From 5cf54f6073f9e3cfc99eca9e8a5706a08dd404a1 Mon Sep 17 00:00:00 2001
From: jhdxr <jhdxr@php.net>
Date: Sat, 8 Jul 2017 20:04:25 +0800
Subject: [PATCH] Fixed bug #74852 (property_exists returns true on unknown
 DateInterval property)

---
 NEWS                         |  4 ++++
 ext/date/php_date.c          | 10 +++++-----
 ext/date/tests/bug74852.phpt | 17 +++++++++++++++++
 3 files changed, 26 insertions(+), 5 deletions(-)
 create mode 100644 ext/date/tests/bug74852.phpt

diff --git a/NEWS b/NEWS
index 7c2bfe88f0..be13bad7a7 100644
--- a/NEWS
+++ b/NEWS
@@ -10,6 +10,10 @@ PHP                                                                        NEWS
   . Fixed bug #74761 (Unary operator expected error on some systems). (petk)
   . Fixed bug #73900 (Use After Free in unserialize() SplFixedArray). (nikic)
 
+- Date:
+  . Fixed bug #74852 (property_exists returns true on unknown DateInterval 
+    property). (jhdxr)
+
 - OCI8:
   . Fixed bug #74625 (Integer overflow in oci_bind_array_by_name). (Ingmar Runge)
 
diff --git a/ext/date/php_date.c b/ext/date/php_date.c
index 7383682543..f671f4cba0 100644
--- a/ext/date/php_date.c
+++ b/ext/date/php_date.c
@@ -1986,7 +1986,7 @@ static int date_interval_has_property(zval *object, zval *member, int type, void
 	zval *prop;
 	int retval = 0;
 
-	if (Z_TYPE_P(member) != IS_STRING) {
+	if (UNEXPECTED(Z_TYPE_P(member) != IS_STRING)) {
 		ZVAL_COPY(&tmp_member, member);
 		convert_to_string(&tmp_member);
 		member = &tmp_member;
@@ -2002,10 +2002,10 @@ static int date_interval_has_property(zval *object, zval *member, int type, void
 		}
 		return retval;
 	}
-
-	prop = date_interval_read_property(object, member, type, cache_slot, &rv);
-
-	if (prop != NULL) {
+	
+	prop = date_interval_read_property(object, member, BP_VAR_IS, cache_slot, &rv);
+	
+	if (prop != &EG(uninitialized_zval)) {
 		if (type == 2) {
 			retval = 1;
 		} else if (type == 1) {
diff --git a/ext/date/tests/bug74852.phpt b/ext/date/tests/bug74852.phpt
new file mode 100644
index 0000000000..e293bef8bf
--- /dev/null
+++ b/ext/date/tests/bug74852.phpt
@@ -0,0 +1,17 @@
+--TEST--
+Bug #74852 property_exists returns true on unknown DateInterval property
+--FILE--
+<?php
+
+$interval = new DateInterval('P2D');
+var_dump(property_exists($interval,'abcde'));
+var_dump(isset($interval->abcde));
+var_dump($interval->abcde);
+
+?>
+--EXPECTF--
+bool(false)
+bool(false)
+
+Notice: Undefined property: DateInterval::$abcde in %s on line %d
+NULL
-- 
2.50.0