From 001ce475ee158cbf020755f1f65aade28caafd73 Mon Sep 17 00:00:00 2001 From: Bob Weinand Date: Sun, 24 Jan 2016 19:55:16 +0100 Subject: [PATCH] Fixed bug #71441 (Typehinted Generator with return in try/finally crashes) --- NEWS | 4 +++- Zend/tests/generators/bug71441.phpt | 29 +++++++++++++++++++++++++++++ Zend/zend_opcode.c | 8 ++++++-- 3 files changed, 38 insertions(+), 3 deletions(-) create mode 100644 Zend/tests/generators/bug71441.phpt diff --git a/NEWS b/NEWS index 0010f31bb384d..65bd694d7b83f 100644 --- a/NEWS +++ b/NEWS @@ -2,7 +2,9 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? ??? 2016 PHP 7.0.4 - +- Core: + . Fixed bug #71441 (Typehinted Generator with return in try/finally crashes). + (Bob) 04 Feb 2016 PHP 7.0.3 diff --git a/Zend/tests/generators/bug71441.phpt b/Zend/tests/generators/bug71441.phpt new file mode 100644 index 0000000000000..3a103888b0558 --- /dev/null +++ b/Zend/tests/generators/bug71441.phpt @@ -0,0 +1,29 @@ +--TEST-- +Bug #71441 (Typehinted Generator with return in try/finally crashes) +--FILE-- +current()); +$gen->send("Success"); +var_dump($gen->getReturn()); + +?> +--EXPECT-- +int(2002) +Ok +string(7) "Success" + diff --git a/Zend/zend_opcode.c b/Zend/zend_opcode.c index dee54ba14cb47..2cf32b9c0a14d 100644 --- a/Zend/zend_opcode.c +++ b/Zend/zend_opcode.c @@ -668,9 +668,13 @@ ZEND_API int pass_two(zend_op_array *op_array) case ZEND_VERIFY_RETURN_TYPE: if (op_array->fn_flags & ZEND_ACC_GENERATOR) { if (opline->op1_type != IS_UNUSED) { - (opline + 1)->op1 = opline->op1; - (opline + 1)->op1_type = opline->op1_type; + zend_op *ret = opline; + do ret++; while (ret->opcode != ZEND_RETURN); + + ret->op1 = opline->op1; + ret->op1_type = opline->op1_type; } + MAKE_NOP(opline); } break;