]> granicus.if.org Git - php/commit
projects / php / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cd2afd9) | patch
Fix infinite loop on string offset during by-ref list assign
authorNikita Popov <nikita.ppv@gmail.com>
Wed, 2 Sep 2020 08:13:42 +0000 (10:13 +0200)
committerNikita Popov <nikita.ppv@gmail.com>
Wed, 2 Sep 2020 08:16:05 +0000 (10:16 +0200)
commita07c1f56aac1c0f6c8334760009b678cbf9d6138
tree4ec12d59ded0eda808f43ec4d5911d51efd447c0tree | snapshot
parentcd2afd99b1faa58c35a3807081e531cce0cd2311commit | diff
Fix infinite loop on string offset during by-ref list assign

There is a deeper underlying issue here, in that the opcodes violate
VM write-fetch safety, but let's fix the infinite loop first.

This fixes oss-fuzz #25352.
Zend/tests/list_assign_ref_string_offset_error.phpt [new file with mode: 0644] blob
Zend/zend_execute.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.