|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2004-04-21 09:34 UTC] tony2001 at phpclub dot net
Description:
------------
Segfault in overload extension.
Backtrace:
----
0x4037bb1d in fetch_overloaded_element (result=0x8146c4c, op1=0x8146c5c, op2=0x8146c6c, Ts=0xbfffbe9c, type=1,
retval=0xbfffbf60, overloaded_element_type=1) at /home/tony/CVS/php_src_PHP_4_3_debug/Zend/zend_execute.c:735
735 overloaded_element.element = *get_zval_ptr(op2, Ts, &EG(free_op2), type);
(gdb) bt
#0 0x4037bb1d in fetch_overloaded_element (result=0x8146c4c, op1=0x8146c5c, op2=0x8146c6c, Ts=0xbfffbe9c, type=1,
retval=0xbfffbf60, overloaded_element_type=1) at /home/tony/CVS/php_src_PHP_4_3_debug/Zend/zend_execute.c:735
#1 0x4037bc98 in zend_fetch_dimension_address (result=0x8146c4c, op1=0x8146c5c, op2=0x8146c6c, Ts=0xbfffbe9c, type=1)
at /home/tony/CVS/php_src_PHP_4_3_debug/Zend/zend_execute.c:758
#2 0x4037e052 in execute (op_array=0x813ab5c) at /home/tony/CVS/php_src_PHP_4_3_debug/Zend/zend_execute.c:1301
#3 0x4036c520 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
at /home/tony/CVS/php_src_PHP_4_3_debug/Zend/zend.c:886
#4 0x4033162e in php_execute_script (primary_file=0xbffff310) at /home/tony/CVS/php_src_PHP_4_3_debug/main/main.c:1731
#5 0x4038527a in apache_php_module_main (r=0x81309f4, display_source_mode=0)
at /home/tony/CVS/php_src_PHP_4_3_debug/sapi/apache/sapi_apache.c:54
#6 0x40386309 in send_php (r=0x81309f4, display_source_mode=0, filename=0x8130f5c "/www/index.php")
at /home/tony/CVS/php_src_PHP_4_3_debug/sapi/apache/mod_php4.c:620
#7 0x4038639a in send_parsed_php (r=0x81309f4) at /home/tony/CVS/php_src_PHP_4_3_debug/sapi/apache/mod_php4.c:635
#8 0x08074542 in ap_invoke_handler ()
#9 0x0808a56a in process_request_internal ()
#10 0x0808a9d4 in ap_internal_redirect ()
#11 0x0806024a in handle_dir ()
#12 0x08074542 in ap_invoke_handler ()
#13 0x0808a56a in process_request_internal ()
#14 0x0808a5c7 in ap_process_request ()
#15 0x08080f80 in child_main ()
#16 0x08081132 in make_child ()
#17 0x080812b1 in startup_children ()
#18 0x0808199b in standalone_main ()
#19 0x08082235 in main ()
#20 0x4010eaf7 in __libc_start_main () from /lib/i686/libc.so.6
Reproduce code:
---------------
<?
class Foo {
var $arr;
var $bar;
function __set($prop_name, $prop_value)
{
$this->bar[$prop_name] = $prop_value;
}
}
overload('Foo');
$foo = new Foo;
$foo->blabla[] = '123';
?>
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Wed Dec 04 08:01:29 2024 UTC |
Patch: Index: zend_execute.c =================================================================== RCS file: /repository/Zend/Attic/zend_execute.c,v retrieving revision 1.316.2.43 diff -u -r1.316.2.43 zend_execute.c --- zend_execute.c 21 Dec 2004 10:37:49 -0000 1.316.2.43 +++ zend_execute.c 8 Jan 2005 19:49:13 -0000 @@ -715,6 +715,7 @@ static void fetch_overloaded_element(znode *result, znode *op1, znode *op2, temp_variable *Ts, int type, zval ***retval, int overloaded_element_type TSRMLS_DC) { zend_overloaded_element overloaded_element; + zval *tmp; if (Ts[op1->u.var].EA.type == IS_STRING_OFFSET) { get_zval_ptr(op2, Ts, &EG(free_op2), BP_VAR_R); @@ -733,7 +734,11 @@ return; } - overloaded_element.element = *get_zval_ptr(op2, Ts, &EG(free_op2), type); + tmp = get_zval_ptr(op2, Ts, &EG(free_op2), type); + if (!tmp) { + MAKE_STD_ZVAL(tmp); + } + overloaded_element.element = *tmp; overloaded_element.type = overloaded_element_type; if (!EG(free_op2)) { zval_copy_ctor(&overloaded_element.element);