closure_call_bind.phpt - OpenGrok history log for /PHP-8.2/Zend/tests/closure_call

Revision		Date	Author	Comments
# 4fcf0db6		27-Aug-2021	Nikita Popov	Fix use after free when rebinding __call closure We would end up freeing the function name twice here, once for the original closure, and once for the rebound one. Rather than f Fix use after free when rebinding __call closure We would end up freeing the function name twice here, once for the original closure, and once for the rebound one. Rather than further special casing the zend_closure_call_magic case, always addref the function_name for internal functions, the same we do for userland functions. To compensate, we need to release the original function name when creating from callable or call frame. Fixes oss-fuzz #37695. show more ...

Revision

Date

Author

Comments

# 4fcf0db6

27-Aug-2021

Nikita Popov

Fix use after free when rebinding __call closure

We would end up freeing the function name twice here, once for
the original closure, and once for the rebound one.

Rather than f

Fix use after free when rebinding __call closure

We would end up freeing the function name twice here, once for
the original closure, and once for the rebound one.

Rather than further special casing the zend_closure_call_magic
case, always addref the function_name for internal functions,
the same we do for userland functions. To compensate, we need to
release the original function name when creating from callable
or call frame.

Fixes oss-fuzz #37695.