php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #75881 zend_hash_find_bucket() could not find existing hash entry
Submitted: 2018-01-29 00:43 UTC Modified: 2018-01-31 10:30 UTC
From: tianfang dot yang at oracle dot com Assigned: dmitry (profile)
Status: Closed Package: Strings related
PHP Version: master-Git-2018-01-29 (Git) OS: linux
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: tianfang dot yang at oracle dot com
New email:
PHP Version: OS:

 

 [2018-01-29 00:43 UTC] tianfang dot yang at oracle dot com 
Description:
------------
OCI8 calls zend_hash_find() to look up existing connection in the hash table. However, with new string compare function zend_string_equal_content(), it failed to match a hash key:

static zend_always_inline Bucket *zend_hash_find_bucket(const HashTable *ht, zend_string *key, zend_bool known_hash)
{
	...
	while (EXPECTED(idx != HT_INVALID_IDX)) {
		p = HT_HASH_TO_BUCKET_EX(arData, idx);
		if (EXPECTED(p->key == key)) { /* check for the same interned string */
			return p;
		} else if (EXPECTED(p->h == h) &&
		     EXPECTED(p->key) &&
		     EXPECTED(zend_string_equal_content(p->key, key))) {
			return p;
		}
        ...
}

Revert zend_string_equal_content() to memcmp() resolved the issue.

Test script:
---------------
Reproducible testcase: ext/oci8/tests/drcp_connection1.phpt

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2018-01-29 01:14 UTC] danack@php.net 
That's interesting.

Doesn't that imply a bug elsewhere, where the stored lengths of strings are being corrupted/otherwise stored improperly, if reverting to memcmp() makes the issue go away?
 [2018-01-31 10:29 UTC] sixd@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: sixd
 [2018-01-31 10:29 UTC] sixd@php.net 
The fix for this bug has been committed.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.

Dmitry fixed the string compare BC break in http://git.php.net/?p=php-src.git;a=commitdiff;h=e43ac263561d8d748cb571905a5dabc2d6d5560e
 [2018-01-31 10:30 UTC] sixd@php.net
-Assigned To: sixd +Assigned To: dmitry
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sun Oct 27 16:01:27 2024 UTC