ID: 39105
User updated by: ivoras at yahoo dot com
-Summary: Possible memory leak in estrndup()
Reported By: ivoras at yahoo dot com
-Status: No Feedback
+Status: Open
Bug Type: Filesystem function related
Operating System: FreeBSD
PHP Version: 5.1.6
New Comment:
Tried 6.2-release with same results. It looks like it happens when
including files with require_once.
Error message:
> php b.php
[Wed Dec 6 15:18:51 2006] Script: 'b.php'
/usr/ports/lang/php5/work/php-5.2.0/main/main.c(1729) : Freeing
0x0861FAFC (40 bytes), script=b.php
[Wed Dec 6 15:18:51 2006] Script: 'b.php'
/usr/ports/lang/php5/work/php-5.2.0/main/fopen_wrappers.c(543) :
Freeing 0x0861FB48 (40 bytes), script=b.php
The example script, "b.php" is:
<?php
require_once('a.php');
class B extends A {
function __construct($par) {
echo "Hello from B constructor\n";
}
}
?>
a.php is:
<?php
class A {
function __construct($param) {
echo "A::constructor";
}
}
?>
The code for main.c (part of PHP interpreter) is:
1717 /* Only lookup the real file path and add it to the
included_files list if already opened
1718 * otherwise it will get opened and added to the
included_files list in zend_execute_scripts
1719 */
1720 if (primary_file->filename &&
1721 primary_file->opened_path == NULL &&
1722 primary_file->type != ZEND_HANDLE_FILENAME) {
1723 int realfile_len;
1724 int dummy = 1;
1725
1726 if (expand_filepath(primary_file->filename, realfile
TSRMLS_CC)) {
1727 realfile_len = strlen(realfile);
1728 zend_hash_add(&EG(included_files), realfile,
realfile_len+1, (void *)&dummy, sizeof(int), NULL);
1729 primary_file->opened_path = estrndup(realfile,
realfile_len);
1730 }
1731 }
The code for fopen_wrappers is:
513 /* {{{ expand_filepath
514 */
515 PHPAPI char *expand_filepath(const char *filepath, char *real_path
TSRMLS_DC)
516 {
517 cwd_state new_state;
518 char cwd[MAXPATHLEN];
519 char *result;
520
521 if (IS_ABSOLUTE_PATH(filepath, strlen(filepath))) {
522 cwd[0] = '\0';
523 } else{
524 result = VCWD_GETCWD(cwd, MAXPATHLEN);
525 if (!result) {
526 cwd[0] = '\0';
527 }
528 }
529
530 new_state.cwd = strdup(cwd);
531 new_state.cwd_length = strlen(cwd);
532
533 if(virtual_file_ex(&new_state, filepath, NULL, 1)) {
534 free(new_state.cwd);
535 return NULL;
536 }
537
538 if(real_path) {
539 int copy_len =
new_state.cwd_length>MAXPATHLEN-1?MAXPATHLEN-1:new_state.cwd_length;
540 memcpy(real_path, new_state.cwd, copy_len);
541 real_path[copy_len]='\0';
542 } else {
543 real_path = estrndup(new_state.cwd, new_state.cwd_length);
544 }
545 free(new_state.cwd);
546
547 return real_path;
548 }
549 /* }}} */
Previous Comments:
------------------------------------------------------------------------
[2006-10-18 01:00:00] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
------------------------------------------------------------------------
[2006-10-10 10:45:27] [EMAIL PROTECTED]
Please try using this CVS snapshot:
http://snaps.php.net/php5.2-latest.tar.gz
For Windows:
http://snaps.php.net/win32/php5.2-win32-latest.zip
------------------------------------------------------------------------
[2006-10-10 10:15:13] ivoras at yahoo dot com
Description:
------------
PHP compiled with debugging reports memory leaks. It technically really
IS a memory leak in the script code, but should that influence the
scripting engine?
Reproduce code:
---------------
<?php
$f = fopen('aaa', 'w+');
fwrite($f, "bcde\n");
?>
Expected result:
----------------
A working program
Actual result:
--------------
[Tue Oct 10 12:10:55 2006] Script: 'bla.php'
/usr/ports/lang/php5/work/php-5.1.6/main/main.c(1708) : Freeing
0x085ACCA4 (26 bytes), script=bla.php
=== Total 1 memory leaks detected ===
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=39105&edit=1
