Patch Fixed-bug-62904-Crash-when-cloning-an-object for SPL related Bug #62904

Patch version 2012-08-23 14:39 UTC

• 2012-08-23 14:39 UTC [diff to current]

Developer: reeze.xia@gmail.com

From 99d80b73fc788485f50ae5c55764af522eeb8bd1 Mon Sep 17 00:00:00 2001
From: Reeze Xia <reeze.xia@gmail.com>
Date: Thu, 23 Aug 2012 22:39:32 +0800
Subject: [PATCH] Fixed bug #62904 (Crash when cloning an object which
 inherits SplFixedArray)


Signed-off-by: Reeze Xia <reeze.xia@gmail.com>
---
 ext/spl/spl_fixedarray.c    |    6 ++++--
 ext/spl/tests/bug62904.phpt |   23 +++++++++++++++++++++++
 2 files changed, 27 insertions(+), 2 deletions(-)
 create mode 100644 ext/spl/tests/bug62904.phpt

diff --git a/ext/spl/spl_fixedarray.c b/ext/spl/spl_fixedarray.c
index 1124285..19e01a9 100644
--- a/ext/spl/spl_fixedarray.c
+++ b/ext/spl/spl_fixedarray.c
@@ -225,8 +225,10 @@ static zend_object_value spl_fixedarray_object_new_ex(zend_class_entry *class_ty
 		intern->ce_get_iterator = other->ce_get_iterator;
 
 		intern->array = emalloc(sizeof(spl_fixedarray));
-		spl_fixedarray_init(intern->array, other->array->size TSRMLS_CC);
-		spl_fixedarray_copy(intern->array, other->array TSRMLS_CC);
+		spl_fixedarray_init(intern->array, (other->array ? other->array->size : 0) TSRMLS_CC);
+		if (other->array) {
+			spl_fixedarray_copy(intern->array, other->array TSRMLS_CC);
+		}
 	}
 
 	while (parent) {
diff --git a/ext/spl/tests/bug62904.phpt b/ext/spl/tests/bug62904.phpt
new file mode 100644
index 0000000..f2034af
--- /dev/null
+++ b/ext/spl/tests/bug62904.phpt
@@ -0,0 +1,23 @@
+--TEST--
+Bug #62904 (Crash when cloning an object which inherits SplFixedArray)
+--FILE--
+<?php
+
+class Foo extends SplFixedArray {       
+        public function __construct() { }
+}
+
+$x = new Foo;
+
+try {
+	$z = clone $x;
+	var_dump($z);
+} catch (Exception $e) {
+	var_dump($e->getMessage());
+}
+?>
+===DONE===
+--EXPECTF--
+object(Foo)#%d (0) {
+}
+===DONE===
\ No newline at end of file
-- 
1.7.9.6 (Apple Git-31.1)