Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:16210 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 68115 invoked by uid 1010); 11 May 2005 12:21:47 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 45401 invoked from network); 11 May 2005 11:59:31 -0000 Received: from unknown (HELO redhat.com) (127.0.0.1) by localhost with SMTP; 11 May 2005 11:59:31 -0000 X-Host-Fingerprint: 66.187.233.31 mx1.redhat.com Linux 2.4/2.6 Received: from ([66.187.233.31:55265] helo=mx1.redhat.com) by pb1.pair.com (ecelerity 1.2 r(5656M)) with SMTP id 59/43-35155-993F1824 for ; Wed, 11 May 2005 07:59:23 -0400 Received: from int-mx1.corp.redhat.com (int-mx1.corp.redhat.com [172.16.52.254]) by mx1.redhat.com (8.12.11/8.12.11) with ESMTP id j4BBwTSP008209; Wed, 11 May 2005 07:58:29 -0400 Received: from radish.cambridge.redhat.com (radish.cambridge.redhat.com [172.16.18.90]) by int-mx1.corp.redhat.com (8.11.6/8.11.6) with ESMTP id j4BBwSO29145; Wed, 11 May 2005 07:58:28 -0400 Received: from radish.cambridge.redhat.com (localhost.localdomain [127.0.0.1]) by radish.cambridge.redhat.com (8.13.1/8.12.7) with ESMTP id j4BBwMRQ019162; Wed, 11 May 2005 12:58:22 +0100 Received: (from jorton@localhost) by radish.cambridge.redhat.com (8.13.1/8.12.10/Submit) id j4BBwLfk019160; Wed, 11 May 2005 12:58:21 +0100 Date: Wed, 11 May 2005 12:58:21 +0100 To: Kamesh Jayachandran Cc: derick@php.net, internals@lists.php.net Message-ID: <20050511115821.GA18178@redhat.com> Mail-Followup-To: Kamesh Jayachandran , derick@php.net, internals@lists.php.net References: <1115810320.15383.233879420@webmail.messagingengine.com> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <1115810320.15383.233879420@webmail.messagingengine.com> User-Agent: Mutt/1.4.1i Subject: Re: segfault in html_entity_decode From: jorton@redhat.com (Joe Orton) On Wed, May 11, 2005 at 04:18:40AM -0700, Kamesh Jayachandran wrote: > Hi Derick and Joe, > html_entity_decode('  ‘†′⁄€', > ENT_QUOTES, 'UTF-8'); (same testcase bug #29119) is causing Segfault in > NetWare. > > The cause of the segfault seems to be the size of ent_uni_338_402. Which > I persume should be of size 402-338+1=65 > > It used to be 63 in size till 1.97.2.5. > > Bug fix 28067 by Derick seemed to have increased the size by 65 but with > wrong comment ending. > It resulted in the code as follows, > /* 376 (0x0178) No end comment > "Yuml", NULL, NULL, NULL, NULL, NULL, NULL, NULL, > NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, > NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, > /* 400 (0x0190)*/ > NULL, NULL, "fnof" > > Later Joe Orton fixed the above improper comment by extending the > comment to 3 more lines. The comment already extended for the full three lines since it wasn't terminated earlier. But I guess *that* was the mistake made in the merge from the 4.3, and it was supposed to match the 4.3 code as below, does this fix the segfault for you? Index: html.c =================================================================== RCS file: /repository/php-src/ext/standard/html.c,v retrieving revision 1.107 diff -u -r1.107 html.c --- html.c 1 May 2005 19:48:55 -0000 1.107 +++ html.c 11 May 2005 11:56:29 -0000 @@ -115,11 +115,11 @@ "Scaron", "scaron", NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, - /* 376 (0x0178) + /* 376 (0x0178) */ "Yuml", NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, */ - /* 400 (0x0190)*/ + /* 400 (0x0190) */ NULL, NULL, "fnof" };