I'll preface this by saying I think my issue has to do with PHP but perhaps figuring out what's going on in the functions-basic.php page might help me resolve it.
What's happening (long and detailed):
I've been having this issue with my personal site where it wouldn't load. (Old version of the site was just a blank page - new version is just a "The connection was reset" error - more details on this below)
If I browse directly to an image - the image will load. I can also FTP and SSH in no problems...everything is there. Once I restart Apache the site is fine again - nothing is lost and it was like nothing ever happened. When this happens, it only happens to my personal site...and ONLY to the "www" domain - all sub-domains always work fine (more on that later) No other sites on my server (9 total) have this issue either. Several of them use zen also. I've also checked server load when this happens and nothing abnormal there either.
It's a fairly large site with tons of pics and vids and content so I just thought something was going wacky with the database or the version of zen I was using. As such, I started to build a new site. I got everything going in a new sub-domain (dev). Latest version of zen at the time (1.4.1.2), new database and everything. I didn't want to import any old content just in case something was screwy with the database.
Fast forward several weeks - I now have a working beta site that's completely designed and I am now loading content. It's a fully functional site though. Well, I get this issue with my main site (www) not loading once again. Now that I have a beta site I decide to see what's going on with that...well it loads fine. No issues. And again no issues with the other sites on the server either.
Again if I restart apache all is fine.
Fast forward to going live with the new version of my site. Everything goes well and I'm up and running in no time. The old site now resides under the "dev" sub-domain just in case I missed something or need to revert back for whatever reason. Again all is well. Fast forward again a month or so and now the NEW site isn't loading...this time the error is slightly different - it's a "The connection was reset" error compared to just a blank empty page like before. I can still browse to display an image and also a standard html page loads fine...
NOW, here's the strange thing...when I browse to the old site (that was originally giving me issues and now resides in the "dev" sub-directory) it loads perfectly fine! No issues. And once again all the other sites on the server load fine. I've since added another subdomain to my site for my wifes recipes and that loads fine too using zen of course). And once again restarting Apache gets the site back up instantly...
Entire error:
ALERT - canary mismatch on efree() - heap overflow detected (attacker 'XX.XXX.XXX.XXX', file 'zp-core/template-functions.php', line 810
Like I said research says it's possible something to do with PHP but it's always related to functions-basic.php line 810.
Everything in that area of the page is below:
/** returns a sanitized string for the sanitize function
-
@param string $input_string
-
@param string $sanitize_level
-
@return string the sanitized string.
*/
function sanitize_string($input_string, $sanitize_level) {
global $_user_tags, $_style_tags;
// Strip slashes if get_magic_quotes_gpc is enabled.
if (get_magic_quotes_gpc()) {
$input_string = stripslashes($input_string);
}
// Basic sanitation.
if ($sanitize_level === 0) {
return str_replace(chr(0), " ", $input_string);
}
// User specified sanititation.
if (function_exists('kses')) {
switch($sanitize_level) {
case 1:
$allowed_tags = getAllowedTags('allowed_tags');
$input_string = html_entity_decode(kses($input_string, $allowed_tags));
break;// Text formatting sanititation. case 2: $allowed_tags = getAllowedTags('style_tags'); $input_string = html_entity_decode(kses($input_string, $allowed_tags)); break; // Full sanitation. Strips all code. case 3: $allowed_tags = array(); $input_string = html_entity_decode(kses($input_string, $allowed_tags)); break; }} else { // in a basic environment--allow NO HTML tags.
$input_string = strip_tags($input_string);
}
return $input_string;
}
Line 810 specifically is:
$input_string = html_entity_decode(kses($input_string, $allowed_tags));
So I guess my question is what is going on with kses - it seems to only error every several weeks or so. I haven't been able to figure out what triggers it but perhaps someone with fresh eyes will be able to help.
Thanks,
Mike
Well there's a 5meg debug file with a ton of stuff...lol.
But mostly invalid folder name errors...but I removed the folder in question so that's not it...especially because that was after the canary mismatch thing we are talking about here. Nothing matches up date wise with the error I'm experiencing either...but these are the other errors...just several spoof attempts...
{Mon, 16 Apr 2012 02:06:32 GMT}
Backtrace: Zenphoto encountered an album name spoof attempt: My-Car-Pics/Tyler-State-Park=IMG_8857.jpg=>My-Car-Pics/Tyler-State-Parkâ„‘=IMG_8857.jpg.
Album->Album called
from zp_load_album (functions-controller.php [316])
from zp_load_request (functions-controller.php [520])
from require_once (controller.php [38])
from index.php [55]
I'm going to clear the file and start fresh to see if I can see anything the next time I have the issue...
Always open to other suggestions...I'm glad it's only happening with my site and no clients sites but still would like to figure it out.
Much appreciated,
Mike
Well I've read about Suoshin and unless it's part of another app that's installed I'm not using it...not that I know of anyway. But it does pop up with regards to this specific error. I did add suhosin.session.encrypt=off to the php.ini but that didn't work.
I'm open to suggestions...lol
Thanks
I have no idea about the issue. But in case that is unclear Suoshin is a server security extension. You should find an entry on the phpinfo() about that. If you are not running/configuring your own server your host might have setup that and probably does not let you disable it.
Just got the error again- this time 2 errors of it occurring on line 4538 of template functions...otherwise line 810
kses again at line 4538:
$short2 = kses($short.'', $allowed_tags);
The entire block of code...
function shortenContent($articlecontent, $shorten, $shortenindicator, $forceindicator=false) {
global $_user_tags;
if ($forceindicator || (mb_strlen($articlecontent) > $shorten)) {
$allowed_tags = getAllowedTags('allowed_tags');
$short = mb_substr($articlecontent, 0, $shorten);
$short2 = kses($short.'', $allowed_tags);
if (($l2 = mb_strlen($short2)) < $shorten) {
$c = 0;
$l1 = $shorten;
$delta = $shorten-$l2;
while ($l2 < $shorten && $c++ < 5) {
$open = mb_strrpos($short, '')) {
$l1 = mb_strpos($articlecontent,'>',$l1+1)+$delta;
} else {
$l1 = $l1 + $delta;
}
$short = mb_substr($articlecontent, 0, $l1);
$short2 = kses($short.'', $allowed_tags);
$l2 = mb_strlen($short2);
}
$shorten = $l1;
}
$short = truncate_string($articlecontent, $shorten, '');
// drop open tag strings
$open = mb_strrpos($short, '')) {
$short = mb_substr($short, 0, $open);
}
// drop unbalanced tags
// insert the elipsis
$i = strrpos($short, '');
if (($i !== false) && ($i == mb_strlen($short) - 4)) {
$short = mb_substr($short, 0, -4).' '.$shortenindicator.'';
} else {
$short .= ' '.$shortenindicator;
}
$short = trim(kses($short.'', $allowed_tags));
return $short;
}
return $articlecontent;
}
Man this is still happening...any other ideas? I have several other ZP sites and they don't have these issues...
What's the deal with kses - what exactly does it do and when does it do it? Can it be disabled?
Very frustrating...any other help to diagnose this would be grateful.
I tried a bunch of other server things like disabling Suhosin and other things related to that but nothing has helped...
Ultimately I know it's a server thing - but it's also somehow related to something ZP is doing on my site specifically...as mentioned I have other ZP installs with NO issues.
EDIT: I'm wondering if it has something to do when I get a comment? Comments go right into moderation because I get a bit of spam...No other sites are using comments??????
Thanks,
Mike
Zenphoto 1.4.3 actually does not use kses itself anymore because it was buggy. It cannot be disable as it is used for clearing content from unwanted html and therefore part of security measures to prevent anyone passing unwanted scripts etc. It also triese to correct html tag closing on text content shortening.
http://sourceforge.net/projects/kses
Let me be exact on this. Prior to 1.4.3 we used a library named htmlawd that contained a version of the kses function. We did use the kses function from this library. Somewhere this library's functionality changed and instead of expunging not allowed html it started encoding them. This caused a security problme for us, so switches to a different version os kses that worked "correctly".
In addition, we did use the kses function to "balance" html tags when we shortened content--this is the use you have above. The new kses did not do this, so we also had to chnage not to use kses for this purpose. Right off hand I think that this fix did not make it in the released version of 1.4.3, so would require the nightly build.
So, the recommendation is for you to upgrade to the nightly build.