tony2001 Thu Jun 2 17:04:12 2005 EDT
Modified files:
/php-src/ext/curl interface.c php_curl.h
Log:
fix bug #33222 (segfault when CURL handle is closed in a callback).
fix segfaults when CURL callback functions throw exception.
http://cvs.php.net/diff.php/php-src/ext/curl/interface.c?r1=1.56&r2=1.57&ty=u
Index: php-src/ext/curl/interface.c
diff -u php-src/ext/curl/interface.c:1.56 php-src/ext/curl/interface.c:1.57
--- php-src/ext/curl/interface.c:1.56 Thu Apr 21 17:11:21 2005
+++ php-src/ext/curl/interface.c Thu Jun 2 17:04:12 2005
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: interface.c,v 1.56 2005/04/21 21:11:21 iliaa Exp $ */
+/* $Id: interface.c,v 1.57 2005/06/02 21:04:12 tony2001 Exp $ */
#define ZEND_INCLUDE_FULL_WINDOWS_HEADERS
@@ -490,20 +490,22 @@
fci.no_separation = 0;
fci.symbol_table = NULL;
+ ch->in_callback = 1;
error = zend_call_function(&fci, &t->fci_cache
TSRMLS_CC);
+ ch->in_callback = 0;
if (error == FAILURE) {
php_error_docref(NULL TSRMLS_CC, E_WARNING,
"Could not call the CURLOPT_WRITEFUNCTION");
length = -1;
- } else {
+ } else if (retval_ptr) {
if (Z_TYPE_P(retval_ptr) != IS_LONG) {
convert_to_long_ex(&retval_ptr);
}
length = Z_LVAL_P(retval_ptr);
+ zval_ptr_dtor(&retval_ptr);
}
zval_ptr_dtor(argv[0]);
zval_ptr_dtor(argv[1]);
- zval_ptr_dtor(&retval_ptr);
break;
}
}
@@ -560,20 +562,23 @@
fci.no_separation = 0;
fci.symbol_table = NULL;
+ ch->in_callback = 1;
error = zend_call_function(&fci, &t->fci_cache
TSRMLS_CC);
+ ch->in_callback = 0;
if (error == FAILURE) {
php_error_docref(NULL TSRMLS_CC, E_WARNING,
"Cannot call the CURLOPT_READFUNCTION");
- } else {
+ length = -1;
+ } else if (retval_ptr) {
if (Z_TYPE_P(retval_ptr) == IS_STRING) {
length = MIN(size * nmemb,
Z_STRLEN_P(retval_ptr));
memcpy(data, Z_STRVAL_P(retval_ptr),
length);
}
+ zval_ptr_dtor(&retval_ptr);
}
zval_ptr_dtor(argv[0]);
zval_ptr_dtor(argv[1]);
zval_ptr_dtor(argv[2]);
- zval_ptr_dtor(&retval_ptr);
break;
}
}
@@ -631,19 +636,21 @@
fci.params = argv;
fci.no_separation = 0;
+ ch->in_callback = 1;
error = zend_call_function(&fci, &t->fci_cache
TSRMLS_CC);
+ ch->in_callback = 0;
if (error == FAILURE) {
php_error_docref(NULL TSRMLS_CC, E_WARNING,
"Could not call the CURLOPT_HEADERFUNCTION");
length = -1;
- } else {
+ } else if (retval_ptr) {
if (Z_TYPE_P(retval_ptr) != IS_LONG) {
convert_to_long_ex(&retval_ptr);
}
length = Z_LVAL_P(retval_ptr);
+ zval_ptr_dtor(&retval_ptr);
}
zval_ptr_dtor(argv[0]);
zval_ptr_dtor(argv[1]);
- zval_ptr_dtor(&retval_ptr);
break;
}
@@ -779,6 +786,8 @@
(*ch)->handlers->write_header = ecalloc(1, sizeof(php_curl_write));
(*ch)->handlers->read = ecalloc(1, sizeof(php_curl_read));
+ (*ch)->in_callback = 0;
+
memset(&(*ch)->err, 0, sizeof((*ch)->err));
zend_llist_init(&(*ch)->to_free.str, sizeof(char *),
(void(*)(void *)) curl_free_string, 0);
@@ -1478,6 +1487,12 @@
}
ZEND_FETCH_RESOURCE(ch, php_curl *, zid, -1, le_curl_name, le_curl);
+
+ if (ch->in_callback) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Attempt to close
CURL handle from a callback");
+ return;
+ }
+
if (ch->uses) {
ch->uses--;
} else {
http://cvs.php.net/diff.php/php-src/ext/curl/php_curl.h?r1=1.41&r2=1.42&ty=u
Index: php-src/ext/curl/php_curl.h
diff -u php-src/ext/curl/php_curl.h:1.41 php-src/ext/curl/php_curl.h:1.42
--- php-src/ext/curl/php_curl.h:1.41 Fri Mar 12 13:37:55 2004
+++ php-src/ext/curl/php_curl.h Thu Jun 2 17:04:12 2005
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: php_curl.h,v 1.41 2004/03/12 18:37:55 sterling Exp $ */
+/* $Id: php_curl.h,v 1.42 2005/06/02 21:04:12 tony2001 Exp $ */
#ifndef _PHP_CURL_H
#define _PHP_CURL_H
@@ -121,6 +121,7 @@
php_curl_handlers *handlers;
long id;
unsigned int uses;
+ zend_bool in_callback;
} php_curl;
typedef struct {
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
