[php-maint] Bug#481737: Bug#481737: Bug#481737: Bug#481737: PHP 5.2.6 with suhosin 0.9.6.2 causes bus errors
sean finney
seanius at debian.org
Wed Jul 2 19:53:50 UTC 2008
and hello again,
i can report back that making a similar change in the third place seems to
have resolved the FTBFS problems.
Stefan, attached you will find a patch against the patch. since this may be
hard to read i've also attached it in interdiff format, which should be a
little easier for the eyes :)
sean
On Tuesday 01 July 2008 08:34:47 am sean finney wrote:
> hi everyone,
>
> i just ran a build last night with the modified patch, which unfortunately
> failed. *however*, it failed later than before, and looking at the crash
> it looks like there's at least a third place where unaligned access is
> occurring:
>
> (gdb) run
> Starting program: /home/seanius/php5-5.2.6/cgi-build/sapi/cli/php
> [Thread debugging using libthread_db enabled]
> [New Thread 0xf7f92f60 (LWP 31508)]
>
> Program received signal SIGBUS, Bus error.
> [Switching to Thread 0xf7f92f60 (LWP 31508)]
> _zend_mm_free_int (heap=0x5085c0, p=0xf75c4030)
> at /home/seanius/php5-5.2.6/Zend/zend_alloc.c:2018
> 2018 SUHOSIN_MM_CHECK_CANARIES(mm_block, "efree()");
>
> and the relevant code:
>
> +# define SUHOSIN_MM_CHECK_CANARIES(block, MFUNCTION) do { \
> + size_t *p = SUHOSIN_MM_END_CANARY_PTR(block), check; \
> + if (((block)->info.canary_1 != heap->canary_1) ||
> ((block)->info
> .canary_2 != heap->canary_2)) { \
> + canary_mismatch: \
> + zend_suhosin_log(S_MEMORY, "canary mismatch on " MFUNCTION " -
> heap
> overflow detected"); \
> + exit(1); \
> + } \
> + memcpy(&check, p, CANARY_SIZE); \
>
> so in other words a char* from the previously modified macro is being
> assigned to the size_t *p, which is then possibly not aligned and passed to
> memcpy. i'll try changing these to a char * too and see if it makes any
> difference.
>
>
> br,
> sean
-------------- next part --------------
A non-text attachment was scrubbed...
Name: suhosin.patch.patch
Type: text/x-diff
Size: 1194 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-php-maint/attachments/20080702/ac63bd27/attachment-0001.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: suhosin.patch.interdiff
Type: text/x-diff
Size: 1105 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-php-maint/attachments/20080702/ac63bd27/attachment-0001.diff
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://lists.alioth.debian.org/pipermail/pkg-php-maint/attachments/20080702/ac63bd27/attachment-0001.pgp
More information about the pkg-php-maint
mailing list