ID: 41613
User updated by: riverfr0zen at elitemail dot org
Reported By: riverfr0zen at elitemail dot org
Status: Open
Bug Type: XML related
Operating System: Linux 2.6.15-28-386 UbuntuDappr
PHP Version: 4.4.7
New Comment:
Note: Commenting out the line
print xml_get_current_line_number($_parser) . "\n";"
in the simple script above allows the script to complete execution
without a seg fault.
Previous Comments:
------------------------------------------------------------------------
[2007-06-06 20:18:33] riverfr0zen at elitemail dot org
function startElement(){}
function endElement(){}
$feed = fopen('http://feeds.feedburner.com/thr/film', "r");
if ($feed)
{
$_parser = xml_parser_create();
xml_set_element_handler($_parser, "startElement", "endElement");
xml_set_character_data_handler($_parser, "characterData");
while ($data = fread($feed, 4096)) {
if (xml_parse($_parser, $data, feof($feed)) !== 1)
{
print xml_error_string(xml_get_error_code($_parser)) .
"\n";
print xml_get_current_line_number($_parser) . "\n";
}
}
fclose($feed);
xml_parser_free($_parser);
}
------------------------------------------------------------------------
[2007-06-06 20:09:47] [EMAIL PROTECTED]
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves.
A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external
resources such as databases, etc. If the script requires a
database to demonstrate the issue, please make sure it creates
all necessary tables, stored procedures etc.
Please avoid embedding huge scripts into the report.
------------------------------------------------------------------------
[2007-06-06 19:47:23] riverfr0zen at elitemail dot org
Here's the backtrace:
(gdb) bt
#0 0x081c7fdd in normal_updatePosition (enc=0x8394560, ptr=0x8d7a000
<Address 0x8d7a000 out of bounds>,
end=0x8d67e5d " Technique of the American
Commercial.\"</description>\n</item>\n<item>\n<title>'Golden' shines for
Disney</title>\n<pubDate>2007-06-06</pubDate>\n<guid
isPermaLink=\"true\">http://www.hollywoodreporter.com/h";...,
pos=0x8cbe948) at xmltok_impl.c:1747
#1 0x081b7afe in php_XML_GetCurrentLineNumber (parser=0x8cbe7c0)
at /usr/local/src/php-4.4.7/ext/xml/expat/xmlparse.c:1571
#2 0x081b54c5 in zif_xml_get_current_line_number (ht=1,
return_value=0x8d5f0ec, this_ptr=0x0,
return_value_used=1) at
/usr/local/src/php-4.4.7/ext/xml/xml.c:1437
#3 0x082291f2 in execute (op_array=0x8cdab84) at
/usr/local/src/php-4.4.7/Zend/zend_execute.c:1681
#4 0x08229498 in execute (op_array=0x8cced9c) at
/usr/local/src/php-4.4.7/Zend/zend_execute.c:1725
#5 0x08229498 in execute (op_array=0x8a71d3c) at
/usr/local/src/php-4.4.7/Zend/zend_execute.c:1725
#6 0x08229498 in execute (op_array=0x8a7555c) at
/usr/local/src/php-4.4.7/Zend/zend_execute.c:1725
#7 0x08229498 in execute (op_array=0x8a73204) at
/usr/local/src/php-4.4.7/Zend/zend_execute.c:1725
#8 0x08229498 in execute (op_array=0x848ec3c) at
/usr/local/src/php-4.4.7/Zend/zend_execute.c:1725
#9 0x08229498 in execute (op_array=0x8842254) at
/usr/local/src/php-4.4.7/Zend/zend_execute.c:1725
#10 0x08229498 in execute (op_array=0x8843e64) at
/usr/local/src/php-4.4.7/Zend/zend_execute.c:1725
#11 0x08229498 in execute (op_array=0x8841b44) at
/usr/local/src/php-4.4.7/Zend/zend_execute.c:1725
#12 0x08229498 in execute (op_array=0x8488c1c) at
/usr/local/src/php-4.4.7/Zend/zend_execute.c:1725
#13 0x08229498 in execute (op_array=0x848859c) at
/usr/local/src/php-4.4.7/Zend/zend_execute.c:1725
#14 0x08212d7d in zend_execute_scripts (type=8, retval=0x0,
file_count=3)
at /usr/local/src/php-4.4.7/Zend/zend.c:939
#15 0x081d9897 in php_execute_script (primary_file=0xbfc2275c) at
/usr/local/src/php-4.4.7/main/main.c:1757
#16 0x082314b4 in main (argc=2, argv=0xbfc22844) at
/usr/local/src/php-4.4.7/sapi/cli/php_cli.c:838
(gdb)
------------------------------------------------------------------------
[2007-06-06 19:10:58] [EMAIL PROTECTED]
Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php for *NIX and
http://bugs.php.net/bugs-generating-backtrace-win32.php for Win32
Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.
------------------------------------------------------------------------
[2007-06-06 18:42:24] riverfr0zen at elitemail dot org
Description:
------------
It seems bug # 20442 has crept in again.
Calling xml_get_current_line_number() to report the line number of an
xml parsing error causes a segmentation fault.
(Tested on the following feed (which causes a 'not well-formed (invalid
token)' error at time of reporting)
http://feeds.feedburner.com/thr/film
The code below is run from the CLI.
Reproduce code:
---------------
while ($data = fread($feed, 4096)) {
if (xml_parse($this->parser, $data,
feof($feed)) !== 1)
{
print
xml_error_string(xml_get_error_code($this->parser)) .
"\n";
print
xml_get_current_line_number($this->parser) . "\n";
}
}
Expected result:
----------------
not well-formed (invalid token)
(the line number)
Actual result:
--------------
Segmentation fault
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=41613&edit=1
