php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #67245 usage of memcpy() with overlapping src and dst in zend_exceptions.c
Submitted: 2014-05-11 12:27 UTC Modified: 2014-05-11 13:18 UTC
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: gm dot outside+php at gmail dot com Assigned: bwoebi (profile)
Status: Closed Package: *General Issues
PHP Version: 5.5.12 OS: Linux
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: gm dot outside+php at gmail dot com
New email:
PHP Version: OS:

 

 [2014-05-11 12:27 UTC] gm dot outside+php at gmail dot com
Description:
------------
According to man page for memcpy(3) the function should not be used with overlapping source and destination arguments.  A recent update to Zend/zend_exceptions.c (commit: http://git.php.net/?p=php-src.git;a=commitdiff;h=afa03a470ef90a53f2b59a8175f77afdb6b5a651) introduced formatting of trace's arguments where it uses memcpy() with overlapping addresses.  This causes issues on at least systems with glibc 2.3.6 and the testsuite on such systems fails.

If one replaces memcpy() with memmove() the testsuite will pass again.

P.S. I believe that there should be a more efficient way to achieve the string formatting since re-allocating string byte by byte should be very inefficient, but this is unrelated to the bug at hand.


Patches

zend_exceptions-memmove (last revision 2014-05-11 12:27 UTC by gm dot outside+php at gmail dot com)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2014-05-11 12:30 UTC] felipe@php.net
-Status: Open +Status: Assigned -Assigned To: +Assigned To: bwoebi
 [2014-05-11 12:59 UTC] bwoebi@php.net
-Status: Assigned +Status: Closed
 [2014-05-11 12:59 UTC] bwoebi@php.net
That bug had already been fixed in http://git.php.net/?p=php-src.git;a=commitdiff;h=0e273217cfd1e72b5109a880fb4334edd2f61448 … I had noticed it later...
 [2014-05-11 13:09 UTC] bwoebi@php.net
-Status: Closed +Status: Re-Opened
 [2014-05-11 13:09 UTC] bwoebi@php.net
Oh, wait, I've merged it into the wrong branch, will fix.
 [2014-05-11 13:18 UTC] bwoebi@php.net
-Status: Re-Opened +Status: Closed
 [2014-05-11 13:18 UTC] bwoebi@php.net
Cherry-picked fix for 5.4 and 5.5. Now everything should be right.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Nov 23 07:01:29 2024 UTC