Tree - rpms/rh-php56-php - CentOS Git server

rpms / rh-php56-php

Files

Commit: 4c910285602db9233c0d674e439761c3bf4ea225

Blob Blame History Raw

From 0a8f28b43212cc2ddbc1f2df710e37b1bec0addd Mon Sep 17 00:00:00 2001
From: Xinchen Hui <laruence@php.net>
Date: Thu, 8 Jan 2015 16:32:20 +0800
Subject: [PATCH] Fixed bug #68677 (Use After Free in OPcache)

(cherry picked from commit 777c39f4042327eac4b63c7ee87dc1c7a09a3115)
---
 ext/opcache/zend_shared_alloc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ext/opcache/zend_shared_alloc.c b/ext/opcache/zend_shared_alloc.c
index bbe26e8..8880b88 100644
--- a/ext/opcache/zend_shared_alloc.c
+++ b/ext/opcache/zend_shared_alloc.c
@@ -346,10 +346,10 @@ void *_zend_shared_memdup(void *source, size_t size, zend_bool free_source TSRML
 	retval = ZCG(mem);;
 	ZCG(mem) = (void*)(((char*)ZCG(mem)) + ZEND_ALIGNED_SIZE(size));
 	memcpy(retval, source, size);
+	zend_shared_alloc_register_xlat_entry(source, retval);
 	if (free_source) {
 		interned_efree((char*)source);
 	}
-	zend_shared_alloc_register_xlat_entry(source, retval);
 	return retval;
 }

rpms / rh-php56-php

Source Code

Files