#44872 [Com]: canary mismatch on efree() - heap overflow detected

Wed, 09 Sep 2009 03:22:02 -0700 

 ID:               44872
 Comment by:       neofutur dot php at ww7 dot be
 Reported By:      mattr at shoplet dot com
 Status:           No Feedback
 Bug Type:         MySQLi related
 Operating System: FreeBSD 6.2
 PHP Version:      5.2.5
 New Comment:

I also tried the code suggested :

<?php
$demo_user[]=(object)array("first" => 1);
$demo_user[]=(object)array("second" => 2);
$demo_user[]=(object)array("third" => 3);

echo "<pre>"; var_dump($demo_user); echo "</pre>";

?>

 This doesnt trigger any error message here


Previous Comments:
------------------------------------------------------------------------

[2009-09-09 10:07:50] neofutur dot php at ww7 dot be

your bugtool dont accept my comment after 40 attempts, so I just post
the pastebin url containing all my comments and logs :

http://dpaste.com/91360/

------------------------------------------------------------------------

[2009-09-09 09:56:15] joeysmith at gmail dot com

Sorry for the noise - testing the assertion that CAPTCHAs are broken.

------------------------------------------------------------------------

[2009-08-20 07:42:34] p dot elagin at gmail dot com

PHP Version 5.2.10-2
Linux xxxxxxx.ru 2.6.26-2-amd64 #1 SMP Fri Aug 14 07:12:04 UTC 2009
x86_64
___
Same Problem
[Thu Aug 20 11:34:09 2009] [error] [client 212.16.10.34] ALERT - canary
mismatch on efree() - heap overflow detected (attacker 'xxxxxxx', file
'xxxxxxx/index.php'), referer: http://text.foothold.ru/index.php

Linux - Debian ( squeeze )

i have this problem when i install 5.2.10-1, i reinstall to 5.2.9 all
is ok. now i update my system and problem restore ((((

------------------------------------------------------------------------

[2009-08-07 12:44:19] werner at flyingdog dot de

I also can reproduce this error (Suhosin Patch installed). Very simple
test script: 


<?php
$demo_user[]=(object)array("first" => 1);
$demo_user[]=(object)array("second" => 2);
$demo_user[]=(object)array("third" => 3);

echo "<pre>"; var_dump($demo_user); echo "</pre>";

?>

Error Log:
[Fri Aug 07 14:38:06 2009] [error] [client xx.xx.xx.xx] ALERT - canary
mismatch on efree() - heap overflow detected (attacker 'xx.xx.xx.xx',
file '/somedir/somedir/htdocs/f.php', line 2)

Version Info:

Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.6 with Suhosin-Patch
proxy_html/3.0.0 Server at xxxxxx Port 80

------------------------------------------------------------------------

[2009-08-06 00:18:58] robert at robert-gonzalez dot com

I am having this same issue on Ubuntu 8.10 running against Sybase 12.5.
This actually just started happening against the CLI version of PHP when
attempting to connect more than once to the database server in the same
request. Any idea when this might get fixed? Or if not, anyone have a
reliable work around?

------------------------------------------------------------------------

The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
    http://bugs.php.net/44872

-- 
Edit this bug report at http://bugs.php.net/?id=44872&edit=1

Reply via email to