From owner-freebsd-ports-bugs@FreeBSD.ORG Sun Sep 27 15:30:02 2009 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2A16E1065695 for ; Sun, 27 Sep 2009 15:30:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 064E58FC1F for ; Sun, 27 Sep 2009 15:30:02 +0000 (UTC) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n8RFU1oM010808 for ; Sun, 27 Sep 2009 15:30:01 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n8RFU1EX010804; Sun, 27 Sep 2009 15:30:01 GMT (envelope-from gnats) Resent-Date: Sun, 27 Sep 2009 15:30:01 GMT Resent-Message-Id: <200909271530.n8RFU1EX010804@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Michael Powell Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EFB04106566B for ; Sun, 27 Sep 2009 15:20:37 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21]) by mx1.freebsd.org (Postfix) with ESMTP id DDBB78FC25 for ; Sun, 27 Sep 2009 15:20:37 +0000 (UTC) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.14.3/8.14.3) with ESMTP id n8RFKbxY054472 for ; Sun, 27 Sep 2009 15:20:37 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.14.3/8.14.3/Submit) id n8RFKbAE054471; Sun, 27 Sep 2009 15:20:37 GMT (envelope-from nobody) Message-Id: <200909271520.n8RFKbAE054471@www.freebsd.org> Date: Sun, 27 Sep 2009 15:20:37 GMT From: Michael Powell To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Cc: Subject: ports/139189: Update of PHP-5.2.10 to 5.2.11 breaks CLI and FastCGI X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Sep 2009 15:30:02 -0000 >Number: 139189 >Category: ports >Synopsis: Update of PHP-5.2.10 to 5.2.11 breaks CLI and FastCGI >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Sep 27 15:30:01 UTC 2009 >Closed-Date: >Last-Modified: >Originator: Michael Powell >Release: 7.2-RELEASE >Organization: none >Environment: FreeBSD testbed.test.zip 7.2-RELEASE-p1 FreeBSD 7.2-RELEASE-p1 #0: Tue Jun 16 12:08:35 EDT 2009 root@testbed.test.zip:/usr/obj/usr/src/sys/kernel_1 i386 >Description: A portupgrade -a of PHP-5.2.10 to 5.2.11 can cause CLI and FastCGI PHP breakage. This entails building with previously established and working make config options. Simply executing php -v at a prompt will return this error: Sep 26 12:15:42 testbed suhosin[48982]: ALERT - canary mismatch on efree() - heap overflow detected (attacker 'REMOTE_ADDR not set', file 'unknown') At first it appears to be a problem with the Suhosin patch, as rebuilding PHP without Suhosin seems to fix the problem. Upon further investigation the problem is actually a clash between the Suhosin patch and the Mailhead patch. Note the Suhosin patch is suhosin-patch-5.2.11-0.9.7.patch.gz while the Mailheader patch is php-5.2.10-mail-header.patch. Since the default config has the Mailheader patch switched "off" in the Makefile, this will not normally produce this error. This occurred as I had previously selected both options in previous builds. Both Apache and lighttpd web servers are running PHP as FastCGI with mod_fcgid, so it is unknown if this also affects mod_php5. >How-To-Repeat: When performing a "make config" in lang/php5 if both Suhosin and Mailheader options are chosen this will produce the problem, in addition to the CLI, CGI, and FastCGI options. >Fix: Build PHP without the Mailheader patch, which is the default. Do not build with Suhosin and Mailheader both enabled. Possibly consider removing the mailheader patch from the Makefile until such time as the two can be utilized together as in the past. >Release-Note: >Audit-Trail: >Unformatted: