php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #67245 usage of memcpy() with overlapping src and dst in zend_exceptions.c
Submitted: 2014-05-11 12:27 UTC Modified: 2014-05-11 13:18 UTC
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: gm dot outside+php at gmail dot com Assigned: bwoebi
Status: Closed Package: *General Issues
PHP Version: 5.5.12 OS: Linux
Private report: No CVE-ID:
 [2014-05-11 12:27 UTC] gm dot outside+php at gmail dot com
Description:
------------
According to man page for memcpy(3) the function should not be used with overlapping source and destination arguments.  A recent update to Zend/zend_exceptions.c (commit: http://git.php.net/?p=php-src.git;a=commitdiff;h=afa03a470ef90a53f2b59a8175f77afdb6b5a651) introduced formatting of trace's arguments where it uses memcpy() with overlapping addresses.  This causes issues on at least systems with glibc 2.3.6 and the testsuite on such systems fails.

If one replaces memcpy() with memmove() the testsuite will pass again.

P.S. I believe that there should be a more efficient way to achieve the string formatting since re-allocating string byte by byte should be very inefficient, but this is unrelated to the bug at hand.


Patches

zend_exceptions-memmove (last revision 2014-05-11 12:27 UTC) by gm dot outside+php at gmail dot com)

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2014-05-11 12:30 UTC] felipe@php.net
-Status: Open +Status: Assigned -Assigned To: +Assigned To: bwoebi
 [2014-05-11 12:59 UTC] bwoebi@php.net
-Status: Assigned +Status: Closed
 [2014-05-11 12:59 UTC] bwoebi@php.net
That bug had already been fixed in http://git.php.net/?p=php-src.git;a=commitdiff;h=0e273217cfd1e72b5109a880fb4334edd2f61448 … I had noticed it later...
 [2014-05-11 13:09 UTC] bwoebi@php.net
-Status: Closed +Status: Re-Opened
 [2014-05-11 13:09 UTC] bwoebi@php.net
Oh, wait, I've merged it into the wrong branch, will fix.
 [2014-05-11 13:18 UTC] bwoebi@php.net
-Status: Re-Opened +Status: Closed
 [2014-05-11 13:18 UTC] bwoebi@php.net
Cherry-picked fix for 5.4 and 5.5. Now everything should be right.
 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Sat Jun 24 00:01:36 2017 UTC