diff options
author | Dmitry Stogov <dmitry@php.net> | 2008-02-21 13:55:22 +0000 |
---|---|---|
committer | Dmitry Stogov <dmitry@php.net> | 2008-02-21 13:55:22 +0000 |
commit | 28306e34398a7e9e26b8fe777d477e08077a0406 (patch) | |
tree | 9ecbd0237c5cae8ba794d7a798f5b983bb27248e | |
parent | 744d8992b374cf992e972f3d88701e77fc9667e7 (diff) | |
download | php-git-28306e34398a7e9e26b8fe777d477e08077a0406.tar.gz |
Fixed bug #44141 (private parent constructor callable through static function)
-rw-r--r-- | NEWS | 2 | ||||
-rw-r--r-- | Zend/tests/bug44141.phpt | 25 | ||||
-rw-r--r-- | Zend/zend_object_handlers.c | 2 |
3 files changed, 28 insertions, 1 deletions
@@ -20,6 +20,8 @@ PHP NEWS - Fixed bug #44159 (Crash: $pdo->setAttribute(PDO::STATEMENT_ATTR_CLASS, NULL)). (Felipe) - Fixed bug #44152 (Possible crash with syslog logging on ZTS builds). (Ilia) +- Fixed bug #44141 (private parent constructor callable through static + function). (Dmitry) - Fixed bug #44069 (Huge memory usage with concatenation using . instead of .=). (Dmitry) - Fixed bug #44046 (crash inside array_slice() function with an invalid diff --git a/Zend/tests/bug44141.phpt b/Zend/tests/bug44141.phpt new file mode 100644 index 0000000000..1a9ee892b6 --- /dev/null +++ b/Zend/tests/bug44141.phpt @@ -0,0 +1,25 @@ +--TEST-- +Bug #44141 (private parent constructor callable through static function) +--FILE-- +<?php +class X +{ + public $x; + private function __construct($x) + { + $this->x = $x; + } +} + +class Y extends X +{ + static public function cheat($x) + { + return new Y($x); + } +} + +$y = Y::cheat(5); +echo $y->x, PHP_EOL; +--EXPECTF-- +Fatal error: Call to private X::__construct() from context 'Y' in %sbug44141.php on line 15 diff --git a/Zend/zend_object_handlers.c b/Zend/zend_object_handlers.c index f10a800b72..42b687eff7 100644 --- a/Zend/zend_object_handlers.c +++ b/Zend/zend_object_handlers.c @@ -944,7 +944,7 @@ ZEND_API union _zend_function *zend_std_get_constructor(zval *object TSRMLS_DC) } else if (constructor->op_array.fn_flags & ZEND_ACC_PRIVATE) { /* Ensure that if we're calling a private function, we're allowed to do so. */ - if (Z_OBJ_HANDLER_P(object, get_class_entry)(object TSRMLS_CC) != EG(scope)) { + if (constructor->common.scope != EG(scope)) { if (EG(scope)) { zend_error(E_ERROR, "Call to private %s::%s() from context '%s'", constructor->common.scope->name, constructor->common.function_name, EG(scope)->name); } else { |