Fix uninitialized run-time cache when resolving named param defaults

Fixes oss-fuzz #25676.
author: Nikita Popov <nikita.ppv@gmail.com> 2020-09-15 16:08:14 +0200
committer: Nikita Popov <nikita.ppv@gmail.com> 2020-09-15 16:51:56 +0200
commit: 7e61c2edd8456ff502e17e14d517da409f1e6193 (patch)
tree: fe7c117497328cd94aca5fc60d605aa9783bba08 /Zend/zend_execute.c
parent: 3c53732332c4b9d3904eec0d1c42f0d4d4bf65c6 (diff)
download: php-git-7e61c2edd8456ff502e17e14d517da409f1e6193.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/Zend/zend_execute.c b/Zend/zend_execute.c
index b54caeeccf..3c19311094 100644
--- a/Zend/zend_execute.c
+++ b/Zend/zend_execute.c
@@ -4464,6 +4464,10 @@ ZEND_API zend_result ZEND_FASTCALL zend_handle_undef_args(zend_execute_data *cal
 			if (EXPECTED(opline->opcode == ZEND_RECV_INIT)) {
 				zval *default_value = RT_CONSTANT(opline, opline->op2);
 				if (Z_OPT_TYPE_P(default_value) == IS_CONSTANT_AST) {
+					if (UNEXPECTED(!RUN_TIME_CACHE(op_array))) {
+						init_func_run_time_cache(op_array);
+					}
+
 					void *run_time_cache = RUN_TIME_CACHE(op_array);
 					zval *cache_val =
 						(zval *) ((char *) run_time_cache + Z_CACHE_SLOT_P(default_value));
author	Nikita Popov <nikita.ppv@gmail.com>	2020-09-15 16:08:14 +0200
committer	Nikita Popov <nikita.ppv@gmail.com>	2020-09-15 16:51:56 +0200
commit	7e61c2edd8456ff502e17e14d517da409f1e6193 (patch)
tree	fe7c117497328cd94aca5fc60d605aa9783bba08 /Zend/zend_execute.c
parent	3c53732332c4b9d3904eec0d1c42f0d4d4bf65c6 (diff)
download	php-git-7e61c2edd8456ff502e17e14d517da409f1e6193.tar.gz