Bug #52317 [Asn->Sus]: Segmentation fault when using mail() on a rhel 4.x (only 64 bit)

aharvey Mon, 19 Jul 2010 03:47:22 -0700

Edit report at http://bugs.php.net/bug.php?id=52317&edit=1


 ID:               52317
 Updated by:       [email protected]
 Reported by:      om at wysiwyg dot de
 Summary:          Segmentation fault when using mail() on a rhel 4.x
                   (only 64 bit)
-Status:           Assigned
+Status:           Suspended
 Type:             Bug
 Package:          Reproducible crash
 Operating System: rhel4.8_x86_64
 PHP Version:      5.2SVN-2010-07-12 (snap)
 Assigned To:      aharvey

 New Comment:

Gah, missing header inclusion + older version of gcc = failure, hence

why this wasn't manifesting on RHEL 5 or recent Ubuntu versions. I do

find the fact it's 64-bit only interesting, 



Fix checked into trunk. Given we're deep into the RC cycle, I'll talk

to the RMs before committing to the 5.2 and 5.3 branches, although I

think this is a pretty good candidate for both.


Previous Comments:
------------------------------------------------------------------------
[2010-07-19 12:46:46] [email protected]

Automatic comment from SVN on behalf of aharvey
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=301392
Log: Fix for bug #52317 (Segmentation fault when using mail() on a rhel
4.x (only 64
bit)).

------------------------------------------------------------------------
[2010-07-15 10:32:42] om at wysiwyg dot de

(gdb) bt

#0  0x0000003fc0571360 in strlen () from /lib64/tls/libc.so.6

#1  0x0000003fc0542e79 in vfprintf () from /lib64/tls/libc.so.6

#2  0x0000003fc0548626 in fprintf () from /lib64/tls/libc.so.6

#3  0x000000000060b902 in php_mail (to=0x2a9557f208 "[email protected]",
subject=0x2a9557efc0 "the subject", 

    message=0x2a95580b28 "hello", headers=0xffffffff9557f388 <Address
0xffffffff9557f388 out of bounds>, 

    extra_cmd=0x0) at
/usr/local/src/php5.2-201007131430/ext/standard/mail.c:281

#4  0x000000000060b6dc in zif_mail (ht=4, return_value=0x2a9557f318,
return_value_ptr=0x0, this_ptr=0x0, 

    return_value_used=0) at
/usr/local/src/php5.2-201007131430/ext/standard/mail.c:180

#5  0x00000000006ee2cb in zend_do_fcall_common_helper_SPEC
(execute_data=0x7fbfffd1c0)

    at /usr/local/src/php5.2-201007131430/Zend/zend_vm_execute.h:200

#6  0x00000000006f3bdb in ZEND_DO_FCALL_SPEC_CONST_HANDLER
(execute_data=0x7fbfffd1c0)

    at /usr/local/src/php5.2-201007131430/Zend/zend_vm_execute.h:1740

#7  0x00000000006eddc1 in execute (op_array=0x2a9557e130)

    at /usr/local/src/php5.2-201007131430/Zend/zend_vm_execute.h:92

#8  0x00000000006c747f in zend_execute_scripts (type=8, retval=0x0,
file_count=3)

    at /usr/local/src/php5.2-201007131430/Zend/zend.c:1134

#9  0x0000000000671979 in php_execute_script
(primary_file=0x7fbffff890)

    at /usr/local/src/php5.2-201007131430/main/main.c:2036

#10 0x0000000000741dfb in main (argc=2, argv=0x7fbffff9e8)

    at /usr/local/src/php5.2-201007131430/sapi/cli/php_cli.c:1165

(gdb)

------------------------------------------------------------------------
[2010-07-15 10:15:59] om at wysiwyg dot de

sorry I forgot the testscript:



<?php



        $to      = '[email protected]';

        $subject = 'test';

        $message = 'test';



        $headers = 'From: OM' . "\r\n" .

                   'Reply-To: [email protected]' . "\r\n" .

                   'X-Mailer: PHP/' . phpversion();





        //mail without $headers is working

        //mail($to, $subject, $message);

        

        //with $headers -> seg. fault

        mail($to, $subject, $message, $headers);



?>

------------------------------------------------------------------------
[2010-07-13 18:26:07] [email protected]

Since I committed the offending patch, I'll look into it.



If you could provide both the test script (which doesn't seem to have
made it) and, if possible, a backtrace per the instructions [1], that
would be most helpful.



[1] http://bugs.php.net/bugs-generating-backtrace.php

------------------------------------------------------------------------
[2010-07-12 16:52:53] om at wysiwyg dot de

Description:
------------
Since the patch for "headers_trimmed" was added in the mail.c I always
get a segmentation fault when using mail(). This only affects rhel4.x 64
bit os. rhel 5.x 64 bit or rhel4.x 32 bit works fine.



Using mail.c from a snapshot before 2010-04-22 in the actual snapshot
source everything works fine.



--- php/php-src/branches/PHP_5_2/ext/standard/mail.c    2010-04-22 01:07:48
UTC (rev 298290) -> works fine

+++ php/php-src/branches/PHP_5_2/ext/standard/mail.c    2010-04-22 02:22:49
UTC (rev 298291) -> segmentation fault when using mail() in a php script
on a rhel4.x 64 bit host









Test script:
---------------
running "make test" after building php from source.



the provided test script also reports the problem.



------------------------------------------------------------------------



-- 
Edit this bug report at http://bugs.php.net/bug.php?id=52317&edit=1

Bug #52317 [Asn->Sus]: Segmentation fault when using mail() on a rhel 4.x (only 64 bit)

Reply via email to