PHP :: Bug #56941 :: efree(version) produces core dump

Bug #56941	efree(version) produces core dump
Submitted:	2006-04-06 17:54 UTC	Modified:	2006-04-06 17:58 UTC
From:	marcus at corp dot grupos dot com dot br	Assigned:
Status:	Closed	Package:	memcache (PECL)
PHP Version:	5.1.1	OS:	FreeBSD
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	marcus at corp dot grupos dot com dot br
New email:
PHP Version:		OS:

New Comment:

[2006-04-06 17:54 UTC] marcus at corp dot grupos dot com dot br

Description:
------------
After first run of pconnect and after memcached server restart, pecl-memcache produce a core dump.

That's because version=NULL and efree() try to free NULL pointer.

GDB:
(gdb) bt full
#0  0x285f7e1e in ?? () from /usr/local/libexec/apache2/libphp5.so
No symbol table info available.
#1  0x28e64aba in mmc_open (mmc=0x840a000, force_connect=1, error_string=0xbfbfc634, errnum=0xbfbfc640)
    at /usr/ports/databases/pecl-memcache/work/memcache-2.0.1/memcache.c:583
        version = 0x0
#2  0x28e67453 in php_mmc_connect (ht=2, return_value=0x8510b24, return_value_ptr=0x0, this_ptr=0x8510a24, return_value_used=1, persistent=1)
    at /usr/ports/databases/pecl-memcache/work/memcache-2.0.1/memcache.c:1471
        mmc_object = (zval *) 0x8510a24
        mmc = (mmc_t *) 0x840a000
        pool = (mmc_pool_t *) 0x9
        errnum = 0
        host_len = 9
        host = 0x85107e4 "localhost"
        error_string = 0x0
        port = 11211
        timeout = 1
#3  0x28e675c3 in zif_memcache_pconnect (ht=2, return_value=0x8510b24, return_value_ptr=0x0, this_ptr=0x8510a24, return_value_used=1)
    at /usr/ports/databases/pecl-memcache/work/memcache-2.0.1/memcache.c:1512
No locals.
#4  0x2862f636 in ?? () from /usr/local/libexec/apache2/libphp5.so
No symbol table info available.
--

FIX:

if (version)
    efree(version);

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2006-04-06 17:58 UTC] tony2001 at phpclub dot net

This bug has been fixed in CVS.

In case this was a documentation problem, the fix will show up at the
end of next Sunday (CET) on pecl.php.net.

In case this was a pecl.php.net website problem, the change will show
up on the website in short time.
 
Thank you for the report, and for helping us make PECL better.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Fri Apr 19 03:01:27 2024 UTC