Home Original page

Socket errors cause memory leaks

Bug #33019 Socket errors cause memory leaks
Submitted: 2005-05-12 17:08 UTC Modified: 2005-05-12 19:37 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: jwozniak23 at poczta dot onet dot pl Assigned:
Status: Closed Package: Sockets related
PHP Version: 4.3.11 OS: Windows XP
Private report: No CVE-ID: None

 [2005-05-12 17:08 UTC] jwozniak23 at poczta dot onet dot pl

Description:
------------
It seems that there is a memory leak in sockets extension (at least in Windows version). It happens when a socket operation causes an error. For example, in the included code socket_accept returns an error, because it's non-blocking and there is no new connection on port 1234.
We've done some research in PHP sources and discovered, that memory leak occurs every time the function php_strerror (in sockets.c) is called. 

We've resolved this bug by releasing error message buffer in this function.

Previous version:
(php_strerror in sockets.c, line 366)

LPTSTR tmp = NULL;
buf = NULL;
if (FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER | 
 FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS,
 NULL, error, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), (LPTSTR) &tmp, 0, NULL)) {
     SOCKETS_G(strerror_buf) = estrdup(tmp);
     LocalFree(tmp);	
     buf = SOCKETS_G(strerror_buf);
}

After our fix:

LPTSTR tmp = NULL;
buf = NULL;
if (FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER | 
 FORMAT_MESSAGE_FROM_SYSTEM |FORMAT_MESSAGE_IGNORE_INSERTS,
 NULL, error, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), 
  (LPTSTR) &tmp, 0, NULL)) {

    if (SOCKETS_G(strerror_buf)) {
        efree(SOCKETS_G(strerror_buf));
        SOCKETS_G(strerror_buf) = NULL;
    } 
    SOCKETS_G(strerror_buf) = estrdup(tmp);
    LocalFree(tmp);		
    buf = SOCKETS_G(strerror_buf);
}


After applying our fix there are no memory
leaks when running attached example.




Reproduce code:
---------------
<?php
set_time_limit (0);
$address = "localhost";
$port = 1234;
$sock = &socket_create (AF_INET, SOCK_STREAM, 0);
socket_set_option($sock, SOL_SOCKET, SO_REUSEADDR, 1);
socket_bind ($sock, $address, $port);
socket_listen ($sock, 10);
socket_set_nonblock($sock);
while(true) {
	@$asock = &socket_accept($sock);
	if ($asock) socket_close($asock);
}
?>

Expected result:
----------------
Every second the script takes additional 3MB of memory.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

 [2005-05-12 18:27 UTC] tony2001@php.net

This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.