mirror of
https://github.com/php/php-src.git
synced 2024-09-21 18:07:23 +00:00
4fcf0db649
We would end up freeing the function name twice here, once for the original closure, and once for the rebound one. Rather than further special casing the zend_closure_call_magic case, always addref the function_name for internal functions, the same we do for userland functions. To compensate, we need to release the original function name when creating from callable or call frame. Fixes oss-fuzz #37695.
21 lines
339 B
PHP
21 lines
339 B
PHP
--TEST--
|
|
Calling bindTo() on __call() closure
|
|
--FILE--
|
|
<?php
|
|
|
|
class Foo {
|
|
function __call($name, $args) {
|
|
echo "__call($name)\n";
|
|
}
|
|
}
|
|
|
|
$foo = new Foo;
|
|
$name = "foo";
|
|
Closure::fromCallable([$foo, $name . "bar"])->bindTo(new Foo)();
|
|
$foo->{$name . "bar"}(...)->bindTo(new Foo)();
|
|
|
|
?>
|
|
--EXPECT--
|
|
__call(foobar)
|
|
__call(foobar)
|