php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #58355 Segfault when trying to iterate
Submitted: 2008-09-25 08:40 UTC Modified: 2011-01-09 09:06 UTC
From: felipe@php.net Assigned:
Status: Closed Package: hidef (PECL)
PHP Version: 5_3 CVS-2008-09-25 (dev) OS:
Private report: No CVE-ID: None
 [2008-09-25 08:40 UTC] felipe@php.net
Description:
------------
See below.

Reproduce code:
---------------
<?php


$x = new frozenarray;

foreach ($x as $z) { }


Actual result:
--------------
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1211869504 (LWP 13054)]
0x0811e990 in frozen_array_it_valid (iter=0x8899d7c, tsrm_ls=0x8757050) at /home/felipe/dev/php5zts/ext/hidef/frozenarray.c:325
warning: Source file is more recent than executable.
325             return zend_hash_has_more_elements_ex(Z_ARRVAL_P(obj->data), &(iterator->pos));
(gdb) bt
#0  0x0811e990 in frozen_array_it_valid (iter=0x8899d7c, tsrm_ls=0x8757050) at /home/felipe/dev/php5zts/ext/hidef/frozenarray.c:325
#1  0x0848350f in ZEND_FE_RESET_SPEC_CV_HANDLER (execute_data=0x88c8614, tsrm_ls=0x8757050) at /home/felipe/dev/php5zts/Zend/zend_vm_execute.h:22794
#2  0x0842f980 in execute (op_array=0x88994a0, tsrm_ls=0x8757050) at /home/felipe/dev/php5zts/Zend/zend_vm_execute.h:104
#3  0x08401071 in zend_execute_scripts (type=8, tsrm_ls=0x8757050, retval=0x0, file_count=3) at /home/felipe/dev/php5zts/Zend/zend.c:1197
#4  0x083784cc in php_execute_script (primary_file=0xbfbac338, tsrm_ls=0x8757050) at /home/felipe/dev/php5zts/main/main.c:2080
#5  0x084a0058 in main (argc=2, argv=0xbfbac4b4) at /home/felipe/dev/php5zts/sapi/cli/php_cli.c:1130


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-09-25 12:11 UTC] gopalv82 at yahoo dot com
I never intended anyone to be able to instantiate a frozenarray except via hidef_fetch().

Now, how do I disable the constructor?
 [2008-10-26 00:42 UTC] lbarnaud@php.net
I made a patch that forbids instantiations of FrozenArray by adding a private final constructor:
http://arnaud.lb.s3.amazonaws.com/hidef14708.patch

(the patch also does small changes to ZEND_ARG_INFOs to allow to build with 5.3).
 [2011-01-09 09:06 UTC] gopalv@php.net
Closing old bugs, the constructor has been disabled.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Oct 31 22:01:27 2024 UTC