ID: 44872
Comment by: fr33z at inmail dot cz
Reported By: mattr at shoplet dot com
Status: No Feedback
Bug Type: MySQLi related
Operating System: FreeBSD 6.2
PHP Version: 5.2.5
New Comment:
I have the same issue with PHP Version 5.2.9-pl2-gentoo
'./configure' '--prefix=/usr/lib64/php5' '--host=x86_64-pc-linux-gnu'
'--mandir=/usr/lib64/php5/man' '--infodir=/usr/lib64/php5/info'
'--sysconfdir=/etc' '--cache-file=./config.cache' '--with-libdir=lib64'
'--with-pcre-regex=/usr' '--enable-maintainer-zts' '--disable-cli'
'--with-apxs2=/usr/sbin/apxs2'
'--with-config-file-path=/etc/php/apache2-php5'
'--with-config-file-scan-dir=/etc/php/apache2-php5/ext-active'
'--without-pear' '--disable-bcmath' '--with-bz2' '--disable-calendar'
'--with-curl' '--with-curlwrappers' '--disable-dbase' '--enable-exif'
'--without-fbsql' '--without-fdftk' '--enable-ftp' '--with-gettext'
'--without-gmp' '--disable-ipv6' '--disable-json' '--without-kerberos'
'--enable-mbstring' '--with-mcrypt' '--with-mhash' '--without-msql'
'--without-mssql' '--with-ncurses' '--with-openssl'
'--with-openssl-dir=/usr' '--disable-pcntl' '--without-pgsql'
'--without-pspell' '--without-recode' '--disable-shmop' '--without-snmp'
'--disable-soap' '--enable-sockets' '--without-sybase'
'--without-sybase-ct' '--disable-sysvmsg' '--disable-sysvsem'
'--disable-sysvshm' '--without-tidy' '--disable-wddx' '--without-xmlrpc'
'--with-xsl' '--enable-zip' '--with-zlib' '--disable-debug'
'--enable-dba' '--without-cdb' '--with-db4' '--disable-flatfile'
'--with-gdbm' '--without-qdbm' '--with-freetype-dir=/usr'
'--with-t1lib=/usr' '--disable-gd-jis-conv' '--with-jpeg-dir=/usr'
'--with-png-dir=/usr' '--without-xpm-dir' '--with-gd'
'--with-mysql=/usr' '--with-mysql-sock=/var/run/mysqld/mysqld.sock'
'--without-mysqli' '--without-pdo-dblib' '--with-pdo-mysql=/usr'
'--without-pdo-odbc' '--without-pdo-pgsql' '--without-pdo-sqlite'
'--with-readline' '--without-libedit' '--without-mm' '--without-sqlite'
'--with-pic'
Previous Comments:
------------------------------------------------------------------------
[2009-03-22 19:38:40] mr dot jony at gmail dot com
i have this same problem in a fresh install of ubuntu 8.04 lts
and i dont have the suhosin patch
please help
------------------------------------------------------------------------
[2009-03-11 09:17:40] dballance at roydshall dot org
I have the same error when running certain queries with mssql_query().
There seems to be no way to predict which queries will run and which
fail - although if a query fails it always fails and if it runs then it
alway runs. The more complex the query, the more likely to fail.
I am running PHP Version 5.2.4-2ubuntu5.5 with Suhosin Patch 0.9.6.2.
Example code that trips the switch:
$dbhandle = mssql_connect($myServer, $myUser, $myPass);
$selected = mssql_select_db($myDB, $dbhandle);
$query = "SELECT * FROM sims.curr_group INNER JOIN
sims.curr_class_period ON sims.curr_group.base_group_id =
sims.curr_class_period.base_group_id INNER JOIN sims.sims_person ON
sims.sims_person.person_id = sims.curr_class_period.person_id
WHERE (sims.curr_group.short_name = '9b/It1')";
$result = mssql_query($query);
while($row = mssql_fetch_array($result)) {
print_r($row);
}
//close the connection
mssql_close($dbhandle);
------------------------------------------------------------------------
[2008-10-10 09:50:38] krister dot karlstrom at arcada dot fi
I'm experiencing the same bug using PHP 5.2.4-2ubuntu5.3 with
Suhosin-Patch 0.9.6.2 (cli) on a Ubuntu Hardy 8.0.4 server.
The following simplified example shows the problem, the last echo row
is not executed because of mssql_free_result() fails:
<?php
$link = mssql_connect('xxxx.xx', 'xxx', 'xxxx');
if(is_resource($link))
{
if(mssql_select_db('kursbok', $link))
{
$result = mssql_query('select * from Utbildningsprogram order by
up_nr');
if(is_resource($result))
{
$obj = mssql_fetch_object($result);
echo $obj->up_nr."\n";
mssql_free_result($result);
}
}
}
echo "Here I am - NOT!";
?>
OUTPUT
==================================================================
201000
ALERT - canary mismatch on efree() - heap overflow detected (attacker
'REMOTE_ADDR not set', file '/var/www/xxxx/TestMsSQL.php', line 16)
------------------------------------------------------------------------
[2008-09-30 11:39:29] donald at designknights dot com
php version = 5.2.4-2ubuntu5.3
I am getting this same problem with the following bit of code
//class I wrote to make doing things on a remote machine easier
$ssh->init($server, $port, $username, $password);
$command = "if [ -d '$path' ]; then echo \"true\"; else echo \"false\";
fi 2> /dev/null";
//this executes the command above on the remote and gathers a true or
false answer form the ssh stream
$answer = $ssh->execute_return($command);
//this line is where it barfes all over the memory
if ($answer === "true\n"){
return true;
}
else {
return false;
}
------------------------------------------------------------------------
[2008-09-08 20:43:42] ndwolf at gmail dot com
same error with PHP Version 5.2.4-2ubuntu5.3
with the Suhosin Patch 0.9.6.2
Zend Engine v2.2.0
with Zend Extension Manager v1.2.0
with Zend Optimizer v3.2.6
with jobqueue_client wrapper v1.0
with DISABLED Zend Download Server v1.0.6
with DISABLED Zend Platform v3.0.1
with Zend Debugger v5.2.5
with gd wrapper v1.0
executing line 83 of Zend/Loader.php (Zend Framework 1.6.0)
the line is a "include_once $file"
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/44872
--
Edit this bug report at http://bugs.php.net/?id=44872&edit=1
