From 366864483beb92e05b701a72b7a9e18cf37ee71f Mon Sep 17 00:00:00 2001
From: Xuefer <xuefer@gmail.com>
Date: Fri, 22 Apr 2011 07:51:38 +0000
Subject: [PATCH] cacher: fix segv if oplineinfo is used for !__FILE__ !__DIR__

git-svn-id: svn://svn.lighttpd.net/xcache/trunk@779 c26eb9a1-5813-0410-bd6c-c2e55f420ca7
---
 processor/head.m4      |  4 ++++
 processor/processor.m4 | 33 +++++++++++++++++++++++++++++++++
 2 files changed, 37 insertions(+)

diff --git a/processor/head.m4 b/processor/head.m4
index 9137176..fcf3340 100644
--- a/processor/head.m4
+++ b/processor/head.m4
@@ -72,6 +72,10 @@ struct _xc_processor_t {
 	const zend_class_entry *cache_ce;
 	zend_uint cache_class_index;
 
+#ifndef NDEBUG
+	const zend_op_array    *active_op_array_src;
+	zend_op_array          *active_op_array_dst;
+#endif
 	const zend_op          *active_opcodes_src;
 	zend_op                *active_opcodes_dst;
 	const zend_class_entry *active_class_entry_src;
diff --git a/processor/processor.m4 b/processor/processor.m4
index 318eff8..151c955 100644
--- a/processor/processor.m4
+++ b/processor/processor.m4
@@ -611,7 +611,9 @@ DEF_STRUCT_P_FUNC(`zend_op', , `dnl {{{
 			case ZEND_GOTO:
 #endif
 			case ZEND_JMP:
+				assert(Z_OP(src->op1).jmp_addr > processor->active_opcodes_src && Z_OP(src->op1).jmp_addr - processor->active_opcodes_src < processor->active_op_array_src->last);
 				Z_OP(dst->op1).jmp_addr = processor->active_opcodes_dst + (Z_OP(src->op1).jmp_addr - processor->active_opcodes_src);
+				assert(Z_OP(dst->op1).jmp_addr > processor->active_opcodes_dst && Z_OP(dst->op1).jmp_addr - processor->active_opcodes_dst < processor->active_op_array_dst->last);
 				break;
 
 			case ZEND_JMPZ:
@@ -621,7 +623,9 @@ DEF_STRUCT_P_FUNC(`zend_op', , `dnl {{{
 #ifdef ZEND_JMP_SET
 			case ZEND_JMP_SET:
 #endif
+				assert(Z_OP(src->op2).jmp_addr > processor->active_opcodes_src && Z_OP(src->op2).jmp_addr - processor->active_opcodes_src < processor->active_op_array_src->last);
 				Z_OP(dst->op2).jmp_addr = processor->active_opcodes_dst + (Z_OP(src->op2).jmp_addr - processor->active_opcodes_src);
+				assert(Z_OP(dst->op2).jmp_addr > processor->active_opcodes_dst && Z_OP(dst->op2).jmp_addr - processor->active_opcodes_dst < processor->active_op_array_dst->last);
 				break;
 
 			default:
@@ -667,8 +671,33 @@ DEF_STRUCT_P_FUNC(`zend_op_array', , `dnl {{{
 		IFRESTORE(`dst->filename = processor->entry_src->filepath;')
 #ifndef ZEND_ENGINE_2_4
 		if (op_array_info->oplineinfo_cnt) {
+			zend_op *opline, *end;
 			gc_opcodes = 1;
 			COPY_N_EX(last, zend_op, opcodes)
+
+			for (opline = dst->opcodes, end = opline + src->last; opline < end; ++opline) {
+				switch (opline->opcode) {
+#ifdef ZEND_GOTO
+					case ZEND_GOTO:
+#endif
+					case ZEND_JMP:
+						Z_OP(opline->op1).jmp_addr = dst->opcodes + (Z_OP(opline->op1).jmp_addr - src->opcodes);
+						break;
+
+					case ZEND_JMPZ:
+					case ZEND_JMPNZ:
+					case ZEND_JMPZ_EX:
+					case ZEND_JMPNZ_EX:
+#ifdef ZEND_JMP_SET
+					case ZEND_JMP_SET:
+#endif
+						Z_OP(opline->op2).jmp_addr = dst->opcodes + (Z_OP(opline->op2).jmp_addr - src->opcodes);
+						break;
+
+					default:
+						break;
+				}
+			}
 		}
 #endif
 		if (gc_arg_info || gc_opcodes) {
@@ -742,6 +771,10 @@ DEF_STRUCT_P_FUNC(`zend_op_array', , `dnl {{{
 	IFSTORE(`dst->refcount[0] = 1;')
 
 	pushdef(`AFTER_ALLOC', `IFCOPY(`
+#ifndef NDEBUG
+		processor->active_op_array_dst = dst;
+		processor->active_op_array_src = src;
+#endif
 		processor->active_opcodes_dst = dst->opcodes;
 		processor->active_opcodes_src = src->opcodes;
 	')')