php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #12935 memory corruption with array references
Submitted: 2001-08-23 20:03 UTC Modified: 2001-12-13 00:48 UTC
From: jdonagher@php.net Assigned:
Status: Closed Package: Scripting Engine problem
PHP Version: 4.0.6 OS: linux 2.2.14-5.0
Private report: No CVE-ID: None
View Add Comment Developer Edit
 [2001-08-23 20:03 UTC] jdonagher@php.net 
This appeared between 4.0.4pl1 and 4.0.6. The following 
code snippet reproduces the bug.

=====================

<?
        $state = array(
                    'packversion' => 'Audit 1.0',
                    'createdate' => '08/22/2001',
                    'folder' => array(
                        array(
                            'itemid' => '1000',
                            'name' => '-1000',
                            'title' => 'Parent',
                            'doctype' => 'P',
                            'parent' => '0',
                            'createdate' => '08/22/2001',
                        ),
                        array(
                            'itemid' => '2000',
                            'name' => '-2000',
                            'title' => 'Parent',
                            'doctype' => 'P',
                            'parent' => '0',
                            'createdate' => '08/22/2001',
                        ),
                    ),
                );

        $info = array(
                    'itemid' => '2050',
                    'name' => '-2050',
                    'title' => 'Parent',
                    'doctype' => 'P',
                    'parent' => '2000',
                    'createdate' => '08/22/2001',
                );

        AddInfo($state, $info);
        print_r($state);

        function AddInfo(&$st, $in)
        {
                $parent = FindStateItem($st, 
$in['itemid']);
                $parent['folder'][] = $in;
        }

        function &FindStateItem(&$_state, $_itemid, $_op = 
'') {
        reset($_state);
        while (list($key,$val) = each($_state)) {
                //if (!is_array($val)) {
                                //continue;
                //}
                for ($i = 0; $i < count($val); $i++) {
                        if ($val[$i]['itemid'] == 
$_itemid) {
                        //if (is_array($val[$i]) && 
$val[$i]['itemid'] == $_itemid) {
                                if ($_op == 'delete') {
                                        
unset($_state[$key][$i]);
                                        return 1;
                                }
                                return $_state[$key][$i];
                        }
                }
                for ($i = 0; $i < count($val); $i++) {
                        if (!is_array($val[$i])) {
                                continue;
                        }
                        $item = 
FindStateItem($_state[$key][$i], $_itemid, $_op);
                        if ($item) {
                                return $item;
                        }
                }
        }
}

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2001-12-13 00:48 UTC] yohgaki@php.net 
I'm not sure what is expected with your script. Just taking look at code quickly, you haven't change any value in your script.

function AddInfo(&$st, $in)
        {
                $parent = FindStateItem($st, $in['itemid']);
                $parent['folder'][] = $in;
        }

$parent is in local scope. Therefore, print_r($state) will not display changes made in AddInfo().

AddInfo($state, $info);
print_r($state);

Did PHP4.0.6 crash or leak memory with this script? I don't see any problem with 4.2.0-dev.

I closed this report. Feel free to reopen if there is problem.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Wed Apr 24 03:01:29 2024 UTC