From: [EMAIL PROTECTED]
Operating system: linux 2.2.14-5.0
PHP version: 4.0.6
PHP Bug Type: Scripting Engine problem
Bug description: memory corruption with array references
This appeared between 4.0.4pl1 and 4.0.6. The following
code snippet reproduces the bug.
=====================
<?
$state = array(
'packversion' => 'Audit 1.0',
'createdate' => '08/22/2001',
'folder' => array(
array(
'itemid' => '1000',
'name' => '-1000',
'title' => 'Parent',
'doctype' => 'P',
'parent' => '0',
'createdate' => '08/22/2001',
),
array(
'itemid' => '2000',
'name' => '-2000',
'title' => 'Parent',
'doctype' => 'P',
'parent' => '0',
'createdate' => '08/22/2001',
),
),
);
$info = array(
'itemid' => '2050',
'name' => '-2050',
'title' => 'Parent',
'doctype' => 'P',
'parent' => '2000',
'createdate' => '08/22/2001',
);
AddInfo($state, $info);
print_r($state);
function AddInfo(&$st, $in)
{
$parent = FindStateItem($st,
$in['itemid']);
$parent['folder'][] = $in;
}
function &FindStateItem(&$_state, $_itemid, $_op =
'') {
reset($_state);
while (list($key,$val) = each($_state)) {
//if (!is_array($val)) {
//continue;
//}
for ($i = 0; $i < count($val); $i++) {
if ($val[$i]['itemid'] ==
$_itemid) {
//if (is_array($val[$i]) &&
$val[$i]['itemid'] == $_itemid) {
if ($_op == 'delete') {
unset($_state[$key][$i]);
return 1;
}
return $_state[$key][$i];
}
}
for ($i = 0; $i < count($val); $i++) {
if (!is_array($val[$i])) {
continue;
}
$item =
FindStateItem($_state[$key][$i], $_itemid, $_op);
if ($item) {
return $item;
}
}
}
}
--
Edit bug report at: http://bugs.php.net/?id=12935&edit=1
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
