diff --git a/NEWS b/NEWS index d2da15927ce53..0899163d87b75 100644 --- a/NEWS +++ b/NEWS @@ -54,6 +54,8 @@ PHP NEWS ignored. (ndossche) . Support overridden methods in SplFileInfo for getMTime() and getPathname() when building a phar. (ndossche) + . Mark Phar::buildFromIterator() base directory argument as a path. + (ndossche) - Reflection: . Fixed bug GH-20217 (ReflectionClass::isIterable() incorrectly returns true diff --git a/Zend/Optimizer/block_pass.c b/Zend/Optimizer/block_pass.c index b1fd8e44222e5..79e95ed3fab43 100644 --- a/Zend/Optimizer/block_pass.c +++ b/Zend/Optimizer/block_pass.c @@ -1228,7 +1228,7 @@ static zend_always_inline zend_basic_block *get_next_block(const zend_cfg *cfg, } next_block++; } - while (next_block->len == 0 && !(next_block->flags & ZEND_BB_PROTECTED)) { + while (next_block->len == 0 && !(next_block->flags & (ZEND_BB_TARGET|ZEND_BB_PROTECTED))) { next_block = cfg->blocks + next_block->successors[0]; } return next_block; diff --git a/ext/opcache/tests/oss-fuzz-472563272.phpt b/ext/opcache/tests/oss-fuzz-472563272.phpt new file mode 100644 index 0000000000000..39519abe9ae05 --- /dev/null +++ b/ext/opcache/tests/oss-fuzz-472563272.phpt @@ -0,0 +1,14 @@ +--TEST-- +OSS-Fuzz #472563272: Borked block_pass JMP[N]Z optimization +--EXTENSIONS-- +opcache +--INI-- +opcache.enable=1 +opcache.enable_cli=1 +--FILE-- + +===DONE=== +--EXPECT-- +===DONE=== diff --git a/ext/phar/phar_object.c b/ext/phar/phar_object.c index 338cdc705d082..5dd1dc4090cd5 100644 --- a/ext/phar/phar_object.c +++ b/ext/phar/phar_object.c @@ -1828,7 +1828,7 @@ PHP_METHOD(Phar, buildFromIterator) zend_string *base = ZSTR_EMPTY_ALLOC(); struct _phar_t pass; - if (zend_parse_parameters(ZEND_NUM_ARGS(), "O|S!", &obj, zend_ce_traversable, &base) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS(), "O|P!", &obj, zend_ce_traversable, &base) == FAILURE) { RETURN_THROWS(); } diff --git a/ext/spl/spl_dllist.c b/ext/spl/spl_dllist.c index 867f492fab16d..43b2c020b7267 100644 --- a/ext/spl/spl_dllist.c +++ b/ext/spl/spl_dllist.c @@ -75,12 +75,7 @@ struct _spl_dllist_object { spl_ptr_llist_element *traverse_pointer; int traverse_position; int flags; - zend_function *fptr_offset_get; - zend_function *fptr_offset_set; - zend_function *fptr_offset_has; - zend_function *fptr_offset_del; zend_function *fptr_count; - zend_class_entry *ce_get_iterator; zend_object std; }; @@ -322,7 +317,6 @@ static zend_object *spl_dllist_object_new_ex(zend_class_entry *class_type, zend_ if (orig) { spl_dllist_object *other = spl_dllist_from_obj(orig); - intern->ce_get_iterator = other->ce_get_iterator; if (clone_orig) { intern->llist = spl_ptr_llist_init(); @@ -360,22 +354,6 @@ static zend_object *spl_dllist_object_new_ex(zend_class_entry *class_type, zend_ ZEND_ASSERT(parent); if (inherited) { - intern->fptr_offset_get = zend_hash_str_find_ptr(&class_type->function_table, "offsetget", sizeof("offsetget") - 1); - if (intern->fptr_offset_get->common.scope == parent) { - intern->fptr_offset_get = NULL; - } - intern->fptr_offset_set = zend_hash_str_find_ptr(&class_type->function_table, "offsetset", sizeof("offsetset") - 1); - if (intern->fptr_offset_set->common.scope == parent) { - intern->fptr_offset_set = NULL; - } - intern->fptr_offset_has = zend_hash_str_find_ptr(&class_type->function_table, "offsetexists", sizeof("offsetexists") - 1); - if (intern->fptr_offset_has->common.scope == parent) { - intern->fptr_offset_has = NULL; - } - intern->fptr_offset_del = zend_hash_str_find_ptr(&class_type->function_table, "offsetunset", sizeof("offsetunset") - 1); - if (intern->fptr_offset_del->common.scope == parent) { - intern->fptr_offset_del = NULL; - } /* Find count() method */ intern->fptr_count = zend_hash_find_ptr(&class_type->function_table, ZSTR_KNOWN(ZEND_STR_COUNT)); if (intern->fptr_count->common.scope == parent) {