From 5d3cf577aad15b119c137a873f468c0614f2eb2e Mon Sep 17 00:00:00 2001 From: Nikita Popov Date: Thu, 11 Jun 2015 19:41:43 +0200 Subject: Make convert_to_* safe with rc>1 This only involves switching zval_dtor to zval_ptr_dtor for arrays and making the convert_to_object for arrays a bit more generic. All the other changes outside zend_operators.c just make use of this new ability (use COPY instead of DUP). What's still missing: Proper references handling. I've seen many convert_to* calls that will break when a reference is used. Also fixes bug #69788. --- ext/zip/php_zip.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'ext/zip/php_zip.c') diff --git a/ext/zip/php_zip.c b/ext/zip/php_zip.c index 1dd76fcba8..7c17fb983a 100644 --- a/ext/zip/php_zip.c +++ b/ext/zip/php_zip.c @@ -847,7 +847,7 @@ static zval *php_zip_get_property_ptr_ptr(zval *object, zval *member, int type, zend_object_handlers *std_hnd; if (Z_TYPE_P(member) != IS_STRING) { - ZVAL_DUP(&tmp_member, member); + ZVAL_COPY(&tmp_member, member); convert_to_string(&tmp_member); member = &tmp_member; cache_slot = NULL; @@ -881,7 +881,7 @@ static zval *php_zip_read_property(zval *object, zval *member, int type, void ** zend_object_handlers *std_hnd; if (Z_TYPE_P(member) != IS_STRING) { - ZVAL_DUP(&tmp_member, member); + ZVAL_COPY(&tmp_member, member); convert_to_string(&tmp_member); member = &tmp_member; cache_slot = NULL; @@ -920,7 +920,7 @@ static int php_zip_has_property(zval *object, zval *member, int type, void **cac int retval = 0; if (Z_TYPE_P(member) != IS_STRING) { - ZVAL_DUP(&tmp_member, member); + ZVAL_COPY(&tmp_member, member); convert_to_string(&tmp_member); member = &tmp_member; cache_slot = NULL; -- cgit v1.2.1