Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:16049
HistoryFeb 13, 2007 - 12:00 a.m.

[PHP-DEV] PHP 5.2.1 crashing Apache/IIS...

2007-02-1300:00:00
vulners.com
22

Heads up! Installed the latest Win32 binaries of thread-safe PHP 5.2.1
on Win32 Apache and IIS. PHP started crashing (definitely PHP -
php5ts.dll) when I went to access the MyProBB web forum. (Win32 Apache
flat out crashes, IIS bails with HTTP 500 errors).

Forum crashes PHP 5.2.1:
http://www.cubiclesoft.com/Forum/

Source to the forum software is here:
http://www.cubiclesoft.com/MyProBB/

Worked fine under 5.2.0. I only depend on PHP for the forum.
A straight-up phpinfo(); page seems to work fine.
I upgraded by killing each webserver instance, copying the files from
the ZIP file over the existing PHP directories and files, and restarting
the server.

So I then took the hard route of deleting the PHP directory and dumping
the binaries into it from scratch and putting together a working php.ini
file again…crash.

So I tried to narrow down the problem and it appeared to be crashing in
a VERY bizarre location:

$Data = str_ireplace("\n", "<br>", $Data);

So, I created a test script and eventually narrowed it down to:

<?
$Data = "Change tracking and management software designed to watch
for abnormal system behavior.\nSuggest features, report bugs, or ask
questions here.";
$Data = str_ireplace("\r\n", "<br>", $Data);
$Data = str_ireplace("\n", "<br>", $Data);
$Data = str_ireplace("\r\n", "<br>", $Data);
$Data = str_ireplace("\n", "<br>", $Data);
$Data = str_ireplace("\r\n", "<br>", $Data);
$Data = str_ireplace("\n", "<br>", $Data);
$Data = str_ireplace("\r\n", "<br>", $Data);
$Data = str_ireplace("\n", "<br>", $Data);
$Data = str_ireplace("\r\n", "<br>", $Data);
$Data = str_ireplace("\n", "<br>", $Data);
$Data = str_ireplace("\r\n", "<br>", $Data);
$Data = str_ireplace("\n", "<br>", $Data);
$Data = str_ireplace("\r\n", "<br>", $Data);
$Data = str_ireplace("\n", "<br>", $Data);
?>

This script crashes PHP 5.2.1 everywhere. Command-line and web server
(module and CGI modes). IMO, there's a bug somewhere in str_ireplace().
But it could be also more fundamental with how Zend treats variables.
All that showing data around assigning a variable to itself.

–
Thomas Hruska
CubicleSoft President
Ph: 517-803-4197

http://www.CubicleSoft.com/

–
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php