From 66fd52939beed9f2ed367cc380f35fc13af4e66d Mon Sep 17 00:00:00 2001 From: Bob Weinand Date: Sat, 25 Jul 2015 19:50:31 +0200 Subject: Just always copy the buffer, that makes it much safer At least compared to conditionally using the mmap()ped input --- sapi/phpdbg/phpdbg_list.c | 22 +++++----------------- 1 file changed, 5 insertions(+), 17 deletions(-) (limited to 'sapi/phpdbg/phpdbg_list.c') diff --git a/sapi/phpdbg/phpdbg_list.c b/sapi/phpdbg/phpdbg_list.c index 3559517c3e..e577333837 100644 --- a/sapi/phpdbg/phpdbg_list.c +++ b/sapi/phpdbg/phpdbg_list.c @@ -240,24 +240,16 @@ zend_op_array *phpdbg_compile_file(zend_file_handle *file, int type) { char *bufptr, *endptr; char resolved_path_buf[MAXPATHLEN]; - if (zend_stream_fixup(file, &data.buf, &data.len) == FAILURE) { + if (zend_stream_fixup(file, &bufptr, &data.len) == FAILURE) { return NULL; } + data.buf = emalloc(data.len + 1); + memcpy(data.buf, bufptr, data.len); + data.buf[data.len] = 0; data.filename = filename; data.line[0] = 0; - if (file->handle.stream.mmap.old_closer) { - /* do not unmap */ - file->handle.stream.closer = file->handle.stream.mmap.old_closer; - } - -#if HAVE_MMAP - if (file->type == ZEND_HANDLE_MAPPED) { - data.map = file->handle.stream.handle; - } -#endif - fake.type = ZEND_HANDLE_MAPPED; fake.handle.stream.mmap.buf = data.buf; fake.handle.stream.mmap.len = data.len; @@ -282,6 +274,7 @@ zend_op_array *phpdbg_compile_file(zend_file_handle *file, int type) { ret = PHPDBG_G(compile_file)(&fake, type); if (ret == NULL) { + efree(data.buf); efree(dataptr); return NULL; } @@ -333,11 +326,6 @@ zend_op_array *phpdbg_init_compile_file(zend_file_handle *file, int type) { void phpdbg_free_file_source(zval *zv) { phpdbg_file_source *data = Z_PTR_P(zv); -#if HAVE_MMAP - if (data->map) { - php_stream_mmap_unmap(data->map); - } else -#endif if (data->buf) { efree(data->buf); } -- cgit v1.2.1