php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #72828 superfluous NULL check in php_strtr_array
Submitted: 2016-08-13 11:45 UTC Modified: 2016-08-13 14:45 UTC
From: cmb@php.net Assigned: cmb (profile)
Status: Not a bug Package: Strings related
PHP Version: 5.6Git-2016-08-13 (Git) OS: *
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: cmb@php.net
New email:
PHP Version: OS:

 

 [2016-08-13 11:45 UTC] cmb@php.net 
Description:
------------
In php_strtr_array_prepare_repls() `patterns` and `*allocs` are
allocated on the heap, but it is not checked whether that might
have failed, what can lead to OOB writes.

This may not be a problem with the Zend MM, but can be with other
memory managers.

If that also affects PHP 7 (where strtr() had be reimplemented),
has to be checked.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2016-08-13 11:45 UTC] cmb@php.net
-Assigned To: +Assigned To: cmb
 [2016-08-13 12:05 UTC] nikic@php.net 
Unless the allocations explicitly use the system allocator (i.e. do not use emalloc and variants), do NOT introduce NULL checks.
 [2016-08-13 13:39 UTC] cmb@php.net
-Summary: php_strtr_array_prepare_repls does not check allocation results +Summary: superfluous NULL check in php_strtr_array
 [2016-08-13 13:39 UTC] cmb@php.net 
That has been further clarified on the internals mailing list[1].
So I'm changing the bug wrt. to the superfluous NULL check in
php_strtr_array()[2].

[1] <http://news.php.net/php.internals/95114>
[2] <https://github.com/php/php-src/blob/php-5.6.24/ext/standard/string.c#L3134-L3136>
 [2016-08-13 14:45 UTC] cmb@php.net
-Status: Assigned +Status: Not a bug
 [2016-08-13 14:45 UTC] cmb@php.net 
I've found that this issue indeed only affects PHP 5. After
reconsideration I think the NULL check is harmless – at least it
is not a bug.
 [2016-09-07 12:20 UTC] cmb@php.net 
Related To: Bug #73032
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Wed Nov 27 06:01:27 2024 UTC