ID: 43861
Comment by: kepi at orthank dot net
Reported By: skennedy at vcn dot com
Status: Open
Bug Type: MSSQL related
Operating System: FreeBSD 6.2
PHP Version: 5.2.5
New Comment:
We have same problem with every sql query we tried:
<?php
$conn = odbc_connect("FreeTDS", "user", "name");
$query = "SELECT * FROM systypes";
$result = odbc_exec($conn,$query);
?>
result:
--------
ALERT - canary mismatch on efree() - heap overflow detected (attacker
'127.0.0.1', file '/var/www/test.php', line 3)
Previous Comments:
------------------------------------------------------------------------
[2008-01-16 01:03:41] skennedy at vcn dot com
Description:
------------
Getting an "ALERT - canary mismatch on efree() - heap overflow
detected" error when running two certain queries. This seems to be
triggered when the second query runs. The error indicates the
mssql_free_result() is the offender, but it happens even when
mssql_free_result() is omitted (however does not show the offending line
number). This bug is the similar, if not the same, as #40119.
Reproduce code:
---------------
http://bandwidthbuilders.com/php_mssql_suhosin_bug.phps
Expected result:
----------------
To run without error and exit cleanly.
Actual result:
--------------
ALERT - canary mismatch on efree() - heap overflow detected (attacker
'REMOTE_ADDR not set', file '/usr/home/bwbuilders/test.php', line 33)
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=43861&edit=1
