From 2b81156f2a64ae99a4d431983e7c5a4ec7b817f7 Mon Sep 17 00:00:00 2001
From: Dmitry Stogov <dmitry@zend.com>
Date: Fri, 24 Dec 2021 13:10:22 +0300
Subject: [PATCH] Fix memory leak in SCCP

Fixes oss-fuzz #42878
---
 ext/opcache/Optimizer/sccp.c        |  1 +
 ext/opcache/tests/opt/sccp_035.phpt | 17 +++++++++++++++++
 2 files changed, 18 insertions(+)
 create mode 100644 ext/opcache/tests/opt/sccp_035.phpt

diff --git a/ext/opcache/Optimizer/sccp.c b/ext/opcache/Optimizer/sccp.c
index bdeb883aa56..0818a20e0bf 100644
--- a/ext/opcache/Optimizer/sccp.c
+++ b/ext/opcache/Optimizer/sccp.c
@@ -1547,6 +1547,7 @@ static void sccp_visit_instr(scdf_ctx *scdf, zend_op *opline, zend_ssa_op *ssa_o
 						if (opline->opcode == ZEND_PRE_INC_OBJ
 								|| opline->opcode == ZEND_PRE_DEC_OBJ) {
 							SET_RESULT(result, &tmp2);
+							zval_ptr_dtor_nogc(&tmp1);
 						} else {
 							SET_RESULT(result, &tmp1);
 						}
diff --git a/ext/opcache/tests/opt/sccp_035.phpt b/ext/opcache/tests/opt/sccp_035.phpt
new file mode 100644
index 00000000000..86965b13b5f
--- /dev/null
+++ b/ext/opcache/tests/opt/sccp_035.phpt
@@ -0,0 +1,17 @@
+--TEST--
+SCCP 035: memory leak
+--INI--
+opcache.enable=1
+opcache.enable_cli=1
+opcache.optimization_level=-1
+--FILE--
+<?php
+function test() {
+  $obj = new stdClass;
+  $obj->$b = ~$b = $a='';
+  $obj->$a--;
+}
+?>
+DONE
+--EXPECT--
+DONE