ID: 44872
Comment by: krister dot karlstrom at arcada dot fi
Reported By: mattr at shoplet dot com
Status: No Feedback
Bug Type: MySQLi related
Operating System: FreeBSD 6.2
PHP Version: 5.2.5
New Comment:
I'm experiencing the same bug using PHP 5.2.4-2ubuntu5.3 with
Suhosin-Patch 0.9.6.2 (cli) on a Ubuntu Hardy 8.0.4 server.
The following simplified example shows the problem, the last echo row
is not executed because of mssql_free_result() fails:
<?php
$link = mssql_connect('xxxx.xx', 'xxx', 'xxxx');
if(is_resource($link))
{
if(mssql_select_db('kursbok', $link))
{
$result = mssql_query('select * from Utbildningsprogram order by
up_nr');
if(is_resource($result))
{
$obj = mssql_fetch_object($result);
echo $obj->up_nr."\n";
mssql_free_result($result);
}
}
}
echo "Here I am - NOT!";
?>
OUTPUT
==================================================================
201000
ALERT - canary mismatch on efree() - heap overflow detected (attacker
'REMOTE_ADDR not set', file '/var/www/xxxx/TestMsSQL.php', line 16)
Previous Comments:
------------------------------------------------------------------------
[2008-09-30 11:39:29] donald at designknights dot com
php version = 5.2.4-2ubuntu5.3
I am getting this same problem with the following bit of code
//class I wrote to make doing things on a remote machine easier
$ssh->init($server, $port, $username, $password);
$command = "if [ -d '$path' ]; then echo \"true\"; else echo \"false\";
fi 2> /dev/null";
//this executes the command above on the remote and gathers a true or
false answer form the ssh stream
$answer = $ssh->execute_return($command);
//this line is where it barfes all over the memory
if ($answer === "true\n"){
return true;
}
else {
return false;
}
------------------------------------------------------------------------
[2008-09-08 20:43:42] ndwolf at gmail dot com
same error with PHP Version 5.2.4-2ubuntu5.3
with the Suhosin Patch 0.9.6.2
Zend Engine v2.2.0
with Zend Extension Manager v1.2.0
with Zend Optimizer v3.2.6
with jobqueue_client wrapper v1.0
with DISABLED Zend Download Server v1.0.6
with DISABLED Zend Platform v3.0.1
with Zend Debugger v5.2.5
with gd wrapper v1.0
executing line 83 of Zend/Loader.php (Zend Framework 1.6.0)
the line is a "include_once $file"
------------------------------------------------------------------------
[2008-07-21 04:24:21] mike at gmi dot co dot nz
Experiencing the same thing with an MSSQL query (mssql_query()) on
Debian and using PHP 5.2.6-2 with Suhosin-Patch 0.9.6.2 (cli) (built:
Jul 3 2008 07:52:34)
------------------------------------------------------------------------
[2008-05-10 01:00:00] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
------------------------------------------------------------------------
[2008-05-02 11:20:09] [EMAIL PROTECTED]
Please try using this CVS snapshot:
http://snaps.php.net/php5.3-latest.tar.gz
For Windows (zip):
http://snaps.php.net/win32/php5.3-win32-latest.zip
For Windows (installer):
http://snaps.php.net/win32/php5.3-win32-installer-latest.msi
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/44872
--
Edit this bug report at http://bugs.php.net/?id=44872&edit=1
