php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #58985 Possible crash in error recovery
Submitted: 2009-12-13 19:20 UTC Modified: 2009-12-21 12:32 UTC
From: donraman@php.net Assigned: DonRaman (profile)
Status: Closed Package: WinCache (PECL)
PHP Version: 5.2.11 OS: Windows
Private report: No CVE-ID: None
 [2009-12-13 19:20 UTC] donraman@php.net
Description:
------------
If for some reason the function PHP_MINIT_FUNCTION in the file php_wincache.c fails, WINCACHE crashes in the PHP_MSHUTDOWN_FUNCTION function.

Reproduce code:
---------------
There is no code to reproduce. I just changed the PHP_MINIT_FUNCTION to force an error. Recompile the WINCACHE code and use any small PHP file like the one below:

<?php
echo 'My name is Don';
?>

A crash can be seen.

Expected result:
----------------
The code should handle failure in WINCACHE and exit gracefully.

Actual result:
--------------
An access violation.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-12-13 19:30 UTC] don dot raman at microsoft dot com
The problem is happening because in the function PHP_MINIT_FUNCTION inside file php_wincache.c we also need to set these two lines so that value sets to NULL.

WCG(lfcache) = NULL;
WCG(locache) = NULL;

If we do not set it to NULL, it will get deleted again in PHP_MSHUTDOWN_FUNCTION.
 [2009-12-13 20:30 UTC] don dot raman at microsoft dot com
Attaching possible patch. Please review and let me know.

Index: php_wincache.c
===================================================================
--- php_wincache.c	(revision 291858)
+++ php_wincache.c	(working copy)
@@ -570,6 +570,8 @@
 
             plcache2 = NULL;
         }
+		WCG(lfcache) = NULL;
+		WCG(locache) = NULL;
     }
 
     dprintverbose("end php_minit");
 [2009-12-14 19:45 UTC] don dot raman at microsoft dot com
Assigning it to myself.
 [2009-12-21 12:32 UTC] don dot raman at microsoft dot com
This bug has been fixed in SVN.

In case this was a documentation problem, the fix will show up at the
end of next Sunday (CET) on pecl.php.net.

In case this was a pecl.php.net website problem, the change will show
up on the website in short time.
 
Thank you for the report, and for helping us make PECL better.

I have created a branch named futures and the fix for the crash is committed there. To view the changes look at:

http://svn.php.net/viewvc/pecl/wincache/branches/futures/php_wincache.c?r1=291828&r2=292428
http://svn.php.net/viewvc/pecl/wincache/branches/futures/php_wincache.h?r1=290891&r2=292428

At some point of time, this should be merged to mainline release.
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Fri Apr 26 10:01:25 2019 UTC