Differences between current version and predecessor to the previous major change of KnowledgeBase/FreeBSD/envhack.c.

Other diffs: Previous Revision, Previous Author

Newer page: version 5 Last edited on Sunday, 11 September 2011 6:40:25 by CyberLeo
Older page: version 4 Last edited on Saturday, 11 September 2010 2:18:01 by CyberLeo Revert
@@ -1,4 +1,8 @@
+!!! Note  
+  
+As of [lang/php52-5.2.17_2|http://www.freshports.org/lang/php52], an OPTIONS knob was added to link php52 directly with libthr; presumably to avoid this.  
+  
 !!! Background 
  
 PHP-5.2.12 with suhosin on FreeBSD-7.2-RELEASE amd64 
  

current version

Note

As of lang/php52-5.2.17_2, an OPTIONS knob was added to link php52 directly with libthr; presumably to avoid this.

Background

PHP-5.2.12 with suhosin on FreeBSD-7.2-RELEASE amd64

The native threading library on FreeBSD 7.2, libthr, annoys suhosin when it is loaded as a shared library, or by an extension such as mysql or mysqli.

$ php --version
ALERT - canary mismatch on efree() - heap overflow detected (attacker 'REMOTE_ADDR not set', file 'unknown')
$

The solution is to pre-inject the library, using LD_PRELOAD. However, you cannot reference a script in a shebang line, so using a shellscript preload hack will break all the shebanged php scripts. So use a C env hack.

  • Compile this hack
gcc -o envhack envhack.c
  • Rename PHP out of the way
mv /usr/local/bin/php /usr/local/bin/php-thr
  • Link envhack in. Hardlinks are best, symlinks may work as well.
ln -v ./envhack /usr/local/bin/php

And it should work!

$ php --version
PHP 5.2.12 with Suhosin-Patch 0.9.7 (cli) (built: Mar 13 2010 14:47:23)
Copyright (c) 1997-2009 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2009 Zend Technologies
$
#include <stdlib.h>
#include <stdio.h>
#include <string.h>

char * pre_lib = "/lib/libthr.so.3";
char * bin_sfx = "-thr";

int main(int argc, char ** argv) {
  /* Compute new binary name */
  int bin_len = strlen(argv[0]) + strlen(bin_sfx) + 2;
  char * new_bin = malloc(bin_len);
  snprintf(new_bin, bin_len, "%s%s", argv[0], bin_sfx);

  /* Patch environment */
  char * old_pre;
  char * new_pre;
  if (old_pre = getenv("LD_PRELOAD")) {
    int pre_len = strlen(pre_lib) + strlen(old_pre) + 2;
    new_pre = malloc(pre_len);
    snprintf(new_pre, pre_len, "%s:%s", old_pre, pre_lib);
  } else {
    new_pre = pre_lib;
  }
  setenv("LD_PRELOAD", new_pre, 1);

  /* Reexec */
  if (0 > execvp(new_bin, argv)) {
    perror(new_bin);
    exit(1);
  }
}
FreeBSD paka.cyberleo.net 7.2-RELEASE-p3 FreeBSD 7.2-RELEASE-p3 #1: Fri Jul 31 07:52:14 EDT 2009     cyberleo@paka.cyberleo.net:/usr/obj/usr/srcs/RELENG_7_2/src/sys/PAKA  amd64

Installed packages

mysql-client-5.5.2  Multithreaded SQL database (client)
mysql-server-5.5.2  Multithreaded SQL database (server)
php5-5.2.12         PHP Scripting Language
php5-mysql-5.2.12   The mysql shared extension for php
php5-mysqli-5.2.12  The mysqli shared extension for php