Don't use scope when validating Attribute

This is not safe to do at this point. Even if we made it safe, we'd see inconsistencies due to a partially compiled class. Fixes oss-fuzz #28129.
author: Nikita Popov <nikita.ppv@gmail.com> 2020-12-01 11:49:27 +0100
committer: Nikita Popov <nikita.ppv@gmail.com> 2020-12-01 11:49:27 +0100
commit: f06afc434aec631f18f8da8ffca9a6f0559e1acf (patch)
tree: be7ef8d9466a244414fdbe1ebcc0f0db9278ceba /Zend/zend_attributes.c
parent: 5dfec886d67f01c4e7ea96ef8c26792cb1210047 (diff)
download: php-git-f06afc434aec631f18f8da8ffca9a6f0559e1acf.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/Zend/zend_attributes.c b/Zend/zend_attributes.c
index 29a2f4a732..ae07802b5b 100644
--- a/Zend/zend_attributes.c
+++ b/Zend/zend_attributes.c
@@ -33,7 +33,10 @@ void validate_attribute(zend_attribute *attr, uint32_t target, zend_class_entry
 	if (attr->argc > 0) {
 		zval flags;
 
-		if (FAILURE == zend_get_attribute_value(&flags, attr, 0, scope)) {
+		/* As this is run in the middle of compilation, fetch the attribute value without
+		 * specifying a scope. The class is not fully linked yet, and we may seen an
+		 * inconsistent state. */
+		if (FAILURE == zend_get_attribute_value(&flags, attr, 0, NULL)) {
 			return;
 		}
author	Nikita Popov <nikita.ppv@gmail.com>	2020-12-01 11:49:27 +0100
committer	Nikita Popov <nikita.ppv@gmail.com>	2020-12-01 11:49:27 +0100
commit	f06afc434aec631f18f8da8ffca9a6f0559e1acf (patch)
tree	be7ef8d9466a244414fdbe1ebcc0f0db9278ceba /Zend/zend_attributes.c
parent	5dfec886d67f01c4e7ea96ef8c26792cb1210047 (diff)
download	php-git-f06afc434aec631f18f8da8ffca9a6f0559e1acf.tar.gz