#16859 [Opn->Ctl]: session_decode gives SEGV in PHP 4.2.0

derick Tue, 24 Sep 2002 01:13:15 -0700

 ID:               16859
 Updated by:       [EMAIL PROTECTED]
 Reported By:      [EMAIL PROTECTED]
-Status:           Open
+Status:           Critical
 Bug Type:         Session related
 Operating System: Solaris 2.6 (5.6)
 PHP Version:      4.2.0
 New Comment:


reproduced with 4.3.0-dev

Derick


Previous Comments:
------------------------------------------------------------------------

[2002-08-19 16:22:30] [EMAIL PROTECTED]

I should have added that we are using Apache 1.3.20 and that
session_decode() worked fine with PHP 4.1.2, but not with either PHP
4.2.1 or PHP 4.2.2.

Thanks.

------------------------------------------------------------------------

[2002-08-19 16:11:32] [EMAIL PROTECTED]

session_decode() consistently causes a page fault using PHP 4.2.2 on
three development PCs -- two with WIN98 SE and one with WINDOWS 2000

------------------------------------------------------------------------

[2002-06-13 18:11:10] [EMAIL PROTECTED]

I can also reproduce a Segmentation Fault with session_decode() on:

RedHat 7.3
Apache 1.3.23
PHP 4.2.1

------------------------------------------------------------------------

[2002-06-09 22:56:55] [EMAIL PROTECTED]

Recompiled with --enable-debug on FreeBSD 4.5, and I'm getting  a
considerably different backtrace:

(gdb) bt
#0  0x8082108 in set_default_charset_by_name (cs_name=0x818d0cc
"signature",
    flags=9) at charset.c:416
#1  0x8082879 in zm_info_pcre (zend_module=0x818200c) at php_pcre.c:88
#2  0x8082a25 in pcre_get_compiled_regex (
    regex=0x818200c
"signature|s:8:\"Damn\\'..\";!daheader|!daHeaderRandom|!daIndexTop|!daMenuDeviations|daTaglines|s:2:\"no\";!daNewLimit|!daNewDevs|daBuddyList|N;daBuddyStatus|s:6:\"online\";!daNewDisplay|daSortBy|s:4:\"date\";d"...,

    extra=0x81b, preg_options=0x8151044) at php_pcre.c:164
#3  0x8084c72 in preg_replace_impl (ht=1, return_value=0x818d0ac,
    this_ptr=0x0, return_value_used=0, is_callable_replace=8 '\b')
    at php_pcre.c:1009
#4  0x80fdf48 in tsrm_strndup (s=0x817f88c "\002", length=2)
    at tsrm_virtual_cwd.c:161
#5  0x80e37b8 in zif_xml_parser_set_option (ht=8, return_value=0x0,
    this_ptr=0x3, return_value_used=0) at xml.c:1519
#6  0x8061242 in php_module_startup (sf=0xbfbffc10) at main.c:971
#7  0x805f180 in main (argc=3, argv=0xbfbffc78) at cgi_main.c:649
#8  0x805e54d in acos ()

------------------------------------------------------------------------

[2002-06-09 22:31:25] [EMAIL PROTECTED]

Forgot to mention, I have an example script including all session data
which crashes it:

http://neo.zero-gravity.org/bug16859.txt

------------------------------------------------------------------------

The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
    http://bugs.php.net/16859

-- 
Edit this bug report at http://bugs.php.net/?id=16859&edit=1

#16859 [Opn->Ctl]: session_decode gives SEGV in PHP 4.2.0

Reply via email to