php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #23738 copy blob caused Segmentation fault
Submitted: 2003-05-21 10:35 UTC Modified: 2003-05-21 17:37 UTC
From: novicky at aarongroup dot cz Assigned:
Status: Closed Package: Informix related
PHP Version: 4.3.2RC3 OS: All
Private report: No CVE-ID:
 [2003-05-21 10:35 UTC] novicky at aarongroup dot cz
In function php_intifx_copy_blob there is a problem on line 3249 - there is a memcopy of length "locator_orig->loc_bufsize" while the allocated memory is "locator_orig->loc_size" these values might be different! 

if ((content = emalloc(locator_orig->loc_size)) == NULL) {
    php_error_docref(NULL TSRMLS_CC, E_WARNING, "Can't create blob-resource");
    return -1;
}
memcpy(content,locator_orig->loc_buffer, locator_orig->loc_bufsize);

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-05-21 17:37 UTC] sniper@php.net
This bug has been fixed in CVS.

In case this was a PHP problem, snapshots of the sources are packaged
every three hours; this change will be in the next snapshot. You can
grab the snapshot at http://snaps.php.net/.
 
In case this was a documentation problem, the fix will show up soon at
http://www.php.net/manual/.

In case this was a PHP.net website problem, the change will show
up on the PHP.net site and on the mirror sites in short time.
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Sat Apr 19 14:01:50 2014 UTC