diff options
| author | Xinchen Hui <laruence@gmail.com> | 2015-10-03 20:33:24 -0700 |
|---|---|---|
| committer | Xinchen Hui <laruence@gmail.com> | 2015-10-03 20:33:24 -0700 |
| commit | 2fb8bb1157958465a8b12c1a41015b907787c17a (patch) | |
| tree | f60ec8ea63d0774bfa0078b2baf6bd5afd712b28 | |
| parent | 6876112c89e6dc4434e64a78084ca3bb118c98bd (diff) | |
| download | php-git-2fb8bb1157958465a8b12c1a41015b907787c17a.tar.gz | |
Fixed bug #70632 (Third one of segfault in gc_remove_from_buffer)
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | Zend/zend_compile.c | 6 | ||||
| -rw-r--r-- | ext/opcache/tests/bug70632.phpt | 21 |
3 files changed, 24 insertions, 5 deletions
@@ -15,6 +15,8 @@ PHP NEWS . Fixed bug #70572 segfault in mysqlnd_connect. (Andrey, Remi) - Opcache: + . Fixed bug #70632 (Third one of segfault in gc_remove_from_buffer). + (Laruence) . Fixed bug #70631 (Another Segfault in gc_remove_from_buffer()). (Laruence) . Fixed bug #70601 (Segfault in gc_remove_from_buffer()). (Laruence) diff --git a/Zend/zend_compile.c b/Zend/zend_compile.c index 0bfb770f3f..5ff1b042c2 100644 --- a/Zend/zend_compile.c +++ b/Zend/zend_compile.c @@ -3472,10 +3472,7 @@ static char * zend_get_function_declaration(zend_function *fptr TSRMLS_DC) /* {{ if (precv && precv->opcode == ZEND_RECV_INIT && precv->op2_type != IS_UNUSED) { zval *zv, zv_copy; int use_copy; - ALLOC_ZVAL(zv); - *zv = *precv->op2.zv; - zval_copy_ctor(zv); - INIT_PZVAL(zv); + zv = precv->op2.zv; if ((Z_TYPE_P(zv) & IS_CONSTANT_TYPE_MASK) == IS_CONSTANT) { REALLOC_BUF_IF_EXCEED(buf, offset, length, Z_STRLEN_P(zv)); memcpy(offset, Z_STRVAL_P(zv), Z_STRLEN_P(zv)); @@ -3517,7 +3514,6 @@ static char * zend_get_function_declaration(zend_function *fptr TSRMLS_DC) /* {{ zval_dtor(&zv_copy); } } - zval_ptr_dtor(&zv); } } else { memcpy(offset, "NULL", 4); diff --git a/ext/opcache/tests/bug70632.phpt b/ext/opcache/tests/bug70632.phpt new file mode 100644 index 0000000000..4cdb5d84f9 --- /dev/null +++ b/ext/opcache/tests/bug70632.phpt @@ -0,0 +1,21 @@ +--TEST-- +Bug #70632 (Third one of segfault in gc_remove_from_buffer) +--INI-- +opcache.enable=1 +opcache.enable_cli=1 +opcache.protect_memory=1 +--SKIPIF-- +<?php if (!extension_loaded('Zend OPcache')) die("skip"); ?> +--FILE-- +<?php + +class A { + public function test($a = array("okey")) { + } +} + + +eval ("class B extends A { public function test() {} }"); +?> +--EXPECTF-- +Strict Standards: Declaration of B::test() should be compatible with A::test($a = Array) in %sbug70632.php(%d) : eval()'d code on line %d |