Closed (won't fix)
Project:
Javascript Tools
Version:
5.x-1.x-dev
Component:
Activemenus
Priority:
Normal
Category:
Support request
Assigned:
Unassigned
Reporter:
Created:
29 Apr 2008 at 13:31 UTC
Updated:
5 Jul 2012 at 06:35 UTC
While using Activemenu, Collapsiblock and JS Calendar the following error ocurred every 30-50 hours.
ALERT - canary mismatch on efree() - heap overflow detected (attacker 'x.x.x.x', file '[...]/modules/jstools/jstools.module', line 92)
So no visitor could access Drupal until Activemenu and Collapsiblock has been disabled.
Any idea how jstools could trigger that?
Setup:
Drupal 5.7
MySQL 5.0.51a, PHP 5.2.5
Suhosin Patch 0.9.6.2
Comments
Comment #1
nedjoProbably triggered by some non-Drupal code you're running. See e.g. this discussion: http://forum.hardened-php.net/viewtopic.php?id=145.
Comment #2
chriscohen commentedMy setup:
The site would run just fine for a few hours, then just display a white screen of death (WSoD) on all front-end pages. I was receiving the following errors in my Apache error log:
[Tue Mar 10 16:41:11 2009] [error] [client 216.139.136.92] ALERT - canary mismatch on efree() - heap overflow detected (attacker '216.139.136.92', file '/var/www/drupal5/sites/example.com/modules/glossary/glossary.module', line 1050)Disabling eAccelerator fixed the problem. I believe that eAccelerator was the cause of the segfault, at least in my case. Hope this helps someone else with this issue.
Comment #3
chriscohen commentedScratch that. We disabled eAccelerator and tested for 24 hours, and the problem disappeared, so we concluded that eAccelerator was to blame. However, the problem has resurfaced, it just took longer, and therefore eAccelerator is not to blame.
Comment #4
dgtlmoon commentedI've recently experienced this with php5-xcache too (D7/php5.3)
Comment #5
dgtlmoon commented