Bug #44872 [Com]: canary mismatch on efree() - heap overflow detected
Edit report at http://bugs.php.net/bug.php?id=44872&edit=1
ID: 44872
Comment by: capitalplus at yandex dot ru
Reported by: mattr at shoplet dot com
Summary: canary mismatch on efree() - heap overflow detected
Status: Closed
Type: Bug
Package: MySQLi related
Operating System: FreeBSD 6.2
PHP Version: 5.2.5
New Comment:
In my situation helped this solution:
Open php.ini and set parameter
mssql.datetimeconvert = Off
restart Apache. Error no longer appears.
Previous Comments:
[2010-02-09 13:22:22] jimmy at pixelant dot se
Feb 9 13:51:36 xx suhosin[4498]: ALERT - canary mismatch on
efree() - heap overflow detected (attacker 'x.x.x.x', file
'class.t3lib_htmlmail.php', line 718)
Upgrade to php 5.2.12 resolved this issue.
[2009-09-09 20:51:05] squarious at gmail dot com
I have the same error on 5.2.10 with suhosin patch.
Linux 2.6.31-10-generic #30-Ubuntu SMP Tue Sep 8 12:32:38 UTC 2009
x86_64 GNU/Linux
The tested site was working perfectly on Ubuntu 8.04 LTS with untouched
PHP 5.2.4 (with suhosin patch). The behaviour however is not standard
and it depends if the page is first time visite
[2009-09-09 12:03:27] neofutur dot php at ww7 dot be
update/workaround . . . but scary . . .
someone on ##php tols me to restart apache, that when you get one of
those canary mismatch on efree() you get many until you restart apache.
I didnt pay attention at the beginning but finally tried it.
Its simply true, when you get those messages , restart apache and you
will see no more of them ( until the next apache overflow ? )
[2009-09-09 10:21:49] neofutur dot php at ww7 dot be
I also tried the code suggested :
1);
$demo_user[]=(object)array("second" => 2);
$demo_user[]=(object)array("third" => 3);
echo ""; var_dump($demo_user); echo "";
?>
This doesnt trigger any error message here
[2009-09-09 10:07:50] neofutur dot php at ww7 dot be
your bugtool dont accept my comment after 40 attempts, so I just post
the pastebin url containing all my comments and logs :
http://dpaste.com/91360/
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/bug.php?id=44872
--
Edit this bug report at http://bugs.php.net/bug.php?id=44872&edit=1
#44872 [Com]: canary mismatch on efree() - heap overflow detected
ID: 44872
Comment by: jimmy at pixelant dot se
Reported By: mattr at shoplet dot com
Status: No Feedback
Bug Type: MySQLi related
Operating System: FreeBSD 6.2
PHP Version: 5.2.5
New Comment:
Feb 9 13:51:36 xx suhosin[4498]: ALERT - canary mismatch
on efree() - heap overflow detected (attacker 'x.x.x.x', file
'class.t3lib_htmlmail.php', line 718)
Upgrade to php 5.2.12 resolved this issue.
Previous Comments:
[2009-09-09 20:51:05] squarious at gmail dot com
I have the same error on 5.2.10 with suhosin patch.
Linux 2.6.31-10-generic #30-Ubuntu SMP Tue Sep 8 12:32:38 UTC 2009
x86_64 GNU/Linux
The tested site was working perfectly on Ubuntu 8.04 LTS with untouched
PHP 5.2.4 (with suhosin patch). The behaviour however is not standard
and it depends if the page is first time visite
[2009-09-09 12:03:27] neofutur dot php at ww7 dot be
update/workaround . . . but scary . . .
someone on ##php tols me to restart apache, that when you get one of
those canary mismatch on efree() you get many until you restart apache.
I didnt pay attention at the beginning but finally tried it.
Its simply true, when you get those messages , restart apache and you
will see no more of them ( until the next apache overflow ? )
[2009-09-09 10:21:49] neofutur dot php at ww7 dot be
I also tried the code suggested :
1);
$demo_user[]=(object)array("second" => 2);
$demo_user[]=(object)array("third" => 3);
echo ""; var_dump($demo_user); echo "";
?>
This doesnt trigger any error message here
[2009-09-09 10:07:50] neofutur dot php at ww7 dot be
your bugtool dont accept my comment after 40 attempts, so I just post
the pastebin url containing all my comments and logs :
http://dpaste.com/91360/
[2009-09-09 09:56:15] joeysmith at gmail dot com
Sorry for the noise - testing the assertion that CAPTCHAs are broken.
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/44872
--
Edit this bug report at http://bugs.php.net/?id=44872&edit=1
#44872 [Com]: canary mismatch on efree() - heap overflow detected
ID: 44872
Comment by: squarious at gmail dot com
Reported By: mattr at shoplet dot com
Status: No Feedback
Bug Type: MySQLi related
Operating System: FreeBSD 6.2
PHP Version: 5.2.5
New Comment:
I have the same error on 5.2.10 with suhosin patch.
Linux 2.6.31-10-generic #30-Ubuntu SMP Tue Sep 8 12:32:38 UTC 2009
x86_64 GNU/Linux
The tested site was working perfectly on Ubuntu 8.04 LTS with untouched
PHP 5.2.4 (with suhosin patch). The behaviour however is not standard
and it depends if the page is first time visite
Previous Comments:
[2009-09-09 12:03:27] neofutur dot php at ww7 dot be
update/workaround . . . but scary . . .
someone on ##php tols me to restart apache, that when you get one of
those canary mismatch on efree() you get many until you restart apache.
I didnt pay attention at the beginning but finally tried it.
Its simply true, when you get those messages , restart apache and you
will see no more of them ( until the next apache overflow ? )
[2009-09-09 10:21:49] neofutur dot php at ww7 dot be
I also tried the code suggested :
1);
$demo_user[]=(object)array("second" => 2);
$demo_user[]=(object)array("third" => 3);
echo ""; var_dump($demo_user); echo "";
?>
This doesnt trigger any error message here
[2009-09-09 10:07:50] neofutur dot php at ww7 dot be
your bugtool dont accept my comment after 40 attempts, so I just post
the pastebin url containing all my comments and logs :
http://dpaste.com/91360/
[2009-09-09 09:56:15] joeysmith at gmail dot com
Sorry for the noise - testing the assertion that CAPTCHAs are broken.
[2009-08-20 07:42:34] p dot elagin at gmail dot com
PHP Version 5.2.10-2
Linux xxx.ru 2.6.26-2-amd64 #1 SMP Fri Aug 14 07:12:04 UTC 2009
x86_64
___
Same Problem
[Thu Aug 20 11:34:09 2009] [error] [client 212.16.10.34] ALERT - canary
mismatch on efree() - heap overflow detected (attacker 'xxx', file
'xxx/index.php'), referer: http://text.foothold.ru/index.php
Linux - Debian ( squeeze )
i have this problem when i install 5.2.10-1, i reinstall to 5.2.9 all
is ok. now i update my system and problem restore
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/44872
--
Edit this bug report at http://bugs.php.net/?id=44872&edit=1
#44872 [Com]: canary mismatch on efree() - heap overflow detected
ID: 44872
Comment by: neofutur dot php at ww7 dot be
Reported By: mattr at shoplet dot com
Status: No Feedback
Bug Type: MySQLi related
Operating System: FreeBSD 6.2
PHP Version: 5.2.5
New Comment:
update/workaround . . . but scary . . .
someone on ##php tols me to restart apache, that when you get one of
those canary mismatch on efree() you get many until you restart apache.
I didnt pay attention at the beginning but finally tried it.
Its simply true, when you get those messages , restart apache and you
will see no more of them ( until the next apache overflow ? )
Previous Comments:
[2009-09-09 10:21:49] neofutur dot php at ww7 dot be
I also tried the code suggested :
1);
$demo_user[]=(object)array("second" => 2);
$demo_user[]=(object)array("third" => 3);
echo ""; var_dump($demo_user); echo "";
?>
This doesnt trigger any error message here
[2009-09-09 10:07:50] neofutur dot php at ww7 dot be
your bugtool dont accept my comment after 40 attempts, so I just post
the pastebin url containing all my comments and logs :
http://dpaste.com/91360/
[2009-09-09 09:56:15] joeysmith at gmail dot com
Sorry for the noise - testing the assertion that CAPTCHAs are broken.
[2009-08-20 07:42:34] p dot elagin at gmail dot com
PHP Version 5.2.10-2
Linux xxx.ru 2.6.26-2-amd64 #1 SMP Fri Aug 14 07:12:04 UTC 2009
x86_64
___
Same Problem
[Thu Aug 20 11:34:09 2009] [error] [client 212.16.10.34] ALERT - canary
mismatch on efree() - heap overflow detected (attacker 'xxx', file
'xxx/index.php'), referer: http://text.foothold.ru/index.php
Linux - Debian ( squeeze )
i have this problem when i install 5.2.10-1, i reinstall to 5.2.9 all
is ok. now i update my system and problem restore
[2009-08-07 12:44:19] werner at flyingdog dot de
I also can reproduce this error (Suhosin Patch installed). Very simple
test script:
1);
$demo_user[]=(object)array("second" => 2);
$demo_user[]=(object)array("third" => 3);
echo ""; var_dump($demo_user); echo "";
?>
Error Log:
[Fri Aug 07 14:38:06 2009] [error] [client xx.xx.xx.xx] ALERT - canary
mismatch on efree() - heap overflow detected (attacker 'xx.xx.xx.xx',
file '/somedir/somedir/htdocs/f.php', line 2)
Version Info:
Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.6 with Suhosin-Patch
proxy_html/3.0.0 Server at xx Port 80
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/44872
--
Edit this bug report at http://bugs.php.net/?id=44872&edit=1
#44872 [Com]: canary mismatch on efree() - heap overflow detected
ID: 44872
Comment by: neofutur dot php at ww7 dot be
Reported By: mattr at shoplet dot com
Status: No Feedback
Bug Type: MySQLi related
Operating System: FreeBSD 6.2
PHP Version: 5.2.5
New Comment:
I also tried the code suggested :
1);
$demo_user[]=(object)array("second" => 2);
$demo_user[]=(object)array("third" => 3);
echo ""; var_dump($demo_user); echo "";
?>
This doesnt trigger any error message here
Previous Comments:
[2009-09-09 10:07:50] neofutur dot php at ww7 dot be
your bugtool dont accept my comment after 40 attempts, so I just post
the pastebin url containing all my comments and logs :
http://dpaste.com/91360/
[2009-09-09 09:56:15] joeysmith at gmail dot com
Sorry for the noise - testing the assertion that CAPTCHAs are broken.
[2009-08-20 07:42:34] p dot elagin at gmail dot com
PHP Version 5.2.10-2
Linux xxx.ru 2.6.26-2-amd64 #1 SMP Fri Aug 14 07:12:04 UTC 2009
x86_64
___
Same Problem
[Thu Aug 20 11:34:09 2009] [error] [client 212.16.10.34] ALERT - canary
mismatch on efree() - heap overflow detected (attacker 'xxx', file
'xxx/index.php'), referer: http://text.foothold.ru/index.php
Linux - Debian ( squeeze )
i have this problem when i install 5.2.10-1, i reinstall to 5.2.9 all
is ok. now i update my system and problem restore
[2009-08-07 12:44:19] werner at flyingdog dot de
I also can reproduce this error (Suhosin Patch installed). Very simple
test script:
1);
$demo_user[]=(object)array("second" => 2);
$demo_user[]=(object)array("third" => 3);
echo ""; var_dump($demo_user); echo "";
?>
Error Log:
[Fri Aug 07 14:38:06 2009] [error] [client xx.xx.xx.xx] ALERT - canary
mismatch on efree() - heap overflow detected (attacker 'xx.xx.xx.xx',
file '/somedir/somedir/htdocs/f.php', line 2)
Version Info:
Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.6 with Suhosin-Patch
proxy_html/3.0.0 Server at xx Port 80
[2009-08-06 00:18:58] robert at robert-gonzalez dot com
I am having this same issue on Ubuntu 8.10 running against Sybase 12.5.
This actually just started happening against the CLI version of PHP when
attempting to connect more than once to the database server in the same
request. Any idea when this might get fixed? Or if not, anyone have a
reliable work around?
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/44872
--
Edit this bug report at http://bugs.php.net/?id=44872&edit=1
#44872 [Com]: canary mismatch on efree() - heap overflow detected
ID: 44872
Comment by: neofutur dot php at ww7 dot be
Reported By: mattr at shoplet dot com
Status: No Feedback
Bug Type: MySQLi related
Operating System: FreeBSD 6.2
PHP Version: 5.2.5
New Comment:
your bugtool dont accept my comment after 40 attempts, so I just post
the pastebin url containing all my comments and logs :
http://dpaste.com/91360/
Previous Comments:
[2009-09-09 09:56:15] joeysmith at gmail dot com
Sorry for the noise - testing the assertion that CAPTCHAs are broken.
[2009-08-20 07:42:34] p dot elagin at gmail dot com
PHP Version 5.2.10-2
Linux xxx.ru 2.6.26-2-amd64 #1 SMP Fri Aug 14 07:12:04 UTC 2009
x86_64
___
Same Problem
[Thu Aug 20 11:34:09 2009] [error] [client 212.16.10.34] ALERT - canary
mismatch on efree() - heap overflow detected (attacker 'xxx', file
'xxx/index.php'), referer: http://text.foothold.ru/index.php
Linux - Debian ( squeeze )
i have this problem when i install 5.2.10-1, i reinstall to 5.2.9 all
is ok. now i update my system and problem restore
[2009-08-07 12:44:19] werner at flyingdog dot de
I also can reproduce this error (Suhosin Patch installed). Very simple
test script:
1);
$demo_user[]=(object)array("second" => 2);
$demo_user[]=(object)array("third" => 3);
echo ""; var_dump($demo_user); echo "";
?>
Error Log:
[Fri Aug 07 14:38:06 2009] [error] [client xx.xx.xx.xx] ALERT - canary
mismatch on efree() - heap overflow detected (attacker 'xx.xx.xx.xx',
file '/somedir/somedir/htdocs/f.php', line 2)
Version Info:
Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.6 with Suhosin-Patch
proxy_html/3.0.0 Server at xx Port 80
[2009-08-06 00:18:58] robert at robert-gonzalez dot com
I am having this same issue on Ubuntu 8.10 running against Sybase 12.5.
This actually just started happening against the CLI version of PHP when
attempting to connect more than once to the database server in the same
request. Any idea when this might get fixed? Or if not, anyone have a
reliable work around?
[2009-07-17 09:13:13] emiel dot molenaar at gmail dot com
Any news about this one? Having the same issue here on Debian:
PHP 5.2.10-2 with Suhosin-Patch 0.9.7 (cli) (built: Jul 10 2009
01:47:03)
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/44872
--
Edit this bug report at http://bugs.php.net/?id=44872&edit=1
#44872 [Com]: canary mismatch on efree() - heap overflow detected
ID: 44872
Comment by: joeysmith at gmail dot com
Reported By: mattr at shoplet dot com
Status: No Feedback
Bug Type: MySQLi related
Operating System: FreeBSD 6.2
PHP Version: 5.2.5
New Comment:
Sorry for the noise - testing the assertion that CAPTCHAs are broken.
Previous Comments:
[2009-08-20 07:42:34] p dot elagin at gmail dot com
PHP Version 5.2.10-2
Linux xxx.ru 2.6.26-2-amd64 #1 SMP Fri Aug 14 07:12:04 UTC 2009
x86_64
___
Same Problem
[Thu Aug 20 11:34:09 2009] [error] [client 212.16.10.34] ALERT - canary
mismatch on efree() - heap overflow detected (attacker 'xxx', file
'xxx/index.php'), referer: http://text.foothold.ru/index.php
Linux - Debian ( squeeze )
i have this problem when i install 5.2.10-1, i reinstall to 5.2.9 all
is ok. now i update my system and problem restore
[2009-08-07 12:44:19] werner at flyingdog dot de
I also can reproduce this error (Suhosin Patch installed). Very simple
test script:
1);
$demo_user[]=(object)array("second" => 2);
$demo_user[]=(object)array("third" => 3);
echo ""; var_dump($demo_user); echo "";
?>
Error Log:
[Fri Aug 07 14:38:06 2009] [error] [client xx.xx.xx.xx] ALERT - canary
mismatch on efree() - heap overflow detected (attacker 'xx.xx.xx.xx',
file '/somedir/somedir/htdocs/f.php', line 2)
Version Info:
Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.6 with Suhosin-Patch
proxy_html/3.0.0 Server at xx Port 80
[2009-08-06 00:18:58] robert at robert-gonzalez dot com
I am having this same issue on Ubuntu 8.10 running against Sybase 12.5.
This actually just started happening against the CLI version of PHP when
attempting to connect more than once to the database server in the same
request. Any idea when this might get fixed? Or if not, anyone have a
reliable work around?
[2009-07-17 09:13:13] emiel dot molenaar at gmail dot com
Any news about this one? Having the same issue here on Debian:
PHP 5.2.10-2 with Suhosin-Patch 0.9.7 (cli) (built: Jul 10 2009
01:47:03)
[2009-05-06 14:16:33] j dot vd dot broek at home dot nl
This solution I saw on another website might help fixing it in a next
build of PHP or at least show people with the same problem a way out of
it:
http://chrisblunt.com/blog/2009/05/01/php-fixing-mismatched-canaries-how-to-remove-suhosin-from-debianubuntu-packages/
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/44872
--
Edit this bug report at http://bugs.php.net/?id=44872&edit=1
#44872 [Com]: canary mismatch on efree() - heap overflow detected
ID: 44872
Comment by: p dot elagin at gmail dot com
Reported By: mattr at shoplet dot com
Status: No Feedback
Bug Type: MySQLi related
Operating System: FreeBSD 6.2
PHP Version: 5.2.5
New Comment:
PHP Version 5.2.10-2
Linux xxx.ru 2.6.26-2-amd64 #1 SMP Fri Aug 14 07:12:04 UTC 2009
x86_64
___
Same Problem
[Thu Aug 20 11:34:09 2009] [error] [client 212.16.10.34] ALERT - canary
mismatch on efree() - heap overflow detected (attacker 'xxx', file
'xxx/index.php'), referer: http://text.foothold.ru/index.php
Linux - Debian ( squeeze )
i have this problem when i install 5.2.10-1, i reinstall to 5.2.9 all
is ok. now i update my system and problem restore
Previous Comments:
[2009-08-07 12:44:19] werner at flyingdog dot de
I also can reproduce this error (Suhosin Patch installed). Very simple
test script:
1);
$demo_user[]=(object)array("second" => 2);
$demo_user[]=(object)array("third" => 3);
echo ""; var_dump($demo_user); echo "";
?>
Error Log:
[Fri Aug 07 14:38:06 2009] [error] [client xx.xx.xx.xx] ALERT - canary
mismatch on efree() - heap overflow detected (attacker 'xx.xx.xx.xx',
file '/somedir/somedir/htdocs/f.php', line 2)
Version Info:
Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.6 with Suhosin-Patch
proxy_html/3.0.0 Server at xx Port 80
[2009-08-06 00:18:58] robert at robert-gonzalez dot com
I am having this same issue on Ubuntu 8.10 running against Sybase 12.5.
This actually just started happening against the CLI version of PHP when
attempting to connect more than once to the database server in the same
request. Any idea when this might get fixed? Or if not, anyone have a
reliable work around?
[2009-07-17 09:13:13] emiel dot molenaar at gmail dot com
Any news about this one? Having the same issue here on Debian:
PHP 5.2.10-2 with Suhosin-Patch 0.9.7 (cli) (built: Jul 10 2009
01:47:03)
[2009-05-06 14:16:33] j dot vd dot broek at home dot nl
This solution I saw on another website might help fixing it in a next
build of PHP or at least show people with the same problem a way out of
it:
http://chrisblunt.com/blog/2009/05/01/php-fixing-mismatched-canaries-how-to-remove-suhosin-from-debianubuntu-packages/
[2009-05-03 13:48:10] ewilded at gmail dot com
Same situation on PHP 5.2.9 with Suhosin-Patch 0.9.7 (cli) (built: May
2 2009 14:51:38), OS: Slackware 12, i'm connecting to Oracle DB on
remote machine using PDO, script gets killed while trying to execute
simple SELECT statement without any params (same code works fine with
MySQL).
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/44872
--
Edit this bug report at http://bugs.php.net/?id=44872&edit=1
#44872 [Com]: canary mismatch on efree() - heap overflow detected
ID: 44872
Comment by: werner at flyingdog dot de
Reported By: mattr at shoplet dot com
Status: No Feedback
Bug Type: MySQLi related
Operating System: FreeBSD 6.2
PHP Version: 5.2.5
New Comment:
I also can reproduce this error (Suhosin Patch installed). Very simple
test script:
1);
$demo_user[]=(object)array("second" => 2);
$demo_user[]=(object)array("third" => 3);
echo ""; var_dump($demo_user); echo "";
?>
Error Log:
[Fri Aug 07 14:38:06 2009] [error] [client xx.xx.xx.xx] ALERT - canary
mismatch on efree() - heap overflow detected (attacker 'xx.xx.xx.xx',
file '/somedir/somedir/htdocs/f.php', line 2)
Version Info:
Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.6 with Suhosin-Patch
proxy_html/3.0.0 Server at xx Port 80
Previous Comments:
[2009-08-06 00:18:58] robert at robert-gonzalez dot com
I am having this same issue on Ubuntu 8.10 running against Sybase 12.5.
This actually just started happening against the CLI version of PHP when
attempting to connect more than once to the database server in the same
request. Any idea when this might get fixed? Or if not, anyone have a
reliable work around?
[2009-07-17 09:13:13] emiel dot molenaar at gmail dot com
Any news about this one? Having the same issue here on Debian:
PHP 5.2.10-2 with Suhosin-Patch 0.9.7 (cli) (built: Jul 10 2009
01:47:03)
[2009-05-06 14:16:33] j dot vd dot broek at home dot nl
This solution I saw on another website might help fixing it in a next
build of PHP or at least show people with the same problem a way out of
it:
http://chrisblunt.com/blog/2009/05/01/php-fixing-mismatched-canaries-how-to-remove-suhosin-from-debianubuntu-packages/
[2009-05-03 13:48:10] ewilded at gmail dot com
Same situation on PHP 5.2.9 with Suhosin-Patch 0.9.7 (cli) (built: May
2 2009 14:51:38), OS: Slackware 12, i'm connecting to Oracle DB on
remote machine using PDO, script gets killed while trying to execute
simple SELECT statement without any params (same code works fine with
MySQL).
[2009-04-21 14:39:12] fr33z at inmail dot cz
I have the same issue with PHP Version 5.2.9-pl2-gentoo
'./configure' '--prefix=/usr/lib64/php5' '--host=x86_64-pc-linux-gnu'
'--mandir=/usr/lib64/php5/man' '--infodir=/usr/lib64/php5/info'
'--sysconfdir=/etc' '--cache-file=./config.cache' '--with-libdir=lib64'
'--with-pcre-regex=/usr' '--enable-maintainer-zts' '--disable-cli'
'--with-apxs2=/usr/sbin/apxs2'
'--with-config-file-path=/etc/php/apache2-php5'
'--with-config-file-scan-dir=/etc/php/apache2-php5/ext-active'
'--without-pear' '--disable-bcmath' '--with-bz2' '--disable-calendar'
'--with-curl' '--with-curlwrappers' '--disable-dbase' '--enable-exif'
'--without-fbsql' '--without-fdftk' '--enable-ftp' '--with-gettext'
'--without-gmp' '--disable-ipv6' '--disable-json' '--without-kerberos'
'--enable-mbstring' '--with-mcrypt' '--with-mhash' '--without-msql'
'--without-mssql' '--with-ncurses' '--with-openssl'
'--with-openssl-dir=/usr' '--disable-pcntl' '--without-pgsql'
'--without-pspell' '--without-recode' '--disable-shmop' '--without-snmp'
'--disable-soap' '--enable-sockets' '--without-sybase'
'--without-sybase-ct' '--disable-sysvmsg' '--disable-sysvsem'
'--disable-sysvshm' '--without-tidy' '--disable-wddx' '--without-xmlrpc'
'--with-xsl' '--enable-zip' '--with-zlib' '--disable-debug'
'--enable-dba' '--without-cdb' '--with-db4' '--disable-flatfile'
'--with-gdbm' '--without-qdbm' '--with-freetype-dir=/usr'
'--with-t1lib=/usr' '--disable-gd-jis-conv' '--with-jpeg-dir=/usr'
'--with-png-dir=/usr' '--without-xpm-dir' '--with-gd'
'--with-mysql=/usr' '--with-mysql-sock=/var/run/mysqld/mysqld.sock'
'--without-mysqli' '--without-pdo-dblib' '--with-pdo-mysql=/usr'
'--without-pdo-odbc' '--without-pdo-pgsql' '--without-pdo-sqlite'
'--with-readline' '--without-libedit' '--without-mm' '--without-sqlite'
'--with-pic'
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/44872
--
Edit this bug report at http://bugs.php.net/?id=44872&edit=1
#44872 [Com]: canary mismatch on efree() - heap overflow detected
ID: 44872 Comment by: robert at robert-gonzalez dot com Reported By: mattr at shoplet dot com Status: No Feedback Bug Type: MySQLi related Operating System: FreeBSD 6.2 PHP Version: 5.2.5 New Comment: I am having this same issue on Ubuntu 8.10 running against Sybase 12.5. This actually just started happening against the CLI version of PHP when attempting to connect more than once to the database server in the same request. Any idea when this might get fixed? Or if not, anyone have a reliable work around? Previous Comments: [2009-07-17 09:13:13] emiel dot molenaar at gmail dot com Any news about this one? Having the same issue here on Debian: PHP 5.2.10-2 with Suhosin-Patch 0.9.7 (cli) (built: Jul 10 2009 01:47:03) [2009-05-06 14:16:33] j dot vd dot broek at home dot nl This solution I saw on another website might help fixing it in a next build of PHP or at least show people with the same problem a way out of it: http://chrisblunt.com/blog/2009/05/01/php-fixing-mismatched-canaries-how-to-remove-suhosin-from-debianubuntu-packages/ [2009-05-03 13:48:10] ewilded at gmail dot com Same situation on PHP 5.2.9 with Suhosin-Patch 0.9.7 (cli) (built: May 2 2009 14:51:38), OS: Slackware 12, i'm connecting to Oracle DB on remote machine using PDO, script gets killed while trying to execute simple SELECT statement without any params (same code works fine with MySQL). [2009-04-21 14:39:12] fr33z at inmail dot cz I have the same issue with PHP Version 5.2.9-pl2-gentoo './configure' '--prefix=/usr/lib64/php5' '--host=x86_64-pc-linux-gnu' '--mandir=/usr/lib64/php5/man' '--infodir=/usr/lib64/php5/info' '--sysconfdir=/etc' '--cache-file=./config.cache' '--with-libdir=lib64' '--with-pcre-regex=/usr' '--enable-maintainer-zts' '--disable-cli' '--with-apxs2=/usr/sbin/apxs2' '--with-config-file-path=/etc/php/apache2-php5' '--with-config-file-scan-dir=/etc/php/apache2-php5/ext-active' '--without-pear' '--disable-bcmath' '--with-bz2' '--disable-calendar' '--with-curl' '--with-curlwrappers' '--disable-dbase' '--enable-exif' '--without-fbsql' '--without-fdftk' '--enable-ftp' '--with-gettext' '--without-gmp' '--disable-ipv6' '--disable-json' '--without-kerberos' '--enable-mbstring' '--with-mcrypt' '--with-mhash' '--without-msql' '--without-mssql' '--with-ncurses' '--with-openssl' '--with-openssl-dir=/usr' '--disable-pcntl' '--without-pgsql' '--without-pspell' '--without-recode' '--disable-shmop' '--without-snmp' '--disable-soap' '--enable-sockets' '--without-sybase' '--without-sybase-ct' '--disable-sysvmsg' '--disable-sysvsem' '--disable-sysvshm' '--without-tidy' '--disable-wddx' '--without-xmlrpc' '--with-xsl' '--enable-zip' '--with-zlib' '--disable-debug' '--enable-dba' '--without-cdb' '--with-db4' '--disable-flatfile' '--with-gdbm' '--without-qdbm' '--with-freetype-dir=/usr' '--with-t1lib=/usr' '--disable-gd-jis-conv' '--with-jpeg-dir=/usr' '--with-png-dir=/usr' '--without-xpm-dir' '--with-gd' '--with-mysql=/usr' '--with-mysql-sock=/var/run/mysqld/mysqld.sock' '--without-mysqli' '--without-pdo-dblib' '--with-pdo-mysql=/usr' '--without-pdo-odbc' '--without-pdo-pgsql' '--without-pdo-sqlite' '--with-readline' '--without-libedit' '--without-mm' '--without-sqlite' '--with-pic' [2009-03-22 19:38:40] mr dot jony at gmail dot com i have this same problem in a fresh install of ubuntu 8.04 lts and i dont have the suhosin patch please help The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/44872 -- Edit this bug report at http://bugs.php.net/?id=44872&edit=1
#44872 [Com]: canary mismatch on efree() - heap overflow detected
ID: 44872
Comment by: emiel dot molenaar at gmail dot com
Reported By: mattr at shoplet dot com
Status: No Feedback
Bug Type: MySQLi related
Operating System: FreeBSD 6.2
PHP Version: 5.2.5
New Comment:
Any news about this one? Having the same issue here on Debian:
PHP 5.2.10-2 with Suhosin-Patch 0.9.7 (cli) (built: Jul 10 2009
01:47:03)
Previous Comments:
[2009-05-06 14:16:33] j dot vd dot broek at home dot nl
This solution I saw on another website might help fixing it in a next
build of PHP or at least show people with the same problem a way out of
it:
http://chrisblunt.com/blog/2009/05/01/php-fixing-mismatched-canaries-how-to-remove-suhosin-from-debianubuntu-packages/
[2009-05-03 13:48:10] ewilded at gmail dot com
Same situation on PHP 5.2.9 with Suhosin-Patch 0.9.7 (cli) (built: May
2 2009 14:51:38), OS: Slackware 12, i'm connecting to Oracle DB on
remote machine using PDO, script gets killed while trying to execute
simple SELECT statement without any params (same code works fine with
MySQL).
[2009-04-21 14:39:12] fr33z at inmail dot cz
I have the same issue with PHP Version 5.2.9-pl2-gentoo
'./configure' '--prefix=/usr/lib64/php5' '--host=x86_64-pc-linux-gnu'
'--mandir=/usr/lib64/php5/man' '--infodir=/usr/lib64/php5/info'
'--sysconfdir=/etc' '--cache-file=./config.cache' '--with-libdir=lib64'
'--with-pcre-regex=/usr' '--enable-maintainer-zts' '--disable-cli'
'--with-apxs2=/usr/sbin/apxs2'
'--with-config-file-path=/etc/php/apache2-php5'
'--with-config-file-scan-dir=/etc/php/apache2-php5/ext-active'
'--without-pear' '--disable-bcmath' '--with-bz2' '--disable-calendar'
'--with-curl' '--with-curlwrappers' '--disable-dbase' '--enable-exif'
'--without-fbsql' '--without-fdftk' '--enable-ftp' '--with-gettext'
'--without-gmp' '--disable-ipv6' '--disable-json' '--without-kerberos'
'--enable-mbstring' '--with-mcrypt' '--with-mhash' '--without-msql'
'--without-mssql' '--with-ncurses' '--with-openssl'
'--with-openssl-dir=/usr' '--disable-pcntl' '--without-pgsql'
'--without-pspell' '--without-recode' '--disable-shmop' '--without-snmp'
'--disable-soap' '--enable-sockets' '--without-sybase'
'--without-sybase-ct' '--disable-sysvmsg' '--disable-sysvsem'
'--disable-sysvshm' '--without-tidy' '--disable-wddx' '--without-xmlrpc'
'--with-xsl' '--enable-zip' '--with-zlib' '--disable-debug'
'--enable-dba' '--without-cdb' '--with-db4' '--disable-flatfile'
'--with-gdbm' '--without-qdbm' '--with-freetype-dir=/usr'
'--with-t1lib=/usr' '--disable-gd-jis-conv' '--with-jpeg-dir=/usr'
'--with-png-dir=/usr' '--without-xpm-dir' '--with-gd'
'--with-mysql=/usr' '--with-mysql-sock=/var/run/mysqld/mysqld.sock'
'--without-mysqli' '--without-pdo-dblib' '--with-pdo-mysql=/usr'
'--without-pdo-odbc' '--without-pdo-pgsql' '--without-pdo-sqlite'
'--with-readline' '--without-libedit' '--without-mm' '--without-sqlite'
'--with-pic'
[2009-03-22 19:38:40] mr dot jony at gmail dot com
i have this same problem in a fresh install of ubuntu 8.04 lts
and i dont have the suhosin patch
please help
[2009-03-11 09:17:40] dballance at roydshall dot org
I have the same error when running certain queries with mssql_query().
There seems to be no way to predict which queries will run and which
fail - although if a query fails it always fails and if it runs then it
alway runs. The more complex the query, the more likely to fail.
I am running PHP Version 5.2.4-2ubuntu5.5 with Suhosin Patch 0.9.6.2.
Example code that trips the switch:
$dbhandle = mssql_connect($myServer, $myUser, $myPass);
$selected = mssql_select_db($myDB, $dbhandle);
$query = "SELECT * FROM sims.curr_group INNER JOIN
sims.curr_class_period ON sims.curr_group.base_group_id =
sims.curr_class_period.base_group_id INNER JOIN sims.sims_person ON
sims.sims_person.person_id = sims.curr_class_period.person_id
WHERE (sims.curr_group.short_name = '9b/It1')";
$result = mssql_query($query);
while($row = mssql_fetch_array($result)) {
print_r($row);
}
//close the connection
mssql_close($dbhandle);
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/44872
--
Edit this bug report at http://bugs.php.net/?id=44872&edit=1
#44872 [Com]: canary mismatch on efree() - heap overflow detected
ID: 44872
Comment by: j dot vd dot broek at home dot nl
Reported By: mattr at shoplet dot com
Status: No Feedback
Bug Type: MySQLi related
Operating System: FreeBSD 6.2
PHP Version: 5.2.5
New Comment:
This solution I saw on another website might help fixing it in a next
build of PHP or at least show people with the same problem a way out of
it:
http://chrisblunt.com/blog/2009/05/01/php-fixing-mismatched-canaries-how-to-remove-suhosin-from-debianubuntu-packages/
Previous Comments:
[2009-05-03 13:48:10] ewilded at gmail dot com
Same situation on PHP 5.2.9 with Suhosin-Patch 0.9.7 (cli) (built: May
2 2009 14:51:38), OS: Slackware 12, i'm connecting to Oracle DB on
remote machine using PDO, script gets killed while trying to execute
simple SELECT statement without any params (same code works fine with
MySQL).
[2009-04-21 14:39:12] fr33z at inmail dot cz
I have the same issue with PHP Version 5.2.9-pl2-gentoo
'./configure' '--prefix=/usr/lib64/php5' '--host=x86_64-pc-linux-gnu'
'--mandir=/usr/lib64/php5/man' '--infodir=/usr/lib64/php5/info'
'--sysconfdir=/etc' '--cache-file=./config.cache' '--with-libdir=lib64'
'--with-pcre-regex=/usr' '--enable-maintainer-zts' '--disable-cli'
'--with-apxs2=/usr/sbin/apxs2'
'--with-config-file-path=/etc/php/apache2-php5'
'--with-config-file-scan-dir=/etc/php/apache2-php5/ext-active'
'--without-pear' '--disable-bcmath' '--with-bz2' '--disable-calendar'
'--with-curl' '--with-curlwrappers' '--disable-dbase' '--enable-exif'
'--without-fbsql' '--without-fdftk' '--enable-ftp' '--with-gettext'
'--without-gmp' '--disable-ipv6' '--disable-json' '--without-kerberos'
'--enable-mbstring' '--with-mcrypt' '--with-mhash' '--without-msql'
'--without-mssql' '--with-ncurses' '--with-openssl'
'--with-openssl-dir=/usr' '--disable-pcntl' '--without-pgsql'
'--without-pspell' '--without-recode' '--disable-shmop' '--without-snmp'
'--disable-soap' '--enable-sockets' '--without-sybase'
'--without-sybase-ct' '--disable-sysvmsg' '--disable-sysvsem'
'--disable-sysvshm' '--without-tidy' '--disable-wddx' '--without-xmlrpc'
'--with-xsl' '--enable-zip' '--with-zlib' '--disable-debug'
'--enable-dba' '--without-cdb' '--with-db4' '--disable-flatfile'
'--with-gdbm' '--without-qdbm' '--with-freetype-dir=/usr'
'--with-t1lib=/usr' '--disable-gd-jis-conv' '--with-jpeg-dir=/usr'
'--with-png-dir=/usr' '--without-xpm-dir' '--with-gd'
'--with-mysql=/usr' '--with-mysql-sock=/var/run/mysqld/mysqld.sock'
'--without-mysqli' '--without-pdo-dblib' '--with-pdo-mysql=/usr'
'--without-pdo-odbc' '--without-pdo-pgsql' '--without-pdo-sqlite'
'--with-readline' '--without-libedit' '--without-mm' '--without-sqlite'
'--with-pic'
[2009-03-22 19:38:40] mr dot jony at gmail dot com
i have this same problem in a fresh install of ubuntu 8.04 lts
and i dont have the suhosin patch
please help
[2009-03-11 09:17:40] dballance at roydshall dot org
I have the same error when running certain queries with mssql_query().
There seems to be no way to predict which queries will run and which
fail - although if a query fails it always fails and if it runs then it
alway runs. The more complex the query, the more likely to fail.
I am running PHP Version 5.2.4-2ubuntu5.5 with Suhosin Patch 0.9.6.2.
Example code that trips the switch:
$dbhandle = mssql_connect($myServer, $myUser, $myPass);
$selected = mssql_select_db($myDB, $dbhandle);
$query = "SELECT * FROM sims.curr_group INNER JOIN
sims.curr_class_period ON sims.curr_group.base_group_id =
sims.curr_class_period.base_group_id INNER JOIN sims.sims_person ON
sims.sims_person.person_id = sims.curr_class_period.person_id
WHERE (sims.curr_group.short_name = '9b/It1')";
$result = mssql_query($query);
while($row = mssql_fetch_array($result)) {
print_r($row);
}
//close the connection
mssql_close($dbhandle);
[2008-10-10 09:50:38] krister dot karlstrom at arcada dot fi
I'm experiencing the same bug using PHP 5.2.4-2ubuntu5.3 with
Suhosin-Patch 0.9.6.2 (cli) on a Ubuntu Hardy 8.0.4 server.
The following simplified example shows the problem, the last echo row
is not executed because of mssql_free_result() fails:
up_nr."\n";
mssql_free_result($result);
}
}
}
echo "Here I am - NOT!";
?>
OUTPUT
==
201000
ALERT - canary mismatch on efree() - heap overflow detected (attacker
'REMOTE_ADDR not set', file '/var/www//TestMsSQL.php', line 16)
The remainder of t
#44872 [Com]: canary mismatch on efree() - heap overflow detected
ID: 44872
Comment by: ewilded at gmail dot com
Reported By: mattr at shoplet dot com
Status: No Feedback
Bug Type: MySQLi related
Operating System: FreeBSD 6.2
PHP Version: 5.2.5
New Comment:
Same situation on PHP 5.2.9 with Suhosin-Patch 0.9.7 (cli) (built: May
2 2009 14:51:38), OS: Slackware 12, i'm connecting to Oracle DB on
remote machine using PDO, script gets killed while trying to execute
simple SELECT statement without any params (same code works fine with
MySQL).
Previous Comments:
[2009-04-21 14:39:12] fr33z at inmail dot cz
I have the same issue with PHP Version 5.2.9-pl2-gentoo
'./configure' '--prefix=/usr/lib64/php5' '--host=x86_64-pc-linux-gnu'
'--mandir=/usr/lib64/php5/man' '--infodir=/usr/lib64/php5/info'
'--sysconfdir=/etc' '--cache-file=./config.cache' '--with-libdir=lib64'
'--with-pcre-regex=/usr' '--enable-maintainer-zts' '--disable-cli'
'--with-apxs2=/usr/sbin/apxs2'
'--with-config-file-path=/etc/php/apache2-php5'
'--with-config-file-scan-dir=/etc/php/apache2-php5/ext-active'
'--without-pear' '--disable-bcmath' '--with-bz2' '--disable-calendar'
'--with-curl' '--with-curlwrappers' '--disable-dbase' '--enable-exif'
'--without-fbsql' '--without-fdftk' '--enable-ftp' '--with-gettext'
'--without-gmp' '--disable-ipv6' '--disable-json' '--without-kerberos'
'--enable-mbstring' '--with-mcrypt' '--with-mhash' '--without-msql'
'--without-mssql' '--with-ncurses' '--with-openssl'
'--with-openssl-dir=/usr' '--disable-pcntl' '--without-pgsql'
'--without-pspell' '--without-recode' '--disable-shmop' '--without-snmp'
'--disable-soap' '--enable-sockets' '--without-sybase'
'--without-sybase-ct' '--disable-sysvmsg' '--disable-sysvsem'
'--disable-sysvshm' '--without-tidy' '--disable-wddx' '--without-xmlrpc'
'--with-xsl' '--enable-zip' '--with-zlib' '--disable-debug'
'--enable-dba' '--without-cdb' '--with-db4' '--disable-flatfile'
'--with-gdbm' '--without-qdbm' '--with-freetype-dir=/usr'
'--with-t1lib=/usr' '--disable-gd-jis-conv' '--with-jpeg-dir=/usr'
'--with-png-dir=/usr' '--without-xpm-dir' '--with-gd'
'--with-mysql=/usr' '--with-mysql-sock=/var/run/mysqld/mysqld.sock'
'--without-mysqli' '--without-pdo-dblib' '--with-pdo-mysql=/usr'
'--without-pdo-odbc' '--without-pdo-pgsql' '--without-pdo-sqlite'
'--with-readline' '--without-libedit' '--without-mm' '--without-sqlite'
'--with-pic'
[2009-03-22 19:38:40] mr dot jony at gmail dot com
i have this same problem in a fresh install of ubuntu 8.04 lts
and i dont have the suhosin patch
please help
[2009-03-11 09:17:40] dballance at roydshall dot org
I have the same error when running certain queries with mssql_query().
There seems to be no way to predict which queries will run and which
fail - although if a query fails it always fails and if it runs then it
alway runs. The more complex the query, the more likely to fail.
I am running PHP Version 5.2.4-2ubuntu5.5 with Suhosin Patch 0.9.6.2.
Example code that trips the switch:
$dbhandle = mssql_connect($myServer, $myUser, $myPass);
$selected = mssql_select_db($myDB, $dbhandle);
$query = "SELECT * FROM sims.curr_group INNER JOIN
sims.curr_class_period ON sims.curr_group.base_group_id =
sims.curr_class_period.base_group_id INNER JOIN sims.sims_person ON
sims.sims_person.person_id = sims.curr_class_period.person_id
WHERE (sims.curr_group.short_name = '9b/It1')";
$result = mssql_query($query);
while($row = mssql_fetch_array($result)) {
print_r($row);
}
//close the connection
mssql_close($dbhandle);
[2008-10-10 09:50:38] krister dot karlstrom at arcada dot fi
I'm experiencing the same bug using PHP 5.2.4-2ubuntu5.3 with
Suhosin-Patch 0.9.6.2 (cli) on a Ubuntu Hardy 8.0.4 server.
The following simplified example shows the problem, the last echo row
is not executed because of mssql_free_result() fails:
up_nr."\n";
mssql_free_result($result);
}
}
}
echo "Here I am - NOT!";
?>
OUTPUT
==
201000
ALERT - canary mismatch on efree() - heap overflow detected (attacker
'REMOTE_ADDR not set', file '/var/www//TestMsSQL.php', line 16)
[2008-09-30 11:39:29] donald at designknights dot com
php version = 5.2.4-2ubuntu5.3
I am getting this same problem with the following bit of code
//class I wrote to make doing things on a remote machine easier
$ssh->init($server, $port, $username, $password);
$command = "if [ -d '$path' ]; then echo \"true\"; else echo \"false\";
fi 2> /dev/null";
//this executes the command above on the remote and gather
#44872 [Com]: canary mismatch on efree() - heap overflow detected
ID: 44872
Comment by: fr33z at inmail dot cz
Reported By: mattr at shoplet dot com
Status: No Feedback
Bug Type: MySQLi related
Operating System: FreeBSD 6.2
PHP Version: 5.2.5
New Comment:
I have the same issue with PHP Version 5.2.9-pl2-gentoo
'./configure' '--prefix=/usr/lib64/php5' '--host=x86_64-pc-linux-gnu'
'--mandir=/usr/lib64/php5/man' '--infodir=/usr/lib64/php5/info'
'--sysconfdir=/etc' '--cache-file=./config.cache' '--with-libdir=lib64'
'--with-pcre-regex=/usr' '--enable-maintainer-zts' '--disable-cli'
'--with-apxs2=/usr/sbin/apxs2'
'--with-config-file-path=/etc/php/apache2-php5'
'--with-config-file-scan-dir=/etc/php/apache2-php5/ext-active'
'--without-pear' '--disable-bcmath' '--with-bz2' '--disable-calendar'
'--with-curl' '--with-curlwrappers' '--disable-dbase' '--enable-exif'
'--without-fbsql' '--without-fdftk' '--enable-ftp' '--with-gettext'
'--without-gmp' '--disable-ipv6' '--disable-json' '--without-kerberos'
'--enable-mbstring' '--with-mcrypt' '--with-mhash' '--without-msql'
'--without-mssql' '--with-ncurses' '--with-openssl'
'--with-openssl-dir=/usr' '--disable-pcntl' '--without-pgsql'
'--without-pspell' '--without-recode' '--disable-shmop' '--without-snmp'
'--disable-soap' '--enable-sockets' '--without-sybase'
'--without-sybase-ct' '--disable-sysvmsg' '--disable-sysvsem'
'--disable-sysvshm' '--without-tidy' '--disable-wddx' '--without-xmlrpc'
'--with-xsl' '--enable-zip' '--with-zlib' '--disable-debug'
'--enable-dba' '--without-cdb' '--with-db4' '--disable-flatfile'
'--with-gdbm' '--without-qdbm' '--with-freetype-dir=/usr'
'--with-t1lib=/usr' '--disable-gd-jis-conv' '--with-jpeg-dir=/usr'
'--with-png-dir=/usr' '--without-xpm-dir' '--with-gd'
'--with-mysql=/usr' '--with-mysql-sock=/var/run/mysqld/mysqld.sock'
'--without-mysqli' '--without-pdo-dblib' '--with-pdo-mysql=/usr'
'--without-pdo-odbc' '--without-pdo-pgsql' '--without-pdo-sqlite'
'--with-readline' '--without-libedit' '--without-mm' '--without-sqlite'
'--with-pic'
Previous Comments:
[2009-03-22 19:38:40] mr dot jony at gmail dot com
i have this same problem in a fresh install of ubuntu 8.04 lts
and i dont have the suhosin patch
please help
[2009-03-11 09:17:40] dballance at roydshall dot org
I have the same error when running certain queries with mssql_query().
There seems to be no way to predict which queries will run and which
fail - although if a query fails it always fails and if it runs then it
alway runs. The more complex the query, the more likely to fail.
I am running PHP Version 5.2.4-2ubuntu5.5 with Suhosin Patch 0.9.6.2.
Example code that trips the switch:
$dbhandle = mssql_connect($myServer, $myUser, $myPass);
$selected = mssql_select_db($myDB, $dbhandle);
$query = "SELECT * FROM sims.curr_group INNER JOIN
sims.curr_class_period ON sims.curr_group.base_group_id =
sims.curr_class_period.base_group_id INNER JOIN sims.sims_person ON
sims.sims_person.person_id = sims.curr_class_period.person_id
WHERE (sims.curr_group.short_name = '9b/It1')";
$result = mssql_query($query);
while($row = mssql_fetch_array($result)) {
print_r($row);
}
//close the connection
mssql_close($dbhandle);
[2008-10-10 09:50:38] krister dot karlstrom at arcada dot fi
I'm experiencing the same bug using PHP 5.2.4-2ubuntu5.3 with
Suhosin-Patch 0.9.6.2 (cli) on a Ubuntu Hardy 8.0.4 server.
The following simplified example shows the problem, the last echo row
is not executed because of mssql_free_result() fails:
up_nr."\n";
mssql_free_result($result);
}
}
}
echo "Here I am - NOT!";
?>
OUTPUT
==
201000
ALERT - canary mismatch on efree() - heap overflow detected (attacker
'REMOTE_ADDR not set', file '/var/www//TestMsSQL.php', line 16)
[2008-09-30 11:39:29] donald at designknights dot com
php version = 5.2.4-2ubuntu5.3
I am getting this same problem with the following bit of code
//class I wrote to make doing things on a remote machine easier
$ssh->init($server, $port, $username, $password);
$command = "if [ -d '$path' ]; then echo \"true\"; else echo \"false\";
fi 2> /dev/null";
//this executes the command above on the remote and gathers a true or
false answer form the ssh stream
$answer = $ssh->execute_return($command);
//this line is where it barfes all over the memory
if ($answer === "true\n"){
return true;
}
else {
return false;
}
[2008-09-08 20:43:42] ndwolf at gmail dot com
same error with PHP Version 5.2.4-2ubuntu5.3
with the Suhosin Patch 0.9.6.2
#44872 [Com]: canary mismatch on efree() - heap overflow detected
ID: 44872
Comment by: mr dot jony at gmail dot com
Reported By: mattr at shoplet dot com
Status: No Feedback
Bug Type: MySQLi related
Operating System: FreeBSD 6.2
PHP Version: 5.2.5
New Comment:
i have this same problem in a fresh install of ubuntu 8.04 lts
and i dont have the suhosin patch
please help
Previous Comments:
[2009-03-11 09:17:40] dballance at roydshall dot org
I have the same error when running certain queries with mssql_query().
There seems to be no way to predict which queries will run and which
fail - although if a query fails it always fails and if it runs then it
alway runs. The more complex the query, the more likely to fail.
I am running PHP Version 5.2.4-2ubuntu5.5 with Suhosin Patch 0.9.6.2.
Example code that trips the switch:
$dbhandle = mssql_connect($myServer, $myUser, $myPass);
$selected = mssql_select_db($myDB, $dbhandle);
$query = "SELECT * FROM sims.curr_group INNER JOIN
sims.curr_class_period ON sims.curr_group.base_group_id =
sims.curr_class_period.base_group_id INNER JOIN sims.sims_person ON
sims.sims_person.person_id = sims.curr_class_period.person_id
WHERE (sims.curr_group.short_name = '9b/It1')";
$result = mssql_query($query);
while($row = mssql_fetch_array($result)) {
print_r($row);
}
//close the connection
mssql_close($dbhandle);
[2008-10-10 09:50:38] krister dot karlstrom at arcada dot fi
I'm experiencing the same bug using PHP 5.2.4-2ubuntu5.3 with
Suhosin-Patch 0.9.6.2 (cli) on a Ubuntu Hardy 8.0.4 server.
The following simplified example shows the problem, the last echo row
is not executed because of mssql_free_result() fails:
up_nr."\n";
mssql_free_result($result);
}
}
}
echo "Here I am - NOT!";
?>
OUTPUT
==
201000
ALERT - canary mismatch on efree() - heap overflow detected (attacker
'REMOTE_ADDR not set', file '/var/www//TestMsSQL.php', line 16)
[2008-09-30 11:39:29] donald at designknights dot com
php version = 5.2.4-2ubuntu5.3
I am getting this same problem with the following bit of code
//class I wrote to make doing things on a remote machine easier
$ssh->init($server, $port, $username, $password);
$command = "if [ -d '$path' ]; then echo \"true\"; else echo \"false\";
fi 2> /dev/null";
//this executes the command above on the remote and gathers a true or
false answer form the ssh stream
$answer = $ssh->execute_return($command);
//this line is where it barfes all over the memory
if ($answer === "true\n"){
return true;
}
else {
return false;
}
[2008-09-08 20:43:42] ndwolf at gmail dot com
same error with PHP Version 5.2.4-2ubuntu5.3
with the Suhosin Patch 0.9.6.2
Zend Engine v2.2.0
with Zend Extension Manager v1.2.0
with Zend Optimizer v3.2.6
with jobqueue_client wrapper v1.0
with DISABLED Zend Download Server v1.0.6
with DISABLED Zend Platform v3.0.1
with Zend Debugger v5.2.5
with gd wrapper v1.0
executing line 83 of Zend/Loader.php (Zend Framework 1.6.0)
the line is a "include_once $file"
[2008-07-21 04:24:21] mike at gmi dot co dot nz
Experiencing the same thing with an MSSQL query (mssql_query()) on
Debian and using PHP 5.2.6-2 with Suhosin-Patch 0.9.6.2 (cli) (built:
Jul 3 2008 07:52:34)
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/44872
--
Edit this bug report at http://bugs.php.net/?id=44872&edit=1
#44872 [Com]: canary mismatch on efree() - heap overflow detected
ID: 44872
Comment by: dballance at roydshall dot org
Reported By: mattr at shoplet dot com
Status: No Feedback
Bug Type: MySQLi related
Operating System: FreeBSD 6.2
PHP Version: 5.2.5
New Comment:
I have the same error when running certain queries with mssql_query().
There seems to be no way to predict which queries will run and which
fail - although if a query fails it always fails and if it runs then it
alway runs. The more complex the query, the more likely to fail.
I am running PHP Version 5.2.4-2ubuntu5.5 with Suhosin Patch 0.9.6.2.
Example code that trips the switch:
$dbhandle = mssql_connect($myServer, $myUser, $myPass);
$selected = mssql_select_db($myDB, $dbhandle);
$query = "SELECT * FROM sims.curr_group INNER JOIN
sims.curr_class_period ON sims.curr_group.base_group_id =
sims.curr_class_period.base_group_id INNER JOIN sims.sims_person ON
sims.sims_person.person_id = sims.curr_class_period.person_id
WHERE (sims.curr_group.short_name = '9b/It1')";
$result = mssql_query($query);
while($row = mssql_fetch_array($result)) {
print_r($row);
}
//close the connection
mssql_close($dbhandle);
Previous Comments:
[2008-10-10 09:50:38] krister dot karlstrom at arcada dot fi
I'm experiencing the same bug using PHP 5.2.4-2ubuntu5.3 with
Suhosin-Patch 0.9.6.2 (cli) on a Ubuntu Hardy 8.0.4 server.
The following simplified example shows the problem, the last echo row
is not executed because of mssql_free_result() fails:
up_nr."\n";
mssql_free_result($result);
}
}
}
echo "Here I am - NOT!";
?>
OUTPUT
==
201000
ALERT - canary mismatch on efree() - heap overflow detected (attacker
'REMOTE_ADDR not set', file '/var/www//TestMsSQL.php', line 16)
[2008-09-30 11:39:29] donald at designknights dot com
php version = 5.2.4-2ubuntu5.3
I am getting this same problem with the following bit of code
//class I wrote to make doing things on a remote machine easier
$ssh->init($server, $port, $username, $password);
$command = "if [ -d '$path' ]; then echo \"true\"; else echo \"false\";
fi 2> /dev/null";
//this executes the command above on the remote and gathers a true or
false answer form the ssh stream
$answer = $ssh->execute_return($command);
//this line is where it barfes all over the memory
if ($answer === "true\n"){
return true;
}
else {
return false;
}
[2008-09-08 20:43:42] ndwolf at gmail dot com
same error with PHP Version 5.2.4-2ubuntu5.3
with the Suhosin Patch 0.9.6.2
Zend Engine v2.2.0
with Zend Extension Manager v1.2.0
with Zend Optimizer v3.2.6
with jobqueue_client wrapper v1.0
with DISABLED Zend Download Server v1.0.6
with DISABLED Zend Platform v3.0.1
with Zend Debugger v5.2.5
with gd wrapper v1.0
executing line 83 of Zend/Loader.php (Zend Framework 1.6.0)
the line is a "include_once $file"
[2008-07-21 04:24:21] mike at gmi dot co dot nz
Experiencing the same thing with an MSSQL query (mssql_query()) on
Debian and using PHP 5.2.6-2 with Suhosin-Patch 0.9.6.2 (cli) (built:
Jul 3 2008 07:52:34)
[2008-05-10 01:00:00] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/44872
--
Edit this bug report at http://bugs.php.net/?id=44872&edit=1
#44872 [Com]: canary mismatch on efree() - heap overflow detected
ID: 44872
Comment by: krister dot karlstrom at arcada dot fi
Reported By: mattr at shoplet dot com
Status: No Feedback
Bug Type: MySQLi related
Operating System: FreeBSD 6.2
PHP Version: 5.2.5
New Comment:
I'm experiencing the same bug using PHP 5.2.4-2ubuntu5.3 with
Suhosin-Patch 0.9.6.2 (cli) on a Ubuntu Hardy 8.0.4 server.
The following simplified example shows the problem, the last echo row
is not executed because of mssql_free_result() fails:
up_nr."\n";
mssql_free_result($result);
}
}
}
echo "Here I am - NOT!";
?>
OUTPUT
==
201000
ALERT - canary mismatch on efree() - heap overflow detected (attacker
'REMOTE_ADDR not set', file '/var/www//TestMsSQL.php', line 16)
Previous Comments:
[2008-09-30 11:39:29] donald at designknights dot com
php version = 5.2.4-2ubuntu5.3
I am getting this same problem with the following bit of code
//class I wrote to make doing things on a remote machine easier
$ssh->init($server, $port, $username, $password);
$command = "if [ -d '$path' ]; then echo \"true\"; else echo \"false\";
fi 2> /dev/null";
//this executes the command above on the remote and gathers a true or
false answer form the ssh stream
$answer = $ssh->execute_return($command);
//this line is where it barfes all over the memory
if ($answer === "true\n"){
return true;
}
else {
return false;
}
[2008-09-08 20:43:42] ndwolf at gmail dot com
same error with PHP Version 5.2.4-2ubuntu5.3
with the Suhosin Patch 0.9.6.2
Zend Engine v2.2.0
with Zend Extension Manager v1.2.0
with Zend Optimizer v3.2.6
with jobqueue_client wrapper v1.0
with DISABLED Zend Download Server v1.0.6
with DISABLED Zend Platform v3.0.1
with Zend Debugger v5.2.5
with gd wrapper v1.0
executing line 83 of Zend/Loader.php (Zend Framework 1.6.0)
the line is a "include_once $file"
[2008-07-21 04:24:21] mike at gmi dot co dot nz
Experiencing the same thing with an MSSQL query (mssql_query()) on
Debian and using PHP 5.2.6-2 with Suhosin-Patch 0.9.6.2 (cli) (built:
Jul 3 2008 07:52:34)
[2008-05-10 01:00:00] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
[2008-05-02 11:20:09] [EMAIL PROTECTED]
Please try using this CVS snapshot:
http://snaps.php.net/php5.3-latest.tar.gz
For Windows (zip):
http://snaps.php.net/win32/php5.3-win32-latest.zip
For Windows (installer):
http://snaps.php.net/win32/php5.3-win32-installer-latest.msi
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/44872
--
Edit this bug report at http://bugs.php.net/?id=44872&edit=1
#44872 [Com]: canary mismatch on efree() - heap overflow detected
ID: 44872
Comment by: donald at designknights dot com
Reported By: mattr at shoplet dot com
Status: No Feedback
Bug Type: MySQLi related
Operating System: FreeBSD 6.2
PHP Version: 5.2.5
New Comment:
php version = 5.2.4-2ubuntu5.3
I am getting this same problem with the following bit of code
//class I wrote to make doing things on a remote machine easier
$ssh->init($server, $port, $username, $password);
$command = "if [ -d '$path' ]; then echo \"true\"; else echo \"false\";
fi 2> /dev/null";
//this executes the command above on the remote and gathers a true or
false answer form the ssh stream
$answer = $ssh->execute_return($command);
//this line is where it barfes all over the memory
if ($answer === "true\n"){
return true;
}
else {
return false;
}
Previous Comments:
[2008-09-08 20:43:42] ndwolf at gmail dot com
same error with PHP Version 5.2.4-2ubuntu5.3
with the Suhosin Patch 0.9.6.2
Zend Engine v2.2.0
with Zend Extension Manager v1.2.0
with Zend Optimizer v3.2.6
with jobqueue_client wrapper v1.0
with DISABLED Zend Download Server v1.0.6
with DISABLED Zend Platform v3.0.1
with Zend Debugger v5.2.5
with gd wrapper v1.0
executing line 83 of Zend/Loader.php (Zend Framework 1.6.0)
the line is a "include_once $file"
[2008-07-21 04:24:21] mike at gmi dot co dot nz
Experiencing the same thing with an MSSQL query (mssql_query()) on
Debian and using PHP 5.2.6-2 with Suhosin-Patch 0.9.6.2 (cli) (built:
Jul 3 2008 07:52:34)
[2008-05-10 01:00:00] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
[2008-05-02 11:20:09] [EMAIL PROTECTED]
Please try using this CVS snapshot:
http://snaps.php.net/php5.3-latest.tar.gz
For Windows (zip):
http://snaps.php.net/win32/php5.3-win32-latest.zip
For Windows (installer):
http://snaps.php.net/win32/php5.3-win32-installer-latest.msi
[2008-04-30 17:19:34] mattr at shoplet dot com
Description:
The execution of the attached script halts unexpectedly with "ALERT -
canary mismatch on efree() - heap overflow detected (attacker
'REMOTE_ADDR not set', file '../library/Zend/Db/Statement/Mysqli.php',
line 113)" in the apache error log.
PHP Info:
---
PHP Version => 5.2.5
System => FreeBSD localhost 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Fri Jan
12 11:05:30 UTC 2007 [EMAIL PROTECTED]
alo.edu:/usr/obj/usr/src/sys/SMP i386
Configure Command => './configure' '--with-layout=GNU'
'--with-config-file-scan-dir=/usr/local/etc/php' '--disable-all' '--e
nable-libxml' '--with-libxml-dir=/usr/local' '--enable-reflection'
'--program-prefix=' '--enable-fastcgi' '--with-apxs=/usr/lo
cal/sbin/apxs' '--with-regex=php' '--with-zend-vm=CALL'
'--enable-debug' '--enable-zend-multibyte' '--prefix=/usr/local' '--ma
ndir=/usr/local/man' '--infodir=/usr/local/info/'
PHP API => 20041225
PHP Extension => 20060613
Zend Extension => 220060519
Debug Build => yes
Thread Safety => disabled
Zend Memory Manager => enabled
IPv6 Support => enabled
This server is protected with the Suhosin Patch 0.9.6.2
Copyright (c) 2006 Hardened-PHP Project
---
Script fails on another machine running Debian 4 in the same
reproducible manner with and without the Suhosin patch.
Reproduce code:
---
#!/usr/local/bin/php
http://framework.zend.com
// Can attach to the ticket later if needed.
date_default_timezone_set('America/New_York');
$db =
Zend_Db::factory('mysqli',Array('host'=>'localhost','username'=>'','password'=>'','dbname'=>'eproc'));
$order_num = 1208212550;
$sql = $db->quoteInto("SELECT * FROM `eproc`.`Orders` WHERE
`order_num`=? LIMIT 1",$order_num);
$q = $db->fetchAll($sql);
$batch_status = $db->fetchOne("SELECT `to_po` FROM
`eproc2`.`batch_status` WHERE `status`='done' ORDER BY `to_po` DESC
LIMIT 1");
$items = $db->fetchAll("SELECT * FROM `eproc`.`Order_Item` WHERE
`order_num`='{$order_num}' ORDER BY `line_num` ASC");
$notes = $db->fetchAll("SELECT * FROM `eproc`.`notes` WHERE
`order_num`='{$order_num}' ORDER BY `sticky` DESC, `date_modified`
ASC");
$emails = $db->fetchAll("SELECT
`message_id`,`from_email`,`to_email`,`subject`,`date_received` FROM
`email_store`.`email` WHERE `order_num`='{$order_num}' ORDER BY
`date_received` ASC");
$attachments = $db->fetchAll("SELECT * FROM `files`.`order_attachments`
WHERE `order_num`='{$order_num}' ORDER BY `timestampAdded` ASC");
print_r($q);
p
#44872 [Com]: canary mismatch on efree() - heap overflow detected
ID: 44872
Comment by: ndwolf at gmail dot com
Reported By: mattr at shoplet dot com
Status: No Feedback
Bug Type: MySQLi related
Operating System: FreeBSD 6.2
PHP Version: 5.2.5
New Comment:
same error with PHP Version 5.2.4-2ubuntu5.3
with the Suhosin Patch 0.9.6.2
Zend Engine v2.2.0
with Zend Extension Manager v1.2.0
with Zend Optimizer v3.2.6
with jobqueue_client wrapper v1.0
with DISABLED Zend Download Server v1.0.6
with DISABLED Zend Platform v3.0.1
with Zend Debugger v5.2.5
with gd wrapper v1.0
executing line 83 of Zend/Loader.php (Zend Framework 1.6.0)
the line is a "include_once $file"
Previous Comments:
[2008-07-21 04:24:21] mike at gmi dot co dot nz
Experiencing the same thing with an MSSQL query (mssql_query()) on
Debian and using PHP 5.2.6-2 with Suhosin-Patch 0.9.6.2 (cli) (built:
Jul 3 2008 07:52:34)
[2008-05-10 01:00:00] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
[2008-05-02 11:20:09] [EMAIL PROTECTED]
Please try using this CVS snapshot:
http://snaps.php.net/php5.3-latest.tar.gz
For Windows (zip):
http://snaps.php.net/win32/php5.3-win32-latest.zip
For Windows (installer):
http://snaps.php.net/win32/php5.3-win32-installer-latest.msi
[2008-04-30 17:19:34] mattr at shoplet dot com
Description:
The execution of the attached script halts unexpectedly with "ALERT -
canary mismatch on efree() - heap overflow detected (attacker
'REMOTE_ADDR not set', file '../library/Zend/Db/Statement/Mysqli.php',
line 113)" in the apache error log.
PHP Info:
---
PHP Version => 5.2.5
System => FreeBSD localhost 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Fri Jan
12 11:05:30 UTC 2007 [EMAIL PROTECTED]
alo.edu:/usr/obj/usr/src/sys/SMP i386
Configure Command => './configure' '--with-layout=GNU'
'--with-config-file-scan-dir=/usr/local/etc/php' '--disable-all' '--e
nable-libxml' '--with-libxml-dir=/usr/local' '--enable-reflection'
'--program-prefix=' '--enable-fastcgi' '--with-apxs=/usr/lo
cal/sbin/apxs' '--with-regex=php' '--with-zend-vm=CALL'
'--enable-debug' '--enable-zend-multibyte' '--prefix=/usr/local' '--ma
ndir=/usr/local/man' '--infodir=/usr/local/info/'
PHP API => 20041225
PHP Extension => 20060613
Zend Extension => 220060519
Debug Build => yes
Thread Safety => disabled
Zend Memory Manager => enabled
IPv6 Support => enabled
This server is protected with the Suhosin Patch 0.9.6.2
Copyright (c) 2006 Hardened-PHP Project
---
Script fails on another machine running Debian 4 in the same
reproducible manner with and without the Suhosin patch.
Reproduce code:
---
#!/usr/local/bin/php
http://framework.zend.com
// Can attach to the ticket later if needed.
date_default_timezone_set('America/New_York');
$db =
Zend_Db::factory('mysqli',Array('host'=>'localhost','username'=>'','password'=>'','dbname'=>'eproc'));
$order_num = 1208212550;
$sql = $db->quoteInto("SELECT * FROM `eproc`.`Orders` WHERE
`order_num`=? LIMIT 1",$order_num);
$q = $db->fetchAll($sql);
$batch_status = $db->fetchOne("SELECT `to_po` FROM
`eproc2`.`batch_status` WHERE `status`='done' ORDER BY `to_po` DESC
LIMIT 1");
$items = $db->fetchAll("SELECT * FROM `eproc`.`Order_Item` WHERE
`order_num`='{$order_num}' ORDER BY `line_num` ASC");
$notes = $db->fetchAll("SELECT * FROM `eproc`.`notes` WHERE
`order_num`='{$order_num}' ORDER BY `sticky` DESC, `date_modified`
ASC");
$emails = $db->fetchAll("SELECT
`message_id`,`from_email`,`to_email`,`subject`,`date_received` FROM
`email_store`.`email` WHERE `order_num`='{$order_num}' ORDER BY
`date_received` ASC");
$attachments = $db->fetchAll("SELECT * FROM `files`.`order_attachments`
WHERE `order_num`='{$order_num}' ORDER BY `timestampAdded` ASC");
print_r($q);
print_r($order_id);
print_r($batch_status);
print_r($items);
print_r($notes);
print_r($emails);
print_r($attachments);
Expected result:
Several Arrays of database results
Actual result:
--
Execution:
[Wed Apr 30 12:45:01 2008] Script: './index.php'
---
/usr/ports/lang/php5/work/php-5.2.5/Zend/zend_opcode.c(238) : Block
0x0828d0e0 status:
Invalid pointer: ((prev=0x0045) != (prev.size=0x))
---
[Wed Apr 30 12:45:01 2008] Script: './index.php'
---
/usr/ports/lang/php5/work/php-5.2.5/Zend/zend_variables.h(35) : Block
0x0828d09c status:
/usr/ports
#44872 [Com]: canary mismatch on efree() - heap overflow detected
ID: 44872
Comment by: mike at gmi dot co dot nz
Reported By: mattr at shoplet dot com
Status: No Feedback
Bug Type: MySQLi related
Operating System: FreeBSD 6.2
PHP Version: 5.2.5
New Comment:
Experiencing the same thing with an MSSQL query (mssql_query()) on
Debian and using PHP 5.2.6-2 with Suhosin-Patch 0.9.6.2 (cli) (built:
Jul 3 2008 07:52:34)
Previous Comments:
[2008-05-10 01:00:00] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
[2008-05-02 11:20:09] [EMAIL PROTECTED]
Please try using this CVS snapshot:
http://snaps.php.net/php5.3-latest.tar.gz
For Windows (zip):
http://snaps.php.net/win32/php5.3-win32-latest.zip
For Windows (installer):
http://snaps.php.net/win32/php5.3-win32-installer-latest.msi
[2008-04-30 17:19:34] mattr at shoplet dot com
Description:
The execution of the attached script halts unexpectedly with "ALERT -
canary mismatch on efree() - heap overflow detected (attacker
'REMOTE_ADDR not set', file '../library/Zend/Db/Statement/Mysqli.php',
line 113)" in the apache error log.
PHP Info:
---
PHP Version => 5.2.5
System => FreeBSD localhost 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Fri Jan
12 11:05:30 UTC 2007 [EMAIL PROTECTED]
alo.edu:/usr/obj/usr/src/sys/SMP i386
Configure Command => './configure' '--with-layout=GNU'
'--with-config-file-scan-dir=/usr/local/etc/php' '--disable-all' '--e
nable-libxml' '--with-libxml-dir=/usr/local' '--enable-reflection'
'--program-prefix=' '--enable-fastcgi' '--with-apxs=/usr/lo
cal/sbin/apxs' '--with-regex=php' '--with-zend-vm=CALL'
'--enable-debug' '--enable-zend-multibyte' '--prefix=/usr/local' '--ma
ndir=/usr/local/man' '--infodir=/usr/local/info/'
PHP API => 20041225
PHP Extension => 20060613
Zend Extension => 220060519
Debug Build => yes
Thread Safety => disabled
Zend Memory Manager => enabled
IPv6 Support => enabled
This server is protected with the Suhosin Patch 0.9.6.2
Copyright (c) 2006 Hardened-PHP Project
---
Script fails on another machine running Debian 4 in the same
reproducible manner with and without the Suhosin patch.
Reproduce code:
---
#!/usr/local/bin/php
http://framework.zend.com
// Can attach to the ticket later if needed.
date_default_timezone_set('America/New_York');
$db =
Zend_Db::factory('mysqli',Array('host'=>'localhost','username'=>'','password'=>'','dbname'=>'eproc'));
$order_num = 1208212550;
$sql = $db->quoteInto("SELECT * FROM `eproc`.`Orders` WHERE
`order_num`=? LIMIT 1",$order_num);
$q = $db->fetchAll($sql);
$batch_status = $db->fetchOne("SELECT `to_po` FROM
`eproc2`.`batch_status` WHERE `status`='done' ORDER BY `to_po` DESC
LIMIT 1");
$items = $db->fetchAll("SELECT * FROM `eproc`.`Order_Item` WHERE
`order_num`='{$order_num}' ORDER BY `line_num` ASC");
$notes = $db->fetchAll("SELECT * FROM `eproc`.`notes` WHERE
`order_num`='{$order_num}' ORDER BY `sticky` DESC, `date_modified`
ASC");
$emails = $db->fetchAll("SELECT
`message_id`,`from_email`,`to_email`,`subject`,`date_received` FROM
`email_store`.`email` WHERE `order_num`='{$order_num}' ORDER BY
`date_received` ASC");
$attachments = $db->fetchAll("SELECT * FROM `files`.`order_attachments`
WHERE `order_num`='{$order_num}' ORDER BY `timestampAdded` ASC");
print_r($q);
print_r($order_id);
print_r($batch_status);
print_r($items);
print_r($notes);
print_r($emails);
print_r($attachments);
Expected result:
Several Arrays of database results
Actual result:
--
Execution:
[Wed Apr 30 12:45:01 2008] Script: './index.php'
---
/usr/ports/lang/php5/work/php-5.2.5/Zend/zend_opcode.c(238) : Block
0x0828d0e0 status:
Invalid pointer: ((prev=0x0045) != (prev.size=0x))
---
[Wed Apr 30 12:45:01 2008] Script: './index.php'
---
/usr/ports/lang/php5/work/php-5.2.5/Zend/zend_variables.h(35) : Block
0x0828d09c status:
/usr/ports/lang/php5/work/php-5.2.5/Zend/zend_variables.c(36) : Actual
location (location was relayed)
Invalid pointer: ((size=0x) != (next.prev=0x003d))
---
[Wed Apr 30 12:45:01 2008] Script: './index.php'
/usr/ports/databases/php5-mysqli/work/php-5.2.5/ext/mysqli/mysqli_api.c(362)
: Freeing 0x0828D060 (0 bytes), script=./index.php
zend_mm_heap corrupted
Segmentation fault (core dumped)
Backtrace:
#0 0x28583ecb in kill () from /lib/libc.so.6
#1 0x08150f51 in zend_mm_panic (message
