#27821 [Opn->Ver]: xml_parse cause segmentation fault when xml_set_object called from class method

sniper Wed, 07 Apr 2004 02:26:25 -0700

 ID:               27821
 Updated by:       [EMAIL PROTECTED]
 Reported By:      michael at elfimov dot com
-Status:           Open
+Status:           Verified
 Bug Type:         XML related
-Operating System: Linux
+Operating System: *
-PHP Version:      5.0.0RC1
+PHP Version:      5CVS-2004-04-07
 New Comment:


[Switching to Thread 16384 (LWP 16987)]

0x083471aa in zend_call_function (fci=0xbfffd270, fci_cache=0x0) at
/usr/src/web/php/php5/Zend/zend_execute_API.c:683

683                             if
(Z_OBJ_HT_PP(fci->object_pp)->get_method == NULL) {

(gdb) bt

#0  0x083471aa in zend_call_function (fci=0xbfffd270, fci_cache=0x0)

    at /usr/src/web/php/php5/Zend/zend_execute_API.c:683

#1  0x082f852d in xml_call_handler (parser=0x40e47038,
handler=0x40e46fb0, function_ptr=0x0, argc=3, argv=0xbfffd2f0)

    at /usr/src/web/php/php5/ext/xml/xml.c:435

#2  0x082f8f13 in _xml_startElementHandler (userData=0x40e47038,
name=0x87d3650 "OBJECT", attributes=0x0)

    at /usr/src/web/php/php5/ext/xml/xml.c:711

#3  0x082fbc19 in _start_element_handler (user=0x40e47104,
name=0x87d327b "OBJECT", attributes=0x0)

    at /usr/src/web/php/php5/ext/xml/compat.c:63

#4  0x40baf835 in xmlParseStartTag () from /usr/lib/libxml2.so.2

#5  0x40bb4a8d in xmlParseExtParsedEnt () from /usr/lib/libxml2.so.2

#6  0x40bb54ff in xmlParseChunk () from /usr/lib/libxml2.so.2

#7  0x082fc4af in php_XML_Parse (parser=0x40e47104, 

    data=0x40e46b4c
"<OBJECT>\n<CLIENT_ID>1</CLIENT_ID>\n<CLIENT_CAT_ID>3</CLIENT_CAT_ID>\n<USER_ID>1</USER_ID>\n<GROUP_ID>2</GROUP_ID>\n<SESSION_CODE>6f121f896c1db735891d28448b02b978</SESSION_CODE>\n</OBJECT>",
data_len=182, is_final=0)

    at /usr/src/web/php/php5/ext/xml/compat.c:441

#8  0x082fa9c9 in zif_xml_parse (ht=2, return_value=0x40e46f6c,
this_ptr=0x0, return_value_used=0)

    at /usr/src/web/php/php5/ext/xml/xml.c:1349

#9  0x0837a526 in zend_do_fcall_common_helper (execute_data=0xbfffd5e0,
opline=0x40e47ccc, op_array=0x40e466a4)

    at /usr/src/web/php/php5/Zend/zend_execute.c:2699

#10 0x0837ac76 in zend_do_fcall_handler (execute_data=0xbfffd5e0,
opline=0x40e47ccc, op_array=0x40e466a4)

    at /usr/src/web/php/php5/Zend/zend_execute.c:2828

#11 0x08376b20 in execute (op_array=0x40e466a4) at
/usr/src/web/php/php5/Zend/zend_execute.c:1391

#12 0x0837a6bf in zend_do_fcall_common_helper (execute_data=0xbfffd7d0,
opline=0x40e42ca0, op_array=0x40e4266c)

    at /usr/src/web/php/php5/Zend/zend_execute.c:2728

#13 0x0837ab68 in zend_do_fcall_by_name_handler
(execute_data=0xbfffd7d0, opline=0x40e42ca0, op_array=0x40e4266c)

    at /usr/src/web/php/php5/Zend/zend_execute.c:2810

#14 0x08376b20 in execute (op_array=0x40e4266c) at
/usr/src/web/php/php5/Zend/zend_execute.c:1391

#15 0x08353c59 in zend_execute_scripts (type=8, retval=0x0,
file_count=3) at /usr/src/web/php/php5/Zend/zend.c:1057

#16 0x0830e874 in php_execute_script (primary_file=0xbffffbd0) at
/usr/src/web/php/php5/main/main.c:1630

#17 0x0838edaf in main (argc=2, argv=0xbffffc64) at
/usr/src/web/php/php5/sapi/cli/php_cli.c:943




Previous Comments:
------------------------------------------------------------------------

[2004-04-01 03:05:59] michael at elfimov dot com

Description:
------------
xml_parse cause segmentation fault when xml_set_object called from
class member function (as showed in example below). When xml_set_object
called from class constructor or from "parse" class method then things
going ok, but when xml_set_object placed in "init" class method then
things going wrong.

Reproduce code:
---------------
<?php



class sxml {

    var $handle;



    function start_elem($parser,$name,$attribs) {

        print "$name ";

    

        foreach($attribs as $key => $value) {

            print "$key = $value ";

        }

        print "\n";

    }



    function end_elem()

    {

    }



    function init() {

        $this->handle = xml_parser_create("ISO-8859-1");

        xml_set_object($this->handle, $this);

       
xml_set_element_handler($this->handle,'start_elem','end_elem');

       
xml_parser_set_option($this->handle,XML_OPTION_CASE_FOLDING,0);

    }



    function release() {

        xml_parser_free($this->handle);

    }



    function parse($source) {

        $this->init();

        xml_parse($this->handle, $source);

        $this->release();

    }



}



$source = '<OBJECT>

<CLIENT_ID>1</CLIENT_ID>

<CLIENT_CAT_ID>3</CLIENT_CAT_ID>

<USER_ID>1</USER_ID>

<GROUP_ID>2</GROUP_ID>

<SESSION_CODE>6f121f896c1db735891d28448b02b978</SESSION_CODE>

</OBJECT>';



$obj = new sxml;

$obj->parse($source);



?>



Expected result:
----------------
OBJECT

CLIENT_ID

CLIENT_CAT_ID

USER_ID

GROUP_ID

SESSION_CODE

Actual result:
--------------
Segmentation fault


------------------------------------------------------------------------


-- 
Edit this bug report at http://bugs.php.net/?id=27821&edit=1

#27821 [Opn->Ver]: xml_parse cause segmentation fault when xml_set_object called from class method

Reply via email to