From 73288bbea498351a3123bb60d1ebafe477bd12a3 Mon Sep 17 00:00:00 2001
From: Xinchen Hui <laruence@php.net>
Date: Fri, 30 Jan 2015 13:12:58 +0800
Subject: [PATCH] Fixed bug #68937 (Segfault in curl_multi_exec)

---
 ext/curl/interface.c         |  8 ++++++--
 ext/curl/tests/bug68937.phpt | 32 ++++++++++++++++++++++++++++++++
 2 files changed, 38 insertions(+), 2 deletions(-)
 create mode 100644 ext/curl/tests/bug68937.phpt

diff --git a/ext/curl/interface.c b/ext/curl/interface.c
index 043e14fdab..dc9071f352 100644
--- a/ext/curl/interface.c
+++ b/ext/curl/interface.c
@@ -1486,8 +1486,12 @@ static size_t curl_read(char *data, size_t size, size_t nmemb, void *ctx)
 
 			ZVAL_RES(&argv[0], ch->res);
 			Z_ADDREF(argv[0]);
-			ZVAL_RES(&argv[1], t->res);
-			Z_ADDREF(argv[1]);
+			if (t->res) {
+				ZVAL_RES(&argv[1], t->res);
+				Z_ADDREF(argv[1]);
+			} else {
+				ZVAL_NULL(&argv[1]);
+			}
 			ZVAL_LONG(&argv[2], (int)size * nmemb);
 
 			fci.size = sizeof(fci);
diff --git a/ext/curl/tests/bug68937.phpt b/ext/curl/tests/bug68937.phpt
new file mode 100644
index 0000000000..a661ec01ce
--- /dev/null
+++ b/ext/curl/tests/bug68937.phpt
@@ -0,0 +1,32 @@
+--TEST--
+Bug # #68937 (Segfault in curl_multi_exec)
+--SKIPIF--
+<?php 
+if (getenv("SKIP_ONLINE_TESTS")) die("skip online test");
+include 'skipif.inc';
+?>
+--FILE--
+<?php
+
+$ch = curl_init('http://www.google.com/');
+curl_setopt_array($ch, array(
+	CURLOPT_HEADER => false,
+	CURLOPT_RETURNTRANSFER => true,
+	CURLOPT_POST => true,
+	CURLOPT_INFILESIZE => 1,
+	CURLOPT_HTTPHEADER => array(
+		'Content-Length: 1',
+	),
+	CURLOPT_READFUNCTION => 'curl_read'
+));
+
+function curl_read($ch, $fp, $len) {
+	var_dump($fp);
+	exit;
+}
+
+curl_exec($ch);
+curl_close($ch);
+?>
+--EXPECTF--
+NULL
-- 
2.49.0