. Fixed bug #55366: keys lost when using substr_replace an array. (Arpad)
. Fixed bug #55510: $_FILES 'name' missing first character after upload.
(Arpad)
+ . Fixed bug #55509 (segfault on x86_64 using more than 2G memory). (Laruence)
. Fixed bug #55576: Cannot conditionally move uploaded file without race
condition. (Gustavo)
. Fixed bug #55504 (Content-Type header is not parsed correctly on
--- /dev/null
+--TEST--\r
+Bug #55509 (segfault on x86_64 using more than 2G memory)\r
+--SKIPIF--\r
+<?php\r
+if (PHP_INT_SIZE == 4) {\r
+ die('skip Not for 32-bits OS');\r
+}\r
+?>\r
+--INI--\r
+memory_limit=3G\r
+--FILE--\r
+<?php\r
+$a1 = str_repeat("1", 1024 * 1024 * 1024 * 0.5);\r
+echo "1\n";\r
+$a2 = str_repeat("2", 1024 * 1024 * 1024 * 0.5);\r
+echo "2\n";\r
+$a3 = str_repeat("3", 1024 * 1024 * 1024 * 0.5);\r
+echo "3\n";\r
+$a4 = str_repeat("4", 1024 * 1024 * 1024 * 0.5);\r
+echo "4\n";\r
+$a5 = str_repeat("5", 1024 * 1024 * 1024 * 0.5);\r
+echo "5\n";\r
+$a6 = str_repeat("6", 1024 * 1024 * 1024 * 0.5);\r
+echo "6\n";\r
+?>\r
+--EXPECTF--\r
+1\r
+2\r
+3\r
+4\r
+5\r
+\r
+Fatal error: Allowed memory size of %d bytes exhausted (tried to allocate %d bytes) in %s/bug55509.php on line %d\r
#define ZEND_MM_IS_GUARD_BLOCK(b) (((b)->info._size & ZEND_MM_TYPE_MASK) == ZEND_MM_GUARD_BLOCK)
#define ZEND_MM_NEXT_BLOCK(b) ZEND_MM_BLOCK_AT(b, ZEND_MM_BLOCK_SIZE(b))
-#define ZEND_MM_PREV_BLOCK(b) ZEND_MM_BLOCK_AT(b, -(int)((b)->info._prev & ~ZEND_MM_TYPE_MASK))
+#define ZEND_MM_PREV_BLOCK(b) ZEND_MM_BLOCK_AT(b, -(ssize_t)((b)->info._prev & ~ZEND_MM_TYPE_MASK))
#define ZEND_MM_PREV_BLOCK_IS_FREE(b) (!((b)->info._prev & ZEND_MM_USED_BLOCK))
projects / php / commitdiff