From e1437022e188747495badcfa2b86282456bc27e8 Mon Sep 17 00:00:00 2001 From: Xinchen Hui Date: Sun, 29 Jun 2014 00:29:07 +0800 Subject: [PATCH] Fixed segfault, segfault and segfault --- .../breakiterator/breakiterator_iterators.cpp | 8 +++-- ext/intl/calendar/calendar_methods.cpp | 2 -- .../calendar/gregoriancalendar_methods.cpp | 35 +++++++++++-------- ext/intl/common/common_enum.cpp | 5 +-- ext/intl/dateformat/dateformat_create.cpp | 10 +++--- ext/intl/dateformat/dateformat_parse.c | 1 + ext/intl/formatter/formatter_main.c | 7 ++-- ext/intl/formatter/formatter_parse.c | 2 ++ ext/intl/msgformat/msgformat.c | 7 ++-- .../resourcebundle/resourcebundle_class.c | 3 +- .../resourcebundle/resourcebundle_iterator.c | 4 +-- 11 files changed, 49 insertions(+), 35 deletions(-) diff --git a/ext/intl/breakiterator/breakiterator_iterators.cpp b/ext/intl/breakiterator/breakiterator_iterators.cpp index a5b7834847..0bfe6cfc2d 100644 --- a/ext/intl/breakiterator/breakiterator_iterators.cpp +++ b/ext/intl/breakiterator/breakiterator_iterators.cpp @@ -217,22 +217,26 @@ void IntlIterator_from_BreakIterator_parts(zval *break_iter_zv, ii = Z_INTL_ITERATOR_P(object); ii->iterator = (zend_object_iterator*)emalloc(sizeof(zoi_break_iter_parts)); - zend_iterator_init(ii->iterator TSRMLS_CC); + //zend_iterator_init(ii->iterator TSRMLS_CC); + ZVAL_COPY(&ii->iterator->data, break_iter_zv); ii->iterator->funcs = &breakiterator_parts_it_funcs; ii->iterator->index = 0; + ((zoi_with_current*)ii->iterator)->destroy_it = _breakiterator_parts_destroy_it; ZVAL_COPY_VALUE(&((zoi_with_current*)ii->iterator)->wrapping_obj, object); ZVAL_UNDEF(&((zoi_with_current*)ii->iterator)->current); ((zoi_break_iter_parts*)ii->iterator)->bio = Z_INTL_BREAKITERATOR_P(break_iter_zv); + assert(((zoi_break_iter_parts*)ii->iterator)->bio->biter != NULL); + ((zoi_break_iter_parts*)ii->iterator)->key_type = key_type; } U_CFUNC zend_object *IntlPartsIterator_object_create(zend_class_entry *ce TSRMLS_DC) { - zend_object* retval = IntlIterator_ce_ptr->create_object(ce TSRMLS_CC); + zend_object *retval = IntlIterator_ce_ptr->create_object(ce TSRMLS_CC); retval->handlers = &IntlPartsIterator_handlers; return retval; diff --git a/ext/intl/calendar/calendar_methods.cpp b/ext/intl/calendar/calendar_methods.cpp index 05051d07a4..02dfe5e224 100644 --- a/ext/intl/calendar/calendar_methods.cpp +++ b/ext/intl/calendar/calendar_methods.cpp @@ -1264,8 +1264,6 @@ U_CFUNC PHP_FUNCTION(intlcal_to_date_time) ts_str_len = slprintf(ts_str, sizeof(ts_str), "@%I64d", ts); ZVAL_STRINGL(&ts_zval, ts_str, ts_str_len); - //??? - efree(ts_str); /* Now get the time zone */ const TimeZone& tz = co->ucal->getTimeZone(); diff --git a/ext/intl/calendar/gregoriancalendar_methods.cpp b/ext/intl/calendar/gregoriancalendar_methods.cpp index a665e35286..e08d263723 100644 --- a/ext/intl/calendar/gregoriancalendar_methods.cpp +++ b/ext/intl/calendar/gregoriancalendar_methods.cpp @@ -53,7 +53,8 @@ static void _php_intlgregcal_constructor_body(INTERNAL_FUNCTION_PARAMETERS) zend_get_parameters_array_ex(ZEND_NUM_ARGS(), args) == FAILURE) { intl_error_set(NULL, U_ILLEGAL_ARGUMENT_ERROR, "intlgregcal_create_instance: too many arguments", 0 TSRMLS_CC); - RETURN_NULL(); + Z_OBJ_P(return_value) = NULL; + return; } for (variant = ZEND_NUM_ARGS(); variant > 0 && Z_TYPE(args[variant - 1]) == IS_NULL; @@ -62,7 +63,8 @@ static void _php_intlgregcal_constructor_body(INTERNAL_FUNCTION_PARAMETERS) intl_error_set(NULL, U_ILLEGAL_ARGUMENT_ERROR, "intlgregcal_create_instance: no variant with 4 arguments " "(excluding trailing NULLs)", 0 TSRMLS_CC); - RETURN_NULL(); + Z_OBJ_P(return_value) = NULL; + return; } // argument parsing @@ -71,7 +73,8 @@ static void _php_intlgregcal_constructor_body(INTERNAL_FUNCTION_PARAMETERS) "|z!s!", &tz_object, &locale, &locale_len) == FAILURE) { intl_error_set(NULL, U_ILLEGAL_ARGUMENT_ERROR, "intlgregcal_create_instance: bad arguments", 0 TSRMLS_CC); - RETURN_NULL(); + Z_OBJ_P(return_value) = NULL; + return; } } if (variant > 2 && zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, @@ -79,7 +82,8 @@ static void _php_intlgregcal_constructor_body(INTERNAL_FUNCTION_PARAMETERS) &largs[5]) == FAILURE) { intl_error_set(NULL, U_ILLEGAL_ARGUMENT_ERROR, "intlgregcal_create_instance: bad arguments", 0 TSRMLS_CC); - RETURN_NULL(); + Z_OBJ_P(return_value) = NULL; + return; } // instantion of ICU object @@ -90,7 +94,8 @@ static void _php_intlgregcal_constructor_body(INTERNAL_FUNCTION_PARAMETERS) TimeZone *tz = timezone_process_timezone_argument(tz_object, NULL, "intlgregcal_create_instance" TSRMLS_CC); if (tz == NULL) { - RETURN_NULL(); + Z_OBJ_P(return_value) = NULL; + return; } if (!locale) { locale = const_cast(intl_locale_get_default(TSRMLS_C)); @@ -105,7 +110,8 @@ static void _php_intlgregcal_constructor_body(INTERNAL_FUNCTION_PARAMETERS) delete gcal; } delete tz; - RETURN_NULL(); + Z_OBJ_P(return_value) = NULL; + return; } } else { // From date/time (3, 5 or 6 arguments) @@ -114,7 +120,8 @@ static void _php_intlgregcal_constructor_body(INTERNAL_FUNCTION_PARAMETERS) intl_error_set(NULL, U_ILLEGAL_ARGUMENT_ERROR, "intlgregcal_create_instance: at least one of the arguments" " has an absolute value that is too large", 0 TSRMLS_CC); - RETURN_NULL(); + Z_OBJ_P(return_value) = NULL; + return; } } @@ -135,7 +142,8 @@ static void _php_intlgregcal_constructor_body(INTERNAL_FUNCTION_PARAMETERS) if (gcal) { delete gcal; } - RETURN_NULL(); + Z_OBJ_P(return_value) = NULL; + return; } timelib_tzinfo *tzinfo = get_timezone_info(TSRMLS_C); @@ -151,7 +159,8 @@ static void _php_intlgregcal_constructor_body(INTERNAL_FUNCTION_PARAMETERS) "from PHP's default timezone name (see date_default_timezone_get())", 0 TSRMLS_CC); delete gcal; - RETURN_NULL(); + Z_OBJ_P(return_value) = NULL; + return; } TimeZone *tz = TimeZone::createTimeZone(tzstr); @@ -172,24 +181,22 @@ U_CFUNC PHP_FUNCTION(intlgregcal_create_instance) _php_intlgregcal_constructor_body(INTERNAL_FUNCTION_PARAM_PASSTHRU); - if (Z_TYPE_P(return_value) == IS_NULL) { + if (Z_TYPE_P(return_value) == IS_OBJECT && Z_OBJ_P(return_value) == NULL) { zend_object_store_ctor_failed(Z_OBJ(orig) TSRMLS_CC); - zval_dtor(&orig); } } U_CFUNC PHP_METHOD(IntlGregorianCalendar, __construct) { - zval orig_this = *getThis(); + zval orig_this = *getThis(); intl_error_reset(NULL TSRMLS_CC); return_value = getThis(); //changes this to IS_NULL (without first destroying) if there's an error _php_intlgregcal_constructor_body(INTERNAL_FUNCTION_PARAM_PASSTHRU); - if (Z_TYPE_P(return_value) == IS_NULL) { + if (Z_TYPE_P(return_value) == IS_OBJECT && Z_OBJ_P(return_value) == NULL) { zend_object_store_ctor_failed(Z_OBJ(orig_this) TSRMLS_CC); - zval_dtor(&orig_this); } } diff --git a/ext/intl/common/common_enum.cpp b/ext/intl/common/common_enum.cpp index 3436e5843f..e63e091edf 100644 --- a/ext/intl/common/common_enum.cpp +++ b/ext/intl/common/common_enum.cpp @@ -54,7 +54,6 @@ void zoi_with_current_dtor(zend_object_iterator *iter TSRMLS_DC) * not finding the memory of this iterator allocated anymore. */ iter->funcs->invalidate_current(iter TSRMLS_CC); zoiwc->destroy_it(iter TSRMLS_CC); - efree(iter); } } @@ -165,8 +164,6 @@ static void IntlIterator_objects_free(zend_object *object TSRMLS_DC) intl_error_reset(INTLITERATOR_ERROR_P(ii) TSRMLS_CC); zend_object_std_dtor(&ii->zo TSRMLS_CC); - - efree(ii); } static zend_object_iterator *IntlIterator_get_iterator( @@ -198,7 +195,7 @@ static zend_object *IntlIterator_object_create(zend_class_entry *ce TSRMLS_DC) intern = (IntlIterator_object*)ecalloc(1, sizeof(IntlIterator_object) + sizeof(zval) * (ce->default_properties_count - 1)); zend_object_std_init(&intern->zo, ce TSRMLS_CC); - object_properties_init((zend_object*) intern, ce); + object_properties_init(&intern->zo, ce); intl_error_init(INTLITERATOR_ERROR_P(intern) TSRMLS_CC); intern->iterator = NULL; diff --git a/ext/intl/dateformat/dateformat_create.cpp b/ext/intl/dateformat/dateformat_create.cpp index bdc7351f37..f678f5f54e 100644 --- a/ext/intl/dateformat/dateformat_create.cpp +++ b/ext/intl/dateformat/dateformat_create.cpp @@ -66,8 +66,8 @@ static void datefmt_ctor(INTERNAL_FUNCTION_PARAMETERS) &calendar_zv, &pattern_str, &pattern_str_len) == FAILURE) { intl_error_set( NULL, U_ILLEGAL_ARGUMENT_ERROR, "datefmt_create: " "unable to parse input parameters", 0 TSRMLS_CC); - zval_dtor(return_value); - RETURN_NULL(); + Z_OBJ_P(return_value) = NULL; + return; } INTL_CHECK_LOCALE_LEN_OBJ(locale_len, return_value); @@ -162,8 +162,7 @@ error: } if (U_FAILURE(intl_error_get_code(NULL TSRMLS_CC))) { /* free_object handles partially constructed instances fine */ - zval_dtor(return_value); - RETVAL_NULL(); + Z_OBJ_P(return_value) = NULL; } } /* }}} */ @@ -177,6 +176,9 @@ U_CFUNC PHP_FUNCTION( datefmt_create ) { object_init_ex( return_value, IntlDateFormatter_ce_ptr ); datefmt_ctor(INTERNAL_FUNCTION_PARAM_PASSTHRU); + if (Z_TYPE_P(return_value) == IS_OBJECT && Z_OBJ_P(return_value) == NULL) { + RETURN_NULL(); + } } /* }}} */ diff --git a/ext/intl/dateformat/dateformat_parse.c b/ext/intl/dateformat/dateformat_parse.c index f981afb6a8..8c8ff76b39 100644 --- a/ext/intl/dateformat/dateformat_parse.c +++ b/ext/intl/dateformat/dateformat_parse.c @@ -145,6 +145,7 @@ PHP_FUNCTION(datefmt_parse) DATE_FORMAT_METHOD_FETCH_OBJECT; if (z_parse_pos) { + ZVAL_DEREF(z_parse_pos); convert_to_long(z_parse_pos); parse_pos = (int32_t)Z_LVAL_P(z_parse_pos); if(parse_pos > text_len) { diff --git a/ext/intl/formatter/formatter_main.c b/ext/intl/formatter/formatter_main.c index e266d60808..233e0e285b 100644 --- a/ext/intl/formatter/formatter_main.c +++ b/ext/intl/formatter/formatter_main.c @@ -41,8 +41,8 @@ static void numfmt_ctor(INTERNAL_FUNCTION_PARAMETERS) { intl_error_set( NULL, U_ILLEGAL_ARGUMENT_ERROR, "numfmt_create: unable to parse input parameters", 0 TSRMLS_CC ); - zval_dtor(return_value); - RETURN_NULL(); + Z_OBJ_P(return_value) = NULL; + return; } INTL_CHECK_LOCALE_LEN_OBJ(locale_len, return_value); @@ -79,6 +79,9 @@ PHP_FUNCTION( numfmt_create ) { object_init_ex( return_value, NumberFormatter_ce_ptr ); numfmt_ctor(INTERNAL_FUNCTION_PARAM_PASSTHRU); + if (Z_TYPE_P(return_value) == IS_OBJECT && Z_OBJ_P(return_value) == NULL) { + RETURN_NULL(); + } } /* }}} */ diff --git a/ext/intl/formatter/formatter_parse.c b/ext/intl/formatter/formatter_parse.c index 7188c22d55..d5b7cdd745 100644 --- a/ext/intl/formatter/formatter_parse.c +++ b/ext/intl/formatter/formatter_parse.c @@ -67,6 +67,7 @@ PHP_FUNCTION( numfmt_parse ) INTL_METHOD_CHECK_STATUS( nfo, "String conversion to UTF-16 failed" ); if(zposition) { + ZVAL_DEREF(zposition); convert_to_long(zposition); position = (int32_t)Z_LVAL_P( zposition ); position_p = &position; @@ -152,6 +153,7 @@ PHP_FUNCTION( numfmt_parse_currency ) INTL_METHOD_CHECK_STATUS( nfo, "String conversion to UTF-16 failed" ); if(zposition) { + ZVAL_DEREF(zposition); convert_to_long(zposition); position = (int32_t)Z_LVAL_P( zposition ); position_p = &position; diff --git a/ext/intl/msgformat/msgformat.c b/ext/intl/msgformat/msgformat.c index 2a5af418e0..853907ce3d 100644 --- a/ext/intl/msgformat/msgformat.c +++ b/ext/intl/msgformat/msgformat.c @@ -44,8 +44,8 @@ static void msgfmt_ctor(INTERNAL_FUNCTION_PARAMETERS) { intl_error_set( NULL, U_ILLEGAL_ARGUMENT_ERROR, "msgfmt_create: unable to parse input parameters", 0 TSRMLS_CC ); - zval_dtor(return_value); - RETURN_NULL(); + Z_OBJ_P(return_value) == NULL; + return; } INTL_CHECK_LOCALE_LEN_OBJ(locale_len, return_value); @@ -97,6 +97,9 @@ PHP_FUNCTION( msgfmt_create ) { object_init_ex( return_value, MessageFormatter_ce_ptr ); msgfmt_ctor(INTERNAL_FUNCTION_PARAM_PASSTHRU); + if (Z_TYPE_P(return_value) == IS_OBJECT && Z_OBJ_P(return_value) == NULL) { + RETURN_NULL(); + } } /* }}} */ diff --git a/ext/intl/resourcebundle/resourcebundle_class.c b/ext/intl/resourcebundle/resourcebundle_class.c index 99e578423b..2635850a37 100644 --- a/ext/intl/resourcebundle/resourcebundle_class.c +++ b/ext/intl/resourcebundle/resourcebundle_class.c @@ -121,8 +121,7 @@ static void resourcebundle_ctor(INTERNAL_FUNCTION_PARAMETERS) rb->me, ULOC_ACTUAL_LOCALE, &INTL_DATA_ERROR_CODE(rb))); intl_errors_set_custom_msg(INTL_DATA_ERROR_P(rb), pbuf, 1 TSRMLS_CC); efree(pbuf); - zval_dtor(return_value); - RETURN_NULL(); + Z_OBJ_P(return_value) = NULL; } } /* }}} */ diff --git a/ext/intl/resourcebundle/resourcebundle_iterator.c b/ext/intl/resourcebundle/resourcebundle_iterator.c index 9cde48967a..4cefd6ce8e 100644 --- a/ext/intl/resourcebundle/resourcebundle_iterator.c +++ b/ext/intl/resourcebundle/resourcebundle_iterator.c @@ -74,9 +74,7 @@ static void resourcebundle_iterator_dtor( zend_object_iterator *iter TSRMLS_DC ) resourcebundle_iterator_invalidate( iter TSRMLS_CC ); - Z_DELREF_P(object); - - efree(iterator); + zval_ptr_dtor(object); } /* }}} */ -- 2.40.0