#26025 [NEW]: segfault when glob() is called with GLOB_BRACE and there are no matches
From: ryan at wonko dot com Operating system: FreeBSD 4.7-RELEASE PHP version: 4.3.4RC2 PHP Bug Type: Filesystem function related Bug description: segfault when glob() is called with GLOB_BRACE and there are no matches Description: When you call glob() with the GLOB_BRACE flag set, PHP segfaults if there are no files or directories matching the pattern. I'm running Apache 2.0.47 and PHP was built with the following configure line: './configure' '--enable-versioning' '--enable-memory-limit' '--with-layout=GNU' '--with-zlib-dir=/usr' '--disable-all' '--with-regex=php' '--disable-cli' '--with-bz2=/usr' '--enable-ctype' '--with-dom=/usr/local' '--enable-exif' '--enable-ftp' '--with-gd' '--enable-gd-native-ttf' '--enable-gd-jis-conv' '--with-freetype-dir=/usr/local' '--with-jpeg-dir=/usr/local' '--with-png-dir=/usr/local' '--with-xpm-dir=/usr/local' '--with-gettext=/usr/local' '--with-mysql=/usr/local' '--with-openssl-dir=/usr/local' '--with-openssl=/usr/local' '--enable-overload' '--with-pcre-regex=yes' '--enable-posix' '--with-pspell=/usr/local' '--enable-session' '--enable-sockets' '--enable-tokenizer' '--with-expat-dir=/usr/local' '--enable-xml' '--with-zip=/usr/local' '--with-zlib=yes' '--with-apxs2=/usr/local/sbin/apxs' '--with-imap=/usr/local' '--with-imap-ssl=/usr/local' '--prefix=/usr/local' 'i386-portbld-freebsd4.7' Reproduce code: --- Expected result: glob() should return FALSE, indicating that there were no files or directories matching the pattern. Actual result: -- PHP exits on signal 11 (segmentation fault), as illustrated by these entries in my Apache error log: [Tue Oct 28 22:38:02 2003] [notice] child pid 68645 exit signal Segmentation fault (11) [Tue Oct 28 22:38:03 2003] [notice] child pid 68670 exit signal Segmentation fault (11) [Tue Oct 28 22:38:12 2003] [notice] child pid 68800 exit signal Segmentation fault (11) -- Edit bug report at http://bugs.php.net/?id=26025&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=26025&r=trysnapshot4 Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=26025&r=trysnapshot5 Fixed in CVS: http://bugs.php.net/fix.php?id=26025&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=26025&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=26025&r=needtrace Try newer version: http://bugs.php.net/fix.php?id=26025&r=oldversion Not developer issue:http://bugs.php.net/fix.php?id=26025&r=support Expected behavior: http://bugs.php.net/fix.php?id=26025&r=notwrong Not enough info:http://bugs.php.net/fix.php?id=26025&r=notenoughinfo Submitted twice:http://bugs.php.net/fix.php?id=26025&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=26025&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=26025&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=26025&r=dst IIS Stability: http://bugs.php.net/fix.php?id=26025&r=isapi Install GNU Sed:http://bugs.php.net/fix.php?id=26025&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=26025&r=float
#26025 [Fbk->Opn]: segfault when glob() is called with GLOB_BRACE and there are no matches
ID: 26025 User updated by: ryan at wonko dot com Reported By: ryan at wonko dot com -Status: Feedback +Status: Open Bug Type: Filesystem function related Operating System: FreeBSD 4.7-RELEASE PHP Version: 4.3.4RC2 New Comment: Here's the backtrace: #0 0x80b0906 in zif_glob (ht=2, return_value=0x81fb224, this_ptr=0x0, return_value_used=0) at /usr/home/ryan/testphp/php-4.3.4RC2/ext/standard/dir.c:409 #1 0x8166a93 in execute (op_array=0x81fa8a4) at /usr/home/ryan/testphp/php-4.3.4RC2/Zend/zend_execute.c:1616 #2 0x8155d49 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /usr/home/ryan/testphp/php-4.3.4RC2/Zend/zend.c:885 #3 0x81231a3 in php_execute_script (primary_file=0xbfbffb40) at /usr/home/ryan/testphp/php-4.3.4RC2/main/main.c:1729 #4 0x816caf7 in main (argc=2, argv=0xbfbffbb0) at /usr/home/ryan/testphp/php-4.3.4RC2/sapi/cli/php_cli.c:819 #5 0x806035d in _start () Previous Comments: [2003-10-29 01:44:23] [EMAIL PROTECTED] Thank you for this bug report. To properly diagnose the problem, we need a backtrace to see what is happening behind the scenes. To find out how to generate a backtrace, please read http://bugs.php.net/bugs-generating-backtrace.php Once you have generated a backtrace, please submit it to this bug report and change the status back to "Open". Thank you for helping us make PHP better. . [2003-10-29 01:41:55] ryan at wonko dot com Description: When you call glob() with the GLOB_BRACE flag set, PHP segfaults if there are no files or directories matching the pattern. I'm running Apache 2.0.47 and PHP was built with the following configure line: './configure' '--enable-versioning' '--enable-memory-limit' '--with-layout=GNU' '--with-zlib-dir=/usr' '--disable-all' '--with-regex=php' '--disable-cli' '--with-bz2=/usr' '--enable-ctype' '--with-dom=/usr/local' '--enable-exif' '--enable-ftp' '--with-gd' '--enable-gd-native-ttf' '--enable-gd-jis-conv' '--with-freetype-dir=/usr/local' '--with-jpeg-dir=/usr/local' '--with-png-dir=/usr/local' '--with-xpm-dir=/usr/local' '--with-gettext=/usr/local' '--with-mysql=/usr/local' '--with-openssl-dir=/usr/local' '--with-openssl=/usr/local' '--enable-overload' '--with-pcre-regex=yes' '--enable-posix' '--with-pspell=/usr/local' '--enable-session' '--enable-sockets' '--enable-tokenizer' '--with-expat-dir=/usr/local' '--enable-xml' '--with-zip=/usr/local' '--with-zlib=yes' '--with-apxs2=/usr/local/sbin/apxs' '--with-imap=/usr/local' '--with-imap-ssl=/usr/local' '--prefix=/usr/local' 'i386-portbld-freebsd4.7' Reproduce code: --- Expected result: glob() should return FALSE, indicating that there were no files or directories matching the pattern. Actual result: -- PHP exits on signal 11 (segmentation fault), as illustrated by these entries in my Apache error log: [Tue Oct 28 22:38:02 2003] [notice] child pid 68645 exit signal Segmentation fault (11) [Tue Oct 28 22:38:03 2003] [notice] child pid 68670 exit signal Segmentation fault (11) [Tue Oct 28 22:38:12 2003] [notice] child pid 68800 exit signal Segmentation fault (11) -- Edit this bug report at http://bugs.php.net/?id=26025&edit=1
#26025 [Fbk->Opn]: segfault when glob() is called with GLOB_BRACE and there are no matches
ID: 26025 User updated by: ryan at wonko dot com Reported By: ryan at wonko dot com -Status: Feedback +Status: Open Bug Type: Filesystem function related Operating System: FreeBSD 4.7-RELEASE PHP Version: 4.3.4RC2 New Comment: This problem is still present in the php4-STABLE-200310292030 snapshot. Backtrace follows: #0 0x80b0a96 in zif_glob (ht=2, return_value=0x81fd224, this_ptr=0x0, return_value_used=0) at /usr/home/ryan/testphp/php4-STABLE-200310292030/ext/standard/dir.c:409 #1 0x8166c1b in execute (op_array=0x81fc824) at /usr/home/ryan/testphp/php4-STABLE-200310292030/Zend/zend_execute.c:1616 #2 0x8155ed1 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /usr/home/ryan/testphp/php4-STABLE-200310292030/Zend/zend.c:884 #3 0x812 in php_execute_script (primary_file=0xbfbffb38) at /usr/home/ryan/testphp/php4-STABLE-200310292030/main/main.c:1729 #4 0x816cc7f in main (argc=2, argv=0xbfbffba8) at /usr/home/ryan/testphp/php4-STABLE-200310292030/sapi/cli/php_cli.c:819 #5 0x806035d in _start () Previous Comments: [2003-10-29 15:58:02] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php4-STABLE-latest.tar.gz For Windows: http://snaps.php.net/win32/php4-win32-STABLE-latest.zip [2003-10-29 02:06:23] ryan at wonko dot com Here's the backtrace: #0 0x80b0906 in zif_glob (ht=2, return_value=0x81fb224, this_ptr=0x0, return_value_used=0) at /usr/home/ryan/testphp/php-4.3.4RC2/ext/standard/dir.c:409 #1 0x8166a93 in execute (op_array=0x81fa8a4) at /usr/home/ryan/testphp/php-4.3.4RC2/Zend/zend_execute.c:1616 #2 0x8155d49 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /usr/home/ryan/testphp/php-4.3.4RC2/Zend/zend.c:885 #3 0x81231a3 in php_execute_script (primary_file=0xbfbffb40) at /usr/home/ryan/testphp/php-4.3.4RC2/main/main.c:1729 #4 0x816caf7 in main (argc=2, argv=0xbfbffbb0) at /usr/home/ryan/testphp/php-4.3.4RC2/sapi/cli/php_cli.c:819 #5 0x806035d in _start () [2003-10-29 01:41:55] ryan at wonko dot com Description: When you call glob() with the GLOB_BRACE flag set, PHP segfaults if there are no files or directories matching the pattern. I'm running Apache 2.0.47 and PHP was built with the following configure line: './configure' '--enable-versioning' '--enable-memory-limit' '--with-layout=GNU' '--with-zlib-dir=/usr' '--disable-all' '--with-regex=php' '--disable-cli' '--with-bz2=/usr' '--enable-ctype' '--with-dom=/usr/local' '--enable-exif' '--enable-ftp' '--with-gd' '--enable-gd-native-ttf' '--enable-gd-jis-conv' '--with-freetype-dir=/usr/local' '--with-jpeg-dir=/usr/local' '--with-png-dir=/usr/local' '--with-xpm-dir=/usr/local' '--with-gettext=/usr/local' '--with-mysql=/usr/local' '--with-openssl-dir=/usr/local' '--with-openssl=/usr/local' '--enable-overload' '--with-pcre-regex=yes' '--enable-posix' '--with-pspell=/usr/local' '--enable-session' '--enable-sockets' '--enable-tokenizer' '--with-expat-dir=/usr/local' '--enable-xml' '--with-zip=/usr/local' '--with-zlib=yes' '--with-apxs2=/usr/local/sbin/apxs' '--with-imap=/usr/local' '--with-imap-ssl=/usr/local' '--prefix=/usr/local' 'i386-portbld-freebsd4.7' Reproduce code: --- Expected result: glob() should return FALSE, indicating that there were no files or directories matching the pattern. Actual result: -- PHP exits on signal 11 (segmentation fault), as illustrated by these entries in my Apache error log: [Tue Oct 28 22:38:02 2003] [notice] child pid 68645 exit signal Segmentation fault (11) [Tue Oct 28 22:38:03 2003] [notice] child pid 68670 exit signal Segmentation fault (11) [Tue Oct 28 22:38:12 2003] [notice] child pid 68800 exit signal Segmentation fault (11) -- Edit this bug report at http://bugs.php.net/?id=26025&edit=1
#26025 [Csd->Opn]: segfault when glob() is called with GLOB_BRACE and there are no matches
ID: 26025 User updated by: ryan at wonko dot com Reported By: ryan at wonko dot com -Status: Closed +Status: Open Bug Type: Filesystem function related Operating System: FreeBSD 4.7-RELEASE PHP Version: 4.3.4RC2 New Comment: The segfault is fixed in recent CVS snapshots, but now glob() returns an empty array when no matches are found. This is improper behavior. According to the documentation at http://php.net/glob, glob() should return an array if matches are found, or FALSE if there are no matches. Previous Comments: [2003-10-29 16:52:30] [EMAIL PROTECTED] This bug has been fixed in CVS. In case this was a PHP problem, snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. In case this was a documentation problem, the fix will show up soon at http://www.php.net/manual/. In case this was a PHP.net website problem, the change will show up on the PHP.net site and on the mirror sites in short time. Thank you for the report, and for helping us make PHP better. [2003-10-29 02:06:23] ryan at wonko dot com Here's the backtrace: #0 0x80b0906 in zif_glob (ht=2, return_value=0x81fb224, this_ptr=0x0, return_value_used=0) at /usr/home/ryan/testphp/php-4.3.4RC2/ext/standard/dir.c:409 #1 0x8166a93 in execute (op_array=0x81fa8a4) at /usr/home/ryan/testphp/php-4.3.4RC2/Zend/zend_execute.c:1616 #2 0x8155d49 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /usr/home/ryan/testphp/php-4.3.4RC2/Zend/zend.c:885 #3 0x81231a3 in php_execute_script (primary_file=0xbfbffb40) at /usr/home/ryan/testphp/php-4.3.4RC2/main/main.c:1729 #4 0x816caf7 in main (argc=2, argv=0xbfbffbb0) at /usr/home/ryan/testphp/php-4.3.4RC2/sapi/cli/php_cli.c:819 #5 0x806035d in _start () [2003-10-29 01:41:55] ryan at wonko dot com Description: When you call glob() with the GLOB_BRACE flag set, PHP segfaults if there are no files or directories matching the pattern. I'm running Apache 2.0.47 and PHP was built with the following configure line: './configure' '--enable-versioning' '--enable-memory-limit' '--with-layout=GNU' '--with-zlib-dir=/usr' '--disable-all' '--with-regex=php' '--disable-cli' '--with-bz2=/usr' '--enable-ctype' '--with-dom=/usr/local' '--enable-exif' '--enable-ftp' '--with-gd' '--enable-gd-native-ttf' '--enable-gd-jis-conv' '--with-freetype-dir=/usr/local' '--with-jpeg-dir=/usr/local' '--with-png-dir=/usr/local' '--with-xpm-dir=/usr/local' '--with-gettext=/usr/local' '--with-mysql=/usr/local' '--with-openssl-dir=/usr/local' '--with-openssl=/usr/local' '--enable-overload' '--with-pcre-regex=yes' '--enable-posix' '--with-pspell=/usr/local' '--enable-session' '--enable-sockets' '--enable-tokenizer' '--with-expat-dir=/usr/local' '--enable-xml' '--with-zip=/usr/local' '--with-zlib=yes' '--with-apxs2=/usr/local/sbin/apxs' '--with-imap=/usr/local' '--with-imap-ssl=/usr/local' '--prefix=/usr/local' 'i386-portbld-freebsd4.7' Reproduce code: --- Expected result: glob() should return FALSE, indicating that there were no files or directories matching the pattern. Actual result: -- PHP exits on signal 11 (segmentation fault), as illustrated by these entries in my Apache error log: [Tue Oct 28 22:38:02 2003] [notice] child pid 68645 exit signal Segmentation fault (11) [Tue Oct 28 22:38:03 2003] [notice] child pid 68670 exit signal Segmentation fault (11) [Tue Oct 28 22:38:12 2003] [notice] child pid 68800 exit signal Segmentation fault (11) -- Edit this bug report at http://bugs.php.net/?id=26025&edit=1
#26025 [Opn->Csd]: segfault when glob() is called with GLOB_BRACE and there are no matches
ID: 26025 User updated by: ryan at wonko dot com Reported By: ryan at wonko dot com -Status: Open +Status: Closed Bug Type: Filesystem function related Operating System: FreeBSD 4.7-RELEASE PHP Version: 4.3.4RC2 New Comment: Hmm. On second thought, after re-reading the documentation, this may be the proper behavior after all. The docs say glob() returns FALSE on error, not when there are no matches found. My apologies. Re-closing the bug. Previous Comments: [2003-10-29 22:42:53] ryan at wonko dot com The segfault is fixed in recent CVS snapshots, but now glob() returns an empty array when no matches are found. This is improper behavior. According to the documentation at http://php.net/glob, glob() should return an array if matches are found, or FALSE if there are no matches. [2003-10-29 16:52:30] [EMAIL PROTECTED] This bug has been fixed in CVS. In case this was a PHP problem, snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. In case this was a documentation problem, the fix will show up soon at http://www.php.net/manual/. In case this was a PHP.net website problem, the change will show up on the PHP.net site and on the mirror sites in short time. Thank you for the report, and for helping us make PHP better. [2003-10-29 02:06:23] ryan at wonko dot com Here's the backtrace: #0 0x80b0906 in zif_glob (ht=2, return_value=0x81fb224, this_ptr=0x0, return_value_used=0) at /usr/home/ryan/testphp/php-4.3.4RC2/ext/standard/dir.c:409 #1 0x8166a93 in execute (op_array=0x81fa8a4) at /usr/home/ryan/testphp/php-4.3.4RC2/Zend/zend_execute.c:1616 #2 0x8155d49 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /usr/home/ryan/testphp/php-4.3.4RC2/Zend/zend.c:885 #3 0x81231a3 in php_execute_script (primary_file=0xbfbffb40) at /usr/home/ryan/testphp/php-4.3.4RC2/main/main.c:1729 #4 0x816caf7 in main (argc=2, argv=0xbfbffbb0) at /usr/home/ryan/testphp/php-4.3.4RC2/sapi/cli/php_cli.c:819 #5 0x806035d in _start () [2003-10-29 01:41:55] ryan at wonko dot com Description: When you call glob() with the GLOB_BRACE flag set, PHP segfaults if there are no files or directories matching the pattern. I'm running Apache 2.0.47 and PHP was built with the following configure line: './configure' '--enable-versioning' '--enable-memory-limit' '--with-layout=GNU' '--with-zlib-dir=/usr' '--disable-all' '--with-regex=php' '--disable-cli' '--with-bz2=/usr' '--enable-ctype' '--with-dom=/usr/local' '--enable-exif' '--enable-ftp' '--with-gd' '--enable-gd-native-ttf' '--enable-gd-jis-conv' '--with-freetype-dir=/usr/local' '--with-jpeg-dir=/usr/local' '--with-png-dir=/usr/local' '--with-xpm-dir=/usr/local' '--with-gettext=/usr/local' '--with-mysql=/usr/local' '--with-openssl-dir=/usr/local' '--with-openssl=/usr/local' '--enable-overload' '--with-pcre-regex=yes' '--enable-posix' '--with-pspell=/usr/local' '--enable-session' '--enable-sockets' '--enable-tokenizer' '--with-expat-dir=/usr/local' '--enable-xml' '--with-zip=/usr/local' '--with-zlib=yes' '--with-apxs2=/usr/local/sbin/apxs' '--with-imap=/usr/local' '--with-imap-ssl=/usr/local' '--prefix=/usr/local' 'i386-portbld-freebsd4.7' Reproduce code: --- Expected result: glob() should return FALSE, indicating that there were no files or directories matching the pattern. Actual result: -- PHP exits on signal 11 (segmentation fault), as illustrated by these entries in my Apache error log: [Tue Oct 28 22:38:02 2003] [notice] child pid 68645 exit signal Segmentation fault (11) [Tue Oct 28 22:38:03 2003] [notice] child pid 68670 exit signal Segmentation fault (11) [Tue Oct 28 22:38:12 2003] [notice] child pid 68800 exit signal Segmentation fault (11) -- Edit this bug report at http://bugs.php.net/?id=26025&edit=1
#28840 [Com]: __destruct of a class that extends mysqli not called
ID: 28840 Comment by: ryan at wonko dot com Reported By: rodolfo at rodsoft dot org Status: Open Bug Type: Zend Engine 2 problem Operating System: linux 2.6.7 PHP Version: 5.0.0RC3 New Comment: I'm experiencing this problem with a class that extends DOMDocument using PHP 5.0.3 under both Windows XP and FreeBSD 5.3. Previous Comments: [2004-12-01 23:54:16] tfraser at jeffsys dot net As of 5.0.2, the same problem occurs. [2004-06-19 02:22:55] rodolfo at rodsoft dot org Description: When you create a class by extending mysqli or mysqli_result and add a destructor to it (to automatically call mysqli::close, for instance), it doesn't get called when the object gets out of scope. Reproduce code: --- Expected result: born died Actual result: -- born -- Edit this bug report at http://bugs.php.net/?id=28840&edit=1
