Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 526244 - dev-php/pecl-geoip-1.1.0 - segmentation fault in php on corrupt GeoIPCity.dat where libGeoIP returns NULL
Summary: dev-php/pecl-geoip-1.1.0 - segmentation fault in php on corrupt GeoIPCity.dat...
Status: UNCONFIRMED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: PHP Bugs
URL:
Whiteboard:
Keywords: PATCH
Depends on:
Blocks:
 
Reported: 2014-10-21 15:09 UTC by Deniss Gaplevsky
Modified: 2017-05-06 12:09 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments
patch to prevent segfaults in GeoIP_record_by_name() due NULL passed as first arg (geoip-1.1.0-inbox-city.patch,2.13 KB, patch)
2014-10-22 18:13 UTC, Deniss Gaplevsky
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Deniss Gaplevsky 2014-10-21 15:09:09 UTC
dev-php/pecl-geoip-1.1.0 segfaults php when GeoIPCity.dat is used.
There is bug filled to mainstream with patch at https://bugs.php.net/bug.php?id=68277
Comment 1 Jeroen Roovers (RETIRED) gentoo-dev 2014-10-21 16:43:25 UTC
The upstream bug report seems to be about a segmentation fault in libGeoIP, which is in the domain of dev-libs/geoip, not dev-php/pecl-geoip.
Comment 2 Jeroen Roovers (RETIRED) gentoo-dev 2014-10-21 17:06:51 UTC
1) Please post your `emerge --info dev-libs/geoip' output in a comment.
2) Please explain how that broken database got there. :)
Comment 3 Deniss Gaplevsky 2014-10-22 18:10:30 UTC
the issue is pretty complex and comes out from libgeoip sins:
1. GeoIP_db_avail() does not make difference between GEOIP_*_EDITION_REV1 and GEOIP_*_EDITION_REV0 but GeoIP_open_type() does.
2. GeoIP_open_type() returns NULL when requested revision does not match actual revision of file. NULL is returned for few other cases as well.
3. GeoIP_record_by_name() (and other GeoIP_*_by_name()?) does not check first argument for NULL and segfaults.

I contacted Boris Zentner (MaxMind) and he wrote me back that the pecl-geoip should manage all checks. 

A patch attached tries to open the file as GEOIP_CITY_EDITION_REV0 then as GEOIP_CITY_EDITION_REV1 if failed and finally check returned value for NULL
Comment 4 Deniss Gaplevsky 2014-10-22 18:13:38 UTC
Created attachment 387222 [details, diff]
patch to prevent segfaults in GeoIP_record_by_name() due NULL passed as first arg

this patch also fixes wrong revision guessing
Comment 5 Deniss Gaplevsky 2014-10-27 13:07:32 UTC
mainstream patch available from https://bugs.php.net/bug.php?id=68277