clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-21 09:57:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'PHP-8.2' into PHP-8.3

Browse Source 
* PHP-8.2:
  Fix memory leaks with string function name lookups
This commit is contained in:
Niels Dossche 2024-05-31 21:23:13 +02:00
commit cac4290fb6
No known key found for this signature in database
GPG Key ID: B8A8AD166DF0E2E5
2 changed files with 5 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
NEWS
View File

@ -32,6 +32,7 @@ PHP NEWS
. Fix memory leak if calling SoapServer::setObject() twice. (nielsdos)
. Fix memory leak if calling SoapServer::setClass() twice. (nielsdos)
. Fix reading zlib ini settings in ext-soap. (nielsdos)
. Fix memory leaks with string function name lookups. (nielsdos)
- Sodium:
. Fix memory leaks in ext/sodium on failure of some functions. (nielsdos)

12
ext/soap/soap.c
View File

@ -1051,6 +1051,7 @@ PHP_METHOD(SoapServer, addFunction)
key = zend_string_tolower(Z_STR_P(tmp_function));
if ((f = zend_hash_find_ptr(EG(function_table), key)) == NULL) {
zend_string_release_ex(key, false);
zend_type_error("SoapServer::addFunction(): Function \"%s\" not found", Z_STRVAL_P(tmp_function));
SOAP_SERVER_END_CODE();
RETURN_THROWS();
@ -1069,6 +1070,7 @@ PHP_METHOD(SoapServer, addFunction)
key = zend_string_tolower(Z_STR_P(function_name));
if ((f = zend_hash_find_ptr(EG(function_table), key)) == NULL) {
zend_string_release_ex(key, false);
zend_argument_type_error(1, "must be a valid function name, function \"%s\" not found", Z_STRVAL_P(function_name));
SOAP_SERVER_END_CODE();
RETURN_THROWS();
@ -1395,8 +1397,7 @@ PHP_METHOD(SoapServer, handle)
}
}
#endif
zend_string *fn_name = zend_string_tolower(Z_STR(h->function_name));
if (zend_hash_exists(function_table, fn_name) ||
if (zend_hash_find_ptr_lc(function_table, Z_STR(h->function_name)) != NULL ||
((service->type == SOAP_CLASS || service->type == SOAP_OBJECT) &&
zend_hash_str_exists(function_table, ZEND_CALL_FUNC_NAME, sizeof(ZEND_CALL_FUNC_NAME)-1))) {
if (service->type == SOAP_CLASS || service->type == SOAP_OBJECT) {
@ -1412,25 +1413,21 @@ PHP_METHOD(SoapServer, handle)
instanceof_function(Z_OBJCE(h->retval), soap_fault_class_entry)) {
php_output_discard();
soap_server_fault_ex(function, &h->retval, h);
zend_string_release(fn_name);
if (service->type == SOAP_CLASS && soap_obj) {zval_ptr_dtor(soap_obj);}
goto fail;
} else if (EG(exception)) {
php_output_discard();
_soap_server_exception(service, function, ZEND_THIS);
zend_string_release(fn_name);
if (service->type == SOAP_CLASS && soap_obj) {zval_ptr_dtor(soap_obj);}
goto fail;
}
} else if (h->mustUnderstand) {
soap_server_fault("MustUnderstand","Header not understood", NULL, NULL, NULL);
}
zend_string_release(fn_name);
}
}
zend_string *fn_name = zend_string_tolower(Z_STR(function_name));
if (zend_hash_exists(function_table, fn_name) ||
if (zend_hash_find_ptr_lc(function_table, Z_STR(function_name)) != NULL ||
((service->type == SOAP_CLASS || service->type == SOAP_OBJECT) &&
zend_hash_str_exists(function_table, ZEND_CALL_FUNC_NAME, sizeof(ZEND_CALL_FUNC_NAME)-1))) {
if (service->type == SOAP_CLASS || service->type == SOAP_OBJECT) {
@ -1452,7 +1449,6 @@ PHP_METHOD(SoapServer, handle)
} else {
php_error(E_ERROR, "Function '%s' doesn't exist", Z_STRVAL(function_name));
}
zend_string_release(fn_name);
if (EG(exception)) {
if (!zend_is_unwind_exit(EG(exception))) {