Bug 173142 - Apache segmentation fault when using parse_str function
Apache segmentation fault when using parse_str function
Status: CLOSED WONTFIX
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: php (Show other bugs)
3.0
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Joe Orton
David Lawrence
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-11-14 11:27 EST by Glen Scott
Modified: 2007-11-30 17:07 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-10-19 14:51:17 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Glen Scott 2005-11-14 11:27:58 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/416.11 (KHTML, like Gecko) Safari/416.12

Description of problem:
Using percentage signs in the string parameter to parse_str seems to cause problems.  Example:

<?php

parse_str( '%' );

?>

This causes our Apache to segfault.  

This function worked fine prior to the RHSA-2005:831-15 update.


Version-Release number of selected component (if applicable):
php-4.3.2-26.ent

How reproducible:
Always

Steps to Reproduce:
1. Create script containing function as above
2. access script in browser
3. bang!
  

Actual Results:  Apache seg faults

Expected Results:  Blank page.

Additional info:

We are also running the PHP e-accelerator, which maybe causing a problem?
Comment 1 Mark Arends 2005-11-16 16:41:03 EST
I can confirm this problem. Since  php-4.3.2-26.ent I was forced to uninstall PHP   
e-accelerator. Without e-accelerator it still segfaults about 10 times a day (with  
e-accelator about 5600 times a day).  
Comment 2 Joe Orton 2005-11-25 06:08:51 EST
Thanks for the report.

Experimental test packages are now available which contain a patch to
correct this issue.  These packages are unsupported and have not gone
through the Red Hat QA process.

http://people.redhat.com/~jorton/Taroon-php/

Any feedback from testing these packages is very welcome.
Comment 3 Andreas Holzhammer 2006-01-10 10:49:29 EST
Hi,

the experimental packages fix the segfault problem but seem to populate $GLOBALS
incorrectly.

The following script should (and does with the php-4.3.2-26 packages) display
"HelloWorld", but the parameters are not in $GLOBALS.

test.php:
<?
   print "<pre>";
   print $GLOBALS["param1"];
   print $GLOBALS["param2"];
   print "</pre>";
?>
http://your.server/test.php?param1=Hello&param2=World

Andreas
Comment 4 RHEL Product and Program Management 2007-10-19 14:51:17 EDT
This bug is filed against RHEL 3, which is in maintenance phase.
During the maintenance phase, only security errata and select mission
critical bug fixes will be released for enterprise products. Since
this bug does not meet that criteria, it is now being closed.
 
For more information of the RHEL errata support policy, please visit:
http://www.redhat.com/security/updates/errata/
 
If you feel this bug is indeed mission critical, please contact your
support representative. You may be asked to provide detailed
information on how this bug is affecting you.

Note You need to log in before you can comment on or make changes to this bug.