From 0a8f28b43212cc2ddbc1f2df710e37b1bec0addd Mon Sep 17 00:00:00 2001 From: Xinchen Hui Date: Thu, 8 Jan 2015 16:32:20 +0800 Subject: [PATCH] Fixed bug #68677 (Use After Free in OPcache) (cherry picked from commit 777c39f4042327eac4b63c7ee87dc1c7a09a3115) --- ext/opcache/zend_shared_alloc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ext/opcache/zend_shared_alloc.c b/ext/opcache/zend_shared_alloc.c index bbe26e8..8880b88 100644 --- a/ext/opcache/zend_shared_alloc.c +++ b/ext/opcache/zend_shared_alloc.c @@ -346,10 +346,10 @@ void *_zend_shared_memdup(void *source, size_t size, zend_bool free_source TSRML retval = ZCG(mem);; ZCG(mem) = (void*)(((char*)ZCG(mem)) + ZEND_ALIGNED_SIZE(size)); memcpy(retval, source, size); + zend_shared_alloc_register_xlat_entry(source, retval); if (free_source) { interned_efree((char*)source); } - zend_shared_alloc_register_xlat_entry(source, retval); return retval; }