Package: php5-memcached Version: 1.0.2-1 Severity: important Tags: upstream
Calls to getServerByKey can cause a segfault or abort when followed by any other call that will read or write with the same key, or any key that happens to live on the same server. The bug is caused by a call to free the server entry at the end of getServerByKey in php_memcached.c: 1540: memcached_server_free(server); And the first thing that function does is sends "quit" to the memcache server. This has been fixed upstream btw, with a note: https://github.com/php-memcached-dev/php-memcached/blob/master/php_memcached.c " /* memcached_server_add(3) states that the server instance is cloned. */ /* In actuality it is not, possibly a bug in libmemcached 0.40. */ /* remove server freeing */ /* memcached_server_free(server); */ " I'm guessing that the client is not automatically reconnecting ('cause it doesn't know to) and then we end up with a segfault or abort. Would it be possible for this to be used as a patch in an update for squeeze's version of php-memcached-1.0.2? I believe this is a serious enough bug to warrant an update as it is possible a call made by one script can lead to an sigfault or sigabort when a later script is run. This code triggers the segabort. The same failure occurs in Apache and CLI modes. <?php $mcd = new memcached(); $mcd->addServer('127.0.0.1', '11211', 1); $result = $mcd->set('anykey', 2); $mcd->getServerByKey('anykey'); ?> and this triggers the sigabort: <?php $mcd = new memcached(); $mcd->addServer('127.0.0.1', '11211', 1); $result = $mcd->set('anykey', 2); $mcd->getServerByKey('anykey'); ?> These two scripts will eventually trigger a segfault when you hit one followed by the other: <?php $mcd = new memcached(1); $mcd->addServer('127.0.0.1', '11211', 1); $mcd->getServerByKey('anykey'); print "Done\n"; ?> <?php $mcd = new memcached(1); $mcd->addServer('127.0.0.1', '11211', 1); $result = $mcd->set('anykey', 2); print "Done\n"; ?> "Eventually", in this case, means when the same Apache prefork child happens to run the two scripts one after the other. -- System Information: Debian Release: 6.0.4 APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.39.1-x86_64-linode19 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages php5-memcached depends on: ii libapache2-mod-php5 [ph 5.3.3-7+squeeze8 server-side, HTML-embedded scripti ii libc6 2.11.3-2 Embedded GNU C Library: Shared lib ii libmemcached5 0.40-1 A C and C++ client library to the ii php5-cli [phpapi-200906 5.3.3-7+squeeze8 command-line interpreter for the p ii php5-common 5.3.3-7+squeeze8 Common files for packages built fr ii ucf 3.0025+nmu1 Update Configuration File: preserv php5-memcached recommends no packages. php5-memcached suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
