PHP :: Bug #3291 :: SAPI_POST_READER_FUNC(...) & erealloc(...) work incorrect

Bug #3291	SAPI_POST_READER_FUNC(...) & erealloc(...) work incorrect
Submitted:	2000-01-24 05:37 UTC	Modified:	2000-04-01 13:18 UTC
From:	anton at concord dot ru	Assigned:
Status:	Closed	Package:	Scripting Engine problem
PHP Version:	4.0 Beta 3	OS:	WinNT 4.0+SP 4+IIS 4.0
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

[2000-01-24 05:37 UTC] anton at concord dot ru

Part two of report bug number #3041:

"I can confirm identical behaviour on my NT box with the cgi version of
4.0b3, however the ISAPI version hangs even with very small graphic files
(eg 1K). After the hang, the php isapi module cannot be used without
stopping and starting iis."

I localized this bug.

SAPI_POST_READER_FUNC(sapi_read_standard_form_data)
function from SAPI.c call erealloc(...) function in cycle to increase buffer size for readed post data and return pointer to new empty portion. On first step of cycle all ok, on second step all ok, but on third step of cycle pointer to buffer (pointer returned by erealloc(...) function) for readed data was changed on size greater then total_read_bytes+SAPI_POST_BLOCK_SIZE+1 and 

sapi_module.read_post(SG(request_info).post_data+total_read_bytes, SAPI_POST_BLOCK_SIZE SLS_CC) 

hangs.


Anton Kalmykov.
anton@concord.ru

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2000-03-17 05:42 UTC] andi at cvs dot php dot net

Can you please check http://www.php.net/~andi/php-4.0-Beta-March3rd.zip and see if you still encounter this problem.
Thanks.

[2000-04-01 13:18 UTC] andi at cvs dot php dot net

Should be fixed in latest CVS.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Apr 18 05:01:28 2024 UTC