From:
Operating system: CentOS 6.2
PHP version: 5.4.0
Package: Apache2 related
Bug Type: Bug
Bug description:Apache Segfault zend_hash_quick_find
Description:
------------
Appears that in certain cases when trying to access an array key that does
not
exist, apache segfaults.
Test script:
---------------
$this->line_item_array = array('14441454');
foreach($this->line_item_array as $line_num => $line_item) {
if($line_item['pallets'] > 0) {
$pallets = " on
{$line_item['pallets']} pallet(s)";
} else {
$pallets = '';
}
$line_num += 1;
$handling_unit =
strtolower($line_item['handling_unit']);
$dims = (!empty($line_item['length']))
? ",
{$line_item['length']}x{$line_item['width']}x{$line_item['height']}" : '';
$text .= "{$line_item['pieces']}
$handling_unit$pallets$dims\n";
}
Expected result:
----------------
Notices and warnings thrown about non-existent indexes, not a segfault.
Actual result:
--------------
Loaded symbols for /lib64/libkrb5support.so.0
Reading symbols from /lib64/libkeyutils.so.1...(no debugging symbols
found)...done.
Loaded symbols for /lib64/libkeyutils.so.1
Reading symbols from /usr/lib64/apr-util-1/apr_ldap-1.so...(no debugging
symbols
found)...done.
Loaded symbols for /usr/lib64/apr-util-1/apr_ldap-1.so
Core was generated by `/usr/sbin/httpd -k start'.
Program terminated with signal 11, Segmentation fault.
#0 0x00007f7683eb9d71 in zend_hash_quick_find (ht=0x7f76912e0f48,
arKey=0x7f768e9a25a0 "handling_unit", nKeyLength=14,
h=12662310260902317513,
pData=0x7fffa613be18) at /usr/local/src/php-5.4.0/Zend/zend_hash.c:950
950 p = ht->arBuckets[nIndex];
--
Edit bug report at https://bugs.php.net/bug.php?id=61757&edit=1
--
Try a snapshot (PHP 5.4):
https://bugs.php.net/fix.php?id=61757&r=trysnapshot54
Try a snapshot (PHP 5.3):
https://bugs.php.net/fix.php?id=61757&r=trysnapshot53
Try a snapshot (trunk):
https://bugs.php.net/fix.php?id=61757&r=trysnapshottrunk
Fixed in SVN:
https://bugs.php.net/fix.php?id=61757&r=fixed
Fixed in SVN and need be documented:
https://bugs.php.net/fix.php?id=61757&r=needdocs
Fixed in release:
https://bugs.php.net/fix.php?id=61757&r=alreadyfixed
Need backtrace:
https://bugs.php.net/fix.php?id=61757&r=needtrace
Need Reproduce Script:
https://bugs.php.net/fix.php?id=61757&r=needscript
Try newer version:
https://bugs.php.net/fix.php?id=61757&r=oldversion
Not developer issue:
https://bugs.php.net/fix.php?id=61757&r=support
Expected behavior:
https://bugs.php.net/fix.php?id=61757&r=notwrong
Not enough info:
https://bugs.php.net/fix.php?id=61757&r=notenoughinfo
Submitted twice:
https://bugs.php.net/fix.php?id=61757&r=submittedtwice
register_globals:
https://bugs.php.net/fix.php?id=61757&r=globals
PHP 4 support discontinued:
https://bugs.php.net/fix.php?id=61757&r=php4
Daylight Savings: https://bugs.php.net/fix.php?id=61757&r=dst
IIS Stability:
https://bugs.php.net/fix.php?id=61757&r=isapi
Install GNU Sed:
https://bugs.php.net/fix.php?id=61757&r=gnused
Floating point limitations:
https://bugs.php.net/fix.php?id=61757&r=float
No Zend Extensions:
https://bugs.php.net/fix.php?id=61757&r=nozend
MySQL Configuration Error:
https://bugs.php.net/fix.php?id=61757&r=mysqlcfg
