[PHP-BUG] Bug #60264 [NEW]: stack/memory exhaustion
From: Operating system: linux PHP version: 5.4.0RC1 Package: *Regular Expressions Bug Type: Bug Bug description:stack/memory exhaustion Description: pcre allow to stack or heap memory exhaustion stack cx () cx64:/www$ cat crash0.php cx () cx64:/www$ php crash0.php Segmentation fault -- Edit bug report at https://bugs.php.net/bug.php?id=60264&edit=1 -- Try a snapshot (PHP 5.4): https://bugs.php.net/fix.php?id=60264&r=trysnapshot54 Try a snapshot (PHP 5.3): https://bugs.php.net/fix.php?id=60264&r=trysnapshot53 Try a snapshot (trunk): https://bugs.php.net/fix.php?id=60264&r=trysnapshottrunk Fixed in SVN: https://bugs.php.net/fix.php?id=60264&r=fixed Fixed in SVN and need be documented: https://bugs.php.net/fix.php?id=60264&r=needdocs Fixed in release: https://bugs.php.net/fix.php?id=60264&r=alreadyfixed Need backtrace: https://bugs.php.net/fix.php?id=60264&r=needtrace Need Reproduce Script: https://bugs.php.net/fix.php?id=60264&r=needscript Try newer version: https://bugs.php.net/fix.php?id=60264&r=oldversion Not developer issue: https://bugs.php.net/fix.php?id=60264&r=support Expected behavior: https://bugs.php.net/fix.php?id=60264&r=notwrong Not enough info: https://bugs.php.net/fix.php?id=60264&r=notenoughinfo Submitted twice: https://bugs.php.net/fix.php?id=60264&r=submittedtwice register_globals: https://bugs.php.net/fix.php?id=60264&r=globals PHP 4 support discontinued: https://bugs.php.net/fix.php?id=60264&r=php4 Daylight Savings:https://bugs.php.net/fix.php?id=60264&r=dst IIS Stability: https://bugs.php.net/fix.php?id=60264&r=isapi Install GNU Sed: https://bugs.php.net/fix.php?id=60264&r=gnused Floating point limitations: https://bugs.php.net/fix.php?id=60264&r=float No Zend Extensions: https://bugs.php.net/fix.php?id=60264&r=nozend MySQL Configuration Error: https://bugs.php.net/fix.php?id=60264&r=mysqlcfg
[PHP-BUG] Bug #60261 [NEW]: phar dos null pointer
From: Operating system: linux PHP version: 5.4.0RC1 Package: PECL Bug Type: Bug Bug description:phar dos null pointer Description: file_name, intern->file_name_len)) { <=CRASH HERE 1219char expanded_path[MAXPATHLEN]; 1220 (gdb) print intern->file_name $3 = 0x0 where #define IS_ABSOLUTE_PATH(path, len) \ (len >= 2 && ((isalpha(path[0]) && path[1] == ':') || IS_UNC_PATH(path, len))) */ $nx = new Phar(); $nx->getLinkTarget(); ?> Test script: --- $nx = new Phar(); $nx->getLinkTarget(); or PharData() -- Edit bug report at https://bugs.php.net/bug.php?id=60261&edit=1 -- Try a snapshot (PHP 5.4): https://bugs.php.net/fix.php?id=60261&r=trysnapshot54 Try a snapshot (PHP 5.3): https://bugs.php.net/fix.php?id=60261&r=trysnapshot53 Try a snapshot (trunk): https://bugs.php.net/fix.php?id=60261&r=trysnapshottrunk Fixed in SVN: https://bugs.php.net/fix.php?id=60261&r=fixed Fixed in SVN and need be documented: https://bugs.php.net/fix.php?id=60261&r=needdocs Fixed in release: https://bugs.php.net/fix.php?id=60261&r=alreadyfixed Need backtrace: https://bugs.php.net/fix.php?id=60261&r=needtrace Need Reproduce Script: https://bugs.php.net/fix.php?id=60261&r=needscript Try newer version: https://bugs.php.net/fix.php?id=60261&r=oldversion Not developer issue: https://bugs.php.net/fix.php?id=60261&r=support Expected behavior: https://bugs.php.net/fix.php?id=60261&r=notwrong Not enough info: https://bugs.php.net/fix.php?id=60261&r=notenoughinfo Submitted twice: https://bugs.php.net/fix.php?id=60261&r=submittedtwice register_globals: https://bugs.php.net/fix.php?id=60261&r=globals PHP 4 support discontinued: https://bugs.php.net/fix.php?id=60261&r=php4 Daylight Savings:https://bugs.php.net/fix.php?id=60261&r=dst IIS Stability: https://bugs.php.net/fix.php?id=60261&r=isapi Install GNU Sed: https://bugs.php.net/fix.php?id=60261&r=gnused Floating point limitations: https://bugs.php.net/fix.php?id=60261&r=float No Zend Extensions: https://bugs.php.net/fix.php?id=60261&r=nozend MySQL Configuration Error: https://bugs.php.net/fix.php?id=60261&r=mysqlcfg
[PHP-BUG] Bug #55296 [NEW]: wrong use efree(NULL) in intl
From: Operating system: multiple PHP version: 5.3.7RC3 Package: *General Issues Bug Type: Bug Bug description:wrong use efree(NULL) in intl Description: intl_convert_utf8_to_utf16() is wrong used in a multiple points. Example 165 intl_convert_utf8_to_utf16(&uhaystack, &uhaystack_len, (char *) haystack, haystack_len, &status ); 166 167 if ( U_FAILURE( status ) ) { 168 /* Set global error code. */ 169 intl_error_set_code( NULL, status TSRMLS_CC ); 170 171 /* Set error messages. */ 172 intl_error_set_custom_msg( NULL, "Error converting input string to UTF-16", 0 TSRMLS_CC ); 173 efree( uhaystack ); 174 return -1; 175 } efree() call to uhaystack => (efree(NULL)). sometime 'uhaystack' may be NULL. It's a multiple problem in intl. Then efree() print error -- Edit bug report at https://bugs.php.net/bug.php?id=55296&edit=1 -- Try a snapshot (PHP 5.4): https://bugs.php.net/fix.php?id=55296&r=trysnapshot54 Try a snapshot (PHP 5.3): https://bugs.php.net/fix.php?id=55296&r=trysnapshot53 Try a snapshot (trunk): https://bugs.php.net/fix.php?id=55296&r=trysnapshottrunk Fixed in SVN: https://bugs.php.net/fix.php?id=55296&r=fixed Fixed in SVN and need be documented: https://bugs.php.net/fix.php?id=55296&r=needdocs Fixed in release: https://bugs.php.net/fix.php?id=55296&r=alreadyfixed Need backtrace: https://bugs.php.net/fix.php?id=55296&r=needtrace Need Reproduce Script: https://bugs.php.net/fix.php?id=55296&r=needscript Try newer version: https://bugs.php.net/fix.php?id=55296&r=oldversion Not developer issue: https://bugs.php.net/fix.php?id=55296&r=support Expected behavior: https://bugs.php.net/fix.php?id=55296&r=notwrong Not enough info: https://bugs.php.net/fix.php?id=55296&r=notenoughinfo Submitted twice: https://bugs.php.net/fix.php?id=55296&r=submittedtwice register_globals: https://bugs.php.net/fix.php?id=55296&r=globals PHP 4 support discontinued: https://bugs.php.net/fix.php?id=55296&r=php4 Daylight Savings:https://bugs.php.net/fix.php?id=55296&r=dst IIS Stability: https://bugs.php.net/fix.php?id=55296&r=isapi Install GNU Sed: https://bugs.php.net/fix.php?id=55296&r=gnused Floating point limitations: https://bugs.php.net/fix.php?id=55296&r=float No Zend Extensions: https://bugs.php.net/fix.php?id=55296&r=nozend MySQL Configuration Error: https://bugs.php.net/fix.php?id=55296&r=mysqlcfg
[PHP-BUG] Req #54946 [NEW]: stream_get_contents infinite loop
From: Operating system: NetBSD PHP version: 5.3.6 Package: Streams related Bug Type: Feature/Change Request Bug description:stream_get_contents infinite loop Description: #0 0xbb80eb77 in read () from /usr/lib/libc.so.12 #1 0xbb8e0efd in read () from /usr/lib/libpthread.so.0 #2 0x083e7e81 in _php_stream_fopen_from_pipe () #3 0x083dff2f in _php_stream_free () #4 0x083e00ec in _php_stream_read () #5 0x083e1684 in _php_stream_copy_to_mem () php_stream_copy_to_mem() generate infinite loop Test script: --- Expected result: string or null Actual result: -- infinite loop -- Edit bug report at http://bugs.php.net/bug.php?id=54946&edit=1 -- Try a snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=54946&r=trysnapshot52 Try a snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=54946&r=trysnapshot53 Try a snapshot (trunk): http://bugs.php.net/fix.php?id=54946&r=trysnapshottrunk Fixed in SVN: http://bugs.php.net/fix.php?id=54946&r=fixed Fixed in SVN and need be documented: http://bugs.php.net/fix.php?id=54946&r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=54946&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=54946&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=54946&r=needscript Try newer version: http://bugs.php.net/fix.php?id=54946&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=54946&r=support Expected behavior: http://bugs.php.net/fix.php?id=54946&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=54946&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=54946&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=54946&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=54946&r=php4 Daylight Savings:http://bugs.php.net/fix.php?id=54946&r=dst IIS Stability: http://bugs.php.net/fix.php?id=54946&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=54946&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=54946&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=54946&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=54946&r=mysqlcfg