From 773bedb13d7c821ca13c8e5254113c457062d0a0 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Gustavo=20Andr=C3=A9=20dos=20Santos=20Lopes?=
 <cataphract@php.net>
Date: Sun, 18 Mar 2012 18:23:27 +0000
Subject: [PATCH] - Fixed bug #61388 (ReflectionObject:getProperties() issues
 invalid reads   when get_properties returns a hash table with (inaccessible)
 dynamic   numeric properties).

---
 ext/reflection/php_reflection.c    |  7 +++++++
 ext/reflection/tests/bug61388.phpt | 32 ++++++++++++++++++++++++++++++
 2 files changed, 39 insertions(+)
 create mode 100644 ext/reflection/tests/bug61388.phpt

diff --git a/ext/reflection/php_reflection.c b/ext/reflection/php_reflection.c
index b5ea8386c5..28184e1cc6 100644
--- a/ext/reflection/php_reflection.c
+++ b/ext/reflection/php_reflection.c
@@ -3832,6 +3832,13 @@ static int _adddynproperty(zval **pptr TSRMLS_DC, int num_args, va_list args, ze
 	zend_class_entry *ce = *va_arg(args, zend_class_entry**);
 	zval *retval = va_arg(args, zval*), member;
 
+	/* under some circumstances, the properties hash table may contain numeric
+	 * properties (e.g. when casting from array). This is a WONT FIX bug, at
+	 * least for the moment. Ignore these */
+	if (hash_key->nKeyLength == 0) {
+		return 0;
+	}
+
 	if (hash_key->arKey[0] == '\0') {
 		return 0; /* non public cannot be dynamic */
 	}
diff --git a/ext/reflection/tests/bug61388.phpt b/ext/reflection/tests/bug61388.phpt
new file mode 100644
index 0000000000..75c0300151
--- /dev/null
+++ b/ext/reflection/tests/bug61388.phpt
@@ -0,0 +1,32 @@
+--TEST--
+ReflectionObject:getProperties() issues invalid reads when it get_properties returns a hash table with (inaccessible) dynamic numeric properties
+--FILE--
+<?php
+$x = new ArrayObject();
+$x[0] = 'test string 2';
+$x['test'] = 'test string 3';
+$reflObj = new ReflectionObject($x);
+print_r($reflObj->getProperties(ReflectionProperty::IS_PUBLIC));
+
+$x = (object)array("a", "oo" => "b");
+$reflObj = new ReflectionObject($x);
+print_r($reflObj->getProperties(ReflectionProperty::IS_PUBLIC));
+--EXPECT--
+Array
+(
+    [0] => ReflectionProperty Object
+        (
+            [name] => test
+            [class] => ArrayObject
+        )
+
+)
+Array
+(
+    [0] => ReflectionProperty Object
+        (
+            [name] => oo
+            [class] => stdClass
+        )
+
+)
-- 
2.40.0