From: Joe Watkins Date: Mon, 16 Jan 2017 04:32:27 +0000 (+0000) Subject: Fix bug #73939 memory allocation in signal handler when HAVE_STRUCT_SIGINFO_T X-Git-Tag: php-7.1.2RC1~67 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=bac4c97602d53b6f07737ce0b51f8a39857cbf76;p=php Fix bug #73939 memory allocation in signal handler when HAVE_STRUCT_SIGINFO_T --- diff --git a/ext/pcntl/pcntl.c b/ext/pcntl/pcntl.c index 07335192c6..a1ac06982d 100644 --- a/ext/pcntl/pcntl.c +++ b/ext/pcntl/pcntl.c @@ -560,11 +560,6 @@ PHP_RSHUTDOWN_FUNCTION(pcntl) while (PCNTL_G(head)) { sig = PCNTL_G(head); PCNTL_G(head) = sig->next; -#ifdef HAVE_STRUCT_SIGINFO_T - if (sig->siginfo) { - zend_array_destroy(sig->siginfo); - } -#endif efree(sig); } while (PCNTL_G(spares)) { @@ -1379,11 +1374,7 @@ static void pcntl_signal_handler(int signo) psig->next = NULL; #ifdef HAVE_STRUCT_SIGINFO_T - zval user_siginfo; - array_init(&user_siginfo); - pcntl_siginfo_to_zval(signo, siginfo, &user_siginfo); - psig->siginfo = zend_array_dup(Z_ARRVAL(user_siginfo)); - zval_ptr_dtor(&user_siginfo); + psig->siginfo = *siginfo; #endif /* the head check is important, as the tick handler cannot atomically clear both @@ -1428,14 +1419,14 @@ void pcntl_signal_dispatch() PCNTL_G(head) = NULL; /* simple stores are atomic */ /* Allocate */ - while (queue) { if ((handle = zend_hash_index_find(&PCNTL_G(php_signal_table), queue->signo)) != NULL) { if (Z_TYPE_P(handle) != IS_LONG) { ZVAL_NULL(&retval); ZVAL_LONG(¶ms[0], queue->signo); #ifdef HAVE_STRUCT_SIGINFO_T - ZVAL_ARR(¶ms[1], queue->siginfo); + array_init(¶ms[1]); + pcntl_siginfo_to_zval(queue->signo, &queue->siginfo, ¶ms[1]); #else ZVAL_NULL(¶ms[1]); #endif diff --git a/ext/pcntl/php_pcntl.h b/ext/pcntl/php_pcntl.h index 865c496050..1b13fb01c0 100644 --- a/ext/pcntl/php_pcntl.h +++ b/ext/pcntl/php_pcntl.h @@ -77,7 +77,7 @@ struct php_pcntl_pending_signal { struct php_pcntl_pending_signal *next; zend_long signo; #ifdef HAVE_STRUCT_SIGINFO_T - zend_array *siginfo; + siginfo_t siginfo; #endif };