From 3a8912fb7c97ea5a8490037d45224230be10625d Mon Sep 17 00:00:00 2001
From: Dmitry Stogov <dmitry@zend.com>
Date: Mon, 30 May 2022 11:32:17 +0300
Subject: [PATCH] Fix memory leak

This fixes oss-fuzz #47648
---
 ext/opcache/jit/zend_jit_x86.dasc     |  2 +-
 ext/opcache/tests/jit/assign_053.phpt | 26 ++++++++++++++++++++++++++
 2 files changed, 27 insertions(+), 1 deletion(-)
 create mode 100644 ext/opcache/tests/jit/assign_053.phpt

diff --git a/ext/opcache/jit/zend_jit_x86.dasc b/ext/opcache/jit/zend_jit_x86.dasc
index 71eb54dfbc1..3bde0e59b62 100644
--- a/ext/opcache/jit/zend_jit_x86.dasc
+++ b/ext/opcache/jit/zend_jit_x86.dasc
@@ -6183,7 +6183,7 @@ static int zend_jit_assign_to_typed_ref(dasm_State         **Dst,
 		|	// if (UNEXPECTED(EG(exception) != NULL)) {
 		|	MEM_OP2_1_ZTS cmp, aword, executor_globals, exception, 0, r0
 		|	je >8  // END OF zend_jit_assign_to_variable()
-		|	jmp ->exception_handler_undef
+		|	jmp ->exception_handler
 	} else {
 		|	jmp >8
 	}
diff --git a/ext/opcache/tests/jit/assign_053.phpt b/ext/opcache/tests/jit/assign_053.phpt
new file mode 100644
index 00000000000..6e785fa76f7
--- /dev/null
+++ b/ext/opcache/tests/jit/assign_053.phpt
@@ -0,0 +1,26 @@
+--TEST--
+JIT ASSIGN: memory leak
+--INI--
+opcache.enable=1
+opcache.enable_cli=1
+opcache.file_update_protection=0
+opcache.jit_buffer_size=1M
+opcache.protect_memory=1
+--FILE--
+<?php
+class Test {
+    public string $x;
+}
+$test=new Test;
+$test->x = " $y ";
+$r = &$test->x + ($r = $y);
+?>
+--EXPECTF--
+Warning: Undefined variable $y in %sassign_053.php on line 6
+
+Warning: Undefined variable $y in %sassign_053.php on line 7
+
+Fatal error: Uncaught TypeError: Cannot assign null to reference held by property Test::$x of type string in %sassign_053.php:7
+Stack trace:
+#0 {main}
+  thrown in %sassign_053.php on line 7
\ No newline at end of file