ID: 20108 Updated by: [EMAIL PROTECTED] Reported By: [EMAIL PROTECTED] -Status: Assigned +Status: Closed Bug Type: Reproducible crash Operating System: Linux and NetBSD PHP Version: 4.0CVS-2002-10-20 Assigned To: iliaa New Comment:
This bug has been fixed in CVS. In case this was a PHP problem, snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. In case this was a documentation problem, the fix will show up soon at http://www.php.net/manual/. In case this was a PHP.net website problem, the change will show up on the PHP.net site and on the mirror sites in short time. Thank you for the report, and for helping us make PHP better. Previous Comments: ------------------------------------------------------------------------ [2002-10-26 15:25:33] [EMAIL PROTECTED] I just re-tested this on a FreeBSD 4.6-RELEASE again and: ------------------------->8 jeroen@hog:~$ uname -a <?php $a = "boo"; printf("%580.58s\n", $a); ?> X-Powered-By: PHP/4.1.1 Content-type: text/html ------------------------->8 Notice the many \n's, this could be an empty buffer... Which is the same I got on OpenBSD 3.1... ------------------------------------------------------------------------ [2002-10-26 15:13:38] [EMAIL PROTECTED] Somewhat reproduced with BSDi 4.2. Not a segfault, but garbage output. added testcase to CVS. Updated version. ------------------------------------------------------------------------ [2002-10-26 13:13:00] [EMAIL PROTECTED] The oops: 8<------------- jeroen@noc:~$ ulimit -c unlimited jeroen@noc:~$ php4 <?php $a = "boo"; printf("%580.58s\n", $a); ?> Segmentation fault (core dumped) ------------->8 The system: 8<------------- jeroen@noc:~$ uname -a Linux noc 2.4.18 #1 Wed May 29 22:19:46 CEST 2002 i686 Intel(R) Celeron(TM) CPU 1200MHz GenuineIntel GNU/Linux ------------->8 It's Debian unstable, current as of 26-Oct-2002 Relevant Debian packages: ii libc6 2.3.1-3 ii php4-cgi 4.2.3-3 Backtrace: 8<-------------- (gdb) bt #0 0x402711af in mallopt () from /lib/libc.so.6 #1 0x4027001f in realloc () from /lib/libc.so.6 #2 0x080dd7a3 in _erealloc () #3 0x080a6b6a in php_if_stat () #4 0x080a8804 in zif_user_printf () #5 0x0810c060 in execute () #6 0x080ea428 in zend_execute_scripts () #7 0x080664cd in php_execute_script () #8 0x08064363 in main () #9 0x4021b9d3 in __libc_start_main () from /lib/libc.so.6 (gdb) q -------------->8 I've also tested it on NetBSD, which also segfaulted apache and gave back a whole lot of wrong things (buffer from previous sessions). OpenBSD 3.1 + FreeBSD 4.6-RELEASE didn't have this problem so this could quite well be glibc related, see the traceback above. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=20108&edit=1