From be1bb28355660065b8e40547505c022bbc01a785 Mon Sep 17 00:00:00 2001 From: Zeev Suraski Date: Mon, 20 Dec 1999 16:05:36 +0000 Subject: [PATCH] - Fix the crash Thies was experiencing (returning a function call could cause a crash) - Fix the leak Thies was experiencing (@fcall() leaked) --- Zend/zend.h | 2 ++ Zend/zend_compile.c | 5 +++++ Zend/zend_execute.c | 2 ++ 3 files changed, 9 insertions(+) diff --git a/Zend/zend.h b/Zend/zend.h index 0f41887a583..ea66e2da2c6 100644 --- a/Zend/zend.h +++ b/Zend/zend.h @@ -303,6 +303,8 @@ END_EXTERN_C() if ((pzv)->refcount>1) { \ zval_copy_ctor(&(zv)); \ (pzv)->refcount--; \ + } else { \ + efree(pzv); \ } \ INIT_PZVAL(&(zv)); diff --git a/Zend/zend_compile.c b/Zend/zend_compile.c index 45410dae021..827abd33b07 100644 --- a/Zend/zend_compile.c +++ b/Zend/zend_compile.c @@ -2060,8 +2060,13 @@ void do_begin_silence(znode *strudel_token CLS_DC) void do_end_silence(znode *strudel_token CLS_DC) { + zend_op *last_opline = &CG(active_op_array)->opcodes[CG(active_op_array)->last-1]; zend_op *opline = get_next_op(CG(active_op_array) CLS_CC); + if ((last_opline->opcode == ZEND_DO_FCALL) || (last_opline->opcode == ZEND_DO_FCALL_BY_NAME)) { + last_opline->result.u.EA.type |= EXT_TYPE_UNUSED; + } + opline->opcode = ZEND_END_SILENCE; opline->op1 = *strudel_token; SET_UNUSED(opline->op2); diff --git a/Zend/zend_execute.c b/Zend/zend_execute.c index 1cea3fed486..b4683820870 100644 --- a/Zend/zend_execute.c +++ b/Zend/zend_execute.c @@ -1562,6 +1562,7 @@ do_fcall_common: zval *retval_ptr; zval **retval_ptr_ptr; + SUSPEND_GARBAGE(); if ((EG(active_op_array)->return_reference == ZEND_RETURN_REF) && (opline->op1.op_type != IS_CONST) && (opline->op1.op_type != IS_TMP_VAR)) { @@ -1595,6 +1596,7 @@ do_fcall_common: (*EG(return_value_ptr_ptr))->is_ref = 0; } } + RESUME_GARBAGE(); #if SUPPORT_INTERACTIVE op_array->last_executed_op_number = opline-op_array->opcodes; #endif