From: Dmitry Stogov <dmitry@php.net>
Date: Thu, 23 Jun 2005 11:59:56 +0000 (+0000)
Subject: Fixed bug #28377 (debug_backtrace is intermittently passing args)
X-Git-Tag: php-5.0.5RC1~130
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=f275a211cdbf5c753b0cfe612ae9640e642bdc76;p=php

Fixed bug #28377 (debug_backtrace is intermittently passing args)
---

diff --git a/NEWS b/NEWS
index 8b13956897..faf7c7e813 100644
--- a/NEWS
+++ b/NEWS
@@ -175,6 +175,7 @@ PHP                                                                        NEWS
 - Fixed bug #28839 (SIGSEGV in interactive mode (php -a)).
   (kameshj at fastmail dot fm)
 - Fixed bug #28605 (Need to use -[m]ieee option for Alpha CPUs). (Jani)
+- Fixed bug #28377 (debug_backtrace is intermittently passing args). (Dmitry)
 - Fixed bug #27598 (list() array key assignment causes HUGE memory leak).
   (Dmitry)
 - Fixed bug #26456 (Wrong results from Reflection-API getDocComment() when
diff --git a/Zend/tests/bug28377.phpt b/Zend/tests/bug28377.phpt
new file mode 100755
index 0000000000..9d1b43472c
--- /dev/null
+++ b/Zend/tests/bug28377.phpt
@@ -0,0 +1,23 @@
+--TEST--
+Bug #28377 (debug_backtrace is intermittently passing args)
+--FILE--
+<?php
+function doit($a, $b)
+{
+  $trace = debug_backtrace();
+  custom_callback('dereferenced', $trace);
+  custom_callback('direct', debug_backtrace());
+}
+  
+function custom_callback($traceName, $btInfo)
+{
+  echo $traceName ." -- args: ";
+  echo isset($btInfo[0]['args']) ? count($btInfo[0]['args']) : 'does not exist';
+  echo "\n";
+}
+  
+doit('a','b');
+?>
+--EXPECT--
+dereferenced -- args: 2
+direct -- args: 2
diff --git a/Zend/zend_builtin_functions.c b/Zend/zend_builtin_functions.c
index 346fef10c4..929f95f9f1 100644
--- a/Zend/zend_builtin_functions.c
+++ b/Zend/zend_builtin_functions.c
@@ -1529,6 +1529,12 @@ static zval *debug_backtrace_get_args(void ***curpos TSRMLS_DC)
 		(*arg)->refcount++;
 		add_next_index_zval(arg_array, *arg);
 	}
+	
+	/* skip args from incomplete frames */
+	while ((((*curpos)-1) > EG(argument_stack).elements) && *((*curpos)-1)) {
+		(*curpos)--;
+	}
+
 	return arg_array;
 }
 
@@ -1576,6 +1582,11 @@ ZEND_FUNCTION(debug_print_backtrace)
 		args -= *(ulong*)args;
 		frames_on_stack++;
 
+		/* skip args from incomplete frames */
+		while (((args-1) > EG(argument_stack).elements) && *(args-1)) {
+			args--;
+		}
+
 		if ((args-1) == EG(argument_stack).elements) {
 			arg_stack_consistent = 1;
 			break;
@@ -1589,6 +1600,13 @@ ZEND_FUNCTION(debug_print_backtrace)
 	cur_arg_pos -= 2;
 	frames_on_stack--;
 
+	if (arg_stack_consistent) {
+		/* skip args from incomplete frames */
+		while (((cur_arg_pos-1) > EG(argument_stack).elements) && *(cur_arg_pos-1)) {
+			cur_arg_pos--;
+		}
+	}
+
 	array_init(return_value);
 
 	while (ptr) {
@@ -1724,6 +1742,11 @@ ZEND_API void zend_fetch_debug_backtrace(zval *return_value, int skip_last TSRML
 		args -= *(ulong*)args;
 		frames_on_stack++;
 
+		/* skip args from incomplete frames */
+		while (((args-1) > EG(argument_stack).elements) && *(args-1)) {
+			args--;
+		}
+
 		if ((args-1) == EG(argument_stack).elements) {
 			arg_stack_consistent = 1;
 			break;
@@ -1743,6 +1766,13 @@ ZEND_API void zend_fetch_debug_backtrace(zval *return_value, int skip_last TSRML
 		cur_arg_pos -= (arg_count + 2);
 		frames_on_stack--;
 		ptr = ptr->prev_execute_data;
+
+		if (arg_stack_consistent) {
+			/* skip args from incomplete frames */
+			while (((cur_arg_pos-1) > EG(argument_stack).elements) && *(cur_arg_pos-1)) {
+				cur_arg_pos--;
+			}
+		}
 	}
 
 	array_init(return_value);