archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-16 05:58:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Fix Soap leaking http_msg on error

Browse source 
Testing all cases is not so easy to do as we would need a server that
redirects from e.g. http to https while SSL is not available.

Closes GH-16254.
This commit is contained in:
Niels Dossche 2024-10-05 23:51:35 +02:00
parent a5e8ac62d9
commit a9dada29e7
No known key found for this signature in database
GPG key ID: B8A8AD166DF0E2E5
2 changed files with 11 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
NEWS
View file

@ -74,6 +74,7 @@ PHP NEWS
- SOAP: - SOAP:
. Fixed bug #62900 (Wrong namespace on xsd import error message). (nielsdos) . Fixed bug #62900 (Wrong namespace on xsd import error message). (nielsdos)
. Fixed bug GH-16237 (Segmentation fault when cloning SoapServer). (nielsdos) . Fixed bug GH-16237 (Segmentation fault when cloning SoapServer). (nielsdos)
. Fix Soap leaking http_msg on error. (nielsdos)
- Standard: - Standard:
. Fixed bug GH-15613 (overflow on unpack call hex string repeater). . Fixed bug GH-15613 (overflow on unpack call hex string repeater).

10
ext/soap/php_http.c
View file

@ -461,6 +461,7 @@ try_again:
} }
add_soap_fault(this_ptr, "HTTP", "Unable to parse URL", NULL, NULL); add_soap_fault(this_ptr, "HTTP", "Unable to parse URL", NULL, NULL);
smart_str_free(&soap_headers_z); smart_str_free(&soap_headers_z);
efree(http_msg);
return FALSE; return FALSE;
} }
@ -474,6 +475,7 @@ try_again:
} }
add_soap_fault(this_ptr, "HTTP", "Unknown protocol. Only http and https are allowed.", NULL, NULL); add_soap_fault(this_ptr, "HTTP", "Unknown protocol. Only http and https are allowed.", NULL, NULL);
smart_str_free(&soap_headers_z); smart_str_free(&soap_headers_z);
efree(http_msg);
return FALSE; return FALSE;
} }
@ -487,6 +489,7 @@ try_again:
add_soap_fault(this_ptr, "HTTP", "SSL support is not available in this build", NULL, NULL); add_soap_fault(this_ptr, "HTTP", "SSL support is not available in this build", NULL, NULL);
PG(allow_url_fopen) = old_allow_url_fopen; PG(allow_url_fopen) = old_allow_url_fopen;
smart_str_free(&soap_headers_z); smart_str_free(&soap_headers_z);
efree(http_msg);
return FALSE; return FALSE;
} }
@ -541,6 +544,7 @@ try_again:
add_soap_fault(this_ptr, "HTTP", "Could not connect to host", NULL, NULL); add_soap_fault(this_ptr, "HTTP", "Could not connect to host", NULL, NULL);
PG(allow_url_fopen) = old_allow_url_fopen; PG(allow_url_fopen) = old_allow_url_fopen;
smart_str_free(&soap_headers_z); smart_str_free(&soap_headers_z);
efree(http_msg);
return FALSE; return FALSE;
} }
} }
@ -684,6 +688,7 @@ try_again:
convert_to_null(Z_CLIENT_USE_PROXY_P(this_ptr)); convert_to_null(Z_CLIENT_USE_PROXY_P(this_ptr));
smart_str_free(&soap_headers_z); smart_str_free(&soap_headers_z);
smart_str_free(&soap_headers); smart_str_free(&soap_headers);
efree(http_msg);
return FALSE; return FALSE;
} }
@ -901,12 +906,14 @@ try_again:
convert_to_null(Z_CLIENT_USE_PROXY_P(this_ptr)); convert_to_null(Z_CLIENT_USE_PROXY_P(this_ptr));
add_soap_fault(this_ptr, "HTTP", "Failed Sending HTTP SOAP request", NULL, NULL); add_soap_fault(this_ptr, "HTTP", "Failed Sending HTTP SOAP request", NULL, NULL);
smart_str_free(&soap_headers_z); smart_str_free(&soap_headers_z);
efree(http_msg);
return FALSE; return FALSE;
} }
smart_str_free(&soap_headers); smart_str_free(&soap_headers);
} else { } else {
add_soap_fault(this_ptr, "HTTP", "Failed to create stream??", NULL, NULL); add_soap_fault(this_ptr, "HTTP", "Failed to create stream??", NULL, NULL);
smart_str_free(&soap_headers_z); smart_str_free(&soap_headers_z);
efree(http_msg);
return FALSE; return FALSE;
} }
@ -915,6 +922,7 @@ try_again:
convert_to_null(Z_CLIENT_HTTPSOCKET_P(this_ptr)); convert_to_null(Z_CLIENT_HTTPSOCKET_P(this_ptr));
convert_to_null(Z_CLIENT_USE_PROXY_P(this_ptr)); convert_to_null(Z_CLIENT_USE_PROXY_P(this_ptr));
smart_str_free(&soap_headers_z); smart_str_free(&soap_headers_z);
efree(http_msg);
return TRUE; return TRUE;
} }
@ -929,6 +937,7 @@ try_again:
convert_to_null(Z_CLIENT_USE_PROXY_P(this_ptr)); convert_to_null(Z_CLIENT_USE_PROXY_P(this_ptr));
add_soap_fault(this_ptr, "HTTP", "Error Fetching http headers", NULL, NULL); add_soap_fault(this_ptr, "HTTP", "Error Fetching http headers", NULL, NULL);
smart_str_free(&soap_headers_z); smart_str_free(&soap_headers_z);
efree(http_msg);
return FALSE; return FALSE;
} }
@ -1157,6 +1166,7 @@ try_again:
if (--redirect_max < 1) { if (--redirect_max < 1) {
add_soap_fault(this_ptr, "HTTP", "Redirection limit reached, aborting", NULL, NULL); add_soap_fault(this_ptr, "HTTP", "Redirection limit reached, aborting", NULL, NULL);
smart_str_free(&soap_headers_z); smart_str_free(&soap_headers_z);
efree(http_msg);
return FALSE; return FALSE;
} }