#25161 [NEW]: Segmentation fault executing php_sybase_query

[nerijus at kis dot lt]

From:             nerijus at kis dot lt
Operating system: 5.1-CURRENT (501105)
PHP version:      4.3.3RC4
PHP Bug Type:     Sybase-ct (ctlib) related
Bug description:  Segmentation fault executing php_sybase_query

Description:
------------
in some sql queryes i have Segmentation fault.
As i see it mey be in php sysbase_ct code or in self freedts

Reproduce code:
---------------
for (i=0; i<num_fields; i++) {
                ct_describe(sybase_ptr->cmd, i+1, &result->datafmt[i]);
                result->types[i] = result->datafmt[i].datatype;
                switch (result->datafmt[i].datatype) {
............. skip ........
                                break;
                        default:
                                result->datafmt[i].maxlength++;
                                result->numerics[i] = 0;
                                break;
                }
           result->tmp_buffer[i] =
(char*)emalloc(result->datafmt[i].maxlength);


Expected result:
----------------
Normal sysbase_query() result variable

Actual result:
--------------
(gdb) bt
#0  0x2829932f in kill () from /lib/libc.so.5
#1  0x08129c7a in _emalloc (size=136172324, __zend_filename=0x0,
__zend_lineno=1,
    __zend_orig_filename=0xfffffff7 <Error reading address 0xfffffff7: Bad
address>,
    __zend_orig_lineno=4294867297) at
/usr/ports/lang/php4/work/php-4.3.3RC4/Zend/zend_alloc.c:166
#2  0x080f324f in php_sybase_fetch_result_set (sybase_ptr=0x81dd324,
buffered=0, store=0)
    at
/usr/ports/lang/php4/work/php-4.3.3RC4/ext/sybase_ct/php_sybase_ct.c:1178
#3  0x080f3994 in php_sybase_query (ht=0, return_value=0x81e40e4,
this_ptr=0x0, return_value_used=1,
    buffered=0) at
/usr/ports/lang/php4/work/php-4.3.3RC4/ext/sybase_ct/php_sybase_ct.c:1363
#4  0x080f3cae in zif_sybase_query (ht=0, return_value=0x0, this_ptr=0x0,
return_value_used=0)
    at
/usr/ports/lang/php4/work/php-4.3.3RC4/ext/sybase_ct/php_sybase_ct.c:1476
#5  0x0814dbe0 in execute (op_array=0x81dd2a4)
    at /usr/ports/lang/php4/work/php-4.3.3RC4/Zend/zend_execute.c:1616
#6  0x0813c08b in zend_execute_scripts (type=8, retval=0x0, file_count=3)
    at /usr/ports/lang/php4/work/php-4.3.3RC4/Zend/zend.c:885
#7  0x08108c86 in php_execute_script (primary_file=0xbfbffb80)
    at /usr/ports/lang/php4/work/php-4.3.3RC4/main/main.c:1721
#8  0x08153e25 in main (argc=2, argv=0xbfbffbe0)
    at /usr/ports/lang/php4/work/php-4.3.3RC4/sapi/cli/php_cli.c:818
#9  0x0805f3f2 in _start ()

-- 
Edit bug report at http://bugs.php.net/?id=25161&edit=1
-- 
Try a CVS snapshot (php4):  http://bugs.php.net/fix.php?id=25161&r=trysnapshot4
Try a CVS snapshot (php5):  http://bugs.php.net/fix.php?id=25161&r=trysnapshot5
Fixed in CVS:               http://bugs.php.net/fix.php?id=25161&r=fixedcvs
Fixed in release:           http://bugs.php.net/fix.php?id=25161&r=alreadyfixed
Need backtrace:             http://bugs.php.net/fix.php?id=25161&r=needtrace
Try newer version:          http://bugs.php.net/fix.php?id=25161&r=oldversion
Not developer issue:        http://bugs.php.net/fix.php?id=25161&r=support
Expected behavior:          http://bugs.php.net/fix.php?id=25161&r=notwrong
Not enough info:            http://bugs.php.net/fix.php?id=25161&r=notenoughinfo
Submitted twice:            http://bugs.php.net/fix.php?id=25161&r=submittedtwice
register_globals:           http://bugs.php.net/fix.php?id=25161&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=25161&r=php3
Daylight Savings:           http://bugs.php.net/fix.php?id=25161&r=dst
IIS Stability:              http://bugs.php.net/fix.php?id=25161&r=isapi
Install GNU Sed:            http://bugs.php.net/fix.php?id=25161&r=gnused