Site down after recompile Apache

Squirrel squirrel at mail.isot.com
Wed Mar 11 13:51:17 PDT 2009 

phpinfo shows that I do have pcre enabled with version 6.6 06-Feb-2006.

I've also noticed another error on differnet hosts:

ALERT - canary mismatch on efree() - heap overflow or double efree detected (attacker 'xx.xx.xx.xx', file '/..../public_html/libs/modOsDate/db_class.php', line 329)

function field_name($string) {   
           
    return "`" . preg_replace("/[^A-Za-z0-9_\-]/",'',$string) . "`";
}

So it definitely has to do with preg_replace function.  But what could be changed in Apache that would cause this?

Forgot to mention, when I recompiled Apache, I added suexec module, and that's the only thing changed.  Now httpd process is eating up all my CPU...

I'm in process of installing PHP 5.2.8.  If this doesn't fix, then I'll recompile Apache without suexec.


-------------------
PCShare.Com


-----Original message-----
From: "Peter C. Lai" peter at simons-rock.edu
Date: Wed, 11 Mar 2009 20:42:40 -0600
To: Squirrel squirrel at mail.isot.com
Subject: Re: Site down after recompile Apache

> I believe the Makefile for PHP5 states to use internal pcre library when
> building with APR2
> 
> On 2009-03-11 01:21:49PM -0600, Squirrel wrote:
> > I have restarted Apache many time before remaking it, and everything was fine.  Apparently, php 5.1.6_3 was parsing that preg_replace() just fine.  So could I've missed a tick when recompiling Apache?
> > 
> > Meanwhile, I will try installing php 5.2.8.
> > 
> >  
> > 
> > -----Original message-----
> > From: Jille Timmermans jille at quis.cx
> > Date: Wed, 11 Mar 2009 20:06:03 -0600
> > To: Squirrel squirrel at mail.isot.com
> > Subject: Re: Site down after recompile Apache
> > 
> > > Squirrel schreef:
> > > > I've made Apache 2.2.11 port yesterday:
> > > >  ...# make clean
> > > >  ...# make
> > > >  ...# make deinstall
> > > >  ...#make install
> > > > 
> > > > And all went well and all my normal websites come up without a problem.  But since then non of my Joomla 1.0.15 sites are coming up. The log shows:
> > > > 
> > > > PHP Warning: Wrong parameter count for chr() in ..../includes/phpInputFilter/class.inputfilter.php(457) : regexp code on line 1
> > > > PHP Parse error: syntax error, unexpected T_STRING in ..../includes/phpInputFilter/class.inputfilter.php(459) : regexp code on line 1
> > > > PHP Fatal error: preg_replace(): Failed evaluating code: \nchr(0x) in ..../includes/phpInputFilter/class.inputfilter.php on line 459
> > > > 
> > > > It seems all of sudden after recompiling Apache, it developed a problem with chr(\\1) and chr(0x\\1).   I didn't touch PHP or MySQL, just recompile of Apache, and it still has all same configurations and host info.
> > > By restarting apache you also reload mod_php, so if you have upgraded
> > > your PHP between your last apache restart and this one that might be it.
> > > and IIRC by restarting apache you also reload php.ini.
> > > 
> > > Another thing is that php5-pcre is now part of php5, and not an extra
> > > extension. I don't know whether that is also for 5.1.
> > > 
> > > The function below seems working on 5.2.8 and 5.3.0-beta1.
> > > 
> > > -- Jille
> > > > 
> > > > Below is the code that's causing it.
> > > > 
> > > > function decode($source)
> > > >        {
> > > >                // url decode
> > > >                $source = html_entity_decode($source, ENT_QUOTES, "ISO-8859-1");
> > > >                // convert decimal
> > > >                $source = preg_replace('/&#(\d+);/me', "chr(\\1)", $source); // decimal notation
> > > >                // convert hex
> > > >                $source = preg_replace('/&#x([a-f0-9]+);/mei', "chr(0x\\1)", $source); // hex notation
> > > >                return $source;
> > > >        }
> > > > 
> > > > I've googled and tried all suggestions but nothings helping. I'm using FreeBSD 6.2, Apache 2.2.11, PHP 5.1.6_3, MySQL 5.0.27.  Should I missed a something during remake of Apache?
> > > > 
> > > > Please help!!!
> > > > 
> > > > _______________________________________________
> > > > freebsd-stable at freebsd.org mailing list
> > > > http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> > > > To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
> > > 
> > _______________________________________________
> > freebsd-stable at freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> > To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
> 
> -- 
> ===========================================================
> Peter C. Lai                 | Bard College at Simon's Rock
> Systems Administrator        | 84 Alford Rd.
> Information Technology Svcs. | Gt. Barrington, MA 01230 USA
> peter AT simons-rock.edu     | (413) 528-7428
> ===========================================================
> 
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
>

More information about the freebsd-stable mailing list