From: Thies C. Arntzen <thies@php.net>
Date: Sun, 14 Jan 2001 14:11:38 +0000 (+0000)
Subject: fixed readfile() fd-leak.
X-Git-Tag: php-4.0.5RC1~586
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=6b84fb1cde6d52e638d1f46c7ce60f9f711c190f;p=php

fixed readfile() fd-leak.

guys, always remember that every function that *generates output* could cause a
bailout if ignore_user_abort is set to false (and the user _aborts_ the
connection). in this case a longjump will be performed and our function (in
this case readfile) will have no chance to clean-up. having said that it's a
good idea to register all opened files using REGISTER_RESOURCE - that way the
engine will make sure they get closed on request end.
---

diff --git a/ext/standard/file.c b/ext/standard/file.c
index c8d605b41e..284f1384f1 100644
--- a/ext/standard/file.c
+++ b/ext/standard/file.c
@@ -1395,6 +1395,7 @@ PHP_FUNCTION(readfile)
 	int size=0;
 	int use_include_path=0;
 	int issock=0, socketd=0;
+	int rsrc_id;
 	
 	/* check args */
 	switch (ARG_COUNT(ht)) {
@@ -1429,14 +1430,21 @@ PHP_FUNCTION(readfile)
 		}
 		RETURN_FALSE;
 	}
-	if (php_header()) {
-		size = php_passthru_fd(socketd, fp, issock);
-	}
+
 	if (issock) {
-		SOCK_FCLOSE(socketd);
+		int *sock=emalloc(sizeof(int));
+		*sock = socketd;
+		rsrc_id = ZEND_REGISTER_RESOURCE(NULL,sock,php_file_le_socket());
 	} else {
-		fclose(fp);
+		rsrc_id = ZEND_REGISTER_RESOURCE(NULL,fp,php_file_le_fopen());
 	}
+
+	if (php_header()) {
+		size = php_passthru_fd(socketd, fp, issock);
+	}
+
+	zend_list_delete(rsrc_id);
+
 	RETURN_LONG(size);
 }