Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:37692
Return-Path: <rasmus@lerdorf.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 10474 invoked from network); 17 May 2008 07:04:53 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 17 May 2008 07:04:53 -0000
Authentication-Results: pb1.pair.com header.from=rasmus@lerdorf.com; sender-id=unknown
Authentication-Results: pb1.pair.com smtp.mail=rasmus@lerdorf.com; spf=permerror; sender-id=unknown
Received-SPF: error (pb1.pair.com: domain lerdorf.com from 204.11.219.139 cause and error)
X-PHP-List-Original-Sender: rasmus@lerdorf.com
X-Host-Fingerprint: 204.11.219.139 mail.lerdorf.com  
Received: from [204.11.219.139] ([204.11.219.139:41327] helo=mail.lerdorf.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id A8/DD-18477-4938E284 for <internals@lists.php.net>; Sat, 17 May 2008 03:04:53 -0400
Received: from [192.168.200.148] (c-24-6-219-206.hsd1.ca.comcast.net [24.6.219.206])
	(authenticated bits=0)
	by mail.lerdorf.com (8.14.3/8.14.3/Debian-1) with ESMTP id m4H74no3032006
	for <internals@lists.php.net>; Sat, 17 May 2008 00:04:49 -0700
Message-ID: <482E8391.9080004@lerdorf.com>
Date: Sat, 17 May 2008 00:04:49 -0700
User-Agent: Thunderbird 2.0.0.4 (Macintosh/20070604)
MIME-Version: 1.0
To: PHP Developers Mailing List <internals@lists.php.net>
X-Enigmail-Version: 0.95.6
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Greylist: Sender succeeded SMTP AUTH authentication, not delayed by milter-greylist-3.0 (mail.lerdorf.com [204.11.219.139]); Sat, 17 May 2008 00:04:49 -0700 (PDT)
Subject: Curl POST emalloc leak?
From: rasmus@lerdorf.com (Rasmus Lerdorf)

Can someone spot why this code

(tested in both 5.2.5 and 5.3)

<?php
function curl($post) {
   $ch = curl_init();
   curl_setopt($ch, CURLOPT_URL, "www.fdhfkdsslak.bogus");
   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
   if($post) {
     curl_setopt($ch, CURLOPT_POST, 1);
     for($args='',$i=0;$i<75;$i++) $args .= "a=$i&";
     curl_setopt($ch, CURLOPT_POSTFIELDS, $args);
     unset($args);
   }
   curl_exec($ch);
   curl_close($ch);
}
echo "start ".memory_get_usage()."\n";
for($i=0;$i<10;$i++) {
   curl(0);
   echo "GET ".memory_get_usage()."\n";
}
for($i=0;$i<10;$i++) {
   curl(1);
   echo "POST ".memory_get_usage()."\n";
}
?>

outputs:

start 326616
GET 327256
GET 327276
GET 327276
GET 327276
GET 327276
GET 327276
GET 327276
GET 327276
GET 327276
GET 327276
POST 327516
POST 327588
POST 327652
POST 327712
POST 327892
POST 328064
POST 328228
POST 328384
POST 328528
POST 328628

The leak size isn't constant even though my post data size is constant, 
and the returned data (a dns error, presumably) is the same.  Seems like 
there is something weird in our postfield handling code in the curl 
extension.  Note also that it stabilizes somehow, although this is an 
extremely simplified version of a long-running command-line script that 
seems to grow on each post with wildly varying post data.

-Rasmus