From 5e4d91582a32f73e368200037ebc2643ab71d554 Mon Sep 17 00:00:00 2001
From: Dmitry Stogov <dmitry@php.net>
Date: Wed, 4 May 2005 11:17:30 +0000
Subject: [PATCH] Fixed bug #30707 (Segmentation fault on exception in method)

---
 Zend/tests/bug30707.phpt | 29 +++++++++++++++++++++++++++++
 Zend/zend_vm_def.h       |  7 +++++++
 Zend/zend_vm_execute.h   | 14 ++++++++++++++
 3 files changed, 50 insertions(+)
 create mode 100755 Zend/tests/bug30707.phpt

diff --git a/Zend/tests/bug30707.phpt b/Zend/tests/bug30707.phpt
new file mode 100755
index 0000000000..d37d32974e
--- /dev/null
+++ b/Zend/tests/bug30707.phpt
@@ -0,0 +1,29 @@
+--TEST--
+Bug #30707 (Segmentation fault on exception in method)
+--FILE--
+<?php
+class C {
+	function byePHP($plop) {
+		echo "ok\n";
+	}
+
+	function plip() {
+		try {
+			$this->plap($this->plop());
+		}	catch(Exception $e) {
+		}
+	}
+
+	function plap($a) {	
+	}
+
+	function plop() {
+		throw new Exception;
+	}
+}
+
+$x = new C;
+$x->byePHP($x->plip());
+?>
+--EXPECT--
+ok
diff --git a/Zend/zend_vm_def.h b/Zend/zend_vm_def.h
index 8aca967119..638cec2b37 100644
--- a/Zend/zend_vm_def.h
+++ b/Zend/zend_vm_def.h
@@ -3506,6 +3506,13 @@ ZEND_VM_HANDLER(149, ZEND_HANDLE_EXCEPTION, ANY, ANY)
 		}
 	}
 
+	while (EX(fbc)) {
+		if (EX(object)) {
+			zval_ptr_dtor(&EX(object));
+		}
+		zend_ptr_stack_n_pop(&EG(arg_types_stack), 3, &EX(calling_scope), &EX(object), &EX(fbc));
+	}
+
 	if (encapsulating_block == -1) {
 		ZEND_VM_RETURN_FROM_EXECUTE_LOOP();
 	} else {
diff --git a/Zend/zend_vm_execute.h b/Zend/zend_vm_execute.h
index cdbe7596b4..13ecdab0d9 100644
--- a/Zend/zend_vm_execute.h
+++ b/Zend/zend_vm_execute.h
@@ -491,6 +491,13 @@ static int ZEND_HANDLE_EXCEPTION_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
 		}
 	}
 
+	while (EX(fbc)) {
+		if (EX(object)) {
+			zval_ptr_dtor(&EX(object));
+		}
+		zend_ptr_stack_n_pop(&EG(arg_types_stack), 3, &EX(calling_scope), &EX(object), &EX(fbc));
+	}
+
 	if (encapsulating_block == -1) {
 		ZEND_VM_RETURN_FROM_EXECUTE_LOOP();
 	} else {
@@ -32441,6 +32448,13 @@ static int ZEND_HANDLE_EXCEPTION_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
 		}
 	}
 
+	while (EX(fbc)) {
+		if (EX(object)) {
+			zval_ptr_dtor(&EX(object));
+		}
+		zend_ptr_stack_n_pop(&EG(arg_types_stack), 3, &EX(calling_scope), &EX(object), &EX(fbc));
+	}
+
 	if (encapsulating_block == -1) {
 		ZEND_VM_RETURN_FROM_EXECUTE_LOOP();
 	} else {
-- 
2.40.0