[2004-09-10 14:44 UTC] nw at softwarekombinat dot de

Description:
------------
Hi there,

executing the following sequence of function calls results
in a segfault in the last php_module_startup(...) call:

	tsrm_startup(1, 1, 0, NULL);
	sapi_startup(&mf_sapi_module);
	php_module_startup(&mf_sapi_module, NULL, 0)

	php_module_shutdown( TSRMLS_C );
	sapi_shutdown();
	tsrm_shutdown();

	tsrm_startup(1, 1, 0, NULL);
	sapi_startup(&mf_sapi_module);
	php_module_startup(&mf_sapi_module, NULL, 0)

I debugged and saw that php_shutdown_config() does not reset global pointers back to  NULL after free()'ing them. This results in another free()-attempt during next startup.

Here is a modified php_shutdown_config() which solves the problem:


int php_shutdown_config(void)
{
	zend_hash_destroy(&configuration_hash);
	if (php_ini_opened_path) {
		free(php_ini_opened_path);
                php_ini_opened_path = NULL; /* BUGFIX */
	}
	if (php_ini_scanned_files) {
		free(php_ini_scanned_files);
                php_ini_scanned_files = NULL; /* BUGFIX */
	}
	return SUCCESS;
}


Sorry that I don't submit a patch myself - no time, currently....

Regards,
Norbert

 [2004-09-17 04:49 UTC] iliaa@php.net

This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.