php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #46033 Segfault when trying to instance SQLite3Stmt
Submitted: 2008-09-09 17:58 UTC Modified: 2008-11-17 19:39 UTC
From: felipe@php.net Assigned: scottmac
Status: Closed Package: SQLite related
PHP Version: 5.3CVS, 6CVS OS: *
Private report: No CVE-ID:
 [2008-09-09 17:58 UTC] felipe@php.net
Description:
------------
See below.

Reproduce code:
---------------
<?php

new SQLite3Stmt;

Actual result:
--------------
==25402== 
==25402== Invalid read of size 4
==25402==    at 0x820A761: php_sqlite3_stmt_object_free_storage (zend.h:380)
==25402==    by 0x835C1F8: zend_objects_store_del_ref_by_handle_ex (zend_objects_API.c:215)
==25402==    by 0x835C256: zend_objects_store_del_ref (zend_objects_API.c:171)
==25402==    by 0x8339868: _zval_dtor_func (zend_variables.c:52)
==25402==    by 0x832C938: _zval_ptr_dtor (zend_variables.h:35)
==25402==    by 0x8373AA7: ZEND_NEW_SPEC_HANDLER (zend_vm_execute.h:492)
==25402==    by 0x835F5E2: execute (zend_vm_execute.h:104)
==25402==    by 0x8339A7E: zend_execute_scripts (zend.c:1197)
==25402==    by 0x82DF76C: php_execute_script (main.c:2075)
==25402==    by 0x83D1714: main (php_cli.c:1130)
==25402==  Address 0x8 is not stack'd, malloc'd or (recently) free'd
==25402== 
==25402== Process terminating with default action of signal 11 (SIGSEGV)
==25402==  Access not within mapped region at address 0x8
==25402==    at 0x820A761: php_sqlite3_stmt_object_free_storage (zend.h:380)
==25402==    by 0x835C1F8: zend_objects_store_del_ref_by_handle_ex (zend_objects_API.c:215)
==25402==    by 0x835C256: zend_objects_store_del_ref (zend_objects_API.c:171)
==25402==    by 0x8339868: _zval_dtor_func (zend_variables.c:52)
==25402==    by 0x832C938: _zval_ptr_dtor (zend_variables.h:35)
==25402==    by 0x8373AA7: ZEND_NEW_SPEC_HANDLER (zend_vm_execute.h:492)
==25402==    by 0x835F5E2: execute (zend_vm_execute.h:104)
==25402==    by 0x8339A7E: zend_execute_scripts (zend.c:1197)
==25402==    by 0x82DF76C: php_execute_script (main.c:2075)
==25402==    by 0x83D1714: main (php_cli.c:1130)
==25402== 


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-09-09 18:01 UTC] felipe@php.net
See also:
new SQLite3Result;
 [2008-09-15 00:41 UTC] johannes@php.net
Scott, SQLite3 is oyur extension :-)
 [2008-09-15 22:17 UTC] scottmac@php.net
Need to add a constructor to fix this properly, reopening.
 [2008-11-17 19:39 UTC] scottmac@php.net
All Fixed now.
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Thu Apr 17 21:01:56 2014 UTC