Edit report at http://bugs.php.net/bug.php?id=44683&edit=1
ID: 44683
Updated by: paj...@php.net
Reported by: d_kelsey at uk dot ibm dot com
Summary: popen with modes such as "e" or "er" cause php.exe
to crash
Status: Closed
Type: Bug
Package: Reproducible crash
Operating System: win32 only - Windows XP
PHP Version: 5.2.8
Assigned To: pajoye
Block user comment: N
New Comment:
There is another report about the error message. It is due to a mix
usage of Win32 APIs and ansi/posix-like API, but only the error system
for the latter is used.
Previous Comments:
------------------------------------------------------------------------
[2010-09-21 16:08:09] tony dot dziedzic at oracle dot com
If a caller specifies an invalid mode argument (e.g., "w+"), this change
results in the message "PHP Warning: popen(...) No error in <script> on
line <number>". It would be helpful if the message displayed was
something more indicative of the user's error than "No error".
------------------------------------------------------------------------
[2009-08-26 20:05:33] paj...@php.net
Fixed in 5.2, 5.3 and HEAD. It was bug in the Windows VC6 CRT, the same
code works well on any recent windows (vista, 2008, win7).
fdopen crashes when an invalid mode is given.
------------------------------------------------------------------------
[2009-08-26 19:57:02] s...@php.net
Automatic comment from SVN on behalf of pajoye
Revision: http://svn.php.net/viewvc/?view=revision&revision=287779
Log: - fix #44683, popen crashes when an invalid mode is passed (works
on 2k8/vista/win7)
------------------------------------------------------------------------
[2009-01-19 17:51:32] d_kelsey at uk dot ibm dot com
This is still a problem in php528. The crash looks like it is due to a
bug in the Microsoft C runtime library when calling _fdopen and the type
being passed to it is "e".
I think popen_ex in tsrm_win32.c should check that the first byte is
either "w" or "r" and if not raise a php warning "invalid argument".
Then it should check if the 2nd byte is present and if so it should only
allow "b" or "t" anything else should also raise a php warning "invalid
argument". This should then bring php.net on windows in line with what
happens on php.net for linux.
------------------------------------------------------------------------
[2008-04-18 12:51:46] d_kelsey at uk dot ibm dot com
fails on latest snapshot. Backtrace is
> ntdll.dll!7c9010f3()
[Frames below may be incorrect and/or missing, no symbols loaded for
ntdll.dll]
msvcrt.dll!77c3b974()
msvcrt.dll!77c3eb23()
msvcrt.dll!77c3eb13()
msvcrt.dll!77c2e556()
php5ts.dll!popen_ex(const char * command=0x0122c9c0, const char *
type=0x0122db18, const char * cwd=0x00301cc0, char * env=0x00000000)
Line 239 C
php5ts.dll!virtual_popen(const char * command=0x0122c9c0, const char *
type=0x0122db18, void * * * tsrm_ls=0x00301c80) Line 1172 + 0x24
bytes C
php5ts.dll!zif_popen(int ht=19015924, _zval_struct *
return_value=0x0122c9f0, _zval_struct * * return_value_ptr=0x00000000,
_zval_struct * this_ptr=0x00000000, int return_value_used=1, void * * *
tsrm_ls=0x00301c80) Line 986 + 0x10 bytes C
php5ts.dll!zend_do_fcall_common_helper_SPEC(_zend_execute_data *
execute_data=0x00c0fbd0, void * * * tsrm_ls=0x00301c80) Line 200 + 0x3d
bytes C
php5ts.dll!ZEND_DO_FCALL_SPEC_CONST_HANDLER(_zend_execute_data *
execute_data=0x00000000, void * * * tsrm_ls=0x00301c80) Line 1679 + 0xe
bytes C
php5ts.dll!execute(_zend_op_array * op_array=0x00000008, void * * *
tsrm_ls=0x00301c80) Line 92 + 0xc bytes C
php5ts.dll!php_execute_script(_zend_file_handle *
primary_file=0x00c0fec8, void * * * tsrm_ls=0x00301c80) Line 2005 +
0x12 bytes C
php.exe!main(int argc=2, char * * argv=0x00301cf0) Line 1141 C
php.exe!_mainCRTStartup() + 0xe3 bytes
kernel32.dll!7c816fd7()
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/bug.php?id=44683
--
Edit this bug report at http://bugs.php.net/bug.php?id=44683&edit=1
