Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:3630 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 13215 invoked from network); 29 Jul 2003 11:57:42 -0000 Received: from unknown (HELO secure.thebrainroom.com) (213.239.42.171) by pb1.pair.com with SMTP; 29 Jul 2003 11:57:42 -0000 Received: from zaneeb.brainnet.i (IDENT:root@brain.dial.nildram.co.uk [195.149.29.154]) by secure.thebrainroom.com (8.9.3/8.9.3) with ESMTP id MAA10954; Tue, 29 Jul 2003 12:57:40 +0100 Received: from TITAN (titan.brainnet.i [192.168.2.7]) by zaneeb.brainnet.i (8.11.6/8.11.6) with SMTP id h6TBvaY00551; Tue, 29 Jul 2003 12:57:36 +0100 Message-ID: <010201c355c8$98cc93b0$0702a8c0@TITAN> To: "Vesselin Atanasov" , "PHP-DEV" References: Date: Tue, 29 Jul 2003 12:57:34 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Subject: Re: [PHP-DEV] Question about zend_hash.c, UPDATE_DATA macro From: wez@thebrainroom.com ("Wez Furlong") I think I brought this up here before too. I can't remember the outcome - would you mind looking through the archives? --Wez. > The macro is used to update a hash table element in > zend_hash_add_or_update(). But it seems to me that if p->pData already > points to a > data block that hash size != sizeof (void *), and the macro is called to > update the hash element with another block that has > size != sizeof (void *), then the data block pointed at by p->pData will not > be reallocated and the last memcpy() call will overwrite the old > data block with the new data. This could possibly lead to memory corruption > if the new block is bigger than the old block. > > Could any of the PHP developers comment on this?