Hi! On 8/7/11 8:24 AM, Rasmus Lerdorf wrote:
True, but the problem here is that name may be free'ed at that point. On line 3355 we have:property_info.name = (char*)name; and then on 3365: if (ce->type == ZEND_USER_CLASS) { efree(property_info.name); } else { free(property_info.name); } property_info.name = interned_name; So property_info.name is set to the interned_name at that point, but the original name char* is pointing to free'd storage which is then used in that hash update.
I don't think it can be. Only non-interned string is freed, and property_info.name = (char*)name is executed only for interned strings.
-- Stanislav Malyshev, Software Architect SugarCRM: http://www.sugarcrm.com/ (408)454-6900 ext. 227 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
