|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #48221 memory leak when passing invalid xslt parameter
Submitted: 2009-05-10 13:43 UTC Modified: 2009-05-10 15:17 UTC
From: Assigned:
Status: Closed Package: XSLT related
PHP Version: 5.3.0RC2 OS: Linux
Private report: No CVE-ID:
 [2009-05-10 13:43 UTC]
One is able to pass invalid parameters to XSLTProcessor::setParameter. In this case, not all memory gets freed in ext/xsl/xsltprocessor.c::php_xsl_xslt_make_params since the values don't get filled and the array seems to be empty (NULL values).

Reproduce code:
Check xsltprocessor::setparameter error handling with both single and double quotes
        if (!extension_loaded('xsl')) {
$proc->setParameter('', '', '"\'');
Warning: XSLTProcessor::transformToXml(): Cannot create XPath expression (string contains both
Christian Weiske,
PHP Testfest Berlin 2009-05-09

Actual result:
[Sun May 10 15:20:40 2009]  Script:  '/home/cweiske/Dev/cvs/php/testfest/tests/xsl/php_xsl_xslt_string_to_xpathexpr.php'
/home/cweiske/Dev/cvs/php/php-5.3.0RC2/Zend/zend_hash.c(1118) :  Freeing 0x0188D558 (1 bytes), script=/home/cweiske/Dev/cvs/php/testfest/tests/xsl/php_xsl_xslt_string_to_xpathexpr.php
=== Total 1 memory leaks detected ===


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2009-05-10 15:17 UTC]
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
Thank you for the report, and for helping us make PHP better.

Fixed in 5.2, 5.3 and HEAD. Thanks.
PHP Copyright © 2001-2015 The PHP Group
All rights reserved.
Last updated: Fri Nov 27 04:01:30 2015 UTC