--- /dev/null
+--TEST--
+Bug #46308 (Invalid write when changing property from inside getter)
+--FILE--
+<?php
+class main
+{
+ public static $dummy = NULL ;
+ public static $dataAccessor = NULL ;
+}
+
+class dataAccessor
+{
+}
+
+class relay
+{
+ public function __get( $name )
+ {
+ main::$dataAccessor = new dataAccessor;
+ }
+}
+
+class dummy
+{
+}
+
+main::$dummy = new dummy();
+main::$dataAccessor = new relay();
+main::$dataAccessor->bar;
+echo "ok\n";
+?>
+--EXPECT--
+ok
zend_get_property_guard(zobj, property_info, member, &guard TSRMLS_CC) == SUCCESS &&
!guard->in_get) {
/* have getter - try with it! */
+ Z_ADDREF_P(object);
guard->in_get = 1; /* prevent circular getting */
rv = zend_std_call_getter(object, member TSRMLS_CC);
guard->in_get = 0;
} else {
retval = &EG(uninitialized_zval_ptr);
}
+ zval_ptr_dtor(&object);
} else {
if (!silent) {
zend_error(E_NOTICE,"Undefined property: %v::$%R", zobj->ce->name, Z_TYPE_P(member), Z_STRVAL_P(member));
if (zobj->ce->__set &&
zend_get_property_guard(zobj, property_info, member, &guard TSRMLS_CC) == SUCCESS &&
!guard->in_set) {
+ Z_ADDREF_P(object);
guard->in_set = 1; /* prevent circular setting */
if (zend_std_call_setter(object, member, value TSRMLS_CC) != SUCCESS) {
/* for now, just ignore it - __set should take care of warnings, etc. */
}
setter_done = 1;
guard->in_set = 0;
+ zval_ptr_dtor(&object);
}
if (!setter_done && property_info) {
zval **foo;
zend_get_property_guard(zobj, property_info, member, &guard TSRMLS_CC) == SUCCESS &&
!guard->in_unset) {
/* have unseter - try with it! */
+ Z_ADDREF_P(object);
guard->in_unset = 1; /* prevent circular unsetting */
zend_std_call_unsetter(object, member TSRMLS_CC);
guard->in_unset = 0;
+ zval_ptr_dtor(&object);
}
}
zval *rv;
/* have issetter - try with it! */
+ Z_ADDREF_P(object);
guard->in_isset = 1; /* prevent circular getting */
rv = zend_std_call_issetter(object, member TSRMLS_CC);
if (rv) {
}
}
guard->in_isset = 0;
+ zval_ptr_dtor(&object);
}
} else {
switch (has_set_exists) {
projects / php / commitdiff