PHP :: Bug #81298 :: mb_detect_encoding() segfaults when 7bit encoding is specified

Bug #81298mb_detect_encoding() segfaults when 7bit encoding is specified
Submitted:2021-07-26 09:13 UTCModified:2021-07-28 08:01 UTC
From:alec@php.netAssigned:
Status:ClosedPackage:Reproducible crash
PHP Version:8.1Git-2021-07-26 (Git)OS:Linux
Private report:NoCVE-ID:None
View Add Comment Developer Edit
 [2021-07-26 09:13 UTC] alec@php.net
Description:
------------
Sorry for incomplete information. I hope someone could help me to find out more about this issue.

For https://github.com/roundcube/roundcubemail I just enabled Github Actions tests on PHP 8.1 and I got a core dump. I'm not sure this is Github or PHP's segfault.

I do not have a local PHP 8.1 installation to test with yet, so maybe someone would like to run the tests locally to verify.

Here's the raw log from the GA run: https://pipelines.actions.githubusercontent.com/u0loR6uBKIBHqKHhv0hTP4yFrcdLnLzpWEg6qJMnMYCKI8ovYJ/_apis/pipelines/1/runs/418/signedlogcontent/6?urlExpires=2021-07-26T09%3A11%3A08.4028855Z&urlSigningMethod=HMACV1&urlSignature=jdCF19d3rUDCj%2FFF66ORYaUssVkTBh1vJpkIe3ey1yY%3D


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2021-07-28 07:58 UTC] nikic@php.net
-Status: Open +Status: Verified
 [2021-07-28 07:58 UTC] nikic@php.net
Program received signal SIGSEGV, Segmentation fault.
0x0000555555a8b584 in mbfl_encoding_detector_new (elist=0x7ffff14f6600, 
    elistsz=81, strict=0)
    at /home/nikic/php/php-src/ext/mbstring/libmbfl/mbfl/mbfilter.c:321
321			identd->filter_list[i]->opaque = (void*)0;
(gdb) bt
#0  0x0000555555a8b584 in mbfl_encoding_detector_new (elist=0x7ffff14f6600, 
    elistsz=81, strict=0)
    at /home/nikic/php/php-src/ext/mbstring/libmbfl/mbfl/mbfilter.c:321
#1  0x0000555555a8ba63 in mbfl_identify_encoding (string=0x7fffffffa200, 
    elist=0x7ffff14f6600, elistsz=81, strict=0)
    at /home/nikic/php/php-src/ext/mbstring/libmbfl/mbfl/mbfilter.c:460
#2  0x0000555555a62097 in zif_mb_detect_encoding (execute_data=0x7ffff341c9d0, 
    return_value=0x7ffff341c990)
    at /home/nikic/php/php-src/ext/mbstring/mbstring.c:2719
 [2021-07-28 08:00 UTC] nikic@php.net
Reduced:

var_dump(mb_detect_encoding("foobar", "7bit"));
 [2021-07-28 08:01 UTC] nikic@php.net
-Summary: Core dump on PHP 8.1 +Summary: mb_detect_encoding() segfaults when 7bit encoding is specified
 [2021-07-28 08:12 UTC] git@php.net
Automatic comment on behalf of nikic
Revision: https://github.com/php/php-src/commit/9d0db2e98aa8ef90205a9257a96c26a01a7159bf
Log: Fixed bug #81298
 [2021-07-28 08:12 UTC] git@php.net
-Status: Verified +Status: Closed

本文来源于: https://bugs.php.net/bug.php?id=81298

相关推荐

PlugwalkJoe Does the Perp Walk - Security Boulevard

Joseph “PlugwalkJoe” O’Connor, in a photo from a paid press release on Sept. 02, 2020, pitching him as a trustworthy cry

Elasticsearch ECE 7.13.3 - Anonymous Database Dump - Multiple webapps Exploit

GHDB

Leawo Prof. Media 11.0.0.1 - Denial of Service (DoS) (PoC) - Windows dos Exploit

GHDB

NoteBurner 2.35 - Denial Of Service (DoS) (PoC) - Windows webapps Exploit

GHDB

XOS Shop 1.0.9 - 'Multiple' Arbitrary File Deletion (Authenticated) - PHP webapps Exploit

GHDB

从今年强网杯的一道学习vm - 安全客,安全资讯平台

robots 概述 vm的题目在CTF的比赛中是一种很常见的题型,一般的做法都是找到其指令执行过程中自定义的指令的解释程序的一些漏洞(如溢出,offset_by_null等)在理解每条指令意义的前提下通过构造一个程序来触发漏洞实现提权。而今

关于JDK7u21 Gadgets两个问题的探讨 - 安全客,安全资讯平台

robots 最近在分析JDK7u21的Gadgets,有两个不解之处,阅读前辈们的文章发 现并未提起: 1.为什么有的POC入口是LinkedHashSet,有的是HashSet,两个都可以触发吗? 2.关于map.put("f5a5a6

fail2ban - Remote Code Execution - research.securitum.com

This article is about the recently published security advisory for a pretty popular software – fail2ban (CVE-2021-32749)

赢 1000 元现金红包!助力奥运,猜金银牌数赢现金 - FreeBuf网络安全行业门户

第 32 届夏季奥林匹克运动会,2020 东京奥运会,已经于 2021 年 7 月 23 日在日本东京奥林匹克体育场开幕啦! 不知道大家有没有关注呢?二狗子可是准点守着电脑打开了直播的!虽然东京奥运会简直是一波三折,先是因为疫情被迫延期了一

全国移动App第二季度安全研究报告 - 安全客,安全资讯平台

robots 近日,移动互联网系统与应用安全国家工程实验室(以下简称:国家工程实验室)、中国信息通信研究院安全研究所(以下简称:信通院)、北京智游网安科技有限公司(爱加密)三方联合发布了《全国移动App第二季度安全研究报告》。 本次报告内容