Avoid null arithmetic UB in EX_VAR_TO_NUM

author Nikita Popov <nikita.ppv@gmail.com>

Thu, 27 Feb 2020 09:29:44 +0000 (10:29 +0100)

committer Nikita Popov <nikita.ppv@gmail.com>

Thu, 27 Feb 2020 09:30:16 +0000 (10:30 +0100)
author Nikita Popov <nikita.ppv@gmail.com>
Thu, 27 Feb 2020 09:29:44 +0000 (10:29 +0100)
committer Nikita Popov <nikita.ppv@gmail.com>
Thu, 27 Feb 2020 09:30:16 +0000 (10:30 +0100)
diff --git a/Zend/zend_compile.h b/Zend/zend_compile.h

index 6c438b6902b59538413fb5d83100c45564b7993a..97ce2b9415f080a7538e9d24c4f531299b032c9a 100644 (file)
--- a/Zend/zend_compile.h
+++ b/Zend/zend_compile.h
@@ -577,7 +577,7 @@ struct _zend_execute_data {
  #define EX_VAR(n)                              ZEND_CALL_VAR(execute_data, n)
  #define EX_VAR_NUM(n)                  ZEND_CALL_VAR_NUM(execute_data, n)
  
-#define EX_VAR_TO_NUM(n)               ((uint32_t)(ZEND_CALL_VAR(NULL, n) - ZEND_CALL_VAR_NUM(NULL, 0)))
+#define EX_VAR_TO_NUM(n)               ((uint32_t)((n) / sizeof(zval) - ZEND_CALL_FRAME_SLOT))
  
  #define ZEND_OPLINE_TO_OFFSET(opline, target) \
         ((char*)(target) - (char*)(opline))
author	Nikita Popov <nikita.ppv@gmail.com>
	Thu, 27 Feb 2020 09:29:44 +0000 (10:29 +0100)
committer	Nikita Popov <nikita.ppv@gmail.com>
	Thu, 27 Feb 2020 09:30:16 +0000 (10:30 +0100)