-
Type:
Bug
-
Resolution: Fixed
-
Priority:
Major - P3
-
Affects Version/s: None
-
Component/s: None
If php_phongo_read_preference_prep_tagsets converts any arrays to objects, those objects may leak if the calling method encounters an exception and returns abruptly without freeing the converted object(s). This can be demonstrated by running readpreference-set_state_error-001.phpt with Valgrind, as the converted tag set ultimately leaks because the finalized ReadPreference is invalid (mixing mode:primary with tag sets).
$ TEST_PHP_ARGS=-m make test TESTS=tests/readPreference/readpreference-set_state_error-001.phpt ==11266== 40 bytes in 1 blocks are definitely lost in loss record 12 of 30 ==11266== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==11266== by 0x6A627D: __zend_malloc (zend_alloc.c:2976) ==11266== by 0x6A51D5: _malloc_custom (zend_alloc.c:2417) ==11266== by 0x6A5303: _emalloc (zend_alloc.c:2536) ==11266== by 0x7310CC: zend_objects_new (zend_objects.c:196) ==11266== by 0x6D0ECA: convert_to_object (zend_operators.c:688) ==11266== by 0xEEB4B9B: php_phongo_read_preference_prep_tagsets (php_phongo.c:1256) ==11266== by 0xEEDAC50: php_phongo_readpreference_init_from_hash (ReadPreference.c:69) ==11266== by 0xEEDB7C3: zim_ReadPreference___set_state (ReadPreference.c:326) ==11266== by 0x754922: ZEND_DO_FCALL_SPEC_RETVAL_UNUSED_HANDLER (zend_vm_execute.h:1618) ==11266== by 0x7B99FF: execute_ex (zend_vm_execute.h:53817) ==11266== by 0x7BDAF3: zend_execute (zend_vm_execute.h:57913) ==11266==
This is not just an issue with __set_state. Additional regression tests should be possible by triggering an exception in the ReadPreference constructor after tagSets is prepared. Additionally, Manager may also leak if an exception occurs after preparing the readPreferenceTags key in the URI options array. That may be possible if merge_context_options orĀ phongo_manager_init throws.