Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:36486 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 11108 invoked from network); 25 Mar 2008 11:25:49 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 25 Mar 2008 11:25:49 -0000 Authentication-Results: pb1.pair.com smtp.mail=osman@google.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=osman@google.com; sender-id=pass; domainkeys=good Received-SPF: pass (pb1.pair.com: domain google.com designates 216.239.33.17 as permitted sender) DomainKey-Status: good X-DomainKeys: Ecelerity dk_validate implementing draft-delany-domainkeys-base-01 X-PHP-List-Original-Sender: osman@google.com X-Host-Fingerprint: 216.239.33.17 smtp-out.google.com Received: from [216.239.33.17] ([216.239.33.17:31220] helo=smtp-out.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 84/83-27660-B31E8E74 for ; Tue, 25 Mar 2008 06:25:48 -0500 Received: from zps75.corp.google.com (zps75.corp.google.com [172.25.146.75]) by smtp-out.google.com with ESMTP id m2PBPe1q005526 for ; Tue, 25 Mar 2008 11:25:40 GMT DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=google.com; s=beta; t=1206444341; bh=IyGpmvLQVbymTMVwXFw5/tRfV9E=; h=DomainKey-Signature:Message-ID:Date:From:To:Subject:MIME-Version: Content-Type; b=Z5FIx4I4x89fg+p93JkxeRWrQd0gzXD2wpT1u8zM2mN64fSkKj 0FpWWTg7uYHBj7/fYrl8e971CJOPkhTp68tg== DomainKey-Signature: a=rsa-sha1; s=beta; d=google.com; c=nofws; q=dns; h=received:message-id:date:from:to:subject:mime-version:content-type; b=vxlEhDBAp+ux1HTWDArFkl7zsti4agyR5muoi1mInK2Oh5akhhRQ+R6gcjdtIbG2M 0LUTh231416q2NnXIrXMA== Received: from rn-out-0910.google.com (rnbs28.prod.google.com [10.38.95.28]) by zps75.corp.google.com with ESMTP id m2PBPdOU004330 for ; Tue, 25 Mar 2008 04:25:39 -0700 Received: by rn-out-0910.google.com with SMTP id s28so1696894rnb.20 for ; Tue, 25 Mar 2008 04:25:39 -0700 (PDT) Received: by 10.141.74.17 with SMTP id b17mr3138653rvl.234.1206444338400; Tue, 25 Mar 2008 04:25:38 -0700 (PDT) Received: by 10.141.115.13 with HTTP; Tue, 25 Mar 2008 04:25:38 -0700 (PDT) Message-ID: Date: Tue, 25 Mar 2008 13:25:38 +0200 To: internals@lists.php.net MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_9441_902903.1206444338406" Subject: [PATCH] Pointer reset to NULL but not freed (in SAPI.c) From: osman@google.com ("=?WINDOWS-1256?Q?Osman_A._Osman_(=DA=CB=E3=C7=E4)?=") ------=_Part_9441_902903.1206444338406 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Hey all, In main/SAPI.c's sapi_startup, sf->ini_entries is set to NULL but is not freed, which can cause a memory leak, e.g. in sapi/embed/php_embed.c which calls that function after mallocing ini_entries (php_embed.c tries to free that memory later, but the free is guarded by a check on ini_entries which fails because it is already NULL). --- php-5.2.5/main/SAPI.c 2007-05-25 12:20:01.000000000 +0300 +++ php-5.2.5-fixed/main/SAPI.c 2008-03-25 13:12:53.000000000 +0200 @@ -76,7 +76,10 @@ SAPI_API void sapi_startup(sapi_module_struct *sf) { - sf->ini_entries = NULL; + if (sf->ini_entries) { + free(sf->ini_entries); + sf->ini_entries = NULL; + } sapi_module = *sf; #ifdef ZTS ------=_Part_9441_902903.1206444338406--