When php_stream_cast is passed any of the _AS_FD-like options, what is
the ret argument supposed to point to? This does not seem to be decided
consistently; from a quick survey:
ext/openssl/xp_ssl.c:
php_openssl_sockop_cast() presumes that *ret has sizeof(void *)
ext/soap/php_http.c:
stream_alive() presumes that *ret has sizeof(long)
ext/standard/streamfuncs.c:
stream_array_from_fd_set() presumes that *ret has sizeof(php_socket_t)
main/streams/xp_socket.c:
php_sockop_cast() presumes that *ret has sizeof(int)
On 64-bit platforms, of course, at least half of these cases will break,
since sizeof(int) != sizeof(long).
This issue is the cause of http://bugs.php.net/bug.php?id=32979, where a
64-bit value is being written to an pointer to a 32-bit value on the
stack, and trashing whatever follows it.
joe
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
