iliaa Wed Dec 5 20:04:14 2007 UTC
Added files: (Branch: PHP_5_2)
/php-src/ext/standard/tests/array bug43495.phpt
Modified files:
/php-src/ext/standard array.c
/php-src NEWS
Log:
MFB: Fixed bug #43495 (array_merge_recursive() crashes with recursive
arrays)
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/array.c?r1=1.308.2.21.2.44&r2=1.308.2.21.2.45&diff_format=u
Index: php-src/ext/standard/array.c
diff -u php-src/ext/standard/array.c:1.308.2.21.2.44
php-src/ext/standard/array.c:1.308.2.21.2.45
--- php-src/ext/standard/array.c:1.308.2.21.2.44 Mon Dec 3 14:11:08 2007
+++ php-src/ext/standard/array.c Wed Dec 5 20:04:13 2007
@@ -21,7 +21,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: array.c,v 1.308.2.21.2.44 2007/12/03 14:11:08 iliaa Exp $ */
+/* $Id: array.c,v 1.308.2.21.2.45 2007/12/05 20:04:13 iliaa Exp $ */
#include "php.h"
#include "php_ini.h"
@@ -2314,9 +2314,10 @@
while (zend_hash_get_current_data_ex(src, (void **)&src_entry, &pos) ==
SUCCESS) {
switch (zend_hash_get_current_key_ex(src, &string_key,
&string_key_len, &num_key, 0, &pos)) {
case HASH_KEY_IS_STRING:
- if (recursive &&
- zend_hash_find(dest, string_key,
string_key_len, (void **)&dest_entry) == SUCCESS) {
- if (*src_entry == *dest_entry &&
((*dest_entry)->refcount % 2)) {
+ if (recursive && zend_hash_find(dest,
string_key, string_key_len, (void **)&dest_entry) == SUCCESS) {
+ HashTable *thash = HASH_OF(*dest_entry);
+
+ if ((thash && thash->nApplyCount > 1)
|| (*src_entry == *dest_entry && ((*dest_entry)->refcount % 2))) {
php_error_docref(NULL
TSRMLS_CC, E_WARNING, "recursion detected");
return 0;
}
@@ -2325,9 +2326,18 @@
convert_to_array_ex(dest_entry);
convert_to_array_ex(src_entry);
- if
(!php_array_merge(Z_ARRVAL_PP(dest_entry),
-
Z_ARRVAL_PP(src_entry), recursive TSRMLS_CC))
+ if (thash) {
+ thash->nApplyCount++;
+ }
+ if
(!php_array_merge(Z_ARRVAL_PP(dest_entry), Z_ARRVAL_PP(src_entry), recursive
TSRMLS_CC)) {
+ if (thash) {
+ thash->nApplyCount--;
+ }
return 0;
+ }
+ if (thash) {
+ thash->nApplyCount--;
+ }
} else {
(*src_entry)->refcount++;
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1028&r2=1.2027.2.547.2.1029&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.1028 php-src/NEWS:1.2027.2.547.2.1029
--- php-src/NEWS:1.2027.2.547.2.1028 Tue Dec 4 13:05:03 2007
+++ php-src/NEWS Wed Dec 5 20:04:13 2007
@@ -3,6 +3,8 @@
?? ??? 2008, PHP 5.2.6
- Fixed weired behavior in CGI parameter parsing. (Dmitry, Hannes Magnusson)
+- Fixed bug #43495 (array_merge_recursive() crashes with recursive arrays).
+ (Ilia)
- Fixed bug #43493 (pdo_pgsql does not send username on connect when password
is not available). (Ilia)
- Fixed bug #43482 (array_pad() does not warn on very small pad numbers).
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/tests/array/bug43495.phpt?view=markup&rev=1.1
Index: php-src/ext/standard/tests/array/bug43495.phpt
+++ php-src/ext/standard/tests/array/bug43495.phpt
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
