#48744 [NEW]: Segmentation fault with open_basedir enabled

[tom at ideaweb dot de]

From:             tom at ideaweb dot de
Operating system: Linux Debian Etch
PHP version:      5.3.0
PHP Bug Type:     Safe Mode/open_basedir
Bug description:  Segmentation fault with open_basedir enabled

Description:
------------
Segmentation fault if the following line is enabled in apache.conf:

php_admin_value open_basedir 
/www/htdocs/ecolint.ch/dev:/www/htdocs/ecolint.ch/tmp:/www/htdocs/ecol
int.ch/mysql

Maybe i made something wrong or its not a bug in php, because i not 
really understand the debug output, but i hope it helps =)

(gdb) run -X
Starting program: /www/apache/2.2.11/bin/httpd -X
Failed to read a valid object file image from memory.
[Thread debugging using libthread_db enabled]
[New Thread -1212832064 (LWP 4837)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1212832064 (LWP 4837)]
0xb757a7b7 in OnUpdateBaseDir (entry=0x824fba0, 
    new_value=0x83b6398 
"/www/htdocs/ecolint.ch/dev:/www/htdocs/ecolint.ch/tmp:/www/htdocs/eco
lint.ch/mysql", 
    new_value_length=82, mh_arg1=0x48, mh_arg2=0xb7b593a0, 
mh_arg3=0x0, stage=4) at /www/src/php-5.3.0/main/fopen_wrappers.c:103
103             if (!*p || !**p) {
(gdb) bt
#0  0xb757a7b7 in OnUpdateBaseDir (entry=0x824fba0, 
    new_value=0x83b6398 
"/www/htdocs/ecolint.ch/dev:/www/htdocs/ecolint.ch/tmp:/www/htdocs/eco
lint.ch/mysql", 
    new_value_length=82, mh_arg1=0x48, mh_arg2=0xb7b593a0, 
mh_arg3=0x0, stage=4) at /www/src/php-5.3.0/main/fopen_wrappers.c:103
#1  0xb75f6d09 in zend_alter_ini_entry_ex (name=0x819a670 
"open_basedir", name_length=13, 
    new_value=0x8228770 
"/www/htdocs/ecolint.ch/dev:/www/htdocs/ecolint.ch/tmp:/www/htdocs/eco
lint.ch/mysql", 
    new_value_length=82, modify_type=4, stage=4, force_change=0) at 
/www/src/php-5.3.0/Zend/zend_ini.c:285
#2  0xb75f6b0f in zend_alter_ini_entry (name=0x819a670 "open_basedir", 
name_length=13, 
    new_value=0x8228770 
"/www/htdocs/ecolint.ch/dev:/www/htdocs/ecolint.ch/tmp:/www/htdocs/eco
lint.ch/mysql", 
    new_value_length=82, modify_type=4, stage=4) at /www/src/php-
5.3.0/Zend/zend_ini.c:243
#3  0xb76a86b6 in apply_config (dummy=0x8228df8) at /www/src/php-
5.3.0/sapi/apache2handler/apache_config.c:197
#4  0xb76a7a73 in php_handler (r=0x837fe30) at /www/src/php-
5.3.0/sapi/apache2handler/sapi_apache2.c:547
#5  0x0807dad7 in ap_run_handler (r=0x837fe30) at config.c:157
#6  0x08080bc7 in ap_invoke_handler (r=0x837fe30) at config.c:372
#7  0x080c8658 in ap_process_request (r=0x837fe30) at 
http_request.c:282
#8  0x080c581e in ap_process_http_connection (c=0x836fd40) at 
http_core.c:190
#9  0x08084a87 in ap_run_process_connection (c=0x836fd40) at 
connection.c:43
#10 0x080f846d in child_main (child_num_arg=<value optimized out>) at 
prefork.c:650
#11 0x080f86a5 in make_child (s=0x813d648, slot=0) at prefork.c:690
#12 0x080f944c in ap_mpm_run (_pconf=0x81380a8, plog=0x8188328, 
s=0x813d648) at prefork.c:966
#13 0x0806b44f in main (argc=135487648, argv=0x836db60) at main.c:740



-- 
Edit bug report at http://bugs.php.net/?id=48744&edit=1
-- 
Try a CVS snapshot (PHP 5.2):        
http://bugs.php.net/fix.php?id=48744&r=trysnapshot52
Try a CVS snapshot (PHP 5.3):        
http://bugs.php.net/fix.php?id=48744&r=trysnapshot53
Try a CVS snapshot (PHP 6.0):        
http://bugs.php.net/fix.php?id=48744&r=trysnapshot60
Fixed in CVS:                        
http://bugs.php.net/fix.php?id=48744&r=fixedcvs
Fixed in CVS and need be documented: 
http://bugs.php.net/fix.php?id=48744&r=needdocs
Fixed in release:                    
http://bugs.php.net/fix.php?id=48744&r=alreadyfixed
Need backtrace:                      
http://bugs.php.net/fix.php?id=48744&r=needtrace
Need Reproduce Script:               
http://bugs.php.net/fix.php?id=48744&r=needscript
Try newer version:                   
http://bugs.php.net/fix.php?id=48744&r=oldversion
Not developer issue:                 
http://bugs.php.net/fix.php?id=48744&r=support
Expected behavior:                   
http://bugs.php.net/fix.php?id=48744&r=notwrong
Not enough info:                     
http://bugs.php.net/fix.php?id=48744&r=notenoughinfo
Submitted twice:                     
http://bugs.php.net/fix.php?id=48744&r=submittedtwice
register_globals:                    
http://bugs.php.net/fix.php?id=48744&r=globals
PHP 4 support discontinued:          http://bugs.php.net/fix.php?id=48744&r=php4
Daylight Savings:                    http://bugs.php.net/fix.php?id=48744&r=dst
IIS Stability:                       
http://bugs.php.net/fix.php?id=48744&r=isapi
Install GNU Sed:                     
http://bugs.php.net/fix.php?id=48744&r=gnused
Floating point limitations:          
http://bugs.php.net/fix.php?id=48744&r=float
No Zend Extensions:                  
http://bugs.php.net/fix.php?id=48744&r=nozend
MySQL Configuration Error:           
http://bugs.php.net/fix.php?id=48744&r=mysqlcfg