- Curl:
. Fixed bug #68658 (Define CURLE_SSL_CACERT_BADFILE). (Pierrick)
+- DBA:
+ . Fixed bug #72157 (use-after-free caused by dba_open). (Shm, Laruence)
+
- JSON:
. Fixed bug #72069 (Behavior \JsonSerializable different from json_encode).
(Laruence)
/* we only take string arguments */
for (i = 0; i < ac; i++) {
- if (Z_TYPE(args[i]) != IS_STRING) {
- convert_to_string_ex(&args[i]);
- } else if (Z_REFCOUNTED(args[i])) {
- Z_ADDREF(args[i]);
- }
+ ZVAL_STR(&args[i], zval_get_string(&args[i]));
keylen += Z_STRLEN(args[i]);
}
--- /dev/null
+--TEST--
+Bug #72157 (use-after-free caused by dba_open)
+--SKIPIF--
+<?php
+ require_once(dirname(__FILE__) .'/skipif.inc');
+?>
+--FILE--
+<?php
+$var0 = fopen(__FILE__,"r");
+$var5 = dba_open(null,$var0);
+$var5 = dba_open(null,$var0);
+$var5 = dba_open(null,$var0);
+$var5 = dba_open($var0,$var0);
+?>
+--EXPECTF--
+Warning: dba_open(,Resource id #5): Illegal DBA mode in %sbug72157.php on line %d
+
+Warning: dba_open(,Resource id #5): Illegal DBA mode in %sbug72157.php on line %d
+
+Warning: dba_open(,Resource id #5): Illegal DBA mode in %sbug72157.php on line %d
+
+Warning: dba_open(Resource id #5,Resource id #5): Illegal DBA mode in %sbug72157.php on line %d
projects / php / commitdiff