I am fixing bug #32614: Problem, on the solaris platform fdopen() can fail
even if fd is a correct file descriptor, when fd>255 (the well-known
solaris stdio problem). The webserver of the user crashes because the
return value of fdopen() is not checked for NULL when casting a stream from
posix to stdio. After this fd==-1 and fp==NULL ==> further calls to
fread/fwrite with this fp segfault.
I committed the patches for PHP but I have no karme for "ZendEngine2". Can
someone with karma submit this patch?
According to this it would be interesting, WHEN some PHP/Zend code tries to
cast a POSIX stream to stdio? In which extension/functions? Can this be
fixed to only use posix IO? The zend engine itself should be safe since
4.3.3 and since PHP5.
Does stream casts apply if a user uses the PHP user functions fopen, fread,
fwrite? Since Saschas fix in PHP4 there this does not happen. What about PHP5?
I would try to fix this everywhere in the future.
email@example.com - http://www.php.net
NSAPI SAPI developer