PHP :: Bug #70323 :: Regression in zend_fetch_debug

Bug #70323	Regression in zend_fetch_debug_backtrace() can cause segfaults
Submitted:	2015-08-22 01:57 UTC	Modified:	2015-08-24 18:52 UTC
From:	aharvey@php.net	Assigned:
Status:	Closed	Package:	Reproducible crash
PHP Version:	7.0Git-2015-08-22 (Git)	OS:	Irrelevant
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	aharvey@php.net
New email:
PHP Version:		OS:

New Comment:

[2015-08-22 01:57 UTC] aharvey@php.net

Description:
------------
In PHP 5, zend_fetch_debug_backtrace() checks if the current execute data is NULL before attempting to access fields on that structure.

PHP 7's implementation of zend_fetch_debug_backtrace() includes some new code that accesses execute data fields without proper checks, thereby making it possible for the function to segfault if EG(current_execute_data) is NULL.

Patches

Pull Requests

Pull requests:

Fix zend_fetch_debug_backtrace() when EG(current_execute_data) == NULL. (php-src/1482)

History

AllCommentsChangesGit/SVN commitsRelated reports

[2015-08-23 05:15 UTC] laruence@php.net

-Status: Open +Status: Analyzed

[2015-08-23 05:15 UTC] laruence@php.net

Not sure about that, if there is no active_execute_data, then it must not in execution.. then maybe this fucntion should not be called at all

however, add a protection in such a not-common used function, seems is also okey. :)

[2015-08-24 18:52 UTC] aharvey@php.net

I tend to agree (and have added a check to my own code to stop that), but since this was a safe operation in PHP 5 and isn't in PHP 7, I think we should fix it before the final release.

[2015-11-09 09:15 UTC] laruence@php.net

Automatic comment on behalf of laruence@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=d70aa14f2c1617800cbab431db5c2ea021969cc6
Log: Fixed bug #70323 (Regression in zend_fetch_debug_backtrace() can cause segfaults)

[2015-11-09 09:15 UTC] laruence@php.net

-Status: Analyzed +Status: Closed

[2015-11-09 18:12 UTC] ab@php.net

Automatic comment on behalf of laruence@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=1cada8e050d606b1a0ea5217f89fe511b5d12c52
Log: Fixed bug #70323 (Regression in zend_fetch_debug_backtrace() can cause segfaults)

[2016-07-20 11:35 UTC] davey@php.net

Automatic comment on behalf of laruence@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=d70aa14f2c1617800cbab431db5c2ea021969cc6
Log: Fixed bug #70323 (Regression in zend_fetch_debug_backtrace() can cause segfaults)

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Nov 21 14:01:29 2024 UTC