diff options
| -rw-r--r-- | ext/simplexml/simplexml.c | 5 | ||||
| -rw-r--r-- | ext/simplexml/tests/bug42369.phpt | 25 |
2 files changed, 30 insertions, 0 deletions
diff --git a/ext/simplexml/simplexml.c b/ext/simplexml/simplexml.c index fce96bbe72..f70efed368 100644 --- a/ext/simplexml/simplexml.c +++ b/ext/simplexml/simplexml.c @@ -1787,6 +1787,11 @@ static int sxe_object_cast(zval *readobj, zval *writeobj, int type TSRMLS_DC) } } + if (readobj == writeobj) { + INIT_PZVAL(writeobj); + zval_dtor(readobj); + } + rv = cast_object(writeobj, type, (char *)contents TSRMLS_CC); if (contents) { diff --git a/ext/simplexml/tests/bug42369.phpt b/ext/simplexml/tests/bug42369.phpt new file mode 100644 index 0000000000..e5df81460d --- /dev/null +++ b/ext/simplexml/tests/bug42369.phpt @@ -0,0 +1,25 @@ +--TEST-- +Bug #42369 (Implicit conversion to string leaks memory) +--SKIPIF-- +<?php if (!extension_loaded('simplexml')) echo 'skip simplexml extension is not loaded'; > +--FILE-- +<?php + $xml = '<?xml version="1.0" encoding="utf-8"?>'; + $x = simplexml_load_string($xml . "<q><x>foo</x></q>"); + + echo 'explicit conversion' . PHP_EOL; + for ($i = 0; $i < 100000; $i++) { + md5(strval($x->x)); + } + + echo 'no conversion' . PHP_EOL; + for ($i = 0; $i < 100000; $i++) { + md5($x->x); + } + + echo 'done' . PHP_EOL; +?> +--EXPECT-- +explicit conversion +no conversion +done
\ No newline at end of file |