thrift-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <>
Subject [jira] [Commented] (THRIFT-3984) PHP7 extension causes segfault
Date Thu, 23 Feb 2017 14:15:44 GMT


ASF GitHub Bot commented on THRIFT-3984:

Github user zhaakhi commented on the issue:
    Ping. It would be nice to get this fix in since the double free is potentially a data
corrupting bug.

> PHP7 extension causes segfault
> ------------------------------
>                 Key: THRIFT-3984
>                 URL:
>             Project: Thrift
>          Issue Type: Bug
>          Components: PHP - Library
>    Affects Versions: 0.10.0
>            Reporter: Fei Dong
>            Priority: Critical
> I cant offer a script to reproduce segfault because it  not happens everytime. 
> PHP7 extension use ZVAL_STR to wrap zend_string to zval struct´╝îand later use zval_dtor
try to free it.
> The method_name parameter is pass from PHP script,  and zval_dtor decrement the gc reference
count, thus would free the zend_string object but it is still referenced in the script.
> I  changed  ZVAL_STR to ZVAL_STR_COPY, which will add reference count by 1 to the zend_string
object ,  apply this patch in our production environment and segfault never happen again
> Another place use ZVAL_STR is [here|].
Both this two place need to be fixed 

This message was sent by Atlassian JIRA

View raw message