diff options
author | Adam Harvey <aharvey@php.net> | 2015-12-03 04:32:27 +0300 |
---|---|---|
committer | michael-grunder <michael.grunder@gmail.com> | 2016-02-14 00:20:35 +0300 |
commit | c40fc1d807d35ebb3da0fc0231fcd97f37e785ed (patch) | |
tree | 71779c5a92e4ef88ffba88d002a495127030639e | |
parent | b09e07b37ceace11b0a711c9e0bfc15996f071f2 (diff) |
Fix memory leak in redis_serialize().
redis_serialize() leaks the zend_string within z_copy in the
redis_sock->serializer == REDIS_SERIALIZER_NONE case when z is not an
IS_STRING. Instead, redis_serialize() should take a copy of the string, return
that with the flag telling the caller to free the string when it's done with
it, and destroy z_copy.
-rw-r--r-- | library.c | 5 |
1 files changed, 3 insertions, 2 deletions
@@ -2019,9 +2019,10 @@ redis_serialize(RedisSock *redis_sock, zval *z, char **val, size_t *val_len /* return string */ convert_to_string(&z_copy); - *val = Z_STRVAL_P(&z_copy); + *val = estrndup(Z_STRVAL_P(&z_copy), Z_STRLEN_P(&z_copy)); *val_len = Z_STRLEN_P(&z_copy); - return 0; + zval_ptr_dtor(&z_copy); + return 1; case REDIS_SERIALIZER_PHP: |