The check to prevent extract() overwriting $GLOBALS got broken at some
point - here's a fix:
Index: ext/standard/array.c
===================================================================
--- ext/standard/array.c (revision 305556)
+++ ext/standard/array.c (working copy)
@@ -1389,10 +1389,10 @@
case EXTR_OVERWRITE:
/* GLOBALS protection */
- if (var_exists && var_name_len ==
sizeof("GLOBALS") && !strcmp(var_name, "GLOBALS")) {
+ if (var_exists && var_name_len ==
sizeof("GLOBALS")-1 && !strcmp(var_name, "GLOBALS")) {
break;
}
- if (var_exists && var_name_len ==
sizeof("this") && !strcmp(var_name, "this") && EG(scope) &&
EG(scope)->name_length != 0) {
+ if (var_exists && var_name_len ==
sizeof("this")-1 && !strcmp(var_name, "this") && EG(scope) &&
EG(scope)->name_length != 0) {
break;
}
ZVAL_STRINGL(&final_name, var_name,
var_name_len, 1);
Index: ext/standard/tests/array/extract_safety.phpt
===================================================================
--- ext/standard/tests/array/extract_safety.phpt (revision 0)
+++ ext/standard/tests/array/extract_safety.phpt (revision 0)
@@ -0,0 +1,24 @@
+--TEST--
+Test extract() for overwrite of GLOBALS
+--FILE--
+<?php
+$str = "John";
+debug_zval_dump($GLOBALS["str"]);
+
+/* Extracting Global Variables */
+$splat = array("foo" => "bar");
+var_dump(extract(array("GLOBALS" => $splat, EXTR_OVERWRITE)));
+
+unset ($splat);
+
+debug_zval_dump($GLOBALS["str"]);
+
+echo "\nDone";
+?>
+
+--EXPECTF--
+string(4) "John" refcount(2)
+int(0)
+string(4) "John" refcount(2)
+
+Done
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
