php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #69025 Invalid read of size 4 when calling __callStatic.
Submitted: 2015-02-11 09:32 UTC Modified: 2015-02-11 13:43 UTC
From: arjen at react dot com Assigned:
Status: Closed Package: Scripting Engine problem
PHP Version: master-Git-2015-02-11 (Git) OS: Linux
Private report: No CVE-ID: None
View Add Comment Developer Edit
 [2015-02-11 09:32 UTC] arjen at react dot com 
Description:
------------
USE_ZEND_ALLOC=0 valgrind --track-origins=yes --leak-check=full php-src/sapi/cli/php script.php gives invalid read warning.

Caused by https://github.com/php/php-src/commit/f5a9cfc33ab86e343b5cbf0d0a39a62037c32975

Test script:
---------------
<?php

class A {
	public static function __callStatic($method, $args)
	{
	}
}

A::init();


Expected result:
----------------
No memory error.

Actual result:
--------------
==11916== Invalid read of size 4
==11916==    at 0x991BBF: ZEND_DO_FCALL_SPEC_HANDLER (zend_vm_execute.h:604)
==11916==    by 0x991112: execute_ex (zend_vm_execute.h:352)
==11916==    by 0x99126B: zend_execute (zend_vm_execute.h:381)
==11916==    by 0x943954: zend_execute_scripts (zend.c:1277)
==11916==    by 0x8BA620: php_execute_script (main.c:2549)
==11916==    by 0x9E74B9: do_cli (php_cli.c:982)
==11916==    by 0x9E8462: main (php_cli.c:1361)
==11916==  Address 0xc59d414 is 4 bytes inside a block of size 64 free'd
==11916==    at 0x4C2B200: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==11916==    by 0x913ADC: _efree (zend_alloc.c:2208)
==11916==    by 0x980B76: zend_std_callstatic_user_call (zend_object_handlers.c:1158)
==11916==    by 0x991B70: ZEND_DO_FCALL_SPEC_HANDLER (zend_vm_execute.h:596)
==11916==    by 0x991112: execute_ex (zend_vm_execute.h:352)
==11916==    by 0x99126B: zend_execute (zend_vm_execute.h:381)
==11916==    by 0x943954: zend_execute_scripts (zend.c:1277)
==11916==    by 0x8BA620: php_execute_script (main.c:2549)
==11916==    by 0x9E74B9: do_cli (php_cli.c:982)
==11916==    by 0x9E8462: main (php_cli.c:1361)

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2015-02-11 14:42 UTC] dmitry@php.net 
Automatic comment on behalf of dmitry@zend.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=35aea97e42ebad10437688472fa03c6768ca6ea3
Log: Fixed bug #69025 (Invalid read of size 4 when calling __callStatic)
 [2015-02-11 14:42 UTC] dmitry@php.net
-Status: Open +Status: Closed
 [2016-07-20 11:39 UTC] davey@php.net 
Automatic comment on behalf of dmitry@zend.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=35aea97e42ebad10437688472fa03c6768ca6ea3
Log: Fixed bug #69025 (Invalid read of size 4 when calling __callStatic)
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Fri May 03 23:01:30 2024 UTC