php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #14783 Using unlink causes segfault
Submitted: 2001-12-31 16:16 UTC Modified: 2005-09-02 07:36 UTC
From: mfkahn2 at yahoo dot com Assigned:
Status: Closed Package: DOM XML related
PHP Version: 4CVS Jan. 1 2002 OS: RH6.2/Apache/libxml2.4.12
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: mfkahn2 at yahoo dot com
New email:
PHP Version: OS:

 

 [2001-12-31 16:16 UTC] mfkahn2 at yahoo dot com 
Symptoms:
- using unlink() causes segfault

Script to reproduce:

<?php
$xml = <<<END_XML
<?xml version="1.0"?>
<test>
        <foo id="x">Hello</foo>
        <foo id="y">World</foo>
</test>
END_XML;
$dom = xmldoc($xml);

// this so I can see it.
header('Content-type: text/plain');

$ctx = $dom->xpath_new_context();

$res = xpath_eval($ctx,"//foo");

foreach ($res->nodeset as $child) {
        $child->unlink();
} 

echo $dom->dumpmem();
?>

Other notes:

- some cursory debugging I did suggested that it was the cleanup routines at the end of the script that were causing the crash.  Looking at php_domxml.c, the recursive node memory cleanup appears to be choking on a pointer already freed during the unlink() call.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-01-01 07:11 UTC] mfischer@php.net 
This has been fixed in CVS.
 [2002-01-01 11:15 UTC] mfkahn2 at yahoo dot com 
Just checked out and built from CVS this morning (2002/1/1).  The test script still crashes.
 [2002-01-01 12:45 UTC] mfischer@php.net 
Did the same before I replied and it didn't crash, hm.

What were your ./configure options?

Do you have another small, self-contained sample?

Feedback.
 [2002-01-01 16:14 UTC] mfkahn2 at yahoo dot com 
My configuration notes:

- PHP built as DSO, apache with disable-rule=EXPAT 

Here's my PHP build configuration:

./configure --with-pgsql --prefix=/usr/local/apache --with-apxs=/usr/local/apache/bin/apxs  --with-pdflib=shared  --with-dom=/usr/local/lib --enable-xslt --with-xslt-sablot=/usr/local --with-expat=/usr/local --with-zlib --with-gd=/usr/local --with-jpeg-dir=/usr --with-png-dir=/usr --with-t1lib=/usr/local

Another note:

I didn't find issues every time I unlinked a node, only when I unlinked (it seems) all the nodes selected--either from an XPath query or a children() call.  And I noted that the did in fact occur during clean-up, not the unlink calls (no real debug, just through writing error_log messages at certain points in the PHP script).
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Tue Nov 04 20:00:01 2025 UTC