access errors). (Jani, ric at arizona dot edu)
- Fixed bug #32608 (html_entity_decode() converts single quotes even if
ENT_NOQUOTES is given). (Ilia)
+- Fixed bug #32596 (Segfault/Memory Leak by getClass (etc) in __destruct).
+ (Dmitry)
- Fixed bug #32591 (ext/mysql: Unsatisfied symbol: ntohs with HP-UX). (Jani)
- Fixed bug #32589 (Possible crash inside imap_mail_compose, with charsets).
(Ilia)
--- /dev/null
+--TEST--
+Bug #32596 (Segfault/Memory Leak by getClass (etc) in __destruct)
+--FILE--
+<?php
+class BUG {
+ public $error = "please fix this thing, it wasted a nice part of my life!\n";
+ static function instance() {return new BUG();}
+
+ function __destruct()
+ {
+ $c=get_class($this); unset($c);
+ echo get_class($this) ."\n";
+ if(defined('DEBUG_'.__CLASS__)){}
+ $c=get_class($this); //memory leak only
+ echo $this->error;
+ }
+}
+
+
+BUG::instance()->error;
+echo "this is still executed\n";
+?>
+--EXPECT--
+BUG
+please fix this thing, it wasted a nice part of my life!
+this is still executed
+
ZEND_API void _zval_ptr_dtor(zval **zval_ptr ZEND_FILE_LINE_DC)
{
+ zval *zv = *zval_ptr;
+
#if DEBUG_ZEND>=2
printf("Reducing refcount for %x (%x): %d->%d\n", *zval_ptr, zval_ptr, (*zval_ptr)->refcount, (*zval_ptr)->refcount-1);
#endif
- (*zval_ptr)->refcount--;
- if ((*zval_ptr)->refcount==0) {
- zval_dtor(*zval_ptr);
- safe_free_zval_ptr_rel(*zval_ptr ZEND_FILE_LINE_RELAY_CC ZEND_FILE_LINE_CC);
- } else if ((*zval_ptr)->refcount == 1) {
- (*zval_ptr)->is_ref = 0;
+ zv->refcount--;
+ if (zv->refcount==0) {
+ zval_dtor(zv);
+ safe_free_zval_ptr_rel(zv ZEND_FILE_LINE_RELAY_CC ZEND_FILE_LINE_CC);
+ } else if (zv->refcount == 1) {
+ zv->is_ref = 0;
}
}
projects / php / commitdiff