#25547 [Com]: error_handler and array index with function call

Sun, 04 Jan 2004 20:52:34 -0800 

 ID:               25547
 Comment by:       cvianna at stech dot net dot br
 Reported By:      cschneid at cschneid dot com
 Status:           Verified
 Bug Type:         Scripting Engine problem
 Operating System: *
 PHP Version:      4CVS
 New Comment:

The patch applied perfectly, and the make test didnt find any error
after this.

Altough, my problem ([Mon Jan  5 01:48:52 2004] [notice] child pid 3965
exit signal Segmentation fault (11)
) every time I access an php page, persists. Not associated :) Back to
google.


Previous Comments:
------------------------------------------------------------------------

[2004-01-04 17:53:24] cschneid at cschneid dot com

A workaround patch (without memory leak ;-)) can be found at
http://cschneid.com/php/php4/bug25547.patch

------------------------------------------------------------------------

[2004-01-04 17:49:09] cschneid at cschneid dot com

Problem still exists in PHP4 branch

------------------------------------------------------------------------

[2003-12-31 03:17:39] [EMAIL PROTECTED]

The bug is fixed in PHP5 CVS (zend.c,v 1.260).

------------------------------------------------------------------------

[2003-10-16 04:09:39] [EMAIL PROTECTED]

You now have a memory leak. I tried something similar too. But we
decided to look for a better solution where we don't gc the variable we
still need.

------------------------------------------------------------------------

[2003-10-15 08:19:08] cschneid at cschneid dot com

The problem seems to be that dim->value is overwritten, copying the
value solves this. I don't have enough insight in Zend to know if this
is a memory leak and the values should be freed at some point or if
this is ok.

Hope this helps:

diff -u -u -r1.316.2.21 zend_execute.c
--- Zend/zend_execute.c 30 Jul 2003 16:33:54 -0000      1.316.2.21
+++ Zend/zend_execute.c 15 Oct 2003 12:17:10 -0000
@@ -626,7 +626,7 @@
                        offset_key_length = 0;
                        goto fetch_string_dim;
                case IS_STRING:
-                       offset_key = dim->value.str.val;
+                       offset_key = estrndup(dim->value.str.val,
dim->value.str.len);
                        offset_key_length = dim->value.str.len;

 fetch_string_dim:

------------------------------------------------------------------------

The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
    http://bugs.php.net/25547

-- 
Edit this bug report at http://bugs.php.net/?id=25547&edit=1

Reply via email to