Skip to content

PHP crashes on Windows when an inexistent filename is executed #10692

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
liviuconcioiu opened this issue Feb 24, 2023 · 1 comment
Closed

PHP crashes on Windows when an inexistent filename is executed #10692

liviuconcioiu opened this issue Feb 24, 2023 · 1 comment
Labels
Bug OS: Windows SAPI: cgi Status: Needs Triage

Comments

@liviuconcioiu
Copy link

Description

PHP crashes on Windows, when an inexistent filename is executed in browser.

Example: http://127.0.0.1/inexistent-folder/inexistent-file.php

Faulting application name: php-cgi.exe, version: 8.2.3.0, time stamp: 0x63eb5a8b
Faulting module name: php8.dll, version: 8.2.3.0, time stamp: 0x63eb6101
Exception code: 0xc0000005
Fault offset: 0x0000000000003b37
Faulting process id: 0x6090
Faulting application start time: 0x01d94884c1fed67c
Faulting application path: z:\nginx\php\php-cgi.exe
Faulting module path: z:\nginx\php\php8.dll
Report Id: c82a009c-e357-4b6e-9e66-f59834f57cef
Faulting package full name: 
Faulting package-relative application ID:

DebugDiag Analysis Report

php-cgi.exe_230224_201849_MultipleRules.zip

PHP Version

PHP 8.2.3

Operating System

Windows 10
@nielsdos
Copy link
Member

nielsdos commented Feb 25, 2023
edited
Loading

I can reproduce this. It's trying to free an uninitialized pointer when php_fopen_primary_script fails and fastcgi==true. I'll work on a fix.

nielsdos added a commit to nielsdos/php-src that referenced this issue Feb 25, 2023
@nielsdos
Fix phpGH-10692: PHP crashes on Windows when an inexistent filename i…
53f49f0 
…s executed

Fixes phpGH-10692

php_fopen_primary_script() does not initialize all fields of
zend_file_handle. So when it fails and when fastcgi is true, the
zend_destroy_file_handle() function will try to free uninitialized
pointers, causing a segmentation fault. Fix it by zero-initializing file
handles just like the zend_stream_init_fp() counterpart does.
@nielsdos nielsdos mentioned this issue Feb 25, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug OS: Windows SAPI: cgi Status: Needs Triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@devnexen @nielsdos @liviuconcioiu