PHP :: Bug #45327 :: [PATCH] memory leak if offsetGet throws exception (PHP_5

Bug #45327	[PATCH] memory leak if offsetGet throws exception (PHP_5_2 branch only!)
Submitted:	2008-06-21 17:36 UTC	Modified:	2009-02-17 17:09 UTC
From:	cellog@php.net	Assigned:	dmitry (profile)
Status:	Closed	Package:	Scripting Engine problem
PHP Version:	5.2CVS-2008-06-21	OS:	linux 64bit
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	cellog@php.net
New email:
PHP Version:		OS:

New Comment:

[2008-06-21 17:36 UTC] cellog@php.net

Description:
------------
ext/phar's test phar_offset_get_error.phpt fails with leaked memory in zend_execute_API.c:1023, which is where retval is allocated.  It turns out that if offsetGet() throws an exception, zend_std_read_dimension() does not free the return zval, and it leaks.  This only affects PHP 5.2.  The patch to fix is at http://pear.php.net/~greg/fix_leak.patch.txt and is pasted below

Reproduce code:
---------------
Index: Zend/zend_object_handlers.c
===================================================================
RCS file: /repository/ZendEngine2/zend_object_handlers.c,v
retrieving revision 1.135.2.6.2.28
diff -u -r1.135.2.6.2.28 zend_object_handlers.c
--- Zend/zend_object_handlers.c 21 Feb 2008 13:55:22 -0000      1.135.2.6.2.28
+++ Zend/zend_object_handlers.c 21 Jun 2008 17:33:18 -0000
@@ -469,6 +469,10 @@
                        return 0;
                }

+               if (EG(exception)) {
+                       zval_ptr_dtor(&retval);
+                       return 0;
+               }
                /* Undo PZVAL_LOCK() */
                retval->refcount--;

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2008-09-02 13:44 UTC] dmitry@php.net

ext/phar is not a part of PHP_5_2 branch, and I don't see any leaks in PHP_5_3. Do you still have this leak? Could you provide a script that causes leak on PHP_5_2 (without ext/phar) or PHP_5_3 (with phar).

[2008-09-02 16:14 UTC] cellog@php.net

yes, to reproduce, cp ext/phar from PHP_5_3 into PHP_5_2 and run the test I described

[2009-02-17 17:09 UTC] iliaa@php.net

This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Nov 21 11:01:29 2024 UTC