Skip to content

Commit 9699abb

Browse files
GirgiasGirgias
committed
Fix JIT
1 parent e63c35c commit 9699abb

File tree

2 files changed

+16
-32
lines changed

2 files changed

+16
-32
lines changed

Zend/Optimizer/zend_inference.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4842,7 +4842,7 @@ ZEND_API int zend_may_throw_ex(const zend_op *opline, const zend_ssa_op *ssa_op,
48424842
return 0;
48434843
}
48444844
case ZEND_FETCH_IS:
4845-
return (t2 & (MAY_BE_ARRAY|MAY_BE_OBJECT));
4845+
return (t2 & (MAY_BE_ARRAY|MAY_BE_OBJECT|MAY_BE_STRING));
48464846
case ZEND_ISSET_ISEMPTY_DIM_OBJ:
48474847
return (t1 & MAY_BE_OBJECT) || (t2 & (MAY_BE_ARRAY|MAY_BE_OBJECT));
48484848
case ZEND_FETCH_DIM_IS:

ext/opcache/jit/zend_jit_helpers.c

Lines changed: 15 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -740,6 +740,10 @@ static zend_string* ZEND_FASTCALL zend_jit_fetch_dim_str_r_helper(zend_string *s
740740

741741
if (UNEXPECTED(Z_TYPE_P(dim) != IS_LONG)) {
742742
offset = zend_check_string_offset(dim/*, BP_VAR_R*/);
743+
/* Invalid offset */
744+
if (UNEXPECTED(EG(exception))) {
745+
return NULL;
746+
}
743747
} else {
744748
offset = Z_LVAL_P(dim);
745749
}
@@ -750,32 +754,12 @@ static void ZEND_FASTCALL zend_jit_fetch_dim_str_is_helper(zend_string *str, zva
750754
{
751755
zend_long offset;
752756

753-
try_string_offset:
754757
if (UNEXPECTED(Z_TYPE_P(dim) != IS_LONG)) {
755-
switch (Z_TYPE_P(dim)) {
756-
/* case IS_LONG: */
757-
case IS_STRING:
758-
if (IS_LONG == is_numeric_string(Z_STRVAL_P(dim), Z_STRLEN_P(dim), NULL, NULL, false)) {
759-
break;
760-
}
761-
ZVAL_NULL(result);
762-
return;
763-
case IS_UNDEF:
764-
zend_jit_undefined_op_helper(EG(current_execute_data)->opline->op2.var);
765-
case IS_DOUBLE:
766-
case IS_NULL:
767-
case IS_FALSE:
768-
case IS_TRUE:
769-
break;
770-
case IS_REFERENCE:
771-
dim = Z_REFVAL_P(dim);
772-
goto try_string_offset;
773-
default:
774-
zend_jit_illegal_string_offset(dim);
775-
break;
776-
}
777-
778-
offset = zval_get_long_func(dim, /* is_strict */ false);
758+
offset = zend_check_string_offset(dim/*, BP_VAR_R*/);
759+
/* Invalid offset */
760+
if (UNEXPECTED(EG(exception))) {
761+
return;
762+
}
779763
} else {
780764
offset = Z_LVAL_P(dim);
781765
}
@@ -1286,12 +1270,12 @@ static int ZEND_FASTCALL zend_jit_isset_dim_helper(zval *container, zval *offset
12861270
}
12871271
} else {
12881272
ZVAL_DEREF(offset);
1289-
if (Z_TYPE_P(offset) < IS_STRING /* simple scalar types */
1290-
|| (Z_TYPE_P(offset) == IS_STRING /* or numeric string */
1291-
&& IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, false))) {
1292-
lval = zval_get_long_ex(offset, /* is_strict */ true);
1293-
goto isset_str_offset;
1294-
}
1273+
lval = zend_check_string_offset(offset/*, BP_VAR_R*/);
1274+
/* Illegal offset */
1275+
if (UNEXPECTED(EG(exception) != NULL)) {
1276+
return 0;
1277+
}
1278+
goto isset_str_offset;
12951279
}
12961280
}
12971281
return 0;

0 commit comments

Comments
 (0)