From 0969a951c6fd8901c7199415e6443a674a5e4154 Mon Sep 17 00:00:00 2001 From: Gina Peter Banyard Date: Sun, 29 Dec 2024 09:48:25 +0000 Subject: [PATCH 1/6] ext/standard: Use zend_string in get_include_path() --- ext/standard/basic_functions.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c index 7212aa6b141f1..5b048239f74be 100644 --- a/ext/standard/basic_functions.c +++ b/ext/standard/basic_functions.c @@ -2088,17 +2088,15 @@ PHP_FUNCTION(set_include_path) /* {{{ Get the current include_path configuration option */ PHP_FUNCTION(get_include_path) { - char *str; - ZEND_PARSE_PARAMETERS_NONE(); - str = zend_ini_string("include_path", sizeof("include_path") - 1, 0); + zend_string *str = zend_ini_str("include_path", sizeof("include_path") - 1, 0); if (str == NULL) { RETURN_FALSE; } - RETURN_STRING(str); + RETURN_STR_COPY(str); } /* }}} */ From 989c8ef4521b2d6193324b793b43c7e11d326501 Mon Sep 17 00:00:00 2001 From: Gina Peter Banyard Date: Sun, 29 Dec 2024 09:54:33 +0000 Subject: [PATCH 2/6] ext/standard: Use zend_string in is_uploaded_file() --- ext/standard/basic_functions.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c index 5b048239f74be..2967a01e73ea3 100644 --- a/ext/standard/basic_functions.c +++ b/ext/standard/basic_functions.c @@ -2329,18 +2329,17 @@ PHP_FUNCTION(unregister_tick_function) /* {{{ Check if file was created by rfc1867 upload */ PHP_FUNCTION(is_uploaded_file) { - char *path; - size_t path_len; + zend_string *path; ZEND_PARSE_PARAMETERS_START(1, 1) - Z_PARAM_PATH(path, path_len) + Z_PARAM_PATH_STR(path) ZEND_PARSE_PARAMETERS_END(); if (!SG(rfc1867_uploaded_files)) { RETURN_FALSE; } - if (zend_hash_str_exists(SG(rfc1867_uploaded_files), path, path_len)) { + if (zend_hash_exists(SG(rfc1867_uploaded_files), path)) { RETURN_TRUE; } else { RETURN_FALSE; From 355a5661357df423b2d93eb5766dbf364394b656 Mon Sep 17 00:00:00 2001 From: Gina Peter Banyard Date: Sun, 29 Dec 2024 09:59:21 +0000 Subject: [PATCH 3/6] ext/standard: Use zend_string in move_uploaded_file() Also check that the initial path does not contain null bytes --- ext/standard/basic_functions.c | 23 +++++++++++------------ 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c index 2967a01e73ea3..9035d63cb44e2 100644 --- a/ext/standard/basic_functions.c +++ b/ext/standard/basic_functions.c @@ -2350,8 +2350,7 @@ PHP_FUNCTION(is_uploaded_file) /* {{{ Move a file if and only if it was created by an upload */ PHP_FUNCTION(move_uploaded_file) { - char *path, *new_path; - size_t path_len, new_path_len; + zend_string *path, *new_path; bool successful = 0; #ifndef PHP_WIN32 @@ -2359,43 +2358,43 @@ PHP_FUNCTION(move_uploaded_file) #endif ZEND_PARSE_PARAMETERS_START(2, 2) - Z_PARAM_STRING(path, path_len) - Z_PARAM_PATH(new_path, new_path_len) + Z_PARAM_PATH_STR(path) + Z_PARAM_PATH_STR(new_path) ZEND_PARSE_PARAMETERS_END(); if (!SG(rfc1867_uploaded_files)) { RETURN_FALSE; } - if (!zend_hash_str_exists(SG(rfc1867_uploaded_files), path, path_len)) { + if (!zend_hash_exists(SG(rfc1867_uploaded_files), path)) { RETURN_FALSE; } - if (php_check_open_basedir(new_path)) { + if (php_check_open_basedir(ZSTR_VAL(new_path))) { RETURN_FALSE; } - if (VCWD_RENAME(path, new_path) == 0) { + if (VCWD_RENAME(ZSTR_VAL(path), ZSTR_VAL(new_path)) == 0) { successful = 1; #ifndef PHP_WIN32 oldmask = umask(077); umask(oldmask); - ret = VCWD_CHMOD(new_path, 0666 & ~oldmask); + ret = VCWD_CHMOD(ZSTR_VAL(new_path), 0666 & ~oldmask); if (ret == -1) { php_error_docref(NULL, E_WARNING, "%s", strerror(errno)); } #endif - } else if (php_copy_file_ex(path, new_path, STREAM_DISABLE_OPEN_BASEDIR) == SUCCESS) { - VCWD_UNLINK(path); + } else if (php_copy_file_ex(ZSTR_VAL(path), ZSTR_VAL(new_path), STREAM_DISABLE_OPEN_BASEDIR) == SUCCESS) { + VCWD_UNLINK(ZSTR_VAL(path)); successful = 1; } if (successful) { - zend_hash_str_del(SG(rfc1867_uploaded_files), path, path_len); + zend_hash_del(SG(rfc1867_uploaded_files), path); } else { - php_error_docref(NULL, E_WARNING, "Unable to move \"%s\" to \"%s\"", path, new_path); + php_error_docref(NULL, E_WARNING, "Unable to move \"%s\" to \"%s\"", ZSTR_VAL(path), ZSTR_VAL(new_path)); } RETURN_BOOL(successful); From c47cfd16e4573710231bc3d912686e1c152fbe74 Mon Sep 17 00:00:00 2001 From: Gina Peter Banyard Date: Sun, 29 Dec 2024 10:03:06 +0000 Subject: [PATCH 4/6] ext/standard: Use zend_string in ini_get_all() --- ext/standard/basic_functions.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c index 9035d63cb44e2..4a3988924c505 100644 --- a/ext/standard/basic_functions.c +++ b/ext/standard/basic_functions.c @@ -1921,8 +1921,8 @@ PHP_FUNCTION(ini_get) /* {{{ Get all configuration options */ PHP_FUNCTION(ini_get_all) { - char *extname = NULL; - size_t extname_len = 0, module_number = 0; + zend_string *extname = NULL; + size_t module_number = 0; zend_module_entry *module; bool details = 1; zend_string *key; @@ -1931,15 +1931,15 @@ PHP_FUNCTION(ini_get_all) ZEND_PARSE_PARAMETERS_START(0, 2) Z_PARAM_OPTIONAL - Z_PARAM_STRING_OR_NULL(extname, extname_len) + Z_PARAM_STR_OR_NULL(extname) Z_PARAM_BOOL(details) ZEND_PARSE_PARAMETERS_END(); zend_ini_sort_entries(); if (extname) { - if ((module = zend_hash_str_find_ptr(&module_registry, extname, extname_len)) == NULL) { - php_error_docref(NULL, E_WARNING, "Extension \"%s\" cannot be found", extname); + if ((module = zend_hash_find_ptr(&module_registry, extname)) == NULL) { + php_error_docref(NULL, E_WARNING, "Extension \"%s\" cannot be found", ZSTR_VAL(extname)); RETURN_FALSE; } module_number = module->module_number; From 9e79e725f16577715136e172ae2dbf78b2fa8158 Mon Sep 17 00:00:00 2001 From: Gina Peter Banyard Date: Sun, 29 Dec 2024 10:09:14 +0000 Subject: [PATCH 5/6] ext/standard: Reuse computed strlen() value in getopt() --- ext/standard/basic_functions.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c index 4a3988924c505..b546474e4e80d 100644 --- a/ext/standard/basic_functions.c +++ b/ext/standard/basic_functions.c @@ -1084,13 +1084,13 @@ PHP_FUNCTION(getopt) } } else { /* other strings */ - if ((args = zend_hash_str_find(Z_ARRVAL_P(return_value), optname, strlen(optname))) != NULL) { + if ((args = zend_hash_str_find(Z_ARRVAL_P(return_value), optname, optname_len)) != NULL) { if (Z_TYPE_P(args) != IS_ARRAY) { convert_to_array(args); } zend_hash_next_index_insert(Z_ARRVAL_P(args), &val); } else { - zend_hash_str_add(Z_ARRVAL_P(return_value), optname, strlen(optname), &val); + zend_hash_str_add(Z_ARRVAL_P(return_value), optname, optname_len, &val); } } From 32f78bd5385111999c97e7775b2d35a2eac3faa4 Mon Sep 17 00:00:00 2001 From: Gina Peter Banyard Date: Sun, 29 Dec 2024 10:11:33 +0000 Subject: [PATCH 6/6] ext/standard: Let is_numeric_str parse the int value for us in getopt() --- ext/standard/basic_functions.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c index b546474e4e80d..b153472c4d17a 100644 --- a/ext/standard/basic_functions.c +++ b/ext/standard/basic_functions.c @@ -1071,16 +1071,16 @@ PHP_FUNCTION(getopt) /* Add this option / argument pair to the result hash. */ optname_len = strlen(optname); - if (!(optname_len > 1 && optname[0] == '0') && is_numeric_string(optname, optname_len, NULL, NULL, 0) == IS_LONG) { + zend_long opt_name_as_long = 0; + if (!(optname_len > 1 && optname[0] == '0') && is_numeric_string(optname, optname_len, &opt_name_as_long, NULL, 0) == IS_LONG) { /* numeric string */ - int optname_int = atoi(optname); - if ((args = zend_hash_index_find(Z_ARRVAL_P(return_value), optname_int)) != NULL) { + if ((args = zend_hash_index_find(Z_ARRVAL_P(return_value), opt_name_as_long)) != NULL) { if (Z_TYPE_P(args) != IS_ARRAY) { convert_to_array(args); } zend_hash_next_index_insert(Z_ARRVAL_P(args), &val); } else { - zend_hash_index_update(Z_ARRVAL_P(return_value), optname_int, &val); + zend_hash_index_update(Z_ARRVAL_P(return_value), opt_name_as_long, &val); } } else { /* other strings */