04144: vvimport.php producing infinite loop - LimeSurvey bugs and feature requests

This bug affects 1 person(s).

252

ID	Project	Category	View Status	Date Submitted	Last Update

04144	Bug reports	Security	public	2010-02-19 11:26	2010-02-23 22:55

Reporter	i-enquete	Assigned To	c_schmitz
Priority	normal	Severity	block
Status	closed	Resolution	fixed
Product Version	1.87+
Fixed in Version	1.87+

Summary	04144: vvimport.php producing infinite loop
Description	I'm not sure how, as I didnt do the import myself, but it's possible to create an infinite loop on vvimport.php, which resulted in an 8 GB log error: 18 20:53:43 2010] [error] [client 213.46.19.224] PHP Notice: Undefined variable: sumrows5 in /var/www/vhosts/teqa.eu/subdomains/enquete/httpdocs/admin/quota.php on line 215, referer: http://enquete.teqa.eu/admin/admin.php?sid=35744 [Fri Feb 19 00:27:53 2010] [error] [client 213.46.19.224] PHP Notice: Undefined offset: 1 in /var/www/vhosts/teqa.eu/subdomains/enquete/httpdocs/admin/vvimport.php on line 148, referer: http://enquete.teqa.eu/admin/admin.php?action=vvimport&sid=35744 [Fri Feb 19 00:27:53 2010] [error] [client 213.46.19.224] PHP Notice: Undefined offset: -1 in /var/www/vhosts/teqa.eu/subdomains/enquete/httpdocs/admin/vvimport.php on line 151, referer: http://enquete.teqa.eu/admin/admin.php?action=vvimport&sid=35744 [Fri Feb 19 00:27:53 2010] [error] [client 213.46.19.224] PHP Notice: Undefined offset: -2 in /var/www/vhosts/teqa.eu/subdomains/enquete/httpdocs/admin/vvimport.php on line 151, referer: http://enquete.teqa.eu/admin/admin.php?action=vvimport&sid=35744 [Fri Feb 19 00:27:53 2010] [error] [client 213.46.19.224] PHP Notice: Undefined offset: -3 in /var/www/vhosts/teqa.eu/subdomains/enquete/httpdocs/admin/vvimport.php on line 151, referer: http://enquete.teqa.eu/admin/admin.php?action=vvimport&sid=35744 [Fri Feb 19 00:27:53 2010] [error] [client 213.46.19.224] PHP Notice: Undefined offset: -4 in /var/www/vhosts/teqa.eu/subdomains/enquete/httpdocs/admin/vvimport.php on line 151, referer: http://enquete.teqa.eu/admin/admin.php?action=vvimport&sid=35744 [Fri Feb 19 00:27:53 2010] [error] [client 213.46.19.224] PHP Notice: Undefined offset: -5 in /var/www/vhosts/teqa.eu/subdomains/enquete/httpdocs/admin/vvimport.php on line 151, referer: http://enquete.teqa.eu/admin/admin.php?action=vvimport&sid=35744 [Fri Feb 19 00:27:53 2010] [error] [client 213.46.19.224] PHP Notice: Undefined offset: -6 in /var/www/vhosts/teqa.eu/subdomains/enquete/httpdocs/admin/vvimport.php on line 151, referer: http://enquete.teqa.eu/admin/admin.php?action=vvimport&sid=35744 [Fri Feb 19 00:27:53 2010] [error] [client 213.46.19.224] PHP Notice: Undefined offset: -7 in /var/www/vhosts/teqa.eu/subdomains/enquete/httpdocs/admin/vvimport.php on line 151, referer: http://enquete.teqa.eu/admin/admin.php?action=vvimport&sid=35744 [Fri Feb 19 00:27:53 2010] [error] [client 213.46.19.224] PHP Notice: Undefined offset: -8 in /var/www/vhosts/teqa.eu/subdomains/enquete/httpdocs/admin/vvimport.php on line 151, referer: http://enquete.teqa.eu/admin/admin.php?action=vvimport&sid=35744 [Fri Feb 19 00:27:53 2010] [error] [client 213.46.19.224] PHP Notice: Undefined offset: -9 in /var/www/vhosts/teqa.eu/subdomains/enquete/httpdocs/admin/vvimport.php on line 151, referer: http://enquete.teqa.eu/admin/admin.php?action=vvimport&sid=35744 [...] [Fri Feb 19 00:39:04 2010] [error] [client 213.46.19.224] PHP Notice: Undefined offset: -28905584 in /var/www/vhosts/teqa.eu/subdomains/enquete/httpdocs/admin/vvimport.php on line 151, referer: http://enquete.teqa.eu/admin/admin.php?action=vvimport&sid=35744 [Fri Feb 19 00:39:04 2010] [error] [client 213.46.19.224] PHP Fatal error: Maximum execution time of 600 seconds exceeded in /var/www/vhosts/teqa.eu/subdomains/enquete/httpdocs/admin/vvimport.php on line 151, referer: http://enquete.teqa.eu/admin/admin.php?action=vvimport&sid=35744
Additional Information	reason is that it's checking unavailable array indexes on line 151: $fieldcount=count($fieldnames)-1; while (trim($fieldnames[$fieldcount]) == "") // get rid of blank entries { unset($fieldnames[$fieldcount]); $fieldcount--; } which are (apparantly) empty, (temp) fixed this by adding: [..] == "" && $fieldcount > -1, so: `$fieldcount=count($fieldnames)-1; while (trim($fieldnames[$fieldcount]) == "" && $fieldcount > -1) // get rid of blank entries { unset($fieldnames[$fieldcount]); $fieldcount--; }`
Tags	No tags attached.

Bug heat	252
Complete LimeSurvey version number (& build)	8406
I will donate to the project if issue is resolved
Browser	Firefox
Database type & version	MySQL 4.1.21
Server OS (if known)	Linux centOS
Webserver software & version (if known)	Apache 2.2
PHP Version	PHP 5.2.11

User List	There are no users monitoring this issue.

Date Modified	Username	Field	Change
2010-02-19 11:26	i-enquete	New Issue
2010-02-19 11:26	i-enquete	Status	new => assigned
2010-02-19 11:26	i-enquete	Assigned To	=> user372
2010-02-19 11:26	i-enquete	LimeSurvey build number	=> 8406
2010-02-19 11:26	i-enquete	Browser	=> Firefox
2010-02-19 11:26	i-enquete	Database & DB-Version	=> MySQL 4.1.21
2010-02-19 11:26	i-enquete	Operating System (Server)	=> Linux centOS
2010-02-19 11:26	i-enquete	Webserver	=> Apache 2.2
2010-02-19 11:26	i-enquete	PHP Version	=> PHP 5.2.11
2010-02-19 12:44	~~user372~~	Assigned To	user372 => c_schmitz
2010-02-19 13:40	c_schmitz	Note Added: 11134
2010-02-19 13:40	c_schmitz	Status	assigned => resolved
2010-02-19 13:40	c_schmitz	Fixed in Version	=> 1.87+
2010-02-19 13:40	c_schmitz	Resolution	open => fixed
2010-02-23 22:55	c_schmitz	Status	resolved => closed

View Issue Details

Users monitoring this issue

Activities

Issue History

c_schmitz 2010-02-19 13:40 administrator ~11134	Thank you very much!