|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2012-06-11 13:48 UTC] felipe@php.net
[2012-06-11 13:48 UTC] felipe@php.net
-Status: Open
+Status: Closed
-Assigned To:
+Assigned To: felipe
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Sun Nov 02 07:00:01 2025 UTC |
Description: ------------ If a function is defined inside eval(), VLD will either crash or run out of memory. This is due to the fact that zend_hash_apply calls the vld_dump_fe function without all the necessary parameters so that parts of the stack are read instead. The following patch solves the issue: Index: vld.c =================================================================== RCS file: /repository/vle/vld.c,v retrieving revision 1.33 diff -u -r1.33 vld.c --- vld.c 1 Apr 2008 18:00:54 -0000 1.33 +++ vld.c 17 Jun 2008 13:24:12 -0000 @@ -260,7 +260,7 @@ vld_dump_oparray (op_array TSRMLS_CC); } - zend_hash_apply (CG(function_table), (apply_func_t) vld_dump_fe TSRMLS_CC); + zend_hash_apply_with_arguments (CG(function_table), (apply_func_args_t) vld_dump_fe, 0); zend_hash_apply (CG(class_table), (apply_func_t) vld_dump_cle TSRMLS_CC); return op_array; Reproduce code: --------------- <?php eval("function foo () { }"); ?> Expected result: ---------------- The opcodes of the function. Actual result: -------------- Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 506022670 bytes) in ... on line 2