diff options
author | Dmitry Stogov <dmitry@zend.com> | 2018-09-12 12:16:50 +0300 |
---|---|---|
committer | Dmitry Stogov <dmitry@zend.com> | 2018-09-12 12:16:50 +0300 |
commit | 655a99d1312b3dfd72a1b9e59b7b9322203f615b (patch) | |
tree | 6f8a7547331f0dbcc1c63a56caae075a640beaa2 /Zend/zend_object_handlers.c | |
parent | 58735c59b1ce333c4e4c4a56e9262587262e5ede (diff) | |
download | php-git-655a99d1312b3dfd72a1b9e59b7b9322203f615b.tar.gz |
Fixed bug #76869 (Incorrect bypassing protected method accessibilty check).
Diffstat (limited to 'Zend/zend_object_handlers.c')
-rw-r--r-- | Zend/zend_object_handlers.c | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/Zend/zend_object_handlers.c b/Zend/zend_object_handlers.c index aa2f5be846..b10e5afb0a 100644 --- a/Zend/zend_object_handlers.c +++ b/Zend/zend_object_handlers.c @@ -1243,12 +1243,17 @@ ZEND_API zend_function *zend_std_get_method(zend_object **obj_ptr, zend_string * */ scope = zend_get_executed_scope(); - if (fbc->op_array.fn_flags & ZEND_ACC_CHANGED) { - zend_function *priv_fbc = zend_get_parent_private(scope, fbc->common.scope, lc_method_name); - if (priv_fbc) { - fbc = priv_fbc; + do { + if (fbc->op_array.fn_flags & ZEND_ACC_CHANGED) { + zend_function *priv_fbc = zend_get_parent_private(scope, fbc->common.scope, lc_method_name); + if (priv_fbc) { + fbc = priv_fbc; + break; + } else if (!(fbc->op_array.fn_flags & ZEND_ACC_PROTECTED)) { + break; + } } - } else { + /* Ensure that if we're calling a protected function, we're allowed to do so. * If we're not and __call() handler exists, invoke it, otherwise error out. */ @@ -1260,7 +1265,7 @@ ZEND_API zend_function *zend_std_get_method(zend_object **obj_ptr, zend_string * fbc = NULL; } } - } + } while (0); } if (UNEXPECTED(!key)) { |