#44872 [Com]: canary mismatch on efree() - heap overflow detected

neofutur dot php at ww7 dot be Wed, 09 Sep 2009 05:03:44 -0700

 ID:               44872
 Comment by:       neofutur dot php at ww7 dot be
 Reported By:      mattr at shoplet dot com
 Status:           No Feedback
 Bug Type:         MySQLi related
 Operating System: FreeBSD 6.2
 PHP Version:      5.2.5
 New Comment:


update/workaround . . . but scary . . .

 someone on ##php tols me to restart apache, that when you get one of 
those canary mismatch on efree() you get many until you restart apache.
 I didnt pay attention at the beginning but finally tried it.

 Its simply true, when you get those messages , restart apache and you
will see no more of them ( until the next apache overflow ? )


Previous Comments:
------------------------------------------------------------------------

[2009-09-09 10:21:49] neofutur dot php at ww7 dot be

I also tried the code suggested :

<?php
$demo_user[]=(object)array("first" => 1);
$demo_user[]=(object)array("second" => 2);
$demo_user[]=(object)array("third" => 3);

echo "<pre>"; var_dump($demo_user); echo "</pre>";

?>

 This doesnt trigger any error message here

------------------------------------------------------------------------

[2009-09-09 10:07:50] neofutur dot php at ww7 dot be

your bugtool dont accept my comment after 40 attempts, so I just post
the pastebin url containing all my comments and logs :

http://dpaste.com/91360/

------------------------------------------------------------------------

[2009-09-09 09:56:15] joeysmith at gmail dot com

Sorry for the noise - testing the assertion that CAPTCHAs are broken.

------------------------------------------------------------------------

[2009-08-20 07:42:34] p dot elagin at gmail dot com

PHP Version 5.2.10-2
Linux xxxxxxx.ru 2.6.26-2-amd64 #1 SMP Fri Aug 14 07:12:04 UTC 2009
x86_64
___
Same Problem
[Thu Aug 20 11:34:09 2009] [error] [client 212.16.10.34] ALERT - canary
mismatch on efree() - heap overflow detected (attacker 'xxxxxxx', file
'xxxxxxx/index.php'), referer: http://text.foothold.ru/index.php

Linux - Debian ( squeeze )

i have this problem when i install 5.2.10-1, i reinstall to 5.2.9 all
is ok. now i update my system and problem restore ((((

------------------------------------------------------------------------

[2009-08-07 12:44:19] werner at flyingdog dot de

I also can reproduce this error (Suhosin Patch installed). Very simple
test script: 


<?php
$demo_user[]=(object)array("first" => 1);
$demo_user[]=(object)array("second" => 2);
$demo_user[]=(object)array("third" => 3);

echo "<pre>"; var_dump($demo_user); echo "</pre>";

?>

Error Log:
[Fri Aug 07 14:38:06 2009] [error] [client xx.xx.xx.xx] ALERT - canary
mismatch on efree() - heap overflow detected (attacker 'xx.xx.xx.xx',
file '/somedir/somedir/htdocs/f.php', line 2)

Version Info:

Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.6 with Suhosin-Patch
proxy_html/3.0.0 Server at xxxxxx Port 80

------------------------------------------------------------------------

The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
    http://bugs.php.net/44872

-- 
Edit this bug report at http://bugs.php.net/?id=44872&edit=1

#44872 [Com]: canary mismatch on efree() - heap overflow detected

Reply via email to