From 565492248a542441c86d66bef0167d44bb7e6af4 Mon Sep 17 00:00:00 2001
From: Jason Greene <jason@php.net>
Date: Tue, 10 Sep 2002 04:12:55 +0000
Subject: [PATCH] Fix crash bug and memory leak in vectors #still need to
 revisit how these are done, i.e. they are not binary safe

---
 ext/sockets/sockets.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/ext/sockets/sockets.c b/ext/sockets/sockets.c
index 217e08024bb..4ca73df448f 100644
--- a/ext/sockets/sockets.c
+++ b/ext/sockets/sockets.c
@@ -1100,6 +1100,8 @@ PHP_FUNCTION(socket_iovec_alloc)
 		vector_array[i].iov_base	= (char*)emalloc(Z_LVAL_PP(args[j]));
 		vector_array[i].iov_len		= Z_LVAL_PP(args[j]);
 	}
+	
+	efree(args);
 
 	vector = emalloc(sizeof(php_iovec_t));
 	vector->iov_array = vector_array;
@@ -1122,7 +1124,7 @@ PHP_FUNCTION(socket_iovec_fetch)
 
 	ZEND_FETCH_RESOURCE(vector, php_iovec_t *, &iovec_id, -1, le_iov_name, le_iov);
 
-	if (iovec_position > vector->count) {
+	if (iovec_position >= vector->count) {
 		php_error(E_WARNING, "%s() can't access a vector position past the amount of vectors set in the array", get_active_function_name(TSRMLS_C));
 		RETURN_EMPTY_STRING();
 	}
@@ -1146,7 +1148,7 @@ PHP_FUNCTION(socket_iovec_set)
 
 	ZEND_FETCH_RESOURCE(vector, php_iovec_t *, &iovec_id, -1, le_iov_name, le_iov);
 
-	if (iovec_position > vector->count) {
+	if (iovec_position >= vector->count) {
 		php_error(E_WARNING, "%s() can't access a vector position outside of the vector array bounds", get_active_function_name(TSRMLS_C));
 		RETURN_FALSE;
 	}