Bug #62500 [Com]: Segfault in DateInterval class when extended
Edit report at https://bugs.php.net/bug.php?id=62500edit=1
ID: 62500
Comment by: reeze dot xia at gmail dot com
Reported by:rik at c-ict dot com
Summary:Segfault in DateInterval class when extended
Status: Open
Type: Bug
Package:Reproducible crash
Operating System: At least Linux
PHP Version:5.4.4
Block user comment: N
Private report: N
New Comment:
It missing a initialized checking when accessing member variable.
I've sent a patch here: https://github.com/php/php-src/pull/123
Previous Comments:
[2012-07-07 16:00:14] rik at c-ict dot com
Also a short note,
This problem can be worked around by calling the parent constructor before
accessing any members.
[2012-07-07 15:53:59] rik at c-ict dot com
Description:
Hello,
I found a way to reproduce a segfault on at least linux but possibly on other
OS'es as wel.
It is very simple to reproduce:
1 overload the DateInterval in a new class.
2 overload the constructor
3 use one of the member variables.
[Sat Jul 07 17:46:32 2012] [notice] child pid 5775 exit signal Segmentation
fault (11)
I tested with PHP 5.4.4 and it is there, but it also exists in PHP 5.3
Test script:
---
?php
class Crasher extends DateInterval {
public function __construct($time_spec) {
echo Yes i did it, with the next statement it gives a
segfault\n;
// It doesn't matter if we take the y parameter or any other.
$this-y = 3;
}
}
$c = new Crasher('blah');
?
Expected result:
Yes i did it, with the next statement it gives a segfault
Segmentation fault
--
Edit this bug report at https://bugs.php.net/bug.php?id=62500edit=1
Bug #62500 [Com]: Segfault in DateInterval class when extended
Edit report at https://bugs.php.net/bug.php?id=62500edit=1
ID: 62500
Comment by: rik at c-ict dot com
Reported by:rik at c-ict dot com
Summary:Segfault in DateInterval class when extended
Status: Open
Type: Bug
Package:Reproducible crash
Operating System: At least Linux
PHP Version:5.4.4
Block user comment: N
Private report: N
New Comment:
Also a short note,
This problem can be worked around by calling the parent constructor before
accessing any members.
Previous Comments:
[2012-07-07 15:53:59] rik at c-ict dot com
Description:
Hello,
I found a way to reproduce a segfault on at least linux but possibly on other
OS'es as wel.
It is very simple to reproduce:
1 overload the DateInterval in a new class.
2 overload the constructor
3 use one of the member variables.
[Sat Jul 07 17:46:32 2012] [notice] child pid 5775 exit signal Segmentation
fault (11)
I tested with PHP 5.4.4 and it is there, but it also exists in PHP 5.3
Test script:
---
?php
class Crasher extends DateInterval {
public function __construct($time_spec) {
echo Yes i did it, with the next statement it gives a
segfault\n;
// It doesn't matter if we take the y parameter or any other.
$this-y = 3;
}
}
$c = new Crasher('blah');
?
Expected result:
Yes i did it, with the next statement it gives a segfault
Segmentation fault
--
Edit this bug report at https://bugs.php.net/bug.php?id=62500edit=1
