|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2012-01-11 07:04 UTC] masugata at gmail dot com
Description:
------------
segmentation fault, use max_input_vars
$ gdb /tmp/php-5.3.9/sapi/cgi/php-cgi
(gdb) run -d max_input_vars=1 /tmp/cgitest.php a[]=1 v[]=2
Starting program: /tmp/php-5.3.9/sapi/cgi/php-cgi -d max_input_vars=1
/tmp/cgitest.php a[]=1 v[]=2
warning: no loadable sections found in added symbol-file system-supplied DSO at
0x2aaaaaaab000
[Thread debugging using libthread_db enabled]
Unknown(0) : Warning - Unknown: Input variables exceeded 1. To increase the
limit change max_input_vars in php.ini.
Unknown(0) : Warning - Unknown: Input variables exceeded 1. To increase the
limit change max_input_vars in php.ini.
Unknown(0) : Warning - Unknown: Input variables exceeded 1. To increase the
limit change max_input_vars in php.ini.
Program received signal SIGSEGV, Segmentation fault.
0x000000000077ba65 in php_register_variable_ex (var_name=0xfe6618 "v[]",
val=0x7fffffffc100, track_vars_array=0xfe5eb8)
at /tmp/php-5.3.9/main/php_variables.c:207
207 symtable1 = Z_ARRVAL_PP(gpc_element_p);
(gdb) bt
#0 0x000000000077ba65 in php_register_variable_ex (var_name=0xfe6618 "v[]",
val=0x7fffffffc100, track_vars_array=0xfe5eb8)
at /tmp/php-5.3.9/main/php_variables.c:207
#1 0x00000000005886d9 in php_sapi_filter (arg=1, var=0xfe6618 "v[]",
val=0x7fffffffc1c0, val_len=1, new_val_len=0x7fffffffc1b4)
at /tmp/php-5.3.9/ext/filter/filter.c:461
#2 0x000000000077c6ca in php_default_treat_data (arg=1, str=0x0, destArray=0x0)
at /tmp/php-5.3.9/main/php_variables.c:408
#3 0x000000000077d5b0 in php_hash_environment () at /tmp/php-
5.3.9/main/php_variables.c:716
#4 0x0000000000769448 in php_request_startup () at /tmp/php-
5.3.9/main/main.c:1468
#5 0x00000000008d0438 in main (argc=6, argv=0x7fffffffe928) at /tmp/php-
5.3.9/sapi/cgi/cgi_main.c:2035
Test script:
---------------
<?php
print_r( $_GET );
Patchesmemleak_fix_for_bug60708 (last revision 2012-02-02 09:12 UTC by laruence@php.net)Pull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Sun Oct 26 23:00:02 2025 UTC |
fix for leaks referred by Pierre: --- php_variables.c (revision 323011) +++ php_variables.c (working copy) @@ -187,6 +187,10 @@ array_init(gpc_element); zend_symtable_update(symtable1, escaped_index, index_len + 1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p); } else { + if (index != escaped_index) { + efree(escaped_index); + } + zval_dtor(val); free_alloca(var_orig, use_heap); return; }