ossfuzz371445205.phpt - OpenGrok history log for /PHP-8.4/Zend/tests/attributes/ossfuzz371445205.phpt

Revision		Date	Author	Comments
# e0b1b693		10-Oct-2024	Niels Dossche <7771979+nielsdos@users.noreply.github.com>	Fix OSS-Fuzz #371445205: Heap-use-after-free in attr_free zend_hash_get_current_key() does not return a string with incremented refcount, so it shouldn't get released. This release cause Fix OSS-Fuzz #371445205: Heap-use-after-free in attr_free zend_hash_get_current_key() does not return a string with incremented refcount, so it shouldn't get released. This release caused a UAF later when the attribute was destroyed. This wasn't noticed earlier because object_init_with_constructor() was only ever tested with interned strings. Closes GH-16349. show more ...

Revision

Date

Author

Comments

# e0b1b693

10-Oct-2024

Niels Dossche <7771979+nielsdos@users.noreply.github.com>

Fix OSS-Fuzz #371445205: Heap-use-after-free in attr_free

zend_hash_get_current_key() does not return a string with incremented
refcount, so it shouldn't get released. This release cause

Fix OSS-Fuzz #371445205: Heap-use-after-free in attr_free

zend_hash_get_current_key() does not return a string with incremented
refcount, so it shouldn't get released. This release caused a UAF later
when the attribute was destroyed. This wasn't noticed earlier because
object_init_with_constructor() was only ever tested with interned
strings.

Closes GH-16349.