From: emerson dot virti at gmail dot com
Operating system: debian etch
PHP version: 5.2.9
PHP Bug Type: IMAP related
Bug description: php segmentation fault on imap_open for a few mailboxes in
cyrus-imapd
Description:
------------
Hello,
My company have almost 10k mailboxes on Cyrus Imap.
We use Thunderbird for IMAP client and PHP for webmail.
We have a problem in a very few mailboxes. This boxes don't have any
visible problem with Thunderbird access, but in PHP the (webmail) access
provide a "segmentation failed".
If I modify the cyrus.header file the "segmentation failed" problem is
resolved.
This (below) is a problematic cyrus.header. The problem is in the number
of line fields. Each 'xnn' represents a imap labels.
¡^B<8b>^MCyrus mailbox header
"The best thing about this system was that it had lots of goals."
--Jim Morris on Andrew
user.02401690778 5bc4b7c0488731c8
02401690778 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 x13 x14 x15 x16 x17 x18
x19 x10 x21 x22 x23 x24 x25 x26 x27 x28 x29 x30 x31
If I modify cyrus.header, droping one field (x31), the "segmentation
failed" is resolved, but this generate a Thunderbird labels messages
problem.
Modified cyrus.header:
¡^B<8b>^MCyrus mailbox header
"The best thing about this system was that it had lots of goals."
--Jim Morris on Andrew
user.02401690778 5bc4b7c0488731c8
02401690778 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 x13 x14 x15 x16 x17 x18
x19 x10 x21 x22 x23 x24 x25 x26 x27 x28 x29 x30
PHP version: 5.2.9
Thunderbird version: 2.0.0.14;
Cyrus Impad version: cyrus-imapd-2.2
linux-kernel: 2.6.18-6-686
Thanks.
Reproduce code:
---------------
<?php
$mbox = imap_open("{myserver:143/notls}INBOX", "0240169xxxx", "password")
or die("can't connect: " . imap_last_error());
imap_close($mbox);
?>
Expected result:
----------------
none
Actual result:
--------------
# gdb /usr/local/bin/php
GNU gdb 6.4.90-debian
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you
are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for
details.
This GDB was configured as "i486-linux-gnu"...Using host libthread_db
library "/lib/tls/i686/cmov/libthread_db.so.1".
(gdb) run /root/imap_list.php
Starting program: /usr/local/bin/php /root/imap_list.php
Failed to read a valid object file image from memory.
[Thread debugging using libthread_db enabled]
[New Thread -1215412000 (LWP 2644)]
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1215412000 (LWP 2644)]
0xb7e19dba in mail_free_elt () from /usr/lib/libc-client.so.2002edebian
(gdb) bt
#0 0xb7e19dba in mail_free_elt () from
/usr/lib/libc-client.so.2002edebian
#1 0xb7e1bf33 in mm_cache () from /usr/lib/libc-client.so.2002edebian
#2 0xb7e1bf68 in mm_cache () from /usr/lib/libc-client.so.2002edebian
#3 0xb7e1a1b3 in mail_free_cache () from
/usr/lib/libc-client.so.2002edebian
#4 0xb7e1a275 in mail_close_full () from
/usr/lib/libc-client.so.2002edebian
#5 0x08115f55 in mail_close_it (rsrc=0xb78affcc) at
/root/php-5.2.9/ext/imap/php_imap.c:224
#6 0x0832bae8 in list_entry_destructor (ptr=0xb78affcc) at
/root/php-5.2.9/Zend/zend_list.c:184
#7 0x083292e2 in zend_hash_del_key_or_index (ht=0x848d608, arKey=0x0,
nKeyLength=0, h=4, flag=1) at /root/php-5.2.9/Zend/zend_hash.c:497
#8 0x0832b7a3 in _zend_list_delete (id=4) at
/root/php-5.2.9/Zend/zend_list.c:58
#9 0x08119531 in zif_imap_close (ht=1, return_value=0xb78aeff8,
return_value_ptr=0x0, this_ptr=0x0, return_value_used=0) at
/root/php-5.2.9/ext/imap/php_imap.c:1158
#10 0x08342977 in zend_do_fcall_common_helper_SPEC
(execute_data=0xbf9db294) at /root/php-5.2.9/Zend/zend_vm_execute.h:200
#11 0x083484c3 in ZEND_DO_FCALL_SPEC_CONST_HANDLER
(execute_data=0xbf9db294) at /root/php-5.2.9/Zend/zend_vm_execute.h:1729
#12 0x083424da in execute (op_array=0xb78af738) at
/root/php-5.2.9/Zend/zend_vm_execute.h:92
#13 0x0831d5ef in zend_execute_scripts (type=8, retval=0x0, file_count=3)
at /root/php-5.2.9/Zend/zend.c:1134
#14 0x082cb7ea in php_execute_script (primary_file=0xbf9dd62c) at
/root/php-5.2.9/main/main.c:2023
#15 0x0839a467 in main (argc=2, argv=0xbf9dd764) at
/root/php-5.2.9/sapi/cli/php_cli.c:1133
(gdb)
--
Edit bug report at http://bugs.php.net/?id=47696&edit=1
--
Try a CVS snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=47696&r=trysnapshot52
Try a CVS snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=47696&r=trysnapshot53
Try a CVS snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=47696&r=trysnapshot60
Fixed in CVS:
http://bugs.php.net/fix.php?id=47696&r=fixedcvs
Fixed in CVS and need be documented:
http://bugs.php.net/fix.php?id=47696&r=needdocs
Fixed in release:
http://bugs.php.net/fix.php?id=47696&r=alreadyfixed
Need backtrace:
http://bugs.php.net/fix.php?id=47696&r=needtrace
Need Reproduce Script:
http://bugs.php.net/fix.php?id=47696&r=needscript
Try newer version:
http://bugs.php.net/fix.php?id=47696&r=oldversion
Not developer issue:
http://bugs.php.net/fix.php?id=47696&r=support
Expected behavior:
http://bugs.php.net/fix.php?id=47696&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=47696&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=47696&r=submittedtwice
register_globals:
http://bugs.php.net/fix.php?id=47696&r=globals
PHP 4 support discontinued: http://bugs.php.net/fix.php?id=47696&r=php4
Daylight Savings: http://bugs.php.net/fix.php?id=47696&r=dst
IIS Stability:
http://bugs.php.net/fix.php?id=47696&r=isapi
Install GNU Sed:
http://bugs.php.net/fix.php?id=47696&r=gnused
Floating point limitations:
http://bugs.php.net/fix.php?id=47696&r=float
No Zend Extensions:
http://bugs.php.net/fix.php?id=47696&r=nozend
MySQL Configuration Error:
http://bugs.php.net/fix.php?id=47696&r=mysqlcfg
