Edit report at http://bugs.php.net/bug.php?id=52317&edit=1
ID: 52317
User updated by: om at wysiwyg dot de
Reported by: om at wysiwyg dot de
Summary: Segmentation fault when using mail() on a rhel 4.x
(only 64 bit)
Status: Assigned
Type: Bug
Package: Reproducible crash
Operating System: rhel4.8_x86_64
PHP Version: 5.2SVN-2010-07-12 (snap)
Assigned To: aharvey
New Comment:
(gdb) bt
#0 0x0000003fc0571360 in strlen () from /lib64/tls/libc.so.6
#1 0x0000003fc0542e79 in vfprintf () from /lib64/tls/libc.so.6
#2 0x0000003fc0548626 in fprintf () from /lib64/tls/libc.so.6
#3 0x000000000060b902 in php_mail (to=0x2a9557f208 "[email protected]",
subject=0x2a9557efc0 "the subject",
message=0x2a95580b28 "hello", headers=0xffffffff9557f388 <Address
0xffffffff9557f388 out of bounds>,
extra_cmd=0x0) at
/usr/local/src/php5.2-201007131430/ext/standard/mail.c:281
#4 0x000000000060b6dc in zif_mail (ht=4, return_value=0x2a9557f318,
return_value_ptr=0x0, this_ptr=0x0,
return_value_used=0) at
/usr/local/src/php5.2-201007131430/ext/standard/mail.c:180
#5 0x00000000006ee2cb in zend_do_fcall_common_helper_SPEC
(execute_data=0x7fbfffd1c0)
at /usr/local/src/php5.2-201007131430/Zend/zend_vm_execute.h:200
#6 0x00000000006f3bdb in ZEND_DO_FCALL_SPEC_CONST_HANDLER
(execute_data=0x7fbfffd1c0)
at /usr/local/src/php5.2-201007131430/Zend/zend_vm_execute.h:1740
#7 0x00000000006eddc1 in execute (op_array=0x2a9557e130)
at /usr/local/src/php5.2-201007131430/Zend/zend_vm_execute.h:92
#8 0x00000000006c747f in zend_execute_scripts (type=8, retval=0x0,
file_count=3)
at /usr/local/src/php5.2-201007131430/Zend/zend.c:1134
#9 0x0000000000671979 in php_execute_script
(primary_file=0x7fbffff890)
at /usr/local/src/php5.2-201007131430/main/main.c:2036
#10 0x0000000000741dfb in main (argc=2, argv=0x7fbffff9e8)
at /usr/local/src/php5.2-201007131430/sapi/cli/php_cli.c:1165
(gdb)
Previous Comments:
------------------------------------------------------------------------
[2010-07-15 10:15:59] om at wysiwyg dot de
sorry I forgot the testscript:
<?php
$to = '[email protected]';
$subject = 'test';
$message = 'test';
$headers = 'From: OM' . "\r\n" .
'Reply-To: [email protected]' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
//mail without $headers is working
//mail($to, $subject, $message);
//with $headers -> seg. fault
mail($to, $subject, $message, $headers);
?>
------------------------------------------------------------------------
[2010-07-13 18:26:07] [email protected]
Since I committed the offending patch, I'll look into it.
If you could provide both the test script (which doesn't seem to have
made it) and, if possible, a backtrace per the instructions [1], that
would be most helpful.
[1] http://bugs.php.net/bugs-generating-backtrace.php
------------------------------------------------------------------------
[2010-07-12 16:52:53] om at wysiwyg dot de
Description:
------------
Since the patch for "headers_trimmed" was added in the mail.c I always
get a segmentation fault when using mail(). This only affects rhel4.x 64
bit os. rhel 5.x 64 bit or rhel4.x 32 bit works fine.
Using mail.c from a snapshot before 2010-04-22 in the actual snapshot
source everything works fine.
--- php/php-src/branches/PHP_5_2/ext/standard/mail.c 2010-04-22 01:07:48
UTC (rev 298290) -> works fine
+++ php/php-src/branches/PHP_5_2/ext/standard/mail.c 2010-04-22 02:22:49
UTC (rev 298291) -> segmentation fault when using mail() in a php script
on a rhel4.x 64 bit host
Test script:
---------------
running "make test" after building php from source.
the provided test script also reports the problem.
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/bug.php?id=52317&edit=1
