ports/118980: php5-pcre can cause stack overflow in apache22 in normal use
Thomas Sandford
freebsduser at paradisegreen.co.uk
Mon Dec 24 01:30:01 UTC 2007
>Number: 118980
>Category: ports
>Synopsis: php5-pcre can cause stack overflow in apache22 in normal use
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Dec 24 01:30:01 UTC 2007
>Closed-Date:
>Last-Modified:
>Originator: Thomas Sandford
>Release: FreeBSD 7.0-BETA4 i386
>Organization:
>Environment:
System: FreeBSD miriam.paradisegreen.co.uk 7.0-BETA4 FreeBSD 7.0-BETA4 #0: Sun Dec 2 19:19:04 UTC 2007 root at logan.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
>Description:
Problem manifests itself as occurence of messages like
[Sat Dec 22 23:53:59 2007] [notice] child pid 71546 exit signal Illegal instruction (4)
in the apache error log. Digging has revealed that this is really a
stack overflow cause by excessive recursion in the pcre library.
It is possible to tell pcre not to store data on the stack when
recursing, but this is not enabled in the port or in php itself.
Problem does not seem to be easily repeatable in the command line
version of php, only the apache module (tested against apache22 only).
>How-To-Repeat:
portinstall apache22
portinstall php5-pcre
[configure building of apache module]
install symfony sandbox from www.symfony-project.org and enable access
attempt to access a symfony page in non-debug mode
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list