php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #55296 wrong use efree(NULL) in intl
Submitted: 2011-07-27 12:51 UTC Modified: 2011-08-04 10:57 UTC
From: max at cxib dot net Assigned: felipe (profile)
Status: Closed Package: *General Issues
PHP Version: 5.3.7RC3 OS: multiple
Private report: No CVE-ID: None
View Add Comment Developer Edit
 [2011-07-27 12:51 UTC] max at cxib dot net 
Description:
------------
intl_convert_utf8_to_utf16() is wrong used in a multiple points. Example

165	    intl_convert_utf8_to_utf16(&uhaystack, &uhaystack_len, (char *)
haystack, haystack_len, &status );
166
167	    if ( U_FAILURE( status ) ) {
168	        /* Set global error code. */
169	        intl_error_set_code( NULL, status TSRMLS_CC );
170
171	        /* Set error messages. */
172	        intl_error_set_custom_msg( NULL, "Error converting input
string to UTF-16", 0 TSRMLS_CC );
173	        efree( uhaystack );
174	        return -1;
175	    }

efree() call to uhaystack => (efree(NULL)). sometime 'uhaystack' may be
NULL. It's a multiple problem in intl. Then efree() print error

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2011-08-04 00:59 UTC] felipe@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: felipe
 [2011-08-04 00:59 UTC] felipe@php.net 
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.
 [2011-08-04 00:59 UTC] felipe@php.net 
Automatic comment from SVN on behalf of felipe
Revision: http://svn.php.net/viewvc/?view=revision&revision=314218
Log: - Fixed possible efree(NULL) (bug #55296)
 [2011-08-04 10:12 UTC] neweracracker at gmail dot com 
Hello,

Please review this commit. Seems incomplete.
svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/intl/grapheme/grapheme_string.c?r1=314218&r2=314217&pathrev=314218
 [2011-08-04 10:57 UTC] felipe@php.net 
Fixed, thanks.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Apr 18 13:01:27 2024 UTC