ID: 26615 Updated by: [EMAIL PROTECTED] Reported By: runekl at opoint dot com -Status: Open +Status: Closed Bug Type: *General Issues Operating System: All PHP Version: 5CVS-2003-12-13 (dev) New Comment:
Thank you for your bug report. This issue has already been fixed in the latest released version of PHP, which you can download at http://www.php.net/downloads.php Thanks for the "patch"! Previous Comments: ------------------------------------------------------------------------ [2003-12-13 12:59:15] runekl at opoint dot com Description: ------------ If the command ran by exec outputs a line that is 2*EXEC_INPUT_BUF longer than the previous line a segfault may occur. It is not difficult to see why this happens just by reading the source code. In exec.c, line 118, reads if (buflen < (bufl + EXEC_INPUT_BUF)) { This condition is correct only the first time, e.g when b=buf. I think the like should be if (buflen < (bufl + (b - buf) + EXEC_INPUT_BUF)) { Reproduce code: --------------- #!/usr/local/bin/php <?php $out = array(); $status = -1; exec('/usr/bin/seq 5000 | tr \'\n\' \' \'', $out, $status); print_r($out); ?> Expected result: ---------------- Numbers from 1 to 5000 separated by blanks on one line. Actual result: -------------- segfault ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=26615&edit=1
