. Fixed bug #72069 (Behavior \JsonSerializable different from json_encode).
(Laruence)
+- Mbstring:
+ . Fixed bug #72164 (Null Pointer Dereference - mb_ereg_replace). (Laruence)
+
- OCI8:
. Fixed bug #71600 (oci_fetch_all segfaults when selecting more than eight
columns). (Tian Yang)
if (eval) {
zval v;
+ zend_string *eval_str;
/* null terminate buffer */
smart_str_0(&eval_buf);
+
+ if (eval_buf.s) {
+ eval_str = eval_buf.s;
+ } else {
+ eval_str = ZSTR_EMPTY_ALLOC();
+ }
+
/* do eval */
- if (zend_eval_stringl(ZSTR_VAL(eval_buf.s), ZSTR_LEN(eval_buf.s), &v, description) == FAILURE) {
+ if (zend_eval_stringl(ZSTR_VAL(eval_str), ZSTR_LEN(eval_str), &v, description) == FAILURE) {
efree(description);
- php_error_docref(NULL,E_ERROR, "Failed evaluating code: %s%s", PHP_EOL, ZSTR_VAL(eval_buf.s));
+ php_error_docref(NULL,E_ERROR, "Failed evaluating code: %s%s", PHP_EOL, ZSTR_VAL(eval_str));
/* zend_error() does not return in this case */
}
convert_to_string(&v);
smart_str_appendl(&out_buf, Z_STRVAL(v), Z_STRLEN(v));
/* Clean up */
- ZSTR_LEN(eval_buf.s) = 0;
+ smart_str_free(&eval_buf);
zval_dtor(&v);
} else if (is_callable) {
zval args[1];
!Z_ISUNDEF(retval)) {
convert_to_string_ex(&retval);
smart_str_appendl(&out_buf, Z_STRVAL(retval), Z_STRLEN(retval));
- if (eval_buf.s) {
- ZSTR_LEN(eval_buf.s) = 0;
- }
+ smart_str_free(&eval_buf);
zval_ptr_dtor(&retval);
} else {
efree(description);
--- /dev/null
+--TEST--
+Bug #72164 (Null Pointer Dereference - mb_ereg_replace)
+--SKIPIF--
+<?php extension_loaded('mbstring') or die('skip mbstring not available'); ?>
+--FILE--
+<?php
+$var0 = "e";
+$var2 = "";
+$var3 = NULL;
+$var8 = mbereg_replace($var2,$var3,$var3,$var0);
+var_dump($var8);
+?>
+--EXPECT--
+string(0) ""
projects / php / commitdiff