clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-22 02:17:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
79c5b32d15
php-src/ext/mysqlnd
History
Niels Dossche 8930bf8c33 Fix GH-8979: Possible Memory Leak with SSL-enabled MySQL connections 
The stream context inside `mysqlnd_vio::enable_ssl()` is leaking.
In particular: when `php_stream_context_set()` get called the refcount
of `context` is increased by 1, which means that `context` will now
have a refcount of 2. Later on we remove the context from the stream
by calling `php_stream_context_set(stream, NULL)` but that leaves our
`context` with a refcount of 1, and therefore it's never destroyed.
In my test case this yielded a leak of 1456 bytes per connection
(but could be more depending on your settings ofc).

Annoyingly, Valgrind doesn't find it because the context is still
in the `EG(regular_list)` and will thus be destroyed at the end of
the request. However, I still think this bug needs to be fixed because
as the users in the issue report already mentioned:
there can be long-running PHP scripts.

Fix it by decreasing the refcount to transfer the ownership.

Closes GH-10909.
2023-03-24 18:03:29 +01:00
..
config9.m4 Remove MYSQLND_COMPRESSION_WANTED define 2020-06-04 10:03:39 +02:00
config-win.h Drop unnecessary stdint and inttypes header checks 2020-04-22 20:18:19 +02:00
config.w32 Native Windows support for mysqlnd sha256 authentification 2020-03-02 16:32:51 +01:00
CREDITS
mysql_float_to_double.h Move php_gcvt to zend_gcvt 2021-08-02 14:51:46 +02:00
mysqlnd_alloc.c Fix potential heap corruption due to alignment mismatch 2022-10-13 11:47:24 +02:00
mysqlnd_alloc.h Implement mysqlnd_set_persistent_string (#7371) 2021-08-20 12:03:46 +01:00
mysqlnd_auth.c Implement mysqlnd_set_persistent_string (#7371) 2021-08-20 12:03:46 +01:00
mysqlnd_auth.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
mysqlnd_block_alloc.c Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
mysqlnd_block_alloc.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
mysqlnd_charset.c Merge branch 'PHP-8.0' into PHP-8.1 2022-06-10 12:44:39 -04:00
mysqlnd_charset.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
mysqlnd_commands.c Implement mysqlnd_set_persistent_string (#7371) 2021-08-20 12:03:46 +01:00
mysqlnd_commands.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
mysqlnd_connection.c Merge branch 'PHP-8.0' into PHP-8.1 2022-10-01 11:23:34 +02:00
mysqlnd_connection.h Replace macro with inline function (#7365) 2021-08-13 20:03:26 +01:00
mysqlnd_debug.c Fix printf formats in mysql debug logging 2021-06-16 16:09:06 +02:00
mysqlnd_debug.h Fix printf formats in mysql debug logging 2021-06-16 16:09:06 +02:00
mysqlnd_driver.c Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
mysqlnd_enum_n_def.h Remove mysqlnd local_tx functionality 2021-08-12 15:21:21 +02:00
mysqlnd_ext_plugin.c Mark various functions with void arguments. 2021-05-12 14:55:53 +01:00
mysqlnd_ext_plugin.h Mark various functions with void arguments. 2021-05-12 14:55:53 +01:00
mysqlnd_libmysql_compat.h Remove get_parameter_metadata 2021-07-29 14:21:13 +01:00
mysqlnd_loaddata.c Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
mysqlnd_plugin.c Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
mysqlnd_plugin.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
mysqlnd_portability.h Remove MYSQLND_SZ_T_SPEC 2021-08-12 15:29:06 +02:00
mysqlnd_priv.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
mysqlnd_protocol_frame_codec.c Remove MYSQLND_SZ_T_SPEC 2021-08-12 15:29:06 +02:00
mysqlnd_protocol_frame_codec.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
mysqlnd_ps_codec.c Fixed some spaces used instead of tabs 2021-06-29 11:30:26 +02:00
mysqlnd_ps.c Fix mnd_malloc -> mnd_emalloc from previous merge 2022-03-31 10:53:58 +01:00
mysqlnd_ps.h Mark various functions with void arguments. 2021-05-12 14:55:53 +01:00
mysqlnd_read_buffer.c Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
mysqlnd_read_buffer.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
mysqlnd_result_meta.c Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
mysqlnd_result_meta.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
mysqlnd_result.c Merge branch 'PHP-8.0' into PHP-8.1 2021-10-08 15:02:29 +02:00
mysqlnd_result.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
mysqlnd_reverse_api.c Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
mysqlnd_reverse_api.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
mysqlnd_statistics.c Drop mysqlnd statistics triggers 2021-07-29 14:21:13 +01:00
mysqlnd_statistics.h Drop mysqlnd statistics triggers 2021-07-29 14:21:13 +01:00
mysqlnd_structs.h Remove mysqlnd local_tx functionality 2021-08-12 15:21:21 +02:00
mysqlnd_vio.c Fix GH-8979: Possible Memory Leak with SSL-enabled MySQL connections 2023-03-24 18:03:29 +01:00
mysqlnd_vio.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
mysqlnd_wireprotocol.c Merge branch 'PHP-8.0' into PHP-8.1 2022-10-27 18:31:38 +01:00
mysqlnd_wireprotocol.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
mysqlnd.h Remove mysqlnd local_tx functionality 2021-08-12 15:21:21 +02:00
php_mysqlnd.c Return value from ZEND_ATOL 2021-07-12 16:51:24 +02:00
php_mysqlnd.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00