[PHP-CVS] Re: [PHP-DEV] Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/NEWS branches/PHP_5_3/Zend/zend_API.c trunk/NEWS trunk/Zend/zend_API.c
On Tue, Feb 28, 2012 at 10:38 AM, Xinchen Hui wrote: > On Tue, Feb 28, 2012 at 1:10 AM, Anthony Ferrara wrote: >> I initially looked at the final fix when I discovered the issue. >> Follow me out on this. This is the current code as-implemented in >> r323563: >> >> 265 zval *obj; >> 266 MAKE_STD_ZVAL(obj); >> 267 if (Z_OBJ_HANDLER_P(*arg, cast_object)(*arg, obj, type >> TSRMLS_CC) == SUCCESS) { >> 268 zval_ptr_dtor(arg); >> 269 *arg = obj; >> 270 *pl = Z_STRLEN_PP(arg); >> 271 *p = Z_STRVAL_PP(arg); >> 272 return SUCCESS; >> 273 } >> 274 efree(obj); >> >> The issue that I originally identified (overwriting the argument >> pointer) is still happening. Is there any reason for overwriting the >> arg pointer? Wouldn't it be better to just do the Z_STRLEN_PP and >> Z_STRVAL_PP operations on obj instead, and zval_ptr_dtor it as well > Oops, you are right.. thanks for pointing this out. > :) Sorry, I miss-read your words. so I revoke my previous words. the reason for why overwriting arg, is we should record that new temp zval(IS_STRING), then release it while doing cleanup parameters. and also, fo 5.3, no p and pl paramters. thanks >> (instead of efree, as that way if a reference is stored somewhere it >> won't result in a double free, or a segfault for accessing freed >> memory)? >> >> Thanks, >> >> Anthony >> >> On Mon, Feb 27, 2012 at 11:39 AM, Xinchen Hui wrote: >>> Sent from my iPad >>> >>> 在 2012-2-28,0:10,Anthony Ferrara 写道: >>> Out of curiosity, why are you changing it to copy the object for the result of the cast operation? cast_object should init the result zval, so why go through the step of copying the starting object to >>> plz look at the final fix: r323563 >>> >>> thanks r323563 Wouldn't it be easier just to do: if (Z_OBJ_HANDLER_PP(arg, cast_object)) { zval *result; ALLOC_ZVAL(result); if (Z_OBJ_HANDLER_P(*arg, cast_object)(*arg, result, type TSRMLS_CC) == SUCCESS) { zval_ptr_dtor(arg); *pl = Z_STRLEN_PP(result); *p = Z_STRVAL_PP(result); zval_ptr_dtor(result); return SUCCESS; } zval_ptr_dtor(result); } Keeping both completely separate, and not having the possibility of corrupting the arg object pointer? As it is right now (with the patch in the first mail), wouldn't the possibility still exist of nuking the arg object pointer which could be used elsewhere (and hence cause the memory leak and segfault when that variable is referenced again)? (Un tested as of yet, just throwing it out there as it seems kind of weird to overwrite the arg pointer for what seems like no reason)... Anthony On Mon, Feb 27, 2012 at 10:22 AM, Richard Lynch wrote: > On Mon, February 27, 2012 2:31 am, Laruence wrote: >> On Mon, Feb 27, 2012 at 4:00 PM, Dmitry Stogov >> wrote: >>> Hi Laruence, >>> >>> The attached patch looks wired. The patch on top of it (r323563) >>> makes it >>> better. However, in my opinion it fixes a common problem just in a >>> single >>> place. Each call to __toString() that makes "side effects" may cause >>> the >>> similar problem. It would be great to make a "right" fix in >>> zend_std_cast_object_tostring() itself, but probably it would >>> require API >> Hi: >> before this fix, I thought about the same idea of that. >> >> but, you know, such change will need all exts who implmented >> their own cast_object handler change there codes too. >> >> for now, I exam the usage of std_cast_object_tostring, most of >> them do the similar things like this fix to avoid this issues(like >> ZEND_CAST handler). >> >> so I think, maybe it's okey for a temporary fix :) > > Perhaps a better solution would be to make a NEW function that uses > zval** and deprecate the old one with memory leaks. > > Old extensions remain functional, new extension consume less memory. > > (This presumes I actually understand the issue, which is questionable.) > > -- > brain cancer update: > http://richardlynch.blogspot.com/search/label/brain%20tumor > Donate: > https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=FS9NLTNEEKWBE > > > > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > -- > 惠新宸 laruence > Senior PHP Engineer > http://www.laruence.com -- 惠新宸 laruence Senior PHP Engineer http://www.laruence.com -- PHP CVS Mailing List
[PHP-CVS] Re: [PHP-DEV] Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/NEWS branches/PHP_5_3/Zend/zend_API.c trunk/NEWS trunk/Zend/zend_API.c
On Tue, Feb 28, 2012 at 1:10 AM, Anthony Ferrara wrote: > I initially looked at the final fix when I discovered the issue. > Follow me out on this. This is the current code as-implemented in > r323563: > > 265 zval *obj; > 266 MAKE_STD_ZVAL(obj); > 267 if (Z_OBJ_HANDLER_P(*arg, cast_object)(*arg, obj, type > TSRMLS_CC) == SUCCESS) { > 268 zval_ptr_dtor(arg); > 269 *arg = obj; > 270 *pl = Z_STRLEN_PP(arg); > 271 *p = Z_STRVAL_PP(arg); > 272 return SUCCESS; > 273 } > 274 efree(obj); > > The issue that I originally identified (overwriting the argument > pointer) is still happening. Is there any reason for overwriting the > arg pointer? Wouldn't it be better to just do the Z_STRLEN_PP and > Z_STRVAL_PP operations on obj instead, and zval_ptr_dtor it as well Oops, you are right.. thanks for pointing this out. :) > (instead of efree, as that way if a reference is stored somewhere it > won't result in a double free, or a segfault for accessing freed > memory)? > > Thanks, > > Anthony > > On Mon, Feb 27, 2012 at 11:39 AM, Xinchen Hui wrote: >> Sent from my iPad >> >> 在 2012-2-28,0:10,Anthony Ferrara 写道: >> >>> Out of curiosity, why are you changing it to copy the object for the >>> result of the cast operation? cast_object should init the result >>> zval, so why go through the step of copying the starting object to >> plz look at the final fix: r323563 >> >> thanks >>> r323563 >>> Wouldn't it be easier just to do: >>> >>> if (Z_OBJ_HANDLER_PP(arg, cast_object)) { >>> zval *result; >>> ALLOC_ZVAL(result); >>> if (Z_OBJ_HANDLER_P(*arg, cast_object)(*arg, result, type TSRMLS_CC) >>> == SUCCESS) { >>> zval_ptr_dtor(arg); >>> *pl = Z_STRLEN_PP(result); >>> *p = Z_STRVAL_PP(result); >>> zval_ptr_dtor(result); >>> return SUCCESS; >>> } >>> zval_ptr_dtor(result); >>> } >>> >>> Keeping both completely separate, and not having the possibility of >>> corrupting the arg object pointer? As it is right now (with the patch >>> in the first mail), wouldn't the possibility still exist of nuking the >>> arg object pointer which could be used elsewhere (and hence cause the >>> memory leak and segfault when that variable is referenced again)? >>> >>> (Un tested as of yet, just throwing it out there as it seems kind of >>> weird to overwrite the arg pointer for what seems like no reason)... >>> >>> Anthony >>> >>> >>> >>> On Mon, Feb 27, 2012 at 10:22 AM, Richard Lynch wrote: On Mon, February 27, 2012 2:31 am, Laruence wrote: > On Mon, Feb 27, 2012 at 4:00 PM, Dmitry Stogov > wrote: >> Hi Laruence, >> >> The attached patch looks wired. The patch on top of it (r323563) >> makes it >> better. However, in my opinion it fixes a common problem just in a >> single >> place. Each call to __toString() that makes "side effects" may cause >> the >> similar problem. It would be great to make a "right" fix in >> zend_std_cast_object_tostring() itself, but probably it would >> require API > Hi: > before this fix, I thought about the same idea of that. > > but, you know, such change will need all exts who implmented > their own cast_object handler change there codes too. > > for now, I exam the usage of std_cast_object_tostring, most of > them do the similar things like this fix to avoid this issues(like > ZEND_CAST handler). > > so I think, maybe it's okey for a temporary fix :) Perhaps a better solution would be to make a NEW function that uses zval** and deprecate the old one with memory leaks. Old extensions remain functional, new extension consume less memory. (This presumes I actually understand the issue, which is questionable.) -- brain cancer update: http://richardlynch.blogspot.com/search/label/brain%20tumor Donate: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=FS9NLTNEEKWBE -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php -- 惠新宸 laruence Senior PHP Engineer http://www.laruence.com -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /SVNROOT/ global_avail
johannes Mon, 27 Feb 2012 18:41:22 + Revision: http://svn.php.net/viewvc?view=revision&revision=323600 Log: Add karma for web/php-distributions.git Changed paths: U SVNROOT/global_avail Modified: SVNROOT/global_avail === --- SVNROOT/global_avail2012-02-27 18:21:13 UTC (rev 323599) +++ SVNROOT/global_avail2012-02-27 18:41:22 UTC (rev 323600) @@ -67,6 +67,9 @@ avail|dragoonis,seld,wojak,levim|web/php.git avail|stewartlord,danielc|web/php.git,web/master.git +# The PHP Release Masters publish PHP distributions on php.net/distributions +avail|iliaa,johannes,stas,dsp|web/php-distributions.git + # The PHP Presentation Group has access to the presentations on the # conf.php.net site. -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] Re: [PHP-DEV] Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/NEWS branches/PHP_5_3/Zend/zend_API.c trunk/NEWS trunk/Zend/zend_API.c
I initially looked at the final fix when I discovered the issue. Follow me out on this. This is the current code as-implemented in r323563: 265 zval *obj; 266 MAKE_STD_ZVAL(obj); 267 if (Z_OBJ_HANDLER_P(*arg, cast_object)(*arg, obj, type TSRMLS_CC) == SUCCESS) { 268 zval_ptr_dtor(arg); 269 *arg = obj; 270 *pl = Z_STRLEN_PP(arg); 271 *p = Z_STRVAL_PP(arg); 272 return SUCCESS; 273 } 274 efree(obj); The issue that I originally identified (overwriting the argument pointer) is still happening. Is there any reason for overwriting the arg pointer? Wouldn't it be better to just do the Z_STRLEN_PP and Z_STRVAL_PP operations on obj instead, and zval_ptr_dtor it as well (instead of efree, as that way if a reference is stored somewhere it won't result in a double free, or a segfault for accessing freed memory)? Thanks, Anthony On Mon, Feb 27, 2012 at 11:39 AM, Xinchen Hui wrote: > Sent from my iPad > > 在 2012-2-28,0:10,Anthony Ferrara 写道: > >> Out of curiosity, why are you changing it to copy the object for the >> result of the cast operation? cast_object should init the result >> zval, so why go through the step of copying the starting object to > plz look at the final fix: r323563 > > thanks >> r323563 >> Wouldn't it be easier just to do: >> >> if (Z_OBJ_HANDLER_PP(arg, cast_object)) { >> zval *result; >> ALLOC_ZVAL(result); >> if (Z_OBJ_HANDLER_P(*arg, cast_object)(*arg, result, type TSRMLS_CC) >> == SUCCESS) { >> zval_ptr_dtor(arg); >> *pl = Z_STRLEN_PP(result); >> *p = Z_STRVAL_PP(result); >> zval_ptr_dtor(result); >> return SUCCESS; >> } >> zval_ptr_dtor(result); >> } >> >> Keeping both completely separate, and not having the possibility of >> corrupting the arg object pointer? As it is right now (with the patch >> in the first mail), wouldn't the possibility still exist of nuking the >> arg object pointer which could be used elsewhere (and hence cause the >> memory leak and segfault when that variable is referenced again)? >> >> (Un tested as of yet, just throwing it out there as it seems kind of >> weird to overwrite the arg pointer for what seems like no reason)... >> >> Anthony >> >> >> >> On Mon, Feb 27, 2012 at 10:22 AM, Richard Lynch wrote: >>> On Mon, February 27, 2012 2:31 am, Laruence wrote: On Mon, Feb 27, 2012 at 4:00 PM, Dmitry Stogov wrote: > Hi Laruence, > > The attached patch looks wired. The patch on top of it (r323563) > makes it > better. However, in my opinion it fixes a common problem just in a > single > place. Each call to __toString() that makes "side effects" may cause > the > similar problem. It would be great to make a "right" fix in > zend_std_cast_object_tostring() itself, but probably it would > require API Hi: before this fix, I thought about the same idea of that. but, you know, such change will need all exts who implmented their own cast_object handler change there codes too. for now, I exam the usage of std_cast_object_tostring, most of them do the similar things like this fix to avoid this issues(like ZEND_CAST handler). so I think, maybe it's okey for a temporary fix :) >>> >>> Perhaps a better solution would be to make a NEW function that uses >>> zval** and deprecate the old one with memory leaks. >>> >>> Old extensions remain functional, new extension consume less memory. >>> >>> (This presumes I actually understand the issue, which is questionable.) >>> >>> -- >>> brain cancer update: >>> http://richardlynch.blogspot.com/search/label/brain%20tumor >>> Donate: >>> https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=FS9NLTNEEKWBE >>> >>> >>> >>> -- >>> PHP Internals - PHP Runtime Development Mailing List >>> To unsubscribe, visit: http://www.php.net/unsub.php >>> -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] Re: [PHP-DEV] Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/NEWS branches/PHP_5_3/Zend/zend_API.c trunk/NEWS trunk/Zend/zend_API.c
Sent from my iPad 在 2012-2-28,0:10,Anthony Ferrara 写道: > Out of curiosity, why are you changing it to copy the object for the > result of the cast operation? cast_object should init the result > zval, so why go through the step of copying the starting object to plz look at the final fix: r323563 thanks > r323563 > Wouldn't it be easier just to do: > >if (Z_OBJ_HANDLER_PP(arg, cast_object)) { >zval *result; >ALLOC_ZVAL(result); >if (Z_OBJ_HANDLER_P(*arg, cast_object)(*arg, result, type TSRMLS_CC) > == SUCCESS) { >zval_ptr_dtor(arg); >*pl = Z_STRLEN_PP(result); >*p = Z_STRVAL_PP(result); >zval_ptr_dtor(result); >return SUCCESS; >} >zval_ptr_dtor(result); >} > > Keeping both completely separate, and not having the possibility of > corrupting the arg object pointer? As it is right now (with the patch > in the first mail), wouldn't the possibility still exist of nuking the > arg object pointer which could be used elsewhere (and hence cause the > memory leak and segfault when that variable is referenced again)? > > (Un tested as of yet, just throwing it out there as it seems kind of > weird to overwrite the arg pointer for what seems like no reason)... > > Anthony > > > > On Mon, Feb 27, 2012 at 10:22 AM, Richard Lynch wrote: >> On Mon, February 27, 2012 2:31 am, Laruence wrote: >>> On Mon, Feb 27, 2012 at 4:00 PM, Dmitry Stogov >>> wrote: Hi Laruence, The attached patch looks wired. The patch on top of it (r323563) makes it better. However, in my opinion it fixes a common problem just in a single place. Each call to __toString() that makes "side effects" may cause the similar problem. It would be great to make a "right" fix in zend_std_cast_object_tostring() itself, but probably it would require API >>> Hi: >>>before this fix, I thought about the same idea of that. >>> >>>but, you know, such change will need all exts who implmented >>> their own cast_object handler change there codes too. >>> >>>for now, I exam the usage of std_cast_object_tostring, most of >>> them do the similar things like this fix to avoid this issues(like >>> ZEND_CAST handler). >>> >>>so I think, maybe it's okey for a temporary fix :) >> >> Perhaps a better solution would be to make a NEW function that uses >> zval** and deprecate the old one with memory leaks. >> >> Old extensions remain functional, new extension consume less memory. >> >> (This presumes I actually understand the issue, which is questionable.) >> >> -- >> brain cancer update: >> http://richardlynch.blogspot.com/search/label/brain%20tumor >> Donate: >> https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=FS9NLTNEEKWBE >> >> >> >> -- >> PHP Internals - PHP Runtime Development Mailing List >> To unsubscribe, visit: http://www.php.net/unsub.php >> -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] Re: [PHP-DEV] Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/NEWS branches/PHP_5_3/Zend/zend_API.c trunk/NEWS trunk/Zend/zend_API.c
Out of curiosity, why are you changing it to copy the object for the result of the cast operation? cast_object should init the result zval, so why go through the step of copying the starting object to it? Wouldn't it be easier just to do: if (Z_OBJ_HANDLER_PP(arg, cast_object)) { zval *result; ALLOC_ZVAL(result); if (Z_OBJ_HANDLER_P(*arg, cast_object)(*arg, result, type TSRMLS_CC) == SUCCESS) { zval_ptr_dtor(arg); *pl = Z_STRLEN_PP(result); *p = Z_STRVAL_PP(result); zval_ptr_dtor(result); return SUCCESS; } zval_ptr_dtor(result); } Keeping both completely separate, and not having the possibility of corrupting the arg object pointer? As it is right now (with the patch in the first mail), wouldn't the possibility still exist of nuking the arg object pointer which could be used elsewhere (and hence cause the memory leak and segfault when that variable is referenced again)? (Un tested as of yet, just throwing it out there as it seems kind of weird to overwrite the arg pointer for what seems like no reason)... Anthony On Mon, Feb 27, 2012 at 10:22 AM, Richard Lynch wrote: > On Mon, February 27, 2012 2:31 am, Laruence wrote: >> On Mon, Feb 27, 2012 at 4:00 PM, Dmitry Stogov >> wrote: >>> Hi Laruence, >>> >>> The attached patch looks wired. The patch on top of it (r323563) >>> makes it >>> better. However, in my opinion it fixes a common problem just in a >>> single >>> place. Each call to __toString() that makes "side effects" may cause >>> the >>> similar problem. It would be great to make a "right" fix in >>> zend_std_cast_object_tostring() itself, but probably it would >>> require API >> Hi: >> before this fix, I thought about the same idea of that. >> >> but, you know, such change will need all exts who implmented >> their own cast_object handler change there codes too. >> >> for now, I exam the usage of std_cast_object_tostring, most of >> them do the similar things like this fix to avoid this issues(like >> ZEND_CAST handler). >> >> so I think, maybe it's okey for a temporary fix :) > > Perhaps a better solution would be to make a NEW function that uses > zval** and deprecate the old one with memory leaks. > > Old extensions remain functional, new extension consume less memory. > > (This presumes I actually understand the issue, which is questionable.) > > -- > brain cancer update: > http://richardlynch.blogspot.com/search/label/brain%20tumor > Donate: > https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=FS9NLTNEEKWBE > > > > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] Re: [PHP-DEV] Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/NEWS branches/PHP_5_3/Zend/zend_API.c trunk/NEWS trunk/Zend/zend_API.c
On Mon, February 27, 2012 2:31 am, Laruence wrote: > On Mon, Feb 27, 2012 at 4:00 PM, Dmitry Stogov > wrote: >> Hi Laruence, >> >> The attached patch looks wired. The patch on top of it (r323563) >> makes it >> better. However, in my opinion it fixes a common problem just in a >> single >> place. Each call to __toString() that makes "side effects" may cause >> the >> similar problem. It would be great to make a "right" fix in >> zend_std_cast_object_tostring() itself, but probably it would >> require API > Hi: >before this fix, I thought about the same idea of that. > >but, you know, such change will need all exts who implmented > their own cast_object handler change there codes too. > >for now, I exam the usage of std_cast_object_tostring, most of > them do the similar things like this fix to avoid this issues(like > ZEND_CAST handler). > >so I think, maybe it's okey for a temporary fix :) Perhaps a better solution would be to make a NEW function that uses zval** and deprecate the old one with memory leaks. Old extensions remain functional, new extension consume less memory. (This presumes I actually understand the issue, which is questionable.) -- brain cancer update: http://richardlynch.blogspot.com/search/label/brain%20tumor Donate: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=FS9NLTNEEKWBE -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /SVNROOT/ global_avail
On Mon, Feb 27, 2012 at 3:08 PM, Hannes Magnusson < hannes.magnus...@gmail.com> wrote: > On Mon, Feb 27, 2012 at 15:02, Ferenc Kovacs wrote: > > > > > > On Mon, Feb 27, 2012 at 2:47 PM, Hannes Magnusson > > wrote: > >> > >> On Sun, Feb 26, 2012 at 17:54, Pierre Joye wrote: > >> > pajoye Sun, 26 Feb 2012 16:54:39 > + > >> > > >> > Revision: http://svn.php.net/viewvc?view=revision&revision=323564 > >> > > >> > Log: > >> > Bruno acces to peclweb > >> > > >> > Changed paths: > >> >U SVNROOT/global_avail > >> > > >> > Modified: SVNROOT/global_avail > >> > === > >> > --- SVNROOT/global_avail2012-02-26 14:56:26 UTC (rev 323563) > >> > +++ SVNROOT/global_avail2012-02-26 16:54:39 UTC (rev 323564) > >> > @@ -104,7 +104,7 @@ > >> > avail|grossolini|web/wiki.git > >> > > >> > # access to the pecl website etc > >> > > >> > > -avail|dufuz,pajoye,wez,pollita,tal,mj,helly,john,iliaa,edink,jan,derick,jon,cellog,philip,jani,johannes,sfox,gloob,till,tyrael|web/pecl,pecl > >> > > >> > > +avail|dufuz,pajoye,wez,pollita,tal,mj,helly,john,iliaa,edink,jan,derick,jon,cellog,philip,jani,johannes,sfox,gloob,till,tyrael,jedibc|web/pecl,pecl > >> > >> Thats pecl extensions, not the pecl website. > >> Does this even work? peclweb has been moved to git... > > > > > > I think you missed the "web/pecl,pecl" part, and AFAIK git.php.net still > > uses the global_avail file for the karma check, so it should work. > > "not only the", missed the "only" :) > Most (all?) other git repo entries have .git suffixes.. so my question > is, will this work? > > -Hannes > now that you mention it, yeah, the .git seems to be missing. and not only for the web/pecl but for example for web/qa or web/php-bugs (should be web/bugs.git I guess) there is also a web/php-hosts reference in the file, which doesn't exists anymore (see http://svn.php.net/viewvc?view=revision&revision=322527 ) same thing with web/pecl4win and web/embed and there is the web/bugtracker which could also removed imo (I guess it meant to be used for the 2008 gsoc project https://wiki.php.net/gsoc/2008#pave_the_way_for_one-bugtracker-rules-them-all ) could somebody with proper karma fix those? -- Ferenc Kovács @Tyr43l - http://tyrael.hu
Re: [PHP-CVS] svn: /SVNROOT/ global_avail
no idea but did not find a git entry for peclweb but this one. I will try again later, we continue to use the other master in the meantime. On Mon, Feb 27, 2012 at 3:08 PM, Hannes Magnusson wrote: > On Mon, Feb 27, 2012 at 15:02, Ferenc Kovacs wrote: >> >> >> On Mon, Feb 27, 2012 at 2:47 PM, Hannes Magnusson >> wrote: >>> >>> On Sun, Feb 26, 2012 at 17:54, Pierre Joye wrote: >>> > pajoye Sun, 26 Feb 2012 16:54:39 + >>> > >>> > Revision: http://svn.php.net/viewvc?view=revision&revision=323564 >>> > >>> > Log: >>> > Bruno acces to peclweb >>> > >>> > Changed paths: >>> > U SVNROOT/global_avail >>> > >>> > Modified: SVNROOT/global_avail >>> > === >>> > --- SVNROOT/global_avail 2012-02-26 14:56:26 UTC (rev 323563) >>> > +++ SVNROOT/global_avail 2012-02-26 16:54:39 UTC (rev 323564) >>> > @@ -104,7 +104,7 @@ >>> > avail|grossolini|web/wiki.git >>> > >>> > # access to the pecl website etc >>> > >>> > -avail|dufuz,pajoye,wez,pollita,tal,mj,helly,john,iliaa,edink,jan,derick,jon,cellog,philip,jani,johannes,sfox,gloob,till,tyrael|web/pecl,pecl >>> > >>> > +avail|dufuz,pajoye,wez,pollita,tal,mj,helly,john,iliaa,edink,jan,derick,jon,cellog,philip,jani,johannes,sfox,gloob,till,tyrael,jedibc|web/pecl,pecl >>> >>> Thats pecl extensions, not the pecl website. >>> Does this even work? peclweb has been moved to git... >> >> >> I think you missed the "web/pecl,pecl" part, and AFAIK git.php.net still >> uses the global_avail file for the karma check, so it should work. > > "not only the", missed the "only" :) > Most (all?) other git repo entries have .git suffixes.. so my question > is, will this work? > > -Hannes -- Pierre @pierrejoye | http://blog.thepimp.net | http://www.libgd.org -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /SVNROOT/ global_avail
On Mon, Feb 27, 2012 at 15:02, Ferenc Kovacs wrote: > > > On Mon, Feb 27, 2012 at 2:47 PM, Hannes Magnusson > wrote: >> >> On Sun, Feb 26, 2012 at 17:54, Pierre Joye wrote: >> > pajoye Sun, 26 Feb 2012 16:54:39 + >> > >> > Revision: http://svn.php.net/viewvc?view=revision&revision=323564 >> > >> > Log: >> > Bruno acces to peclweb >> > >> > Changed paths: >> > U SVNROOT/global_avail >> > >> > Modified: SVNROOT/global_avail >> > === >> > --- SVNROOT/global_avail 2012-02-26 14:56:26 UTC (rev 323563) >> > +++ SVNROOT/global_avail 2012-02-26 16:54:39 UTC (rev 323564) >> > @@ -104,7 +104,7 @@ >> > avail|grossolini|web/wiki.git >> > >> > # access to the pecl website etc >> > >> > -avail|dufuz,pajoye,wez,pollita,tal,mj,helly,john,iliaa,edink,jan,derick,jon,cellog,philip,jani,johannes,sfox,gloob,till,tyrael|web/pecl,pecl >> > >> > +avail|dufuz,pajoye,wez,pollita,tal,mj,helly,john,iliaa,edink,jan,derick,jon,cellog,philip,jani,johannes,sfox,gloob,till,tyrael,jedibc|web/pecl,pecl >> >> Thats pecl extensions, not the pecl website. >> Does this even work? peclweb has been moved to git... > > > I think you missed the "web/pecl,pecl" part, and AFAIK git.php.net still > uses the global_avail file for the karma check, so it should work. "not only the", missed the "only" :) Most (all?) other git repo entries have .git suffixes.. so my question is, will this work? -Hannes -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /SVNROOT/ global_avail
On Mon, Feb 27, 2012 at 2:47 PM, Hannes Magnusson < hannes.magnus...@gmail.com> wrote: > On Sun, Feb 26, 2012 at 17:54, Pierre Joye wrote: > > pajoye Sun, 26 Feb 2012 16:54:39 + > > > > Revision: http://svn.php.net/viewvc?view=revision&revision=323564 > > > > Log: > > Bruno acces to peclweb > > > > Changed paths: > >U SVNROOT/global_avail > > > > Modified: SVNROOT/global_avail > > === > > --- SVNROOT/global_avail2012-02-26 14:56:26 UTC (rev 323563) > > +++ SVNROOT/global_avail2012-02-26 16:54:39 UTC (rev 323564) > > @@ -104,7 +104,7 @@ > > avail|grossolini|web/wiki.git > > > > # access to the pecl website etc > > > -avail|dufuz,pajoye,wez,pollita,tal,mj,helly,john,iliaa,edink,jan,derick,jon,cellog,philip,jani,johannes,sfox,gloob,till,tyrael|web/pecl,pecl > > > +avail|dufuz,pajoye,wez,pollita,tal,mj,helly,john,iliaa,edink,jan,derick,jon,cellog,philip,jani,johannes,sfox,gloob,till,tyrael,jedibc|web/pecl,pecl > > Thats pecl extensions, not the pecl website. > Does this even work? peclweb has been moved to git... I think you missed the "web/pecl,pecl" part, and AFAIK git.php.net still uses the global_avail file for the karma check, so it should work. -- Ferenc Kovács @Tyr43l - http://tyrael.hu
Re: [PHP-CVS] svn: /SVNROOT/ global_avail
On Sun, Feb 26, 2012 at 17:54, Pierre Joye wrote: > pajoye Sun, 26 Feb 2012 16:54:39 + > > Revision: http://svn.php.net/viewvc?view=revision&revision=323564 > > Log: > Bruno acces to peclweb > > Changed paths: > U SVNROOT/global_avail > > Modified: SVNROOT/global_avail > === > --- SVNROOT/global_avail 2012-02-26 14:56:26 UTC (rev 323563) > +++ SVNROOT/global_avail 2012-02-26 16:54:39 UTC (rev 323564) > @@ -104,7 +104,7 @@ > avail|grossolini|web/wiki.git > > # access to the pecl website etc > -avail|dufuz,pajoye,wez,pollita,tal,mj,helly,john,iliaa,edink,jan,derick,jon,cellog,philip,jani,johannes,sfox,gloob,till,tyrael|web/pecl,pecl > +avail|dufuz,pajoye,wez,pollita,tal,mj,helly,john,iliaa,edink,jan,derick,jon,cellog,philip,jani,johannes,sfox,gloob,till,tyrael,jedibc|web/pecl,pecl Thats pecl extensions, not the pecl website. Does this even work? peclweb has been moved to git... -Hannes -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/main/php.h trunk/main/php.h
rasmus Mon, 27 Feb 2012 12:16:39 + Revision: http://svn.php.net/viewvc?view=revision&revision=323577 Log: Fix bug 61193 Bug: https://bugs.php.net/61193 (Open) PHP_EOL definition for Mac OS X is wrong and unused Changed paths: U php/php-src/branches/PHP_5_3/main/php.h U php/php-src/trunk/main/php.h Modified: php/php-src/branches/PHP_5_3/main/php.h === --- php/php-src/branches/PHP_5_3/main/php.h 2012-02-27 11:30:03 UTC (rev 323576) +++ php/php-src/branches/PHP_5_3/main/php.h 2012-02-27 12:16:39 UTC (rev 323577) @@ -60,15 +60,10 @@ # else # define PHPAPI # endif - -#define THREAD_LS -#define PHP_DIR_SEPARATOR '/' -#if defined(__MacOSX__) -#define PHP_EOL "\r" -#else -#define PHP_EOL "\n" +# define THREAD_LS +# define PHP_DIR_SEPARATOR '/' +# define PHP_EOL "\n" #endif -#endif #ifdef NETWARE /* For php_get_uname() function */ Modified: php/php-src/trunk/main/php.h === --- php/php-src/trunk/main/php.h2012-02-27 11:30:03 UTC (rev 323576) +++ php/php-src/trunk/main/php.h2012-02-27 12:16:39 UTC (rev 323577) @@ -60,15 +60,10 @@ # else # define PHPAPI # endif - -#define THREAD_LS -#define PHP_DIR_SEPARATOR '/' -#if defined(__MacOSX__) -#define PHP_EOL "\r" -#else -#define PHP_EOL "\n" +# define THREAD_LS +# define PHP_DIR_SEPARATOR '/' +# define PHP_EOL "\n" #endif -#endif #ifdef NETWARE /* For php_get_uname() function */ -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /SVNROOT/ global_avail
bjoriMon, 27 Feb 2012 11:30:03 + Revision: http://svn.php.net/viewvc?view=revision&revision=323576 Log: Give Levi Morrison karma for phpweb Changed paths: U SVNROOT/global_avail Modified: SVNROOT/global_avail === --- SVNROOT/global_avail2012-02-27 11:10:24 UTC (rev 323575) +++ SVNROOT/global_avail2012-02-27 11:30:03 UTC (rev 323576) @@ -64,7 +64,7 @@ avail|ericstewart|web/php.git/*/archive avail|odoucet|web/news.git,web/qa/ avail|shein|web/news.git -avail|dragoonis,seld,wojak|web/php.git +avail|dragoonis,seld,wojak,levim|web/php.git avail|stewartlord,danielc|web/php.git,web/master.git # The PHP Presentation Group has access to the presentations on the -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/NEWS branches/PHP_5_3/Zend/zend_API.c trunk/NEWS trunk/Zend/zend_API.c
On Mon, Feb 27, 2012 at 11:17 AM, Derick Rethans wrote: > You can't break extension APIs between 5.4.0 and 5.4.1 either, API > changes can only into trunk. And ABI neither. -- Pierre @pierrejoye | http://blog.thepimp.net | http://www.libgd.org -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/NEWS branches/PHP_5_3/Zend/zend_API.c trunk/NEWS trunk/Zend/zend_API.c
On Mon, 27 Feb 2012, Laruence wrote: > On Mon, Feb 27, 2012 at 4:31 PM, Laruence wrote: > > On Mon, Feb 27, 2012 at 4:00 PM, Dmitry Stogov wrote: > >> > >> The attached patch looks wired. The patch on top of it (r323563) makes it > >> better. However, in my opinion it fixes a common problem just in a single > >> place. Each call to __toString() that makes "side effects" may cause the > >> similar problem. It would be great to make a "right" fix in > >> zend_std_cast_object_tostring() itself, but probably it would require API > > Hi: > > before this fix, I thought about the same idea of that. > > > > but, you know, such change will need all exts who implmented > > their own cast_object handler change there codes too. > > > > for now, I exam the usage of std_cast_object_tostring, most of > > them do the similar things like this fix to avoid this issues(like > > ZEND_CAST handler). > > > > so I think, maybe it's okey for a temporary fix :) > > what I mean temporary is, apply this fix to 5.3 and 5.4 > > then do the "right" fix which you said to 5.4.1 :) You can't break extension APIs between 5.4.0 and 5.4.1 either, API changes can only into trunk. cheers, Derick -- http://derickrethans.nl | http://xdebug.org Like Xdebug? Consider a donation: http://xdebug.org/donate.php twitter: @derickr and @xdebug -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/NEWS branches/PHP_5_3/Zend/zend_API.c trunk/NEWS trunk/Zend/zend_API.c
On 02/27/2012 12:37 PM, Laruence wrote: On Mon, Feb 27, 2012 at 4:31 PM, Laruence wrote: On Mon, Feb 27, 2012 at 4:00 PM, Dmitry Stogov wrote: Hi Laruence, The attached patch looks wired. The patch on top of it (r323563) makes it better. However, in my opinion it fixes a common problem just in a single place. Each call to __toString() that makes "side effects" may cause the similar problem. It would be great to make a "right" fix in zend_std_cast_object_tostring() itself, but probably it would require API Hi: before this fix, I thought about the same idea of that. but, you know, such change will need all exts who implmented their own cast_object handler change there codes too. for now, I exam the usage of std_cast_object_tostring, most of them do the similar things like this fix to avoid this issues(like ZEND_CAST handler). so I think, maybe it's okey for a temporary fix :) what I mean temporary is, apply this fix to 5.3 and 5.4 then do the "right" fix which you said to 5.4.1 :) we won't be able to change API in 5.4.1, so it's for 5.5. Thanks. Dmitry. thanks thanks change (e.g. sending zval** instead of zval*). So it could be fixed properly only in trunk. Thanks. Dmitry. On 02/25/2012 08:41 AM, Laruence wrote: Dmitry: you might want to review this fix. let me explain why crash before this fix. when doing parse_parameter, then convert the object to string by calling the ce->cast_object, and passed the same pointer(although there was a separation), to the cast_object.. then if __toString method stash $this somewhere, after the parameters clean up, the $this pointer will be impending.. then in the next loop, the return_value will happen used the same adress,, then balalala, cause the segfault.. sorry for my poor english, and hope I have made myself clearly, if there is any question , plz write me. thanks On Sat, Feb 25, 2012 at 12:36 PM, Xinchen Huiwrote: laruence Sat, 25 Feb 2012 04:36:08 + Revision: http://svn.php.net/viewvc?view=revision&revision=323489 Log: Fixed bug #61165 (Segfault - strip_tags()) Bug: https://bugs.php.net/61165 (Assigned) Segfault - strip_tags() Changed paths: U php/php-src/branches/PHP_5_3/NEWS U php/php-src/branches/PHP_5_3/Zend/zend_API.c U php/php-src/trunk/NEWS U php/php-src/trunk/Zend/zend_API.c Modified: php/php-src/branches/PHP_5_3/NEWS === --- php/php-src/branches/PHP_5_3/NEWS 2012-02-25 03:19:27 UTC (rev 323488) +++ php/php-src/branches/PHP_5_3/NEWS 2012-02-25 04:36:08 UTC (rev 323489) @@ -3,6 +3,7 @@ ?? ??? 2012, PHP 5.3.11 - Core: + . Fixed bug #61165 (Segfault - strip_tags()). (Laruence) . Improved max_input_vars directive to check nested variables (Dmitry). . Fixed bug #61095 (Incorect lexing of 0x00*+). (Etienne) . Fixed bug #61072 (Memory leak when restoring an exception handler). Modified: php/php-src/branches/PHP_5_3/Zend/zend_API.c === --- php/php-src/branches/PHP_5_3/Zend/zend_API.c2012-02-25 03:19:27 UTC (rev 323488) +++ php/php-src/branches/PHP_5_3/Zend/zend_API.c2012-02-25 04:36:08 UTC (rev 323489) @@ -254,10 +254,15 @@ static int parse_arg_object_to_string(zval **arg TSRMLS_DC) /* {{{ */ { if (Z_OBJ_HANDLER_PP(arg, cast_object)) { - SEPARATE_ZVAL_IF_NOT_REF(arg); - if (Z_OBJ_HANDLER_PP(arg, cast_object)(*arg, *arg, IS_STRING TSRMLS_CC) == SUCCESS) { + zval *obj; + ALLOC_ZVAL(obj); + MAKE_COPY_ZVAL(arg, obj); + if (Z_OBJ_HANDLER_P(*arg, cast_object)(*arg, obj, IS_STRING TSRMLS_CC) == SUCCESS) { + zval_ptr_dtor(arg); + *arg = obj; return SUCCESS; } + zval_ptr_dtor(&obj); } /* Standard PHP objects */ if (Z_OBJ_HT_PP(arg) ==&std_object_handlers || !Z_OBJ_HANDLER_PP(arg, cast_object)) { Modified: php/php-src/trunk/NEWS === --- php/php-src/trunk/NEWS 2012-02-25 03:19:27 UTC (rev 323488) +++ php/php-src/trunk/NEWS 2012-02-25 04:36:08 UTC (rev 323489) @@ -6,6 +6,7 @@ . World domination - Core: + . Fixed bug #61165 (Segfault - strip_tags()). (Laruence) . Fixed bug #61072 (Memory leak when restoring an exception handler). (Nikic, Laruence) . Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical Modified: php/php-src/trunk/Zend/zend_API.c === --- php/php-src/trunk/Zend/zend_API.c 2012-02-25 03:19:27 UTC (rev 323488) +++ php/php-src/trunk/Zend/zend_API.c 2012-02-25 04:36:08 UTC (rev 323489) @@ -262,12 +262,17 @@ static int parse_arg_object_to_string(zval **arg, char
Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/NEWS branches/PHP_5_3/Zend/zend_API.c trunk/NEWS trunk/Zend/zend_API.c
On Mon, Feb 27, 2012 at 4:31 PM, Laruence wrote: > On Mon, Feb 27, 2012 at 4:00 PM, Dmitry Stogov wrote: >> Hi Laruence, >> >> The attached patch looks wired. The patch on top of it (r323563) makes it >> better. However, in my opinion it fixes a common problem just in a single >> place. Each call to __toString() that makes "side effects" may cause the >> similar problem. It would be great to make a "right" fix in >> zend_std_cast_object_tostring() itself, but probably it would require API > Hi: > before this fix, I thought about the same idea of that. > > but, you know, such change will need all exts who implmented > their own cast_object handler change there codes too. > > for now, I exam the usage of std_cast_object_tostring, most of > them do the similar things like this fix to avoid this issues(like > ZEND_CAST handler). > > so I think, maybe it's okey for a temporary fix :) what I mean temporary is, apply this fix to 5.3 and 5.4 then do the "right" fix which you said to 5.4.1 :) thanks > > thanks >> change (e.g. sending zval** instead of zval*). So it could be fixed properly >> only in trunk. >> >> Thanks. Dmitry. >> >> >> On 02/25/2012 08:41 AM, Laruence wrote: >>> >>> Dmitry: >>> you might want to review this fix. >>> >>> let me explain why crash before this fix. >>> >>> when doing parse_parameter, then convert the object to string by >>> calling the ce->cast_object, >>> >>> and passed the same pointer(although there was a separation), to >>> the cast_object.. >>> >>> then if __toString method stash $this somewhere, after the >>> parameters clean up, the $this pointer will be impending.. >>> >>> then in the next loop, the return_value will happen used the same >>> adress,, >>> >>> then balalala, cause the segfault.. >>> >>> sorry for my poor english, and hope I have made myself clearly, >>> if there is any question , plz write me. >>> >>> thanks >>> >>> On Sat, Feb 25, 2012 at 12:36 PM, Xinchen Hui wrote: laruence Sat, 25 Feb 2012 04:36:08 + Revision: http://svn.php.net/viewvc?view=revision&revision=323489 Log: Fixed bug #61165 (Segfault - strip_tags()) Bug: https://bugs.php.net/61165 (Assigned) Segfault - strip_tags() Changed paths: U php/php-src/branches/PHP_5_3/NEWS U php/php-src/branches/PHP_5_3/Zend/zend_API.c U php/php-src/trunk/NEWS U php/php-src/trunk/Zend/zend_API.c Modified: php/php-src/branches/PHP_5_3/NEWS === --- php/php-src/branches/PHP_5_3/NEWS 2012-02-25 03:19:27 UTC (rev 323488) +++ php/php-src/branches/PHP_5_3/NEWS 2012-02-25 04:36:08 UTC (rev 323489) @@ -3,6 +3,7 @@ ?? ??? 2012, PHP 5.3.11 - Core: + . Fixed bug #61165 (Segfault - strip_tags()). (Laruence) . Improved max_input_vars directive to check nested variables (Dmitry). . Fixed bug #61095 (Incorect lexing of 0x00*+). (Etienne) . Fixed bug #61072 (Memory leak when restoring an exception handler). Modified: php/php-src/branches/PHP_5_3/Zend/zend_API.c === --- php/php-src/branches/PHP_5_3/Zend/zend_API.c 2012-02-25 03:19:27 UTC (rev 323488) +++ php/php-src/branches/PHP_5_3/Zend/zend_API.c 2012-02-25 04:36:08 UTC (rev 323489) @@ -254,10 +254,15 @@ static int parse_arg_object_to_string(zval **arg TSRMLS_DC) /* {{{ */ { if (Z_OBJ_HANDLER_PP(arg, cast_object)) { - SEPARATE_ZVAL_IF_NOT_REF(arg); - if (Z_OBJ_HANDLER_PP(arg, cast_object)(*arg, *arg, IS_STRING TSRMLS_CC) == SUCCESS) { + zval *obj; + ALLOC_ZVAL(obj); + MAKE_COPY_ZVAL(arg, obj); + if (Z_OBJ_HANDLER_P(*arg, cast_object)(*arg, obj, IS_STRING TSRMLS_CC) == SUCCESS) { + zval_ptr_dtor(arg); + *arg = obj; return SUCCESS; } + zval_ptr_dtor(&obj); } /* Standard PHP objects */ if (Z_OBJ_HT_PP(arg) ==&std_object_handlers || !Z_OBJ_HANDLER_PP(arg, cast_object)) { Modified: php/php-src/trunk/NEWS === --- php/php-src/trunk/NEWS 2012-02-25 03:19:27 UTC (rev 323488) +++ php/php-src/trunk/NEWS 2012-02-25 04:36:08 UTC (rev 323489) @@ -6,6 +6,7 @@ . World domination - Core: + . Fixed bug #61165 (Segfault - strip_tags()). (Laruence) . Fixed bug #61072 (Memory leak when restoring an exception handler). (Nikic, Laruence) . Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical
Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/NEWS branches/PHP_5_3/Zend/zend_API.c trunk/NEWS trunk/Zend/zend_API.c
On Mon, Feb 27, 2012 at 4:00 PM, Dmitry Stogov wrote: > Hi Laruence, > > The attached patch looks wired. The patch on top of it (r323563) makes it > better. However, in my opinion it fixes a common problem just in a single > place. Each call to __toString() that makes "side effects" may cause the > similar problem. It would be great to make a "right" fix in > zend_std_cast_object_tostring() itself, but probably it would require API Hi: before this fix, I thought about the same idea of that. but, you know, such change will need all exts who implmented their own cast_object handler change there codes too. for now, I exam the usage of std_cast_object_tostring, most of them do the similar things like this fix to avoid this issues(like ZEND_CAST handler). so I think, maybe it's okey for a temporary fix :) thanks > change (e.g. sending zval** instead of zval*). So it could be fixed properly > only in trunk. > > Thanks. Dmitry. > > > On 02/25/2012 08:41 AM, Laruence wrote: >> >> Dmitry: >> you might want to review this fix. >> >> let me explain why crash before this fix. >> >> when doing parse_parameter, then convert the object to string by >> calling the ce->cast_object, >> >> and passed the same pointer(although there was a separation), to >> the cast_object.. >> >> then if __toString method stash $this somewhere, after the >> parameters clean up, the $this pointer will be impending.. >> >> then in the next loop, the return_value will happen used the same >> adress,, >> >> then balalala, cause the segfault.. >> >> sorry for my poor english, and hope I have made myself clearly, >> if there is any question , plz write me. >> >> thanks >> >> On Sat, Feb 25, 2012 at 12:36 PM, Xinchen Hui wrote: >>> >>> laruence Sat, 25 Feb 2012 04:36:08 + >>> >>> Revision: http://svn.php.net/viewvc?view=revision&revision=323489 >>> >>> Log: >>> Fixed bug #61165 (Segfault - strip_tags()) >>> >>> Bug: https://bugs.php.net/61165 (Assigned) Segfault - strip_tags() >>> >>> Changed paths: >>> U php/php-src/branches/PHP_5_3/NEWS >>> U php/php-src/branches/PHP_5_3/Zend/zend_API.c >>> U php/php-src/trunk/NEWS >>> U php/php-src/trunk/Zend/zend_API.c >>> >>> Modified: php/php-src/branches/PHP_5_3/NEWS >>> === >>> --- php/php-src/branches/PHP_5_3/NEWS 2012-02-25 03:19:27 UTC (rev >>> 323488) >>> +++ php/php-src/branches/PHP_5_3/NEWS 2012-02-25 04:36:08 UTC (rev >>> 323489) >>> @@ -3,6 +3,7 @@ >>> ?? ??? 2012, PHP 5.3.11 >>> >>> - Core: >>> + . Fixed bug #61165 (Segfault - strip_tags()). (Laruence) >>> . Improved max_input_vars directive to check nested variables (Dmitry). >>> . Fixed bug #61095 (Incorect lexing of 0x00*+). (Etienne) >>> . Fixed bug #61072 (Memory leak when restoring an exception handler). >>> >>> Modified: php/php-src/branches/PHP_5_3/Zend/zend_API.c >>> === >>> --- php/php-src/branches/PHP_5_3/Zend/zend_API.c 2012-02-25 >>> 03:19:27 UTC (rev 323488) >>> +++ php/php-src/branches/PHP_5_3/Zend/zend_API.c 2012-02-25 >>> 04:36:08 UTC (rev 323489) >>> @@ -254,10 +254,15 @@ >>> static int parse_arg_object_to_string(zval **arg TSRMLS_DC) /* {{{ */ >>> { >>> if (Z_OBJ_HANDLER_PP(arg, cast_object)) { >>> - SEPARATE_ZVAL_IF_NOT_REF(arg); >>> - if (Z_OBJ_HANDLER_PP(arg, cast_object)(*arg, *arg, >>> IS_STRING TSRMLS_CC) == SUCCESS) { >>> + zval *obj; >>> + ALLOC_ZVAL(obj); >>> + MAKE_COPY_ZVAL(arg, obj); >>> + if (Z_OBJ_HANDLER_P(*arg, cast_object)(*arg, obj, >>> IS_STRING TSRMLS_CC) == SUCCESS) { >>> + zval_ptr_dtor(arg); >>> + *arg = obj; >>> return SUCCESS; >>> } >>> + zval_ptr_dtor(&obj); >>> } >>> /* Standard PHP objects */ >>> if (Z_OBJ_HT_PP(arg) ==&std_object_handlers || >>> !Z_OBJ_HANDLER_PP(arg, cast_object)) { >>> >>> >>> Modified: php/php-src/trunk/NEWS >>> === >>> --- php/php-src/trunk/NEWS 2012-02-25 03:19:27 UTC (rev 323488) >>> +++ php/php-src/trunk/NEWS 2012-02-25 04:36:08 UTC (rev 323489) >>> @@ -6,6 +6,7 @@ >>> . World domination >>> >>> - Core: >>> + . Fixed bug #61165 (Segfault - strip_tags()). (Laruence) >>> . Fixed bug #61072 (Memory leak when restoring an exception handler). >>> (Nikic, Laruence) >>> . Fixed bug #61000 (Exceeding max nesting level doesn't delete >>> numerical >>> >>> Modified: php/php-src/trunk/Zend/zend_API.c >>> === >>> --- php/php-src/trunk/Zend/zend_API.c 2012-02-25 03:19:27 UTC (rev >>> 323488) >>> +++ php/php-src/trunk/Zend/zend_API.c 2012-02-25 04:36:08 UTC (rev >>> 323489) >>>
Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/NEWS branches/PHP_5_3/Zend/zend_API.c trunk/NEWS trunk/Zend/zend_API.c
Hi Laruence, The attached patch looks wired. The patch on top of it (r323563) makes it better. However, in my opinion it fixes a common problem just in a single place. Each call to __toString() that makes "side effects" may cause the similar problem. It would be great to make a "right" fix in zend_std_cast_object_tostring() itself, but probably it would require API change (e.g. sending zval** instead of zval*). So it could be fixed properly only in trunk. Thanks. Dmitry. On 02/25/2012 08:41 AM, Laruence wrote: Dmitry: you might want to review this fix. let me explain why crash before this fix. when doing parse_parameter, then convert the object to string by calling the ce->cast_object, and passed the same pointer(although there was a separation), to the cast_object.. then if __toString method stash $this somewhere, after the parameters clean up, the $this pointer will be impending.. then in the next loop, the return_value will happen used the same adress,, then balalala, cause the segfault.. sorry for my poor english, and hope I have made myself clearly, if there is any question , plz write me. thanks On Sat, Feb 25, 2012 at 12:36 PM, Xinchen Hui wrote: laruence Sat, 25 Feb 2012 04:36:08 + Revision: http://svn.php.net/viewvc?view=revision&revision=323489 Log: Fixed bug #61165 (Segfault - strip_tags()) Bug: https://bugs.php.net/61165 (Assigned) Segfault - strip_tags() Changed paths: U php/php-src/branches/PHP_5_3/NEWS U php/php-src/branches/PHP_5_3/Zend/zend_API.c U php/php-src/trunk/NEWS U php/php-src/trunk/Zend/zend_API.c Modified: php/php-src/branches/PHP_5_3/NEWS === --- php/php-src/branches/PHP_5_3/NEWS 2012-02-25 03:19:27 UTC (rev 323488) +++ php/php-src/branches/PHP_5_3/NEWS 2012-02-25 04:36:08 UTC (rev 323489) @@ -3,6 +3,7 @@ ?? ??? 2012, PHP 5.3.11 - Core: + . Fixed bug #61165 (Segfault - strip_tags()). (Laruence) . Improved max_input_vars directive to check nested variables (Dmitry). . Fixed bug #61095 (Incorect lexing of 0x00*+). (Etienne) . Fixed bug #61072 (Memory leak when restoring an exception handler). Modified: php/php-src/branches/PHP_5_3/Zend/zend_API.c === --- php/php-src/branches/PHP_5_3/Zend/zend_API.c2012-02-25 03:19:27 UTC (rev 323488) +++ php/php-src/branches/PHP_5_3/Zend/zend_API.c2012-02-25 04:36:08 UTC (rev 323489) @@ -254,10 +254,15 @@ static int parse_arg_object_to_string(zval **arg TSRMLS_DC) /* {{{ */ { if (Z_OBJ_HANDLER_PP(arg, cast_object)) { - SEPARATE_ZVAL_IF_NOT_REF(arg); - if (Z_OBJ_HANDLER_PP(arg, cast_object)(*arg, *arg, IS_STRING TSRMLS_CC) == SUCCESS) { + zval *obj; + ALLOC_ZVAL(obj); + MAKE_COPY_ZVAL(arg, obj); + if (Z_OBJ_HANDLER_P(*arg, cast_object)(*arg, obj, IS_STRING TSRMLS_CC) == SUCCESS) { + zval_ptr_dtor(arg); + *arg = obj; return SUCCESS; } + zval_ptr_dtor(&obj); } /* Standard PHP objects */ if (Z_OBJ_HT_PP(arg) ==&std_object_handlers || !Z_OBJ_HANDLER_PP(arg, cast_object)) { Modified: php/php-src/trunk/NEWS === --- php/php-src/trunk/NEWS 2012-02-25 03:19:27 UTC (rev 323488) +++ php/php-src/trunk/NEWS 2012-02-25 04:36:08 UTC (rev 323489) @@ -6,6 +6,7 @@ . World domination - Core: + . Fixed bug #61165 (Segfault - strip_tags()). (Laruence) . Fixed bug #61072 (Memory leak when restoring an exception handler). (Nikic, Laruence) . Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical Modified: php/php-src/trunk/Zend/zend_API.c === --- php/php-src/trunk/Zend/zend_API.c 2012-02-25 03:19:27 UTC (rev 323488) +++ php/php-src/trunk/Zend/zend_API.c 2012-02-25 04:36:08 UTC (rev 323489) @@ -262,12 +262,17 @@ static int parse_arg_object_to_string(zval **arg, char **p, int *pl, int type TSRMLS_DC) /* {{{ */ { if (Z_OBJ_HANDLER_PP(arg, cast_object)) { - SEPARATE_ZVAL_IF_NOT_REF(arg); - if (Z_OBJ_HANDLER_PP(arg, cast_object)(*arg, *arg, type TSRMLS_CC) == SUCCESS) { + zval *obj; + ALLOC_ZVAL(obj); + MAKE_COPY_ZVAL(arg, obj); + if (Z_OBJ_HANDLER_P(*arg, cast_object)(*arg, obj, type TSRMLS_CC) == SUCCESS) { + zval_ptr_dtor(arg); + *arg = obj; *pl = Z_STRLEN_PP(arg); *p = Z_STRVAL_PP(arg); return SUCCESS; } + zval_ptr_dtor(&obj); } /* Standard