php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #51936 Crash with clone xmlreader
Submitted: 2010-05-27 20:02 UTC Modified: 2010-05-27 20:20 UTC
Votes:5
Avg. Score:4.0 ± 0.6
Reproduced:3 of 4 (75.0%)
Same Version:2 (66.7%)
Same OS:1 (33.3%)
From: Keisial at gmail dot com Assigned: rrichards (profile)
Status: Closed Package: XML Reader
PHP Version: 5.3.2 OS:
Private report: No CVE-ID: None
 [2010-05-27 20:02 UTC] Keisial at gmail dot com
Description:
------------
Trying to use a cloned xmlreader results in a crash (original one can be used fine).

php 5.3.2
libxml2 2.7.7-1


Test script:
---------------
<?php
$xmlreader = new XMLReader();
$xmlreader->xml("<a><b/></a>");

$xmlreader->next();
$xmlreader2 = clone $xmlreader;
$xmlreader2->next();


Actual result:
--------------
Program received signal SIGSEGV, Segmentation fault in xmlTextReaderNext__internal_alias ()


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-05-27 20:20 UTC] johannes@php.net
-Status: Open +Status: Assigned -Assigned To: +Assigned To: rrichards
 [2010-05-27 20:20 UTC] johannes@php.net
#0  0xfffffd7ffb7e92c4 in xmlTextReaderNext () from /lib/64/libxml2.so.2
#1  0x00000000008661f9 in zim_xmlreader_next (ht=0, return_value=0xd77f88, 
    return_value_ptr=0x0, this_ptr=0xd79b48, return_value_used=0)
    at /export/home/johannes/src/php/src/php/php-src/branches/PHP_5_3/ext/xmlreader/php_xmlreader.c:842
#2  0x000000000093b02e in zend_do_fcall_common_helper_SPEC (
    execute_data=0x1025500)
    at /export/home/johannes/src/php/src/php/php-src/branches/PHP_5_3/Zend/zend_vm_execute.h:313
#3  0x000000000093bc9d in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (
    execute_data=0x1025500)
    at /export/home/johannes/src/php/src/php/php-src/branches/PHP_5_3/Zend/zend_vm_execute.h:418
#4  0x000000000093a31d in execute (op_array=0xd77c68)
    at /export/home/johannes/src/php/src/php/php-src/branches/PHP_5_3/Zend/zend_vm_execute.h:104
#5  0x000000000090c86a in zend_execute_scripts (type=8, retval=0x0, 
    file_count=3)
    at /export/home/johannes/src/php/src/php/php-src/branches/PHP_5_3/Zend/zend.c:1194
#6  0x00000000008a0c6c in php_execute_script (primary_file=0xfffffd7fffdff690)
    at /export/home/johannes/src/php/src/php/php-src/branches/PHP_5_3/main/main.c:2233
#7  0x00000000009e0fe6 in main (argc=1, argv=0xfffffd7fffdff768)
    at /export/home/johannes/src/php/src/php/php-src/branches/PHP_5_3/sapi/cli/php_cli.c:1192
 [2013-10-03 11:35 UTC] mike@php.net
Automatic comment on behalf of mike
Revision: http://git.php.net/?p=php-src.git;a=commit;h=dc3d360a0ff8c17cb2ce2030813d30b578249be9
Log: typo: really fix bug #51936 	Crash with clone xmlreader
 [2013-10-03 11:35 UTC] mike@php.net
-Status: Assigned +Status: Closed
 [2014-10-07 23:17 UTC] stas@php.net
Automatic comment on behalf of mike
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=dc3d360a0ff8c17cb2ce2030813d30b578249be9
Log: typo: really fix bug #51936 	Crash with clone xmlreader
 [2014-10-07 23:28 UTC] stas@php.net
Automatic comment on behalf of mike
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=dc3d360a0ff8c17cb2ce2030813d30b578249be9
Log: typo: really fix bug #51936 	Crash with clone xmlreader
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sun Dec 08 11:01:29 2024 UTC