From 910dff4c2b971c0409d8d2b5f615188af8488be2 Mon Sep 17 00:00:00 2001
From: Zeev Suraski <zeev@php.net>
Date: Mon, 9 Jun 2003 07:39:55 +0000
Subject: [PATCH] Fix indirect reference calls to bogus function names

---
 Zend/zend_execute.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/Zend/zend_execute.c b/Zend/zend_execute.c
index 1f4007e35c5..0b450ddb3d8 100644
--- a/Zend/zend_execute.c
+++ b/Zend/zend_execute.c
@@ -2433,6 +2433,11 @@ int zend_init_method_call_handler(ZEND_OPCODE_HANDLER_ARGS)
 	zend_ptr_stack_n_push(&EG(arg_types_stack), 3, EX(fbc), EX(object), EX(calling_scope));
 
 	function_name = get_zval_ptr(&EX(opline)->op2, EX(Ts), &EG(free_op2), BP_VAR_R);
+
+	if (Z_TYPE_P(function_name)!=IS_STRING) {
+		zend_error(E_ERROR, "Method name must be a string");
+	}
+
 	function_name_strval = function_name->value.str.val;
 	function_name_strlen = function_name->value.str.len;
 
@@ -2542,6 +2547,9 @@ int zend_init_fcall_by_name_handler(ZEND_OPCODE_HANDLER_ARGS)
 	} else {
 		function_name = get_zval_ptr(&EX(opline)->op2, EX(Ts), &EG(free_op2), BP_VAR_R);
 
+		if (Z_TYPE_P(function_name) != IS_STRING) {
+			zend_error(E_ERROR, "Function name must be a string");
+		}
 		function_name_strval = zend_str_tolower_dup(function_name->value.str.val, function_name->value.str.len);
 		function_name_strlen = function_name->value.str.len;
 	}