[php-maint] Bug#574610: php5-xmlrpc: xmlrpc buildin system.multiCall segfaults when calling user defined function

Robbert Muller spam.me at grols.ch
Fri Mar 19 10:48:35 UTC 2010 

Package: php5-xmlrpc
Version: 5.2.6.dfsg.1-1+lenny8
Severity: important

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

the xmlrpc_server segfaults when calling the buildin function system.multiCall on a user defined function.
build-in functions like system.listMethods work fine

it seems that this bug was already reported and fixed in php
see http://bugs.php.net/bug.php?id=27446

source:
<?php

function foo () { return "bar"; }

$server = xmlrpc_server_create  ();
$single = xmlrpc_encode_request('foo', array() );

$multi = xmlrpc_encode_request('system.multiCall', array(
        array(
                        array ( 'methodName' => 'foo' , 'params' => array() ),
                ) ) );

xmlrpc_server_register_method($server,'foo','foo');
var_dump ( xmlrpc_server_call_method ( $server , $single, null ) );
var_dump ( xmlrpc_server_call_method ( $server , $multi,  null ) );

?>

backtrace from gdb:
[Switching to Thread 0xb781f6d0 (LWP 5441)]
0x082c6556 in zend_call_function (fci=0xbf9ca920, fci_cache=0x0) at /tmp/buildd/php5-5.2.6.dfsg.1/Zend/zend_execute_API.c:696
696     /tmp/buildd/php5-5.2.6.dfsg.1/Zend/zend_execute_API.c: No such file or directory.
        in /tmp/buildd/php5-5.2.6.dfsg.1/Zend/zend_execute_API.c
(gdb) bt
#0  0x082c6556 in zend_call_function (fci=0xbf9ca920, fci_cache=0x0) at /tmp/buildd/php5-5.2.6.dfsg.1/Zend/zend_execute_API.c:696
#1  0x082c7b0c in call_user_function_ex (function_table=0x9889878, object_pp=0x0, function_name=0x0, retval_ptr_ptr=0xbf9ca988, 
    param_count=<error type>, params=0x99fcae8, no_separation=1, symbol_table=0x0)
    at /tmp/buildd/php5-5.2.6.dfsg.1/Zend/zend_execute_API.c:640
#2  0x082c7b8b in call_user_function (function_table=0x9889878, object_pp=0x0, function_name=0x0, retval_ptr=0x99fc128, 
    param_count=<error type>, params=0xbf9ca9c0) at /tmp/buildd/php5-5.2.6.dfsg.1/Zend/zend_execute_API.c:613
#3  0xb6a22e30 in php_xmlrpc_callback (server=0x9a2c860, xRequest=0x9a2cce0, data=0xbf9caaa4)
    at /tmp/buildd/php5-5.2.6.dfsg.1/ext/xmlrpc/xmlrpc-epi-php.c:873
#4  0xb6a2abb9 in XMLRPC_ServerCallMethod (server=0x9a2c860, request=0x9a2cce0, userData=0xbf9caaa4)
    at /tmp/buildd/php5-5.2.6.dfsg.1/ext/xmlrpc/libxmlrpc/xmlrpc.c:2553
#5  0xb6a2635a in xsm_system_multicall_cb (server=0x9a2c860, input=0x9a2c970, userData=0xbf9caaa4)
    at /tmp/buildd/php5-5.2.6.dfsg.1/ext/xmlrpc/libxmlrpc/system_methods.c:337
#6  0xb6a2abb9 in XMLRPC_ServerCallMethod (server=0x9a2c860, request=0x9a2c970, userData=0xbf9caaa4)
    at /tmp/buildd/php5-5.2.6.dfsg.1/ext/xmlrpc/libxmlrpc/xmlrpc.c:2553
#7  0xb6a22a6d in zif_xmlrpc_server_call_method (ht=3, return_value=0x99fbd08, return_value_ptr=0x0, this_ptr=0x0, 
    return_value_used=1) at /tmp/buildd/php5-5.2.6.dfsg.1/ext/xmlrpc/xmlrpc-epi-php.c:1081
#8  0x0830d933 in zend_do_fcall_common_helper_SPEC (execute_data=0xbf9cad3c)
    at /tmp/buildd/php5-5.2.6.dfsg.1/Zend/zend_vm_execute.h:200
#9  0x082f8dc0 in execute (op_array=0x99fafbc) at /tmp/buildd/php5-5.2.6.dfsg.1/Zend/zend_vm_execute.h:92
#10 0x082d3500 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /tmp/buildd/php5-5.2.6.dfsg.1/Zend/zend.c:1215
#11 0x08289423 in php_execute_script (primary_file=0xbf9cd10c) at /tmp/buildd/php5-5.2.6.dfsg.1/main/main.c:2028
#12 0x08356981 in main (argc=2, argv=0xbf9cd1f4) at /tmp/buildd/php5-5.2.6.dfsg.1/sapi/cli/php_cli.c:1146


- -- System Information:
Debian Release: 5.0.4
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.29-bpo.2-686 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash

Versions of packages php5-xmlrpc depends on:
ii  libapache2-mod-php 5.2.6.dfsg.1-1+lenny8 server-side, HTML-embedded scripti
ii  libc6              2.7-18lenny2          GNU C Library: Shared libraries
ii  libxml2            2.6.32.dfsg-5+lenny1  GNOME XML library
ii  php5-cgi [phpapi-2 5.2.6.dfsg.1-1+lenny8 server-side, HTML-embedded scripti
ii  php5-cli [phpapi-2 5.2.6.dfsg.1-1+lenny8 command-line interpreter for the p
ii  php5-common        5.2.6.dfsg.1-1+lenny8 Common files for packages built fr

php5-xmlrpc recommends no packages.

php5-xmlrpc suggests no packages.

- -- no debconf information

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkujVoAACgkQ3twlWS9jQkXgLQCfWn33ayheGTZQyxcvqLkhyjkk
YAgAn2S+QGNP1urF6j1xTUCirIrc8A5S
=1CQw
-----END PGP SIGNATURE-----

More information about the pkg-php-maint mailing list