From 32f611097f68425f9ffa94b01ad361cc6e952d42 Mon Sep 17 00:00:00 2001 From: Antony Dovgal Date: Wed, 22 Mar 2006 21:56:40 +0000 Subject: [PATCH] fix #36825 (Exceptions thrown in ArrayObject::offsetGet cause segfault) fix similar issue in offsetExists() remove redundant semicolons --- NEWS | 2 ++ ext/spl/spl_array.c | 28 +++++++++++++++++----------- 2 files changed, 19 insertions(+), 11 deletions(-) diff --git a/NEWS b/NEWS index 0f9d3424df..c8d47e05e4 100644 --- a/NEWS +++ b/NEWS @@ -10,6 +10,8 @@ PHP NEWS (also fixes bug #36764). (Tony) - Removed the E_STRICT deprecation notice from "var". (Ilia) - Fixed debug_zval_dump() to support private and protected members. (Dmitry) +- Fixed bug #36825 (Exceptions thrown in ArrayObject::offsetGet cause + segfault). (Tony) - Fixed bug #36820 (Privileged connection with an Oracle password file fails). (Tony) - Fixed bug #36809 (__FILE__ behavior changed). (Dmitry) diff --git a/ext/spl/spl_array.c b/ext/spl/spl_array.c index 4414e48ea1..0491fc70f4 100755 --- a/ext/spl/spl_array.c +++ b/ext/spl/spl_array.c @@ -262,7 +262,11 @@ static zval *spl_array_read_dimension_ex(int check_inherited, zval *object, zval zend_call_method_with_1_params(&object, Z_OBJCE_P(object), &intern->fptr_offset_get, "offsetGet", &rv, offset); zval_ptr_dtor(&intern->retval); MAKE_STD_ZVAL(intern->retval); - ZVAL_ZVAL(intern->retval, rv, 1, 1); + if (rv) { + ZVAL_ZVAL(intern->retval, rv, 1, 1); + } else { + ZVAL_NULL(intern->retval); + } return intern->retval; } } @@ -390,11 +394,13 @@ static int spl_array_has_dimension_ex(int check_inherited, zval *object, zval *o if (check_inherited && intern->fptr_offset_has) { zend_call_method_with_1_params(&object, Z_OBJCE_P(object), &intern->fptr_offset_has, "offsetExists", &rv, offset); - if (zend_is_true(rv)) { + if (rv && zend_is_true(rv)) { zval_ptr_dtor(&rv); return 1; } - zval_ptr_dtor(&rv); + if (rv) { + zval_ptr_dtor(&rv); + } return 0; } @@ -1207,43 +1213,43 @@ SPL_METHOD(Array, getChildren) static ZEND_BEGIN_ARG_INFO(arginfo_array___construct, 0) ZEND_ARG_INFO(0, array) -ZEND_END_ARG_INFO(); +ZEND_END_ARG_INFO() static ZEND_BEGIN_ARG_INFO_EX(arginfo_array_offsetGet, 0, 0, 1) ZEND_ARG_INFO(0, index) -ZEND_END_ARG_INFO(); +ZEND_END_ARG_INFO() static ZEND_BEGIN_ARG_INFO_EX(arginfo_array_offsetSet, 0, 0, 2) ZEND_ARG_INFO(0, index) ZEND_ARG_INFO(0, newval) -ZEND_END_ARG_INFO(); +ZEND_END_ARG_INFO() static ZEND_BEGIN_ARG_INFO(arginfo_array_append, 0) ZEND_ARG_INFO(0, value) -ZEND_END_ARG_INFO(); +ZEND_END_ARG_INFO() static ZEND_BEGIN_ARG_INFO(arginfo_array_seek, 0) ZEND_ARG_INFO(0, position) -ZEND_END_ARG_INFO(); +ZEND_END_ARG_INFO() static ZEND_BEGIN_ARG_INFO(arginfo_array_exchangeArray, 0) ZEND_ARG_INFO(0, array) -ZEND_END_ARG_INFO(); +ZEND_END_ARG_INFO() static ZEND_BEGIN_ARG_INFO(arginfo_array_setFlags, 0) ZEND_ARG_INFO(0, flags) -ZEND_END_ARG_INFO(); +ZEND_END_ARG_INFO() static ZEND_BEGIN_ARG_INFO(arginfo_array_setIteratorClass, 0) ZEND_ARG_INFO(0, iteratorClass) -ZEND_END_ARG_INFO(); +ZEND_END_ARG_INFO() static zend_function_entry spl_funcs_ArrayObject[] = { SPL_ME(Array, __construct, arginfo_array___construct, ZEND_ACC_PUBLIC) -- 2.40.0