php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #79959 Memory leak in zend_string
Submitted: 2020-08-12 05:45 UTC Modified: 2020-08-13 07:35 UTC
From: changochen1 at gmail dot com Assigned:
Status: Open Package: Scripting Engine problem
PHP Version: 8.0Git-2020-08-12 (Git) OS:
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2020-08-12 05:45 UTC] changochen1 at gmail dot com
Description:
------------
We found a memory leak in PHP. Please refer to the POC.

Test script:
---------------
<?php
 $f1 = fopen ( "php://input" , "r" ) ;
 $f2 = fopen ( 20, 10 , $a [ 1 ] [ 1 ] = 3409 , $f1 ) ;


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2020-08-12 07:52 UTC] nikic@php.net
-Status: Open +Status: Feedback
 [2020-08-12 07:52 UTC] nikic@php.net
I can't reproduce this leak. Not seeing a message from ZMM or anything under USE_ZEND_ALLOC=0 valgrind --leak-check=full.

Do you have a stack trace for the leak?
 [2020-08-12 15:06 UTC] changochen1 at gmail dot com
-Status: Feedback +Status: Open
 [2020-08-12 15:06 UTC] changochen1 at gmail dot com
It doesn't crash so I am not sure how to get a stacktrace.
The log is:
---
Fatal error: Uncaught TypeError: fopen(): supplied resource is not a valid Stream-Context resource in /home/yongheng/php_commit/php_poc44.php:4
Stack trace:
#0 /home/yongheng/php_commit/php_poc44.php(4): fopen('20', '10', 3409, Resource id #7)
#1 {main}
  thrown in /home/yongheng/php_commit/php_poc44.php on line 4
[Wed Aug 12 11:04:12 2020]  Script:  '/home/yongheng/php_commit/php_poc44.php'
/home/yongheng/php_clean/Zend/zend_string.h(141) :  Freeing 0x00007ffff2c58780 (56 bytes), script=/home/yongheng/php_commit/php_poc44.php
=== Total 1 memory leaks detected ===
---

How should I provide more details?
 [2020-08-13 07:20 UTC] cmb@php.net
I cannot reproduce the memory leak on Windows either.
 [2020-08-13 07:35 UTC] nikic@php.net
> How should I provide more details?

Running under "USE_ZEND_ALLOC=0 valgrind --leak-check=full php test.php" should produce a back trace for the leak. (If you are using leak sanitizer, just the USE_ZEND_ALLOC=0 part is enough.)
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Tue Sep 22 04:01:23 2020 UTC