Bug 173142

Summary: Apache segmentation fault when using parse_str function
Product: Red Hat Enterprise Linux 3 Reporter: Glen Scott <glen>
Component: phpAssignee: Joe Orton <jorton>
Status: CLOSED WONTFIX QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: medium    
Version: 3.0CC: aholzhammer, mark
Target Milestone: ---   
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-10-19 18:51:17 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Glen Scott 2005-11-14 16:27:58 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/416.11 (KHTML, like Gecko) Safari/416.12

Description of problem:
Using percentage signs in the string parameter to parse_str seems to cause problems.  Example:

<?php

parse_str( '%' );

?>

This causes our Apache to segfault.  

This function worked fine prior to the RHSA-2005:831-15 update.


Version-Release number of selected component (if applicable):
php-4.3.2-26.ent

How reproducible:
Always

Steps to Reproduce:
1. Create script containing function as above
2. access script in browser
3. bang!
  

Actual Results:  Apache seg faults

Expected Results:  Blank page.

Additional info:

We are also running the PHP e-accelerator, which maybe causing a problem?
Comment 1 Mark Arends 2005-11-16 21:41:03 UTC 
I can confirm this problem. Since  php-4.3.2-26.ent I was forced to uninstall PHP   
e-accelerator. Without e-accelerator it still segfaults about 10 times a day (with  
e-accelator about 5600 times a day).
Comment 2 Joe Orton 2005-11-25 11:08:51 UTC 
Thanks for the report.

Experimental test packages are now available which contain a patch to
correct this issue.  These packages are unsupported and have not gone
through the Red Hat QA process.

http://people.redhat.com/~jorton/Taroon-php/

Any feedback from testing these packages is very welcome.
Comment 3 Andreas Holzhammer 2006-01-10 15:49:29 UTC 
Hi,

the experimental packages fix the segfault problem but seem to populate $GLOBALS
incorrectly.

The following script should (and does with the php-4.3.2-26 packages) display
"HelloWorld", but the parameters are not in $GLOBALS.

test.php:
<?
   print "<pre>";
   print $GLOBALS["param1"];
   print $GLOBALS["param2"];
   print "</pre>";
?>
http://your.server/test.php?param1=Hello&param2=World

Andreas
Comment 4 RHEL Program Management 2007-10-19 18:51:17 UTC 
This bug is filed against RHEL 3, which is in maintenance phase.
During the maintenance phase, only security errata and select mission
critical bug fixes will be released for enterprise products. Since
this bug does not meet that criteria, it is now being closed.
 
For more information of the RHEL errata support policy, please visit:
http://www.redhat.com/security/updates/errata/
 
If you feel this bug is indeed mission critical, please contact your
support representative. You may be asked to provide detailed
information on how this bug is affecting you.