#30050 [NEW]: php_shutdown_config() [php_ini.c] misses to clean up some pointers

Fri, 10 Sep 2004 05:45:11 -0700 

From:             nw at softwarekombinat dot de
Operating system: windows XP
PHP version:      5.0.1
PHP Bug Type:     Reproducible crash
Bug description:  php_shutdown_config() [php_ini.c] misses to clean up some pointers

Description:
------------
Hi there,

executing the following sequence of function calls results
in a segfault in the last php_module_startup(...) call:

        tsrm_startup(1, 1, 0, NULL);
        sapi_startup(&mf_sapi_module);
        php_module_startup(&mf_sapi_module, NULL, 0)

        php_module_shutdown( TSRMLS_C );
        sapi_shutdown();
        tsrm_shutdown();

        tsrm_startup(1, 1, 0, NULL);
        sapi_startup(&mf_sapi_module);
        php_module_startup(&mf_sapi_module, NULL, 0)

I debugged and saw that php_shutdown_config() does not reset global
pointers back to  NULL after free()'ing them. This results in another
free()-attempt during next startup.

Here is a modified php_shutdown_config() which solves the problem:


int php_shutdown_config(void)
{
        zend_hash_destroy(&configuration_hash);
        if (php_ini_opened_path) {
                free(php_ini_opened_path);
                php_ini_opened_path = NULL; /* BUGFIX */
        }
        if (php_ini_scanned_files) {
                free(php_ini_scanned_files);
                php_ini_scanned_files = NULL; /* BUGFIX */
        }
        return SUCCESS;
}


Sorry that I don't submit a patch myself - no time, currently....

Regards,
Norbert




-- 
Edit bug report at http://bugs.php.net/?id=30050&edit=1
-- 
Try a CVS snapshot (php4):   http://bugs.php.net/fix.php?id=30050&r=trysnapshot4
Try a CVS snapshot (php5.0): http://bugs.php.net/fix.php?id=30050&r=trysnapshot50
Try a CVS snapshot (php5.1): http://bugs.php.net/fix.php?id=30050&r=trysnapshot51
Fixed in CVS:                http://bugs.php.net/fix.php?id=30050&r=fixedcvs
Fixed in release:            http://bugs.php.net/fix.php?id=30050&r=alreadyfixed
Need backtrace:              http://bugs.php.net/fix.php?id=30050&r=needtrace
Need Reproduce Script:       http://bugs.php.net/fix.php?id=30050&r=needscript
Try newer version:           http://bugs.php.net/fix.php?id=30050&r=oldversion
Not developer issue:         http://bugs.php.net/fix.php?id=30050&r=support
Expected behavior:           http://bugs.php.net/fix.php?id=30050&r=notwrong
Not enough info:             http://bugs.php.net/fix.php?id=30050&r=notenoughinfo
Submitted twice:             http://bugs.php.net/fix.php?id=30050&r=submittedtwice
register_globals:            http://bugs.php.net/fix.php?id=30050&r=globals
PHP 3 support discontinued:  http://bugs.php.net/fix.php?id=30050&r=php3
Daylight Savings:            http://bugs.php.net/fix.php?id=30050&r=dst
IIS Stability:               http://bugs.php.net/fix.php?id=30050&r=isapi
Install GNU Sed:             http://bugs.php.net/fix.php?id=30050&r=gnused
Floating point limitations:  http://bugs.php.net/fix.php?id=30050&r=float
MySQL Configuration Error:   http://bugs.php.net/fix.php?id=30050&r=mysqlcfg

Reply via email to