[lucid] php5-cgi crashes when attempting to load page

strace sudo -u michael php-cgi -b /tmp/phpcgi-michael.socket 2&>1 tmp

... That's with 2> instead of 2>&1 ... just fyi

Can you try php 5.3.2?

Thanks
chuck

Looks like it didn't crash. It was stopped by suhosin patch, could we please get full log message of:

sendto(5, "<9>suhosin[9409]: ALERT - canary"..., 182, 0, NULL, 0) = 182

?

A side note about php5-5.3.2. I guess the update finally hit lucid but perhaps a dependency isn't there yet? I'll check this out again once I get home. (~1.5hr)

root@repono:~# aptitude install php5
Reading package lists... Done
Building dependency tree
Reading state information... Done
Reading extended state information
Initializing package states... Done
The following packages are BROKEN:
  php5
0 packages upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 1,110B of archives. After unpacking 20.5kB will be used.
The following packages have unmet dependencies:
  php5: Depends: libapache2-mod-php5 (>= 5.3.2-1ubuntu2) but 5.3.1-5ubuntu2 is installed. or
                 libapache2-mod-php5filter (>= 5.3.2-1ubuntu2) but it is not installable or
                 php5-cgi (>= 5.3.2-1ubuntu2) but 5.3.1-5ubuntu2 is installed.
        Depends: php5-common (>= 5.3.2-1ubuntu2) but 5.3.1-5ubuntu2 is installed.
Unable to resolve dependencies! Giving up...
The following packages are BROKEN:
  php5
0 packages upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 1,110B of archives. After unpacking 20.5kB will be used.
aptitude failed to find a solution to these dependencies. You can solve them yourself by hand or type 'n' to quit.
The following packages have unmet dependencies:
  php5: Depends: libapache2-mod-php5 (>= 5.3.2-1ubuntu2) but 5.3.1-5ubuntu2 is installed. or
                 libapache2-mod-php5filter (>= 5.3.2-1ubuntu2) but it is not installable or
                 php5-cgi (>= 5.3.2-1ubuntu2) but 5.3.1-5ubuntu2 is installed.
        Depends: php5-common (>= 5.3.2-1ubuntu2) but 5.3.1-5ubuntu2 is installed.
Resolve these dependencies by hand? [N/+/-/_/:/?]
Abort.

Chuck Short: php5-5.3.2 did not solve the issue.

Ondřej Surý: Could you please give me more information for how to do this?

Also want to mention that removing the php5-suhosin package didn't fix this. I know suhosin is a patch as well. I just wanted to mention that.

Is there anything in suhosin that tries to prevent php from running as user?

/var/log/syslog is giving me this message:

Mar 26 19:16:41 incipio suhosin[17482]: ALERT - canary mismatch on efree() - heap overflow detected at 0x2c67e30 (attacker '96.2.97.126', file '/home/michael/drupal6/includes/bootstrap.inc', line 987)

The contents of that:

/* BREAKS HERE $current_phase = $phases[$phase_index]; */

/**
 * A string describing a phase of Drupal to load. Each phase adds to the
 * previous one, so invoking a later phase automatically runs the earlier
 * phases too. The most important usage is that if you want to access the
 * Drupal database from a script without loading anything else, you can
 * include bootstrap.inc, and call drupal_bootstrap(DRUPAL_BOOTSTRAP_DATABASE).
 *
 * @param $phase
 * A constant. Allowed values are:
 * DRUPAL_BOOTSTRAP_CONFIGURATION: initialize configuration.
 * DRUPAL_BOOTSTRAP_EARLY_PAGE_CACHE: try to call a non-database cache fetch routine.
 * DRUPAL_BOOTSTRAP_DATABASE: initialize database layer.
 * DRUPAL_BOOTSTRAP_ACCESS: identify and reject banned hosts.
 * DRUPAL_BOOTSTRAP_SESSION: initialize session handling.
 * DRUPAL_BOOTSTRAP_LATE_PAGE_CACHE: load bootstrap.inc and module.inc, start
 * the variable system and try to serve a page from the cache.
 * DRUPAL_BOOTSTRAP_LANGUAGE: identify the language used on the page.
 * DRUPAL_BOOTSTRAP_PATH: set $_GET['q'] to Drupal path of request.
 * DRUPAL_BOOTSTRAP_FULL: Drupal is fully loaded, validate and fix input data.
 */
function drupal_bootstrap($phase) {
  static $phases = array(DRUPAL_BOOTSTRAP_CONFIGURATION, DRUPAL_BOOTSTRAP_EARLY_PAGE_CACHE, DRUPAL_BOOTSTRAP_DATABASE, DRUPAL_BOOTSTRAP_ACCESS, DRUPAL_BOOTSTRAP_SESSION, DRUPAL_BOOTSTRAP_LATE_PAGE_CACHE, DRUPAL_BOOTSTRAP_LANGUAGE, DRUPAL_BOOTSTRAP_PATH, DRUPAL_BOOTSTRAP_FULL), $phase_index = 0;

  while ($phase >= $phase_index && isset($phases[$phase_index])) {
    $current_phase = $phases[$phase_index]; /** <-------- THIS IS LINE 987 **/
    unset($phases[$phase_index++]);
    _drupal_bootstrap($current_phase);
  }
}

I am also having this same problem.

hi, I have samed problem.

sudo apt-get install php5-cli php5-common php5-suhosin
Reading package lists... Done
Building dependency tree
Reading state information... Done
php5-cli is already the newest version.
php5-common is already the newest version.
php5-common set to manually installed.
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
  php5-suhosin: Depends: php5-common (= 5.3.2-0.dotdeb.2) but 5.3.2-1ubuntu4.2 is to be installed

how to fix it? please help me thanks