Open
Description
Description
The following code:
<?php
$cls = new SoapVar();
$client = new SoapClient(__DIR__.'/multiport.wsdl',
array('trace' => true, 'exceptions' => false));
$response = $client->GetSessionId(array('userId'=>'user', 'password'=>'password'));
echo $client->__getLastRequest();
$server = new SoapServer(null,array('uri'=>"http://testuri.org"));
$server->addfunction("Add");
$server->handle($HTTP_RAW_POST_DATA);
var_dump(get_defined_vars());
try {array_unique($response,$response);} catch (Exception $e) { echo($e); }
try {array_unique($HTTP_RAW_POST_DATA,$HTTP_RAW_POST_DATA);} catch (Exception $e) { echo($e); }
try {array_unique($client,$client);} catch (Exception $e) { echo($e); }
try {array_unique($response,$server);} catch (Exception $e) { echo($e); }
try {$cls->__construct($fusion,$client,$HTTP_RAW_POST_DATA,$server,$client,$fusion);} catch (Exception $e) { echo($e); }
try {$cls->__construct($response,$server,$response,$fusion,$y,$server);} catch (Exception $e) { echo($e); }
try {$cls->__construct($x,$server,$HTTP_RAW_POST_DATA,$fusion,$y,$HTTP_RAW_POST_DATA);} catch (Exception $e) { echo($e); }
try {$cls->__construct($y,$fusion,$client,$y,$server,$x);} catch (Exception $e) { echo($e); }
try {$cls->__construct($fusion,$response,$HTTP_RAW_POST_DATA,$client,$y,$fusion);} catch (Exception $e) { echo($e); }
try {$cls->__construct($HTTP_RAW_POST_DATA,$client,$server,$y,$y,$x);} catch (Exception $e) { echo($e); }
try {$cls->__construct($fusion,$x,$response,$HTTP_RAW_POST_DATA,$HTTP_RAW_POST_DATA,$y);} catch (Exception $e) { echo($e); }
try {$cls->__construct($client,$fusion,$fusion,$x,$client,$response);} catch (Exception $e) { echo($e); }
try {$cls->__construct($response,$fusion,$x,$HTTP_RAW_POST_DATA,$y,$client);} catch (Exception $e) { echo($e); }
try {$cls->__construct($response,$y,$response,$x,$y,$x);} catch (Exception $e) { echo($e); }Resulted in this output:
PHP Fatal error: Allowed memory size of 2097152 bytes exhausted at ext/opcache/jit/ir/dynasm/dasm_x86.h:176 (tried to allocate 131104 bytes) in Unknown on line 0
Stack trace:
#0 {main}
/home/phpfuzz/WorkSpace/flowfusion/php-src/Zend/zend_virtual_cwd.c:1446:2: runtime error: null pointer passed as argument 2, which is declared to never be null
/usr/include/string.h:44:28: note: nonnull attribute specified here
#0 0x5887d6d in virtual_open /home/phpfuzz/WorkSpace/flowfusion/php-src/Zend/zend_virtual_cwd.c:1446:2
#1 0x409f0d9 in php_log_err_with_severity /home/phpfuzz/WorkSpace/flowfusion/php-src/main/main.c:899:8
#2 0x40b62d8 in php_error_cb /home/phpfuzz/WorkSpace/flowfusion/php-src/main/main.c:1408:4
#3 0x2c29a34 in soap_error_handler /home/phpfuzz/WorkSpace/flowfusion/php-src/ext/soap/soap.c:1938:3
#4 0x58bf2d0 in zend_error_zstr_at /home/phpfuzz/WorkSpace/flowfusion/php-src/Zend/zend.c:1504:3
#5 0x58c5e31 in zend_error_va_list /home/phpfuzz/WorkSpace/flowfusion/php-src/Zend/zend.c:1606:2
#6 0x58c6135 in zend_error /home/phpfuzz/WorkSpace/flowfusion/php-src/Zend/zend.c:1676:2
#7 0x582aa2d in zend_signal_deactivate /home/phpfuzz/WorkSpace/flowfusion/php-src/Zend/zend_signal.c:343:4
#8 0x40af651 in php_request_shutdown /home/phpfuzz/WorkSpace/flowfusion/php-src/main/main.c:2007:2
#9 0x58e6841 in do_cli /home/phpfuzz/WorkSpace/flowfusion/php-src/sapi/cli/php_cli.c:1159:3
#10 0x58db81f in main /home/phpfuzz/WorkSpace/flowfusion/php-src/sapi/cli/php_cli.c:1363:18
#11 0x7fe85c5f7d8f in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
#12 0x7fe85c5f7e3f in __libc_start_main csu/../csu/libc-start.c:392:3
#13 0x606194 in _start (/home/phpfuzz/WorkSpace/flowfusion/php-src/sapi/cli/php+0x606194)
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /home/phpfuzz/WorkSpace/flowfusion/php-src/Zend/zend_virtual_cwd.c:1446:2 in
To reproduce:
./php-src/sapi/cli/php -d "log_errors=1" -d "memory_limit=2M" -d "zend_extension=/home/phpfuzz/WorkSpace/flowfusion/php-src/modules/opcache.so" -d "error_log=" -d "opcache.enable_cli=1" -d "opcache.jit=1205" ./test.php
Commit:
7361a1206d28810800d9ecf191d11b08dce7d03f
Configurations:
CC="clang-12" CXX="clang++-12" CFLAGS="-DZEND_VERIFY_TYPE_INFERENCE" CXXFLAGS="-DZEND_VERIFY_TYPE_INFERENCE" ./configure --enable-debug --enable-address-sanitizer --enable-undefined-sanitizer --enable-re2c-cgoto --enable-fpm --enable-litespeed --enable-phpdbg-debug --enable-zts --enable-bcmath --enable-calendar --enable-dba --enable-dl-test --enable-exif --enable-ftp --enable-gd --enable-gd-jis-conv --enable-mbstring --enable-pcntl --enable-shmop --enable-soap --enable-sockets --enable-sysvmsg --enable-zend-test --with-zlib --with-bz2 --with-curl --with-enchant --with-gettext --with-gmp --with-mhash --with-ldap --with-libedit --with-readline --with-snmp --with-sodium --with-xsl --with-zip --with-mysqli --with-pdo-mysql --with-pdo-pgsql --with-pgsql --with-sqlite3 --with-pdo-sqlite --with-webp --with-jpeg --with-freetype --enable-sigchild --with-readline --with-pcre-jit --with-iconv
Operating System:
Ubuntu 20.04 Host, Docker 0599jiangyc/flowfusion:latest
This report is automatically generated by FlowFusion
PHP Version
7361a1206d28810800d9ecf191d11b08dce7d03f
Operating System
No response