Fixed bug #70124 (null ptr deref / seg fault in ZEND_HANDLE_EXCEPTION)

author: Xinchen Hui <laruence@php.net> 2015-07-24 15:49:01 +0800
committer: Xinchen Hui <laruence@php.net> 2015-07-24 15:49:36 +0800
commit: 0f1e87d9c18c52f91cb64267114267d239ad3488 (patch)
tree: 69f61a852400abfdb26d6e3b57fde182870b3e6a /Zend/zend_execute.c
parent: add2b158e2126eb4e0ff85414bb1c7cbe6a56ca8 (diff)
download: php-git-0f1e87d9c18c52f91cb64267114267d239ad3488.tar.gz
1 files changed, 9 insertions, 0 deletions
diff --git a/Zend/zend_execute.c b/Zend/zend_execute.c
index 2d1bd5e3d0..065809f1a6 100644
--- a/Zend/zend_execute.c
+++ b/Zend/zend_execute.c
@@ -2395,6 +2395,15 @@ static zend_always_inline void i_cleanup_unfinished_execution(zend_execute_data
 		zend_op *opline = EX(func)->op_array.opcodes + op_num;
 		int level;
 		int do_exit;
+		
+		if (UNEXPECTED(opline->opcode == ZEND_INIT_FCALL ||
+			opline->opcode == ZEND_INIT_FCALL_BY_NAME ||
+			opline->opcode == ZEND_INIT_DYNAMIC_CALL ||
+			opline->opcode == ZEND_INIT_METHOD_CALL ||
+			opline->opcode == ZEND_INIT_STATIC_METHOD_CALL)) {
+			ZEND_ASSERT(op_num);
+			opline--;
+		}
 
 		do {
 			/* If the exception was thrown during a function call there might be
author	Xinchen Hui <laruence@php.net>	2015-07-24 15:49:01 +0800
committer	Xinchen Hui <laruence@php.net>	2015-07-24 15:49:36 +0800
commit	0f1e87d9c18c52f91cb64267114267d239ad3488 (patch)
tree	69f61a852400abfdb26d6e3b57fde182870b3e6a /Zend/zend_execute.c
parent	add2b158e2126eb4e0ff85414bb1c7cbe6a56ca8 (diff)
download	php-git-0f1e87d9c18c52f91cb64267114267d239ad3488.tar.gz