Fix memory leak

Fixes oss-fuzz #52999

Author: dstogov

Zend/Optimizer/dfa_pass.c

@@ -369,7 +369,9 @@ static bool opline_supports_assign_contraction(
 
 	if ((opline->opcode == ZEND_ASSIGN_OP
 	  || opline->opcode == ZEND_ASSIGN_OBJ
-	  || opline->opcode == ZEND_ASSIGN_DIM)
+	  || opline->opcode == ZEND_ASSIGN_DIM
+	  || opline->opcode == ZEND_ASSIGN_OBJ_OP
+	  || opline->opcode == ZEND_ASSIGN_DIM_OP)
 	 && opline->op1_type == IS_CV
 	 && opline->op1.var == cv_var
 	 && zend_may_throw(opline, &ssa->ops[ssa->vars[src_var].definition], op_array, ssa)) {

ext/opcache/tests/opt/assign_obj_op_001.phpt

@@ -0,0 +1,24 @@
+--TEST--
+ASSIGN_OBJ_OP 001: Incorrect optimization of ASSIGN_OBJ_OP may lead to memory leak
+--INI--
+opcache.enable=1
+opcache.enable_cli=1
+opcache.optimization_level=-1
+--FILE--
+<?php
+function s() {
+    $a .= $a += $y;
+    $a = $a->y *= '';
+}
+s();
+?>
+--EXPECTF--
+Warning: Undefined variable $y in %sassign_obj_op_001.php on line 3
+
+Warning: Undefined variable $a in %sassign_obj_op_001.php on line 3
+
+Fatal error: Uncaught Error: Attempt to assign property "y" on string in %sassign_obj_op_001.php:4
+Stack trace:
+#0 %sassign_obj_op_001.php(6): s()
+#1 {main}
+  thrown in %sassign_obj_op_001.php on line 4