From f365d0e00ed93b1c33e984ff3b4cc8677cbca193 Mon Sep 17 00:00:00 2001 From: Nikita Popov Date: Thu, 27 Jun 2019 16:52:19 +0200 Subject: Fix mysqlnd memory leak The actual leak is observed in ext/pdo_mysql/tests/bug_74376.phpt. The persistent connection leaks because a refcount decrement on a result is missed. The refcount decrement is missed because free_result_contents is used, rather than free_result. Looking at other uses of free_result_contents, it looks like they could also suffer from this problem. Apart from one case, free_result_contents is always used to release the result entirely (I've adjusted the one differing case to only free meta), so I'm moving most of the logic from free_result into free_result_contents. The only difference is now that free_result will skip_result first. --- ext/mysqlnd/mysqlnd_ps.c | 2 -- 1 file changed, 2 deletions(-) (limited to 'ext/mysqlnd/mysqlnd_ps.c') diff --git a/ext/mysqlnd/mysqlnd_ps.c b/ext/mysqlnd/mysqlnd_ps.c index 5c1896c18c..5207c1b506 100644 --- a/ext/mysqlnd/mysqlnd_ps.c +++ b/ext/mysqlnd/mysqlnd_ps.c @@ -122,7 +122,6 @@ MYSQLND_METHOD(mysqlnd_stmt, store_result)(MYSQLND_STMT * const s) } else { COPY_CLIENT_ERROR(conn->error_info, result->stored_data->error_info); stmt->result->m.free_result_contents(stmt->result); - mysqlnd_mempool_destroy(stmt->result->memory_pool); stmt->result = NULL; stmt->state = MYSQLND_STMT_PREPARED; } @@ -341,7 +340,6 @@ mysqlnd_stmt_prepare_read_eof(MYSQLND_STMT * s) if (FAIL == (ret = PACKET_READ(conn, &fields_eof))) { if (stmt->result) { stmt->result->m.free_result_contents(stmt->result); - mnd_efree(stmt->result); /* XXX: This will crash, because we will null also the methods. But seems it happens in extreme cases or doesn't. Should be fixed by exporting a function (from mysqlnd_driver.c?) to do the reset. -- cgit v1.2.1