archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-15 13:38:49 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Fix GH-9361: Segmentation fault on script exit

Browse source 
Using a lot of memory may overflow some `int` calculations; to avoid
that we make sure that the operands are promoted to `size_t`.

This issue has been analyzed by @chschneider.

Closes GH-9379.
This commit is contained in:
Christoph M. Becker 2022-08-19 16:26:26 +02:00
parent 305892580e
commit bb341210f5
No known key found for this signature in database
GPG key ID: D66C9593118BCCB6
2 changed files with 3 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
NEWS
View file

@ -5,6 +5,8 @@ PHP NEWS
- Core: - Core:
. Fixed bug GH-9323 (Crash in ZEND_RETURN/GC/zend_call_function) . Fixed bug GH-9323 (Crash in ZEND_RETURN/GC/zend_call_function)
(Tim Starling) (Tim Starling)
. Fixed bug GH-9361 (Segmentation fault on script exit #9379). (cmb,
Christian Schneider)
- DOM: - DOM:
. Fixed bug #79451 (DOMDocument->replaceChild on doctype causes double free). . Fixed bug #79451 (DOMDocument->replaceChild on doctype causes double free).

2
Zend/zend_alloc_sizes.h
View file

@ -19,7 +19,7 @@
#ifndef ZEND_ALLOC_SIZES_H #ifndef ZEND_ALLOC_SIZES_H
#define ZEND_ALLOC_SIZES_H #define ZEND_ALLOC_SIZES_H
#define ZEND_MM_CHUNK_SIZE (2 * 1024 * 1024) /* 2 MB */ #define ZEND_MM_CHUNK_SIZE ((size_t) (2 * 1024 * 1024)) /* 2 MB */
#define ZEND_MM_PAGE_SIZE (4 * 1024) /* 4 KB */ #define ZEND_MM_PAGE_SIZE (4 * 1024) /* 4 KB */
#define ZEND_MM_PAGES (ZEND_MM_CHUNK_SIZE / ZEND_MM_PAGE_SIZE) /* 512 */ #define ZEND_MM_PAGES (ZEND_MM_CHUNK_SIZE / ZEND_MM_PAGE_SIZE) /* 512 */
#define ZEND_MM_FIRST_PAGE (1) #define ZEND_MM_FIRST_PAGE (1)