Edit report at https://bugs.php.net/bug.php?id=64836&edit=1
ID: 64836 Updated by: paj...@php.net Reported by: r dot biegel at gmx dot at Summary: segfault in softmagic.c -Status: Open +Status: Closed Type: Bug Package: Unknown/Other Function Operating System: Gentoo Linux PHP Version: 5.4.15 -Assigned To: +Assigned To: pajoye Block user comment: N Private report: N New Comment: The fix for this bug has been committed. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. For Windows: http://windows.php.net/snapshots/ Thank you for the report, and for helping us make PHP better. Previous Comments: ------------------------------------------------------------------------ [2013-05-14 16:49:33] r dot biegel at gmx dot at Description: ------------ PHP segfaults when going through the typo3 upgrade wizzard (4.5 -> 6.1) Not shure what's going on, but line 1610 in softmagic.c says: offset += ms->c.li[cont_level-1].off; but cont_level seems to be 0. ====== Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7fffdbfef700 (LWP 20398)] 0x00007fffeeec2e6f in mget (ms=0x7fffd40f1410, s=0x7fffd4704760 "GIF89a", m=0x7fffe8509268, nbytes=4749, o=0, cont_level=0, mode=32, text=0, flip=0, recursion_level=1, printed_something=0x7fffdbfebdd4, need_separator=0x7fffdbfebdd8, returnval=0x7fffdbfebd24) at ext/fileinfo/libmagic/softmagic.c:1610 ====== #0 0x00007fffeeec2e6f in mget (ms=0x7fffd40f1410, s=0x7fffd4704760 "GIF89a", m=0x7fffe8509268, nbytes=4749, o=0, cont_level=0, mode=32, text=0, flip=0, recursion_level=1, printed_something=0x7fffdbfebdd4, need_separator=0x7fffdbfebdd8, returnval=0x7fffdbfebd24) at ext/fileinfo/libmagic/softmagic.c:1610 #1 0x00007fffeeebedec in match (ms=0x7fffd40f1410, magic=0x7fffe83b70e8, nmagic=9629, s=0x7fffd4704760 "GIF89a", nbytes=4749, offset=0, mode=32, text=0, flip=0, recursion_level=0, printed_something=0x7fffdbfebdd4, need_separator=0x7fffdbfebdd8, returnval=0x7fffdbfebd24) at ext/fileinfo/libmagic/softmagic.c:157 #2 0x00007fffeeebeb1d in file_softmagic (ms=0x7fffd40f1410, buf=0x7fffd4704760 "GIF89a", nbytes=4749, mode=32, text=0) at ext/fileinfo/libmagic/softmagic.c:82 #3 0x00007fffeeebc3a5 in file_buffer (ms=0x7fffd40f1410, stream=0x7fffd46d7998, inname=0x0, buf=0x7fffd4704760, nb=4749) at ext/fileinfo/libmagic/funcs.c:238 #4 0x00007fffeeebd698 in file_or_stream (ms=0x7fffd40f1410, inname=0x0, stream=0x7fffd46d7998) at ext/fileinfo/libmagic/magic.c:412 #5 0x00007fffeeebd441 in magic_stream (ms=0x7fffd40f1410, stream=0x7fffd46d7998) at ext/fileinfo/libmagic/magic.c:344 #6 0x00007fffeeeae9b8 in _php_finfo_get_type (ht=2, return_value=0x7fffd46e4e68, return_value_ptr=0x0, this_ptr=0x7fffd46e4e38, return_value_used=1, tsrm_ls=0x7fffd4008900, mode=2, mimetype_emu=0) at ext/fileinfo/fileinfo.c:540 #7 0x00007fffeeeaec40 in zif_finfo_file (ht=2, return_value=0x7fffd46e4e68, return_value_ptr=0x0, this_ptr=0x7fffd46e4e38, return_value_used=1, tsrm_ls=0x7fffd4008900) at ext/fileinfo/fileinfo.c:578 #8 0x00007fffef2f0972 in zend_do_fcall_common_helper_SPEC ( execute_data=0x7ffff7e5db28, tsrm_ls=0x7fffd4008900) at Zend/zend_vm_execute.h:643 #9 0x00007fffef2f1dde in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER ( execute_data=0x7ffff7e5db28, tsrm_ls=0x7fffd4008900) at Zend/zend_vm_execute.h:754 #10 0x00007fffef2ee767 in execute (op_array=0x7fffd45da558, tsrm_ls=0x7fffd4008900) at Zend/zend_vm_execute.h:410 #11 0x00007fffef2a453e in zend_execute_scripts (type=8, tsrm_ls=0x7fffd4008900, retval=0x0, file_count=3) at Zend/zend.c:1315 #12 0x00007fffef1e6053 in php_execute_script (primary_file=0x7fffdbfeea30, tsrm_ls=0x7fffd4008900) at main/main.c:2492 #13 0x00007fffef423efb in php_handler (r=0x7fffd4004980) at sapi/apache2handler/sapi_apache2.c:667 #14 0x00005555555ba9c6 in ap_run_handler (r=0x7fffd4004980) at config.c:169 #15 0x00005555555bb56d in ap_invoke_handler (r=0x7fffd4004980) at config.c:432 #16 0x00005555555db438 in ap_process_async_request (r=0x7fffd4004980) at http_request.c:317 #17 0x00005555555db543 in ap_process_request (r=0x7fffd4004980) at http_request.c:363 #18 0x00005555555d721a in ap_process_http_sync_connection (c=0x7fffe4003228) at http_core.c:190 #19 0x00005555555d7353 in ap_process_http_connection (c=0x7fffe4003228) at http_core.c:231 #20 0x00005555555ca23d in ap_run_process_connection (c=0x7fffe4003228) at connection.c:41 #21 0x00005555555ca828 in ap_process_connection (c=0x7fffe4003228, csd=0x7fffe4003010) at connection.c:202 #22 0x00005555555e5e36 in process_socket (thd=0x5555558a8a78, p=0x7fffe4002f98, sock=0x7fffe4003010, my_child_num=0, my_thread_num=20, bucket_alloc=0x7fffd40008e8) at worker.c:620 #23 0x00005555555e6e1e in worker_thread (thd=0x5555558a8a78, dummy=0x7fffe4000f80) at worker.c:979 #24 0x00007ffff6713f6b in start_thread () from /lib64/libpthread.so.0 #25 0x00007ffff6248d8d in clone () from /lib64/libc.so.6 ====== ./php-config --configure-options --prefix=/usr --build=x86_64-pc-linux-gnu --host=x86_64-pc-linux-gnu --mandir=/usr/share/man --infodir=/usr/share/info --datadir=/usr/share --sysconfdir=/etc --localstatedir=/var/lib --prefix=/usr/lib64/php5.4 --mandir=/usr/lib64/php5.4/man --infodir=/usr/lib64/php5.4/info --libdir=/usr/lib64/php5.4/lib --with-libdir=lib64 --without-pear --enable-maintainer-zts --disable-bcmath --with-bz2=/usr --disable-calendar --enable-ctype --without-curl --without-curlwrappers --enable-dom --without-enchant --disable-exif --enable-fileinfo --enable-filter --enable-ftp --with-gettext=/usr --without-gmp --enable-hash --without-mhash --with-iconv --disable-intl --disable-ipv6 --enable-json --without-kerberos --enable-libxml --with-libxml-dir=/usr --enable-mbstring --with-mcrypt=/usr --without-mssql --with-onig=/usr --with-openssl=/usr --with-openssl-dir=/usr --disable-pcntl --enable-phar --enable-pdo --without-pgsql --enable-posix --without-pspell --without-recode --enable-simplexml --disable-shmop --without-snmp --enable-soap --enable-sockets --without-sqlite3 --without-sybase-ct --enable-sysvmsg --enable-sysvsem --enable-sysvshm --without-tidy --enable-tokenizer --disable-wddx --enable-xml --disable-xmlreader --disable-xmlwriter --without-xmlrpc --without-xsl --enable-zip --with-zlib=/usr --disable-debug --enable-dba --without-cdb --with-db4=/usr --disable-flatfile --with-gdbm=/usr --disable-inifile --without-qdbm --with-freetype-dir=/usr --with-t1lib=/usr --disable-gd-jis-conv --with-jpeg-dir=/usr --with-png-dir=/usr --without-xpm-dir --with-gd --with-imap=/usr --with-imap-ssl=/usr --with-ldap=/usr --without-ldap-sasl --with-mysql=/usr --with-mysql-sock=/var/run/mysqld/mysqld.sock --with-mysqli=/usr/bin/mysql_config --without-pdo-dblib --with-pdo-mysql=/usr --without-pdo-pgsql --without-pdo-sqlite --without-pdo-odbc --with-readline=/usr --without-libedit --without-mm --with-pic --with-pcre-regex=/usr --with-pcre-dir=/usr --with-config-file-path=/etc/php/apache2-php5.4 --with-config-file-scan-dir=/etc/php/apache2-php5.4/ext-active --disable-embed --disable-cli --disable-cgi --disable-fpm --with-apxs2=/usr/sbin/apxs ------------------------------------------------------------------------ -- Edit this bug report at https://bugs.php.net/bug.php?id=64836&edit=1
