PHP :: Bug #14783 :: Using unlink causes segfault

Bug #14783	Using unlink causes segfault
Submitted:	2001-12-31 16:16 UTC	Modified:	2005-09-02 07:36 UTC
From:	mfkahn2 at yahoo dot com	Assigned:
Status:	Closed	Package:	DOM XML related
PHP Version:	4CVS Jan. 1 2002	OS:	RH6.2/Apache/libxml2.4.12
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	mfkahn2 at yahoo dot com
New email:
PHP Version:		OS:

New/Additional Comment:

[2001-12-31 16:16 UTC] mfkahn2 at yahoo dot com

Symptoms:
- using unlink() causes segfault

Script to reproduce:

<?php
$xml = <<<END_XML
<?xml version="1.0"?>
<test>
        <foo id="x">Hello</foo>
        <foo id="y">World</foo>
</test>
END_XML;
$dom = xmldoc($xml);

// this so I can see it.
header('Content-type: text/plain');

$ctx = $dom->xpath_new_context();

$res = xpath_eval($ctx,"//foo");

foreach ($res->nodeset as $child) {
        $child->unlink();
} 

echo $dom->dumpmem();
?>

Other notes:

- some cursory debugging I did suggested that it was the cleanup routines at the end of the script that were causing the crash.  Looking at php_domxml.c, the recursive node memory cleanup appears to be choking on a pointer already freed during the unlink() call.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2002-01-01 07:11 UTC] mfischer@php.net

This has been fixed in CVS.

[2002-01-01 11:15 UTC] mfkahn2 at yahoo dot com

Just checked out and built from CVS this morning (2002/1/1).  The test script still crashes.

[2002-01-01 12:45 UTC] mfischer@php.net

Did the same before I replied and it didn't crash, hm.

What were your ./configure options?

Do you have another small, self-contained sample?

Feedback.

[2002-01-01 16:14 UTC] mfkahn2 at yahoo dot com

My configuration notes:

- PHP built as DSO, apache with disable-rule=EXPAT 

Here's my PHP build configuration:

./configure --with-pgsql --prefix=/usr/local/apache --with-apxs=/usr/local/apache/bin/apxs  --with-pdflib=shared  --with-dom=/usr/local/lib --enable-xslt --with-xslt-sablot=/usr/local --with-expat=/usr/local --with-zlib --with-gd=/usr/local --with-jpeg-dir=/usr --with-png-dir=/usr --with-t1lib=/usr/local

Another note:

I didn't find issues every time I unlinked a node, only when I unlinked (it seems) all the nodes selected--either from an XPath query or a children() call.  And I noted that the did in fact occur during clean-up, not the unlink calls (no real debug, just through writing error_log messages at certain points in the PHP script).

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Wed Apr 24 21:01:29 2024 UTC