PHP :: Bug #41724 :: libxml_get_last_error()
| Bug #41724 | libxml_get_last_error() - errors survice request scope | ||||
|---|---|---|---|---|---|
| Submitted: | 2007-06-18 10:56 UTC | Modified: | 2007-06-18 16:46 UTC | ||
| From: | thekid@php.net | Assigned: | |||
| Status: | Closed | Package: | XML related | ||
| PHP Version: | 5CVS-2007-06-18 (CVS) | OS: | Any | ||
| Private report: | No | CVE-ID: | None | ||
[2007-06-18 10:56 UTC] thekid@php.net
Description:
------------
If one fails to call libxml_clear_error() at the end of a request (via register_shutdown_func() e.g.) errors retrieved by libxml_get_last_error() may come from a different request previously handled in the same webserver child.
Reproduce code:
---------------
-- test.php --
<?php
var_dump(libxml_get_last_error());
?>
-- produce.php --
<?php
$d= new DomDocument();
$d->loadXML('malformed');
?>
1) Call produce.php
2) Call test.php - if it is served up by the same web server
child, you will see the error from produce.php
Expected result:
----------------
One script should never be able to mess with other scripts' context.
Actual result:
--------------
libxml_get_last_error() in test.php will report the error produced in produce.php if run inside the same web server child process.
Patches
Pull Requests
History
AllCommentsChangesGit/SVN commits
[2007-06-18 10:57 UTC] thekid@php.net
This patch should fix the problem: $ cvs diff -u ext/libxml/ cvs diff: Diffing ext/libxml Index: ext/libxml/libxml.c =================================================================== RCS file: /repository/php-src/ext/libxml/libxml.c,v retrieving revision 1.32.2.7.2.11 diff -u -r1.32.2.7.2.11 libxml.c --- ext/libxml/libxml.c 23 Feb 2007 11:12:49 -0000 1.32.2.7.2.11 +++ ext/libxml/libxml.c 18 Jun 2007 10:46:00 -0000 @@ -674,7 +674,7 @@ efree(LIBXML(error_list)); LIBXML(error_list) = NULL; } - + xmlResetLastError(); return SUCCESS; } It adds xmlResetLastError() call to RSHUTDOWN[2007-06-18 16:46 UTC] iliaa@php.net