From e0ae3d22c1e8bd3ba12d4c1b40b6942a7cba5317 Mon Sep 17 00:00:00 2001
From: Dmitry Stogov <dmitry@php.net>
Date: Wed, 21 Nov 2007 12:28:13 +0000
Subject: [PATCH] Safe exit from executor()

---
 Zend/zend_execute.c    | 7 +++++--
 Zend/zend_vm_def.h     | 3 ++-
 Zend/zend_vm_execute.h | 7 ++++++-
 3 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/Zend/zend_execute.c b/Zend/zend_execute.c
index 8f1e0f0e46..797fbe8446 100644
--- a/Zend/zend_execute.c
+++ b/Zend/zend_execute.c
@@ -1426,7 +1426,7 @@ ZEND_API void execute_internal(zend_execute_data *execute_data_ptr, int return_v
 		EX(opline)++; \
 	}
 
-#define ZEND_VM_RETURN_FROM_EXECUTE_LOOP() \
+#define ZEND_VM_EXIT_FROM_EXECUTE_LOOP() \
 	free_alloca(EX(CVs)); \
 	if (EX(op_array)->T < TEMP_VAR_STACK_LIMIT) { \
 		free_alloca(EX(Ts)); \
@@ -1435,7 +1435,10 @@ ZEND_API void execute_internal(zend_execute_data *execute_data_ptr, int return_v
 	} \
 	EG(in_execution) = EX(original_in_execution); \
 	EG(current_execute_data) = EX(prev_execute_data); \
-	EG(opline_ptr) = NULL; \
+	EG(opline_ptr) = NULL;
+
+#define ZEND_VM_RETURN_FROM_EXECUTE_LOOP() \
+	ZEND_VM_EXIT_FROM_EXECUTE_LOOP() \
 	ZEND_VM_RETURN()
 
 #include "zend_vm_execute.h"
diff --git a/Zend/zend_vm_def.h b/Zend/zend_vm_def.h
index 2597acec06..8c33e7d24b 100644
--- a/Zend/zend_vm_def.h
+++ b/Zend/zend_vm_def.h
@@ -3705,6 +3705,7 @@ ZEND_VM_HANDLER(79, ZEND_EXIT, CONST|TMP|VAR|UNUSED|CV, ANY)
 		FREE_OP1();
 	}
 #endif
+	ZEND_VM_EXIT_FROM_EXECUTE_LOOP();
 	zend_bailout();
 	ZEND_VM_NEXT_OPCODE();
 }
@@ -3979,7 +3980,7 @@ ZEND_VM_HANDLER(150, ZEND_USER_OPCODE, ANY, ANY)
 		case ZEND_USER_OPCODE_CONTINUE:
 			ZEND_VM_CONTINUE();
 		case ZEND_USER_OPCODE_RETURN:
-			ZEND_VM_RETURN();
+			ZEND_VM_RETURN_FROM_EXECUTE_LOOP();
 		case ZEND_USER_OPCODE_DISPATCH:
 			ZEND_VM_DISPATCH(EX(opline)->opcode, EX(opline));
 		default:
diff --git a/Zend/zend_vm_execute.h b/Zend/zend_vm_execute.h
index 5d9f3a2cae..45f879ea16 100644
--- a/Zend/zend_vm_execute.h
+++ b/Zend/zend_vm_execute.h
@@ -607,7 +607,7 @@ static int ZEND_USER_OPCODE_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
 		case ZEND_USER_OPCODE_CONTINUE:
 			ZEND_VM_CONTINUE();
 		case ZEND_USER_OPCODE_RETURN:
-			ZEND_VM_RETURN();
+			ZEND_VM_RETURN_FROM_EXECUTE_LOOP();
 		case ZEND_USER_OPCODE_DISPATCH:
 			ZEND_VM_DISPATCH(EX(opline)->opcode, EX(opline));
 		default:
@@ -2097,6 +2097,7 @@ static int ZEND_EXIT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
 
 	}
 #endif
+	ZEND_VM_EXIT_FROM_EXECUTE_LOOP();
 	zend_bailout();
 	ZEND_VM_NEXT_OPCODE();
 }
@@ -5195,6 +5196,7 @@ static int ZEND_EXIT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
 		zval_dtor(free_op1.var);
 	}
 #endif
+	ZEND_VM_EXIT_FROM_EXECUTE_LOOP();
 	zend_bailout();
 	ZEND_VM_NEXT_OPCODE();
 }
@@ -8519,6 +8521,7 @@ static int ZEND_EXIT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
 		if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
 	}
 #endif
+	ZEND_VM_EXIT_FROM_EXECUTE_LOOP();
 	zend_bailout();
 	ZEND_VM_NEXT_OPCODE();
 }
@@ -15836,6 +15839,7 @@ static int ZEND_EXIT_SPEC_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
 
 	}
 #endif
+	ZEND_VM_EXIT_FROM_EXECUTE_LOOP();
 	zend_bailout();
 	ZEND_VM_NEXT_OPCODE();
 }
@@ -21319,6 +21323,7 @@ static int ZEND_EXIT_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
 
 	}
 #endif
+	ZEND_VM_EXIT_FROM_EXECUTE_LOOP();
 	zend_bailout();
 	ZEND_VM_NEXT_OPCODE();
 }
-- 
2.50.1