A crash report came into security@ (which needn't have been private) about a segfault in response to trying to compile clearly broken code. https://github.com/php/php-src/pull/2395 is a fix for this, but before I merge it (and check how far back it goes -- my suspicion is 7.0), I'm hoping for some feedback about the approach.
In short: It reduces the footprint for declare values from "any expression" to "number and string literals". This technically could break existing code since right now something like `declare(ticks=array())` is technically valid... even if terrible. An alternate fix (and perhaps something to do in addition to this fix) would be to add a check in zend_compile.c to verify that the value type is ZEND_AST_ZVAL. -Sara -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
