PHP :: Bug #79503 :: Memory leak on duplicate metadata

Bug #79503	Memory leak on duplicate metadata
Submitted:	2020-04-21 09:52 UTC	Modified:	2020-04-22 13:10 UTC
From:	nikic@php.net	Assigned:	cmb (profile)
Status:	Closed	Package:	PHAR related
PHP Version:	7.3.17	OS:
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

[2020-04-21 09:52 UTC] nikic@php.net

Description:
------------
Passing the file https://gist.github.com/nikic/5b7a55e6a100c3dedbfd1ac6837c74a9 to Phar::__construct() results in a memory leak:

    #0 0x4ef61d in malloc (/home/nikic/php-src-fuzz/sapi/fuzzer/php-fuzz-phar+0x4ef61d)
    #1 0x105d619 in __zend_malloc /home/nikic/php-src-fuzz/Zend/zend_alloc.c:2992:14
    #2 0xeca559 in zend_string_alloc /home/nikic/php-src-fuzz/Zend/zend_string.h:141:36
    #3 0xeca559 in zend_string_init /home/nikic/php-src-fuzz/Zend/zend_string.h:163:21
    #4 0xecf463 in php_var_unserialize_internal /home/nikic/php-src-fuzz/ext/standard/var_unserializer.re:953:3
    #5 0xeca8ca in php_var_unserialize /home/nikic/php-src-fuzz/ext/standard/var_unserializer.re:752:11
    #6 0xad234e in phar_parse_metadata /home/nikic/php-src-fuzz/ext/phar/phar.c:621:8
    #7 0xa74837 in phar_tar_process_metadata /home/nikic/php-src-fuzz/ext/phar/tar.c:176:6
    #8 0xa74837 in phar_parse_tarfile /home/nikic/php-src-fuzz/ext/phar/tar.c:512:19
    #9 0xad6fdd in phar_open_from_fp /home/nikic/php-src-fuzz/ext/phar/phar.c:1726:13
    #10 0xad4e48 in phar_create_or_parse_filename /home/nikic/php-src-fuzz/ext/phar/phar.c:1364:7

The cause is a duplicate .phar/.metadata.bin entry, where the second one overwrites the first without freeing. Probably we should be reporting an error instead.

Originally from https://github.com/php/php-src/pull/5424.

Patches

Add a Patch

Pull Requests

Pull requests:

Fix #79503: Memory leak on duplicate metadata (php-src/5431)

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2020-04-22 08:51 UTC] cmb@php.net

The following pull request has been associated:

Patch Name: Fix #79503: Memory leak on duplicate metadata
On GitHub:  https://github.com/php/php-src/pull/5431
Patch:      https://github.com/php/php-src/pull/5431.patch

[2020-04-22 13:10 UTC] cmb@php.net

Automatic comment on behalf of cmbecker69@gmx.de
Revision: http://git.php.net/?p=php-src.git;a=commit;h=ccca2c448df35ac457eeef11fb7f0d604de3e5f9
Log: Fix #79503: Memory leak on duplicate metadata

[2020-04-22 13:10 UTC] cmb@php.net

-Status: Open +Status: Closed

[2020-04-22 13:10 UTC] cmb@php.net

-Assigned To: +Assigned To: cmb

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Tue Apr 16 11:01:29 2024 UTC