From 5a10df8c56a2db26f56040a6a61acb131cef632b Mon Sep 17 00:00:00 2001 From: Etienne Kneuss Date: Wed, 12 Mar 2008 13:35:04 +0000 Subject: [PATCH] Fix bug #41828 (Fix crash on wrong instantiation) --- ext/spl/spl_iterators.c | 9 +++++++-- ext/spl/tests/bug41828.phpt | 21 +++++++++++++++++++++ 2 files changed, 28 insertions(+), 2 deletions(-) create mode 100644 ext/spl/tests/bug41828.phpt diff --git a/ext/spl/spl_iterators.c b/ext/spl/spl_iterators.c index 76e227ad79..bb3a3584b2 100755 --- a/ext/spl/spl_iterators.c +++ b/ext/spl/spl_iterators.c @@ -702,8 +702,13 @@ static union _zend_function *spl_recursive_it_get_method(zval **object_ptr, zstr union _zend_function *function_handler; spl_recursive_it_object *object = (spl_recursive_it_object*)zend_object_store_get_object(*object_ptr TSRMLS_CC); long level = object->level; - zval *zobj = object->iterators[level].zobject; - + zval *zobj; + + if (!object->iterators) { + php_error_docref(NULL TSRMLS_CC, E_ERROR, "The %s instance wasn't initialized properly", Z_OBJCE_PP(object_ptr)->name); + } + zobj = object->iterators[level].zobject; + function_handler = std_object_handlers.get_method(object_ptr, method, method_len TSRMLS_CC); if (!function_handler) { if (zend_u_hash_find(&Z_OBJCE_P(zobj)->function_table, UG(unicode)?IS_UNICODE:IS_STRING, method, method_len+1, (void **) &function_handler) == FAILURE) { diff --git a/ext/spl/tests/bug41828.phpt b/ext/spl/tests/bug41828.phpt new file mode 100644 index 0000000000..6053e0e446 --- /dev/null +++ b/ext/spl/tests/bug41828.phpt @@ -0,0 +1,21 @@ +--TEST-- +Bug #41828 (Segfault if extended constructor of RecursiveIterator doesn't call its parent) +--FILE-- +bar(); + +?> +==DONE== + +--EXPECTF-- +Fatal error: main(): The foo instance wasn't initialized properly in %s on line %d -- 2.40.0