From: Andi Gutmans <andi@php.net>
Date: Fri, 17 Dec 2004 22:24:51 +0000 (+0000)
Subject: - Fixed Bug #30562  	Segmentation fault with __call()
X-Git-Tag: RELEASE_0_2~502
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=235e6c0afe1d7de47e914ae0183bbad1d3b56709;p=php

- Fixed Bug #30562  	Segmentation fault with __call()
---

diff --git a/Zend/zend_object_handlers.c b/Zend/zend_object_handlers.c
index 8d777a1733..46d471c68e 100644
--- a/Zend/zend_object_handlers.c
+++ b/Zend/zend_object_handlers.c
@@ -478,12 +478,11 @@ static void zend_std_unset_dimension(zval *object, zval *offset TSRMLS_DC)
 ZEND_API void zend_std_call_user_call(INTERNAL_FUNCTION_PARAMETERS)
 {
 	zend_internal_function *func = (zend_internal_function *)EG(function_state_ptr)->function;
-	zval method_name, method_args;
 	zval *method_name_ptr, *method_args_ptr;
 	zval *method_result_ptr = NULL;
 	zend_class_entry *ce = Z_OBJCE_P(this_ptr);
 	
-	method_args_ptr = &method_args;
+	ALLOC_ZVAL(method_args_ptr);
 	INIT_PZVAL(method_args_ptr);
 	array_init(method_args_ptr);
 
@@ -493,7 +492,7 @@ ZEND_API void zend_std_call_user_call(INTERNAL_FUNCTION_PARAMETERS)
 		RETURN_FALSE;
 	}
 
-	method_name_ptr = &method_name;
+	ALLOC_ZVAL(method_name_ptr);
 	INIT_PZVAL(method_name_ptr);
 	ZVAL_STRING(method_name_ptr, func->function_name, 0); /* no dup - it's a copy */
 
@@ -511,8 +510,8 @@ ZEND_API void zend_std_call_user_call(INTERNAL_FUNCTION_PARAMETERS)
 	}
 	
 	/* now destruct all auxiliaries */
-	zval_dtor(method_args_ptr);
-	zval_dtor(method_name_ptr);
+	zval_ptr_dtor(&method_args_ptr);
+	zval_ptr_dtor(&method_name_ptr);
 
 	/* destruct the function also, then - we have allocated it in get_method */
 	efree(func);