Check dual_it validity in CallbackFilterIterator::accept()

Avoid accessing intern->u.cbfilter null pointer, though it's
harmless here.

diff --git a/ext/spl/spl_iterators.c b/ext/spl/spl_iterators.c
index cee2b7b39f5427e66911353f2c24b0b6490393ab..311cc880b1b805bc51c6289afc235a03f00c3d97 100644 (file)
--- a/ext/spl/spl_iterators.c
+++ b/ext/spl/spl_iterators.c
@@ -1767,23 +1767,25 @@ PHP_METHOD(RegexIterator, __construct)
 /* {{{ Calls the callback with the current value, the current key and the inner iterator as arguments */
 PHP_METHOD(CallbackFilterIterator, accept)
 {
-       spl_dual_it_object     *intern = Z_SPLDUAL_IT_P(ZEND_THIS);
-       zend_fcall_info        *fci = &intern->u.cbfilter->fci;
-       zend_fcall_info_cache  *fcc = &intern->u.cbfilter->fcc;
-       zval                    params[3];
+       spl_dual_it_object *intern = Z_SPLDUAL_IT_P(ZEND_THIS);
 
        if (zend_parse_parameters_none() == FAILURE) {
                RETURN_THROWS();
        }
 
+       SPL_FETCH_AND_CHECK_DUAL_IT(intern, ZEND_THIS);
+
        if (Z_TYPE(intern->current.data) == IS_UNDEF || Z_TYPE(intern->current.key) == IS_UNDEF) {
                RETURN_FALSE;
        }
 
+       zval params[3];
        ZVAL_COPY_VALUE(&params[0], &intern->current.data);
        ZVAL_COPY_VALUE(&params[1], &intern->current.key);
        ZVAL_COPY_VALUE(&params[2], &intern->inner.zobject);
 
+       zend_fcall_info *fci = &intern->u.cbfilter->fci;
+       zend_fcall_info_cache *fcc = &intern->u.cbfilter->fcc;
        fci->retval = return_value;
        fci->param_count = 3;
        fci->params = params;
@@ -1791,10 +1793,6 @@ PHP_METHOD(CallbackFilterIterator, accept)
        if (zend_call_function(fci, fcc) != SUCCESS || Z_ISUNDEF_P(return_value)) {
                RETURN_FALSE;
        }
-
-       if (EG(exception)) {
-               RETURN_THROWS();
-       }
 }
 /* }}} */