Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 491100 - >=dev-lang/php-5.5.4's stack smashing protection kills ODBC queries
Summary: >=dev-lang/php-5.5.4's stack smashing protection kills ODBC queries
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Development (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: PHP Bugs
URL: https://bugs.php.net/bug.php?id=66311
Whiteboard:
Keywords: UPSTREAM
Depends on:
Blocks:
 
Reported: 2013-11-12 17:10 UTC by Michael Orlitzky
Modified: 2014-02-15 16:21 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments
PHP script to reproduce the problem (ssp-test.php,498 bytes, application/x-php)
2013-11-12 17:10 UTC, Michael Orlitzky
Details
Sample odbc.ini configured for a local MySQL (odbc.ini,150 bytes, text/plain)
2013-11-12 17:10 UTC, Michael Orlitzky
Details
mysqldump of the php_ssp_test database (php_ssp_test.sql,14.71 KB, text/x-sql)
2013-11-12 17:11 UTC, Michael Orlitzky
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Orlitzky gentoo-dev 2013-11-12 17:10:05 UTC
Created attachment 363130 [details]
PHP script to reproduce the problem

When selecting a moderate number of rows over ODBC, PHP commits suicide:

  $ php ssp-test.php 
  Connected to database...
  
  *** stack smashing detected ***: php - terminated
  php: stack smashing attack in function <unknown> - terminated
  Report to http://bugs.gentoo.org/
  Killed

This appeared after a (simultaneous) upgrade to gcc-4.7.3-r1 and php-5.5.4. It also happens with php-5.5.5.

To reproduce, you'll need a few things:

  1) dev-db/unixODBC and dev-db/myodbc installed

  2) dev-lang/php built with USE=odbc

  3) A mysql database for testing

  4) An entry in odbc.ini for the mysql database

  5) A PHP script to pull some rows out of the database

I can provide (3) through (5).

The mysql database I'm using is called 'php_ssp_test', and it contains one table "drivers" and one column "driver". The data for this database can be found in php_ssp_test.sql, and you should be able to pipe it directly inti to mysql after you create the php_ssp_test database.

The attached odbc.ini goes in /etc/unixODBC/odbc.ini and provides a DSN for the MySQL database.

The script ssp-test.php will connect to that DSN as the MySQL "root" user with password "password" (all of this is easy to change). It will then select all records from the 'drivers' table and print them one at a time.
Comment 1 Michael Orlitzky gentoo-dev 2013-11-12 17:10:36 UTC
Created attachment 363132 [details]
Sample odbc.ini configured for a local MySQL
Comment 2 Michael Orlitzky gentoo-dev 2013-11-12 17:11:06 UTC
Created attachment 363134 [details]
mysqldump of the php_ssp_test database
Comment 3 Michael Orlitzky gentoo-dev 2013-11-12 17:13:41 UTC
I should mention a workaround: if you recompile php without SSP, it will work. So for example,

  # gcc-config -l
   [1] x86_64-pc-linux-gnu-4.7.3 *
   [2] x86_64-pc-linux-gnu-4.7.3-hardenednopie
   [3] x86_64-pc-linux-gnu-4.7.3-hardenednopiessp
   [4] x86_64-pc-linux-gnu-4.7.3-hardenednossp
   [5] x86_64-pc-linux-gnu-4.7.3-vanilla

  # gcc-config 4

  # source /etc/profile
Comment 4 Matti Bickel (RETIRED) gentoo-dev 2013-11-13 21:19:26 UTC
I'm updating my @system to gcc-4.7.3 to test this, stay tuned.
Comment 5 Magnus Granberg gentoo-dev 2013-12-17 16:51:45 UTC
Fix the smashing attack insstead of disable ssp
Recompile glibc with use debug then you should get note what
function it happens. just turn ssp of is a only a short way
to hide the problem for the code error may be expliteble.
Comment 6 Michael Orlitzky gentoo-dev 2013-12-22 16:37:23 UTC
The fix has been committed upstream and merged into the 5.4, 5.5, and 5.6 branches. Just waiting for a release now.
Comment 7 Michael Orlitzky gentoo-dev 2014-02-15 16:21:15 UTC
Ok, the fix is in 5.5.8 in the tree.