|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #39046 double free on circular references (PHP 4 only!)
Submitted: 2006-10-05 11:07 UTC Modified: 2008-07-11 21:24 UTC
Avg. Score:4.5 ± 0.5
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:1 (100.0%)
From: checat at yandex dot ru Assigned: derick (profile)
Status: Wont fix Package: Reproducible crash
PHP Version: 4.4.4 OS: RHEL4
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: checat at yandex dot ru
New email:
PHP Version: OS:


 [2006-10-05 11:07 UTC] checat at yandex dot ru
When freeing array variables with multiple references, variables which should still be accessible via other reference may be unexpectedly freed.

Depending of the code it may produce data corruption, glibc-detected memory corruption or segfault.

Reproduce code:

$root=array('id'=>'1', 'parent_id'=>NULL);
$child1 = array('id'=>'2', 'parent_id'=>'1');

// build tree with references up and down
$root['childs'] = array();

$child1['parent'] = & $root;
$child1['parent']['childs'][] = & $child1;
$child1['childs'] = array();





Expected result:

Actual result:
Segmentation fault

Apache2/prefork/mod_php: no output, Segmentation fault in log


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2006-10-05 11:13 UTC] checat at yandex dot ru
To have "double free" bug, one needs to wrap my test case into a function.
 [2006-10-05 11:15 UTC]
Circular references is the easiest way one can shoot his own leg.
Upgrade to PHP5, which doesn't segfault.
 [2006-10-05 11:31 UTC]
We still need to address segfaults in 4.4.
 [2008-07-11 21:24 UTC]
We are sorry, but we can not support PHP 4 related problems anymore.
Momentum is gathering for PHP 6, and we think supporting PHP 4 will
lead to a waste of resources which we want to put into getting PHP 6

PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sun May 26 03:01:31 2024 UTC