diff options
| author | Adam Harvey <aharvey@php.net> | 2015-12-01 03:09:36 +0000 |
|---|---|---|
| committer | Adam Harvey <aharvey@php.net> | 2015-12-01 03:09:36 +0000 |
| commit | 91bad929aa0d7b7560a20c58e1e02a76f522b0bd (patch) | |
| tree | 70d86d7605d895c3e1989a6ef3313dfbf3f20d2e | |
| parent | ed4b887cf6e59c12428ebece5492201c63bfbb4f (diff) | |
| download | php-git-91bad929aa0d7b7560a20c58e1e02a76f522b0bd.tar.gz | |
Fix bug #71005 (Segfault in php_cli_server_dispatch_router()).
We didn't initialise the retval variable in
php_cli_server_dispatch_router(); let's now initialise it to be
IS_UNDEF, as the following if condition expects.
| -rw-r--r-- | NEWS | 3 | ||||
| -rw-r--r-- | sapi/cli/php_cli_server.c | 2 | ||||
| -rw-r--r-- | sapi/cli/tests/bug71005.phpt | 46 |
3 files changed, 51 insertions, 0 deletions
@@ -24,6 +24,9 @@ PHP NEWS . Fixed exception not being thrown immediately into a generator yielding from an array. (Bob) +- CLI server: + . Fixed bug #71005 (Segfault in php_cli_server_dispatch_router()). (Adam) + - Mysqlnd: . Fixed bug #68077 (LOAD DATA LOCAL INFILE / open_basedir restriction). (Laruence) diff --git a/sapi/cli/php_cli_server.c b/sapi/cli/php_cli_server.c index 529f5633bf..3e9bb3af8f 100644 --- a/sapi/cli/php_cli_server.c +++ b/sapi/cli/php_cli_server.c @@ -2050,6 +2050,8 @@ static int php_cli_server_dispatch_router(php_cli_server *server, php_cli_server zend_try { zval retval; + + ZVAL_UNDEF(&retval); if (SUCCESS == zend_execute_scripts(ZEND_REQUIRE, &retval, 1, &zfd)) { if (Z_TYPE(retval) != IS_UNDEF) { decline = Z_TYPE(retval) == IS_FALSE; diff --git a/sapi/cli/tests/bug71005.phpt b/sapi/cli/tests/bug71005.phpt new file mode 100644 index 0000000000..3a60dcf42f --- /dev/null +++ b/sapi/cli/tests/bug71005.phpt @@ -0,0 +1,46 @@ +--TEST-- +Bug #71005 (Segfault in php_cli_server_dispatch_router()) +--SKIPIF-- +<?php +include "skipif.inc"; +?> +--FILE-- +<?php + +$code = <<<'EOF' +set_exception_handler(function () { echo 'goodbye'; }); +throw new Exception; +EOF; + +include "php_cli_server.inc"; +php_cli_server_start($code); + +list($host, $port) = explode(':', PHP_CLI_SERVER_ADDRESS); +$port = intval($port) ?: 80; + +$fp = fsockopen($host, $port, $errno, $errstr, 0.5); +if (!$fp) { + die("connect failed"); +} + +if(fwrite($fp, <<<HEADER +GET / HTTP/1.1 +Host: {$host} + + +HEADER +)) { + while (!feof($fp)) { + echo fgets($fp); + } +} + +?> +--EXPECTF-- +HTTP/1.1 200 OK +Host: %s +Connection: close +X-Powered-By: PHP/%s +Content-type: text/html; charset=UTF-8 + +goodbye |