|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #48221 memory leak when passing invalid xslt parameter
Submitted: 2009-05-10 13:43 UTC Modified: 2009-05-10 15:17 UTC
From: Assigned:
Status: Closed Package: XSLT related
PHP Version: 5.3.0RC2 OS: Linux
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
New email:
PHP Version: OS:


 [2009-05-10 13:43 UTC]
One is able to pass invalid parameters to XSLTProcessor::setParameter. In this case, not all memory gets freed in ext/xsl/xsltprocessor.c::php_xsl_xslt_make_params since the values don't get filled and the array seems to be empty (NULL values).

Reproduce code:
Check xsltprocessor::setparameter error handling with both single and double quotes
        if (!extension_loaded('xsl')) {
$proc->setParameter('', '', '"\'');
Warning: XSLTProcessor::transformToXml(): Cannot create XPath expression (string contains both
Christian Weiske,
PHP Testfest Berlin 2009-05-09

Actual result:
[Sun May 10 15:20:40 2009]  Script:  '/home/cweiske/Dev/cvs/php/testfest/tests/xsl/php_xsl_xslt_string_to_xpathexpr.php'
/home/cweiske/Dev/cvs/php/php-5.3.0RC2/Zend/zend_hash.c(1118) :  Freeing 0x0188D558 (1 bytes), script=/home/cweiske/Dev/cvs/php/testfest/tests/xsl/php_xsl_xslt_string_to_xpathexpr.php
=== Total 1 memory leaks detected ===


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2009-05-10 15:17 UTC]
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
Thank you for the report, and for helping us make PHP better.

Fixed in 5.2, 5.3 and HEAD. Thanks.
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Mon May 20 20:01:32 2024 UTC