php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #56187 Raising Error object causes crash
Submitted: 2004-09-06 11:54 UTC Modified: 2015-03-23 20:12 UTC
From: codemastr at unrealircd dot com Assigned:
Status: Not a bug Package: PHPScript (PECL)
PHP Version: 5CVS-2004-09-06 (dev) OS: Windows XP Home
Private report: No CVE-ID: None
 [2004-09-06 11:54 UTC] codemastr at unrealircd dot com
Description:
------------
When PHPScript raises the error object, it generates a memory read error. When I talked with you about this, you mentioned something about the host expecting an "out" parameter

Reproduce code:
---------------
//Note that the line below has illegal syntax
function testmethod1(param)
{
}



cscript /e:PHPScript thatfile.wsf

Expected result:
----------------
I'd expect it to just generate:
C:\Documents and Settings\Dominick\test.wsf(1, 1) fragment: parse error, unexpected ')', expecting '&
' or T_VARIABLE

Instead of generating that, then crashing.

Actual result:
--------------
Below is the output gathered from a debugger:

[316] T=00000434 
[316] firing up engine thread/apartment
[316] T=00000434 
[316] *** NEW this=010da0c0
[316] T=00000434 
[316] initializing zend engine on this thread
[316] T=00000434 
[316] ---- init done
[316] T=00000434 
[316] AddRef --> 2
[316] T=00000434 
[316] 010da0c0: QueryInterface for unsupported {0000001B-0000-0000-C000-000000000046}
[316] T=00000434 
[316] 010da0c0: QueryInterface for unsupported {00000003-0000-0000-C000-000000000046}
[316] T=00000434 
[316] AddRef --> 3
[316] T=00000434 
[316] Release --> 2
[316] T=00000830 
[316] AddRef --> 3
[316] T=00000830 
[316] Release --> 2
[316] T=00000830 
[316] AddRef --> 3
[316] T=00000830 
[316] Release --> 2
[316] T=00000830 
[316] AddRef --> 3
[316] T=00000830 
[316] Release --> 2
[316] T=00000830 
[316] AddRef --> 3
[316] T=00000830 
[316] AddRef --> 4
[316] T=00000830 
[316] 010da0c0: SetScriptSite(000330b0) -----> Base thread is 00000830
[316] T=00000830 
[316] taking a ref on pass
[316] T=00000830 
[316] ----> The operation completed successfully. 
[316] T=00000830 [MARSHAL] 
[316]  prepping for function code 3 SetScriptState, 1 args, marshal defs at 00000000
[316] T=00000434 
[316] 010da0c0: SetScriptState(current=SCRIPTSTATE_UNINITIALIZED, new=SCRIPTSTATE_INITIALIZED)
[316] T=00000434 
[316] Calling [marshall] m_pass->OnStateChange
[316] T=00000434 
[316] --- done calling m_pass->OnStateChange
[316] T=00000830 [MARSHAL] 
[316] marshall call to SetScriptState completed The operation completed successfully. 
[316] T=00000830 
[316] InitNew() this=010da0c0
[316] T=00000830 [MARSHAL] 
[316]  prepping for function code 1 InitNew, 0 args, marshal defs at 00000000
[316] T=00000434 
[316] InitNew() this=010da0c0
[316] T=00000434 
[316] initializing zend engine on this thread
[316] T=00000434 
[316] ---- init done
[316] T=00000830 [MARSHAL] 
[316] marshall call to InitNew completed The operation completed successfully. 
[316] T=00000830 [MARSHAL] 
[316]  prepping for function code 2 AddnamedItem, 2 args, marshal defs at 00000000
[316] T=00000434 
[316] AddNamedItem: WScript (00000002) m_pass=000330b0
[316] T=00000434 
[316] Calling [marshall] m_pass->GetItemInfo
[316] T=00000434 
[316] --- done calling m_pass->GetItemInfo
[316] T=00000434 
[316] ADD_NAMED_ITEM
[316] T=00000434 
[316] Add WScript to global namespace
[316] T=00000434 
[316] make_auto_global WScript
[316] T=00000830 [MARSHAL] 
[316] marshall call to AddnamedItem completed The operation completed successfully. 
[316] T=00000830 [MARSHAL] 
[316]  prepping for function code 2 AddnamedItem, 2 args, marshal defs at 00000000
[316] T=00000434 
[316] AddNamedItem: WSH (00000002) m_pass=000330b0
[316] T=00000434 
[316] Calling [marshall] m_pass->GetItemInfo
[316] T=00000434 
[316] --- done calling m_pass->GetItemInfo
[316] T=00000434 
[316] ADD_NAMED_ITEM
[316] T=00000434 
[316] Add WSH to global namespace
[316] T=00000434 
[316] make_auto_global WSH
[316] T=00000830 [MARSHAL] 
[316] marshall call to AddnamedItem completed The operation completed successfully. 
[316] T=00000830 [MARSHAL] 
[316]  prepping for function code 3 SetScriptState, 1 args, marshal defs at 00000000
[316] T=00000434 
[316] 010da0c0: SetScriptState(current=SCRIPTSTATE_INITIALIZED, new=SCRIPTSTATE_INITIALIZED)
[316] T=00000434 
[316] Calling [marshall] m_pass->OnStateChange
[316] T=00000434 
[316] --- done calling m_pass->OnStateChange
[316] T=00000830 [MARSHAL] 
[316] marshall call to SetScriptState completed The operation completed successfully. 
[316] T=00000830 
[316] Release --> 3
[316] T=00000830 
[316] ParseScriptText
[316] T=00000830 
[316] pstrCode=001658D0 pstrItemName=00000000 punkContext=00000000 pstrDelimiter=00000000 pvarResult=00000000 pexcepinfo=00000000
[316] T=00000830 [MARSHAL] 
[316]  prepping for function code 0 ParseScriptText, 9 args, marshal defs at 00B1A01C
[316] T=00000830 [MARSHAL] 
[316] marshalling ... 
[316] T=00000830 [MARSHAL] 
[316]    arg=2 IUnknown(NULL) - skip
[316] T=00000830 [MARSHAL] 
[316]  -- skipping (this param is not needed in this direction)
[316] T=00000434 [MARSHAL] 
[316]  unmarshalling...
[316] T=00000434 [MARSHAL] 
[316]    unmarshal arg=2 IUnknown(NULL) - skip
[316] T=00000434 
[316] ParseScriptText
[316] T=00000434 
[316] pstrCode=001658D0 pstrItemName=00000000 punkContext=00000000 pstrDelimiter=00000000 pvarResult=00000000 pexcepinfo=00000000
[316] T=00000434 
[316] 010da0c0: ParseScriptText:
[316]  state=SCRIPTSTATE_INITIALIZED
[316] code=function testmethod1(param) 
[316] { 
[316] } 
[316] 
[316]  item=<NULL>
[316]  delim=<NULL>
[316]  line=1
[316] T=00000434 
[316] 00184f50: COMPILED FRAG
[316] T=00000434 
[316] code to compile is:
[316] code_offs=0  func=(null)
[316] function testmethod1(param) 
[316] { 
[316] } 
[316] 
[316] T=00000434 
[316] 010da0c0: PHP Error: parse error, unexpected ')', expecting '&' or T_VARIABLE
[316] T=00000434 
[316] raising error object!
[316] T=00000434 
[316] Calling [marshall] m_pass->OnScriptError
[316] T=00000434 
[316] Release: errobj refcount=1
[316] T=00000434 
[316] Release: errobj refcount=2
[316] T=00000434 
[316] Release: errobj refcount=1
[316] T=00000434 
[316] Release: errobj refcount=0
[316] T=00000434 
[316] 01264260: cleaning up error object
[316] T=00000434 
[316] --- done calling m_pass->OnScriptError


I also see the following dialog:
The instruction at "0x00b6ed32" referenced memory at "0x01231190". The memory could not be "read".

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2015-03-23 20:12 UTC] cmb@php.net
-Status: Open +Status: Not a bug
 [2015-03-23 20:12 UTC] cmb@php.net
Thank you for taking the time to report a problem with PHP.
Unfortunately you are not using a current version of PHP -- 
the problem might already be fixed. Please download a new
PHP version from http://www.php.net/downloads.php

If you are able to reproduce the bug with one of the latest
versions of PHP, please change the PHP version on this bug report
to the version you tested and change the status back to "Open".
Again, thank you for your continued support of PHP.
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Thu Sep 19 19:01:27 2019 UTC