File tree Expand file tree Collapse file tree 2 files changed +3
-2
lines changed Expand file tree Collapse file tree 2 files changed +3
-2
lines changed Original file line number Diff line number Diff line change 55- Core:
66 . Fixed bug GH-16344 (setRawValueWithoutLazyInitialization() and
77 skipLazyInitialization() may change initialized proxy). (Arnaud)
8+ . Fix is_zend_ptr() huge block comparison. (nielsdos)
89
910- DOM:
1011 . Fixed bug GH-16906 (Reloading document can cause UAF in iterator).
Original file line number Diff line number Diff line change @@ -2617,8 +2617,8 @@ ZEND_API bool is_zend_ptr(const void *ptr)
26172617
26182618 zend_mm_huge_list * block = AG (mm_heap )-> huge_list ;
26192619 while (block ) {
2620- if (ptr >= ( void * ) block
2621- && ptr < (void * )((char * )block + block -> size )) {
2620+ if (ptr >= block -> ptr
2621+ && ptr < (void * )((char * )block -> ptr + block -> size )) {
26222622 return 1 ;
26232623 }
26242624 block = block -> next ;
You can’t perform that action at this time.
0 commit comments