php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-24 00:02:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'PHP-8.4'

Browse Source 
* PHP-8.4:
  Fix use-of-uninitialized-value in zend_get_arg_offset_by_name()
This commit is contained in:
Ilija Tovilo
2025-09-17 15:56:46 +02:00
parent 1ac68e7b07 657dfc91f8
commit 025ac98c75
1 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
Zend/zend_execute.c
View File

@@ -5454,9 +5454,9 @@ static zend_always_inline uint32_t zend_get_arg_offset_by_name(
if (EXPECTED(fbc->type == ZEND_USER_FUNCTION)
|| EXPECTED(fbc->common.fn_flags & ZEND_ACC_USER_ARG_INFO)) {
for (uint32_t i = 0; i < num_args; i++) {
zend_arg_info *arg_info = &fbc->op_array.arg_info[i];
zend_arg_info *arg_info = &fbc->common.arg_info[i];
if (zend_string_equals(arg_name, arg_info->name)) {
if (!fbc->op_array.refcount || !(fbc->op_array.fn_flags & ZEND_ACC_CLOSURE)) {
if (fbc->type == ZEND_USER_FUNCTION && (!fbc->op_array.refcount || !(fbc->op_array.fn_flags & ZEND_ACC_CLOSURE))) {
*cache_slot = unique_id;
*(uintptr_t *)(cache_slot + 1) = i;
}
@@ -5477,7 +5477,10 @@ static zend_always_inline uint32_t zend_get_arg_offset_by_name(
}
if (fbc->common.fn_flags & ZEND_ACC_VARIADIC) {
if (fbc->type == ZEND_INTERNAL_FUNCTION || !fbc->op_array.refcount || !(fbc->op_array.fn_flags & ZEND_ACC_CLOSURE)) {
if ((fbc->type == ZEND_USER_FUNCTION
&& (!fbc->op_array.refcount || !(fbc->op_array.fn_flags & ZEND_ACC_CLOSURE)))
|| (fbc->type == ZEND_INTERNAL_FUNCTION
&& !(fbc->common.fn_flags & ZEND_ACC_USER_ARG_INFO))) {
*cache_slot = unique_id;
*(uintptr_t *)(cache_slot + 1) = fbc->common.num_args;
}