From 2ab06a5aeca58218070ed6d01c0edc2a739c6fbb Mon Sep 17 00:00:00 2001 From: Saki Takamachi Date: Tue, 24 Sep 2024 21:04:53 +0900 Subject: [PATCH 1/2] Avoid converting objects to strings in operator calculations. --- ext/bcmath/bcmath.c | 2 +- ext/bcmath/tests/gh15968.phpt | 22 ++++++++++++++++++++++ 2 files changed, 23 insertions(+), 1 deletion(-) create mode 100644 ext/bcmath/tests/gh15968.phpt diff --git a/ext/bcmath/bcmath.c b/ext/bcmath/bcmath.c index 374a54704905a..c7c5aeb700fbe 100644 --- a/ext/bcmath/bcmath.c +++ b/ext/bcmath/bcmath.c @@ -1178,7 +1178,7 @@ static zend_result bcmath_number_parse_num(zval *zv, zend_object **obj, zend_str return FAILURE; default: - return zend_parse_arg_str_or_long_slow(zv, str, lval, 1 /* dummy */) ? SUCCESS : FAILURE; + return zend_parse_arg_long_slow(zv, lval, 1 /* dummy */) ? SUCCESS : FAILURE; } } } diff --git a/ext/bcmath/tests/gh15968.phpt b/ext/bcmath/tests/gh15968.phpt new file mode 100644 index 0000000000000..aa91534e7738d --- /dev/null +++ b/ext/bcmath/tests/gh15968.phpt @@ -0,0 +1,22 @@ +--TEST-- +GH-15968 BCMath\Number operators may typecast operand +--EXTENSIONS-- +bcmath +--FILE-- +getMessage(); +} +?> +--EXPECT-- +Unsupported operand types: BcMath\Number + MyString From 323014e7ba0355506762a1f6377160bbf44c9fcb Mon Sep 17 00:00:00 2001 From: Saki Takamachi Date: Tue, 24 Sep 2024 22:33:11 +0900 Subject: [PATCH 2/2] [skip ci] NEWS --- NEWS | 2 ++ 1 file changed, 2 insertions(+) diff --git a/NEWS b/NEWS index c866e22c7fbbd..92bf348a71cb3 100644 --- a/NEWS +++ b/NEWS @@ -6,6 +6,8 @@ PHP NEWS . bcpow() performance improvement. (Jorg Sowa) . ext/bcmath: Check for scale overflow. (SakiTakamachi) . [RFC] ext/bcmath: Added bcdivmod. (SakiTakamachi) + . Fix GH-15968 (Avoid converting objects to strings in operator calculations). + (SakiTakamachi) - Curl: . Added CURLOPT_DEBUGFUNCTION as a Curl option. (Ayesh Karunaratne)