diff options
-rw-r--r-- | Zend/zend.c | 2 | ||||
-rw-r--r-- | Zend/zend.h | 2 | ||||
-rw-r--r-- | ext/fileinfo/libmagic.patch | 46 | ||||
-rw-r--r-- | ext/fileinfo/libmagic/cdf.c | 8 | ||||
-rw-r--r-- | ext/opcache/Optimizer/escape_analysis.c | 1 | ||||
-rw-r--r-- | ext/readline/readline_cli.c | 22 | ||||
-rw-r--r-- | ext/soap/php_schema.c | 7 | ||||
-rw-r--r-- | sapi/phpdbg/phpdbg.c | 5 | ||||
-rw-r--r-- | sapi/phpdbg/phpdbg_frame.c | 15 | ||||
-rw-r--r-- | sapi/phpdbg/phpdbg_info.c | 8 | ||||
-rw-r--r-- | sapi/phpdbg/phpdbg_out.c | 4 | ||||
-rw-r--r-- | sapi/phpdbg/phpdbg_prompt.c | 47 | ||||
-rw-r--r-- | sapi/phpdbg/phpdbg_utils.c | 2 | ||||
-rw-r--r-- | sapi/phpdbg/phpdbg_wait.c | 4 | ||||
-rw-r--r-- | sapi/phpdbg/phpdbg_watch.c | 1 |
15 files changed, 106 insertions, 68 deletions
diff --git a/Zend/zend.c b/Zend/zend.c index 3334481961..fceaae62e4 100644 --- a/Zend/zend.c +++ b/Zend/zend.c @@ -1097,7 +1097,7 @@ ZEND_COLD void zenderror(const char *error) /* {{{ */ /* }}} */ BEGIN_EXTERN_C() -ZEND_API ZEND_COLD void _zend_bailout(const char *filename, uint32_t lineno) /* {{{ */ +ZEND_API ZEND_COLD ZEND_NORETURN void _zend_bailout(const char *filename, uint32_t lineno) /* {{{ */ { if (!EG(bailout)) { diff --git a/Zend/zend.h b/Zend/zend.h index 600db9204f..a2b76291da 100644 --- a/Zend/zend.h +++ b/Zend/zend.h @@ -232,7 +232,7 @@ void zend_register_standard_ini_entries(void); int zend_post_startup(void); void zend_set_utility_values(zend_utility_values *utility_values); -ZEND_API ZEND_COLD void _zend_bailout(const char *filename, uint32_t lineno); +ZEND_API ZEND_COLD ZEND_NORETURN void _zend_bailout(const char *filename, uint32_t lineno); ZEND_API size_t zend_vspprintf(char **pbuf, size_t max_len, const char *format, va_list ap); ZEND_API size_t zend_spprintf(char **message, size_t max_len, const char *format, ...) ZEND_ATTRIBUTE_FORMAT(printf, 3, 4); diff --git a/ext/fileinfo/libmagic.patch b/ext/fileinfo/libmagic.patch index 4619a8f840..6aa369bd05 100644 --- a/ext/fileinfo/libmagic.patch +++ b/ext/fileinfo/libmagic.patch @@ -1,6 +1,6 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c --- libmagic.orig/apprentice.c 2018-03-11 01:46:42.000000000 +0100 -+++ libmagic/apprentice.c 2019-04-11 15:17:54.486688613 +0200 ++++ libmagic/apprentice.c 2019-04-12 10:04:15.721646341 +0200 @@ -2,7 +2,7 @@ * Copyright (c) Ian F. Darwin 1986-1995. * Software written by Ian F. Darwin and others; @@ -1400,7 +1400,7 @@ diff -u libmagic.orig/buffer.c libmagic/buffer.c diff -u libmagic.orig/cdf.c libmagic/cdf.c --- libmagic.orig/cdf.c 2018-03-11 01:46:42.000000000 +0100 -+++ libmagic/cdf.c 2019-03-08 09:31:16.392796494 +0100 ++++ libmagic/cdf.c 2019-04-12 12:02:54.279893504 +0200 @@ -43,7 +43,17 @@ #include <err.h> #endif @@ -1469,7 +1469,19 @@ diff -u libmagic.orig/cdf.c libmagic/cdf.c scn->sst_tab = NULL; return -1; } -@@ -336,12 +318,13 @@ +@@ -311,9 +293,11 @@ + static size_t + cdf_check_stream(const cdf_stream_t *sst, const cdf_header_t *h) + { ++#ifndef NDEBUG + size_t ss = sst->sst_dirlen < h->h_min_size_standard_stream ? + CDF_SHORT_SEC_SIZE(h) : CDF_SEC_SIZE(h); + assert(ss == sst->sst_ss); ++#endif + return sst->sst_ss; + } + +@@ -336,12 +320,13 @@ } static ssize_t @@ -1485,7 +1497,7 @@ diff -u libmagic.orig/cdf.c libmagic/cdf.c if (info->i_buf != NULL && info->i_len >= siz) { (void)memcpy(buf, &info->i_buf[off], len); -@@ -351,7 +334,10 @@ +@@ -351,7 +336,10 @@ if (info->i_fd == -1) goto out; @@ -1497,7 +1509,7 @@ diff -u libmagic.orig/cdf.c libmagic/cdf.c return -1; return (ssize_t)len; -@@ -366,7 +352,7 @@ +@@ -366,7 +354,7 @@ char buf[512]; (void)memcpy(cdf_bo.s, "\01\02\03\04", 4); @@ -1506,15 +1518,29 @@ diff -u libmagic.orig/cdf.c libmagic/cdf.c return -1; cdf_unpack_header(h, buf); cdf_swap_header(h); -@@ -400,7 +386,7 @@ - size_t ss = CDF_SEC_SIZE(h); +@@ -397,19 +385,17 @@ + cdf_read_sector(const cdf_info_t *info, void *buf, size_t offs, size_t len, + const cdf_header_t *h, cdf_secid_t id) + { +- size_t ss = CDF_SEC_SIZE(h); size_t pos = CDF_SEC_POS(h, id); - assert(ss == len); +- assert(ss == len); - return cdf_read(info, (off_t)pos, ((char *)buf) + offs, len); ++ assert(CDF_SEC_SIZE(h) == len); + return cdf_read(info, (zend_off_t)pos, ((char *)buf) + offs, len); } ssize_t + cdf_read_short_sector(const cdf_stream_t *sst, void *buf, size_t offs, + size_t len, const cdf_header_t *h, cdf_secid_t id) + { +- size_t ss = CDF_SHORT_SEC_SIZE(h); + size_t pos = CDF_SHORT_SEC_POS(h, id); +- assert(ss == len); ++ assert(CDF_SHORT_SEC_SIZE(h) == len); + if (pos + len > CDF_SEC_SIZE(h) * sst->sst_len) { + DPRINTF(("Out of bounds read %" SIZE_T_FORMAT "u > %" + SIZE_T_FORMAT "u\n", @@ -501,14 +487,14 @@ } out: @@ -1731,7 +1757,7 @@ diff -u libmagic.orig/cdf_time.c libmagic/cdf_time.c (void)snprintf(buf, 26, "*Bad* %#16.16" INT64_T_FORMAT "x\n", diff -u libmagic.orig/compress.c libmagic/compress.c --- libmagic.orig/compress.c 2017-11-02 21:25:39.000000000 +0100 -+++ libmagic/compress.c 2019-04-11 15:16:47.060067956 +0200 ++++ libmagic/compress.c 2019-04-12 10:04:15.721646341 +0200 @@ -2,7 +2,7 @@ * Copyright (c) Ian F. Darwin 1986-1995. * Software written by Ian F. Darwin and others; @@ -3212,7 +3238,7 @@ diff -u libmagic.orig/funcs.c libmagic/funcs.c diff -u libmagic.orig/magic.c libmagic/magic.c --- libmagic.orig/magic.c 2017-08-28 15:39:18.000000000 +0200 -+++ libmagic/magic.c 2019-04-11 15:19:30.857295866 +0200 ++++ libmagic/magic.c 2019-04-12 10:04:15.721646341 +0200 @@ -25,11 +25,6 @@ * SUCH DAMAGE. */ diff --git a/ext/fileinfo/libmagic/cdf.c b/ext/fileinfo/libmagic/cdf.c index 050bf637bf..ac70e5bac1 100644 --- a/ext/fileinfo/libmagic/cdf.c +++ b/ext/fileinfo/libmagic/cdf.c @@ -293,9 +293,11 @@ cdf_zero_stream(cdf_stream_t *scn) static size_t cdf_check_stream(const cdf_stream_t *sst, const cdf_header_t *h) { +#ifndef NDEBUG size_t ss = sst->sst_dirlen < h->h_min_size_standard_stream ? CDF_SHORT_SEC_SIZE(h) : CDF_SEC_SIZE(h); assert(ss == sst->sst_ss); +#endif return sst->sst_ss; } @@ -383,9 +385,8 @@ ssize_t cdf_read_sector(const cdf_info_t *info, void *buf, size_t offs, size_t len, const cdf_header_t *h, cdf_secid_t id) { - size_t ss = CDF_SEC_SIZE(h); size_t pos = CDF_SEC_POS(h, id); - assert(ss == len); + assert(CDF_SEC_SIZE(h) == len); return cdf_read(info, (zend_off_t)pos, ((char *)buf) + offs, len); } @@ -393,9 +394,8 @@ ssize_t cdf_read_short_sector(const cdf_stream_t *sst, void *buf, size_t offs, size_t len, const cdf_header_t *h, cdf_secid_t id) { - size_t ss = CDF_SHORT_SEC_SIZE(h); size_t pos = CDF_SHORT_SEC_POS(h, id); - assert(ss == len); + assert(CDF_SHORT_SEC_SIZE(h) == len); if (pos + len > CDF_SEC_SIZE(h) * sst->sst_len) { DPRINTF(("Out of bounds read %" SIZE_T_FORMAT "u > %" SIZE_T_FORMAT "u\n", diff --git a/ext/opcache/Optimizer/escape_analysis.c b/ext/opcache/Optimizer/escape_analysis.c index e350cf734d..1607c696f7 100644 --- a/ext/opcache/Optimizer/escape_analysis.c +++ b/ext/opcache/Optimizer/escape_analysis.c @@ -535,7 +535,6 @@ int zend_ssa_escape_analysis(const zend_script *script, zend_op_array *op_array, if (ssa_vars[root].escape_state == ESCAPE_STATE_GLOBAL_ESCAPE) { num_non_escaped--; if (num_non_escaped == 0) { - i = ssa_vars_count; changed = 0; } else { changed = 1; diff --git a/ext/readline/readline_cli.c b/ext/readline/readline_cli.c index 1629ed012e..956386c532 100644 --- a/ext/readline/readline_cli.c +++ b/ext/readline/readline_cli.c @@ -210,7 +210,7 @@ static int cli_is_valid_code(char *code, size_t len, zend_string **prompt) /* {{ int brace_count = 0; size_t i; php_code_type code_type = body; - char *heredoc_tag; + char *heredoc_tag = NULL; size_t heredoc_len; for (i = 0; i < len; ++i) { @@ -282,6 +282,7 @@ static int cli_is_valid_code(char *code, size_t len, zend_string **prompt) /* {{ if (i + 2 < len && code[i+1] == '<' && code[i+2] == '<') { i += 2; code_type = heredoc_start; + heredoc_tag = NULL; heredoc_len = 0; } break; @@ -333,10 +334,15 @@ static int cli_is_valid_code(char *code, size_t len, zend_string **prompt) /* {{ break; case '\r': case '\n': - code_type = heredoc; + if (heredoc_tag) { + code_type = heredoc; + } else { + /* Malformed heredoc without label */ + code_type = body; + } break; default: - if (!heredoc_len) { + if (!heredoc_tag) { heredoc_tag = code+i; } heredoc_len++; @@ -344,6 +350,7 @@ static int cli_is_valid_code(char *code, size_t len, zend_string **prompt) /* {{ } break; case heredoc: + ZEND_ASSERT(heredoc_tag); if (code[i - (heredoc_len + 1)] == '\n' && !strncmp(code + i - heredoc_len, heredoc_tag, heredoc_len) && code[i] == '\n') { code_type = body; } else if (code[i - (heredoc_len + 2)] == '\n' && !strncmp(code + i - heredoc_len - 1, heredoc_tag, heredoc_len) && code[i-1] == ';' && code[i] == '\n') { @@ -514,13 +521,12 @@ TODO: retval = cli_completion_generator_ini(text, textlen, &cli_completion_state); } else { char *lc_text, *class_name_end; - size_t class_name_len; - zend_string *class_name; + zend_string *class_name = NULL; zend_class_entry *ce = NULL; class_name_end = strstr(text, "::"); if (class_name_end) { - class_name_len = class_name_end - text; + size_t class_name_len = class_name_end - text; class_name = zend_string_alloc(class_name_len, 0); zend_str_tolower_copy(ZSTR_VAL(class_name), text, class_name_len); if ((ce = zend_lookup_class(class_name)) == NULL) { @@ -554,11 +560,11 @@ TODO: break; } efree(lc_text); - if (class_name_end) { + if (class_name) { zend_string_release_ex(class_name, 0); } if (ce && retval) { - size_t len = class_name_len + 2 + strlen(retval) + 1; + size_t len = ZSTR_LEN(ce->name) + 2 + strlen(retval) + 1; char *tmp = malloc(len); snprintf(tmp, len, "%s::%s", ZSTR_VAL(ce->name), retval); diff --git a/ext/soap/php_schema.c b/ext/soap/php_schema.c index bb0f93a69a..33793704ad 100644 --- a/ext/soap/php_schema.c +++ b/ext/soap/php_schema.c @@ -458,7 +458,7 @@ static int schema_list(sdlPtr sdl, xmlAttrPtr tns, xmlNodePtr listType, sdlTypeP { char buf[MAX_LENGTH_OF_LONG + 1]; char *res = zend_print_long_to_buf(buf + sizeof(buf) - 1, zend_hash_num_elements(sdl->types)); - char *str = emalloc(sizeof("anonymous") + buf + sizeof(buf) - 1 - res); + char *str = emalloc(sizeof("anonymous")-1 + (buf + sizeof(buf) - res)); memcpy(str, "anonymous", sizeof("anonymous")-1); memcpy(str + sizeof("anonymous")-1, res, buf + sizeof(buf) - res); @@ -555,7 +555,7 @@ static int schema_union(sdlPtr sdl, xmlAttrPtr tns, xmlNodePtr unionType, sdlTyp { char buf[MAX_LENGTH_OF_LONG + 1]; char *res = zend_print_long_to_buf(buf + sizeof(buf) - 1, zend_hash_num_elements(sdl->types)); - char *str = emalloc(sizeof("anonymous") + buf + sizeof(buf) - 1 - res); + char *str = emalloc(sizeof("anonymous")-1 + (buf + sizeof(buf) - res)); memcpy(str, "anonymous", sizeof("anonymous")-1); memcpy(str + sizeof("anonymous")-1, res, buf + sizeof(buf) - res); @@ -1799,6 +1799,7 @@ static int schema_attribute(sdlPtr sdl, xmlAttrPtr tns, xmlNodePtr attrType, sdl smart_str_free(&key); } else{ soap_error0(E_ERROR, "Parsing Schema: attribute has no 'name' nor 'ref' attributes"); + return FALSE; /* the above call is noreturn, but not marked as such */ } /* type = QName */ @@ -1927,7 +1928,7 @@ static int schema_attribute(sdlPtr sdl, xmlAttrPtr tns, xmlNodePtr attrType, sdl { char buf[MAX_LENGTH_OF_LONG + 1]; char *res = zend_print_long_to_buf(buf + sizeof(buf) - 1, zend_hash_num_elements(sdl->types)); - char *str = emalloc(sizeof("anonymous") + buf + sizeof(buf) - 1 - res); + char *str = emalloc(sizeof("anonymous")-1 + (buf + sizeof(buf) - res)); memcpy(str, "anonymous", sizeof("anonymous")-1); memcpy(str + sizeof("anonymous")-1, res, buf + sizeof(buf) - res); diff --git a/sapi/phpdbg/phpdbg.c b/sapi/phpdbg/phpdbg.c index 51c6cde122..b9149287ba 100644 --- a/sapi/phpdbg/phpdbg.c +++ b/sapi/phpdbg/phpdbg.c @@ -671,11 +671,11 @@ static PHP_FUNCTION(phpdbg_end_oplog) { zend_string *last_file = NULL; - HashTable *file_ht; + HashTable *file_ht = NULL; zend_string *last_function = (void *)~(uintptr_t)0; zend_class_entry *last_scope = NULL; - HashTable *insert_ht; + HashTable *insert_ht = NULL; zend_long insert_idx; do { @@ -717,6 +717,7 @@ static PHP_FUNCTION(phpdbg_end_oplog) insert_idx = cur->op->lineno; } + ZEND_ASSERT(insert_ht && file_ht); { zval *num = zend_hash_index_find(insert_ht, insert_idx); if (!num) { diff --git a/sapi/phpdbg/phpdbg_frame.c b/sapi/phpdbg/phpdbg_frame.c index fb7acc20ce..912089ea23 100644 --- a/sapi/phpdbg/phpdbg_frame.c +++ b/sapi/phpdbg/phpdbg_frame.c @@ -171,7 +171,7 @@ void phpdbg_switch_frame(int frame) /* {{{ */ static void phpdbg_dump_prototype(zval *tmp) /* {{{ */ { - zval *funcname, *class, class_zv, *type, *args, *argstmp; + zval *funcname, *class, class_zv, *args, *argstmp; funcname = zend_hash_str_find(Z_ARRVAL_P(tmp), ZEND_STRL("function")); @@ -183,21 +183,22 @@ static void phpdbg_dump_prototype(zval *tmp) /* {{{ */ } if (class) { - type = zend_hash_str_find(Z_ARRVAL_P(tmp), ZEND_STRL("type")); + zval *type = zend_hash_str_find(Z_ARRVAL_P(tmp), ZEND_STRL("type")); + + phpdbg_xml(" symbol=\"%s%s%s\"", Z_STRVAL_P(class), Z_STRVAL_P(type), Z_STRVAL_P(funcname)); + phpdbg_out("%s%s%s(", Z_STRVAL_P(class), Z_STRVAL_P(type), Z_STRVAL_P(funcname)); + } else { + phpdbg_xml(" symbol=\"%s\"", Z_STRVAL_P(funcname)); + phpdbg_out("%s(", Z_STRVAL_P(funcname)); } args = zend_hash_str_find(Z_ARRVAL_P(tmp), ZEND_STRL("args")); - - phpdbg_xml(" symbol=\"%s%s%s\"", class ? Z_STRVAL_P(class) : "", class ? Z_STRVAL_P(type) : "", Z_STRVAL_P(funcname)); - if (args) { phpdbg_xml(">"); } else { phpdbg_xml(" />"); } - phpdbg_out("%s%s%s(", class ? Z_STRVAL_P(class) : "", class ? Z_STRVAL_P(type) : "", Z_STRVAL_P(funcname)); - if (args) { const zend_function *func = NULL; const zend_arg_info *arginfo = NULL; diff --git a/sapi/phpdbg/phpdbg_info.c b/sapi/phpdbg/phpdbg_info.c index 167ada399a..bcec3361fc 100644 --- a/sapi/phpdbg/phpdbg_info.c +++ b/sapi/phpdbg/phpdbg_info.c @@ -343,11 +343,11 @@ PHPDBG_INFO(literal) /* {{{ */ PHPDBG_INFO(memory) /* {{{ */ { size_t used, real, peak_used, peak_real; - zend_mm_heap *heap; + zend_mm_heap *orig_heap = NULL; zend_bool is_mm; if (PHPDBG_G(flags) & PHPDBG_IN_SIGNAL_HANDLER) { - heap = zend_mm_set_heap(phpdbg_original_heap_sigsafe_mem()); + orig_heap = zend_mm_set_heap(phpdbg_original_heap_sigsafe_mem()); } if ((is_mm = is_zend_mm())) { used = zend_memory_usage(0); @@ -355,8 +355,8 @@ PHPDBG_INFO(memory) /* {{{ */ peak_used = zend_memory_peak_usage(0); peak_real = zend_memory_peak_usage(1); } - if (PHPDBG_G(flags) & PHPDBG_IN_SIGNAL_HANDLER) { - zend_mm_set_heap(heap); + if (orig_heap) { + zend_mm_set_heap(orig_heap); } if (is_mm) { diff --git a/sapi/phpdbg/phpdbg_out.c b/sapi/phpdbg/phpdbg_out.c index 95f27b3c6f..88981e5c6f 100644 --- a/sapi/phpdbg/phpdbg_out.c +++ b/sapi/phpdbg/phpdbg_out.c @@ -1030,9 +1030,8 @@ static int phpdbg_process_print(int fd, int type, const char *tag, const char *m } else { phpdbg_mixed_write(fd, msg, msglen); } - return msglen; } - break; + return msglen; /* no formatting on logging output */ case P_LOG: @@ -1046,6 +1045,7 @@ static int phpdbg_process_print(int fd, int type, const char *tag, const char *m } } break; + EMPTY_SWITCH_DEFAULT_CASE() } if (PHPDBG_G(flags) & PHPDBG_WRITE_XML) { diff --git a/sapi/phpdbg/phpdbg_prompt.c b/sapi/phpdbg/phpdbg_prompt.c index 4b20732286..d8a31184d3 100644 --- a/sapi/phpdbg/phpdbg_prompt.c +++ b/sapi/phpdbg/phpdbg_prompt.c @@ -1687,33 +1687,33 @@ int phpdbg_interactive(zend_bool allow_async_unsafe, char *input) /* {{{ */ return ret; } /* }}} */ +static inline void list_code() { + if (!(PHPDBG_G(flags) & PHPDBG_IN_EVAL)) { + const char *file_char = zend_get_executed_filename(); + zend_string *file = zend_string_init(file_char, strlen(file_char), 0); + phpdbg_list_file(file, 3, zend_get_executed_lineno()-1, zend_get_executed_lineno()); + efree(file); + } +} + /* code may behave weirdly if EG(exception) is set; thus backup it */ #define DO_INTERACTIVE(allow_async_unsafe) do { \ - const zend_op *backup_opline; \ - const zend_op *before_ex; \ if (exception) { \ + const zend_op *before_ex = EG(opline_before_exception); \ + const zend_op *backup_opline = NULL; \ if (EG(current_execute_data) && EG(current_execute_data)->func && ZEND_USER_CODE(EG(current_execute_data)->func->common.type)) { \ backup_opline = EG(current_execute_data)->opline; \ } \ - before_ex = EG(opline_before_exception); \ GC_ADDREF(exception); \ zend_clear_exception(); \ - } \ - if (!(PHPDBG_G(flags) & PHPDBG_IN_EVAL)) { \ - const char *file_char = zend_get_executed_filename(); \ - zend_string *file = zend_string_init(file_char, strlen(file_char), 0); \ - phpdbg_list_file(file, 3, zend_get_executed_lineno()-1, zend_get_executed_lineno()); \ - efree(file); \ - } \ - \ - switch (phpdbg_interactive(allow_async_unsafe, NULL)) { \ - zval zv; \ - case PHPDBG_LEAVE: \ - case PHPDBG_FINISH: \ - case PHPDBG_UNTIL: \ - case PHPDBG_NEXT: \ - if (exception) { \ - if (EG(current_execute_data) && EG(current_execute_data)->func && ZEND_USER_CODE(EG(current_execute_data)->func->common.type) \ + list_code(); \ + switch (phpdbg_interactive(allow_async_unsafe, NULL)) { \ + zval zv; \ + case PHPDBG_LEAVE: \ + case PHPDBG_FINISH: \ + case PHPDBG_UNTIL: \ + case PHPDBG_NEXT: \ + if (backup_opline \ && (backup_opline->opcode == ZEND_HANDLE_EXCEPTION || backup_opline->opcode == ZEND_CATCH)) { \ EG(current_execute_data)->opline = backup_opline; \ EG(exception) = exception; \ @@ -1722,11 +1722,12 @@ int phpdbg_interactive(zend_bool allow_async_unsafe, char *input) /* {{{ */ zend_throw_exception_internal(&zv); \ } \ EG(opline_before_exception) = before_ex; \ - } \ - /* fallthrough */ \ - default: \ - goto next; \ + } \ + } else { \ + list_code(); \ + phpdbg_interactive(allow_async_unsafe, NULL); \ } \ + goto next; \ } while (0) void phpdbg_execute_ex(zend_execute_data *execute_data) /* {{{ */ diff --git a/sapi/phpdbg/phpdbg_utils.c b/sapi/phpdbg/phpdbg_utils.c index c40349f2a0..38e3d38377 100644 --- a/sapi/phpdbg/phpdbg_utils.c +++ b/sapi/phpdbg/phpdbg_utils.c @@ -430,7 +430,7 @@ PHPDBG_API int phpdbg_parse_variable(char *input, size_t len, HashTable *parent, PHPDBG_API int phpdbg_parse_variable_with_arg(char *input, size_t len, HashTable *parent, size_t i, phpdbg_parse_var_with_arg_func callback, phpdbg_parse_var_with_arg_func step_cb, zend_bool silent, void *arg) { int ret = FAILURE; zend_bool new_index = 1; - char *last_index; + char *last_index = NULL; size_t index_len = 0; zval *zv; diff --git a/sapi/phpdbg/phpdbg_wait.c b/sapi/phpdbg/phpdbg_wait.c index de0ecbe59f..738b4669f2 100644 --- a/sapi/phpdbg/phpdbg_wait.c +++ b/sapi/phpdbg/phpdbg_wait.c @@ -243,7 +243,7 @@ void phpdbg_webdata_decompress(char *msg, int len) { zend_extension *extension; zend_llist_position pos; zval *name = NULL; - zend_string *strkey; + zend_string *strkey = NULL; extension = (zend_extension *) zend_llist_get_first_ex(&zend_extensions, &pos); while (extension) { @@ -257,6 +257,7 @@ void phpdbg_webdata_decompress(char *msg, int len) { break; } name = NULL; + strkey = NULL; } ZEND_HASH_FOREACH_END(); if (name) { @@ -283,6 +284,7 @@ void phpdbg_webdata_decompress(char *msg, int len) { pefree(elm, zend_extensions.persistent); zend_extensions.count--; } else { + ZEND_ASSERT(strkey); zend_hash_del(Z_ARRVAL_P(zvp), strkey); } } diff --git a/sapi/phpdbg/phpdbg_watch.c b/sapi/phpdbg/phpdbg_watch.c index e137f14158..d9f9f8673f 100644 --- a/sapi/phpdbg/phpdbg_watch.c +++ b/sapi/phpdbg/phpdbg_watch.c @@ -1021,6 +1021,7 @@ void phpdbg_check_watchpoint(phpdbg_watchpoint_t *watch) { break; } ZEND_HASH_FOREACH_END(); + ZEND_ASSERT(element); /* elements must be non-empty */ new = zend_symtable_find(element->parent_container, element->name_in_parent); if (!new) { |