Ubuntu
php5 package

php5 5.6.11+dfsg-1ubuntu3.2 SOAP Out Of Memory (OOM)

Bug #1575298 reported by TJ
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
php5 (Ubuntu)
Invalid
Undecided
Unassigned
Wily
Fix Released
High
Marc Deslauriers

Bug Description

User in #ubuntu reported an Out of Memory issue due to SOAP changes in ubuntu3.2 on 15.10 on several ubuntu servers.

19:03 --> magento_rocks (~<email address hidden>) has joined #ubuntu
19:04 <magento_rocks> where can i see the changelog for ubuntu 15.10?
19:05 <magento_rocks> a recent update fucked up something, on all servers running 15.10
...
19:05 <TJ-> magento_rocks: package install history is in /var/log/apt/
19:06 <TJ-> magento_rocks: specific package changelogs under /usr/share/doc/<package-name>/changelog*
19:07 <magento_rocks> TJ- thanks
...
19:08 <magento_rocks> php5-common:amd64 (5.6.11+dfsg-1ubuntu3.1, 5.6.11+dfsg-1ubuntu3.2)
19:08 <magento_rocks> that means it was upgrade from 3.1 to 3.2?
19:09 <TJ-> magento_rocks: yes, and the changelog contains headings that match each version
19:10 <magento_rocks> ok great. now i just need to "downgrade" to 3.1
19:12 <TJ-> magento_rocks apt-get install php5=5.6.11+dfsg-1ubuntu3.1 or similar... probably need to list all the php5* packages that were upgraded, and suffix them with the exact version you want
19:12 <magento_rocks> https://launchpad.net/ubuntu/+source/php5/5.6.11+dfsg-1ubuntu3.2 - the SOAP Client update is causing OOM errors
19:12 <magento_rocks> thanks for your help TJ-, i appreciate it

CVE References

Revision history for this message
Dave Barnes (phpdave11) wrote :

the failure is occurring just after the lines patched in php_http.c - line 842

Revision history for this message
Seth Arnold (seth-arnold) wrote :

Can you include error messages, logs, or instructions to reproduce the issue?

Thanks

Marc Deslauriers (mdeslaur)
Changed in php5 (Ubuntu):
status: New → Invalid
Changed in php5 (Ubuntu Wily):
status: New → In Progress
assignee: nobody → Marc Deslauriers (mdeslaur)
importance: Undecided → High
Revision history for this message
Dave Barnes (phpdave11) wrote :

I've attached sample code to reproduce the issue. However, it is dependent on a Magento server for the SOAP endpoint.

Here is the output I get on a Ubuntu 15.10 server with php5 5.6.11+dfsg-1ubuntu3.2 installed:

dave-barnes@datamart-dave:~/code/soap$ php client.php
PHP Fatal error: Out of memory (allocated 2883584) (tried to allocate 4294967658 bytes) in /home/dave-barnes/code/soap/client.php on line 249
PHP Fatal error: Uncaught SoapFault exception: [Client] Out of memory (allocated 2883584) (tried to allocate 4294967658 bytes) in /home/dave-barnes/code/soap/client.php:249
Stack trace:
#0 [internal function]: SoapClient->__doRequest('<?xml version="...', 'http://mage-tes...', 'urn:Action', 1, 0)
#1 /home/dave-barnes/code/soap/client.php(249): SoapClient->__call('catalogProductL...', Array)
#2 /home/dave-barnes/code/soap/client.php(249): SoapClient->catalogProductList('f13dac565d5c332...')
#3 {main}
  thrown in /home/dave-barnes/code/soap/client.php on line 249

Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

I believe I have located the issue and have uploaded a package for testing in the following PPA:

https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+packages

Once the package has finished building, could you please test it and confirm that the regression is fixed?

I'll release the package as a security regression fix as soon as it has been tested.

Thanks!

Revision history for this message
Dave Barnes (phpdave11) wrote :

Hi Marc,

Thank you for the fast fix! After I installed 5.6.11+dfsg-1ubuntu3.3 from ubuntu-security-proposed/ppa, the SOAP OOM error went away. It appears that the regression has been fixed.

Thanks!

Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

Thanks for testing the fix! I'll release the update today.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package php5 - 5.6.11+dfsg-1ubuntu3.3

---------------
php5 (5.6.11+dfsg-1ubuntu3.3) wily-security; urgency=medium

  * SECURITY REGRESSION: out of memory in SOAP (LP: #1575298)
    - debian/patches/CVE-2015-8835.patch: updated to fix bad patch
      backport.

 -- Marc Deslauriers <email address hidden> Tue, 26 Apr 2016 14:57:54 -0400

Changed in php5 (Ubuntu Wily):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.