Hrm.. This one is weird.

We are going along nicely in cgi_main.c/main()

684             file_handle.handle.fp = stdin;
(gdb)
685             file_handle.opened_path = NULL;
(gdb) p file_handle.handle.fp
$2 = (FILE *) 0x405948e0

Default file_handle.handle.fp to stdin and we have a valid FILE *

Then we figure out we are in cgi mode and have a file to open:

712             if (cgi || SG(request_info).path_translated) {
(gdb)
713                     file_handle.handle.fp = php_fopen_primary_script();

Call php_fopen_primary_script() which is supposed to return the FILE * of
the openeded script file or NULL on a failure.

Unknown(0) : Fatal error - Unable to open bogus
php_request_startup () at main.c:628
628                     return FAILURE;

Ok, so we get the expected message from php_fopen_primary_script() but how
the heck did we get to php_request_startup()?  We got there because of
that error message generated by php_error() which calls zend_bailout()
which then does a longjmp(EG(bailout),FAILURE) and now we are buggered!

(gdb) p file_handle.handle.fp
$5 = (FILE *) 0xffffffff

Buggered because fp gets set to -1 (FAILURE is defined as -1)

And then of course we segfault here:

717             if (cgi && !file_handle.handle.fp) {
(gdb) n
727                     c = fgetc(file_handle.handle.fp);

Could easily fix the segfault by checking for -1, but we need the real
fix which would be for things to terminate at the zend_bailout() stage and
not try to continue on.


On Fri, 20 Jul 2001, Markus Fischer wrote:

> (gdb) run -f file_doesnt_exist
> Starting program: /home/mfischer/php4/bin/php -f file_doesnt_exist
> Unknown(0) : Fatal error - Unable to open file_doesnt_exist
>
> Program received signal SIGSEGV, Segmentation fault.
> 0x4015a11f in getc () from /lib/libc.so.6
> (gdb) bt
> #0  0x4015a11f in getc () from /lib/libc.so.6
> #1  0x0806cf7d in main (argc=3, argv=0xbffff524) at cgi_main.c:727
> #2  0x4010d38b in __libc_start_main () from /lib/libc.so.6
>
> Same with '-q'.
>
> - Markus
>
>


-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to