- Fixed bug in mysqli extension with unsigned int(11) being represented as
signed integer in PHP instead of string in 32bit systems. (Andrey)
- Fixed initializing and argument checking for posix_mknod(). (Derick)
+- Fixed bug #35229 (call_user_func() crashes when arguement_stack is nearly
+ full). (Dmitry)
- Fixed bug #35197 (Destructor is not called). (Tony)
- Fixed bug #35179 (tokenizer extension needs T_HALT_COMPILER). (Greg)
- Fixed bug #35176 (include()/require()/*_once() produce wrong error messages
params = safe_emalloc(sizeof(zval **), argc, 0);
- if (zend_get_parameters_array_ex(argc, params) == FAILURE) {
+ if (zend_get_parameters_array_ex(1, params) == FAILURE) {
efree(params);
RETURN_FALSE;
}
RETURN_NULL();
}
+ if (zend_get_parameters_array_ex(argc, params) == FAILURE) {
+ efree(params);
+ RETURN_FALSE;
+ }
+
if (call_user_function_ex(EG(function_table), NULL, *params[0], &retval_ptr, argc-1, params+1, 0, NULL TSRMLS_CC) == SUCCESS) {
if (retval_ptr) {
COPY_PZVAL_TO_ZVAL(*return_value, retval_ptr);
--- /dev/null
+--TEST--
+Bug #35229 (call_user_func() crashes when arguement_stack is nearly full)
+--FILE--
+<?php
+class test2 {
+ static function use_stack() {
+ echo "OK\n";
+ }
+}
+
+function __autoload($class)
+{
+ eval('class test1 extends test2 {}');
+
+ test1::use_stack(
+ 1,2,3,4,5,6,7,8,9,10,
+ 11,12,13,14,15,16,17,18,19,20,
+ 21,22,23,24,25,26,27,28,29,30
+ );
+}
+
+call_user_func(array('test1', 'use_stack'),
+ 1,2,3,4,5,6,7,8,9,10,
+ 11,12,13,14,15,16,17,18,19,20,
+ 21,22,23,24,25,26,27,28,29,30
+);
+?>
+--EXPECT--
+OK
+OK
projects / php / commitdiff