|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2006-10-05 11:13 UTC] checat at yandex dot ru
[2006-10-05 11:15 UTC] tony2001@php.net
[2006-10-05 11:31 UTC] derick@php.net
[2008-07-11 21:24 UTC] jani@php.net
|
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Sat Nov 01 06:00:02 2025 UTC |
Description: ------------ When freeing array variables with multiple references, variables which should still be accessible via other reference may be unexpectedly freed. Depending of the code it may produce data corruption, glibc-detected memory corruption or segfault. Reproduce code: --------------- <?php $root=array('id'=>'1', 'parent_id'=>NULL); $child1 = array('id'=>'2', 'parent_id'=>'1'); // build tree with references up and down $root['childs'] = array(); $child1['parent'] = & $root; $child1['parent']['childs'][] = & $child1; $child1['childs'] = array(); print_r($root['childs'][0]['childs']); unset($child1); print_r($root['childs'][0]['childs']); ?> Expected result: ---------------- Array ( ) Array ( ) Actual result: -------------- CGI: Array ( ) Array ( ) Segmentation fault Apache2/prefork/mod_php: no output, Segmentation fault in log