|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull Requests
Pull requests:
HistoryAllCommentsChangesGit/SVN commits
[2017-07-24 15:42 UTC] andrew dot nester dot dev at gmail dot com
[2017-07-25 05:41 UTC] krakjoe@php.net
[2017-07-25 05:41 UTC] krakjoe@php.net
-Status: Open
+Status: Closed
[2017-09-04 19:26 UTC] nikic@php.net
[2017-09-04 19:27 UTC] nikic@php.net
-Status: Closed
+Status: Re-Opened
[2017-09-04 19:27 UTC] nikic@php.net
[2017-09-11 17:28 UTC] jhdxr@php.net
|
|||||||||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Sun Oct 26 13:00:02 2025 UTC |
Description: ------------ This iterator causes a crash due to recursion. Test script: --------------- <?php $iterator = new AppendIterator(array("A","A","A")); $iterator->append($iterator); ?> Expected result: ---------------- ho crash Actual result: -------------- gdb-peda$ r Starting program: /home/hjy/Desktop/php-7.1.7/sapi/cli/php -n poc.php [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1". Program received signal SIGSEGV, Segmentation fault. [----------------------------------registers-----------------------------------] EAX: 0x8d1bfe8 --> 0x1 EBX: 0x0 ECX: 0xb6e6d2b8 --> 0x6 EDX: 0x8d1bdc0 --> 0x1 ESI: 0xb6e14020 --> 0xb6e5e3a8 --> 0x854992f (<ZEND_DO_FCALL_SPEC_RETVAL_UNUSED_HANDLER>: push ebp) EDI: 0xb6e5e3a8 --> 0x854992f (<ZEND_DO_FCALL_SPEC_RETVAL_UNUSED_HANDLER>: push ebp) EBP: 0xbf800018 ESP: 0xbf7fffe0 EIP: 0x84e098b (<zend_vm_stack_push_call_frame+9>: mov DWORD PTR [esp+0x4],eax) EFLAGS: 0x210282 (carry parity adjust zero SIGN trap INTERRUPT direction overflow) [-------------------------------------code-------------------------------------] 0x84e0983 <zend_vm_stack_push_call_frame+1>: mov ebp,esp 0x84e0985 <zend_vm_stack_push_call_frame+3>: sub esp,0x38 0x84e0988 <zend_vm_stack_push_call_frame+6>: mov eax,DWORD PTR [ebp+0xc] => 0x84e098b <zend_vm_stack_push_call_frame+9>: mov DWORD PTR [esp+0x4],eax 0x84e098f <zend_vm_stack_push_call_frame+13>: mov eax,DWORD PTR [ebp+0x10] 0x84e0992 <zend_vm_stack_push_call_frame+16>: mov DWORD PTR [esp],eax 0x84e0995 <zend_vm_stack_push_call_frame+19>: call 0x84e092d <zend_vm_calc_used_stack> 0x84e099a <zend_vm_stack_push_call_frame+24>: mov DWORD PTR [ebp-0xc],eax [------------------------------------stack-------------------------------------] Invalid $SP address: 0xbf7fffe0 [------------------------------------------------------------------------------] Legend: code, data, rodata, value Stopped reason: SIGSEGV 0x084e098b in zend_vm_stack_push_call_frame (call_info=0x202, func=0x8d1bfe8, num_args=0x0, called_scope=0x8d1bdc0, object=0xb6e6d2b8) at /home/hjy/Desktop/php-7.1.7/Zend/zend_execute.h:209 209 uint32_t used_stack = zend_vm_calc_used_stack(num_args, func);