ID: 12908
Comment by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
Status: No Feedback
Bug Type: Scripting Engine problem
Operating System: SuSE Linux 7.1
PHP Version: 4.0.5
New Comment:
I have experienced a similar bug in 4.2.3 in the zend
routine: add_char_to_string(). Without this patch,
(and the original patch included in this message)
standalone php could not run the run-tests.php script
without a SEGV, and we had similarly odd results with
the apache module. With this patch, life is good.
It has something to do with the treatment of NULL/empty strings:
whenever the crash occurs, the string is
NULL/empty and the string length is 1 !? Something's
not right there.
OS: IRIX 6.5 04101931 IP35
PHP Version: 4.2.3
*** zend_operators.c.orig Tue Nov 12 13:42:20 2002
--- zend_operators.c Tue Nov 12 12:20:28 2002
***************
*** 988,997 ****
/* must support result==op1 */
ZEND_API int add_char_to_string(zval *result, zval *op1, zval *op2)
{
! result->value.str.len = op1->value.str.len + 1;
! result->value.str.val = (char *) erealloc(op1->value.str.val,
result->value.str.len+1);
! result->value.str.val[result->value.str.len - 1] = (char)
op2->value.lval;
! result->value.str.val[result->value.str.len] = 0;
result->type = IS_STRING;
return SUCCESS;
}
--- 988,1013 ----
/* must support result==op1 */
ZEND_API int add_char_to_string(zval *result, zval *op1, zval *op2)
{
!
! int length;
!
! /* null strings haven't a useful length */
! if (op1->value.str.val == NULL) {
! op1->value.str.len = 0;
! }
!
! length = op1->value.str.len + 1;
!
! if (op1->value.str.val==empty_string) {
! result->value.str.val = (char *) emalloc(length+1);
! } else {
! result->value.str.val = (char *)
erealloc(op1->value.str.val, length+1);
! }
!
!
! result->value.str.val[length - 1] = (char) op2->value.lval;
! result->value.str.val[length] = 0;
! result->value.str.len = length;
result->type = IS_STRING;
return SUCCESS;
}
Previous Comments:
------------------------------------------------------------------------
[2002-09-16 01:00:01] [EMAIL PROTECTED]
No feedback was provided for this bug for over a month, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
------------------------------------------------------------------------
[2002-08-13 22:40:43] [EMAIL PROTECTED]
Thank you for taking the time to report a problem with PHP.
Unfortunately you are not using a current version of PHP --
the problem might already be fixed. Please download a new
PHP version from http://www.php.net/downloads.php
If you are able to reproduce the bug with one of the latest
versions of PHP, please change the PHP version on this bug report
to the version you tested and change the status back to "Open".
Again, thank you for your continued support of PHP.
------------------------------------------------------------------------
[2002-01-13 16:31:34] [EMAIL PROTECTED]
Make this a scripting engine problem.
Please close if this issue is resolved already.
------------------------------------------------------------------------
[2001-12-10 13:25:08] [EMAIL PROTECTED]
I'm sorry, but currently I have no free resources to test it. Thank you
for reviewing the problem.
------------------------------------------------------------------------
[2001-12-05 19:44:50] [EMAIL PROTECTED]
Your patch is not applied, but Could you try 4.1.0RC5?
http://www.php.net/~zeev/php-4.1.0RC5.tar.gz
(The cause should be in other places. It may be fixed already)
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/12908
--
Edit this bug report at http://bugs.php.net/?id=12908&edit=1
