From: [email protected]
Operating system: Linux
PHP version: 5.3CVS-2009-06-24 (CVS)
PHP Bug Type: Date/time related
Bug description: DateInterval segfaults when unserialising
Description:
------------
See below:
Reproduce code:
---------------
$x = new dateinterval("P3Y6M4DT12H30M5S");
unserialize(serialize($x));
Expected result:
----------------
No SIGSEGV.
Actual result:
--------------
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb7b786c0 (LWP 29877)]
0x0806919f in date_object_get_properties_interval (object=0x8f35344,
tsrm_ls=0x8df3050) at /home/felipe/dev/php5/ext/date/php_date.c:2221
2221 PHP_DATE_INTERVAL_ADD_PROPERTY("y", y);
(gdb) bt
#0 0x0806919f in date_object_get_properties_interval (object=0x8f35344,
tsrm_ls=0x8df3050) at /home/felipe/dev/php5/ext/date/php_date.c:2221
#1 0x0834d127 in object_common2 (rval=0xbf906a94, p=0xbf906a78,
max=0x8f35156 "", var_hash=0xbf906a70, tsrm_ls=0x8df3050, elements=8)
at ext/standard/var_unserializer.re:369
#2 0x0834b4fe in php_var_unserialize (rval=0xbf906a94, p=0xbf906a78,
max=0x8f35156 "", var_hash=0xbf906a70, tsrm_ls=0x8df3050)
at ext/standard/var_unserializer.re:713
#3 0x08339617 in zif_unserialize (ht=1, return_value=0x8f35344,
return_value_ptr=0x0, this_ptr=0x0, return_value_used=0,
tsrm_ls=0x8df3050)
at /home/felipe/dev/php5/ext/standard/var.c:868
#4 0x08436a24 in zend_do_fcall_common_helper_SPEC
(execute_data=0x8f62a94, tsrm_ls=0x8df3050) at
/home/felipe/dev/php5/Zend/zend_vm_execute.h:313
#5 0x0843cb8b in ZEND_DO_FCALL_SPEC_CONST_HANDLER
(execute_data=0x8f62a94, tsrm_ls=0x8df3050) at
/home/felipe/dev/php5/Zend/zend_vm_execute.h:1601
#6 0x084357eb in execute (op_array=0x8f33fc8, tsrm_ls=0x8df3050) at
/home/felipe/dev/php5/Zend/zend_vm_execute.h:104
#7 0x083f4ef4 in zend_eval_stringl (str=0xbf9087d3 "$x = new
dateinterval(\"P3Y6M4DT12H30M5S\"); unserialize(serialize($x));",
str_len=70, retval_ptr=0x0,
string_name=0x87a08b4 "Command line code", tsrm_ls=0x8df3050) at
/home/felipe/dev/php5/Zend/zend_execute_API.c:1159
#8 0x083f517b in zend_eval_stringl_ex (str=0xbf9087d3 "$x = new
dateinterval(\"P3Y6M4DT12H30M5S\"); unserialize(serialize($x));",
str_len=70,
retval_ptr=0x0, string_name=0x87a08b4 "Command line code",
handle_exceptions=1, tsrm_ls=0x8df3050) at
/home/felipe/dev/php5/Zend/zend_execute_API.c:1200
#9 0x083f522f in zend_eval_string_ex (str=0xbf9087d3 "$x = new
dateinterval(\"P3Y6M4DT12H30M5S\"); unserialize(serialize($x));",
retval_ptr=0x0,
string_name=0x87a08b4 "Command line code", handle_exceptions=1,
tsrm_ls=0x8df3050) at /home/felipe/dev/php5/Zend/zend_execute_API.c:1211
#10 0x084e6ca2 in main (argc=3, argv=0xbf906f84) at
/home/felipe/dev/php5/sapi/cli/php_cli.c:1227
--
Edit bug report at http://bugs.php.net/?id=48678&edit=1
--
Try a CVS snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=48678&r=trysnapshot52
Try a CVS snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=48678&r=trysnapshot53
Try a CVS snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=48678&r=trysnapshot60
Fixed in CVS:
http://bugs.php.net/fix.php?id=48678&r=fixedcvs
Fixed in CVS and need be documented:
http://bugs.php.net/fix.php?id=48678&r=needdocs
Fixed in release:
http://bugs.php.net/fix.php?id=48678&r=alreadyfixed
Need backtrace:
http://bugs.php.net/fix.php?id=48678&r=needtrace
Need Reproduce Script:
http://bugs.php.net/fix.php?id=48678&r=needscript
Try newer version:
http://bugs.php.net/fix.php?id=48678&r=oldversion
Not developer issue:
http://bugs.php.net/fix.php?id=48678&r=support
Expected behavior:
http://bugs.php.net/fix.php?id=48678&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=48678&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=48678&r=submittedtwice
register_globals:
http://bugs.php.net/fix.php?id=48678&r=globals
PHP 4 support discontinued: http://bugs.php.net/fix.php?id=48678&r=php4
Daylight Savings: http://bugs.php.net/fix.php?id=48678&r=dst
IIS Stability:
http://bugs.php.net/fix.php?id=48678&r=isapi
Install GNU Sed:
http://bugs.php.net/fix.php?id=48678&r=gnused
Floating point limitations:
http://bugs.php.net/fix.php?id=48678&r=float
No Zend Extensions:
http://bugs.php.net/fix.php?id=48678&r=nozend
MySQL Configuration Error:
http://bugs.php.net/fix.php?id=48678&r=mysqlcfg
