php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #51691 Unnecessary realloc causes crash with "interned" strings
Submitted: 2010-04-29 06:55 UTC Modified: 2010-04-30 02:00 UTC
From: sixd@php.net Assigned: sixd (profile)
Status: Closed Package: OCI8 related
PHP Version: 6SVN-2010-04-29 (SVN) OS: all
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: sixd@php.net
New email:
PHP Version: OS:

 

 [2010-04-29 06:55 UTC] sixd@php.net
Description:
------------
These OCI8 tests are crashing after the implementation of "interned
string" in the PHP trunk code:

bind_char_1.phpt
bind_char_2.phpt
bind_char_3.phpt
bind_char_4.phpt
bind_rowid.phpt
error_bind.phpt

This is due to a realloc in php_oci_bind_post_exec() to add a null
terminator for bound data.  The crash happens on IN binds that are
interned since realloc is not permitted for interned strings.  Because
string IN binds are always null terminated the realloc is unnecessary.
Null strings are apparently not interned so modification of their zval
to force an empty string is OK.

String OUT binds have new memory allocated in php_oci_bind_callback()
and are not interned so they can be realloced.  Also all current test
cases already get null terminated output from Oracle.


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-04-29 06:55 UTC] sixd@php.net
-Assigned To: +Assigned To: sixd
 [2010-04-29 07:07 UTC] sixd@php.net
Automatic comment from SVN on behalf of sixd
Revision: http://svn.php.net/viewvc/?view=revision&revision=298755
Log: Bug #51691 (Unnecessary realloc causes crashes in PHP trunk tests with interned strings).  Updated tests check some other edge cases
 [2010-04-29 07:13 UTC] sixd@php.net
-Status: Assigned +Status: Closed
 [2010-04-29 07:13 UTC] sixd@php.net
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

Fixed in trunk. The change was also merged to the PHP 5.3 branch and will be in 
any future PHP 5.3.3 (aka OCI8 1.4.2) release.
 [2010-04-30 02:00 UTC] sixd@php.net
Dmitry says that empty strings can be interned.
 
PHP Copyright © 2001-2022 The PHP Group
All rights reserved.
Last updated: Mon Jul 04 05:03:36 2022 UTC