overloaded (__get)). (Dmitry)
- Fixed bug #31358 (Older GCC versions do not provide portable va_copy()).
(Jani)
+- Fixed bug #31158 (array_splice on $GLOBALS crashes). (Dmitry)
- Fixed bug #30828 (debug_backtrace() reports incorrect class in overridden
methods). (Dmitry)
- Fixed bug #30519 (Interface not existing says Class not found). (Dmitry)
ZEND_API int zend_delete_global_variable(char *name, int name_len TSRMLS_DC);
+ZEND_API void zend_reset_all_cv(HashTable *symbol_table TSRMLS_DC);
+
#define add_method(arg, key, method) add_assoc_function((arg), (key), (method))
ZEND_API ZEND_FUNCTION(display_disabled_function);
}
}
+ZEND_API void zend_reset_all_cv(HashTable *symbol_table TSRMLS_DC)
+{
+ zend_execute_data *ex;
+ int i;
+
+ for (ex = EG(current_execute_data); ex; ex = ex->prev_execute_data) {
+ if (ex->symbol_table == symbol_table) {
+ for (i = 0; i < ex->op_array->last_var; i++) {
+ ex->CVs[i] = NULL;
+ }
+ }
+ }
+}
+
ZEND_API int zend_delete_global_variable(char *name, int name_len TSRMLS_DC)
{
zend_execute_data *ex;
hashtable and replace it with new one */
new_hash = php_splice(Z_ARRVAL_P(stack), 0, 0, &args[1], argc-1, NULL);
zend_hash_destroy(Z_ARRVAL_P(stack));
- FREE_HASHTABLE(Z_ARRVAL_P(stack));
- Z_ARRVAL_P(stack) = new_hash;
+ if (Z_ARRVAL_P(stack) == &EG(symbol_table)) {
+ zend_reset_all_cv(&EG(symbol_table) TSRMLS_CC);
+ }
+ *Z_ARRVAL_P(stack) = *new_hash;
+ FREE_HASHTABLE(new_hash);
/* Clean up and return the number of elements in the stack */
efree(args);
/* Replace input array's hashtable with the new one */
zend_hash_destroy(Z_ARRVAL_P(array));
- efree(Z_ARRVAL_P(array));
- Z_ARRVAL_P(array) = new_hash;
+ if (Z_ARRVAL_P(array) == &EG(symbol_table)) {
+ zend_reset_all_cv(&EG(symbol_table) TSRMLS_CC);
+ }
+ *Z_ARRVAL_P(array) = *new_hash;
+ FREE_HASHTABLE(new_hash);
/* Clean up */
if (argc == 4)
/* Copy the result hash into return value */
zend_hash_destroy(Z_ARRVAL_P(return_value));
- efree(Z_ARRVAL_P(return_value));
- Z_ARRVAL_P(return_value) = new_hash;
+ if (Z_ARRVAL_P(return_value) == &EG(symbol_table)) {
+ zend_reset_all_cv(&EG(symbol_table) TSRMLS_CC);
+ }
+ *Z_ARRVAL_P(return_value) = *new_hash;
+ FREE_HASHTABLE(new_hash);
/* Clean up */
efree(pads);
--- /dev/null
+--TEST--
+Bug #31158 (array_splice on $GLOBALS crashes)
+--FILE--
+<?php
+function __(){
+ $GLOBALS['a'] = "bug\n";
+ array_splice($GLOBALS,0,count($GLOBALS));
+ /* All global variables including $GLOBALS are removed */
+ echo $GLOBALS['a'];
+}
+__();
+echo "ok\n";
+?>
+--EXPECTF--
+Notice: Undefined variable: GLOBALS in %sbug31158.php on line 6
+ok
+
projects / php / commitdiff