From 001ce475ee158cbf020755f1f65aade28caafd73 Mon Sep 17 00:00:00 2001
From: Bob Weinand <bobwei9@hotmail.com>
Date: Sun, 24 Jan 2016 19:55:16 +0100
Subject: Fixed bug #71441 (Typehinted Generator with return in try/finally
 crashes)

---
 Zend/zend_opcode.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'Zend/zend_opcode.c')

diff --git a/Zend/zend_opcode.c b/Zend/zend_opcode.c
index dee54ba14c..2cf32b9c0a 100644
--- a/Zend/zend_opcode.c
+++ b/Zend/zend_opcode.c
@@ -668,9 +668,13 @@ ZEND_API int pass_two(zend_op_array *op_array)
 			case ZEND_VERIFY_RETURN_TYPE:
 				if (op_array->fn_flags & ZEND_ACC_GENERATOR) {
 					if (opline->op1_type != IS_UNUSED) {
-						(opline + 1)->op1 = opline->op1;
-						(opline + 1)->op1_type = opline->op1_type;
+						zend_op *ret = opline;
+						do ret++; while (ret->opcode != ZEND_RETURN);
+
+						ret->op1 = opline->op1;
+						ret->op1_type = opline->op1_type;
 					}
+
 					MAKE_NOP(opline);
 				}
 				break;
-- 
cgit v1.2.1