ext/mbstring: Do some clean-up refactoring

[Girgias]

To rebase after #12714 for the _php_mb_ini_mbstring_http_output_set() to make sense.

[nielsdos]

Looks OK.
I made a remark in a previous PR that there could be a subtly behaviour change because of strings containing \0, and I think those should be blocked to make sure we can always use ZSTR_LEN.
Leaving the final decision to Alex however as it's his extension.

[nielsdos]

Strictly speaking, there is an inconsistency here with how you did the previous changes. Previously you changed this to size_t because out_len was size_t. Here you changed it to unsigned int.
unsigned int, or even int, suffices in all cases because the length is limited to 128 anyway. Performance-wise it's hard to predict what these would do. I would expect no difference because it would just use a larger register , albeit with a larger stack spill.

[Girgias]

Strictly speaking, there is an inconsistency here with how you did the previous changes. Previously you changed this to size_t because out_len was size_t. Here you changed it to unsigned int. unsigned int, or even int, suffices in all cases because the length is limited to 128 anyway. Performance-wise it's hard to predict what these would do. I would expect no difference because it would just use a larger register , albeit with a larger stack spill.

Right, I did kinda blindly do those changes. But if those are limited to 128, might as well use an unsigned char then?

[Girgias]

Okay I remember how I got to this inconsistency, I used the type of the from parameter which is unsigned int here. But I wonder if this might not cause issues and that should be of type size_t in the first place?

[nielsdos]

The from variable should probably be of type size_t, otherwise >4GiB strings (okay unlikely, but still) won't work correctly I think.

[alexdowad]

This looks good to me, but I need to investigate a bit more to fully understand the issue with embedded NUL bytes mentioned by @nielsdos.

[Girgias]

This looks good to me, but I need to investigate a bit more to fully understand the issue with embedded NUL bytes mentioned by @nielsdos.

Basically it boils down to a string "utf-8\0blah" would be interpreted as "utf-8" as the null byte terminates a C string.

[alexdowad]

Basically it boils down to a string "utf-8\0blah" would be interpreted as "utf-8" as the null byte terminates a C string.

Sorry for my mental slowness, but does this mean that "utf-8\0blah" would be interpreted as "utf-8" before, or now?

[Girgias]

Basically it boils down to a string "utf-8\0blah" would be interpreted as "utf-8" as the null byte terminates a C string.

Sorry for my mental slowness, but does this mean that "utf-8\0blah" would be interpreted as "utf-8" before, or now?

Before :) as the lengths wasn't passed to the function. Now with the patch it is getting interpreted as "utf-8\0blah" as it will compare the 10 bytes.

[alexdowad]

I suggest a note can be added in UPGRADING about this. Personally I think the BC break is not so big.

[alexdowad]

I suggest a note can be added in UPGRADING about this. Personally I think the BC break is not so big.

Ah, we should also add a test case for this.

[nielsdos]

It's actually quite subtle.
For example for name2encoding.
The function uses hashing and strncasecmp. If we pass ZSTR_LEN to the hashing function then the \0 byte will also be hashed.

Before this PR "utf8\0foo" would be interpreted as "utf8" because it internally used strlen. Then it uses strncasecmp (stops at \0) to compare the string. However now the length and string matching don't agree anymore, which causes the name to never match.
The mime types and aliases all use strncasecmp without hashing so those will match "utf8\0foo" as "utf8".
I would block NUL bytes at the parameter parsing side and avoid these subtle details.

[alexdowad]

@Girgias How would it be if you merge some of the non-controversial commits in this patch series?

[Girgias]

@Girgias How would it be if you merge some of the non-controversial commits in this patch series?

This was my plan, I got distracted with other stuff :/

[alexdowad]

I think 39960e25a6fe0756c4ea5449568210b3f44eedca looks good to land, as long as the tests pass.

[alexdowad]

48bff2b625ee2d5ba06bfd53b8f3bfe54bdcc5f6 also looks good.

[Girgias]

I have merged the two commits @alexdowad

[alexdowad]

I think 8fb651d61764b37c7cb8bdeca6d6f4ad616c74af is good and can be merged. It's just unfortunate that the update of UPGRADING is in a different commit.

[Girgias]

I think 8fb651d61764b37c7cb8bdeca6d6f4ad616c74af is good and can be merged. It's just unfortunate that the update of UPGRADING is in a different commit.

When I merge I will update UPGRADING to be part of the commit :)

[alexdowad]

I think 0048a3623469eb51b9ade358678c7dedc15bfd3d is good now.

Hopefully the unit tests we have are robust enough to catch any bugs. I added a number of tests for mb_strimwidth, though it is always nice to have more...

[alexdowad]

I think 1e94d7941685295a1a1815c3a452ea84b6db50b5 is also good to merge.

[alexdowad]

@Girgias Thanks for working on these refactorings. I wonder how much it is worth to fix up mb_http_output... are we not planning to remove that in a future PHP release? But anyways, if you feel it is worth it, no objection. Again, thanks very much.

[Girgias]

@Girgias Thanks for working on these refactorings. I wonder how much it is worth to fix up mb_http_output... are we not planning to remove that in a future PHP release? But anyways, if you feel it is worth it, no objection. Again, thanks very much.

Is it deprecated? Or is that only the INI setting?

Anyway, I was just trying to finish one of my outstanding PRs :)