[TYPO3-english] class.t3lib_htmlmail.php ERROR - canary mismatch on efree() - heap overflow detected
Georg Schönweger
georg.schoenweger at gmail.com
Fri May 14 09:36:44 CEST 2010
I disabled now the ini_set function by adding disable_functions=ini_set
to my php.ini. Now everything seems to work fine, i hope disabling this
function has no other side effects in Typo3.
Interesting is also that on our other Server we do not have this
problem. There we use OpenSuse which has PHP 5.2.12 (Suhosin 0.9.7).
But on our Ubuntu Server with PHP 5.2.10 (Suhosin 0.9.7) this error
occurs randomly. So maybe it is a PHP <--> Suhosin Bug, i don't know,
but i think it's really a Problem because may many people are using
Ubuntu as a Server and this error is hard to recognize, because
sometimes everything works fine and some times it doesn't.. Also the
effect of this error is strange, maybe you get 2 Mails instead of 1, or
in case of commerce you get two orders instead of 1.
I also didn't find a clean way to install a newer PHP Version on Ubuntu
without compiling it by myself.
greetings,
Georg
Am 13.05.2010 17:48, schrieb Georg Schönweger:
> I found this bug entry which describes the problem:
> http://bugs.typo3.org/view.php?id=13701
> So the Problem seems to be the ini_set('sendmail_from', ...) in
> class.t3lib_htmlmail.php', line 718
>
> I had this randomly occuring errors with NGINX and PHP running as
> FastCGI. There i get a 502 Error Page and the cgi process dies.
> Now i installed Apache2 with php as module. There i have the error
> message in the apache error logfile and the script does not end correctly.
>
> If i uncomment line 718 in class.t3lib_htmlmail.php i get no errors.
> This doesn't only affect sr_feuesr_register, but also all other
> extensions which are using the t3lib_htmlmail class, for example commerce.
>
> Here they are discussing about that;
> http://lists.typo3.org/pipermail/typo3-team-core/2010-March/035496.html
>
> greetings,
> Georg
>
> Am 13.05.2010 15:09, schrieb Georg Schönweger:
>
>> Hi,
>>
>> i just saw in my Logs that i have the same error message with
>> sr_feuser_register (2.5.25).
>> Im using Ubuntu 9.10 with PHP Version 5.2.10 and Suhosin Patch 0.9.7
>> Typo3 4.2.12
>>
>> did you find any solution for this?
>>
>> [Thu May 13 14:43:29 2010] [error] [client 87.12.93.26] ALERT - canary
>> mismatch on efree() - heap overflow detected (attacker '87.12.93.26',
>> file
>> '/usr/local/nginx/html/typo3_src-4.2.12/t3lib/class.t3lib_htmlmail.php',
>> line 718), referer: http://www.snillo.it/my-account/registrati/
>>
>> The error occurs randomly, but only with sr_feuser_register
>>
>> kind regards,
>> Georg Schönweger
>>
>> Am 05.05.2010 11:31, schrieb Chris Müller:
>>
>>
>>> Perhaps this is also interesting for you:
>>> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576147
>>>
>>>
>>> Am 04.02.2010 16:15, schrieb Daniel Huf:
>>>
>>>
>>>> Hi,
>>>>
>>>> I'm getting this error with the sr_feuser_register subscription page.
>>>>
>>>> Running TYPO3 4.3, any clue what it really means ?
>>>>
>>>> [Thu Feb 04 11:34:17 2010] [error] [client 91.203.96.55] ALERT - canary
>>>> mismatch on efree() - heap overflow detected (attacker 'xx.xxx.xx.xx',
>>>> file '/var/www/site/typo3_src-4.3.0/t3lib/class.t3lib_htmlmail.php',
>>>> line 730)
>>>>
>>>> Thanks for your feedback,
>>>> Daniel
>>>>
>>>>
>>> _______________________________________________
>>> TYPO3-english mailing list
>>> TYPO3-english at lists.typo3.org
>>> http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-english
>>>
>>>
>> _______________________________________________
>> TYPO3-english mailing list
>> TYPO3-english at lists.typo3.org
>> http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-english
>>
>>
> _______________________________________________
> TYPO3-english mailing list
> TYPO3-english at lists.typo3.org
> http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-english
>
More information about the TYPO3-english
mailing list