php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #74233 Parsing multi Content-Disposition causes memory leak
Submitted: 2017-03-10 06:51 UTC Modified: -
From: naoki-kawamukai at cybozu dot co dot jp Assigned:
Status: Open Package: mailparse (PECL)
PHP Version: 7.1.2 OS: Debian 8.6
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: naoki-kawamukai at cybozu dot co dot jp
New email:
PHP Version: OS:

 

 [2017-03-10 06:51 UTC] naoki-kawamukai at cybozu dot co dot jp
Description:
------------
When I run the test script,
valgrind reports memory leak.

I checked it with the following versions:
 - PHP 7.1.2 with latest mailparse(master branch; bc51125921ae1287e3b4705bec1dfd8859d16213 )
 - PHP 7.0.16 with latest mailparse
 - PHP 5.6.30 with mailparse 2.1.6

Test script:
---------------
<?php
$msg = <<<EOD
Subject:
To: root@example.com
mime-version: 1.0
Content-Type: multipart/mixed; boundary="=___BOUNDARY___"

--=___BOUNDARY___
Content-Type: text/plain; charset=ISO-2022-JP
Content-Transfer-Encoding: 7bit


--=___BOUNDARY___
Content-Type: text/plain; name="test.txt"
Content-Disposition: attachment; filename="test.txt"
Content-Disposition: attachment; filename="test2.txt"
Content-Transfer-Encoding: base64

dGVzdA==

--=___BOUNDARY___--

EOD;

new MimeMessage( 'var', $msg );

?>

Expected result:
----------------
==4115== Memcheck, a memory error detector
==4115== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==4115== Using Valgrind-3.10.0 and LibVEX; rerun with -h for copyright info
==4115== Command: php -d extension_dir=/root/mailparse/modules/ -d extension=mailparse.so test.php
==4115==
==4115==
==4115== HEAP SUMMARY:
==4115==     in use at exit: 3,197 bytes in 32 blocks
==4115==   total heap usage: 22,198 allocs, 22,166 frees, 2,742,812 bytes allocated
==4115==
==4115== LEAK SUMMARY:
==4115==    definitely lost: 0 bytes in 0 blocks
==4115==    indirectly lost: 0 bytes in 0 blocks
==4115==      possibly lost: 0 bytes in 0 blocks
==4115==    still reachable: 3,197 bytes in 32 blocks
==4115==         suppressed: 0 bytes in 0 blocks
==4115== Reachable blocks (those to which a pointer was found) are not shown.
==4115== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==4115==
==4115== For counts of detected and suppressed errors, rerun with: -v
==4115== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)


Actual result:
--------------
==2062== Memcheck, a memory error detector
==2062== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==2062== Using Valgrind-3.10.0 and LibVEX; rerun with -h for copyright info
==2062== Command: php -d extension_dir=/root/mailparse/modules/ -d extension=mailparse.so test.php
==2062==
==2062==
==2062== HEAP SUMMARY:
==2062==     in use at exit: 3,656 bytes in 38 blocks
==2062==   total heap usage: 22,198 allocs, 22,160 frees, 2,742,812 bytes allocated
==2062==
==2062== 459 (24 direct, 435 indirect) bytes in 1 blocks are definitely lost in loss record 37 of 38
==2062==    at 0x4C28C20: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==2062==    by 0x75F8CD: __zend_malloc (zend_alloc.c:2820)
==2062==    by 0x75EB9A: _emalloc (zend_alloc.c:2413)
==2062==    by 0x75EE9E: _safe_emalloc (zend_alloc.c:2472)
==2062==    by 0x75EFC4: _ecalloc (zend_alloc.c:2495)
==2062==    by 0xAC16EDC: php_mimeheader_alloc_from_tok (in /root/mailparse/modules/mailparse.so)
==2062==    by 0xAC18206: php_mimepart_process_header (in /root/mailparse/modules/mailparse.so)
==2062==    by 0xAC18AE3: php_mimepart_process_line (in /root/mailparse/modules/mailparse.so)
==2062==    by 0xAC191EA: php_mimepart_parse (in /root/mailparse/modules/mailparse.so)
==2062==    by 0xAC12889: zif_mailparse_mimemessage (in /root/mailparse/modules/mailparse.so)
==2062==    by 0x7FA8C4: ZEND_DO_FCALL_SPEC_RETVAL_UNUSED_HANDLER (zend_vm_execute.h:970)
==2062==    by 0x7F921C: execute_ex (zend_vm_execute.h:429)
==2062==
==2062== LEAK SUMMARY:
==2062==    definitely lost: 24 bytes in 1 blocks
==2062==    indirectly lost: 435 bytes in 5 blocks
==2062==      possibly lost: 0 bytes in 0 blocks
==2062==    still reachable: 3,197 bytes in 32 blocks
==2062==         suppressed: 0 bytes in 0 blocks
==2062== Reachable blocks (those to which a pointer was found) are not shown.
==2062== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==2062==
==2062== For counts of detected and suppressed errors, rerun with: -v
==2062== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)


Patches

free-memory-about-content-disposition (last revision 2017-03-13 07:24 UTC) by naoki-kawamukai at cybozu dot co dot jp)

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2017-03-13 07:36 UTC] naoki-kawamukai at cybozu dot co dot jp
I uploaded the patch to fix this issue.
 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Sun Nov 19 01:31:42 2017 UTC