datefmt_create with incorrectly encoded timezone leaks pattern
| Bug #62017 | datefmt_create with incorrectly encoded timezone leaks pattern | ||||
|---|---|---|---|---|---|
| Submitted: | 2012-05-13 21:41 UTC | Modified: | 2012-05-23 13:53 UTC | ||
| From: | nikic@php.net | Assigned: | cataphract (profile) | ||
| Status: | Closed | Package: | intl (PECL) | ||
| PHP Version: | master-Git-2012-05-13 (Git) | OS: | |||
| Private report: | No | CVE-ID: | None | ||
[2012-05-13 21:41 UTC] nikic@php.net
Description:
------------
The script
<?php
datefmt_create('', IntlDateFormatter::NONE, IntlDateFormatter::NONE, "\xff", IntlDateFormatter::GREGORIAN, 'a');
Produces this output:
[Sun May 13 23:39:54 2012] Script: '/home/nikic/dev/Phuzzy/results/workingFile1_memleak.php'
/home/nikic/dev/php-src/ext/intl/intl_convert.c(78) : Freeing 0xB69401E4 (4 bytes), script=/home/nikic/dev/Phuzzy/results/workingFile1_memleak.php
/home/nikic/dev/php-src/Zend/zend_alloc.c(2529) : Actual location (location was relayed)
=== Total 1 memory leaks detected ===
The reason is that if an error occurs in http://lxr.php.net/opengrok/xref/PHP_TRUNK/ext/intl/dateformat/dateformat.c#109, then svalue isn't freed.
Patches
Pull Requests
History
AllCommentsChangesGit/SVN commits
[2012-05-23 13:53 UTC] cataphract@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: cataphract