Date: Sun, 27 Sep 2009 15:20:37 GMT From: Michael Powell <nightrecon@hotmail.com> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/139189: Update of PHP-5.2.10 to 5.2.11 breaks CLI and FastCGI Message-ID: <200909271520.n8RFKbAE054471@www.freebsd.org> Resent-Message-ID: <200909271530.n8RFU1EX010804@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 139189 >Category: ports >Synopsis: Update of PHP-5.2.10 to 5.2.11 breaks CLI and FastCGI >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Sep 27 15:30:01 UTC 2009 >Closed-Date: >Last-Modified: >Originator: Michael Powell >Release: 7.2-RELEASE >Organization: none >Environment: FreeBSD testbed.test.zip 7.2-RELEASE-p1 FreeBSD 7.2-RELEASE-p1 #0: Tue Jun 16 12:08:35 EDT 2009 root@testbed.test.zip:/usr/obj/usr/src/sys/kernel_1 i386 >Description: A portupgrade -a of PHP-5.2.10 to 5.2.11 can cause CLI and FastCGI PHP breakage. This entails building with previously established and working make config options. Simply executing php -v at a prompt will return this error: Sep 26 12:15:42 testbed suhosin[48982]: ALERT - canary mismatch on efree() - heap overflow detected (attacker 'REMOTE_ADDR not set', file 'unknown') At first it appears to be a problem with the Suhosin patch, as rebuilding PHP without Suhosin seems to fix the problem. Upon further investigation the problem is actually a clash between the Suhosin patch and the Mailhead patch. Note the Suhosin patch is suhosin-patch-5.2.11-0.9.7.patch.gz while the Mailheader patch is php-5.2.10-mail-header.patch. Since the default config has the Mailheader patch switched "off" in the Makefile, this will not normally produce this error. This occurred as I had previously selected both options in previous builds. Both Apache and lighttpd web servers are running PHP as FastCGI with mod_fcgid, so it is unknown if this also affects mod_php5. >How-To-Repeat: When performing a "make config" in lang/php5 if both Suhosin and Mailheader options are chosen this will produce the problem, in addition to the CLI, CGI, and FastCGI options. >Fix: Build PHP without the Mailheader patch, which is the default. Do not build with Suhosin and Mailheader both enabled. Possibly consider removing the mailheader patch from the Makefile until such time as the two can be utilized together as in the past. >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200909271520.n8RFKbAE054471>