ID: 49767
Updated by: [email protected]
Reported By: mb at smartftp dot com
-Status: Feedback
+Status: Assigned
Bug Type: Reproducible crash
Operating System: Windows 2008 SP2 x86
PHP Version: 5.3.0
Assigned To: pajoye
New Comment:
I corrected myself about the script by asking for the full bt (the one
on RS was not readable).
The diagnostic sounds good, I have to reproduce it to be sure. Assigned
to me.
Previous Comments:
------------------------------------------------------------------------
[2009-10-04 17:28:20] mb at smartftp dot com
I don't think you need a script. A little bit of time and motivation
would do as well:
Please review your code:
File: main.c
PHPAPI int php_execute_script(zend_file_handle *primary_file
TSRMLS_DC)
{
...
#ifdef PHP_WIN32
UpdateIniFromRegistry(primary_file->filename TSRMLS_CC);
#endif
..
}
Then:
File: registry.c
void UpdateIniFromRegistry(char *path TSRMLS_DC)
{
-> BUG: missing check for argument
// here comes the check for Per Directory registry value. If it is not
found the function exists and never comes to the estrdup and hence no
crash.
...
orig_path = path = estrdup(path);
..
}
The problem only happens if the "Per Directory Values" registry key is
present. In this case estrdup(NULL) is called and you get the crash.
So I think the argument (path) should be checked for NULL. And when I
look at the main.c I also noticed that you sometimes expect the
primary_file->filename to be null, so maybe you add a check before the
UpdateIniFromRegistry() call.
Proposed FIX:
#ifdef PHP_WIN32
if(primary_file->filename)
{
UpdateIniFromRegistry(primary_file->filename TSRMLS_CC);
}
#endif
+ Add argument check for UpdateIniFromRegistry
Workaround:
Remove "Per Directories Values" registry key.
Regards,
Mat
------------------------------------------------------------------------
[2009-10-04 17:23:34] [email protected]
Btw, can you also zip the report and send it to me or provide a link to
the zip (pls not one of these radidshare thing) :)
------------------------------------------------------------------------
[2009-10-04 17:21:26] [email protected]
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves.
A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external
resources such as databases, etc. If the script requires a
database to demonstrate the issue, please make sure it creates
all necessary tables, stored procedures etc.
Please avoid embedding huge scripts into the report.
------------------------------------------------------------------------
[2009-10-04 17:09:37] mb at smartftp dot com
Trimmed URL:
http://trim-url.com/?gW
------------------------------------------------------------------------
[2009-10-04 17:04:14] mb at smartftp dot com
Description:
------------
The following crash occurs every minute:
unction Arg 1 Arg 2 Arg 3 Source
php5!_estrdup+10 00000000 00c0de74 00c0de74
php5!UpdateIniFromRegistry+141 00000000 00c0d400 100ab2e0
php5!php_execute_script+b1 00c0de74 0040a500 00000001
php_cgi!main+ab0 00000001 01871300 018717c8
php_cgi!memset+160 7ffdf000 00c0ffd4 776919bb
kernel32!BaseThreadInitThunk+e 7ffdf000 79a4bd48 00000000
ntdll!__RtlUserThreadStart+23 004062ca 7ffdf000 00000000
ntdll!_RtlUserThreadStart+1b 004062ca 7ffdf000 00000000
Find complete crash report at:
http://rapidshare.com/files/288635650/CrashHang_Report__PID_3112__PID_3728__PID_4460__PID_472__PID_5168__PID_5216__PID_5276__PID_5388__100.html
Reproduce code:
---------------
not available
Expected result:
----------------
no crash
Actual result:
--------------
crash
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=49767&edit=1
