php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #68906 Use after free
Submitted: 2015-01-24 19:58 UTC Modified: 2015-01-24 21:47 UTC
From: bugreports at internot dot info Assigned:
Status: Not a bug Package: opcache
PHP Version: 5.5.21 OS: Linux Ubuntu 14.04
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: bugreports at internot dot info
New email:
PHP Version: OS:

 

 [2015-01-24 19:58 UTC] bugreports at internot dot info 
Description:
------------
Hi,

In /ext/opcache/zend_shared_alloc.c:

'source' is freed:

350                interned_efree((char*)source);
351        }

   but then used:
352        zend_shared_alloc_register_xlat_entry(source, retval);


thanks

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2015-01-24 21:47 UTC] stas@php.net
-Status: Open +Status: Not a bug
 [2015-01-24 21:47 UTC] stas@php.net 
I don't see any issue there - zend_shared_alloc_register_xlat_entry() does not dereference the pointer, only uses its value.
 [2015-01-24 21:47 UTC] stas@php.net
-Type: Security +Type: Bug
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sat Dec 21 13:01:31 2024 UTC