. Fixed bug #76595 (phpdbg man page contains outdated information).
(Kevin Abel)
+- Standard:
+ . Fixed bug #76713 (Segmentation fault caused by property corruption).
+ (Laruence)
+
- zlib:
. Fixed bug #65988 (Zlib version check fails when an include/zlib/ style dir
is passed to the --with-zlib configure option). (Jay Bonci)
prop = Z_OBJ_HANDLER_P(data, read_property)(data, name, BP_VAR_R, NULL, rv);
if (prop) {
ZVAL_DEREF(prop);
+ if (prop != rv) {
+ Z_TRY_ADDREF_P(prop);
+ }
}
}
} else if (Z_TYPE_P(data) == IS_ARRAY) {
--- /dev/null
+--TEST--
+Bug #76713 (Segmentation fault caused by property corruption)
+--FILE--
+<?php
+
+function test($obj) {
+ return array_column(array($obj), "prop");
+}
+
+$obj = new Stdclass();
+
+$obj->prop = str_pad("a", 10, 'a');
+
+test($obj);
+test($obj);
+test($obj);
+
+var_dump($obj->prop);
+
+class C {
+ public $name;
+ public function __get($name) {
+ return $this->name;
+ }
+}
+
+$obj = new C;
+
+$obj->name = str_pad("b", 10, 'b');
+
+test($obj);
+test($obj);
+test($obj);
+
+var_dump($obj->prop);
+?>
+--EXPECT--
+string(10) "aaaaaaaaaa"
+string(10) "bbbbbbbbbb"
projects / php / commitdiff