From 6a2621e3a5ba9ece6d1d6a56a5bd886d4c5dece1 Mon Sep 17 00:00:00 2001
From: Dmitry Stogov <dmitry@zend.com>
Date: Wed, 13 Jan 2016 15:06:17 +0300
Subject: [PATCH] Avoid incomplete zend_internal_function initialization.

---
 ext/pdo/pdo_dbh.c | 41 +++++++++++++++++++++--------------------
 1 file changed, 21 insertions(+), 20 deletions(-)

diff --git a/ext/pdo/pdo_dbh.c b/ext/pdo/pdo_dbh.c
index cc6346bf152..886a6723037 100644
--- a/ext/pdo/pdo_dbh.c
+++ b/ext/pdo/pdo_dbh.c
@@ -1274,8 +1274,7 @@ static void cls_method_pdtor(zval *el) /* {{{ */ {
 int pdo_hash_methods(pdo_dbh_object_t *dbh_obj, int kind)
 {
 	const zend_function_entry *funcs;
-	zend_function func;
-	zend_internal_function *ifunc = (zend_internal_function*)&func;
+	zend_internal_function func;
 	size_t namelen;
 	char *lc_name;
 	pdo_dbh_t *dbh = dbh_obj->inner;
@@ -1294,41 +1293,43 @@ int pdo_hash_methods(pdo_dbh_object_t *dbh_obj, int kind)
 	zend_hash_init_ex(dbh->cls_methods[kind], 8, NULL,
 			dbh->is_persistent? cls_method_pdtor : cls_method_dtor, dbh->is_persistent, 0);
 
+	memset(&func, 0, sizeof(func));
+
 	while (funcs->fname) {
-		ifunc->type = ZEND_INTERNAL_FUNCTION;
-		ifunc->handler = funcs->handler;
-		ifunc->function_name = zend_string_init(funcs->fname, strlen(funcs->fname), dbh->is_persistent);
-		ifunc->scope = dbh_obj->std.ce;
-		ifunc->prototype = NULL;
+		func.type = ZEND_INTERNAL_FUNCTION;
+		func.handler = funcs->handler;
+		func.function_name = zend_string_init(funcs->fname, strlen(funcs->fname), dbh->is_persistent);
+		func.scope = dbh_obj->std.ce;
+		func.prototype = NULL;
 		if (funcs->flags) {
-			ifunc->fn_flags = funcs->flags | ZEND_ACC_NEVER_CACHE;
+			func.fn_flags = funcs->flags | ZEND_ACC_NEVER_CACHE;
 		} else {
-			ifunc->fn_flags = ZEND_ACC_PUBLIC | ZEND_ACC_NEVER_CACHE;
+			func.fn_flags = ZEND_ACC_PUBLIC | ZEND_ACC_NEVER_CACHE;
 		}
 		if (funcs->arg_info) {
 			zend_internal_function_info *info = (zend_internal_function_info*)funcs->arg_info;
 
-			ifunc->arg_info = (zend_internal_arg_info*)funcs->arg_info + 1;
-			ifunc->num_args = funcs->num_args;
+			func.arg_info = (zend_internal_arg_info*)funcs->arg_info + 1;
+			func.num_args = funcs->num_args;
 			if (info->required_num_args == -1) {
-				ifunc->required_num_args = funcs->num_args;
+				func.required_num_args = funcs->num_args;
 			} else {
-				ifunc->required_num_args = info->required_num_args;
+				func.required_num_args = info->required_num_args;
 			}
 			if (info->return_reference) {
-				ifunc->fn_flags |= ZEND_ACC_RETURN_REFERENCE;
+				func.fn_flags |= ZEND_ACC_RETURN_REFERENCE;
 			}
 			if (funcs->arg_info[funcs->num_args].is_variadic) {
-				ifunc->fn_flags |= ZEND_ACC_VARIADIC;
+				func.fn_flags |= ZEND_ACC_VARIADIC;
 				/* Don't count the variadic argument */
-				ifunc->num_args--;
+				func.num_args--;
 			}
 		} else {
-			ifunc->arg_info = NULL;
-			ifunc->num_args = 0;
-			ifunc->required_num_args = 0;
+			func.arg_info = NULL;
+			func.num_args = 0;
+			func.required_num_args = 0;
 		}
-		zend_set_function_arg_flags((zend_function*)ifunc);
+		zend_set_function_arg_flags(&func);
 		namelen = strlen(funcs->fname);
 		lc_name = emalloc(namelen+1);
 		zend_str_tolower_copy(lc_name, funcs->fname, namelen);