ID: 24526
User updated by: kaMe at barcolabeach dot org
Reported By: kaMe at barcolabeach dot org
-Status: Feedback
+Status: Open
Bug Type: PCRE related
Operating System: Linux 2.4
PHP Version: 4.3.3RC2-dev
New Comment:
It seems like it segfaults reading the file, not executing it. Thinking
was the regexp to cause the segfault, i tryed to delete it; the result
was that the segfault comes on the next regexp. I tryed to delete
both.. No more regexp in the function: apache segfaults reading a
comment!
So i tryed to delete some characters from the top of the file, now
apache segfaults some characters down than before, reading a comment.
(I have the full strace session, if you want)
open("/usr/local/apache2/htdocs/horde/lib/Browser.php", O_RDONLY) = 9
fstat64(0x9, 0xbfffa27c) = 0
fstat64(0x9, 0xbfffa1dc) = 0
lseek(9, 0, SEEK_CUR) = 0
lseek(9, 0, SEEK_SET) = 0
read(9, "<?php\n/**\n * @author Chuck Hage"..., 8192) = 8192
brk(0x81b8000) = 0x81b8000
read(9, "ublic\n *\n * @param strin"..., 8192) = 5945
read(9, "", 8192) = 0
close(9) = 0
--- SIGSEGV (Segmentation fault) ---
Previous Comments:
------------------------------------------------------------------------
[2003-07-09 18:00:11] [EMAIL PROTECTED]
This might actually be same as bug #24563 is about.
Please try it under Apache 1.3.27.
------------------------------------------------------------------------
[2003-07-09 17:59:09] [EMAIL PROTECTED]
Add some debugging echo's or something there to see what that
$this->agent contains when it segfaults.
------------------------------------------------------------------------
[2003-07-08 11:07:11] kaMe at barcolabeach dot org
I tryed stracing a httpd -X process, the last few lines was:
open("/usr/local/apache2/htdocs/horde/lib/Browser.php",
[.. cut]
read(10, "<?php\n/**\n * The Browser:: class"..., 8192) = 8192
brk(0x827e000) = 0x827e000
brk(0x827f000) = 0x827f000
brk(0x8283000) = 0x8283000
brk(0x8293000) = 0x8293000
read(10, "(\'|HotJava/([0-9]+)|\', $this->ag"..., 8192) = 7787
read(10, "", 8192) = 0
close(10) = 0
--- SIGSEGV (Segmentation fault) ---
In the /horde/lib/Browser.php, the line with that HotJava regexp is the
number 240:
} elseif (preg_match('|HotJava/([0-9]+)|', $this->agent, $version)) {
Hope this helps..
Tell me if I can help more..
------------------------------------------------------------------------
[2003-07-08 10:10:59] kaMe at barcolabeach dot org
Which is the easier way to do it?
------------------------------------------------------------------------
[2003-07-08 09:24:31] [EMAIL PROTECTED]
The original bug might have already been fixed. :)
Could you try and find in the horde sources which line is causing this
preg_match() crash..?
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/24526
--
Edit this bug report at http://bugs.php.net/?id=24526&edit=1
