I'll preface this by saying I think my issue has to do with PHP but perhaps figuring out what's going on in the functions-basic.php page might help me resolve it.
What's happening (long and detailed):
I've been having this issue with my personal site where it wouldn't load. (Old version of the site was just a blank page - new version is just a "The connection was reset" error - more details on this below)
If I browse directly to an image - the image will load. I can also FTP and SSH in no problems...everything is there. Once I restart Apache the site is fine again - nothing is lost and it was like nothing ever happened. When this happens, it only happens to my personal site...and ONLY to the "www" domain - all sub-domains always work fine (more on that later) No other sites on my server (9 total) have this issue either. Several of them use zen also. I've also checked server load when this happens and nothing abnormal there either.
It's a fairly large site with tons of pics and vids and content so I just thought something was going wacky with the database or the version of zen I was using. As such, I started to build a new site. I got everything going in a new sub-domain (dev). Latest version of zen at the time (1.4.1.2), new database and everything. I didn't want to import any old content just in case something was screwy with the database.
Fast forward several weeks - I now have a working beta site that's completely designed and I am now loading content. It's a fully functional site though. Well, I get this issue with my main site (www) not loading once again. Now that I have a beta site I decide to see what's going on with that...well it loads fine. No issues. And again no issues with the other sites on the server either.
Again if I restart apache all is fine.
Fast forward to going live with the new version of my site. Everything goes well and I'm up and running in no time. The old site now resides under the "dev" sub-domain just in case I missed something or need to revert back for whatever reason. Again all is well. Fast forward again a month or so and now the NEW site isn't loading...this time the error is slightly different - it's a "The connection was reset" error compared to just a blank empty page like before. I can still browse to display an image and also a standard html page loads fine...
NOW, here's the strange thing...when I browse to the old site (that was originally giving me issues and now resides in the "dev" sub-directory) it loads perfectly fine! No issues. And once again all the other sites on the server load fine. I've since added another subdomain to my site for my wifes recipes and that loads fine too using zen of course). And once again restarting Apache gets the site back up instantly...
Entire error:
ALERT - canary mismatch on efree() - heap overflow detected (attacker 'XX.XXX.XXX.XXX', file 'zp-core/template-functions.php', line 810
Like I said research says it's possible something to do with PHP but it's always related to functions-basic.php line 810.
Everything in that area of the page is below:
/** returns a sanitized string for the sanitize function
* @param string $input_string
* @param string $sanitize_level
* @return string the sanitized string.
*/
function sanitize_string($input_string, $sanitize_level) {
global $_user_tags, $_style_tags;
// Strip slashes if get_magic_quotes_gpc is enabled.
if (get_magic_quotes_gpc()) {
$input_string = stripslashes($input_string);
}
// Basic sanitation.
if ($sanitize_level === 0) {
return str_replace(chr(0), "", $input_string);
}
// User specified sanititation.
if (function_exists('kses')) {
switch($sanitize_level) {
case 1:
$allowed_tags = getAllowedTags('allowed_tags');
$input_string = html_entity_decode(kses($input_string, $allowed_tags));
break;
// Text formatting sanititation.
case 2:
$allowed_tags = getAllowedTags('style_tags');
$input_string = html_entity_decode(kses($input_string, $allowed_tags));
break;
// Full sanitation. Strips all code.
case 3:
$allowed_tags = array();
$input_string = html_entity_decode(kses($input_string, $allowed_tags));
break;
}
} else { // in a basic environment--allow NO HTML tags.
$input_string = strip_tags($input_string);
}
return $input_string;
}
Line 810 specifically is:
$input_string = html_entity_decode(kses($input_string, $allowed_tags));
So I guess my question is what is going on with kses - it seems to only error every several weeks or so. I haven't been able to figure out what triggers it but perhaps someone with fresh eyes will be able to help.
Thanks,
Mike