Hi,
2010/11/19 Joe Orton <jor...@redhat.com>
> The check to prevent extract() overwriting $GLOBALS got broken at some
> point - here's a fix:
>
> Index: ext/standard/array.c
> ===================================================================
> --- ext/standard/array.c (revision 305556)
> +++ ext/standard/array.c (working copy)
> @@ -1389,10 +1389,10 @@
>
> case EXTR_OVERWRITE:
> /* GLOBALS protection */
> - if (var_exists && var_name_len ==
> sizeof("GLOBALS") && !strcmp(var_name, "GLOBALS")) {
> + if (var_exists && var_name_len ==
> sizeof("GLOBALS")-1 && !strcmp(var_name, "GLOBALS")) {
> break;
> }
> - if (var_exists && var_name_len ==
> sizeof("this") && !strcmp(var_name, "this") && EG(scope) &&
> EG(scope)->name_length != 0) {
> + if (var_exists && var_name_len ==
> sizeof("this")-1 && !strcmp(var_name, "this") && EG(scope) &&
> EG(scope)->name_length != 0) {
> break;
> }
> ZVAL_STRINGL(&final_name, var_name,
> var_name_len, 1);
> Index: ext/standard/tests/array/extract_safety.phpt
> ===================================================================
> --- ext/standard/tests/array/extract_safety.phpt (revision 0)
> +++ ext/standard/tests/array/extract_safety.phpt (revision 0)
> @@ -0,0 +1,24 @@
> +--TEST--
> +Test extract() for overwrite of GLOBALS
> +--FILE--
> +<?php
> +$str = "John";
> +debug_zval_dump($GLOBALS["str"]);
> +
> +/* Extracting Global Variables */
> +$splat = array("foo" => "bar");
> +var_dump(extract(array("GLOBALS" => $splat, EXTR_OVERWRITE)));
> +
> +unset ($splat);
> +
> +debug_zval_dump($GLOBALS["str"]);
> +
> +echo "\nDone";
> +?>
> +
> +--EXPECTF--
> +string(4) "John" refcount(2)
> +int(0)
> +string(4) "John" refcount(2)
> +
> +Done
>
> --
> PHP Internals - PHP Runtime Development Mailing List
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
I committed your fix in the 5.2, 5.3 and trunk.
Thanks for the patch!
--
Regards,
Felipe Pena
