Commit: fb03ce93d3829b4e7378b2d3522da6fb2db12205 Author: Nikita Popov <ni...@php.net> Sun, 16 Sep 2012 21:48:57 +0200 Parents: 6cc9d99dc2ef764281ec291c55719d8bf34e7695 Branches: master
Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=fb03ce93d3829b4e7378b2d3522da6fb2db12205 Log: Fix invalid read / remove useless code Generators follow a different cleanup path, so the extra check for freeing the execute_data is unnecessary there. It actually caused problems because op_array->fn_flags could be in freed memory at that time (in case op_array came from a closure in an ArrayAccess container). This fixes the valgrind warning in Zend/tests/bug54367.phpt. Bugs: https://bugs.php.net/54367 Changed paths: M Zend/zend_vm_def.h M Zend/zend_vm_execute.h Diff: diff --git a/Zend/zend_vm_def.h b/Zend/zend_vm_def.h index f683ff2..be2021a 100644 --- a/Zend/zend_vm_def.h +++ b/Zend/zend_vm_def.h @@ -1869,13 +1869,7 @@ ZEND_VM_HELPER(zend_leave_helper, ANY, ANY) nested = EX(nested); - /* For generators the execute_data is stored on the heap, for everything - * else it is stored on the VM stack. */ - if (op_array->fn_flags & ZEND_ACC_GENERATOR) { - efree(execute_data); - } else { - zend_vm_stack_free(execute_data TSRMLS_CC); - } + zend_vm_stack_free(execute_data TSRMLS_CC); if (nested) { execute_data = EG(current_execute_data); diff --git a/Zend/zend_vm_execute.h b/Zend/zend_vm_execute.h index f8a8905..bde11ea 100644 --- a/Zend/zend_vm_execute.h +++ b/Zend/zend_vm_execute.h @@ -493,13 +493,7 @@ static int ZEND_FASTCALL zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS) nested = EX(nested); - /* For generators the execute_data is stored on the heap, for everything - * else it is stored on the VM stack. */ - if (op_array->fn_flags & ZEND_ACC_GENERATOR) { - efree(execute_data); - } else { - zend_vm_stack_free(execute_data TSRMLS_CC); - } + zend_vm_stack_free(execute_data TSRMLS_CC); if (nested) { execute_data = EG(current_execute_data); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php