Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix use-of-uninitialized-value when calling php_posix_stream_get_fd #11694

Merged
merged 1 commit into from
Jul 13, 2023

Conversation

iluuu1994
Copy link
Member

@iluuu1994 iluuu1994 commented Jul 13, 2023

Passing a double pointer to php_stream_cast means the caller of php_posix_stream_get_fd will never receive the actual value. Moreover, php_posix_stream_get_fd may only write the high sizeof(php_socket_t) bytes of fd, so we need to initialize the lower bytes to 0 to avoid partial use-of-uninitialized-value.

The (void*)&fd typo tells me that the tests aren't actually testing much. 😏

Passing a double pointer to php_stream_cast means the caller of
php_posix_stream_get_fd will never receive the actual value. Moreover,
php_posix_stream_get_fd may only write the low sizeof(php_socket_t) bytes of fd,
so we need to initialize the upper bytes to 0 to avoid partial
use-of-uninitialized-value.
Copy link
Member

@Girgias Girgias left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Kind of difficult to make a test to check that something is a TTY :(

@iluuu1994 iluuu1994 merged commit 66e2aa7 into php:master Jul 13, 2023
arnaud-lb added a commit to arnaud-lb/php-src that referenced this pull request Jul 16, 2023
* up/master: (571 commits)
  Expose time spent collecting cycles in gc_status() (php#11523)
  Warn when fpm socket was not registered on the expected path
  Implement DOMElement::id
  Fix ?
  Implement DOMParentNode::replaceChildren()
  Implement DOMElement::className
  RFC: Deprecate remains of string evaluated code assertions (php#11671)
  Prevent decimal int precision loss in number_format()
  Implement DOMNode::getRootNode()
  Implement DOMElement::getAttributeNames()
  Refactor dom_node_node_name_read() to avoid double allocation
  Handle fragments consisting out of multiple children without a single root correctly
  Avoid allocations in DOMElement::getAttribute()
  Avoid string allocation in dom_get_dom1_attribute() for as long as possible
  Fix use-of-uninitialized-value when calling php_posix_stream_get_fd (php#11694)
  Reorder list construction in the function php_intpow10 (php#11683)
  proc_open: Use posix_spawn(3) interface on systems where it is profitable
  zend_gdb disable gdb detection for FreeBSD < 11.
  Fix iface const visibility variance check
  Fix missing iface class const inheritance type check
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants