There is a memory leak defect at line 2214 in /php-src/main/streams/streams.c. #15026
Comments
|
Hmm, isn't resolved_path NULL when EG(exception) is set? Otherwise how could we have an exception and a path at the same time? |
Thank you for your prompt reply! I didn't notice this issue when verifying the defect report; it should be a false alarm. |
|
No problem, thanks for the other reports btw. |
I am happy to contribute to PHP. In fact, receiving prompt responses from developers helps us improve our static analysis tool more effectively, ensuring better outcomes.Currently, our static analysis tool still has some bugs. Thank you very much for your feedback on false positives! |
|
@LuMingYinDetect Turns out this is in fact a true positive, see #15908. I'll make sure to credit you in the test file. |
This was first reported as a leak in phpGH-15026, but was mistakingly believed to be a false positive. Then an assertion was added and it got triggered in phpGH-15908. This fixes the leak. Upon merging into master the assertion should be removed as well.
Thank you for your patient response! We greatly appreciate your affirmation of our work! |
Description
A pointer variable named resolved_path is defined at line 2186 in the file /php-src/main/streams/streams.c. This variable is allocated a block of dynamic memory via the function php_resolve_path at line 2205. When the if statement at line 2213 evaluates to true, the function returns at line 2214. However, unlike at line 2224 where the dynamically allocated memory pointed to by resolved_path is freed before returning, in this case, it leads to a memory leak defect, as illustrated below:
https://github.com/LuMingYinDetect/php_defects/blob/main/php_3.png
PHP Version
PHP 8.4.0
Operating System
Ubuntu 22.04
The text was updated successfully, but these errors were encountered: