Attached to this message is a patch to php's shmop extension, it fixes the
following:
- shmop_open has a new flag for read/write access, 'w' (bug #10530, 10656)
- shmop_open has a new flag for create only 'n' (bug #10530, 10656)
- eliminated a segfault when trying to write to a SHM_RDONLY segment (bug
#14784)
- eliminated a segfault when an invalid flag which starts with 'a' or 'c' is
passed (bug #14784)
- updated creators' email addresses
- changed error messages to say shmop_* instead of shm* to correspond with
new shmop_* function names
Could someone with a CVS access please implement the diff and close the 3 bug
reports I've outlined. I will submit a patch to the shmop's php documentation
shortly.
I've tested this diff on PHP 4.0.6,4.1.0 & 4.1.1 it seems to work fine on all
of them. On 4.0.6 patch complains a little but it works fine non the less.
cd php4;
patch -p0 < shmop.diff
diff -urN ext/shmop/ChangeLog ext/shmop/ChangeLog
--- ext/shmop/ChangeLog Wed Dec 31 19:00:00 1969
+++ ext/shmop/ChangeLog Wed Jan 2 13:15:34 2002
@@ -0,0 +1,7 @@
+Jan, 2, 2002
+
+- shmop_open has a new flag for read/write access, 'w' (bug #10530, 10656)
+- shmop_open has a new flag for create only 'n' (bug #10530, 10656)
+- eliminated a segfault when trying to write to a SHM_RDONLY segment (bug #14784)
+- eliminated a segfault when an invalid flag which starts with 'a' or 'c' is passed (bug #14784)
+- updated creators' email addresses
+- changed error messages to say shmop_* instead of shm* to correspond with new shmop_* function names
diff -urN ext/shmop/README ext/shmop/README
--- ext/shmop/README Tue Oct 3 17:56:21 2000
+++ ext/shmop/README Wed Jan 2 13:57:23 2002
@@ -1,31 +1,35 @@
-last update sept 3, 2000 ([EMAIL PROTECTED][EMAIL PROTECTED])
+last update Jan 2, 2002 ([EMAIL PROTECTED][EMAIL PROTECTED])
Shared Memory Operations Extension to PHP4
- While developing a search deamon we needed the php based front end
- to communicate the deamon via SHM. Now, PHP already had a shared memory
+ While developing a search deamon we needed a php based front end
+ to communicate the deamon via SHM. PHP already had a shared memory
extention (sysvshm) written by Christian Cartus <[EMAIL PROTECTED]>,
- unfortunatly this extention was designed with PHP only in mind, and
+ unfortunatly this extention was designed with PHP only in mind and
offers high level features which are extremly bothersome for basic SHM
- we had in mind. After spending a day trying to reverse engeener figure
+ we had in mind. After spending a day trying to reverse engineer and figure
out the format of sysvshm we decided that it would be much easier to
add our own extention to php for simple SHM operations, we were right :)).
the functions are:
-int shm_open(int key, string flags, int mode, int size)
+int shmop_open(int key, string flags, int mode, int size)
key - the key of/for the shared memory block
- flags - 2 flags are avalible
- a for access (sets IPC_EXCL)
- c for create (sets IPC_CREATE)
+ flags - 3 flags are avalible
+ a for read only access (sets SHM_RDONLY)
+ w for read & write access
+ c create or open an existing segment (sets IPC_CREATE)
+ n create a new segment and fail if one already exists under same name (sets IPC_CREATE|IPC_EXCL)
+ (the n flag is mostly useful for security perpouses, so that you don't end up opening a faked segment
+ if someone guesses your key)
mode - acsess mode same as for a file (0644) for example
size - size of the block in bytes
returns an indentifier
-char shm_read(int shmid, int start, int count)
+char shmop_read(int shmid, int start, int count)
shmid - shmid from which to read
start - offset from which to start reading
@@ -33,7 +37,7 @@
returns the data read
-int shm_write(int shmid, string data, int offset)
+int shmop_write(int shmid, string data, int offset)
shmid - shmid from which to read
data - string to put into shared memory
@@ -41,14 +45,14 @@
returns bytes written
-int shm_size(int shmid)
+int shmop_size(int shmid)
shmid - shmid for which to return the size
returns the size in bytes of the shm segment
-int shm_delete(int shmid)
+int shmop_delete(int shmid)
marks the segment for deletion, the segment will be deleted when all processes mapping it will detach
@@ -56,7 +60,7 @@
returns 1 if all ok, zero on failure
-int shm_close(int shmid)
+int shmop_close(int shmid)
shmid - shmid which to close
diff -urN ext/shmop/php_shmop.h ext/shmop/php_shmop.h
--- ext/shmop/php_shmop.h Mon Sep 17 09:43:11 2001
+++ ext/shmop/php_shmop.h Wed Jan 2 13:06:18 2002
@@ -12,8 +12,8 @@
| obtain it through the world-wide-web, please send a note to |
| [EMAIL PROTECTED] so we can mail you a copy immediately. |
+----------------------------------------------------------------------+
- | Authors: Slava Poliakov ([EMAIL PROTECTED]) |
- | Ilia Alshanetsky ([EMAIL PROTECTED]) |
+ | Authors: Slava Poliakov ([EMAIL PROTECTED]) |
+ | Ilia Alshanetsky ([EMAIL PROTECTED]) |
+----------------------------------------------------------------------+
*/
#ifndef PHP_SHMOP_H
@@ -52,6 +52,7 @@
int shmid;
key_t key;
int shmflg;
+ int shmatflg;
char *addr;
int size;
};
diff -urN ext/shmop/shmop.c ext/shmop/shmop.c
--- ext/shmop/shmop.c Thu Oct 11 19:52:01 2001
+++ ext/shmop/shmop.c Wed Jan 2 13:53:52 2002
@@ -12,8 +12,8 @@
| obtain it through the world-wide-web, please send a note to |
| [EMAIL PROTECTED] so we can mail you a copy immediately. |
+----------------------------------------------------------------------+
- | Authors: Slava Poliakov ([EMAIL PROTECTED]) |
- | Ilia Alshanetsky ([EMAIL PROTECTED]) |
+ | Authors: Slava Poliakov ([EMAIL PROTECTED]) |
+ | Ilia Alshanetsky ([EMAIL PROTECTED]) |
+----------------------------------------------------------------------+
*/
/* $Id: shmop.c,v 1.16.2.1 2001/10/11 23:52:01 ssb Exp $ */
@@ -125,7 +125,6 @@
struct php_shmop *shmop;
struct shmid_ds shm;
int rsid;
- int shmflg=0;
if (ZEND_NUM_ARGS() != 4 || zend_get_parameters_ex(4, &key, &flags, &mode, &size) == FAILURE) {
WRONG_PARAM_COUNT;
@@ -142,37 +141,53 @@
shmop->key = (*key)->value.lval;
shmop->shmflg |= (*mode)->value.lval;
- if (memchr((*flags)->value.str.val, 'a', (*flags)->value.str.len)) {
- shmflg = SHM_RDONLY;
- shmop->shmflg |= IPC_EXCL;
- }
- else if (memchr((*flags)->value.str.val, 'c', (*flags)->value.str.len)) {
- shmop->shmflg |= IPC_CREAT;
- shmop->size = (*size)->value.lval;
- }
- else {
- php_error(E_WARNING, "shmopen: access mode invalid");
- efree(shmop);
+ if( (*flags)->value.str.len != 1 ) {
+ php_error(E_WARNING, "shmop_open: invalid flag");
RETURN_FALSE;
}
+ switch( (*flags)->value.str.val[0] )
+ {
+ case 'a':
+ shmop->shmatflg |= SHM_RDONLY;
+ break;
+ case 'c':
+ shmop->shmflg |= IPC_CREAT;
+ shmop->size = (*size)->value.lval;
+ break;
+ case 'n':
+ shmop->shmflg |= (IPC_CREAT|IPC_EXCL);
+ shmop->size = (*size)->value.lval;
+ break;
+ case 'w':
+ /* noop
+ shm segment is being opened for read & write
+ will fail if segment does not exist
+ */
+ break;
+ default:
+ php_error(E_WARNING, "shmop_open: invalid access mode");
+ efree(shmop);
+ RETURN_FALSE;
+ }
+
shmop->shmid = shmget(shmop->key, shmop->size, shmop->shmflg);
if (shmop->shmid == -1) {
- php_error(E_WARNING, "shmopen: can't get the block");
+ php_error(E_WARNING, "shmop_open: unable to attach or create shm segment");
efree(shmop);
RETURN_FALSE;
}
if (shmctl(shmop->shmid, IPC_STAT, &shm)) {
efree(shmop);
- php_error(E_WARNING, "shmopen: can't get information on the block");
+ php_error(E_WARNING, "shmop_open: unable to get shm segment information");
RETURN_FALSE;
}
- shmop->addr = shmat(shmop->shmid, 0, shmflg);
+ shmop->addr = shmat(shmop->shmid, 0, shmop->shmatflg);
if (shmop->addr == (char*) -1) {
efree(shmop);
- php_error(E_WARNING, "shmopen: can't attach the memory block");
+ php_error(E_WARNING, "shmop_open: unable to attach to shm segment");
RETURN_FALSE;
}
@@ -205,22 +220,22 @@
shmop = zend_list_find((*shmid)->value.lval, &type);
if (!shmop) {
- php_error(E_WARNING, "shmread: can't find this segment");
+ php_error(E_WARNING, "shmop_read: can't find this segment");
RETURN_FALSE;
}
if ((*start)->value.lval < 0 || (*start)->value.lval > shmop->size) {
- php_error(E_WARNING, "shmread: start is out of range");
+ php_error(E_WARNING, "shmop_read: start is out of range");
RETURN_FALSE;
}
if (((*start)->value.lval+(*count)->value.lval) > shmop->size) {
- php_error(E_WARNING, "shmread: count is out of range");
+ php_error(E_WARNING, "shmop_read: count is out of range");
RETURN_FALSE;
}
if ((*count)->value.lval < 0 ){
- php_error(E_WARNING, "shmread: count is out of range");
+ php_error(E_WARNING, "shmop_read: count is out of range");
RETURN_FALSE;
}
@@ -249,7 +264,7 @@
shmop = zend_list_find((*shmid)->value.lval, &type);
if (!shmop) {
- php_error(E_WARNING, "shmclose: no such shmid");
+ php_error(E_WARNING, "shmop_close: no such shmid");
RETURN_FALSE;
}
zend_list_delete((*shmid)->value.lval);
@@ -273,7 +288,7 @@
shmop = zend_list_find((*shmid)->value.lval, &type);
if (!shmop) {
- php_error(E_WARNING, "shmsize: no such segment");
+ php_error(E_WARNING, "shmop_size: no such segment");
RETURN_FALSE;
}
@@ -301,12 +316,17 @@
shmop = zend_list_find((*shmid)->value.lval, &type);
if (!shmop) {
- php_error(E_WARNING, "shmwrite: error no such segment");
+ php_error(E_WARNING, "shmop_write: error no such segment");
+ RETURN_FALSE;
+ }
+
+ if( (shmop->shmatflg&SHM_RDONLY) == SHM_RDONLY ) {
+ php_error(E_WARNING, "shmop_write: trying to write to a read only segment");
RETURN_FALSE;
}
if ( (*offset)->value.lval > shmop->size ) {
- php_error(E_WARNING, "shmwrite: offset out of range");
+ php_error(E_WARNING, "shmop_write: offset out of range");
RETURN_FALSE;
}
@@ -334,12 +354,12 @@
shmop = zend_list_find((*shmid)->value.lval, &type);
if (!shmop) {
- php_error(E_WARNING, "shmdelete: error no such segment");
+ php_error(E_WARNING, "shmop_delete: error no such segment");
RETURN_FALSE;
}
if (shmctl(shmop->shmid, IPC_RMID, NULL)) {
- php_error(E_WARNING, "shmdelete: can't mark segment for deletion (are you the owner?)");
+ php_error(E_WARNING, "shmop_delete: can't mark segment for deletion (are you the owner?)");
RETURN_FALSE;
}
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
