.183.2.12 line 2257, function _oci_open_session()
the OCIEnvNlsCreate() invoked when session is not persistent, not
cached, or is exclusive.
3. if the session setup is unsuccessful, the environment handle is not
freed.
4. the environment handle is freed only when PHP shuts down, see line
613.

The result will be filedescriptor and memory leakage in all cases A,B,C
mentioned above. This could lead to security/DOS problem for websites
which use ocilogon()/ocinlogon() or passthrough Oracle authentication
in their php scripts.

Recommendations, workaround:
1. in module mode, avoid using ocilogon(), use ociplogon() instead.
2. avoid using Oracle pass-through authentication (i.e. when username
and password for ociplogon() is given from the website user).
3. fixing oci8.c code to free env handle at least after unsuccessful
logon is necessary.

With regards,
Sergei V. Rozinov
Leading RISC-Systems engineer
JSC Sibron, RUSSIA



[2004-08-23 16:19:59] yannick at agl dot fr

oci library: 9.2.0.3



[2004-08-23 16:08:47] esartoni at omniaglobal dot net

Hey Yannick, could you please tell us what version of oci libraries are
you using?

With php 4.3.8 using oci 8.1.7.0.0 i have no problem at all.



[2004-08-20 14:43:46] yannick at agl dot fr

i tried with 4.3.8 without HAVE_OCI_9_2
there is no problem. if i defined HAVE_OCI_9_2 the issue occurs.



[2004-08-20 10:26:00] yannick at agl dot fr

tested with php 4.2.3 and php 5.0.1, there is no problem



The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/29652

-- 
Edit this bug report at http://bugs.php.net/?id=29652edit=1