From 6efa5a58f622d6f9bf68da3368ac219cd71258a7 Mon Sep 17 00:00:00 2001
From: George Peter Banyard <girgias@php.net>
Date: Thu, 17 Jun 2021 15:02:26 +0100
Subject: [PATCH 1/2] Fix bug #81159: Object to int warning when using an
 object as a string offset

---
 Zend/tests/bug81159.phpt      | 21 +++++++++++++++++++++
 Zend/tests/offset_string.phpt |  2 --
 Zend/zend_execute.c           |  4 ++--
 3 files changed, 23 insertions(+), 4 deletions(-)
 create mode 100644 Zend/tests/bug81159.phpt

diff --git a/Zend/tests/bug81159.phpt b/Zend/tests/bug81159.phpt
new file mode 100644
index 0000000000000..d16deafbf5b93
--- /dev/null
+++ b/Zend/tests/bug81159.phpt
@@ -0,0 +1,21 @@
+--TEST--
+Bug #81159: Object to int warning when using an object as a string offset
+--FILE--
+<?php
+
+$s = 'Hello';
+$o = new stdClass();
+try {
+    $s[$o] = 'A';
+} catch (\Throwable $e) {
+    echo $e->getMessage(), "\n";
+}
+try {
+    var_dump($s[$o]);
+} catch (\Throwable $e) {
+    echo $e->getMessage(), "\n";
+}
+?>
+--EXPECT--
+Cannot access offset of type stdClass on string
+Cannot access offset of type stdClass on string
diff --git a/Zend/tests/offset_string.phpt b/Zend/tests/offset_string.phpt
index f14c63af5de79..a32a682656896 100644
--- a/Zend/tests/offset_string.phpt
+++ b/Zend/tests/offset_string.phpt
@@ -68,8 +68,6 @@ string(1) "i"
 Warning: String offset cast occurred in %s on line %d
 string(1) "S"
 Cannot access offset of type resource on string
-
-Warning: Object of class stdClass could not be converted to int in %s on line %d
 Cannot access offset of type stdClass on string
 Cannot access offset of type array on string
 Done
diff --git a/Zend/zend_execute.c b/Zend/zend_execute.c
index cd2ce042f9b68..9672ef3dc362d 100644
--- a/Zend/zend_execute.c
+++ b/Zend/zend_execute.c
@@ -1399,7 +1399,7 @@ static zend_never_inline zend_long zend_check_string_offset(zval *dim, int type
 				goto try_again;
 			default:
 				zend_illegal_string_offset(dim);
-				break;
+				return 0;
 		}
 
 		offset = zval_get_long_func(dim);
@@ -2401,7 +2401,7 @@ static zend_always_inline void zend_fetch_dimension_address_read(zval *result, z
 					goto try_string_offset;
 				default:
 					zend_illegal_string_offset(dim);
-					break;
+					return;
 			}
 
 			offset = zval_get_long_func(dim);

From c068963d23c7b44b304805f1c532943b0269c8f6 Mon Sep 17 00:00:00 2001
From: George Peter Banyard <girgias@php.net>
Date: Fri, 18 Jun 2021 13:55:54 +0100
Subject: [PATCH 2/2] Review comments

---
 Zend/zend_execute.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/Zend/zend_execute.c b/Zend/zend_execute.c
index 9672ef3dc362d..2bd2297faac30 100644
--- a/Zend/zend_execute.c
+++ b/Zend/zend_execute.c
@@ -1384,7 +1384,7 @@ static zend_never_inline zend_long zend_check_string_offset(zval *dim, int type
 					return offset;
 				}
 				zend_illegal_string_offset(dim);
-				break;
+				return 0;
 			}
 			case IS_UNDEF:
 				ZVAL_UNDEFINED_OP2();
@@ -2384,7 +2384,8 @@ static zend_always_inline void zend_fetch_dimension_address_read(zval *result, z
 						return;
 					}
 					zend_illegal_string_offset(dim);
-					break;
+					ZVAL_NULL(result);
+					return;
 				}
 				case IS_UNDEF:
 					ZVAL_UNDEFINED_OP2();
@@ -2401,6 +2402,7 @@ static zend_always_inline void zend_fetch_dimension_address_read(zval *result, z
 					goto try_string_offset;
 				default:
 					zend_illegal_string_offset(dim);
+					ZVAL_NULL(result);
 					return;
 			}