|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #48221 memory leak when passing invalid xslt parameter
Submitted: 2009-05-10 13:43 UTC Modified: 2009-05-10 15:17 UTC
From: Assigned:
Status: Closed Package: XSLT related
PHP Version: 5.3.0RC2 OS: Linux
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Bug Type:
New email:
PHP Version: OS:


 [2009-05-10 13:43 UTC]
One is able to pass invalid parameters to XSLTProcessor::setParameter. In this case, not all memory gets freed in ext/xsl/xsltprocessor.c::php_xsl_xslt_make_params since the values don't get filled and the array seems to be empty (NULL values).

Reproduce code:
Check xsltprocessor::setparameter error handling with both single and double quotes
        if (!extension_loaded('xsl')) {
$proc->setParameter('', '', '"\'');
Warning: XSLTProcessor::transformToXml(): Cannot create XPath expression (string contains both
Christian Weiske,
PHP Testfest Berlin 2009-05-09

Actual result:
[Sun May 10 15:20:40 2009]  Script:  '/home/cweiske/Dev/cvs/php/testfest/tests/xsl/php_xsl_xslt_string_to_xpathexpr.php'
/home/cweiske/Dev/cvs/php/php-5.3.0RC2/Zend/zend_hash.c(1118) :  Freeing 0x0188D558 (1 bytes), script=/home/cweiske/Dev/cvs/php/testfest/tests/xsl/php_xsl_xslt_string_to_xpathexpr.php
=== Total 1 memory leaks detected ===


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2009-05-10 15:17 UTC]
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
Thank you for the report, and for helping us make PHP better.

Fixed in 5.2, 5.3 and HEAD. Thanks.
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Tue May 28 17:01:31 2024 UTC