From 50be2c89bed61a1928cd1dd0c226fe62769344dd Mon Sep 17 00:00:00 2001
From: Dmitry Stogov <dmitry@zend.com>
Date: Wed, 13 Jan 2016 11:41:57 +0300
Subject: [PATCH] Fixed bug #71248 (Wrong interface is enforced)

---
 NEWS                     |  1 +
 Zend/tests/bug71248.phpt | 28 ++++++++++++++++++++++++++++
 Zend/zend_inheritance.c  | 15 ++++++++++++++-
 3 files changed, 43 insertions(+), 1 deletion(-)
 create mode 100644 Zend/tests/bug71248.phpt

diff --git a/NEWS b/NEWS
index 581e122271..9ce138aead 100644
--- a/NEWS
+++ b/NEWS
@@ -6,6 +6,7 @@ PHP                                                                        NEWS
   . Fix >2G Content-Length headers in apache2handler. (Adam Harvey)
 
 - Core:
+  . Fixed bug #71248 (Wrong interface is enforced). (Dmitry)
   . Fixed bug #71300 (Segfault in zend_fetch_string_offset). (Laruence)
   . Fixed bug #71221 (Null pointer deref (segfault) in get_defined_vars via
     ob_start). (hugh at allthethings dot co dot nz)
diff --git a/Zend/tests/bug71248.phpt b/Zend/tests/bug71248.phpt
new file mode 100644
index 0000000000..6be2585767
--- /dev/null
+++ b/Zend/tests/bug71248.phpt
@@ -0,0 +1,28 @@
+--TEST--
+Bug #71248 (Wrong interface is enforced)
+--FILE--
+<?php
+class Hint1 { }
+class Hint2 { }
+
+abstract class Base {
+    public function __construct(Hint1 $x) { }
+}
+
+interface Iface {
+    public function __construct(Hint1 $x);
+}
+
+class Foo extends Base implements Iface {
+}
+
+$code = <<<'PHP'
+abstract class Bar extends Base {
+    public function __construct(Hint2 $x) { }
+}
+PHP;
+eval($code);
+?>
+OK
+--EXPECT--
+OK
diff --git a/Zend/zend_inheritance.c b/Zend/zend_inheritance.c
index ac98627b10..9eb7a0b9c9 100644
--- a/Zend/zend_inheritance.c
+++ b/Zend/zend_inheritance.c
@@ -585,7 +585,20 @@ static zend_function *do_inherit_method(zend_string *key, zend_function *parent,
 	zval *child = zend_hash_find(&ce->function_table, key);
 
 	if (child) {
-		do_inheritance_check_on_method((zend_function*)Z_PTR_P(child), parent);
+		zend_function *func = (zend_function*)Z_PTR_P(child);
+		zend_function *orig_prototype = func->common.prototype;
+
+		do_inheritance_check_on_method(func, parent);
+		if (func->common.prototype != orig_prototype &&
+		    func->type == ZEND_USER_FUNCTION &&
+		    func->common.scope != ce &&
+		    !func->op_array.static_variables) {
+			/* Lazy duplication */
+			zend_function *new_function = zend_arena_alloc(&CG(arena), sizeof(zend_op_array));
+			memcpy(new_function, func, sizeof(zend_op_array));
+			Z_PTR_P(child) = new_function;
+			func->common.prototype = orig_prototype;
+		}
 		return NULL;
 	}
 
-- 
2.40.0