php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #75176 Modifying a cached value while using APCUIterator Causes Segmentation Fault
Submitted: 2017-09-08 21:18 UTC Modified: -
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: sethgrim123 at yahoo dot com Assigned:
Status: Open Package: APC (PECL)
PHP Version: 7.1.9 OS: Ubuntu 16.04.3 LTS
Private report: No CVE-ID:
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: sethgrim123 at yahoo dot com
New email:
PHP Version: OS:

 

 [2017-09-08 21:18 UTC] sethgrim123 at yahoo dot com
Description:
------------
Changing a cached value with apcu_store after retrieving the key names using APCUIterator seems to cause a Segmentation fault.

For example, I found that if I save three values into the APC cache, I could modify the cache via apcu_store as long as I know the key names ahead of time.

If I use APCUIterator with a regex to find the key names, then iterated through the entries, a segmentation fault would occur if I tried to adjust the cached value.

It will still crash even if I try to save the key names in an array then try to change them outside of the APCUIterator iteration loop.

This issue does not seem to happen when reverting back to APCu 5.1.7.

Test script:
---------------
<?php 
$keys = array("Test1", "Test2", "Test3");

foreach($keys as $key) {
	$value = rand(1, 100);
	apcu_add($key, $value);   // set initial values
}

foreach($keys as $key) {
	$value = rand(1, 100);
	apcu_store($key, $value); // this does not cause a crash
	
}

$iterator = new APCUIterator('#^Test#', APC_ITER_KEY);
foreach ($iterator as $entry) {
	$key = (string) $entry['key'];
	apcu_store($key, 0); 	 // this will cause a Segmentation fault with APC 5.1.8
}

Expected result:
----------------
The script should run without any errors and ultimately set the APC cache for keys "Test1", "Test2" and "Test3" to 0.

Actual result:
--------------
With APC 5.1.8, a "Segmentation fault (core dumped)" or "zend_mm_heap corrupted" error will be displayed instead.

Patches

Add a Patch

Pull Requests

Add a Pull Request

 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Tue Aug 29 15:01:52 2017 UTC