Ubuntu

xcache crashes during module shutdown when used together with ionCube Loader

Reported by Vladimir Kolesnikov on 2010-12-09
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
xcache
Fix Released
Unknown
xcache (Ubuntu)
Undecided
Unassigned

Bug Description

When xcache is loaded a s a PHP extension:

extension=xcache.so

Any attempt to execute an ionCube-encoded file crashes PHP w/backtrace like this:

#0 zm_shutdown_xcache (type=<value optimized out>, module_number=53) at /build/buildd/php5-xcache-1.3.1/xcache.c:2968
#1 0x000000000069c2df in module_destructor (module=0xf0d3a0) at /build/buildd/php5-5.3.3/Zend/zend_API.c:2098
#2 0x00000000006a30e1 in zend_hash_apply_deleter (ht=0xdc0760, p=0xf0d340) at /build/buildd/php5-5.3.3/Zend/zend_hash.c:813
#3 0x00000000006a3368 in zend_hash_graceful_reverse_destroy (ht=0xdc0760) at /build/buildd/php5-5.3.3/Zend/zend_hash.c:848
#4 0x0000000000697045 in zend_shutdown () at /build/buildd/php5-5.3.3/Zend/zend.c:831
#5 0x00000000006427ed in php_module_shutdown () at /build/buildd/php5-5.3.3/main/main.c:2166
#6 0x000000000072625f in main (argc=-1969359736, argv=0x0) at /build/buildd/php5-5.3.3/sapi/cli/php_cli.c:1391

This happens because xCache does not validate the result of

zend_extension *ext = zend_get_extension(XCACHE_NAME);

called in zm_shutdown_xcache (PHP_MSHUTDOWN_FUNCTION(xcache))

I don't know what ionCube Loader does but zend_get_extension(XCACHE_NAME) returns NULL in this case.

When xcache tries to dereference a NULL pointer in

if (ext->shutdown) {

we get a crash.

---
Ubuntu: 10.10 AMD64
xCache: 1.3.0, 1.3.1

Vladimir Kolesnikov (sjinks) wrote :

Patch that solves the issue by adding a check whether ext is not NULL.

tags: added: patch
Changed in xcache:
status: Unknown → New
Changed in xcache:
status: New → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package xcache - 1.3.2-1

---------------
xcache (1.3.2-1) unstable; urgency=low

  * New upstream version.
    - Fixes crash with ionCube (LP: #688041).
  * Bump standards to 3.9.2.
 -- Ubuntu Archive Auto-Sync <email address hidden> Thu, 09 Jun 2011 09:37:44 +0000

Changed in xcache (Ubuntu):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.