20 Aug 2015, PHP 7.0.0 RC 1
- Core:
+ . Fixed bug #70288 (Apache crash related to ZEND_SEND_REF). (Laruence)
. Fixed bug #70262 (Accessing array crashes PHP 7.0beta3).
(Laruence, Dmitry)
. Fixed bug #70258 (Segfault if do_resize fails to allocated memory).
--- /dev/null
+--TEST--
+Bug #70288 (Apache crash related to ZEND_SEND_REF)
+--FILE--
+<?php
+class A {
+ public function __get($name) {
+ return new Stdclass();
+ }
+}
+
+function test(&$obj) {
+ var_dump($obj);
+}
+$a = new A;
+test($a->dummy);
+?>
+--EXPECTF--
+object(stdClass)#%d (0) {
+}
if (Z_ISREF_P(varptr)) {
Z_ADDREF_P(varptr);
ZVAL_COPY_VALUE(arg, varptr);
- } else if (OP1_TYPE == IS_VAR &&
- UNEXPECTED(Z_TYPE_P(EX_VAR(opline->op1.var)) != IS_INDIRECT)) {
- ZVAL_NEW_REF(arg, varptr);
} else {
ZVAL_NEW_REF(arg, varptr);
Z_ADDREF_P(arg);
if (Z_ISREF_P(varptr)) {
Z_ADDREF_P(varptr);
ZVAL_COPY_VALUE(arg, varptr);
- } else if (IS_VAR == IS_VAR &&
- UNEXPECTED(Z_TYPE_P(EX_VAR(opline->op1.var)) != IS_INDIRECT)) {
- ZVAL_NEW_REF(arg, varptr);
} else {
ZVAL_NEW_REF(arg, varptr);
Z_ADDREF_P(arg);
if (Z_ISREF_P(varptr)) {
Z_ADDREF_P(varptr);
ZVAL_COPY_VALUE(arg, varptr);
- } else if (IS_CV == IS_VAR &&
- UNEXPECTED(Z_TYPE_P(EX_VAR(opline->op1.var)) != IS_INDIRECT)) {
- ZVAL_NEW_REF(arg, varptr);
} else {
ZVAL_NEW_REF(arg, varptr);
Z_ADDREF_P(arg);
projects / php / commitdiff