#44836 [NEW]: [PATCH] Avoid direct reference of environ in POSIX systems

Fri, 25 Apr 2008 16:51:00 -0700 

From:             delphij at FreeBSD dot org
Operating system: FreeBSD 7.0
PHP version:      5.2.5
PHP Bug Type:     Reproducible crash
Bug description:  [PATCH] Avoid direct reference of environ in POSIX systems

Description:
------------
PHP would crash in certain cases where putenv() is being called, in POSIX
systems which calls free() in putenv().

The following patch always duplicate the environment from the environment
instead of relying on that they are invariant.

--- ext/standard/basic_functions.c.orig 2008-04-25 16:26:14.885468614
-0700
+++ ext/standard/basic_functions.c      2008-04-25 16:32:46.215744075 -0700
@@ -3861,9 +3862,7 @@
                SetEnvironmentVariable(pe->key, "bugbug");
 #endif
                putenv(pe->previous_value);
-# if defined(PHP_WIN32)
                efree(pe->previous_value);
-# endif
        } else {
 # if HAVE_UNSETENV
                unsetenv(pe->key);
@@ -4463,12 +4462,8 @@
                pe.previous_value = NULL;
                for (env = environ; env != NULL && *env != NULL; env++) {
                        if (!strncmp(*env, pe.key, pe.key_len) && 
(*env)[pe.key_len] == '=')
{       /* found it */
-#if defined(PHP_WIN32)
                                /* must copy previous value because MSVCRT's 
putenv can free the
string without notice */
                                pe.previous_value = estrdup(*env);
-#else
-                               pe.previous_value = *env;
-#endif
                                break;
                        }
                }



-- 
Edit bug report at http://bugs.php.net/?id=44836&edit=1
-- 
Try a CVS snapshot (PHP 5.2): 
http://bugs.php.net/fix.php?id=44836&r=trysnapshot52
Try a CVS snapshot (PHP 5.3): 
http://bugs.php.net/fix.php?id=44836&r=trysnapshot53
Try a CVS snapshot (PHP 6.0): 
http://bugs.php.net/fix.php?id=44836&r=trysnapshot60
Fixed in CVS:                 http://bugs.php.net/fix.php?id=44836&r=fixedcvs
Fixed in release:             
http://bugs.php.net/fix.php?id=44836&r=alreadyfixed
Need backtrace:               http://bugs.php.net/fix.php?id=44836&r=needtrace
Need Reproduce Script:        http://bugs.php.net/fix.php?id=44836&r=needscript
Try newer version:            http://bugs.php.net/fix.php?id=44836&r=oldversion
Not developer issue:          http://bugs.php.net/fix.php?id=44836&r=support
Expected behavior:            http://bugs.php.net/fix.php?id=44836&r=notwrong
Not enough info:              
http://bugs.php.net/fix.php?id=44836&r=notenoughinfo
Submitted twice:              
http://bugs.php.net/fix.php?id=44836&r=submittedtwice
register_globals:             http://bugs.php.net/fix.php?id=44836&r=globals
PHP 4 support discontinued:   http://bugs.php.net/fix.php?id=44836&r=php4
Daylight Savings:             http://bugs.php.net/fix.php?id=44836&r=dst
IIS Stability:                http://bugs.php.net/fix.php?id=44836&r=isapi
Install GNU Sed:              http://bugs.php.net/fix.php?id=44836&r=gnused
Floating point limitations:   http://bugs.php.net/fix.php?id=44836&r=float
No Zend Extensions:           http://bugs.php.net/fix.php?id=44836&r=nozend
MySQL Configuration Error:    http://bugs.php.net/fix.php?id=44836&r=mysqlcfg

Reply via email to