Debian Bug report logs - #411982
Unregistered OpenSSL callbacks cause segfault when php5-curl and php5-pgsql are installed

version graph

Package: libpq5; Maintainer for libpq5 is Debian PostgreSQL Maintainers <pkg-postgresql-public@lists.alioth.debian.org>; Source for libpq5 is src:postgresql-9.3.

Reported by: Pirity Tamas Gabor <ptg@apaczai.elte.hu>

Date: Thu, 22 Feb 2007 17:54:05 UTC

Severity: normal

Tags: confirmed, fixed-upstream, patch, security, upstream, wontfix

Found in versions postgresql-8.3/8.3.16-0lenny1, postgresql-8.3/8.3.7-0lenny1

Fixed in versions postgresql-8.4/8.4.9-0squeeze1~bpo50+1, postgresql-8.3/8.3.10-0lenny1, postgresql-8.4/8.4.0-1

Done: Martin Pitt <mpitt@debian.org>

Bug is archived. No further changes may be made.

Forwarded to http://bugs.php.net/bug.php?id=40926

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#411982; Package php5. Full text and rfc822 format available.

Acknowledgement sent to Pirity Tamas Gabor <ptg@apaczai.elte.hu>:
New Bug report received and forwarded. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Pirity Tamas Gabor <ptg@apaczai.elte.hu>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: php5 makes a segmentation fault when php5-curl and php5-pgsql installed
Date: Thu, 22 Feb 2007 15:54:29 +0100
Package: php5
Severity: normal

Hi,

1st very sorry for my poor english, maybe you will understand me.


I use php5 for administering data in a postgres database. When php5-curl
package installed and i use tcp port to connect to the db server, then at the
and of running script php dumps core with ,,segmentation fault'' message.
This is an example, with a very-very short script:

pc22:/home/ptg/php# cat db.php
#!/usr/bin/php5
<?php
$host="host=localhost"; ## with $host=""; it works, but I have to use
## ,,tcp port connect'' to the ,,real'' db server, only with ,,test server''
## possible to go on with ,,unix socket'' type conn.

$dbconn=pg_connect($host." dbname=****** user=*** password=********")
  or die("I cannot connect to server.");
print "Connected... ";
pg_close($dbconn);
print "Disconnected.\n";
?>

pc22:/home/ptg/php# php db.php
Connected... Disconnected.
Segmentation fault (core dumped)
pc22:/home/ptg/php# 


Funny, but if i uninstall php5-curl(!!) package (some ,,strace time'' helped
me), everything works fine:

pc22:/home/ptg/php# dpkg --purge php5-curl

(Reading database ... 151030 files and directories currently installed.)
Removing php5-curl ...
Purging configuration files for php5-curl ...
pc22:/home/ptg/php# php db.php
Connected... Disconnected.
pc22:/home/ptg/php#

I can't understand what the problem is, just i like to use php5-curl
_and_ php5-pgsql package.


-- System Information:
Debian Release: 4.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.19
Locale: LANG=hu_HU, LC_CTYPE=hu_HU (charmap=ISO-8859-2) (ignored: LC_ALL set to hu_HU)



Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#411982; Package php5. Full text and rfc822 format available.

Acknowledgement sent to grobh@up.ac.za:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #10 received at 411982@bugs.debian.org (full text, mbox):

From: Hans Grobler <hans.grobler@up.ac.za>
To: 411982@bugs.debian.org
Subject: Re: php5 makes a segmentation fault when php5-curl
Date: Sat, 10 Mar 2007 08:13:17 +0200
Subject: php5: Segmentation fault in CURL module
Package: php5
Version: 5.2.0-8
Severity: important

*** Please type your report below this line ***

I have encountered a similar problem. In my case, the bug was triggered
by the moodle cron script. Note the cron script completes, the segfault
happens whilst the php5 interpreter is terminating. It appears there is
a bug in the curl module, see attached backtrace:

Core was generated by `/usr/bin/php
-f /usr/share/moodle/admin/cron.php'.
Program terminated with signal 11, Segmentation fault.
#0  0xf74672f0 in ?? ()
(gdb) bt
#0  0xf74672f0 in ?? ()
#1  0xf7b8cfa5 in CRYPTO_lock ()
from /usr/lib/i686/cmov/libcrypto.so.0.9.8
#2  0xf7bf8f4f in ERR_set_implementation ()
from /usr/lib/i686/cmov/libcrypto.so.0.9.8
#3  0xf7bfa77a in ERR_free_strings ()
from /usr/lib/i686/cmov/libcrypto.so.0.9.8
#4  0xf7948c47 in curl_slist_free_all () from /usr/lib/libcurl.so.3
#5  0xf7959b80 in curl_getdate () from /usr/lib/libcurl.so.3
#6  0xf7951d9f in curl_global_cleanup () from /usr/lib/libcurl.so.3
#7  0xf79676b7 in zm_shutdown_curl () from /usr/lib/php5/20060613
+lfs/curl.so
#8  0x082a436e in module_destructor ()
#9  0x082aa5a8 in zend_hash_quick_find ()
#10 0x082aa847 in zend_hash_graceful_reverse_destroy ()
#11 0x082a09cc in zend_shutdown ()
#12 0x0825b885 in php_module_shutdown ()
#13 0x0832ed18 in main ()

-- System Information:
Debian Release: 4.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-3-amd64
Locale: LANG=en_ZA, LC_CTYPE=en_ZA (charmap=ISO-8859-1)

Versions of packages php5 depends on:
ii  libapache2-mod-php5           5.2.0-8    server-side, HTML-embedded
scripti
ii  php5-common                   5.2.0-8    Common files for packages
built fr

php5 recommends no packages.

-- no debconf information
                                     




Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#411982; Package php5. Full text and rfc822 format available.

Acknowledgement sent to grobh@up.ac.za:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #15 received at 411982@bugs.debian.org (full text, mbox):

From: Hans Grobler <hans.grobler@up.ac.za>
To: 411982@bugs.debian.org
Subject: Most likely related to bug #395996
Date: Sat, 10 Mar 2007 08:26:14 +0200
I see now that there is another similar bug registered, #395996, which
is marked as unreproducible. That bug includes a more detailed backtrace
and clearly indicates a locking problem in the CURL module.




Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#411982; Package php5. Full text and rfc822 format available.

Acknowledgement sent to sean finney <seanius@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #20 received at 411982@bugs.debian.org (full text, mbox):

From: sean finney <seanius@debian.org>
To: grobh@up.ac.za, 411982@bugs.debian.org
Subject: Re: [php-maint] Bug#411982: php5 makes a segmentation fault when php5-curl
Date: Sat, 10 Mar 2007 18:30:46 +0100
[Message part 1 (text/plain, inline)]
hi hans,

i'm still unable to reproduce this problem.  can you give me:

- your list of installed/configured php extensions (php.ini and conf.d/*.ini)
- package versions for libssl*, libcurl*, libssl*

and maybe we can take things from there.  also, could you check to see
if this problem is in the latest version of the php packages?  if
you're using etch a new version was recently uploaded to
testing-proposed-updates that contains security fixes you'll want anyways :)


	sean

[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#411982; Package php5. Full text and rfc822 format available.

Acknowledgement sent to sean finney <seanius@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #25 received at 411982@bugs.debian.org (full text, mbox):

From: sean finney <seanius@debian.org>
To: Pirity Tamas Gabor <ptg@apaczai.elte.hu>, 411982@bugs.debian.org
Subject: Re: [php-maint] Bug#411982: php5 makes a segmentation fault when php5-curl and php5-pgsql installed
Date: Sat, 10 Mar 2007 18:51:18 +0100
[Message part 1 (text/plain, inline)]
hi pirity,

On Thu, 2007-02-22 at 15:54 +0100, Pirity Tamas Gabor wrote:
> 
> 1st very sorry for my poor english, maybe you will understand me.

well we could try in magyar, but then i don't think we'd get very far at
all :)

i just sent a followup to this bug about 15 minutes ago.  could you
provide the same information i requested from the other user?  also,
what version of php5* are you using?


thanks
	sean

[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#411982; Package php5. Full text and rfc822 format available.

Acknowledgement sent to grobh@up.ac.za:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #30 received at 411982@bugs.debian.org (full text, mbox):

From: Hans Grobler <hans.grobler@up.ac.za>
To: sean finney <seanius@debian.org>
Cc: 411982@bugs.debian.org
Subject: Re: [php-maint] Bug#411982: php5 makes a segmentation fault when php5-curl
Date: Sat, 10 Mar 2007 20:38:49 +0200
[Message part 1 (text/plain, inline)]
Hi Sean,

On Sat, 2007-03-10 at 18:30 +0100, sean finney wrote:
> hi hans,
> 
> i'm still unable to reproduce this problem.  can you give me:
> 
> - your list of installed/configured php extensions (php.ini and conf.d/*.ini)
> - package versions for libssl*, libcurl*, libssl*
> 
> and maybe we can take things from there.  also, could you check to see
> if this problem is in the latest version of the php packages?  if
> you're using etch a new version was recently uploaded to
> testing-proposed-updates that contains security fixes you'll want anyways :)

Yes, I'm running the latest Etch with all updates installed. I see there
is a new version that is pending and I should have that installed the
moment it becomes available on our local archive (however, it does not
appear that the update affects curl). Below and attached is the current
information requested.

Regards,
-- Hans

libcurl3       7.15.5-1
libssl-dev     0.9.8c-4      
libssl0.9.8    0.9.8c-4      
php5           5.2.0-8 
php5-cli       5.2.0-8 
php5-common    5.2.0-8 
php5-curl      5.2.0-8 
php5-dev       5.2.0-8 
php5-gd        5.2.0-8 
php5-mcrypt    5.2.0-8 
php5-mysql     5.2.0-8 
php5-pgsql     5.2.0-8 
php5-xsl       5.2.0-8 












[etcphp5.tar.bz2 (application/x-bzip-compressed-tar, attachment)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#411982; Package php5. Full text and rfc822 format available.

Acknowledgement sent to grobh@up.ac.za:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #35 received at 411982@bugs.debian.org (full text, mbox):

From: Hans Grobler <hans.grobler@up.ac.za>
To: sean finney <seanius@debian.org>
Cc: 411982@bugs.debian.org
Subject: Re: [php-maint] Bug#411982: php5 makes a segmentation fault when php5-curl
Date: Sun, 11 Mar 2007 12:28:51 +0200
[Message part 1 (text/plain, inline)]
On Sun, 2007-03-11 at 10:58 +0100, sean finney wrote:
> correct, there are no changes in the pending version of php that affect
> curl, but my thought was that perhaps the problem is a "transient" one
> resulting from building against a bad version of some library, which
> might be fix by a simple rebuild.  however, i can't reproduce the
> problem you're having by installing the old version of
> php5/libcurl3/libssl0.9.8, so i'm not sure where to go from here.  i'll
> see if anyone else has ideas.  in the meantime, could you send me the
> full output of "dpkg -l | grep ^ii", so i can see if it's some other
> seemingly unrelated package that's doing it?

See attached. I vaguely remember seeing this problem when this was a
sarge machine as well. As another test, I removed the php5-curl module
and now the moodle script runs without problems. So the problem is
triggered by the curl module as suspected. One thing to mention is that
I'm using Kerberos... and since libcurl links against libkrb5, it might
be that libcurl contains Kerberos related bugs... ?

However, after adding the debugging libraries, no Kerberos calls appear
in the backtrace (see below).

Regards,
-- Hans

(gdb) bt
#0  0xf74932f0 in ?? ()
#1  0xf7bb8fa5 in CRYPTO_lock (mode=9, type=1, file=0xf7c9ca13 "err.c",
line=353) at cryptlib.c:489
#2  0xf7c24f4f in int_err_del () at err.c:353
#3  0xf7c2677a in ERR_free_strings () at err.c:672
#4  0xf7974c47 in Curl_ossl_cleanup () at ../../../lib/ssluse.c:580
#5  0xf7985b80 in Curl_ssl_cleanup () at ../../../lib/sslgen.c:185
#6  0xf797dd9f in curl_global_cleanup () at ../../../lib/easy.c:294
#7  0xf79936b7 in zm_shutdown_curl () from /usr/lib/php5/20060613
+lfs/curl.so
#8  0x082a436e in module_destructor ()
#9  0x082aa5a8 in zend_hash_quick_find ()
#10 0x082aa847 in zend_hash_graceful_reverse_destroy ()
#11 0x082a09cc in zend_shutdown ()
#12 0x0825b885 in php_module_shutdown ()
#13 0x0832ed18 in main ()

[dpkg.list.bz2 (application/x-bzip, attachment)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#411982; Package php5. Full text and rfc822 format available.

Acknowledgement sent to sean finney <seanius@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #40 received at 411982@bugs.debian.org (full text, mbox):

From: sean finney <seanius@debian.org>
To: grobh@up.ac.za
Cc: 411982@bugs.debian.org
Subject: Re: [php-maint] Bug#411982: php5 makes a segmentation fault when php5-curl
Date: Sun, 11 Mar 2007 10:58:58 +0100
[Message part 1 (text/plain, inline)]
hi hans,

On Sat, 2007-03-10 at 20:38 +0200, Hans Grobler wrote:
> Yes, I'm running the latest Etch with all updates installed. I see there
> is a new version that is pending and I should have that installed the
> moment it becomes available on our local archive (however, it does not
> appear that the update affects curl). Below and attached is the current
> information requested.

correct, there are no changes in the pending version of php that affect
curl, but my thought was that perhaps the problem is a "transient" one
resulting from building against a bad version of some library, which
might be fix by a simple rebuild.  however, i can't reproduce the
problem you're having by installing the old version of
php5/libcurl3/libssl0.9.8, so i'm not sure where to go from here.  i'll
see if anyone else has ideas.  in the meantime, could you send me the
full output of "dpkg -l | grep ^ii", so i can see if it's some other
seemingly unrelated package that's doing it?


thanks


	sean

[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#411982; Package php5. Full text and rfc822 format available.

Acknowledgement sent to sean finney <seanius@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #45 received at 411982@bugs.debian.org (full text, mbox):

From: sean finney <seanius@debian.org>
To: grobh@up.ac.za
Cc: 411982@bugs.debian.org
Subject: Re: [php-maint] Bug#411982: php5 makes a segmentation fault when php5-curl
Date: Sun, 11 Mar 2007 19:26:57 +0100
[Message part 1 (text/plain, inline)]
hi hans,

On Sun, 2007-03-11 at 12:28 +0200, Hans Grobler wrote:
> 
> See attached. I vaguely remember seeing this problem when this was a
> sarge machine as well. As another test, I removed the php5-curl module
> and now the moodle script runs without problems. So the problem is
> triggered by the curl module as suspected. One thing to mention is that
> I'm using Kerberos... and since libcurl links against libkrb5, it might
> be that libcurl contains Kerberos related bugs... ?

hrm... i can't reproduce this, even when i set up an etch chroot with
everything in your dpkg output installed (minus a few non-debian
packages that were probablly not related).  how about your pam/libnss
configuration?  also, it's a major pain to get moodle set up to test
this, could you provide a smaller self-contained script that also
exhibits this behaviour?  perhaps a small script that uses curl/ssl or
maybe postgres features just enough to tickle the bug?

fwiw, these are the packages i could not/did not install in the test
chroot.  besides the linux-image stuff, the dell stuff, and some local
configuration-looking packages, i saw some older packages no longer
available in etch.  you might want to see what's in those packages, if
any of them have shared libraries could you share their contents?

debupeece-nssldap-config
debupeece-nsswitch-config
debupeece-ntp-config
dellomsa
gnu-efi
libapache2-mod-authnz-external
libc6-amd64
libc6-i686
libdns21
libgnutls11
libtasn1-2
linux-headers-2.6.18-3
linux-image-2.6-686
linux-image-2.6.18-3-amd64
linux-image-2.6.18-4-686
linux-image-2.6.18-4-amd64
localization-config
megacli
pwauth
python2.3



thanks,
	sean
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#411982; Package php5. Full text and rfc822 format available.

Acknowledgement sent to grobh@up.ac.za:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #50 received at 411982@bugs.debian.org (full text, mbox):

From: Hans Grobler <hans.grobler@up.ac.za>
To: sean finney <seanius@debian.org>
Cc: 411982@bugs.debian.org
Subject: Re: [php-maint] Bug#411982: php5 makes a segmentation fault when php5-curl
Date: Sun, 18 Mar 2007 10:10:17 +0200
On Sun, 2007-03-11 at 19:26 +0100, sean finney wrote:
> hrm... i can't reproduce this, even when i set up an etch chroot with
> everything in your dpkg output installed (minus a few non-debian
> packages that were probablly not related).  how about your pam/libnss
> configuration?  also, it's a major pain to get moodle set up to test
> this, could you provide a smaller self-contained script that also
> exhibits this behaviour?  perhaps a small script that uses curl/ssl or
> maybe postgres features just enough to tickle the bug?

I have updated to the latest packages (including those of php5) and the
segfault remains. On my system, only the moodle cron script triggers
this bug. Other test scripts do not produce this. However, I have not
tried with php-postgres included, although that does seem to be needed
given that the moodle script accesses a postgresql database.

> fwiw, these are the packages i could not/did not install in the test
> chroot.  besides the linux-image stuff, the dell stuff, and some local
> configuration-looking packages, i saw some older packages no longer
> available in etch.  you might want to see what's in those packages, if
> any of them have shared libraries could you share their contents?

I have removed all unnecessary packages and the problem remains. The
remaining packages are unrelated and do not show up in the shared
library dependency list of the core file produced. 

Regards,
-- Hans





Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#411982; Package php5. Full text and rfc822 format available.

Acknowledgement sent to Jordi Mallach <jordi@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #55 received at 411982@bugs.debian.org (full text, mbox):

From: Jordi Mallach <jordi@debian.org>
To: 411982@bugs.debian.org
Cc: Hans Grobler <hans.grobler@up.ac.za>
Subject: I can reproduce this as well
Date: Mon, 19 Mar 2007 02:28:29 +0100
[Message part 1 (text/plain, inline)]
Hi,

I recently upgraded my etch server to php5, and used the opportunity to
get rid of any php module I didn't know for sure I needed. So in the
end, it was libapache2-mod-php5, php5-gd and php5-pgsql.

Drupal's cron.php ran as expected until one user whined about the lack
of php-curl. Oh well, seconds later he got it installed.

Some time later I notice cron mails every hour, with a php segmentation
fault. I've finally tracked it down to php5-curl to be the culprit, and
then found this bug report. (there was a postgresql 7.4 -> 8.1 and major
drupal upgrades involved, so I wasn't really sure until I got a gdb
backtrace)

If I can provide with any additional info, I'll happily do so.

Jordi
-- 
Jordi Mallach Pérez  --  Debian developer     http://www.debian.org/
jordi@sindominio.net     jordi@debian.org     http://www.sindominio.net/
GnuPG public key information available at http://oskuro.net/
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#411982; Package php5. Full text and rfc822 format available.

Acknowledgement sent to sean finney <seanius@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #60 received at 411982@bugs.debian.org (full text, mbox):

From: sean finney <seanius@debian.org>
To: Jordi Mallach <jordi@debian.org>, 411982@bugs.debian.org
Cc: Hans Grobler <hans.grobler@up.ac.za>
Subject: Re: [php-maint] Bug#411982: I can reproduce this as well
Date: Wed, 21 Mar 2007 23:23:55 +0100
[Message part 1 (text/plain, inline)]
hi,

funny enough i was talking to a friend who was having the same problem,
and he gave me a script i could use to reproduce it.

installing php5-pgsql and php5-curl and postgresql-8.1, and running the
following script from the cmdline gets me segfaults:

<?php

mb_internal_encoding("UTF-8");

$conn_string = "host=localhost dbname=data user=user password=pword";
$dbconn = pg_connect($conn_string);
$query = "SELECT count(1) FROM table";
$result = pg_query($dbconn, $query);
pg_close($dbconn);

?>


note that the postgres server has to be running to get the problem to
reveal itself.  the backtrace points to libssl/libcrypto via curl via
Curl_ossl_shutdown, though i can't see why that should fail.  i guess
tomorrow i get to build/install debug php package and see if anything
funny shows up :/


	sean
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#411982; Package php5. Full text and rfc822 format available.

Acknowledgement sent to sean finney <seanius@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #65 received at 411982@bugs.debian.org (full text, mbox):

From: sean finney <seanius@debian.org>
To: 411982 <411982@bugs.debian.org>
Cc: Pirity Tamas Gabor <ptg@apaczai.elte.hu>, Hans Grobler <hans.grobler@up.ac.za>, Jordi Mallach <jordi@debian.org>, Laurent Bonnaud <Laurent.Bonnaud@inpg.fr>
Subject: a workaround maybe?
Date: Thu, 22 Mar 2007 19:41:05 +0100
[Message part 1 (text/plain, inline)]
hey folks,

(hi laurent, i'm cc'ing you because i think this may be the same bug)

i have a workaround i'd like all of you to try.  this might seem wierd,
but please humor me :)

- open up /etc/php5/conf.d/pgsql.ini and comment out the extension= line
  so it says:

#extension=pgsql.so

- open up /etc/php5/conf.d/curl.ini and put the extension you just
  removed before the line for curl:

extension=pgsql.so
extension=curl.so


and tell me if you still get the errors?


still looking for the cause...


	sean
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#411982; Package php5. Full text and rfc822 format available.

Acknowledgement sent to sean finney <seanius@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #70 received at 411982@bugs.debian.org (full text, mbox):

From: sean finney <seanius@debian.org>
To: 411982 <411982@bugs.debian.org>
Subject: more information
Date: Fri, 23 Mar 2007 00:52:41 +0100
[Message part 1 (text/plain, inline)]
it seems that the problem is between curl and libpq, and the bystanders
in php seem to be innocent victims.  

from libpq's be-secure.c:

/*
 *      Close SSL connection.
 */
static void
close_SSL(Port *port)
{
        if (port->ssl)
        {
                SSL_shutdown(port->ssl);
                SSL_free(port->ssl);


from curl's ssluse.c:


/* Global cleanup */
void Curl_ossl_cleanup(void)
{
  /* Free the SSL error strings */
  ERR_free_strings();


from php's backtrace:

(gdb) bt
#0  0x00002b71ee8889a0 in ?? ()
#1  0x00002b71edf446df in int_err_del () at err.c:353
#2  0x00002b71ee4e9ef9 in Curl_ossl_cleanup ()
at ../../../lib/ssluse.c:580
#3  0x00002b71ee4f93e2 in Curl_ssl_cleanup ()
at ../../../lib/sslgen.c:185
#4  0x00002b71ee4f2233 in curl_global_cleanup ()
at ../../../lib/easy.c:294
#5  0x00002b71ee3a3699 in zm_shutdown_curl (type=9, module_number=1)
    at /tmp/buildd/php5-5.2.0/ext/curl/interface.c:668
...


in the case that no postgres server is running the libpq SSL_free() is
never called, and no segfault happens.  from the manpage for SSL_free():

 SSL_free() also calls the free()ing procedures for indirectly affected
 items, if applicable: the buffering BIO, the read and write BIOs,
 cipher lists specially created for this ssl, the SSL_SESSION.  Do not
 explicitly free these indirectly freed up items before or after calling
 SSL_free(), as trying to free things twice may lead to program failure.

i'm not sure if the error strings cound as "indirectly freed up items"
or not, but it seems to be part of the problem anyway.  i'll bring this
to a wider audience tomorrow to see if someone who knows more about
sharing libssl between multiple libraries has anything to say.



	sean
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#411982; Package php5. Full text and rfc822 format available.

Acknowledgement sent to Philipp Wollermann <philipp@igowo.de>:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #75 received at 411982@bugs.debian.org (full text, mbox):

From: Philipp Wollermann <philipp@igowo.de>
To: 411982@bugs.debian.org
Subject: still segmentation fault
Date: Sat, 12 May 2007 22:12:46 +0200
Hello,

this bug also occurs on my system (lenny) using php5-cli 5.2.0-10 with
php5-pgsql and php5-curl installed.

To reproduce, simply create a php file "test.php"

#!/usr/bin/php
<?php
  $db = pg_connect("host=localhost dbname=xyz user=xyz password=xyz");
?>

# php ./test.php
Segmentation fault.

When I disable the curl extension, it works perfectly. How can I help to
fix this issue? :)

Regards,
Philipp Wollermann





Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#411982; Package php5. Full text and rfc822 format available.

Acknowledgement sent to sean finney <seanius@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #80 received at 411982@bugs.debian.org (full text, mbox):

From: sean finney <seanius@debian.org>
To: Philipp Wollermann <philipp@igowo.de>, 411982@bugs.debian.org
Cc: control <control@bugs.debian.org>
Subject: Re: [php-maint] Bug#411982: still segmentation fault
Date: Sat, 12 May 2007 22:33:35 +0200
[Message part 1 (text/plain, inline)]
forwarded 411982 http://bugs.php.net/bug.php?id=40926
thanks

hi,

On Sat, 2007-05-12 at 22:12 +0200, Philipp Wollermann wrote:
> 
> When I disable the curl extension, it works perfectly. How can I help to
> fix this issue? :)

i've told the php devs about this some time ago but i don't think
they've come up with a solution yet.  i guess i forgot to add the
mention of it to the BTS, so, there it is above.

in the meantime, the workaround if you need both extensions loaded is to
load them in the reverse order as mentioned in the BR.



thanks,
	sean
[signature.asc (application/pgp-signature, inline)]

Noted your statement that Bug has been forwarded to http://bugs.php.net/bug.php?id=40926. Request was from sean finney <seanius@debian.org> to control@bugs.debian.org. (Sat, 12 May 2007 20:36:03 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#411982; Package php5. Full text and rfc822 format available.

Acknowledgement sent to Matthias van der Vlies <matthias@hephaistos.mserver.nl>:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #87 received at 411982@bugs.debian.org (full text, mbox):

From: Matthias van der Vlies <matthias@hephaistos.mserver.nl>
To: Debian Bug Tracking System <411982@bugs.debian.org>
Subject: php5-pgsql: Segmentation fault with postgresql and php5
Date: Sun, 25 Nov 2007 20:28:49 +0100
Package: php5-pgsql
Version: 5.2.0-8+etch7
Followup-For: Bug #411982


When using the following code:

<?php

// Connecting, selecting database
$dbconn = pg_connect("host=localhost dbname=db user=usr password=pass")
    or die('Could not connect: ' . pg_last_error());

// Performing SQL query
$query = 'SELECT * FROM hosts';
$result = pg_query($query) or die('Query failed: ' . pg_last_error());

// Printing results in HTML
echo "<table>\n";
while ($line = pg_fetch_array($result, null, PGSQL_ASSOC)) {
    print_r($line);
}
echo "</table>\n";

// Free resultset
pg_free_result($result);

// Closing connection
pg_close($dbconn);
?>

This is the output:

<table>
</table>
Segmentation fault

matthias@hephaistos:~/scripts/mserver.nl$ gdb --args /usr/bin/php transformer.php

(gdb) run
Starting program: /usr/bin/php transformer.php
Failed to read a valid object file image from memory.
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
[Thread debugging using libthread_db enabled]
[New Thread -1215231072 (LWP 3045)]
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
---Type <return> to continue, or q <return> to quit---
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
<table>
</table>


Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1215231072 (LWP 3045)]
0xb74bb2f0 in ?? ()




-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-5-486
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages php5-pgsql depends on:
ii  libapache2-mod-php5 [p 5.2.0-8+etch7     server-side, HTML-embedded scripti
ii  libc6                  2.3.6.ds1-13etch2 GNU C Library: Shared libraries
ii  libpq4                 8.1.9-0etch1      PostgreSQL C client library
ii  php5-cli [phpapi-20060 5.2.0-8+etch7     command-line interpreter for the p
ii  php5-common            5.2.0-8+etch7     Common files for packages built fr

php5-pgsql recommends no packages.

-- no debconf information




Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#411982; Package php5. Full text and rfc822 format available.

Acknowledgement sent to Steve Langasek <vorlon@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #92 received at 411982@bugs.debian.org (full text, mbox):

From: Steve Langasek <vorlon@debian.org>
To: Matthias van der Vlies <matthias@hephaistos.mserver.nl>, 411982@bugs.debian.org
Subject: Re: [php-maint] Bug#411982: php5-pgsql: Segmentation fault with postgresql and php5
Date: Sun, 25 Nov 2007 12:42:36 -0800
On Sun, Nov 25, 2007 at 08:28:49PM +0100, Matthias van der Vlies wrote:
> Program received signal SIGSEGV, Segmentation fault.
> [Switching to Thread -1215231072 (LWP 3045)]
> 0xb74bb2f0 in ?? ()

Please provide a backtrace, running gdb until php crashes tells us nothing.

-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
vorlon@debian.org                                   http://www.debian.org/




Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#411982; Package php5. Full text and rfc822 format available.

Acknowledgement sent to sean finney <seanius@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #97 received at 411982@bugs.debian.org (full text, mbox):

From: sean finney <seanius@debian.org>
To: pkg-php-maint@lists.alioth.debian.org, Steve Langasek <vorlon@debian.org>, 411982@bugs.debian.org
Cc: Matthias van der Vlies <matthias@hephaistos.mserver.nl>, control@bugs.debian.org
Subject: Re: [php-maint] Bug#411982: Bug#411982: php5-pgsql: Segmentation fault with postgresql and php5
Date: Sun, 25 Nov 2007 22:27:17 +0100
[Message part 1 (text/plain, inline)]
merge 411982 405067
thanks

hi,

the above bug report has the story...


	sean
[signature.asc (application/pgp-signature, inline)]

Forcibly Merged 405067 411982. Request was from sean finney <seanius@debian.org> to control@bugs.debian.org. (Sun, 25 Nov 2007 21:51:08 GMT) Full text and rfc822 format available.

Forcibly Merged 405067 411982 487283. Request was from Raphael Geissert <atomo64@gmail.com> to control@bugs.debian.org. (Fri, 20 Jun 2008 21:21:11 GMT) Full text and rfc822 format available.

Disconnected #411982 from all other report(s). Request was from Raphael Geissert <atomo64@gmail.com> to control@bugs.debian.org. (Tue, 26 Aug 2008 19:12:05 GMT) Full text and rfc822 format available.

Bug reassigned from package `php5' to `php5-pgsql'. Request was from Raphael Geissert <atomo64@gmail.com> to control@bugs.debian.org. (Tue, 26 Aug 2008 20:03:10 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#411982; Package php5-pgsql. (Sat, 21 Feb 2009 13:12:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to leen@kalmar6.net:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. (Sat, 21 Feb 2009 13:12:04 GMT) Full text and rfc822 format available.

Message #110 received at 411982@bugs.debian.org (full text, mbox):

From: Leen Besselink <leen@kalmar6.net>
To: 411982@bugs.debian.org
Subject: similair problem in Lenny
Date: Sat, 21 Feb 2009 14:08:51 +0100
Hi,

If I make a small script like this on an up to date AMD64 Lenny/Stable:

<?php

	$dst = pg_connect ('host=localhost dbname=somedb user=postgres');

	var_dump ($dst);

	pg_close ($dst);

?>

Then the output is this:

$ php5 -q -f import.php
resource(4) of type (pgsql link)
Segmentation fault

dmesg shows something like this:

[45267.728748] php5[7739]: segfault at 7f0e214bbac0 ip 7f0e214bbac0 sp 7fff338a2c68 error 14 in libtasn1.so.3.0.15[7f0e26699000+f000]

Only on the commandline, not in Apache2-prefork (judging by the error.log and dmesg output).

It does not fault when I replace above similair statement with (sslmode was added) as below:

	$dst = pg_connect ('host=localhost dbname=somedb user=postgres sslmode=disable');

It also does not fault when I move curl.ini outside the /etc/php5/conf.d/

I hope this gives you more information to solve this problem.

And I hope this documents the problem as much as possible with the two workarounds.

Have a nice day,
   Leen Besselink.




Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#411982; Package php5-pgsql. (Wed, 25 Mar 2009 14:24:05 GMT) Full text and rfc822 format available.

Acknowledgement sent to Patrice Pillot <patrice.pillot@toulouse.archi.fr>:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. (Wed, 25 Mar 2009 14:24:05 GMT) Full text and rfc822 format available.

Message #115 received at 411982@bugs.debian.org (full text, mbox):

From: Patrice Pillot <patrice.pillot@toulouse.archi.fr>
To: 411982@bugs.debian.org
Subject: Re: php5 makes a segmentation fault when php5-curl
Date: Wed, 25 Mar 2009 15:22:28 +0100
Hi,

As I too experienced this problem today I made some web search and came
across those two pages :
http://bugs.php.net/bug.php?id=40926
http://archives.postgresql.org/pgsql-committers/2008-12/msg00037.php

That point to a PostGRESQL fix for 8.4+ versions (or maybe a backpatch
before that if we get lucky).

The easiest workaround seems to make sure that psql module is loaded
first (I for one just mv pgsql.ini 0pgsql.ini).

HTH

pp




Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#411982; Package php5-pgsql. (Mon, 20 Apr 2009 07:48:05 GMT) Full text and rfc822 format available.

Acknowledgement sent to <peter.hofer@ics.at>:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. (Mon, 20 Apr 2009 07:48:05 GMT) Full text and rfc822 format available.

Message #120 received at 411982@bugs.debian.org (full text, mbox):

From: "Peter Hofer" <peter.hofer@ics.at>
To: <411982@bugs.debian.org>
Subject: Just 4 Info - a workaround
Date: Mon, 20 Apr 2009 09:54:48 +0200
If you load pgsql.so BEFORE you load curl.so PHP will work fine 

( mv /etc/php5/conf.d/curl.ini /etc/php5/conf.d/z_curl.ini 

Regards 

Peter 

(Works on Etch + Lenny) 





Tags added: fixed-upstream Request was from bts-link-upstream@lists.alioth.debian.org to control@bugs.debian.org. (Mon, 20 Jul 2009 20:15:07 GMT) Full text and rfc822 format available.

Bug reassigned from package 'php5-pgsql' to 'libpq5'. Request was from Ondřej Surý <ondrej@sury.org> to control@bugs.debian.org. (Wed, 13 Jan 2010 12:18:06 GMT) Full text and rfc822 format available.

Bug Marked as found in versions postgresql-8.3/8.3.7-0lenny1. Request was from Ondřej Surý <ondrej@sury.org> to control@bugs.debian.org. (Wed, 13 Jan 2010 12:18:07 GMT) Full text and rfc822 format available.

Added indication that 411982 affects php5-pgsql Request was from Ondřej Surý <ondrej@sury.org> to control@bugs.debian.org. (Wed, 13 Jan 2010 12:18:07 GMT) Full text and rfc822 format available.

Added tag(s) patch. Request was from Ondřej Surý <ondrej@sury.org> to control@bugs.debian.org. (Wed, 13 Jan 2010 12:18:08 GMT) Full text and rfc822 format available.

Bug Marked as fixed in versions postgresql-8.4/8.4.0-1. Request was from Ondřej Surý <ondrej@sury.org> to control@bugs.debian.org. (Wed, 13 Jan 2010 12:18:08 GMT) Full text and rfc822 format available.

Information stored :
Bug#411982; Package libpq5. (Wed, 13 Jan 2010 12:18:11 GMT) Full text and rfc822 format available.

Acknowledgement sent to Ondřej Surý <ondrej@sury.org>:
Extra info received and filed, but not forwarded. (Wed, 13 Jan 2010 12:18:11 GMT) Full text and rfc822 format available.

Message #137 received at 411982-quiet@bugs.debian.org (full text, mbox):

From: Ondřej Surý <ondrej@sury.org>
To: Martin Pitt <mpitt@debian.org>, 411982-quiet@bugs.debian.org
Cc: control@bugs.debian.org
Subject: #411982: php5 makes a segmentation fault when php5-curl and php5-pgsql installed
Date: Wed, 13 Jan 2010 13:17:06 +0100
[Message part 1 (text/plain, inline)]
reassign 411982 libpq5 8.3.7-0lenny1
affects 411982 +php5-pgsql
tag 411982 +upstream patch
forwarded 411982
http://archives.postgresql.org/pgsql-committers/2008-12/msg00037.php
fixed 411982 8.4.0-1
notfixed 411982 8.3.7-0lenny1
thank you

Hi Martin,

could you please backport patch available at forwarded address (patch
adapted to 8.3 is attached) to postgresql-8.3 spu? It's quite annoying
bug for users using php5-pgsql + php5-curl together.

Thank you,
-- 
Ondřej Surý <ondrej@sury.org>
http://blog.rfc1925.org/
[debbug411982.patch (text/x-patch, attachment)]

Changed Bug title to 'Unregistered OpenSSL callbacks cause segfault when' from 'php5 makes a segmentation fault when php5-curl and php5-pgsql installed' Request was from Ondřej Surý <ondrej@sury.org> to control@bugs.debian.org. (Wed, 13 Jan 2010 12:24:02 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Martin Pitt <mpitt@debian.org>:
Bug#411982; Package libpq5. (Thu, 28 Jan 2010 14:03:14 GMT) Full text and rfc822 format available.

Acknowledgement sent to Thorsten Glaser <t.glaser@tarent.de>:
Extra info received and forwarded to list. Copy sent to Martin Pitt <mpitt@debian.org>. (Thu, 28 Jan 2010 14:03:14 GMT) Full text and rfc822 format available.

Message #144 received at 411982@bugs.debian.org (full text, mbox):

From: Thorsten Glaser <t.glaser@tarent.de>
To: control@bugs.debian.org
Cc: 411982@bugs.debian.org
Subject: Unregistered OpenSSL callbacks cause segfault when php5-curl and php5-pgsql are installed
Date: Thu, 28 Jan 2010 14:23:40 +0100 (CET)
affects 411982 +php5-curl
retitle 411982 Unregistered OpenSSL callbacks cause segfault when php5-curl and php5-pgsql are installed
clone 411982 -1
reassign -1 libpq4 8.1.19-0etch1
notfixed -1 8.1.19-0etch1
thanks

Hi all,

please consider an opu for this as well; I ran into
it today.

┌──┤ Reduced testcase (mksh):
│$ print '<?php $d=pg_connect("host=localhost dbname=x user=x password=x");?>' | php
│
│Warning: pg_connect(): Unable to connect to PostgreSQL server: FATAL:  password authentication failed for user "x" in /- on line 1
│Segmentation fault (core dumped)
└──

Apparently, authentication isn’t even needed to succeed.

The workaround (cd /etc/php5/cgi/conf.d && mv curl.ini z_curl.ini) does
indeed “fix” the problem for us, though. (This is for the archives, so
that others can use the system productively until the opu is there.)

Thanks,
//mirabilos
-- 
«MyISAM tables -will- get corrupted eventually. This is a fact of life. »
“mysql is about as much database as ms access” – “MSSQL at least descends
from a database” “it's a rebranded SyBase” “MySQL however was born from a
flatfile and went downhill from there” – “at least jetDB doesn’t claim to
be a database”	(#nosec)    ‣‣‣ Please let MySQL and MariaDB finally die!




Added indication that 411982 affects php5-curl Request was from Thorsten Glaser <t.glaser@tarent.de> to control@bugs.debian.org. (Thu, 28 Jan 2010 14:03:18 GMT) Full text and rfc822 format available.

Changed Bug title to 'Unregistered OpenSSL callbacks cause segfault when php5-curl and php5-pgsql are installed' from 'Unregistered OpenSSL callbacks cause segfault when' Request was from Thorsten Glaser <t.glaser@tarent.de> to control@bugs.debian.org. (Thu, 28 Jan 2010 14:03:18 GMT) Full text and rfc822 format available.

Bug 411982 cloned as bug 567330. Request was from Thorsten Glaser <t.glaser@tarent.de> to control@bugs.debian.org. (Thu, 28 Jan 2010 14:03:18 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Martin Pitt <mpitt@debian.org>:
Bug#411982; Package libpq5. (Thu, 28 Jan 2010 14:09:06 GMT) Full text and rfc822 format available.

Acknowledgement sent to Thorsten Glaser <tg@mirbsd.de>:
Extra info received and forwarded to list. Copy sent to Martin Pitt <mpitt@debian.org>. (Thu, 28 Jan 2010 14:09:06 GMT) Full text and rfc822 format available.

Message #155 received at 411982@bugs.debian.org (full text, mbox):

From: Thorsten Glaser <tg@mirbsd.de>
To: control@bugs.debian.org
Cc: 411982@bugs.debian.org
Subject: Unregistered OpenSSL callbacks cause segfault when php5-curl and php5-pgsql are installed
Date: Thu, 28 Jan 2010 14:06:06 +0000 (UTC)
affects 411982 +php5-curl
retitle 411982 Unregistered OpenSSL callbacks cause segfault when php5-curl and php5-pgsql are installed
clone 411982 -1
reassign -1 libpq4 8.1.19-0etch1
notfixed -1 8.1.19-0etch1
thanks

Hi all,

please consider an opu for this as well; I ran into
it today.

┌──┤ Reduced testcase (mksh):
│$ print '<?php $d=pg_connect("host=localhost dbname=x user=x password=x");?>' | php
│
│Warning: pg_connect(): Unable to connect to PostgreSQL server: FATAL:  password authentication failed for user "x" in /- on line 1
│Segmentation fault (core dumped)
└──

Apparently, authentication isn’t even needed to succeed.

The workaround (cd /etc/php5/cgi/conf.d && mv curl.ini z_curl.ini) does
indeed “fix” the problem for us, though. (This is for the archives, so
that others can use the system productively until the opu is there.)

Thanks,
//mirabilos
-- 
«MyISAM tables -will- get corrupted eventually. This is a fact of life. »
“mysql is about as much database as ms access” – “MSSQL at least descends
from a database” “it's a rebranded SyBase” “MySQL however was born from a
flatfile and went downhill from there” – “at least jetDB doesn’t claim to
be a database”  (#nosec)    ‣‣‣ Please let MySQL and MariaDB finally die!




Request was from Thorsten Glaser <tg@mirbsd.de> to control@bugs.debian.org. (Thu, 28 Jan 2010 14:09:07 GMT) Full text and rfc822 format available.

Bug 411982 cloned as bug 567332. Request was from Thorsten Glaser <tg@mirbsd.de> to control@bugs.debian.org. (Thu, 28 Jan 2010 14:09:08 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#411982; Package libpq5. (Sun, 31 Jan 2010 22:45:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Martin Pitt <mpitt@debian.org>:
Extra info received and forwarded to list. (Sun, 31 Jan 2010 22:45:03 GMT) Full text and rfc822 format available.

Message #164 received at 411982@bugs.debian.org (full text, mbox):

From: Martin Pitt <mpitt@debian.org>
To: Thorsten Glaser <t.glaser@tarent.de>, 411982@bugs.debian.org
Subject: Re: Bug#411982: Unregistered OpenSSL callbacks cause segfault when php5-curl and php5-pgsql are installed
Date: Sun, 31 Jan 2010 14:43:43 -0800
Hello Thorsten,

Thorsten Glaser [2010-01-28 14:23 +0100]:
> reassign -1 libpq4 8.1.19-0etch1
> notfixed -1 8.1.19-0etch1
>
> please consider an opu for this as well; I ran into
> it today.

I won't fix that for etch any more. Etch users have lived with it for
many years, and it will go end of life in two months anyway.

I'll do a lenny update soon, though.

Martin

-- 
Martin Pitt                        | http://www.piware.de
Ubuntu Developer (www.ubuntu.com)  | Debian Developer  (www.debian.org)




Added indication that bug 411982 blocks 568266 Request was from Simon Josefsson <simon@josefsson.org> to control@bugs.debian.org. (Wed, 03 Feb 2010 16:09:05 GMT) Full text and rfc822 format available.

Added indication that bug 411982 blocks 522228 Request was from Simon Josefsson <simon@josefsson.org> to control@bugs.debian.org. (Mon, 15 Mar 2010 20:06:04 GMT) Full text and rfc822 format available.

Added tag(s) pending. Request was from Martin Pitt <martin.pitt@ubuntu.com> to control@bugs.debian.org. (Thu, 18 Mar 2010 09:24:02 GMT) Full text and rfc822 format available.

Removed tag(s) pending. Request was from Martin Pitt <mpitt@debian.org> to control@bugs.debian.org. (Thu, 18 Mar 2010 09:36:03 GMT) Full text and rfc822 format available.

Information stored :
Bug#411982; Package libpq5. (Thu, 18 Mar 2010 09:36:07 GMT) Full text and rfc822 format available.

Acknowledgement sent to Martin Pitt <mpitt@debian.org>:
Extra info received and filed, but not forwarded. (Thu, 18 Mar 2010 09:36:08 GMT) Full text and rfc822 format available.

Message #177 received at 411982-quiet@bugs.debian.org (full text, mbox):

From: Martin Pitt <mpitt@debian.org>
To: Ondřej Surý <ondrej@sury.org>
Cc: 411982-quiet@bugs.debian.org, control@bugs.debian.org
Subject: Re: #411982: php5 makes a segmentation fault when php5-curl and php5-pgsql installed
Date: Thu, 18 Mar 2010 10:34:54 +0100
tag 411982 -pending

Hello Ondřej,

Ondřej Surý [2010-01-13 13:17 +0100]:
> could you please backport patch available at forwarded address (patch
> adapted to 8.3 is attached) to postgresql-8.3 spu? It's quite annoying
> bug for users using php5-pgsql + php5-curl together.

Thanks for doing this! But the patch doesn't build:

gcc -g -O2 -g -Wall -O2 -fPIC -Wall -Wmissing-prototypes -Wpointer-arith -Winline -Wdeclaration-after-statement -Wendif-labels -fno-strict-aliasing -fwrapv -g -pthread  -D_REENTRANT -D_THREAD_SAFE -D_POSIX_PTHREAD_SEMANTICS -fpic -DFRONTEND -DUNSAFE_STAT_OK -I. -I../../../src/include -D_GNU_SOURCE -I/usr/include/libxml2  -I/usr/include/tcl8.5 -I../../../src/port  -c -o fe-secure.o fe-secure.c
fe-secure.c: In function ‘destroy_ssl_system’:
fe-secure.c:994: error: ‘pqlockarray’ undeclared (first use in this function)
fe-secure.c:994: error: (Each undeclared identifier is reported only once
fe-secure.c:994: error: for each function it appears in.)

Did that work for you magically?

This also hasn't been approved by upstream yet for backpatching, but
it's out there for a while now, so I'm fine with having it in
lenny-updates.

Martin
-- 
Martin Pitt                        | http://www.piware.de
Ubuntu Developer (www.ubuntu.com)  | Debian Developer  (www.debian.org)




Information stored :
Bug#411982; Package libpq5. (Thu, 18 Mar 2010 10:51:13 GMT) Full text and rfc822 format available.

Acknowledgement sent to Ondřej Surý <ondrej@sury.org>:
Extra info received and filed, but not forwarded. (Thu, 18 Mar 2010 10:51:13 GMT) Full text and rfc822 format available.

Message #182 received at 411982-quiet@bugs.debian.org (full text, mbox):

From: Ondřej Surý <ondrej@sury.org>
To: Martin Pitt <mpitt@debian.org>
Cc: 411982-quiet@bugs.debian.org
Subject: Re: #411982: php5 makes a segmentation fault when php5-curl and php5-pgsql installed
Date: Thu, 18 Mar 2010 11:41:49 +0100
Hi Martin,

On Thu, Mar 18, 2010 at 10:34, Martin Pitt <mpitt@debian.org> wrote:
> tag 411982 -pending
>
> Hello Ondřej,
>
> Ondřej Surý [2010-01-13 13:17 +0100]:
>> could you please backport patch available at forwarded address (patch
>> adapted to 8.3 is attached) to postgresql-8.3 spu? It's quite annoying
>> bug for users using php5-pgsql + php5-curl together.
>
> Thanks for doing this! But the patch doesn't build:
>
> gcc -g -O2 -g -Wall -O2 -fPIC -Wall -Wmissing-prototypes -Wpointer-arith -Winline -Wdeclaration-after-statement -Wendif-labels -fno-strict-aliasing -fwrapv -g -pthread  -D_REENTRANT -D_THREAD_SAFE -D_POSIX_PTHREAD_SEMANTICS -fpic -DFRONTEND -DUNSAFE_STAT_OK -I. -I../../../src/include -D_GNU_SOURCE -I/usr/include/libxml2  -I/usr/include/tcl8.5 -I../../../src/port  -c -o fe-secure.o fe-secure.c
> fe-secure.c: In function ‘destroy_ssl_system’:
> fe-secure.c:994: error: ‘pqlockarray’ undeclared (first use in this function)
> fe-secure.c:994: error: (Each undeclared identifier is reported only once
> fe-secure.c:994: error: for each function it appears in.)
>
> Did that work for you magically?

To tell the truth - I don't really remember.

But I have checked postgresql-8.4 and it looks like you can safely
remove those two lines with pqlockarray, since it's not present in
postgresql-8.4.

> This also hasn't been approved by upstream yet for backpatching, but
> it's out there for a while now, so I'm fine with having it in
> lenny-updates.

I will check what happened with pqlockarray in git (after it downloads
to my machine), just to be sure that nothing bad happens.

Ondrej.
-- 
Ondřej Surý <ondrej@sury.org>
http://blog.rfc1925.org/




Information stored :
Bug#411982; Package libpq5. (Thu, 18 Mar 2010 11:21:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Ondřej Surý <ondrej@sury.org>:
Extra info received and filed, but not forwarded. (Thu, 18 Mar 2010 11:21:03 GMT) Full text and rfc822 format available.

Message #187 received at 411982-quiet@bugs.debian.org (full text, mbox):

From: Ondřej Surý <ondrej@sury.org>
To: Martin Pitt <mpitt@debian.org>
Cc: 411982-quiet@bugs.debian.org
Subject: Re: Bug#411982: #411982: php5 makes a segmentation fault when php5-curl and php5-pgsql installed
Date: Thu, 18 Mar 2010 12:19:03 +0100
Hi,

> I will check what happened with pqlockarray in git (after it downloads
> to my machine), just to be sure that nothing bad happens.

I have analyzed it in upstream 8.4 and there is two possible solutions:

1) fix typo pqlockarray is really pq_lockarray (and remove comment
about not freeing it). Cleaner, doesn't leak memory, but adds overhead
of creating mutex array every time ssl connection is initated.

2) remove those two lines with pqlockarray in destroy_ssl_system
altogher. Leaks little memory (only once per process), but reuses
mutex array for next ssl connection. And it's the upstream solution.

Should I prepare you the patch (I recommend going the upstream way -
ie removing pqlockarray lines from the patch). Sorry for sending patch
with mistake.

Ondrej
-- 
Ondřej Surý <ondrej@sury.org>
http://blog.rfc1925.org/




Information stored :
Bug#411982; Package libpq5. (Thu, 18 Mar 2010 14:36:06 GMT) Full text and rfc822 format available.

Acknowledgement sent to Martin Pitt <mpitt@debian.org>:
Extra info received and filed, but not forwarded. (Thu, 18 Mar 2010 14:36:07 GMT) Full text and rfc822 format available.

Message #192 received at 411982-quiet@bugs.debian.org (full text, mbox):

From: Martin Pitt <mpitt@debian.org>
To: Ondřej Surý <ondrej@sury.org>
Cc: 411982-quiet@bugs.debian.org
Subject: Re: Bug#411982: #411982: php5 makes a segmentation fault when php5-curl and php5-pgsql installed
Date: Thu, 18 Mar 2010 15:34:26 +0100
Hello Ondřej,

Ondřej Surý [2010-03-18 12:19 +0100]:
> 2) remove those two lines with pqlockarray in destroy_ssl_system
> altogher. Leaks little memory (only once per process), but reuses
> mutex array for next ssl connection. And it's the upstream solution.

Sounds good, and less disruptive for a stable update.

> Should I prepare you the patch (I recommend going the upstream way -
> ie removing pqlockarray lines from the patch).

That'd be very much appreaciated. Thanks!

Martin
-- 
Martin Pitt                        | http://www.piware.de
Ubuntu Developer (www.ubuntu.com)  | Debian Developer  (www.debian.org)




Information stored :
Bug#411982; Package libpq5. (Tue, 23 Mar 2010 00:18:05 GMT) Full text and rfc822 format available.

Acknowledgement sent to Ondřej Surý <ondrej@sury.org>:
Extra info received and filed, but not forwarded. (Tue, 23 Mar 2010 00:18:05 GMT) Full text and rfc822 format available.

Message #197 received at 411982-quiet@bugs.debian.org (full text, mbox):

From: Ondřej Surý <ondrej@sury.org>
To: Martin Pitt <mpitt@debian.org>
Cc: 411982-quiet@bugs.debian.org
Subject: Re: Bug#411982: #411982: php5 makes a segmentation fault when php5-curl and php5-pgsql installed
Date: Tue, 23 Mar 2010 01:14:03 +0100
[Message part 1 (text/plain, inline)]
>> Should I prepare you the patch (I recommend going the upstream way -
>> ie removing pqlockarray lines from the patch).
>
> That'd be very much appreaciated. Thanks!

Attached patch should do the trick. This time I am sure it compiles
cleanly including the regression testing.

=======================
 All 115 tests passed.
=======================

Ondrej
-- 
Ondřej Surý <ondrej@sury.org>
http://blog.rfc1925.org/
[debbug411982v2.patch (text/x-patch, attachment)]

Reply sent to Martin Pitt <mpitt@debian.org>:
You have taken responsibility. (Sun, 25 Apr 2010 19:54:03 GMT) Full text and rfc822 format available.

Notification sent to Pirity Tamas Gabor <ptg@apaczai.elte.hu>:
Bug acknowledged by developer. (Sun, 25 Apr 2010 19:54:03 GMT) Full text and rfc822 format available.

Message #202 received at 411982-close@bugs.debian.org (full text, mbox):

From: Martin Pitt <mpitt@debian.org>
To: 411982-close@bugs.debian.org
Subject: Bug#411982: fixed in postgresql-8.3 8.3.10-0lenny1
Date: Sun, 25 Apr 2010 19:52:42 +0000
Source: postgresql-8.3
Source-Version: 8.3.10-0lenny1

We believe that the bug you reported is fixed in the latest version of
postgresql-8.3, which is due to be installed in the Debian FTP archive:

libecpg-compat3_8.3.10-0lenny1_amd64.deb
  to main/p/postgresql-8.3/libecpg-compat3_8.3.10-0lenny1_amd64.deb
libecpg-dev_8.3.10-0lenny1_amd64.deb
  to main/p/postgresql-8.3/libecpg-dev_8.3.10-0lenny1_amd64.deb
libecpg6_8.3.10-0lenny1_amd64.deb
  to main/p/postgresql-8.3/libecpg6_8.3.10-0lenny1_amd64.deb
libpgtypes3_8.3.10-0lenny1_amd64.deb
  to main/p/postgresql-8.3/libpgtypes3_8.3.10-0lenny1_amd64.deb
libpq-dev_8.3.10-0lenny1_amd64.deb
  to main/p/postgresql-8.3/libpq-dev_8.3.10-0lenny1_amd64.deb
libpq5_8.3.10-0lenny1_amd64.deb
  to main/p/postgresql-8.3/libpq5_8.3.10-0lenny1_amd64.deb
postgresql-8.3_8.3.10-0lenny1.diff.gz
  to main/p/postgresql-8.3/postgresql-8.3_8.3.10-0lenny1.diff.gz
postgresql-8.3_8.3.10-0lenny1.dsc
  to main/p/postgresql-8.3/postgresql-8.3_8.3.10-0lenny1.dsc
postgresql-8.3_8.3.10-0lenny1_amd64.deb
  to main/p/postgresql-8.3/postgresql-8.3_8.3.10-0lenny1_amd64.deb
postgresql-8.3_8.3.10.orig.tar.gz
  to main/p/postgresql-8.3/postgresql-8.3_8.3.10.orig.tar.gz
postgresql-client-8.3_8.3.10-0lenny1_amd64.deb
  to main/p/postgresql-8.3/postgresql-client-8.3_8.3.10-0lenny1_amd64.deb
postgresql-client_8.3.10-0lenny1_all.deb
  to main/p/postgresql-8.3/postgresql-client_8.3.10-0lenny1_all.deb
postgresql-contrib-8.3_8.3.10-0lenny1_amd64.deb
  to main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.10-0lenny1_amd64.deb
postgresql-contrib_8.3.10-0lenny1_all.deb
  to main/p/postgresql-8.3/postgresql-contrib_8.3.10-0lenny1_all.deb
postgresql-doc-8.3_8.3.10-0lenny1_all.deb
  to main/p/postgresql-8.3/postgresql-doc-8.3_8.3.10-0lenny1_all.deb
postgresql-doc_8.3.10-0lenny1_all.deb
  to main/p/postgresql-8.3/postgresql-doc_8.3.10-0lenny1_all.deb
postgresql-plperl-8.3_8.3.10-0lenny1_amd64.deb
  to main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.10-0lenny1_amd64.deb
postgresql-plpython-8.3_8.3.10-0lenny1_amd64.deb
  to main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.10-0lenny1_amd64.deb
postgresql-pltcl-8.3_8.3.10-0lenny1_amd64.deb
  to main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.10-0lenny1_amd64.deb
postgresql-server-dev-8.3_8.3.10-0lenny1_amd64.deb
  to main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.10-0lenny1_amd64.deb
postgresql_8.3.10-0lenny1_all.deb
  to main/p/postgresql-8.3/postgresql_8.3.10-0lenny1_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 411982@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Martin Pitt <mpitt@debian.org> (supplier of updated postgresql-8.3 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sat, 13 Mar 2010 16:33:15 +0100
Source: postgresql-8.3
Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-8.3 postgresql-client-8.3 postgresql-server-dev-8.3 postgresql-doc-8.3 postgresql-contrib-8.3 postgresql-plperl-8.3 postgresql-plpython-8.3 postgresql-pltcl-8.3 postgresql postgresql-client postgresql-doc postgresql-contrib
Architecture: source all amd64
Version: 8.3.10-0lenny1
Distribution: stable
Urgency: low
Maintainer: Martin Pitt <mpitt@debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Description: 
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 8.3
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql - object-relational SQL database (supported version)
 postgresql-8.3 - object-relational SQL database, version 8.3 server
 postgresql-client - front-end programs for PostgreSQL (supported version)
 postgresql-client-8.3 - front-end programs for PostgreSQL 8.3
 postgresql-contrib - additional facilities for PostgreSQL (supported version)
 postgresql-contrib-8.3 - additional facilities for PostgreSQL
 postgresql-doc - documentation for the PostgreSQL database management system
 postgresql-doc-8.3 - documentation for the PostgreSQL database management system
 postgresql-plperl-8.3 - PL/Perl procedural language for PostgreSQL 8.3
 postgresql-plpython-8.3 - PL/Python procedural language for PostgreSQL 8.3
 postgresql-pltcl-8.3 - PL/Tcl procedural language for PostgreSQL 8.3
 postgresql-server-dev-8.3 - development files for PostgreSQL 8.3 server-side programming
Closes: 411982 567058
Changes: 
 postgresql-8.3 (8.3.10-0lenny1) stable; urgency=low
 .
   * New upstream bug fix release:
     - Add new configuration parameter ssl_renegotiation_limit to control
       how often we do session key renegotiation for an SSL connection.
       This can be set to zero to disable renegotiation completely, which
       may be required if a broken SSL library is used. In particular,
       some vendors are shipping stopgap patches for CVE-2009-3555 that
       cause renegotiation attempts to fail.
     - Fix possible deadlock during backend startup.
     - Fix possible crashes due to not handling errors during relcache
       reload cleanly.
     - Fix possible crash due to use of dangling pointer to a cached plan.
     - Fix possible crashes when trying to recover from a failure in
       subtransaction start.
     - Fix server memory leak associated with use of savepoints and a
       client encoding different from server's encoding.
     - Fix incorrect WAL data emitted during end-of-recovery cleanup of a
       GIST index page split.
       This would result in index corruption, or even more likely an error
       during WAL replay, if we were unlucky enough to crash during
       end-of-recovery cleanup after having completed an incomplete GIST
       insertion.
     - Make substring() for bit types treat any negative length as meaning
       "all the rest of the string".
       The previous coding treated only -1 that way, and would produce an
       invalid result value for other negative values, possibly leading to
       a crash (CVE-2010-0442). (Closes: #567058)
     - Fix integer-to-bit-string conversions to handle the first
       fractional byte correctly when the output bit width is wider than
       the given integer by something other than a multiple of 8 bits.
     - Fix some cases of pathologically slow regular expression matching.
     - Fix assorted crashes in xml processing caused by sloppy memory
       management.
       This is a back-patch of changes first applied in 8.4. The 8.3 code
       was known buggy, but the new code was sufficiently different to not
       want to back-patch it until it had gotten some field testing.
     - Fix bug with trying to update a field of an element of a
       composite-type array column.
     - Fix the STOP WAL LOCATION entry in backup history files to report
       the next WAL segment's name when the end location is exactly at a
       segment boundary.
     - Fix some more cases of temporary-file leakage.
       This corrects a problem introduced in the previous minor release.
       One case that failed is when a plpgsql function returning set is
       called within another function's exception handler.
     - Improve constraint exclusion processing of boolean-variable cases,
       in particular make it possible to exclude a partition that has a
       "bool_column = false" constraint.
     - When reading "pg_hba.conf" and related files, do not treat
       @something as a file inclusion request if the @ appears inside
       quote marks; also, never treat @ by itself as a file inclusion
       request.
       This prevents erratic behavior if a role or database name starts
       with @. If you need to include a file whose path name contains
       spaces, you can still do so, but you must write @"/path to/file"
       rather than putting the quotes around the whole construct.
     - Prevent infinite loop on some platforms if a directory is named as
       an inclusion target in "pg_hba.conf" and related files.
     - Fix possible infinite loop if SSL_read or SSL_write fails without
       setting errno.
       This is reportedly possible with some Windows versions of openssl.
     - Disallow GSSAPI authentication on local connections, since it
       requires a hostname to function correctly.
     - Make ecpg report the proper SQLSTATE if the connection disappears.
     - Fix psql's numericlocale option to not format strings it shouldn't
       in latex and troff output formats.
     - Make psql return the correct exit status (3) when ON_ERROR_STOP and
       --single-transaction are both specified and an error occurs during
       the implied "COMMIT".
     - Fix plpgsql failure in one case where a composite column is set to
       NULL.
     - Fix possible failure when calling PL/Perl functions from PL/PerlU
       or vice versa.
     - Add volatile markings in PL/Python to avoid possible
       compiler-specific misbehavior.
     - Ensure PL/Tcl initializes the Tcl interpreter fully.
       The only known symptom of this oversight is that the Tcl clock
       command misbehaves if using Tcl 8.5 or later.
     - Prevent crash in "contrib/dblink" when too many key columns are
       specified to a dblink_build_sql_- function.
     - Allow zero-dimensional arrays in "contrib/ltree" operations.
       This case was formerly rejected as an error, but it's more
       convenient to treat it the same as a zero-element array. In
       particular this avoids unnecessary failures when an ltree operation
       is applied to the result of ARRAY(SELECT ...) and the sub-select
       returns no rows.
     - Fix assorted crashes in "contrib/xml2" caused by sloppy memory
       management.
   * Add 00cvs-unregister-ssl-callbacks.patch: Properly unregister OpenSSL
     callbacks when libpq is done with it's connection. Thanks Ondřej Surý for
     the backport! (Closes: #411982, LP: #63141)
Checksums-Sha1: 
 e0823589bcf97da32c986358363e5cb59eddf15d 1673 postgresql-8.3_8.3.10-0lenny1.dsc
 d69dc84821208f51b878583d552ed5803926d1f8 13870846 postgresql-8.3_8.3.10.orig.tar.gz
 8b747e4ad1eb713548dd888e4d0dabed276c13a6 49268 postgresql-8.3_8.3.10-0lenny1.diff.gz
 ddfd2c83a34811115e9ec70041e9f215411eed17 2177644 postgresql-doc-8.3_8.3.10-0lenny1_all.deb
 10ad7a98513fe394c44800e7dd73c88cdc4021b8 256110 postgresql_8.3.10-0lenny1_all.deb
 02d88c2afdcb4b3893d633ca18fa349b7c29f568 256076 postgresql-client_8.3.10-0lenny1_all.deb
 1b544c83ae0e3f6bd9e4c6d11e94810c737d0c04 255918 postgresql-doc_8.3.10-0lenny1_all.deb
 65f613306b3291289368d21965715dc509c17b21 255978 postgresql-contrib_8.3.10-0lenny1_all.deb
 ab0a451125674b36c52bde7510eb6cf0d1d1546f 462144 libpq-dev_8.3.10-0lenny1_amd64.deb
 f31646bbfef34a774db2c050d1b6acd0c60f3096 393638 libpq5_8.3.10-0lenny1_amd64.deb
 d80224ce6c1f36442aa1c4c240e4ec3e058a0d38 285438 libecpg6_8.3.10-0lenny1_amd64.deb
 c61419dad75f3017bc501a5fb7fb5d81ad835e10 474648 libecpg-dev_8.3.10-0lenny1_amd64.deb
 e899debaf6bd0779e4f0065a85fd24c5c785edf0 264042 libecpg-compat3_8.3.10-0lenny1_amd64.deb
 db11dca5fa5aee3cc3c055fae67f0b9e5b7b9e81 285602 libpgtypes3_8.3.10-0lenny1_amd64.deb
 04e3c27d8b6105ce6be19e68e3c71c58d43e969e 5375442 postgresql-8.3_8.3.10-0lenny1_amd64.deb
 2da0070c139c45bcfd20c3c218f18e3090d06968 1701826 postgresql-client-8.3_8.3.10-0lenny1_amd64.deb
 58e49895377e104ce8140c93bfdfe1e58726b845 829514 postgresql-server-dev-8.3_8.3.10-0lenny1_amd64.deb
 23d7d07b996503dd23e3d291246162fcab864e06 622318 postgresql-contrib-8.3_8.3.10-0lenny1_amd64.deb
 5ff8db0d8b246e3ed762e1ed53e251c4977668f5 283988 postgresql-plperl-8.3_8.3.10-0lenny1_amd64.deb
 11c06310f6803edc35b4f20c7e5273c2cfbbd42f 277856 postgresql-plpython-8.3_8.3.10-0lenny1_amd64.deb
 52375810a821bc0c59fc24af8238c438cd879afd 275118 postgresql-pltcl-8.3_8.3.10-0lenny1_amd64.deb
Checksums-Sha256: 
 2859b0ea969ec409186b83424ff582deb2eac98eb2dcb07e5f376d58732dcb42 1673 postgresql-8.3_8.3.10-0lenny1.dsc
 6c4e55918df0050cdf71896a8577f6b03c28cf20bd959c77c43165bfcb8abd12 13870846 postgresql-8.3_8.3.10.orig.tar.gz
 97295efa196ea774c2ce162d965054454310ab095826cc9b811b71c53e30a0ba 49268 postgresql-8.3_8.3.10-0lenny1.diff.gz
 da1423819d91e5bb68306e94465925b78534baa1d60d6617e1991d4dd1cec148 2177644 postgresql-doc-8.3_8.3.10-0lenny1_all.deb
 b0c3de7ba9843721d7f08c33cf19672046f62cdf46c4ca0b93822aca59568434 256110 postgresql_8.3.10-0lenny1_all.deb
 64f20f563e273790b4a7aeb3901fbb871849a525e0ebd781ea6eec6d3cf00cff 256076 postgresql-client_8.3.10-0lenny1_all.deb
 d48bdd907753f2ea600e50595f93c4bb4c0715cf249837f13646a19017f8e7f0 255918 postgresql-doc_8.3.10-0lenny1_all.deb
 43849d0dd9dd1d4b5486ba454c88eb05e96df6fa104a92d8184fd31297b6ebbe 255978 postgresql-contrib_8.3.10-0lenny1_all.deb
 666f4835cb6fba8d7cb5f9fb794b93b999d99452d3ca599eee5156ebcc701543 462144 libpq-dev_8.3.10-0lenny1_amd64.deb
 813029466a60f10c5d3d96feeb094ca976f6d5e7be2221e9bc199a0dff1e9198 393638 libpq5_8.3.10-0lenny1_amd64.deb
 bc534cf1f33502e6615803b790b69d83344ac3389032a6fc3dfafe1bba82f983 285438 libecpg6_8.3.10-0lenny1_amd64.deb
 6f234f181cba1201f46cd48f5acecfd182067117bc8d0da191dfc1ddb8b5e675 474648 libecpg-dev_8.3.10-0lenny1_amd64.deb
 1ce003c15ed7babeb868ebc87047dfe3b265bf4e07953ca0b3250e106675ed4c 264042 libecpg-compat3_8.3.10-0lenny1_amd64.deb
 1c4bfaeef7b88e6c9f8f6703a6edd7a5a45a681c57c0b8184f78e27caa09d591 285602 libpgtypes3_8.3.10-0lenny1_amd64.deb
 f20920fe80050c709fec7859d0e17ded9d58d64d9f77a6d7a4f86199eaab2d5a 5375442 postgresql-8.3_8.3.10-0lenny1_amd64.deb
 f252341239237d646a7ea069ff6ae680d451ea91f9b9a0f3e331f391f284de7e 1701826 postgresql-client-8.3_8.3.10-0lenny1_amd64.deb
 0b885bb365443689e96e1c25bd07bcca15b2563043718148d9fb915451b1495a 829514 postgresql-server-dev-8.3_8.3.10-0lenny1_amd64.deb
 e542796f5ff1b989183317555451a55996f12dfebd3c17fb1c3b108577ce52a5 622318 postgresql-contrib-8.3_8.3.10-0lenny1_amd64.deb
 b19fa588c4970142ce4e0c97fc54c182479af0d2cf8d53fe3d5a1903ff455041 283988 postgresql-plperl-8.3_8.3.10-0lenny1_amd64.deb
 cc71b939a351bbf7196e822ee71af93ecaa2870a91f6b90612900d06866bfb61 277856 postgresql-plpython-8.3_8.3.10-0lenny1_amd64.deb
 0d32c667387554d3bc47ad8e442c32d7ba28b83f7cf05b745d6c6ca46c4c60bb 275118 postgresql-pltcl-8.3_8.3.10-0lenny1_amd64.deb
Files: 
 5f8ef828326e77bfde517459212db18a 1673 misc optional postgresql-8.3_8.3.10-0lenny1.dsc
 6c528104faf2808dcbdbd4a644920fe1 13870846 misc optional postgresql-8.3_8.3.10.orig.tar.gz
 84363340a6cbe0cc5ea56e1cb4ddc943 49268 misc optional postgresql-8.3_8.3.10-0lenny1.diff.gz
 c6995c9dc936cad09f7d0b986fede84c 2177644 doc optional postgresql-doc-8.3_8.3.10-0lenny1_all.deb
 63a84a949ceda3fa41202b83d6737815 256110 misc optional postgresql_8.3.10-0lenny1_all.deb
 04830441795a94e493c3b1b6d529769b 256076 misc optional postgresql-client_8.3.10-0lenny1_all.deb
 53c24fe905164b5d95074aba38bb5fd3 255918 doc optional postgresql-doc_8.3.10-0lenny1_all.deb
 82e60633995b339c04d264d0106e6868 255978 misc optional postgresql-contrib_8.3.10-0lenny1_all.deb
 beded097d640da5a0f785643342dc582 462144 libdevel optional libpq-dev_8.3.10-0lenny1_amd64.deb
 56c7151ad7aba49409dc888be5f2b1b3 393638 libs optional libpq5_8.3.10-0lenny1_amd64.deb
 84c16f8204ad60f532e38dec8bae060f 285438 libs optional libecpg6_8.3.10-0lenny1_amd64.deb
 cc16d0303a47efb47ded163ba102bb73 474648 libdevel optional libecpg-dev_8.3.10-0lenny1_amd64.deb
 8cb4c769ade4136a378a52c857a4a228 264042 libs optional libecpg-compat3_8.3.10-0lenny1_amd64.deb
 af3a276c49a0c75fbd03f81bbaf524c1 285602 libs optional libpgtypes3_8.3.10-0lenny1_amd64.deb
 6f3e53f2ffe2157dec9a162c65fb2038 5375442 misc optional postgresql-8.3_8.3.10-0lenny1_amd64.deb
 ad4c263f32b78813a36a61abce222024 1701826 misc optional postgresql-client-8.3_8.3.10-0lenny1_amd64.deb
 00fa84e7f45bdd4681e1eca59b3f5f00 829514 libdevel optional postgresql-server-dev-8.3_8.3.10-0lenny1_amd64.deb
 4c80ec4af52c6f2d1d7c536b8cec01c5 622318 misc optional postgresql-contrib-8.3_8.3.10-0lenny1_amd64.deb
 ccaa0f24a8964c7d58d635cc3d499709 283988 misc optional postgresql-plperl-8.3_8.3.10-0lenny1_amd64.deb
 7e2fb9327a5396978902255a4b20353e 277856 misc optional postgresql-plpython-8.3_8.3.10-0lenny1_amd64.deb
 90e93d7d0b47f08437d627620ed95eb9 275118 misc optional postgresql-pltcl-8.3_8.3.10-0lenny1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAku8nrQACgkQDecnbV4Fd/L7JACgiJWeBkoVadi0N1myRW6hofJV
GHcAoOMZRKXFrdFLH6Sc58uo4alHE7yK
=H5H/
-----END PGP SIGNATURE-----





Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Mon, 24 May 2010 07:38:17 GMT) Full text and rfc822 format available.

Bug unarchived. Request was from Thorsten Glaser <tg@mirbsd.de> to control@bugs.debian.org. (Fri, 02 Dec 2011 10:00:02 GMT) Full text and rfc822 format available.

Bug Marked as found in versions postgresql-8.3/8.3.16-0lenny1. Request was from Thorsten Glaser <tg@mirbsd.de> to control@bugs.debian.org. (Fri, 02 Dec 2011 10:00:03 GMT) Full text and rfc822 format available.

Bug Marked as fixed in versions postgresql-8.4/8.4.9-0squeeze1~bpo50+1. Request was from Thorsten Glaser <tg@mirbsd.de> to control@bugs.debian.org. (Fri, 02 Dec 2011 10:00:03 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Martin Pitt <mpitt@debian.org>:
Bug#411982; Package libpq5. (Fri, 02 Dec 2011 10:24:08 GMT) Full text and rfc822 format available.

Acknowledgement sent to Thorsten Glaser <t.glaser@tarent.de>:
Extra info received and forwarded to list. Copy sent to Martin Pitt <mpitt@debian.org>. (Fri, 02 Dec 2011 10:24:12 GMT) Full text and rfc822 format available.

Message #215 received at 411982@bugs.debian.org (full text, mbox):

From: Thorsten Glaser <t.glaser@tarent.de>
To: 411982@bugs.debian.org
Subject: php segfault in libtasn1: spotted this again
Date: Fri, 2 Dec 2011 11:21:27 +0100 (CET)
unarchive 411982
found 411982 postgresql-8.3/8.3.16-0lenny1
fixed 411982 postgresql-8.4/8.4.9-0squeeze1~bpo50+1
thanks

Sorry to reopen, but this issue has popped up again.

[101245.619375] php[8428]: segfault at b681c7b0 ip b681c7b0 sp bfc6315c error 14 in libtasn1.so.3.0.15[b6b26000+f000]

I can still reproduce it with:

|root@dev:~ # php -r 'pg_connect("host=localhost dbname=x user=x password=x");'
|
|Warning: pg_connect(): Unable to connect to PostgreSQL server: FATAL:  database "x" does not exist in Command line code on line 1
|Segmentation fault

On out test system already running PostgreSQL 8.4 from lenny-backports:

|root@evolvis-51:~ # php -r 'pg_connect("host=localhost dbname=x user=x password=x");'
|
|Warning: pg_connect(): Unable to connect to PostgreSQL server: FATAL:  password authentication failed for user "x"
|FATAL:  password authentication failed for user "x" in Command line code on line 1

This seems to be a regression of 8.3.16 vs. 8.3.10 where you
appear to have fixed it. (We’ll probably upgrade the systems
to 8.4 in the next 2-3 months anyway, but right now a project
has failures possibly due to this.)

bye,
//mirabilos
-- 
Sometimes they [people] care too much: pretty printers [and syntax highligh-
ting, d.A.] mechanically produce pretty output that accentuates irrelevant
detail in the program, which is as sensible as putting all the prepositions
in English text in bold font.	-- Rob Pike in "Notes on Programming in C"




Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sat, 31 Dec 2011 07:39:23 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Fri Apr 18 05:53:55 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.