https://bugzilla.novell.com/show_bug.cgi?id=641968 https://bugzilla.novell.com/show_bug.cgi?id=641968#c0 Summary: apache process crash with SIGSEGV, Segmentation fault, when call a php program (drupal) Classification: openSUSE Product: openSUSE 11.3 Version: Final Platform: x86-64 OS/Version: openSUSE 11.3 Status: NEW Severity: Critical Priority: P5 - None Component: Apache AssignedTo: bnc-team-apache@forge.provo.novell.com ReportedBy: justo.alonso@gmail.com QAContact: qa@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.9) Gecko/20100908 CentOS/3.6-2.el5.centos Firefox/3.6.9 Apache is in prefork mode, apache and php from suse standard packages (last update avalaible) gdb say: Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7ffff7f81700 (LWP 22914)] 0x00007ffff222627f in ?? () from /usr/lib64/apache2/mod_php5.so (gdb) bt #0 0x00007ffff222627f in ?? () from /usr/lib64/apache2/mod_php5.so #1 0x00007ffff2236e62 in _zval_ptr_dtor () from /usr/lib64/apache2/mod_php5.so #2 0x00007ffff22c591b in ?? () from /usr/lib64/apache2/mod_php5.so #3 0x00007ffff2268d44 in execute () from /usr/lib64/apache2/mod_php5.so #4 0x00007ffff2238ae7 in zend_call_function () from /usr/lib64/apache2/mod_php5.so #5 0x00007ffff2192517 in ?? () from /usr/lib64/apache2/mod_php5.so #6 0x00007ffff2290edd in ?? () from /usr/lib64/apache2/mod_php5.so #7 0x00007ffff2268d44 in execute () from /usr/lib64/apache2/mod_php5.so #8 0x00007ffff2246796 in zend_execute_scripts () from /usr/lib64/apache2/mod_php5.so #9 0x00007ffff21f4453 in php_execute_script () from /usr/lib64/apache2/mod_php5.so #10 0x00007ffff22d7685 in ?? () from /usr/lib64/apache2/mod_php5.so #11 0x00007ffff7fd8218 in ap_run_handler () #12 0x00007ffff7fd8688 in ap_invoke_handler () #13 0x00007ffff7fe581c in ap_internal_redirect () #14 0x00007ffff27b739d in ?? () from /usr/lib64/apache2-prefork/mod_rewrite.so #15 0x00007ffff7fd8218 in ap_run_handler () #16 0x00007ffff7fd8688 in ap_invoke_handler () #17 0x00007ffff7fe6130 in ap_process_request () #18 0x00007ffff7fe31c8 in ?? () #19 0x00007ffff7fdee88 in ap_run_process_connection () #20 0x00007ffff7feab8a in ?? () #21 0x00007ffff7feae9a in ?? () #22 0x00007ffff7feaf57 in ?? () #23 0x00007ffff7feb8a5 in ap_mpm_run () #24 0x00007ffff7fc318e in main () (gdb) generate-core-file Saved corefile core.22914 (gdb) quit Reproducible: Always Steps to Reproduce: Start apache, login on drupal, and call url of the module Actual Results: Apache crash: [Mon Sep 27 10:24:01 2010] [notice] ModSecurity for Apache/2.5.12 (http://www.modsecurity.org/) configured. [Mon Sep 27 10:24:02 2010] [notice] Apache/2.2.15 (Linux/SUSE) mod_ssl/2.2.15 OpenSSL/1.0.0 PHP/5.3.3 mod_jk/1.2.30 configured -- resuming normal operations [Mon Sep 27 10:25:12 2010] [notice] child pid 22966 exit signal Segmentation fault (11) [Mon Sep 27 10:25:13 2010] [notice] child pid 22963 exit signal Segmentation fault (11) [Mon Sep 27 10:25:13 2010] [notice] child pid 22964 exit signal Segmentation fault (11) [Mon Sep 27 10:25:14 2010] [notice] child pid 22965 exit signal Segmentation fault (11) Expected Results: All work fine ! I try to compile de php 5.2 on opensuse 11.3, with suhosin patch. Then, a cannary error trows [Fri Sep 24 19:31:11 2010] [error] [client 172.16.250.160] ALERT - canary mismatch on efree() - heap overflow detected (attacker '172.16.250.160', file 'sites/all/modules/user_relationships/user_relationships_ui/user_relationships_ui.module', line 655), referer: http://www.example.com/user -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.