php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-25 08:58:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

JIT: Fix incorrect reference-counting

Browse Source 
This fixes oss-fuzz #47937
This commit is contained in:
Dmitry Stogov
2022-06-14 15:03:50 +03:00
parent 70e0e1ada6
commit 971b07ea60
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ext/opcache/jit/zend_jit_helpers.c
+2 -2
View File
@@ -811,7 +811,7 @@ static zval* ZEND_FASTCALL zend_jit_fetch_dim_rw_helper(zend_array *ht, zval *di
opline = EX(opline);
zend_incompatible_double_to_long_error(Z_DVAL_P(dim));
if (!(GC_FLAGS(ht) & IS_ARRAY_IMMUTABLE) && GC_DELREF(ht) != 1) {
if (GC_REFCOUNT(ht)) {
if (!GC_REFCOUNT(ht)) {
zend_array_destroy(ht);
}
if (opline->result_type & (IS_VAR | IS_TMP_VAR)) {
@@ -841,7 +841,7 @@ static zval* ZEND_FASTCALL zend_jit_fetch_dim_rw_helper(zend_array *ht, zval *di
opline = EX(opline);
zend_use_resource_as_offset(dim);
if (!(GC_FLAGS(ht) & IS_ARRAY_IMMUTABLE) && GC_DELREF(ht) != 1) {
if (GC_REFCOUNT(ht)) {
if (!GC_REFCOUNT(ht)) {
zend_array_destroy(ht);
}
if (opline->result_type & (IS_VAR | IS_TMP_VAR)) {