PHP 5.2.6 zend_alloc.c crash

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1052578 漏洞类型
发布时间 2008-08-07 更新时间 2008-08-07
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2008080031
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
Let's see

# uname -a
OpenBSD cxib.laptop 4.3 CXKERNEL#0 i386
# export ZEND_MM_SEG_SIZE=8
# php -r 'phpinfo();'
Segmentation fault (core dumped)
# export ZEND_MM_SEG_SIZE=8
# gdb -q php
(gdb) r
Starting program: /usr/local/bin/php

Program received signal SIGSEGV, Segmentation fault.
0x00000000 in ?? ()
(gdb) bt
#0 0x00000000 in ?? ()
#1 0x1c1d3198 in zend_error (type=1,
...
0x1c1d3192 <zend_error+122>: call *0x3c0dc934
0x1c1d3198 <zend_error+128>: add $0x20,%esp
(gdb) x/10x 0x3c0dc934
0x3c0dc934 <zend_error_cb>: 0x00000000 0x00000000 0x00000000 0x00000000
0x3c0dc944 <zval_used_for_init+8>: 0x00000000 0x00000000 0x00000000 0x00000000
0x3c0dc954 <zval_used_for_init+24>: 0x00000000 0x00000000


It dosent have a security impact.

Credit: Maksymilian Arciemowicz