From: cody at codymays dot net Operating system: OSX PHP version: 5.2.0 PHP Bug Type: Reproducible crash Bug description: stristri segmentation fault
Description: ------------ It seems that whenever I run stristr in certain situations on this system (Macbook Pro Core 2 Duo with apache 2.0.59 and php 5.2.0) php's stristr crashes. I've tested this on phpSysInfo-2.5.2_rc3 (http://sourceforge.net/projects/phpsysinfo) and on the demos on the stristr docs page. This is where stuff gets interesting. The demos on the docs page works, while the following line in phpsysinfo causes the crash: if( ! $XPath->match( "/phpsysinfo/FileSystem/Mount[" . $i . "]/Options" ) || ! stristr( $XPath->getData( "/phpsysinfo/FileSystem/Mount[" . $i . "]/Options" ), "bind" ) ) An even more interesting observation is that the following code does not segfault: if( ! $XPath->match( "/phpsysinfo/FileSystem/Mount[" . $i . "]/Options" ) || ! stristr( strtolower($XPath->getData( "/phpsysinfo/FileSystem/Mount[" . $i . "]/Options") ), "bind" ) ) Expected result: ---------------- To not crash. :) Actual result: -------------- Backtrace: klashnikov:~/public_html/phpsysinfo cody$ gdb --args php index.php GNU gdb 6.3.50-20050815 (Apple version gdb-563) (Wed Jul 19 05:10:58 GMT 2006) Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-apple-darwin"...Reading symbols for shared libraries .......... done (gdb) start Breakpoint 1 at 0x316085: file /Users/cody/Desktop/php-5.2.0/sapi/cli/php_cli.c, line 564. Starting program: /usr/local/bin/php index.php Reading symbols for shared libraries ..+ done Breakpoint 1, main (argc=2, argv=0xbffff96c) at /Users/cody/Desktop/php-5.2.0/sapi/cli/php_cli.c:564 564 int orig_optind=php_optind; (gdb) bt #0 main (argc=2, argv=0xbffff96c) at /Users/cody/Desktop/php-5.2.0/sapi/cli/php_cli.c:564 (gdb) c Continuing. Reading symbols for shared libraries . done Reading symbols for shared libraries . done <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <!-- Created By: phpSysInfo - 2.5.2_rc3 http://phpsysinfo.sourceforge.net/ --> <head> <title>System Information -- klashnikov --</title> <link rel="stylesheet" type="text/css" href="templates/classic/classic.css"> </head> <body> Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_PROTECTION_FAILURE at address: 0x00000000 0x90021dcc in memchr () (gdb) bt #0 0x90021dcc in memchr () #1 0x00202256 in php_stristr (s=0x0, t=0x1564aa8 "bind", s_len=0, t_len=4) at /Users/cody/Desktop/php-5.2.0/Zend/zend_operators.h:156 #2 0x0020254d in zif_stristr (ht=2, return_value=0x15669a0, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1) at /Users/cody/Desktop/php-5.2.0/ext/standard/string.c:1538 #3 0x002a668f in zend_do_fcall_common_helper_SPEC (execute_data=0xbfffefa0) at /Users/cody/Desktop/php-5.2.0/Zend/zend_vm_execute.h:200 #4 0x002a422f in execute (op_array=0x13e3330) at /Users/cody/Desktop/php-5.2.0/Zend/zend_vm_execute.h:92 #5 0x002a5ece in zend_do_fcall_common_helper_SPEC (execute_data=0xbffff0e0) at /Users/cody/Desktop/php-5.2.0/Zend/zend_vm_execute.h:234 #6 0x002a422f in execute (op_array=0x10c2534) at /Users/cody/Desktop/php-5.2.0/Zend/zend_vm_execute.h:92 #7 0x00289639 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /Users/cody/Desktop/php-5.2.0/Zend/zend.c:1097 #8 0x00247fcf in php_execute_script (primary_file=0xbffff8b8) at /Users/cody/Desktop/php-5.2.0/main/main.c:1758 #9 0x0031756a in main (argc=2, argv=0xbffff96c) at /Users/cody/Desktop/php-5.2.0/sapi/cli/php_cli.c:1108 (gdb) stack -- Edit bug report at http://bugs.php.net/?id=39737&edit=1 -- Try a CVS snapshot (PHP 4.4): http://bugs.php.net/fix.php?id=39737&r=trysnapshot44 Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=39737&r=trysnapshot52 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=39737&r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=39737&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=39737&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=39737&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=39737&r=needscript Try newer version: http://bugs.php.net/fix.php?id=39737&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=39737&r=support Expected behavior: http://bugs.php.net/fix.php?id=39737&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=39737&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=39737&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=39737&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=39737&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=39737&r=dst IIS Stability: http://bugs.php.net/fix.php?id=39737&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=39737&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=39737&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=39737&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=39737&r=mysqlcfg
