|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #56572 Heap corruption caused by runkit_method_rename
Submitted: 2005-10-02 23:41 UTC Modified: 2005-10-31 16:45 UTC
From: skissane at gmail dot com Assigned:
Status: Closed Package: runkit (PECL)
PHP Version: 5.0.3 OS: Linux
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: skissane at gmail dot com
New email:
PHP Version: OS:


 [2005-10-02 23:41 UTC] skissane at gmail dot com
using php 5.0.5 & runkit 0.5
runkit_method_rename somehow causes heap corruption in the zend opcode array. In the context of a complex script, this corruption can cause PHP to segfault during request shutdown. (My reproduce script below has been simplified to the point that while the heap corruption still occurs, PHP doesn't segfault.)

Strangely, the behaviour appears to be influenced by the length of the class/method names in question: substituting the long names in the script below for very short ones (A, B, C, etc.) results in no memory leak message.

Reproduce code:
class LongEnoughName  {
function ThisIsALongEnoughName() { } }
class LongEnoughNameForBugToHappen extends LongEnoughName 
{ }

Expected result:
No memory leak messages

Actual result:
/home/skissane/unpacked/php-5.0.5/Zend/zend_opcode.c(227) : Block 0x08A9F7A0 status:
Beginning:      Cached (allocated on Zend/zend_language_scanner.c:4661, 22 bytes)
      End:      OK
/home/skissane/unpacked/runkit-0.5/runkit_methods.c(503) :  Freeing 0x08A8C984 (33 bytes), script=simple.php
=== Total 1 memory leaks detected ===


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2005-10-31 16:45 UTC]
This bug has been fixed in CVS.

In case this was a documentation problem, the fix will show up at the
end of next Sunday (CET) on

In case this was a website problem, the change will show
up on the website in short time.
Thank you for the report, and for helping us make PECL better.

Fixed in Release 0.7
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Jun 21 07:01:29 2024 UTC