Add missing ZPP checks

kocsismate · nikic · commit 2204dbde3bcd · 2019-11-01T15:26:52.000+01:00
Closes GH-4878.
diff --git a/Zend/tests/bug71221.phpt b/Zend/tests/bug71221.phpt
@@ -2,15 +2,10 @@
 Bug #71221 (Null pointer deref (segfault) in get_defined_vars via ob_start)
 --FILE--
 <?php
-ob_start("get_defined_vars");
-try {
-    ob_end_clean();
-} catch (\Error $e) {
-    echo $e->getMessage();
-}
-?>
-
-OKAY
+register_shutdown_function("get_defined_vars");
 --EXPECT--
-Cannot call get_defined_vars() dynamically
-OKAY
+Fatal error: Uncaught Error: Cannot call get_defined_vars() dynamically in [no active file]:0
+Stack trace:
+#0 [internal function]: get_defined_vars()
+#1 {main}
+  thrown in [no active file] on line 0
diff --git a/Zend/zend_builtin_functions.c b/Zend/zend_builtin_functions.c
@@ -1621,6 +1621,9 @@ ZEND_FUNCTION(get_defined_functions)
 ZEND_FUNCTION(get_defined_vars)
 {
 	zend_array *symbol_table;
+
+	ZEND_PARSE_PARAMETERS_NONE();
+
 	if (zend_forbid_dynamic_call("get_defined_vars()") == FAILURE) {
 		return;
 	}
@@ -1637,6 +1640,8 @@ ZEND_FUNCTION(get_defined_vars)
 #if ZEND_DEBUG && defined(ZTS)
 ZEND_FUNCTION(zend_thread_id)
 {
+	ZEND_PARSE_PARAMETERS_NONE();
+
 	RETURN_LONG((zend_long)tsrm_thread_id());
 }
 #endif
diff --git a/Zend/zend_weakrefs.c b/Zend/zend_weakrefs.c
@@ -152,7 +152,7 @@ ZEND_METHOD(WeakReference, create)
 {
 	zval *referent;
 
-	ZEND_PARSE_PARAMETERS_START_EX(ZEND_PARSE_PARAMS_THROW, 1,1)
+	ZEND_PARSE_PARAMETERS_START(1,1)
 		Z_PARAM_OBJECT(referent)
 	ZEND_PARSE_PARAMETERS_END();
 
@@ -165,8 +165,7 @@ ZEND_METHOD(WeakReference, create)
 
 ZEND_METHOD(WeakReference, get)
 {
-	ZEND_PARSE_PARAMETERS_START_EX(ZEND_PARSE_PARAMS_THROW, 0, 0)
-	ZEND_PARSE_PARAMETERS_END();
+	ZEND_PARSE_PARAMETERS_NONE();
 
 	zend_weakref_get(getThis(), return_value);
 }
diff --git a/ext/date/php_date.c b/ext/date/php_date.c
@@ -2667,6 +2667,8 @@ PHP_METHOD(DateTime, __wakeup)
 	php_date_obj     *dateobj;
 	HashTable        *myht;
 
+	ZEND_PARSE_PARAMETERS_NONE();
+
 	dateobj = Z_PHPDATE_P(object);
 
 	myht = Z_OBJPROP_P(object);
@@ -2703,6 +2705,8 @@ static void zval_from_error_container(zval *z, timelib_error_container *error) /
 */
 PHP_FUNCTION(date_get_last_errors)
 {
+	ZEND_PARSE_PARAMETERS_NONE();
+
 	if (DATEG(last_errors)) {
 		array_init(return_value);
 		zval_from_error_container(return_value, DATEG(last_errors));
@@ -3581,6 +3585,8 @@ PHP_METHOD(DateTimeZone, __wakeup)
 	php_timezone_obj *tzobj;
 	HashTable        *myht;
 
+	ZEND_PARSE_PARAMETERS_NONE();
+
 	tzobj = Z_PHPTIMEZONE_P(object);
 
 	myht = Z_OBJPROP_P(object);
@@ -4064,6 +4070,8 @@ PHP_METHOD(DateInterval, __wakeup)
 	php_interval_obj *intobj;
 	HashTable        *myht;
 
+	ZEND_PARSE_PARAMETERS_NONE();
+
 	intobj = Z_PHPINTERVAL_P(object);
 
 	myht = Z_OBJPROP_P(object);
@@ -4294,7 +4302,7 @@ PHP_METHOD(DatePeriod, __construct)
 			dpobj->end = clone;
 		}
 	}
- 
+
 	if (dpobj->end == NULL && recurrences < 1) {
 		php_error_docref(NULL, E_WARNING, "The recurrence count '%d' is invalid. Needs to be > 0", (int) recurrences);
 	}
@@ -4467,6 +4475,8 @@ PHP_FUNCTION(timezone_version_get)
 {
 	const timelib_tzdb *tzdb;
 
+	ZEND_PARSE_PARAMETERS_NONE();
+
 	tzdb = DATE_TIMEZONEDB;
 	RETURN_STRING(tzdb->version);
 }
@@ -4480,6 +4490,8 @@ PHP_FUNCTION(timezone_abbreviations_list)
 	const timelib_tz_lookup_table *table, *entry;
 	zval                          element, *abbr_array_p, abbr_array;
 
+	ZEND_PARSE_PARAMETERS_NONE();
+
 	table = timelib_timezone_abbreviations_list();
 	array_init(return_value);
 	entry = table;
@@ -4940,6 +4952,8 @@ PHP_METHOD(DatePeriod, __wakeup)
 	php_period_obj   *period_obj;
 	HashTable        *myht;
 
+	ZEND_PARSE_PARAMETERS_NONE();
+
 	period_obj = Z_PHPPERIOD_P(object);
 
 	myht = Z_OBJPROP_P(object);
diff --git a/ext/dom/node.c b/ext/dom/node.c
@@ -1829,6 +1829,10 @@ PHP_METHOD(domnode, getNodePath)
 	dom_object *intern;
 	char *value;
 
+	if (zend_parse_parameters_none() == FAILURE) {
+		return;
+	}
+
 	DOM_GET_THIS_OBJ(nodep, id, xmlNodePtr, intern);
 
 	value = (char *) xmlGetNodePath(nodep);
diff --git a/ext/intl/common/common_error.c b/ext/intl/common/common_error.c
@@ -26,6 +26,10 @@
  */
 PHP_FUNCTION( intl_get_error_code )
 {
+	if (zend_parse_parameters_none() == FAILURE) {
+		return;
+	}
+
 	RETURN_LONG( intl_error_get_code( NULL ) );
 }
 /* }}} */
@@ -35,6 +39,10 @@ PHP_FUNCTION( intl_get_error_code )
  */
 PHP_FUNCTION( intl_get_error_message )
 {
+	if (zend_parse_parameters_none() == FAILURE) {
+		return;
+	}
+
 	RETURN_STR(intl_error_get_message( NULL ));
 }
 /* }}} */
diff --git a/ext/intl/uchar/uchar.c b/ext/intl/uchar/uchar.c
@@ -559,6 +559,9 @@ IC_METHOD(getUnicodeVersion) {
 	UVersionInfo version;
 	int i;
 
+	if (zend_parse_parameters_none() == FAILURE) {
+		return;
+	}
 
 	u_getUnicodeVersion(version);
 	array_init(return_value);
diff --git a/ext/mysqli/mysqli_api.c b/ext/mysqli/mysqli_api.c
@@ -1374,6 +1374,10 @@ PHP_FUNCTION(mysqli_free_result)
    Get MySQL client info */
 PHP_FUNCTION(mysqli_get_client_info)
 {
+	if (zend_parse_parameters_none() == FAILURE) {
+		return;
+	}
+
 	const char * info = mysql_get_client_info();
 	if (info) {
 		RETURN_STRING(info);
@@ -1385,6 +1389,10 @@ PHP_FUNCTION(mysqli_get_client_info)
    Get MySQL client info */
 PHP_FUNCTION(mysqli_get_client_version)
 {
+	if (zend_parse_parameters_none() == FAILURE) {
+		return;
+	}
+
 	RETURN_LONG((zend_long)mysql_get_client_version());
 }
 /* }}} */
@@ -1485,6 +1493,10 @@ void php_mysqli_init(INTERNAL_FUNCTION_PARAMETERS, zend_bool is_method)
 	MYSQLI_RESOURCE *mysqli_resource;
 	MY_MYSQL *mysql;
 
+	if (zend_parse_parameters_none() == FAILURE) {
+		return;
+	}
+
 	if (is_method && (Z_MYSQLI_P(getThis()))->ptr) {
 		return;
 	}
@@ -2619,6 +2631,10 @@ PHP_FUNCTION(mysqli_thread_id)
    Return whether thread safety is given or not */
 PHP_FUNCTION(mysqli_thread_safe)
 {
+	if (zend_parse_parameters_none() == FAILURE) {
+		return;
+	}
+
 	RETURN_BOOL(mysql_thread_safe());
 }
 /* }}} */
diff --git a/ext/mysqli/mysqli_nonapi.c b/ext/mysqli/mysqli_nonapi.c
@@ -390,6 +390,10 @@ PHP_FUNCTION(mysqli_link_construct)
    Returns the numerical value of the error message from last connect command */
 PHP_FUNCTION(mysqli_connect_errno)
 {
+	if (zend_parse_parameters_none() == FAILURE) {
+		return;
+	}
+
 	RETURN_LONG(MyG(error_no));
 }
 /* }}} */
@@ -398,6 +402,10 @@ PHP_FUNCTION(mysqli_connect_errno)
    Returns the text of the error message from previous MySQL operation */
 PHP_FUNCTION(mysqli_connect_error)
 {
+	if (zend_parse_parameters_none() == FAILURE) {
+		return;
+	}
+
 	if (MyG(error_msg)) {
 		RETURN_STRING(MyG(error_msg));
 	} else {
@@ -1268,10 +1276,10 @@ PHP_FUNCTION(mysqli_release_savepoint)
    Returns information about open and cached links */
 PHP_FUNCTION(mysqli_get_links_stats)
 {
-	if (ZEND_NUM_ARGS()) {
-		php_error_docref(NULL, E_WARNING, "no parameters expected");
+	if (zend_parse_parameters_none() == FAILURE) {
 		return;
 	}
+
 	array_init(return_value);
 	add_assoc_long_ex(return_value, "total", sizeof("total") - 1, MyG(num_links));
 	add_assoc_long_ex(return_value, "active_plinks", sizeof("active_plinks") - 1, MyG(num_active_persistent));
diff --git a/ext/mysqli/tests/mysqli_connect_errno.phpt b/ext/mysqli/tests/mysqli_connect_errno.phpt
@@ -14,8 +14,11 @@ require_once('skipifconnectfailure.inc');
 	$link   = NULL;
 
 	// too many parameter
-	if (0 !== ($tmp = @mysqli_connect_errno($link)))
-		printf("[001] Expecting integer/0, got %s/%s\n", gettype($tmp), $tmp);
+	try {
+		mysqli_connect_errno($link);
+	} catch (ArgumentCountError $exception) {
+		print($exception->getMessage() . "\n");
+	}
 
 	if (!$link = my_mysqli_connect($host, $user, $passwd, $db, $port, $socket))
 		printf("[002] Cannot connect to the server using host=%s, user=%s, passwd=***, dbname=%s, port=%s, socket=%s\n",
@@ -37,4 +40,5 @@ require_once('skipifconnectfailure.inc');
 	print "done!";
 ?>
 --EXPECT--
+mysqli_connect_errno() expects exactly 0 parameters, 1 given
 done!
diff --git a/ext/mysqli/tests/mysqli_connect_error.phpt b/ext/mysqli/tests/mysqli_connect_error.phpt
@@ -14,8 +14,11 @@ require_once('skipifconnectfailure.inc');
 	$link   = NULL;
 
 	// too many parameter
-	if (!is_null($tmp = @mysqli_connect_error($link)))
-		printf("[001] Expecting NULL/NULL, got %s/%s\n", gettype($tmp), $tmp);
+	try {
+		mysqli_connect_error($link);
+	} catch (ArgumentCountError $exception) {
+		print($exception->getMessage() . "\n");
+	}
 
 	if (!$link = my_mysqli_connect($host, $user, $passwd, $db, $port, $socket))
 		printf("[002] Cannot connect to the server using host=%s, user=%s, passwd=***, dbname=%s, port=%s, socket=%s\n",
@@ -36,4 +39,5 @@ require_once('skipifconnectfailure.inc');
 	print "done!";
 ?>
 --EXPECT--
+mysqli_connect_error() expects exactly 0 parameters, 1 given
 done!
diff --git a/ext/mysqli/tests/mysqli_pconn_max_links.phpt b/ext/mysqli/tests/mysqli_pconn_max_links.phpt
@@ -59,7 +59,11 @@ mysqli.rollback_on_cached_plink=1
 			mysqli_errno($plink), mysqli_error($plink));
 	}
 
-	var_dump(mysqli_get_links_stats(1));
+	try {
+	    mysqli_get_links_stats(1);
+	} catch (ArgumentCountError $exception) {
+	    echo $exception->getMessage() . "\n";
+	}
 
 	echo "Before pconnect:";
 	var_dump(mysqli_get_links_stats());
@@ -201,9 +205,8 @@ mysqli_query($link, 'DROP USER pcontest');
 
 mysqli_close($link);
 ?>
---EXPECTF--
-Warning: mysqli_get_links_stats(): no parameters expected in %s on line %d
-NULL
+--EXPECT--
+mysqli_get_links_stats() expects exactly 0 parameters, 1 given
 Before pconnect:array(3) {
   ["total"]=>
   int(1)
diff --git a/ext/mysqli/tests/mysqli_report.phpt b/ext/mysqli/tests/mysqli_report.phpt
@@ -267,7 +267,6 @@ require_once('skipifconnectfailure.inc');
 			!mysqli_query($link, 'DELETE FROM test WHERE id > 50', MYSQLI_USE_RESULT))
 		printf("[033] [%d] %s\n", mysqli_errno($link), mysqli_error($link));
 
-	$tmp = mysqli_thread_safe($link);
 	$tmp = mysqli_thread_id($link);
 
 	mysqli_close($link);
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
@@ -6118,6 +6118,10 @@ PHP_FUNCTION(openssl_get_curve_names)
 	size_t i;
 	size_t len = EC_get_builtin_curves(NULL, 0);
 
+	if (zend_parse_parameters_none() == FAILURE) {
+		return;
+	}
+
 	curves = emalloc(sizeof(EC_builtin_curve) * len);
 	if (!EC_get_builtin_curves(curves, len)) {
 		RETURN_FALSE;
diff --git a/ext/pdo/pdo_stmt.c b/ext/pdo/pdo_stmt.c
@@ -1627,6 +1627,8 @@ static PHP_METHOD(PDOStatement, rowCount)
 {
 	PHP_STMT_GET_OBJ;
 
+	ZEND_PARSE_PARAMETERS_NONE();
+
 	RETURN_LONG(stmt->row_count);
 }
 /* }}} */
@@ -2036,6 +2038,8 @@ static PHP_METHOD(PDOStatement, nextRowset)
 {
 	PHP_STMT_GET_OBJ;
 
+	ZEND_PARSE_PARAMETERS_NONE();
+
 	if (!stmt->methods->next_rowset) {
 		pdo_raise_impl_error(stmt->dbh, stmt, "IM001", "driver does not support multiple rowsets");
 		RETURN_FALSE;
@@ -2058,6 +2062,8 @@ static PHP_METHOD(PDOStatement, closeCursor)
 {
 	PHP_STMT_GET_OBJ;
 
+	ZEND_PARSE_PARAMETERS_NONE();
+
 	if (!stmt->methods->cursor_closer) {
 		/* emulate it by fetching and discarding rows */
 		do {
@@ -2091,6 +2097,8 @@ static PHP_METHOD(PDOStatement, closeCursor)
    A utility for internals hackers to debug parameter internals */
 static PHP_METHOD(PDOStatement, debugDumpParams)
 {
+	ZEND_PARSE_PARAMETERS_NONE();
+
 	php_stream *out = php_stream_open_wrapper("php://output", "w", 0, NULL);
 	struct pdo_bound_param_data *param;
 	PHP_STMT_GET_OBJ;
diff --git a/ext/pdo_pgsql/pgsql_driver.c b/ext/pdo_pgsql/pgsql_driver.c
@@ -920,6 +920,8 @@ static PHP_METHOD(PDO, pgsqlLOBCreate)
 	pdo_pgsql_db_handle *H;
 	Oid lfd;
 
+	ZEND_PARSE_PARAMETERS_NONE();
+
 	dbh = Z_PDO_DBH_P(ZEND_THIS);
 	PDO_CONSTRUCT_CHECK;
 	PDO_DBH_CLEAR_ERR();
@@ -1107,6 +1109,8 @@ static PHP_METHOD(PDO, pgsqlGetPid)
 	pdo_dbh_t *dbh;
 	pdo_pgsql_db_handle *H;
 
+	ZEND_PARSE_PARAMETERS_NONE();
+
 	dbh = Z_PDO_DBH_P(ZEND_THIS);
 	PDO_CONSTRUCT_CHECK;
 
diff --git a/ext/session/session.c b/ext/session/session.c

Original file line number	Diff line number	Diff line change
`@@ -1621,6 +1621,9 @@ ZEND_FUNCTION(get_defined_functions)`
`1621`	`1621`	`ZEND_FUNCTION(get_defined_vars)`
`1622`	`1622`	`{`
`1623`	`1623`	`zend_array *symbol_table;`
	`1624`	`+`
	`1625`	`+ ZEND_PARSE_PARAMETERS_NONE();`
	`1626`	`+`
`1624`	`1627`	`if (zend_forbid_dynamic_call("get_defined_vars()") == FAILURE) {`
`1625`	`1628`	`return;`
`1626`	`1629`	`}`
`@@ -1637,6 +1640,8 @@ ZEND_FUNCTION(get_defined_vars)`
`1637`	`1640`	`#if ZEND_DEBUG && defined(ZTS)`
`1638`	`1641`	`ZEND_FUNCTION(zend_thread_id)`
`1639`	`1642`	`{`
	`1643`	`+ ZEND_PARSE_PARAMETERS_NONE();`
	`1644`	`+`
`1640`	`1645`	`RETURN_LONG((zend_long)tsrm_thread_id());`
`1641`	`1646`	`}`
`1642`	`1647`	`#endif`
Original file line number	Diff line number	Diff line change
`@@ -152,7 +152,7 @@ ZEND_METHOD(WeakReference, create)`
`152`	`152`	`{`
`153`	`153`	`zval *referent;`
`154`	`154`
`155`		`- ZEND_PARSE_PARAMETERS_START_EX(ZEND_PARSE_PARAMS_THROW, 1,1)`
	`155`	`+ ZEND_PARSE_PARAMETERS_START(1,1)`
`156`	`156`	`Z_PARAM_OBJECT(referent)`
`157`	`157`	`ZEND_PARSE_PARAMETERS_END();`
`158`	`158`
`@@ -165,8 +165,7 @@ ZEND_METHOD(WeakReference, create)`
`165`	`165`
`166`	`166`	`ZEND_METHOD(WeakReference, get)`
`167`	`167`	`{`
`168`		`- ZEND_PARSE_PARAMETERS_START_EX(ZEND_PARSE_PARAMS_THROW, 0, 0)`
`169`		`- ZEND_PARSE_PARAMETERS_END();`
	`168`	`+ ZEND_PARSE_PARAMETERS_NONE();`
`170`	`169`
`171`	`170`	`zend_weakref_get(getThis(), return_value);`
`172`	`171`	`}`
Original file line number	Diff line number	Diff line change
`@@ -26,6 +26,10 @@`
`26`	`26`	`*/`
`27`	`27`	`PHP_FUNCTION( intl_get_error_code )`
`28`	`28`	`{`
	`29`	`+ if (zend_parse_parameters_none() == FAILURE) {`
	`30`	`+ return;`
	`31`	`+ }`
	`32`	`+`
`29`	`33`	`RETURN_LONG( intl_error_get_code( NULL ) );`
`30`	`34`	`}`
`31`	`35`	`/* }}} */`
`@@ -35,6 +39,10 @@ PHP_FUNCTION( intl_get_error_code )`
`35`	`39`	`*/`
`36`	`40`	`PHP_FUNCTION( intl_get_error_message )`
`37`	`41`	`{`
	`42`	`+ if (zend_parse_parameters_none() == FAILURE) {`
	`43`	`+ return;`
	`44`	`+ }`
	`45`	`+`
`38`	`46`	`RETURN_STR(intl_error_get_message( NULL ));`
`39`	`47`	`}`
`40`	`48`	`/* }}} */`