|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2006-11-20 09:35 UTC] tony2001@php.net
[2006-11-21 15:47 UTC] tony2001@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Fri Nov 07 23:00:01 2025 UTC |
Description: ------------ Using stream_bucket_new on a php://temp stream in a user filter leads to a segfault. './configure' '--disable-cgi' '--enable-cli' '--prefix=/usr/local/php6.0-200611181130' '--with-mysql' '--with-openssl' '--with-pdo-mysql' '--enable-soap' '--with-xsl' '--enable-debug' Reproduce code: --------------- <?php class bucketFilter { public function filter($in, $out, &$consumed, $closing ){ $bucket = stream_bucket_new(fopen('php://temp', 'w+'), ''); stream_bucket_append($out, $bucket); return PSFS_PASS_ON; } } stream_filter_register('bucketfault', 'bucketFilter'); stream_filter_append($s = fopen('php://temp', 'r+'), 'bucketfault'); stream_get_contents($s); ?> Expected result: ---------------- this should either output nothing or an error. it shouldn't crash. Actual result: -------------- Segmentation fault Backtrace: #0 0x08307d36 in php_stream_bucket_unlink (bucket=0xb6be7c78) at /usr/local/src/php-6/php6.0-200611181130/main/streams/filter.c:285 #1 0x083075d8 in php_stream_bucket_make_writeable (bucket=0xb6be7c78) at /usr/local/src/php-6/php6.0-200611181130/main/streams/filter.c:158 #2 0x082c114e in php_stream_bucket_attach (append=1, ht=2, return_value=0xb6be5f9c, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0) at /usr/local/src/php-6/php6.0-200611181130/ext/standard/user_filters.c:430 #3 0x082c158a in zif_stream_bucket_append (ht=2, return_value=0xb6be5f9c, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0) at /usr/local/src/php-6/php6.0-200611181130/ext/standard/user_filters.c:484 #4 0x0836a654 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfa02020) at zend_vm_execute.h:209 #5 0x0836f1ba in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0xbfa02020) at zend_vm_execute.h:1648 #6 0x0836a21c in execute (op_array=0xb6be7770) at zend_vm_execute.h:92 #7 0x083312e6 in zend_call_function (fci=0xbfa021a0, fci_cache=0x0) at /usr/local/src/php-6/php6.0-200611181130/Zend/zend_execute_API.c:1036 #8 0x0832fd1d in call_user_function_ex (function_table=0x0, object_pp=0xbfa02268, function_name=0xbfa02250, retval_ptr_ptr=0xbfa0224c, param_count=4, params=0xbfa02230, no_separation=0, symbol_table=0x0) at /usr/local/src/php-6/php6.0-200611181130/Zend/zend_execute_API.c:636 #9 0x082c08bf in userfilter_filter (stream=0xb6be7034, thisfilter=0xb6be7320, buckets_in=0xbfa022f0, buckets_out=0xbfa022e8, consumed=0x0, flags=2) at /usr/local/src/php-6/php6.0-200611181130/ext/standard/user_filters.c:205 #10 0x0830047e in php_stream_fill_read_buffer (stream=0xb6be7034, size=8192) at /usr/local/src/php-6/php6.0-200611181130/main/streams/streams.c:465 #11 0x08300976 in _php_stream_read (stream=0xb6be7034, buf=0xb6be7f0c "", size=8192) at /usr/local/src/php-6/php6.0-200611181130/main/streams/streams.c:600 #12 0x08302fa4 in _php_stream_copy_to_mem_ex (src=0xb6be7034, rettype=6 '\006', buf=0xbfa02488, maxlen=0, maxchars=4294967295, persistent=0, __php_stream_call_depth=0, __zend_filename=0x844b110 "/usr/local/src/php-6/php6.0-200611181130/ext/standard/streamsfuncs.c", __zend_lineno=422, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /usr/local/src/php-6/php6.0-200611181130/main/streams/streams.c:1705 #13 0x082c9795 in zif_stream_get_contents (ht=1, return_value=0xb6be6d08, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0) at /usr/local/src/php-6/php6.0-200611181130/ext/standard/streamsfuncs.c:422 #14 0x0836a654 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfa02600) at zend_vm_execute.h:209 #15 0x0836f1ba in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0xbfa02600) at zend_vm_execute.h:1648 #16 0x0836a21c in execute (op_array=0xb6be4af0) at zend_vm_execute.h:92 #17 0x08342a86 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /usr/local/src/php-6/php6.0-200611181130/Zend/zend.c:1587 #18 0x082ec330 in php_execute_script (primary_file=0xbfa04a50) at /usr/local/src/php-6/php6.0-200611181130/main/main.c:1933 #19 0x083b3318 in main (argc=2, argv=0xbfa04ae4) at /usr/local/src/php-6/php6.0-200611181130/sapi/cli/php_cli.c:1119