#49098 [Csd]: Using custom session handler causes segfault in session_save_state

Wed, 11 Nov 2009 23:16:26 -0800 

 ID:               49098
 Updated by:       t...@php.net
 Reported By:      bugs at timj dot co dot uk
 Status:           Closed
 Bug Type:         Session related
 Operating System: Linux
 PHP Version:      5.2.10
 New Comment:

Confirmed works for me. Below tested on PHP 5.2 which also seems to
work - could you fix it on that branch too?:

--- ext/mysqli/mysqli.c.orig    2009-07-17 13:17:25.000000000 +0100
+++ ext/mysqli/mysqli.c 2009-11-12 07:10:19.054055576 +0000
@@ -1003,7 +1003,11 @@
        if (MyG(error_msg)) {
                efree(MyG(error_msg));
        }
-       MyG(error_msg) = estrdup(mysql_err);
+       if(mysql_err && *mysql_err) {
+               MyG(error_msg) = estrdup(mysql_err);
+       } else {
+               MyG(error_msg) = NULL;
+       }
 }
 /* }}} */

Many thanks Rasmus (and to Jani/Sriram for your help). 


Previous Comments:
------------------------------------------------------------------------

[2009-11-12 01:10:33] ras...@php.net

Should be fixed now in svn.  Please verify.

------------------------------------------------------------------------

[2009-11-12 01:09:16] s...@php.net

Automatic comment from SVN on behalf of rasmus
Revision: http://svn.php.net/viewvc/?view=revision&revision=290570
Log: Fix bug #49098

------------------------------------------------------------------------

[2009-11-11 23:59:51] t...@php.net

I'm not sure if this is useful/correct, but at first pass this stops
the crash:

--- ext/mysqli/mysqli_nonapi.c.orig     2009-10-15 23:34:41.000000000
+0100
+++ ext/mysqli/mysqli_nonapi.c  2009-11-11 23:56:40.271496635 +0000
@@ -46,7 +46,11 @@
        if (MyG(error_msg)) {
                efree(MyG(error_msg));
        }
-       MyG(error_msg) = estrdup(mysql_err);
+       if(mysql_errno!=0) { 
+               MyG(error_msg) = estrdup(mysql_err);
+       } else {
+               MyG(error_msg) = NULL;
+       }
 }
 /* }}} */


------------------------------------------------------------------------

[2009-11-11 23:55:09] t...@php.net

Stepping through the code though, that patch wouldn't have made any
difference. On the final incantation of php_mysqli_set_error before
crash, estrdup() still gets called:

Breakpoint 1, php_mysqli_set_error (mysql_errno=0, mysql_err=0x10325a7
"") at /path/to/php5.3-200911111930/ext/mysqli/mysqli_nonapi.c:44
44      {
(gdb) step
45              MyG(error_no) = mysql_errno;
(gdb) step
44      {
(gdb) step
45              MyG(error_no) = mysql_errno;
(gdb) step
46              if (MyG(error_msg)) {
(gdb) step
47                      efree(MyG(error_msg));
(gdb) next
49              if(mysql_err) { 
(gdb) step
50                      MyG(error_msg) = estrdup(mysql_err);


------------------------------------------------------------------------

[2009-11-11 23:48:50] t...@php.net

Nope, still the same result. (back on the 5.3 snapshot now)

------------------------------------------------------------------------

The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
    http://bugs.php.net/49098

-- 
Edit this bug report at http://bugs.php.net/?id=49098&edit=1

Reply via email to