Edit report at https://bugs.php.net/bug.php?id=65821&edit=1
ID: 65821
Updated by: ni...@php.net
Reported by: ni...@php.net
Summary: By-ref foreach on property access of string offset
segfaults
Status: Open
Type: Bug
Package: Scripting Engine problem
PHP Version: 5.5.4
-Assigned To:
+Assigned To: dmitry
Block user comment: N
Private report: N
New Comment:
@dmity: Could you please take a look whether the ZEND_FETCH_ADD_LOCK in foreach
[1] is still necessary? I tried removing it [2] and I didn't get any test
failures in Zend/ or tests/, so maybe this is just a leftover?
[1]: http://lxr.php.net/xref/PHP_TRUNK/Zend/zend_compile.c#6237
[2]: https://gist.github.com/nikic/6800754
Previous Comments:
------------------------------------------------------------------------
[2013-10-02 21:23:54] ni...@php.net
Description:
------------
This segfaults:
$str = "foo";
foreach ($str[0]->bar as &$baz) {}
Because http://lxr.php.net/xref/PHP_TRUNK/Zend/zend_vm_def.h#1391 uses
var.ptr_ptr without NULL check (FETCH_OBJ_W with ZEND_FETCH_ADD_LOCK).
------------------------------------------------------------------------
--
Edit this bug report at https://bugs.php.net/bug.php?id=65821&edit=1
