-
Notifications
You must be signed in to change notification settings - Fork 7.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cloning a faked SplFileInfo object may segfault #7809
Labels
Milestone
Comments
the same on my local machine. I am using the
verified on 8.2 too
|
Relevant part of the stack backtrace:
The problem is at php-src/ext/spl/spl_directory.c Line 388 in 713dcb2
source->path is NULL, and zend_string_copy() can't handle that. Prior to 13e4ce3, there were no zend_string s but rather char* s so no problem with PHP 8.0.
|
The following patch might do: ext/spl/spl_directory.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/ext/spl/spl_directory.c b/ext/spl/spl_directory.c
index 1161858468..0ba11f4800 100644
--- a/ext/spl/spl_directory.c
+++ b/ext/spl/spl_directory.c
@@ -385,8 +385,12 @@ static zend_object *spl_filesystem_object_clone(zend_object *old_object)
switch (source->type) {
case SPL_FS_INFO:
- intern->path = zend_string_copy(source->path);
- intern->file_name = zend_string_copy(source->file_name);
+ if (source->path != NULL) {
+ intern->path = zend_string_copy(source->path);
+ }
+ if (source->file_name != NULL) {
+ intern->file_name = zend_string_copy(source->file_name);
+ }
break;
case SPL_FS_DIR:
spl_filesystem_dir_open(intern, source->path); |
cmb69
added a commit
to cmb69/php-src
that referenced
this issue
Dec 22, 2021
While the `path` is not supposed to be `NULL` for normal operation, it is possible to create `SplFileInfo` objects where that is the case, and we must not follow the null pointer.
cmb69
changed the title
Segmentation fault @ PHP 8.1
Cloning a faked SplFileInfo object may segfault
Dec 22, 2021
cmb69
added a commit
that referenced
this issue
Dec 23, 2021
* PHP-8.1: Fix GH-7809: Cloning a faked SplFileInfo object may segfault
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
We have some code that worked without any issues on PHP 8.0, but it's failing with a segmentation fault on 8.1.
I'm not sure whether it's a PHPUnit or PHP issue... So please see the code. Mock creation triggers the problem.
Test repo: b1rdex/php-8.1-segfault
I've opened sebastianbergmann/phpunit#4844 for PHPUnit, but the issue was closed with a piece of advice to report it to PHP. So please see the test repo for the details about the issue.
PHP Version
8.1.1
Operating System
Docker official image
The text was updated successfully, but these errors were encountered: