Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:43922 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 86095 invoked from network); 14 May 2009 02:00:14 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 14 May 2009 02:00:14 -0000 Authentication-Results: pb1.pair.com header.from=tstarling@wikimedia.org; sender-id=unknown Authentication-Results: pb1.pair.com smtp.mail=tstarling@wikimedia.org; spf=permerror; sender-id=unknown Received-SPF: error (pb1.pair.com: domain wikimedia.org from 66.111.4.25 cause and error) X-PHP-List-Original-Sender: tstarling@wikimedia.org X-Host-Fingerprint: 66.111.4.25 out1.smtp.messagingengine.com Received: from [66.111.4.25] ([66.111.4.25:44655] helo=out1.smtp.messagingengine.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id A7/ED-27038-D2B7B0A4 for ; Wed, 13 May 2009 22:00:14 -0400 Received: from compute1.internal (compute1.internal [10.202.2.41]) by out1.messagingengine.com (Postfix) with ESMTP id 3016B346022 for ; Wed, 13 May 2009 22:00:09 -0400 (EDT) Received: from heartbeat1.messagingengine.com ([10.202.2.160]) by compute1.internal (MEProxy); Wed, 13 May 2009 22:00:09 -0400 X-Sasl-enc: i+pgQsHpia+5blC8ZDJA6Bb4i2v0XKRE4bHlRgsvFyDI 1242266408 Received: from [192.168.0.103] (CPE-144-136-114-224.nsw.bigpond.net.au [144.136.114.224]) by mail.messagingengine.com (Postfix) with ESMTPSA id EAF4ED644 for ; Wed, 13 May 2009 22:00:07 -0400 (EDT) Message-ID: <4A0B7B23.1080506@wikimedia.org> Date: Thu, 14 May 2009 12:00:03 +1000 User-Agent: Thunderbird 2.0.0.21 (X11/20090409) MIME-Version: 1.0 To: internals Mailing List X-Enigmail-Version: 0.95.7 OpenPGP: id=BF976370 Content-Type: multipart/mixed; boundary="------------040206040308080802030304" Subject: [PATCH] Bug #48256 readline crash From: tstarling@wikimedia.org (Tim Starling) --------------040206040308080802030304 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit The readline extension links both libreadline and libhistory. This is unnecessary, and inspection of the readline example programs since version 2.0 implies that it has always been unnecessary. Both libraries include history.o, so linking to both gives you two copies of that module. The bug occurs when, due to operating system vagaries, libhistory loads before libreadline. This causes PHP's readline_add_history() to add history entries to libhistory's copy of the_history. Then when readline() is called, libreadline attempts to read the other copy of the_history. The result is a null pointer dereference in libreadline's previous_history() function. The solution is to remove all references to libhistory in ext/readline/config.m4. I have patched this in and tested it. This bug was closed as "bogus" on bugs.php.net due to some temporary short-circuit in the mind of a bug tracker admin. It's totally PHP's fault and there's nothing any distro can do to fix it. -- Tim Starling --------------040206040308080802030304 Content-Type: text/x-patch; name="fix-php-readline.patch" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="fix-php-readline.patch" Index: ext/readline/config.m4 =================================================================== RCS file: /repository/php-src/ext/readline/config.m4,v retrieving revision 1.25.2.3 diff -u -r1.25.2.3 config.m4 --- ext/readline/config.m4 28 Nov 2005 23:04:01 -0000 1.25.2.3 +++ ext/readline/config.m4 13 May 2009 06:06:13 -0000 @@ -50,15 +50,6 @@ -L$READLINE_DIR/$PHP_LIBDIR $PHP_READLINE_LIBS ]) - PHP_CHECK_LIBRARY(history, add_history, - [ - PHP_ADD_LIBRARY_WITH_PATH(history, $READLINE_DIR/$PHP_LIBDIR, READLINE_SHARED_LIBADD) - ], [ - AC_MSG_ERROR(history library required by readline not found) - ], [ - -L$READLINE_DIR/$PHP_LIBDIR $PHP_READLINE_LIBS - ]) - AC_DEFINE(HAVE_LIBREADLINE, 1, [ ]) elif test "$PHP_LIBEDIT" != "no"; then --------------040206040308080802030304--