php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #66987 Memory corruption in fileinfo ext (bigendian)
Submitted: 2014-03-31 13:15 UTC Modified: 2014-03-31 13:15 UTC
From: remi@php.net Assigned: remi (profile)
Status: Closed Package: Filesystem function related
PHP Version: 5.4.26 OS: GNU/LInux (bugendian)
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: remi@php.net
New email:
PHP Version: OS:

 

 [2014-03-31 13:15 UTC] remi@php.net
Description:
------------
Discovered running fileinfo test on ppc64 ans s390x (both bigendian)

# export USE_ZEND_ALLOC=0 &&  valgrind php -n -d extension=fileinfo.so test2.php
==26726== Memcheck, a memory error detector
==26726== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==26726== Using Valgrind-3.9.0 and LibVEX; rerun with -h for copyright info
==26726== Command: php -n -d extension=fileinfo.so test2.php
==26726==
PE Unknown PE signature 0x0 (Unknown subsystem 0x0) Intel 80386 system file, for MS Windows==26726== Invalid free() / delete / delete[] / realloc()
==26726==    at 0x482F972: free (in /usr/lib64/valgrind/vgpreload_memcheck-s390x-linux.so)
==26726==    by 0xBD8F7EB: apprentice_unmap (apprentice.c:499)
==26726==    by 0xBD8F875: mlist_free (apprentice.c:530)
==26726==    by 0xBD90939: file_ms_free (apprentice.c:444)
==26726==    by 0xBD8E905: finfo_resource_destructor (fileinfo.c:194)
==26726==    by 0x3A5C9F: list_entry_destructor (zend_list.c:183)
==26726==    by 0x3A35F3: zend_hash_del_key_or_index (zend_hash.c:531)
==26726==    by 0x3A5F3D: _zend_list_delete (zend_list.c:57)
==26726==    by 0x384A41: _zval_ptr_dtor (zend_variables.h:35)
==26726==    by 0x3A1EC9: zend_hash_apply_deleter (zend_hash.c:650)
==26726==    by 0x3A3953: zend_hash_graceful_reverse_destroy (zend_hash.c:687)
==26726==    by 0x38518F: shutdown_executor (zend_execute_API.c:247)
==26726==  Address 0xc024138 is 248 bytes inside a block of size 2,606,480 alloc'd
==26726==    at 0x482E55A: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-s390x-linux.so)
==26726==    by 0xBD93F4F: apprentice_1 (apprentice.c:2687)
==26726==    by 0xBD8EB31: zif_finfo_open (fileinfo.c:345)
==26726==    by 0x44D493: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:643)
==26726==    by 0x3BFB6B: execute (zend_vm_execute.h:410)
==26726==    by 0x395FA1: zend_execute_scripts (zend.c:1315)
==26726==    by 0x330065: php_execute_script (main.c:2494)
==26726==    by 0x44F64B: do_cli (php_cli.c:988)
==26726==
==26726== Invalid free() / delete / delete[] / realloc()
==26726==    at 0x482F972: free (in /usr/lib64/valgrind/vgpreload_memcheck-s390x-linux.so)
==26726==    by 0xBD8F801: apprentice_unmap (apprentice.c:499)
==26726==    by 0xBD8F875: mlist_free (apprentice.c:530)
==26726==    by 0xBD90939: file_ms_free (apprentice.c:444)
==26726==    by 0xBD8E905: finfo_resource_destructor (fileinfo.c:194)
==26726==    by 0x3A5C9F: list_entry_destructor (zend_list.c:183)
==26726==    by 0x3A35F3: zend_hash_del_key_or_index (zend_hash.c:531)
==26726==    by 0x3A5F3D: _zend_list_delete (zend_list.c:57)
==26726==    by 0x384A41: _zval_ptr_dtor (zend_variables.h:35)
==26726==    by 0x3A1EC9: zend_hash_apply_deleter (zend_hash.c:650)
==26726==    by 0x3A3953: zend_hash_graceful_reverse_destroy (zend_hash.c:687)
==26726==    by 0x38518F: shutdown_executor (zend_execute_API.c:247)
==26726==  Address 0xc27b6e0 is 2,455,200 bytes inside a block of size 2,606,480 alloc'd
==26726==    at 0x482E55A: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-s390x-linux.so)
==26726==    by 0xBD93F4F: apprentice_1 (apprentice.c:2687)
==26726==    by 0xBD8EB31: zif_finfo_open (fileinfo.c:345)
==26726==    by 0x44D493: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:643)
==26726==    by 0x3BFB6B: execute (zend_vm_execute.h:410)
==26726==    by 0x395FA1: zend_execute_scripts (zend.c:1315)
==26726==    by 0x330065: php_execute_script (main.c:2494)
==26726==    by 0x44F64B: do_cli (php_cli.c:988)
==26726==
==26726==
==26726== HEAP SUMMARY:
==26726==     in use at exit: 203,543 bytes in 2,869 blocks
==26726==   total heap usage: 15,757 allocs, 12,890 frees, 5,922,519 bytes allocated
==26726==
==26726== LEAK SUMMARY:
==26726==    definitely lost: 0 bytes in 0 blocks
==26726==    indirectly lost: 0 bytes in 0 blocks
==26726==      possibly lost: 0 bytes in 0 blocks
==26726==    still reachable: 203,543 bytes in 2,869 blocks
==26726==         suppressed: 0 bytes in 0 blocks
==26726== Rerun with --leak-check=full to see details of leaked memory
==26726==
==26726== For counts of detected and suppressed errors, rerun with: -v
==26726== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 2 from 2)


Patches

fileinfo-mem.patch (last revision 2014-03-31 14:33 UTC by remi@php.net)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2014-03-31 13:15 UTC] remi@php.net
-Assigned To: +Assigned To: remi
 [2014-03-31 14:33 UTC] remi@php.net
The following patch has been added/updated:

Patch Name: fileinfo-mem.patch
Revision:   1396276393
URL:        https://bugs.php.net/patch-display.php?bug=66987&patch=fileinfo-mem.patch&revision=1396276393
 [2014-03-31 14:58 UTC] remi@php.net
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src.git;a=commit;h=2c204a55af9b903b3db48dd5a75d492dbf1b387d
Log: Fixed Bug #66987 Memory corruption in fileinfo ext (bigendian)
 [2014-03-31 14:58 UTC] remi@php.net
-Status: Assigned +Status: Closed
 [2014-04-03 08:02 UTC] ab@php.net
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src.git;a=commit;h=2c204a55af9b903b3db48dd5a75d492dbf1b387d
Log: Fixed Bug #66987 Memory corruption in fileinfo ext (bigendian)
 [2014-04-03 08:04 UTC] ab@php.net
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src.git;a=commit;h=2c204a55af9b903b3db48dd5a75d492dbf1b387d
Log: Fixed Bug #66987 Memory corruption in fileinfo ext (bigendian)
 [2014-04-10 04:47 UTC] tyrael@php.net
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src.git;a=commit;h=2c204a55af9b903b3db48dd5a75d492dbf1b387d
Log: Fixed Bug #66987 Memory corruption in fileinfo ext (bigendian)
 [2014-10-07 23:15 UTC] stas@php.net
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=2c204a55af9b903b3db48dd5a75d492dbf1b387d
Log: Fixed Bug #66987 Memory corruption in fileinfo ext (bigendian)
 [2014-10-07 23:26 UTC] stas@php.net
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=2c204a55af9b903b3db48dd5a75d492dbf1b387d
Log: Fixed Bug #66987 Memory corruption in fileinfo ext (bigendian)
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Nov 02 00:01:29 2024 UTC