]> granicus.if.org Git - php/commitdiff
projects / php / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 227c898)
Fixed bug #70852 Segfault getting NULL offset of an ArrayObject.
authorReeze Xia <reeze@php.net>
Thu, 5 Nov 2015 05:46:03 +0000 (13:46 +0800)
committerReeze Xia <reeze@php.net>
Thu, 5 Nov 2015 05:46:03 +0000 (13:46 +0800)
NEWS patch | blob | history
ext/spl/spl_array.c patch | blob | history
ext/spl/tests/bug70852.phpt [new file with mode: 0644] patch | blob

diff --git a/NEWS b/NEWS
index 1ea9e3055cb5aa8ac734ffa357abc71a961907ba..5dcb3310bc7fa5355a8038d43d301816ee271d65 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -12,6 +12,10 @@ PHP                                                                        NEWS
   . Fixed bug #69757 (Segmentation fault on nextRowset).
     (miracle at rpz dot name)
 
+- SPL:
+  . Fixed bug #70852 Segfault getting NULL offset of an ArrayObject.
+    (Reeze Xia)
+
 29 Oct 2015, PHP 5.6.15
 
 - Core:
diff --git a/ext/spl/spl_array.c b/ext/spl/spl_array.c
index 6ebbb7c0685a2b04f3c641b4d32509acd406419b..f977aa3244402c977dfa19ff396aa5f0a4b021e3 100644 (file)
--- a/ext/spl/spl_array.c
+++ b/ext/spl/spl_array.c
@@ -325,13 +325,13 @@ string_offest:
                if (zend_symtable_find(ht, key, len, (void **) &retval) == FAILURE) {
                        switch (type) {
                                case BP_VAR_R:
-                                       zend_error(E_NOTICE, "Undefined index: %s", Z_STRVAL_P(offset));
+                                       zend_error(E_NOTICE, "Undefined index: %s", key);
                                case BP_VAR_UNSET:
                                case BP_VAR_IS:
                                        retval = &EG(uninitialized_zval_ptr);
                                        break;
                                case BP_VAR_RW:
-                                       zend_error(E_NOTICE,"Undefined index: %s", Z_STRVAL_P(offset));
+                                       zend_error(E_NOTICE,"Undefined index: %s", key);
                                case BP_VAR_W: {
                                    zval *value;
                                    ALLOC_INIT_ZVAL(value);
diff --git a/ext/spl/tests/bug70852.phpt b/ext/spl/tests/bug70852.phpt
new file mode 100644 (file)
index 0000000..da7c00b
--- /dev/null
+++ b/ext/spl/tests/bug70852.phpt
@@ -0,0 +1,11 @@
+--TEST--
+Bug #70852 Segfault getting NULL offset of an ArrayObject
+--FILE--
+<?php
+$y = new ArrayObject();
+echo $y[NULL];
+?>
+===DONE===
+--EXPECTF--
+Notice: Undefined index:  in %s on line %d
+===DONE===
Unnamed repository; edit this file 'description' to name the repository.