ID:               44872
 Comment by:       joeysmith at gmail dot com
 Reported By:      mattr at shoplet dot com
 Status:           No Feedback
 Bug Type:         MySQLi related
 Operating System: FreeBSD 6.2
 PHP Version:      5.2.5
 New Comment:

Sorry for the noise - testing the assertion that CAPTCHAs are broken.


Previous Comments:
------------------------------------------------------------------------

[2009-08-20 07:42:34] p dot elagin at gmail dot com

PHP Version 5.2.10-2
Linux xxxxxxx.ru 2.6.26-2-amd64 #1 SMP Fri Aug 14 07:12:04 UTC 2009
x86_64
___
Same Problem
[Thu Aug 20 11:34:09 2009] [error] [client 212.16.10.34] ALERT - canary
mismatch on efree() - heap overflow detected (attacker 'xxxxxxx', file
'xxxxxxx/index.php'), referer: http://text.foothold.ru/index.php

Linux - Debian ( squeeze )

i have this problem when i install 5.2.10-1, i reinstall to 5.2.9 all
is ok. now i update my system and problem restore ((((

------------------------------------------------------------------------

[2009-08-07 12:44:19] werner at flyingdog dot de

I also can reproduce this error (Suhosin Patch installed). Very simple
test script: 


<?php
$demo_user[]=(object)array("first" => 1);
$demo_user[]=(object)array("second" => 2);
$demo_user[]=(object)array("third" => 3);

echo "<pre>"; var_dump($demo_user); echo "</pre>";

?>

Error Log:
[Fri Aug 07 14:38:06 2009] [error] [client xx.xx.xx.xx] ALERT - canary
mismatch on efree() - heap overflow detected (attacker 'xx.xx.xx.xx',
file '/somedir/somedir/htdocs/f.php', line 2)

Version Info:

Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.6 with Suhosin-Patch
proxy_html/3.0.0 Server at xxxxxx Port 80

------------------------------------------------------------------------

[2009-08-06 00:18:58] robert at robert-gonzalez dot com

I am having this same issue on Ubuntu 8.10 running against Sybase 12.5.
This actually just started happening against the CLI version of PHP when
attempting to connect more than once to the database server in the same
request. Any idea when this might get fixed? Or if not, anyone have a
reliable work around?

------------------------------------------------------------------------

[2009-07-17 09:13:13] emiel dot molenaar at gmail dot com

Any news about this one? Having the same issue here on Debian:

PHP 5.2.10-2 with Suhosin-Patch 0.9.7 (cli) (built: Jul 10 2009 
01:47:03)

------------------------------------------------------------------------

[2009-05-06 14:16:33] j dot vd dot broek at home dot nl

This solution I saw on another website might help fixing it in a next
build of PHP or at least show people with the same problem a way out of
it:
http://chrisblunt.com/blog/2009/05/01/php-fixing-mismatched-canaries-how-to-remove-suhosin-from-debianubuntu-packages/

------------------------------------------------------------------------

The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
    http://bugs.php.net/44872

-- 
Edit this bug report at http://bugs.php.net/?id=44872&edit=1

Reply via email to