php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #58484 [PATCH] HttpInflateStream::finish segfaults when passing NULL
Submitted: 2009-01-03 17:53 UTC Modified: 2009-01-12 05:03 UTC
From: felipe@php.net Assigned: mike (profile)
Status: Closed Package: pecl_http (PECL)
PHP Version: 5_3 CVS-2009-01-03 (dev) OS:
Private report: No CVE-ID: None
 [2009-01-03 17:53 UTC] felipe@php.net
Description:
------------
See below.

Here's a suggestion:
http://felipe.ath.cx/diff/httpinflatestream_finish.diff

Reproduce code:
---------------
$x = new HttpInflateStream; $x->finish(NULL);

Expected result:
----------------
Nothing

Actual result:
--------------
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb79196b0 (LWP 30477)]
0x0843df3a in _zval_dtor_func (zvalue=0x8e6a250, __zend_filename=0x878599c "/home/felipe/dev/php5/Zend/zend_variables.h", __zend_lineno=35)
    at /home/felipe/dev/php5/Zend/zend_variables.c:35
35				CHECK_ZVAL_STRING_REL(zvalue);
(gdb) bt
#0  0x0843df3a in _zval_dtor_func (zvalue=0x8e6a250, __zend_filename=0x878599c "/home/felipe/dev/php5/Zend/zend_variables.h", __zend_lineno=35)
    at /home/felipe/dev/php5/Zend/zend_variables.c:35
#1  0x0842e144 in _zval_dtor (zvalue=0x8e6a250, __zend_filename=0x8785938 "/home/felipe/dev/php5/Zend/zend_execute_API.c", __zend_lineno=429)
    at /home/felipe/dev/php5/Zend/zend_variables.h:35
#2  0x0842e529 in _zval_ptr_dtor (zval_ptr=0x8e976f4, __zend_filename=0x878bac8 "/home/felipe/dev/php5/Zend/zend_vm_execute.h", __zend_lineno=319)
    at /home/felipe/dev/php5/Zend/zend_execute_API.c:429
#3  0x08472f16 in zend_do_fcall_common_helper_SPEC (execute_data=0x8e9763c, tsrm_ls=0x8cf2070) at /home/felipe/dev/php5/Zend/zend_vm_execute.h:319
#4  0x0847402e in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0x8e9763c, tsrm_ls=0x8cf2070) at /home/felipe/dev/php5/Zend/zend_vm_execute.h:422
#5  0x08471c70 in execute (op_array=0x8e69a48, tsrm_ls=0x8cf2070) at /home/felipe/dev/php5/Zend/zend_vm_execute.h:104
#6  0x08431c7f in zend_eval_string (str=0xbfafb89f "$x = new HttpInflateStream; $x->finish(NULL);", retval_ptr=0x0, string_name=0x87919b8 "Command line code", 
    tsrm_ls=0x8cf2070) at /home/felipe/dev/php5/Zend/zend_execute_API.c:1150
#7  0x08431ec6 in zend_eval_string_ex (str=0xbfafb89f "$x = new HttpInflateStream; $x->finish(NULL);", retval_ptr=0x0, string_name=0x87919b8 "Command line code", 
    handle_exceptions=1, tsrm_ls=0x8cf2070) at /home/felipe/dev/php5/Zend/zend_execute_API.c:1185
#8  0x084e1c29 in main (argc=3, argv=0xbfafa244) at /home/felipe/dev/php5/sapi/cli/php_cli.c:1177
(gdb) 
#0  0x0843df3a in _zval_dtor_func (zvalue=0x8e6a250, __zend_filename=0x878599c "/home/felipe/dev/php5/Zend/zend_variables.h", __zend_lineno=35)
    at /home/felipe/dev/php5/Zend/zend_variables.c:35
#1  0x0842e144 in _zval_dtor (zvalue=0x8e6a250, __zend_filename=0x8785938 "/home/felipe/dev/php5/Zend/zend_execute_API.c", __zend_lineno=429)
    at /home/felipe/dev/php5/Zend/zend_variables.h:35
#2  0x0842e529 in _zval_ptr_dtor (zval_ptr=0x8e976f4, __zend_filename=0x878bac8 "/home/felipe/dev/php5/Zend/zend_vm_execute.h", __zend_lineno=319)
    at /home/felipe/dev/php5/Zend/zend_execute_API.c:429
#3  0x08472f16 in zend_do_fcall_common_helper_SPEC (execute_data=0x8e9763c, tsrm_ls=0x8cf2070) at /home/felipe/dev/php5/Zend/zend_vm_execute.h:319
#4  0x0847402e in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0x8e9763c, tsrm_ls=0x8cf2070) at /home/felipe/dev/php5/Zend/zend_vm_execute.h:422
#5  0x08471c70 in execute (op_array=0x8e69a48, tsrm_ls=0x8cf2070) at /home/felipe/dev/php5/Zend/zend_vm_execute.h:104
#6  0x08431c7f in zend_eval_string (str=0xbfafb89f "$x = new HttpInflateStream; $x->finish(NULL);", retval_ptr=0x0, string_name=0x87919b8 "Command line code", 
    tsrm_ls=0x8cf2070) at /home/felipe/dev/php5/Zend/zend_execute_API.c:1150
#7  0x08431ec6 in zend_eval_string_ex (str=0xbfafb89f "$x = new HttpInflateStream; $x->finish(NULL);", retval_ptr=0x0, string_name=0x87919b8 "Command line code", 
    handle_exceptions=1, tsrm_ls=0x8cf2070) at /home/felipe/dev/php5/Zend/zend_execute_API.c:1185
#8  0x084e1c29 in main (argc=3, argv=0xbfafa244) at /home/felipe/dev/php5/sapi/cli/php_cli.c:1177
(gdb) 
#0  0x0843df3a in _zval_dtor_func (zvalue=0x8e6a250, __zend_filename=0x878599c "/home/felipe/dev/php5/Zend/zend_variables.h", __zend_lineno=35)
    at /home/felipe/dev/php5/Zend/zend_variables.c:35
#1  0x0842e144 in _zval_dtor (zvalue=0x8e6a250, __zend_filename=0x8785938 "/home/felipe/dev/php5/Zend/zend_execute_API.c", __zend_lineno=429)
    at /home/felipe/dev/php5/Zend/zend_variables.h:35
#2  0x0842e529 in _zval_ptr_dtor (zval_ptr=0x8e976f4, __zend_filename=0x878bac8 "/home/felipe/dev/php5/Zend/zend_vm_execute.h", __zend_lineno=319)
    at /home/felipe/dev/php5/Zend/zend_execute_API.c:429
#3  0x08472f16 in zend_do_fcall_common_helper_SPEC (execute_data=0x8e9763c, tsrm_ls=0x8cf2070) at /home/felipe/dev/php5/Zend/zend_vm_execute.h:319
#4  0x0847402e in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0x8e9763c, tsrm_ls=0x8cf2070) at /home/felipe/dev/php5/Zend/zend_vm_execute.h:422
#5  0x08471c70 in execute (op_array=0x8e69a48, tsrm_ls=0x8cf2070) at /home/felipe/dev/php5/Zend/zend_vm_execute.h:104
#6  0x08431c7f in zend_eval_string (str=0xbfafb89f "$x = new HttpInflateStream; $x->finish(NULL);", retval_ptr=0x0, string_name=0x87919b8 "Command line code", 
    tsrm_ls=0x8cf2070) at /home/felipe/dev/php5/Zend/zend_execute_API.c:1150
#7  0x08431ec6 in zend_eval_string_ex (str=0xbfafb89f "$x = new HttpInflateStream; $x->finish(NULL);", retval_ptr=0x0, string_name=0x87919b8 "Command line code", 
    handle_exceptions=1, tsrm_ls=0x8cf2070) at /home/felipe/dev/php5/Zend/zend_execute_API.c:1185
#8  0x084e1c29 in main (argc=3, argv=0xbfafa244) at /home/felipe/dev/php5/sapi/cli/php_cli.c:1177


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-01-12 05:03 UTC] mike@php.net
This bug has been fixed in CVS.

In case this was a documentation problem, the fix will show up at the
end of next Sunday (CET) on pecl.php.net.

In case this was a pecl.php.net website problem, the change will show
up on the website in short time.
 
Thank you for the report, and for helping us make PECL better.


 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Dec 06 02:01:29 2024 UTC