]> granicus.if.org Git - php/commitdiff
projects / php / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a22b830)
Fixed SIGSEGV
authorDmitry Stogov <dmitry@php.net>
Thu, 27 Oct 2005 19:25:07 +0000 (19:25 +0000)
committerDmitry Stogov <dmitry@php.net>
Thu, 27 Oct 2005 19:25:07 +0000 (19:25 +0000)
Zend/tests/unset_cv12.phpt [new file with mode: 0755] patch | blob
Zend/zend_execute_API.c patch | blob | history
Zend/zend_vm_def.h patch | blob | history
Zend/zend_vm_execute.h patch | blob | history

diff --git a/Zend/tests/unset_cv12.phpt b/Zend/tests/unset_cv12.phpt
new file mode 100755 (executable)
index 0000000..a22b13d
--- /dev/null
+++ b/Zend/tests/unset_cv12.phpt
@@ -0,0 +1,11 @@
+--TEST--
+unset() CV 12 (unset() in indirect called function)
+--FILE--
+<?php
+$x = 1;
+function foo() {unset($GLOBALS["x"]);}
+call_user_func("foo");
+echo "ok\n";
+?>
+--EXPECT--
+ok
diff --git a/Zend/zend_execute_API.c b/Zend/zend_execute_API.c
index 6273df031f529c4853000bfe69357f0282188ba6..c2f60bf9698c89427ccdc85c8136f03a27cd02b8 100644 (file)
--- a/Zend/zend_execute_API.c
+++ b/Zend/zend_execute_API.c
@@ -1543,7 +1543,7 @@ ZEND_API void zend_reset_all_cv(HashTable *symbol_table TSRMLS_DC)
        int i;
 
        for (ex = EG(current_execute_data); ex; ex = ex->prev_execute_data) {
-               if (ex->symbol_table == symbol_table) {
+               if (ex->op_array && ex->symbol_table == symbol_table) {
                        for (i = 0; i < ex->op_array->last_var; i++) {
                                ex->CVs[i] = NULL;
                        }
@@ -1558,7 +1558,7 @@ ZEND_API int zend_u_delete_global_variable(zend_uchar type, void *name, int name
 
        if (zend_u_hash_quick_exists(&EG(symbol_table), type, name, name_len+1, hash_value)) {
                for (ex = EG(current_execute_data); ex; ex = ex->prev_execute_data) {
-                       if (ex->symbol_table == &EG(symbol_table)) {
+                       if (ex->op_array && ex->symbol_table == &EG(symbol_table)) {
                                int i;
                                for (i = 0; i < ex->op_array->last_var; i++) {
                                        if (ex->op_array->vars[i].hash_value == hash_value &&
diff --git a/Zend/zend_vm_def.h b/Zend/zend_vm_def.h
index f674880c4455612dcc128aa20a84f7b8d69e8bf3..18632037073eef851f0f83047ede7a27ccb40acc 100644 (file)
--- a/Zend/zend_vm_def.h
+++ b/Zend/zend_vm_def.h
@@ -2871,12 +2871,14 @@ ZEND_VM_HANDLER(74, ZEND_UNSET_VAR, CONST|TMP|VAR|CV, ANY)
                        do {
                                int i;
 
-                               for (i = 0; i < ex->op_array->last_var; i++) {
-                                       if (ex->op_array->vars[i].hash_value == hash_value &&
-                                           ex->op_array->vars[i].name_len == Z_UNILEN_P(varname) &&
-                                           !memcmp(ex->op_array->vars[i].name, Z_UNIVAL_P(varname), Z_TYPE_P(varname)==IS_UNICODE?UBYTES(Z_UNILEN_P(varname)):Z_UNILEN_P(varname))) {
-                                               ex->CVs[i] = NULL;
-                                               break;
+                               if (ex->op_array) {
+                                       for (i = 0; i < ex->op_array->last_var; i++) {
+                                               if (ex->op_array->vars[i].hash_value == hash_value &&
+                                                   ex->op_array->vars[i].name_len == Z_UNILEN_P(varname) &&
+                                                   !memcmp(ex->op_array->vars[i].name, Z_UNIVAL_P(varname), Z_TYPE_P(varname)==IS_UNICODE?UBYTES(Z_UNILEN_P(varname)):Z_UNILEN_P(varname))) {
+                                                       ex->CVs[i] = NULL;
+                                                       break;
+                                               }
                                        }
                                }
                  ex = ex->prev_execute_data;
@@ -2948,7 +2950,7 @@ ZEND_VM_HANDLER(75, ZEND_UNSET_DIM, VAR|UNUSED|CV, CONST|TMP|VAR|CV)
                                                        ulong hash_value = zend_u_inline_hash_func(Z_TYPE_P(offset), offset_key, offset_len+1);
 
                                                        for (ex = EXECUTE_DATA; ex; ex = ex->prev_execute_data) {
-                                                               if (ex->symbol_table == ht) {
+                                                               if (ex->op_array && ex->symbol_table == ht) {
                                                                        int i;
 
                                                                        for (i = 0; i < ex->op_array->last_var; i++) {
diff --git a/Zend/zend_vm_execute.h b/Zend/zend_vm_execute.h
index 8a811bc11626d9383a19a37dd78293fb83c74e90..5b5acdbd5fe6cc38ea599a9e856b314fa2bb86f9 100644 (file)
--- a/Zend/zend_vm_execute.h
+++ b/Zend/zend_vm_execute.h
@@ -2033,12 +2033,14 @@ static int ZEND_UNSET_VAR_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
                        do {
                                int i;
 
-                               for (i = 0; i < ex->op_array->last_var; i++) {
-                                       if (ex->op_array->vars[i].hash_value == hash_value &&
-                                           ex->op_array->vars[i].name_len == Z_UNILEN_P(varname) &&
-                                           !memcmp(ex->op_array->vars[i].name, Z_UNIVAL_P(varname), Z_TYPE_P(varname)==IS_UNICODE?UBYTES(Z_UNILEN_P(varname)):Z_UNILEN_P(varname))) {
-                                               ex->CVs[i] = NULL;
-                                               break;
+                               if (ex->op_array) {
+                                       for (i = 0; i < ex->op_array->last_var; i++) {
+                                               if (ex->op_array->vars[i].hash_value == hash_value &&
+                                                   ex->op_array->vars[i].name_len == Z_UNILEN_P(varname) &&
+                                                   !memcmp(ex->op_array->vars[i].name, Z_UNIVAL_P(varname), Z_TYPE_P(varname)==IS_UNICODE?UBYTES(Z_UNILEN_P(varname)):Z_UNILEN_P(varname))) {
+                                                       ex->CVs[i] = NULL;
+                                                       break;
+                                               }
                                        }
                                }
                  ex = ex->prev_execute_data;
@@ -4540,12 +4542,14 @@ static int ZEND_UNSET_VAR_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
                        do {
                                int i;
 
-                               for (i = 0; i < ex->op_array->last_var; i++) {
-                                       if (ex->op_array->vars[i].hash_value == hash_value &&
-                                           ex->op_array->vars[i].name_len == Z_UNILEN_P(varname) &&
-                                           !memcmp(ex->op_array->vars[i].name, Z_UNIVAL_P(varname), Z_TYPE_P(varname)==IS_UNICODE?UBYTES(Z_UNILEN_P(varname)):Z_UNILEN_P(varname))) {
-                                               ex->CVs[i] = NULL;
-                                               break;
+                               if (ex->op_array) {
+                                       for (i = 0; i < ex->op_array->last_var; i++) {
+                                               if (ex->op_array->vars[i].hash_value == hash_value &&
+                                                   ex->op_array->vars[i].name_len == Z_UNILEN_P(varname) &&
+                                                   !memcmp(ex->op_array->vars[i].name, Z_UNIVAL_P(varname), Z_TYPE_P(varname)==IS_UNICODE?UBYTES(Z_UNILEN_P(varname)):Z_UNILEN_P(varname))) {
+                                                       ex->CVs[i] = NULL;
+                                                       break;
+                                               }
                                        }
                                }
                  ex = ex->prev_execute_data;
@@ -7643,12 +7647,14 @@ static int ZEND_UNSET_VAR_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
                        do {
                                int i;
 
-                               for (i = 0; i < ex->op_array->last_var; i++) {
-                                       if (ex->op_array->vars[i].hash_value == hash_value &&
-                                           ex->op_array->vars[i].name_len == Z_UNILEN_P(varname) &&
-                                           !memcmp(ex->op_array->vars[i].name, Z_UNIVAL_P(varname), Z_TYPE_P(varname)==IS_UNICODE?UBYTES(Z_UNILEN_P(varname)):Z_UNILEN_P(varname))) {
-                                               ex->CVs[i] = NULL;
-                                               break;
+                               if (ex->op_array) {
+                                       for (i = 0; i < ex->op_array->last_var; i++) {
+                                               if (ex->op_array->vars[i].hash_value == hash_value &&
+                                                   ex->op_array->vars[i].name_len == Z_UNILEN_P(varname) &&
+                                                   !memcmp(ex->op_array->vars[i].name, Z_UNIVAL_P(varname), Z_TYPE_P(varname)==IS_UNICODE?UBYTES(Z_UNILEN_P(varname)):Z_UNILEN_P(varname))) {
+                                                       ex->CVs[i] = NULL;
+                                                       break;
+                                               }
                                        }
                                }
                  ex = ex->prev_execute_data;
@@ -9310,7 +9316,7 @@ static int ZEND_UNSET_DIM_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
                                                        ulong hash_value = zend_u_inline_hash_func(Z_TYPE_P(offset), offset_key, offset_len+1);
 
                                                        for (ex = execute_data; ex; ex = ex->prev_execute_data) {
-                                                               if (ex->symbol_table == ht) {
+                                                               if (ex->op_array && ex->symbol_table == ht) {
                                                                        int i;
 
                                                                        for (i = 0; i < ex->op_array->last_var; i++) {
@@ -10799,7 +10805,7 @@ static int ZEND_UNSET_DIM_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
                                                        ulong hash_value = zend_u_inline_hash_func(Z_TYPE_P(offset), offset_key, offset_len+1);
 
                                                        for (ex = execute_data; ex; ex = ex->prev_execute_data) {
-                                                               if (ex->symbol_table == ht) {
+                                                               if (ex->op_array && ex->symbol_table == ht) {
                                                                        int i;
 
                                                                        for (i = 0; i < ex->op_array->last_var; i++) {
@@ -12326,7 +12332,7 @@ static int ZEND_UNSET_DIM_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
                                                        ulong hash_value = zend_u_inline_hash_func(Z_TYPE_P(offset), offset_key, offset_len+1);
 
                                                        for (ex = execute_data; ex; ex = ex->prev_execute_data) {
-                                                               if (ex->symbol_table == ht) {
+                                                               if (ex->op_array && ex->symbol_table == ht) {
                                                                        int i;
 
                                                                        for (i = 0; i < ex->op_array->last_var; i++) {
@@ -14257,7 +14263,7 @@ static int ZEND_UNSET_DIM_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
                                                        ulong hash_value = zend_u_inline_hash_func(Z_TYPE_P(offset), offset_key, offset_len+1);
 
                                                        for (ex = execute_data; ex; ex = ex->prev_execute_data) {
-                                                               if (ex->symbol_table == ht) {
+                                                               if (ex->op_array && ex->symbol_table == ht) {
                                                                        int i;
 
                                                                        for (i = 0; i < ex->op_array->last_var; i++) {
@@ -15475,7 +15481,7 @@ static int ZEND_UNSET_DIM_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
                                                        ulong hash_value = zend_u_inline_hash_func(Z_TYPE_P(offset), offset_key, offset_len+1);
 
                                                        for (ex = execute_data; ex; ex = ex->prev_execute_data) {
-                                                               if (ex->symbol_table == ht) {
+                                                               if (ex->op_array && ex->symbol_table == ht) {
                                                                        int i;
 
                                                                        for (i = 0; i < ex->op_array->last_var; i++) {
@@ -16575,7 +16581,7 @@ static int ZEND_UNSET_DIM_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
                                                        ulong hash_value = zend_u_inline_hash_func(Z_TYPE_P(offset), offset_key, offset_len+1);
 
                                                        for (ex = execute_data; ex; ex = ex->prev_execute_data) {
-                                                               if (ex->symbol_table == ht) {
+                                                               if (ex->op_array && ex->symbol_table == ht) {
                                                                        int i;
 
                                                                        for (i = 0; i < ex->op_array->last_var; i++) {
@@ -17675,7 +17681,7 @@ static int ZEND_UNSET_DIM_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
                                                        ulong hash_value = zend_u_inline_hash_func(Z_TYPE_P(offset), offset_key, offset_len+1);
 
                                                        for (ex = execute_data; ex; ex = ex->prev_execute_data) {
-                                                               if (ex->symbol_table == ht) {
+                                                               if (ex->op_array && ex->symbol_table == ht) {
                                                                        int i;
 
                                                                        for (i = 0; i < ex->op_array->last_var; i++) {
@@ -19140,7 +19146,7 @@ static int ZEND_UNSET_DIM_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
                                                        ulong hash_value = zend_u_inline_hash_func(Z_TYPE_P(offset), offset_key, offset_len+1);
 
                                                        for (ex = execute_data; ex; ex = ex->prev_execute_data) {
-                                                               if (ex->symbol_table == ht) {
+                                                               if (ex->op_array && ex->symbol_table == ht) {
                                                                        int i;
 
                                                                        for (i = 0; i < ex->op_array->last_var; i++) {
@@ -20338,12 +20344,14 @@ static int ZEND_UNSET_VAR_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
                        do {
                                int i;
 
-                               for (i = 0; i < ex->op_array->last_var; i++) {
-                                       if (ex->op_array->vars[i].hash_value == hash_value &&
-                                           ex->op_array->vars[i].name_len == Z_UNILEN_P(varname) &&
-                                           !memcmp(ex->op_array->vars[i].name, Z_UNIVAL_P(varname), Z_TYPE_P(varname)==IS_UNICODE?UBYTES(Z_UNILEN_P(varname)):Z_UNILEN_P(varname))) {
-                                               ex->CVs[i] = NULL;
-                                               break;
+                               if (ex->op_array) {
+                                       for (i = 0; i < ex->op_array->last_var; i++) {
+                                               if (ex->op_array->vars[i].hash_value == hash_value &&
+                                                   ex->op_array->vars[i].name_len == Z_UNILEN_P(varname) &&
+                                                   !memcmp(ex->op_array->vars[i].name, Z_UNIVAL_P(varname), Z_TYPE_P(varname)==IS_UNICODE?UBYTES(Z_UNILEN_P(varname)):Z_UNILEN_P(varname))) {
+                                                       ex->CVs[i] = NULL;
+                                                       break;
+                                               }
                                        }
                                }
                  ex = ex->prev_execute_data;
@@ -21842,7 +21850,7 @@ static int ZEND_UNSET_DIM_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
                                                        ulong hash_value = zend_u_inline_hash_func(Z_TYPE_P(offset), offset_key, offset_len+1);
 
                                                        for (ex = execute_data; ex; ex = ex->prev_execute_data) {
-                                                               if (ex->symbol_table == ht) {
+                                                               if (ex->op_array && ex->symbol_table == ht) {
                                                                        int i;
 
                                                                        for (i = 0; i < ex->op_array->last_var; i++) {
@@ -23323,7 +23331,7 @@ static int ZEND_UNSET_DIM_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
                                                        ulong hash_value = zend_u_inline_hash_func(Z_TYPE_P(offset), offset_key, offset_len+1);
 
                                                        for (ex = execute_data; ex; ex = ex->prev_execute_data) {
-                                                               if (ex->symbol_table == ht) {
+                                                               if (ex->op_array && ex->symbol_table == ht) {
                                                                        int i;
 
                                                                        for (i = 0; i < ex->op_array->last_var; i++) {
@@ -24841,7 +24849,7 @@ static int ZEND_UNSET_DIM_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
                                                        ulong hash_value = zend_u_inline_hash_func(Z_TYPE_P(offset), offset_key, offset_len+1);
 
                                                        for (ex = execute_data; ex; ex = ex->prev_execute_data) {
-                                                               if (ex->symbol_table == ht) {
+                                                               if (ex->op_array && ex->symbol_table == ht) {
                                                                        int i;
 
                                                                        for (i = 0; i < ex->op_array->last_var; i++) {
@@ -26762,7 +26770,7 @@ static int ZEND_UNSET_DIM_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
                                                        ulong hash_value = zend_u_inline_hash_func(Z_TYPE_P(offset), offset_key, offset_len+1);
 
                                                        for (ex = execute_data; ex; ex = ex->prev_execute_data) {
-                                                               if (ex->symbol_table == ht) {
+                                                               if (ex->op_array && ex->symbol_table == ht) {
                                                                        int i;
 
                                                                        for (i = 0; i < ex->op_array->last_var; i++) {
Unnamed repository; edit this file 'description' to name the repository.