#35056 [NEW]: Apache2 child crashes if ErrorDocument is PHP script

Tue, 01 Nov 2005 11:26:15 -0800 

From:             margus at zone dot ee
Operating system: SuSE Linux 9.0
PHP version:      4.4.1RC1
PHP Bug Type:     Reproducible crash
Bug description:  Apache2 child crashes if ErrorDocument is PHP script

Description:
------------
I have PHP compiled as apache2handler SAPI and using ErrorDocument, which
points to an PHP script. If this ErrorDocument is triggered, then apache
child crashes.

It must be connected with the bug #33987
and as ironic it is, PHP 4.4.1 Changelog claims, that #33987  is fixed.
Bug #33987 is actually reported against PHP5.1 and not against 4.4.0. PHP
4.4.0 works fine with ErrorDocuments.

---------

I looked into the apache2handler source
(sapi/apache2handler/sapi_apache2.c) and after debugging it was clear,
that crash happens on line (538):

   if (parent_req && strcmp(parent_req->handler, PHP_MAGIC_TYPE) &&
strcmp(parent_req->handler, PHP_SOURCE_MAGIC_TYPE) &&
strcmp(parent_req->handler, PHP_SCRIPT)) {

If changed to this:

   if (parent_req && parent_req->handler && strcmp(parent_req->handler,
PHP_MAGIC_TYPE) && strcmp(parent_req->handler, PHP_SOURCE_MAGIC_TYPE) &&
strcmp(parent_req->handler, PHP_SCRIPT)) {

then everything's fine and works.

The correct extra check is present in 5.1.0 (but for some odd reason not
in 4.4.1 and 5.0.5).

Reproduce code:
---------------
.htaccess
---------
ErrorDocument 404 /error.php?status=404

/error.php
---------
die( "File Not Found!" );


Expected result:
----------------
File Not Found!

Actual result:
--------------
Apache2 crashes.

-- 
Edit bug report at http://bugs.php.net/?id=35056&edit=1
-- 
Try a CVS snapshot (php4):   http://bugs.php.net/fix.php?id=35056&r=trysnapshot4
Try a CVS snapshot (php5.0): 
http://bugs.php.net/fix.php?id=35056&r=trysnapshot50
Try a CVS snapshot (php5.1): 
http://bugs.php.net/fix.php?id=35056&r=trysnapshot51
Fixed in CVS:                http://bugs.php.net/fix.php?id=35056&r=fixedcvs
Fixed in release:            http://bugs.php.net/fix.php?id=35056&r=alreadyfixed
Need backtrace:              http://bugs.php.net/fix.php?id=35056&r=needtrace
Need Reproduce Script:       http://bugs.php.net/fix.php?id=35056&r=needscript
Try newer version:           http://bugs.php.net/fix.php?id=35056&r=oldversion
Not developer issue:         http://bugs.php.net/fix.php?id=35056&r=support
Expected behavior:           http://bugs.php.net/fix.php?id=35056&r=notwrong
Not enough info:             
http://bugs.php.net/fix.php?id=35056&r=notenoughinfo
Submitted twice:             
http://bugs.php.net/fix.php?id=35056&r=submittedtwice
register_globals:            http://bugs.php.net/fix.php?id=35056&r=globals
PHP 3 support discontinued:  http://bugs.php.net/fix.php?id=35056&r=php3
Daylight Savings:            http://bugs.php.net/fix.php?id=35056&r=dst
IIS Stability:               http://bugs.php.net/fix.php?id=35056&r=isapi
Install GNU Sed:             http://bugs.php.net/fix.php?id=35056&r=gnused
Floating point limitations:  http://bugs.php.net/fix.php?id=35056&r=float
No Zend Extensions:          http://bugs.php.net/fix.php?id=35056&r=nozend
MySQL Configuration Error:   http://bugs.php.net/fix.php?id=35056&r=mysqlcfg

Reply via email to