ID: 48619 Updated by: paj...@php.net Reported By: andy at webtatic dot com Status: Assigned Bug Type: IMAP related Operating System: CentOS 5.3 i386 PHP Version: 5.2.10 Assigned To: pajoye New Comment:
I made one already too, http://pastebin.com/m22b58a19 I prefer this way as there is no ambiguity, I also fixed the other locations where a similar situation can happen. I have to merge into head and it will committed. Thanks for your work! Previous Comments: ------------------------------------------------------------------------ [2009-06-20 20:54:37] andy at webtatic dot com I've made a patch for it, as I'd like to have it patched in my rpms of 5.2.10. I can't see anywhere to upload files, so I'll post it here, only short: --- php-5.2.10/ext/imap/php_imap.c.pgmfree 2009-06-20 21:44:54.000000000 +0100 +++ php-5.2.10/ext/imap/php_imap.c 2009-06-20 21:45:16.000000000 +0100 @@ -3701,7 +3701,7 @@ flags = SE_FREE; } else { convert_to_long_ex(search_flags); - flags = Z_LVAL_PP(search_flags); + flags = Z_LVAL_PP(search_flags) & SE_FREE; if (argc == 4) { convert_to_string_ex(charset); } @@ -3712,10 +3712,6 @@ mail_search_full(imap_le_struct->imap_stream, (argc == 4 ? Z_STRVAL_PP(charset) : NIL), pgm, flags); - if (pgm) { - mail_free_searchpgm(&pgm); - } - if (IMAPG(imap_messages) == NIL) { efree(search_criteria); RETURN_FALSE; ------------------------------------------------------------------------ [2009-06-20 20:39:22] paj...@php.net Ah nice catch for this edge case. I will fix it soonish. Thanks :) ------------------------------------------------------------------------ [2009-06-20 20:34:39] andy at webtatic dot com Also looking at c-client's latest, the same internal free happens, so will cause the same problem. ------------------------------------------------------------------------ [2009-06-20 20:30:30] andy at webtatic dot com Ok, I did some investigating and found out it is caused by the fix #47940. If no search flags are set, you set flags to SE_FREE, which mail_search_full then frees the pgm internally, but then you then free again, causing the segfault. This will be an issue on any OS. The correct way to do it would probably be to always add the SE_FREE flag and let it do it itself, and not free in imap_search. ------------------------------------------------------------------------ [2009-06-20 20:10:17] paj...@php.net Hm, this version is outdated. Can you try using a decent version? 2007x (where x is a letter). You can get it here: http://www.washington.edu/imap/ ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/48619 -- Edit this bug report at http://bugs.php.net/?id=48619&edit=1