#24189 [Com]: big problem on stream function

[daniel at haxx dot se]

 ID:   24189
 Comment by:   daniel at haxx dot se
 Reported By:  anton at valuehost dot ru
 Status:   Assigned
 Bug Type: Sockets related
 Operating System: FreeBSD 4.8
 PHP Version:  5CVS, 4CVS
 Assigned To:  wez
 New Comment:

Sorry, but the fix is not _that_ simple.

FD_SETSIZE is a maximum count. Not all operating systems keep the fd
numbers in the sequence 0 - (MAX-1).

Microsoft Windows is one such exception AFAIK.

Thus. It is a lot harder than that to know if you have reached the
FD_SETSIZE maximum in a platform independent way.


Previous Comments:


[2004-07-01 13:53:43] jorton at redhat dot com

This is a real bug.

The issue is that fd_set is a fixed-size array, and if FD_SET is passed
an fd number greater than FD_SETSIZE, it has undefined behaviour, i.e.
it overruns the array and corrupts memory.

All uses of select() in PHP look to be unsafe because of this.  The
proper fix is to use poll() on platforms where it is available, and to
always check that fd  FD_SETSIZE before using FD_SET.



[2003-06-15 07:31:00] anton at valuehost dot ru

Description:

phpinfo:
http://v6test.valuehost.ru/phpinfo.php

The problem has the following character, after long work php as mod_php
in apache, various variations of sockets, fsockopen, include, fopen and
etc cease to work.

As did not work and curl, but it managed to be solved rebuild libcurl
with FD_SETSIZE=16384 (sys/types.h).

Such sensation that descriptors come to an end.

At occurrence of this problem fsockopen starts to return a mistake 
Operation now in progress 
Function include in general causes Segmentation fault (11)

Unfortunately there is no opportunity to include an option debug as
ZendOptimazer does not work in debug a mode.






-- 
Edit this bug report at http://bugs.php.net/?id=24189edit=1

#24189 [Com]: big problem on stream function

[jorton at redhat dot com]

 ID:   24189
 Comment by:   jorton at redhat dot com
 Reported By:  anton at valuehost dot ru
 Status:   Bogus
 Bug Type: Sockets related
 Operating System: FreeBSD 4.8
 PHP Version:  4.3.2
 New Comment:

This is a real bug.

The issue is that fd_set is a fixed-size array, and if FD_SET is passed
an fd number greater than FD_SETSIZE, it has undefined behaviour, i.e.
it overruns the array and corrupts memory.

All uses of select() in PHP look to be unsafe because of this.  The
proper fix is to use poll() on platforms where it is available, and to
always check that fd  FD_SETSIZE before using FD_SET.


Previous Comments:


[2003-06-15 16:34:13] [EMAIL PROTECTED]

let's keep this bogus..




[2003-06-15 11:02:43] anton at valuehost dot ru

Do not want to help well and it is not necessary, in backtrace I and
itself can understand.



[2003-06-15 10:58:08] [EMAIL PROTECTED]

Not enough information - bogus. (get rid of the zendoptimizer on some
machine and provide a backtrace, otherwise - not bug)




[2003-06-15 10:55:20] anton at valuehost dot ru

In it that all and the problem, on dev server to us was not possible to
receive this mistake.
The problem arises on production a level what from scripts of users of
her causes to understand not really, we hold over 25000 sites.

We at once find out any mistakes and we celebrate them quickly enough,
and this of us has led up a blind alley :(

But I can tell precisely, that all functions which work with socket
cease to work, what that restriction on work mod_php is imposed.



[2003-06-15 10:25:52] [EMAIL PROTECTED]

You should have a dev machine to test this on.
Just leave ZendOptimizer out. If you can't do this and can't provide
decent backtrace, we can't fix anything.




The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/24189

-- 
Edit this bug report at http://bugs.php.net/?id=24189edit=1