From: josh at hostyour dot info
Operating system: RH7.3
PHP version: 4.3.4
PHP Bug Type: Reproducible crash
Bug description: Segmentation fault executing do..while() loops inside block
containers
Description:
------------
If I have a function that has a do..while(); construction in it, inside a
block container { }, PHP will segfault on exiting the block container
UNLESS I have a statement in between the end of the while (); and the
closing brace of the block.
This does NOT happen in "global" execution. A do..while() loop that lives
outside any function's scope works just fine; I have several other
do..while() constructs outside of functions that work with no problems.
The segfault seems to only happen when the do..while(); is inside a
function AND inside a block container (in this case, belonging to an if
statement).
Any ideas?
Reproduce code:
---------------
function announce()
{
global $totalRows_announce, $row_announce, $announce, $srs;
$ann = "";
if ($totalRows_announce > 0) {
do {
$author = mysql_result(mysql_query("SELECT nick FROM players
WHERE
id='".$row_announce['author']."'", $srs), 0, "nick") or
die(mysql_error());
$msg_body =
stripslashes(implode("<br>",explode("\n",$row_announce['msg_body'])));
$ann .= textBlock(textBlock($row_announce['subject'], "",
"anntitle") .
br() .
textBlock("Posted by:".$author." | On:
".$row_announce['posted_date'],
"", "annhead") . br() .
textBlock($msg_body, "", "annbody"), "",
(($row_announce['urgent'] ==
1) ? "redrow" : ((($ctr++) % 2) ? "lightrow" : "darkrow"))) . br();
} while ($row_announce = mysql_fetch_assoc($announce));
// Segfault happens HERE
} else {
$ann = textBlock("No Announcements", "", "loginerr");
}
return $ann;
}
Expected result:
----------------
The code, as intended, returns a string of HTML code to the calling
function.
Actual result:
--------------
The code immediately segfaults when it encounters the closing brace of the
do..while() loop's block container UNLESS there is an intervening
statement.
--
Edit bug report at http://bugs.php.net/?id=27380&edit=1
--
Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=27380&r=trysnapshot4
Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=27380&r=trysnapshot5
Fixed in CVS: http://bugs.php.net/fix.php?id=27380&r=fixedcvs
Fixed in release: http://bugs.php.net/fix.php?id=27380&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=27380&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=27380&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=27380&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=27380&r=support
Expected behavior: http://bugs.php.net/fix.php?id=27380&r=notwrong
Not enough info: http://bugs.php.net/fix.php?id=27380&r=notenoughinfo
Submitted twice: http://bugs.php.net/fix.php?id=27380&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=27380&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=27380&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=27380&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=27380&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=27380&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=27380&r=float
