diff --git a/NEWS b/NEWS index 8f33d57c3cf..7a8930ebec9 100644 --- a/NEWS +++ b/NEWS @@ -22,6 +22,9 @@ PHP NEWS . Fixed bug GH-16454 (Unhandled INF in date_sunset() with tiny $utcOffset). (cmb) +- DBA: + . Fixed bug GH-16390 (dba_open() can segfault for "pathless" streams). (cmb) + - DOM: . Fixed bug GH-16316 (DOMXPath breaks when not initialized properly). (nielsdos) diff --git a/ext/dba/dba.c b/ext/dba/dba.c index 0b847ed66de..9affb5aa6fc 100644 --- a/ext/dba/dba.c +++ b/ext/dba/dba.c @@ -788,10 +788,13 @@ restart: info->lock.fp = php_stream_open_wrapper(lock_name, lock_file_mode, STREAM_MUST_SEEK|REPORT_ERRORS|IGNORE_PATH|persistent_flag, &opened_path); if (info->lock.fp) { if (is_db_lock) { - ZEND_ASSERT(opened_path); - /* replace the path info with the real path of the opened file */ - zend_string_release(info->path); - info->path = php_dba_zend_string_dup_safe(opened_path, persistent); + if (opened_path) { + /* replace the path info with the real path of the opened file */ + zend_string_release_ex(info->path, persistent); + info->path = php_dba_zend_string_dup_safe(opened_path, persistent); + } else { + error = "Unable to determine path for locking"; + } } } if (opened_path) { @@ -807,10 +810,10 @@ restart: FREE_PERSISTENT_RESOURCE_KEY(); RETURN_FALSE; } - if (!php_stream_supports_lock(info->lock.fp)) { + if (!error && !php_stream_supports_lock(info->lock.fp)) { error = "Stream does not support locking"; } - if (php_stream_lock(info->lock.fp, lock_mode)) { + if (!error && php_stream_lock(info->lock.fp, lock_mode)) { error = "Unable to establish lock"; /* force failure exit */ } } diff --git a/ext/dba/tests/gh16390.phpt b/ext/dba/tests/gh16390.phpt new file mode 100644 index 00000000000..0b66e742a40 --- /dev/null +++ b/ext/dba/tests/gh16390.phpt @@ -0,0 +1,11 @@ +--TEST-- +GH-16390 (dba_open() can segfault for "pathless" streams) +--EXTENSIONS-- +dba +--FILE-- + +--EXPECTF-- +Warning: dba_open(): Driver initialization failed for handler: inifile: Unable to determine path for locking in %s on line %d