From 3b853c97f3e74d4bb3dbdcfe847e1441a2e9dcb5 Mon Sep 17 00:00:00 2001 From: Nikita Popov Date: Thu, 3 Sep 2020 10:29:18 +0200 Subject: [PATCH] Fixed bug #80045 Applying the obvious fix ... however, I think we may need to rething how we handle trampoline fcc for "f" zpp. It might make sense to use fcc->function_handler == NULL for that case and force it to be fetched in zend_call_function instead (it will be reset to that after the call anyway). Otherwise we will keep chasing these leaks, as it's the only instance where it's necessary to free a zpp result. --- NEWS | 2 ++ Zend/tests/bug80045.phpt | 22 ++++++++++++++++++++++ Zend/zend_builtin_functions.c | 2 ++ 3 files changed, 26 insertions(+) create mode 100644 Zend/tests/bug80045.phpt diff --git a/NEWS b/NEWS index 045e7b72f0..34a8805503 100644 --- a/NEWS +++ b/NEWS @@ -5,6 +5,8 @@ PHP NEWS - Core: . Implement #[Attr] Attribute syntax as per final vote in RFC https://wiki.php.net/rfc/shorter_attribute_syntax_change + . Fixed bug #80045 (memleak after two set_exception_handler calls with + __call). (Nikita) 03 Sep 2020, PHP 8.0.0beta3 diff --git a/Zend/tests/bug80045.phpt b/Zend/tests/bug80045.phpt new file mode 100644 index 0000000000..b53b8b0c2a --- /dev/null +++ b/Zend/tests/bug80045.phpt @@ -0,0 +1,22 @@ +--TEST-- +Bug #80045: memleak after two set_exception_handler calls with __call +--FILE-- + +===DONE=== +--EXPECT-- +===DONE=== diff --git a/Zend/zend_builtin_functions.c b/Zend/zend_builtin_functions.c index c3a2a1b63f..906f0666ed 100644 --- a/Zend/zend_builtin_functions.c +++ b/Zend/zend_builtin_functions.c @@ -1198,6 +1198,7 @@ ZEND_FUNCTION(set_error_handler) ZVAL_COPY(&EG(user_error_handler), &(fci.function_name)); EG(user_error_handler_error_reporting) = (int)error_type; + zend_release_fcall_info_cache(&fcc); } /* }}} */ @@ -1253,6 +1254,7 @@ ZEND_FUNCTION(set_exception_handler) } ZVAL_COPY(&EG(user_exception_handler), &(fci.function_name)); + zend_release_fcall_info_cache(&fcc); } /* }}} */ -- 2.50.1