Skip to content

Commit

Permalink
Merge branch 'PHP-8.3' into PHP-8.4
Browse files Browse the repository at this point in the history 
* PHP-8.3:
  Fix is_zend_ptr() huge block comparison
  • Loading branch information
@nielsdos
nielsdos committed Nov 26, 2024
2 parents 118ed09 + 02b1056 commit 8fdcd9f
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 2 deletions.
1 change: 1 addition & 0 deletions NEWS
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ PHP NEWS
- Core:
. Fixed bug GH-16344 (setRawValueWithoutLazyInitialization() and
skipLazyInitialization() may change initialized proxy). (Arnaud)
. Fix is_zend_ptr() huge block comparison. (nielsdos)

- DOM:
. Fixed bug GH-16906 (Reloading document can cause UAF in iterator).
Expand Down
4 changes: 2 additions & 2 deletions Zend/zend_alloc.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2617,8 +2617,8 @@ ZEND_API bool is_zend_ptr(const void *ptr)

zend_mm_huge_list *block = AG(mm_heap)->huge_list;
while (block) {
if (ptr >= (void*)block
&& ptr < (void*)((char*)block + block->size)) {
if (ptr >= block->ptr
&& ptr < (void*)((char*)block->ptr + block->size)) {
return 1;
}
block = block->next;
Expand Down

0 comments on commit 8fdcd9f

Please sign in to comment.