ID: 44872 Comment by: joeysmith at gmail dot com Reported By: mattr at shoplet dot com Status: No Feedback Bug Type: MySQLi related Operating System: FreeBSD 6.2 PHP Version: 5.2.5 New Comment:
Sorry for the noise - testing the assertion that CAPTCHAs are broken. Previous Comments: ------------------------------------------------------------------------ [2009-08-20 07:42:34] p dot elagin at gmail dot com PHP Version 5.2.10-2 Linux xxxxxxx.ru 2.6.26-2-amd64 #1 SMP Fri Aug 14 07:12:04 UTC 2009 x86_64 ___ Same Problem [Thu Aug 20 11:34:09 2009] [error] [client 212.16.10.34] ALERT - canary mismatch on efree() - heap overflow detected (attacker 'xxxxxxx', file 'xxxxxxx/index.php'), referer: http://text.foothold.ru/index.php Linux - Debian ( squeeze ) i have this problem when i install 5.2.10-1, i reinstall to 5.2.9 all is ok. now i update my system and problem restore (((( ------------------------------------------------------------------------ [2009-08-07 12:44:19] werner at flyingdog dot de I also can reproduce this error (Suhosin Patch installed). Very simple test script: <?php $demo_user[]=(object)array("first" => 1); $demo_user[]=(object)array("second" => 2); $demo_user[]=(object)array("third" => 3); echo "<pre>"; var_dump($demo_user); echo "</pre>"; ?> Error Log: [Fri Aug 07 14:38:06 2009] [error] [client xx.xx.xx.xx] ALERT - canary mismatch on efree() - heap overflow detected (attacker 'xx.xx.xx.xx', file '/somedir/somedir/htdocs/f.php', line 2) Version Info: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.6 with Suhosin-Patch proxy_html/3.0.0 Server at xxxxxx Port 80 ------------------------------------------------------------------------ [2009-08-06 00:18:58] robert at robert-gonzalez dot com I am having this same issue on Ubuntu 8.10 running against Sybase 12.5. This actually just started happening against the CLI version of PHP when attempting to connect more than once to the database server in the same request. Any idea when this might get fixed? Or if not, anyone have a reliable work around? ------------------------------------------------------------------------ [2009-07-17 09:13:13] emiel dot molenaar at gmail dot com Any news about this one? Having the same issue here on Debian: PHP 5.2.10-2 with Suhosin-Patch 0.9.7 (cli) (built: Jul 10 2009 01:47:03) ------------------------------------------------------------------------ [2009-05-06 14:16:33] j dot vd dot broek at home dot nl This solution I saw on another website might help fixing it in a next build of PHP or at least show people with the same problem a way out of it: http://chrisblunt.com/blog/2009/05/01/php-fixing-mismatched-canaries-how-to-remove-suhosin-from-debianubuntu-packages/ ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/44872 -- Edit this bug report at http://bugs.php.net/?id=44872&edit=1
