PHP :: Bug #63002 :: Access Violation 0xc0000005 errors caused by Wincache

Bug #63002

Access Violation 0xc0000005 errors caused by Wincache

Submitted:

2012-09-03 03:24 UTC

Modified:

2012-10-23 16:50 UTC

Votes:	1
Avg. Score:	5.0 ± 0.0
Reproduced:	1 of 1 (100.0%)
Same Version:	0 (0.0%)
Same OS:	1 (100.0%)

From:

pvasilevich at parallels dot com

Assigned:

ericsten (profile)

Status:

Closed

Package:

WinCache (PECL)

PHP Version:

5.4.6

OS:

Windows 2008R2

Private report:

CVE-ID:

None

View Add Comment Developer Edit

[2012-09-03 03:24 UTC] pvasilevich at parallels dot com

Description:
------------
Wincache 1.3.4 and PHP 5.4.6

There is reliability problem caused by incorrect handling of memory allocation errors.



Test script:
---------------
Unfortunately, there are no test script to reproduce this problem. This problem appears suddenly, only if memory cannot be allocated in specified code areas.

I can provide 2 crash dumps for both problems if necessary.

Please review and apply provided patch. After applying this patch I haven't found any reliability issues anymore.

Expected result:
----------------
No Access Violation errors

Actual result:
--------------
Crash of PHP process

Patches

wincache-1.3.4-500-error-updated.patch (last revision 2012-10-09 02:59 UTC) by pvasilevich at parallels dot com)
wincache-1.3.4-500-error (last revision 2012-09-03 03:24 UTC) by pvasilevich at parallels dot com)

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2012-10-08 22:42 UTC] ericsten@php.net

-Assigned To: +Assigned To: ericsten

[2012-10-23 16:49 UTC] ericsten@php.net

Fix applied to PHP 5.4.x branch with SVN revision 328115

[2012-10-23 16:50 UTC] ericsten@php.net

-Status: Assigned +Status: Closed

[2012-10-23 16:50 UTC] ericsten@php.net

The fix for this bug has been committed.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.

[2012-10-23 16:58 UTC] ericsten@php.net

Automatic comment from SVN on behalf of ericsten
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=328118
Log: Updating version number for fix of bug 63002

[2012-10-23 18:18 UTC] pvasilevich at parallels dot com

Hello ericsten, 

as I see you have commited 2 of 3 changes proposed in patch. There is still problem that could bring access violation crash:

--- wincache_opcopy.c	(revision 328119)
+++ wincache_opcopy.c	(working copy)
@@ -3316,6 +3316,12 @@
         if(ozendcl->parent != NULL)
         {
             clvalue[index].pcname = OSTRDUP(popcopy, ozendcl->parent->name);
+			if (clvalue[index].pcname == NULL)
+			{
+				result = popcopy->oomcode;
+				goto Finished;
+			}
+
             zend_str_tolower(clvalue[index].pcname, strlen(clvalue[index].pcname));
         }
         else


It will be nice if you add this patch as well.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2018 The PHP Group All rights reserved.	Last updated: Tue Nov 13 05:01:25 2018 UTC