php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #65227 Memory leak in gmp_cmp second parameter
Submitted: 2013-07-09 16:17 UTC Modified: 2013-07-09 16:25 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: frozenfire@php.net Assigned:
Status: Closed Package: GNU MP related
PHP Version: unknown OS: Irrelevant
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: frozenfire@php.net
New email:
PHP Version: OS:

 

 [2013-07-09 16:17 UTC] frozenfire@php.net 
Description:
------------
Reporting this bug for a third party 
(http://www.reddit.com/r/PHP/comments/1hx7qz/what_is_going_on_here_how_do_i_fix_t
his_memory/), and related to a user note 
(http://www.php.net/manual/en/function.gmp-cmp.php#99120).

The gmp_cmp function leaks memory when a string is used as the value of the 
second parameter.

My guess is that it relates to the way that the type is juggled in the gmp_cmp 
function (https://github.com/php/php-src/blob/master/ext/gmp/gmp.c#L848), where 
it checks the type of the second parameter to see if it's a long. It doesn't 
however check if the second parameter is a string, or really any other type.



Test script:
---------------
Third party's example code can be found at http://www.reddit.com/r/PHP/comments/1hx7qz/what_is_going_on_here_how_do_i_fix_this_memory/

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2013-07-09 16:20 UTC] frozenfire@php.net
-PHP Version: master-Git-2013-07-09 (Git) +PHP Version: unknown
 [2013-07-09 16:25 UTC] frozenfire@php.net 
I noticed shortly after filing the bug that this issue *may* be resolved as of 
https://github.com/php/php-
src/commit/7713b8c2ac2d8fbacaf897ff0c0a202a7b7abf49#ext/gmp/gmp.c

The issue may have resulted from the lack of a free of temp_b after 
https://github.com/php/php-
src/blob/a666285bc2488b7f7362368c388e41428610ad1d/ext/gmp/gmp.c#L1337, which 
would apply to all versions except 5.next
 [2013-07-12 23:26 UTC] felipe@php.net 
Automatic comment on behalf of felipensp@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=281936b29535ae095350abb274acef0ae548a431
Log: - Fixed bug #65227 (Memory leak in gmp_cmp second parameter)
 [2013-07-12 23:26 UTC] felipe@php.net
-Status: Open +Status: Closed
 [2013-07-13 00:32 UTC] stas@php.net 
Automatic comment on behalf of felipensp@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=281936b29535ae095350abb274acef0ae548a431
Log: - Fixed bug #65227 (Memory leak in gmp_cmp second parameter)
 [2014-10-07 23:18 UTC] stas@php.net 
Automatic comment on behalf of felipensp@gmail.com
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=281936b29535ae095350abb274acef0ae548a431
Log: - Fixed bug #65227 (Memory leak in gmp_cmp second parameter)
 [2014-10-07 23:29 UTC] stas@php.net 
Automatic comment on behalf of felipensp@gmail.com
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=281936b29535ae095350abb274acef0ae548a431
Log: - Fixed bug #65227 (Memory leak in gmp_cmp second parameter)
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sun Dec 22 09:01:29 2024 UTC