Created attachment 332754 [details] Patch fixing the double free problem (backported from php-snap) Description of problem: Reproducible php mbstring module segmentation fault when not supported charset is used. Version-Release number of selected component (if applicable): 5.1.6-20.el5_2.1 And all above How reproducible: Always Steps to Reproduce: 1. Install php-mbstring module 2. Execute this php script (through apache or cli): <?php $str = "\357\277\357\277\275\357\277\275\357\277\275\357\277\275"; $charset = mb_detect_encoding($str , "WINDOWS-1255,ASCII"); echo "detect $charset\n"; $str = mb_convert_encoding($str, "UTF-8", $charset); echo "convert %str\n"; 3. Actual results: PHP Warning: mb_detect_encoding(): Illegal argument in /root/- on line 3 detect UTF-8 convert %str *** glibc detected *** php: double free or corruption (out): 0x000000001335ced0 *** Expected results: PHP Warning: mb_detect_encoding(): Illegal argument in /root/- on line 3 detect UTF-8 convert %str Additional info: Php bug report: http://bugs.php.net/bug.php?id=47245
Thanks for the report.
This request was evaluated by Red Hat Product Management for inclusion, but this component is not scheduled to be updated in the current Red Hat Enterprise Linux release. If you would like this request to be reviewed for the next minor release, ask your support representative to set the next rhel-x.y flag to "?".
I've made test packages available which should fix this issue. These packages are unsupported, have not been through the standard Red Hat QA process, and are not recommended for use on production systems. http://people.redhat.com/~jorton/Tikanga-php/ Use of these packages may prevent you from (automatically) upgrading to any asynchronous security errata which are issued before the release of RHEL 5.5 due to version mismatches. Please record any feedback on use of these test packages (positive or negative!) on this bug report.
I do not have anymore access to application which had that bug, I can only confirm that test case works correctly on x86_64 server.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2010-0241.html