Bug#294986: php4-recode: php4 segfault when using recode() function

Cyril Chaboisseau Sat, 12 Feb 2005 12:55:00 -0800

Package: php4-recode
Version: 4:4.3.10-4
Severity: grave
Justification: causes non-serious data loss




-- System Information:
Debian Release: 3.1
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.10-grsec
Locale: LANG=fr_FR, LC_CTYPE=fr_FR (charmap=ISO-8859-1)

Versions of packages php4-recode depends on:
ii  debconf [debco 1.4.45                    Debian configuration management sy
ii  libapache2-mod 4:4.3.10-4                server-side, HTML-embedded scripti
ii  libc6          2.3.2.ds1-20.0.0.1.pure64 GNU C Library: Shared libraries an
ii  librecode0     3.6-10                    Shared library on which recode is 
ii  php4-cgi [phpa 4:4.3.10-4                server-side, HTML-embedded scripti
ii  php4-cli [phpa 4:4.3.10-4                command-line interpreter for the p
ii  php4-common    4:4.3.10-4                Common files for packages built fr

-- debconf information:
  php4/extension_recode_apache: true
  php4/add_extension: true
  php4/extension_recode_cgi: true
  php4/remove_extension: true
  php4/extension_recode_apache2: true
  php4/extension_recode_cli: true



when I do

$ /usr/bin/php4 -c php.ini -q ./recode.php
Erreur de segmentation (core dumped)

here is php.ini :
[PHP]
extension=recode.so

and recode.php :
<?
  echo recode_string("utf-8..html_4.0","Hello, World !");
?>


it also segfault with other charsets

I've also tried with register_globals = Off
WRT bug #213557


here is the backtrace with gdb :

$ gdb -c core /usr/bin/php4
GNU gdb 6.3-debian
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "x86_64-linux"...(no debugging symbols found)
Using host libthread_db library "/lib/libthread_db.so.1".

Core was generated by `/usr/bin/php4 -c php.ini -q ./recode.php'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /lib/libcrypt.so.1...(no debugging symbols found)...done.
Loaded symbols for /lib/libcrypt.so.1
Reading symbols from /usr/lib/libzzip-0.so.12...(no debugging symbols 
found)...done.
Loaded symbols for /usr/lib/libzzip-0.so.12
Reading symbols from /lib/libnsl.so.1...(no debugging symbols found)...done.
Loaded symbols for /lib/libnsl.so.1
Reading symbols from /usr/lib/libexpat.so.1...(no debugging symbols 
found)...done.
Loaded symbols for /usr/lib/libexpat.so.1
Reading symbols from /usr/lib/libpcre.so.3...
(no debugging symbols found)...done.
Loaded symbols for /usr/lib/libpcre.so.3
Reading symbols from /usr/lib/libpanel.so.5...(no debugging symbols 
found)...done.
Loaded symbols for /usr/lib/libpanel.so.5
Reading symbols from /lib/libncurses.so.5...(no debugging symbols found)...done.
Loaded symbols for /lib/libncurses.so.5
Reading symbols from /usr/lib/libdb-4.2.so...(no debugging symbols 
found)...done.
Loaded symbols for /usr/lib/libdb-4.2.so
Reading symbols from /usr/lib/libbz2.so.1.0...
(no debugging symbols found)...done.
Loaded symbols for /usr/lib/libbz2.so.1.0
Reading symbols from /usr/lib/libz.so.1...(no debugging symbols found)...done.
Loaded symbols for /usr/lib/libz.so.1
Reading symbols from /usr/lib/libssl.so.0.9.7...done.
Loaded symbols for /usr/lib/libssl.so.0.9.7
Reading symbols from /lib/libresolv.so.2...done.
Loaded symbols for /lib/libresolv.so.2
Reading symbols from /lib/libm.so.6...done.
Loaded symbols for /lib/libm.so.6
Reading symbols from /lib/libdl.so.2...done.
Loaded symbols for /lib/libdl.so.2
Reading symbols from /usr/lib/libgssapi_krb5.so.2...done.
Loaded symbols for /usr/lib/libgssapi_krb5.so.2
Reading symbols from /usr/lib/libkrb5.so.3...done.
Loaded symbols for /usr/lib/libkrb5.so.3
Reading symbols from /usr/lib/libk5crypto.so.3...done.
Loaded symbols for /usr/lib/libk5crypto.so.3
Reading symbols from /lib/libcom_err.so.2...done.
Loaded symbols for /lib/libcom_err.so.2
Reading symbols from /lib/libpthread.so.0...done.
Loaded symbols for /lib/libpthread.so.0
Reading symbols from /lib/libc.so.6...done.
Loaded symbols for /lib/libc.so.6
Reading symbols from /usr/lib/libcrypto.so.0.9.7...done.
Loaded symbols for /usr/lib/libcrypto.so.0.9.7
Reading symbols from /lib/ld-linux-x86-64.so.2...done.
Loaded symbols for /lib64/ld-linux-x86-64.so.2
Reading symbols from /lib/libnss_files.so.2...done.
Loaded symbols for /lib/libnss_files.so.2
Reading symbols from /usr/lib/php4/20020429-zts/recode.so...done.
Loaded symbols for /usr/lib/php4/20020429-zts/recode.so
Reading symbols from /usr/lib/librecode.so.0...done.
Loaded symbols for /usr/lib/librecode.so.0
#0  0x0000002a976766d2 in delmodule_flat () from /usr/lib/librecode.so.0
(gdb) bt
#0  0x0000002a976766d2 in delmodule_flat () from /usr/lib/librecode.so.0
#1  0x0000002a9766803a in transform_byte_to_variable () from 
/usr/lib/librecode.so.0
#2  0x0000002a97668a68 in recode_perform_task () from /usr/lib/librecode.so.0
#3  0x0000002a976678dd in recode_buffer_to_buffer () from 
/usr/lib/librecode.so.0
#4  0x0000002a974a86d6 in zif_recode_string () from 
/usr/lib/php4/20020429-zts/recode.so
#5  0x0000000000554f1b in execute ()
#6  0x00000000005447b5 in zend_execute_scripts ()
#7  0x00000000005142e6 in php_execute_script ()
#8  0x0000000000564641 in main ()


I first tought it was a bug on librecode but it works well from the
command line :

$ echo "Hello, World"|recode "utf-8..html_4.0"
Hello, World


now, maybe it's not critical since I've only tested the bug on amd64 and
not i386 (the only 2 architectures I have)

anyone willing to test that on ppc64, alpha, sparc64 ?


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#294986: php4-recode: php4 segfault when using recode() function

Reply via email to