#27338 [NEW]: Memory Leak in tsrm_virtual_cwd.c

Fri, 20 Feb 2004 21:38:41 -0800 

From:             msisolak at yahoo dot com
Operating system: Windows 2000
PHP version:      5CVS-2004-02-21 (dev)
PHP Bug Type:     Unknown/Other Function
Bug description:  Memory Leak in tsrm_virtual_cwd.c

Description:
------------
In virtual_file_ex (TSRM/tsrm_virtual_cwd.c, line 292) the Win32 API

function GetLongPathName() is used to expand the value passed in the

path parameter.  This code mallocs a new string (called new_path), but

then sets the const path function parameter to the new malloc and

discards the new_path variable.  There is nothing later in the function

to ensure that this new malloc is freed.  Attached is my take on a fix

for this by leaving the new_path variable available so that it can be

freed at the end of the function.  There may be a cleaner way to do

this, but this patch is one approach.





Patch:

------



--- tsrm_virtual_cwd.c.orig     Tue Feb 17 12:10:55 2004

+++ tsrm_virtual_cwd.c  Tue Feb 17 12:07:59 2004

@@ -292,7 +292,7 @@  

 CWD_API int virtual_file_ex(cwd_state *state, const char *path,
verify_path_func verify_path, int use_realpath)

 {

        int path_length = strlen(path);

-       char *ptr, *path_copy;

+       char *ptr, *path_copy, *new_path;

        char *tok = NULL;

        int ptr_length;

        cwd_state *old_state;

@@ -340,7 +340,6 @@ CWD_API int virtual_file_ex(cwd_state *s

 #if defined(TSRM_WIN32)

        {

                char *dummy = NULL;

-               char *new_path;

                int new_path_length;

   

                new_path_length = GetLongPathName(path, dummy, 0) + 1;

@@ -357,6 +356,7 @@ CWD_API int virtual_file_ex(cwd_state *s

                        path_length = new_path_length;

                } else {

                        free(new_path);

+                       new_path = NULL;

                }

        }

 #endif

@@ -465,6 +465,11 @@ CWD_API int virtual_file_ex(cwd_state *s

        free(old_state);

        

        free(free_path);

+#if defined(TSRM_WIN32)

+       if (new_path) {

+               free(new_path);

+       }

+#endif

 #if VIRTUAL_CWD_DEBUG

        fprintf (stderr, "virtual_file_ex() = %s\n",state->cwd);

 #endif




-- 
Edit bug report at http://bugs.php.net/?id=27338&edit=1
-- 
Try a CVS snapshot (php4):  http://bugs.php.net/fix.php?id=27338&r=trysnapshot4
Try a CVS snapshot (php5):  http://bugs.php.net/fix.php?id=27338&r=trysnapshot5
Fixed in CVS:               http://bugs.php.net/fix.php?id=27338&r=fixedcvs
Fixed in release:           http://bugs.php.net/fix.php?id=27338&r=alreadyfixed
Need backtrace:             http://bugs.php.net/fix.php?id=27338&r=needtrace
Need Reproduce Script:      http://bugs.php.net/fix.php?id=27338&r=needscript
Try newer version:          http://bugs.php.net/fix.php?id=27338&r=oldversion
Not developer issue:        http://bugs.php.net/fix.php?id=27338&r=support
Expected behavior:          http://bugs.php.net/fix.php?id=27338&r=notwrong
Not enough info:            http://bugs.php.net/fix.php?id=27338&r=notenoughinfo
Submitted twice:            http://bugs.php.net/fix.php?id=27338&r=submittedtwice
register_globals:           http://bugs.php.net/fix.php?id=27338&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=27338&r=php3
Daylight Savings:           http://bugs.php.net/fix.php?id=27338&r=dst
IIS Stability:              http://bugs.php.net/fix.php?id=27338&r=isapi
Install GNU Sed:            http://bugs.php.net/fix.php?id=27338&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=27338&r=float

Reply via email to