Fix null-pointer deref in if stmt printing

Fixes OSS-Fuzz #17721.
author: Nikita Popov <nikita.ppv@gmail.com> 2019-09-26 10:24:49 +0200
committer: Nikita Popov <nikita.ppv@gmail.com> 2019-09-26 10:24:49 +0200
commit: 8a9df8859747abaf70e4465d066adbe1f97d1fdb (patch)
tree: 66aa4eab647d5a12fae51294b983c992b8a317ed
parent: d2331cc3f2fee2228b82def81c1e9557dd73d77c (diff)
download: php-git-8a9df8859747abaf70e4465d066adbe1f97d1fdb.tar.gz
2 files changed, 5 insertions, 1 deletions
diff --git a/Zend/tests/assert/expect_015.phpt b/Zend/tests/assert/expect_015.phpt
index 1679640851..72f13ff83f 100644
--- a/Zend/tests/assert/expect_015.phpt
+++ b/Zend/tests/assert/expect_015.phpt
@@ -140,6 +140,7 @@ assert(0 && ($a = function () {
     if ($a) {
     } elseif ($b) {
     }
+    if ($a); else;
 }));
 
 ?>
@@ -292,4 +293,7 @@ Warning: assert(): assert(0 && ($a = function () {
     if ($a) {
     } elseif ($b) {
     }
+    if ($a) {
+    } else {
+    }
 })) failed in %sexpect_015.php on line %d
diff --git a/Zend/zend_ast.c b/Zend/zend_ast.c
index 6e3447eb73..bad1471ac4 100644
--- a/Zend/zend_ast.c
+++ b/Zend/zend_ast.c
@@ -894,7 +894,7 @@ tail_call:
 		} else {
 			zend_ast_export_indent(str, indent);
 			smart_str_appends(str, "} else ");
-			if (ast->child[1]->kind == ZEND_AST_IF) {
+			if (ast->child[1] && ast->child[1]->kind == ZEND_AST_IF) {
 				list = (zend_ast_list*)ast->child[1];
 				goto tail_call;
 			} else {
author	Nikita Popov <nikita.ppv@gmail.com>	2019-09-26 10:24:49 +0200
committer	Nikita Popov <nikita.ppv@gmail.com>	2019-09-26 10:24:49 +0200
commit	8a9df8859747abaf70e4465d066adbe1f97d1fdb (patch)
tree	66aa4eab647d5a12fae51294b983c992b8a317ed
parent	d2331cc3f2fee2228b82def81c1e9557dd73d77c (diff)
download	php-git-8a9df8859747abaf70e4465d066adbe1f97d1fdb.tar.gz