[wp-hackers] canary mismatch on efree() - heap overflow detected

Knut-Olav Hoven hovenko at linpro.no
Fri Aug 3 08:42:06 GMT 2007

On Thursday 02 August 2007 20:26:25 Alex Günsche wrote:
> On Thu, 2007-08-02 at 17:06 +0200, Knut-Olav Hoven wrote:
> > I get the following in my Apache error log.
> >
> > Aug  2 16:28:20 beta suhosin[49368]: ALERT - canary mismatch on efree() -
> > heap overflow detected (attacker '',
> > file '/some/dir/wordpress/wp-includes/kses.php', line 518)
> As far as I know, you can/must tweak Suhoshin to only trigger on
> relevant errors. By default, it has very many false positives. There
> should be a config file where you can disable the error triggering for
> this specific issue.

I use only the Suhosin patch... According to this page 
(http://www.hardened-php.net/suhosin/configuration.html) the patch will only 
log the events...

Maybe PHP just crashes then, not because of Suhosin, but because of something 

I got a tip to modify the kses.php file to make xcache generate new opcodes 
for it, but that did not solve the problem either.

It is the call to function "wp_kses" that triggers the error. Don't know what 
inside that function that makes it fail.

> Alex

Knut-Olav Hoven
Systemutvikler               mob: +47 986 71 700
Linpro AS                    http://www.linpro.no/

More information about the wp-hackers mailing list