Skip to content

Commit 32b5f8a

Browse files
committed
- Added new parameter parsing option (p - for valid path (string without null byte in the middle))
# The tests will be fixed in the next commits
1 parent a311dc2 commit 32b5f8a

49 files changed

Lines changed: 400 additions & 351 deletions

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

Zend/zend_API.c

Lines changed: 9 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -406,6 +406,7 @@ static char *zend_parse_arg_impl(int arg_num, zval **arg, va_list *va, const cha
406406
}
407407
break;
408408

409+
case 'p':
409410
case 's':
410411
{
411412
char **p = va_arg(*va, char **);
@@ -432,17 +433,23 @@ static char *zend_parse_arg_impl(int arg_num, zval **arg, va_list *va, const cha
432433
}
433434
*p = Z_STRVAL_PP(arg);
434435
*pl = Z_STRLEN_PP(arg);
436+
if (c == 'p' && CHECK_ZVAL_NULL_PATH(*arg)) {
437+
return "valid path";
438+
}
435439
break;
436440

437441
case IS_OBJECT:
438442
if (parse_arg_object_to_string(arg, p, pl, IS_STRING TSRMLS_CC) == SUCCESS) {
443+
if (c == 'p' && CHECK_ZVAL_NULL_PATH(*arg)) {
444+
return "valid path";
445+
}
439446
break;
440447
}
441448

442449
case IS_ARRAY:
443450
case IS_RESOURCE:
444451
default:
445-
return "string";
452+
return c == 's' ? "string" : "valid path";
446453
}
447454
}
448455
break;
@@ -708,7 +715,7 @@ static int zend_parse_va_args(int num_args, const char *type_spec, va_list *va,
708715
case 'z': case 'Z':
709716
case 'C': case 'h':
710717
case 'f': case 'A':
711-
case 'H':
718+
case 'H': case 'p':
712719
max_num_args++;
713720
break;
714721

Zend/zend_API.h

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -526,6 +526,9 @@ END_EXTERN_C()
526526
#define CHECK_ZVAL_STRING_REL(z)
527527
#endif
528528

529+
#define CHECK_ZVAL_NULL_PATH(p) (Z_STRLEN_P(p) != strlen(Z_STRVAL_P(p)))
530+
#define CHECK_NULL_PATH(p, l) (strlen(p) != l)
531+
529532
#define ZVAL_RESOURCE(z, l) do { \
530533
zval *__z = (z); \
531534
Z_LVAL_P(__z) = l; \

Zend/zend_vm_def.h

Lines changed: 52 additions & 44 deletions
Original file line numberDiff line numberDiff line change
@@ -3637,58 +3637,66 @@ ZEND_VM_HANDLER(73, ZEND_INCLUDE_OR_EVAL, CONST|TMP|VAR|CV, ANY)
36373637
inc_filename = &tmp_inc_filename;
36383638
}
36393639

3640-
switch (opline->extended_value) {
3641-
case ZEND_INCLUDE_ONCE:
3642-
case ZEND_REQUIRE_ONCE: {
3643-
zend_file_handle file_handle;
3644-
char *resolved_path;
3645-
3646-
resolved_path = zend_resolve_path(Z_STRVAL_P(inc_filename), Z_STRLEN_P(inc_filename) TSRMLS_CC);
3647-
if (resolved_path) {
3648-
failure_retval = zend_hash_exists(&EG(included_files), resolved_path, strlen(resolved_path)+1);
3649-
} else {
3650-
resolved_path = Z_STRVAL_P(inc_filename);
3651-
}
3640+
if (opline->extended_value != ZEND_EVAL && strlen(Z_STRVAL_P(inc_filename)) != Z_STRLEN_P(inc_filename)) {
3641+
if (opline->extended_value == ZEND_INCLUDE_ONCE || opline->extended_value == ZEND_INCLUDE) {
3642+
zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
3643+
} else {
3644+
zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
3645+
}
3646+
} else {
3647+
switch (opline->extended_value) {
3648+
case ZEND_INCLUDE_ONCE:
3649+
case ZEND_REQUIRE_ONCE: {
3650+
zend_file_handle file_handle;
3651+
char *resolved_path;
3652+
3653+
resolved_path = zend_resolve_path(Z_STRVAL_P(inc_filename), Z_STRLEN_P(inc_filename) TSRMLS_CC);
3654+
if (resolved_path) {
3655+
failure_retval = zend_hash_exists(&EG(included_files), resolved_path, strlen(resolved_path)+1);
3656+
} else {
3657+
resolved_path = Z_STRVAL_P(inc_filename);
3658+
}
36523659

3653-
if (failure_retval) {
3654-
/* do nothing, file already included */
3655-
} else if (SUCCESS == zend_stream_open(resolved_path, &file_handle TSRMLS_CC)) {
3660+
if (failure_retval) {
3661+
/* do nothing, file already included */
3662+
} else if (SUCCESS == zend_stream_open(resolved_path, &file_handle TSRMLS_CC)) {
36563663

3657-
if (!file_handle.opened_path) {
3658-
file_handle.opened_path = estrdup(resolved_path);
3659-
}
3664+
if (!file_handle.opened_path) {
3665+
file_handle.opened_path = estrdup(resolved_path);
3666+
}
36603667

3661-
if (zend_hash_add_empty_element(&EG(included_files), file_handle.opened_path, strlen(file_handle.opened_path)+1)==SUCCESS) {
3662-
new_op_array = zend_compile_file(&file_handle, (opline->extended_value==ZEND_INCLUDE_ONCE?ZEND_INCLUDE:ZEND_REQUIRE) TSRMLS_CC);
3663-
zend_destroy_file_handle(&file_handle TSRMLS_CC);
3668+
if (zend_hash_add_empty_element(&EG(included_files), file_handle.opened_path, strlen(file_handle.opened_path)+1)==SUCCESS) {
3669+
new_op_array = zend_compile_file(&file_handle, (opline->extended_value==ZEND_INCLUDE_ONCE?ZEND_INCLUDE:ZEND_REQUIRE) TSRMLS_CC);
3670+
zend_destroy_file_handle(&file_handle TSRMLS_CC);
3671+
} else {
3672+
zend_file_handle_dtor(&file_handle TSRMLS_CC);
3673+
failure_retval=1;
3674+
}
36643675
} else {
3665-
zend_file_handle_dtor(&file_handle TSRMLS_CC);
3666-
failure_retval=1;
3676+
if (opline->extended_value == ZEND_INCLUDE_ONCE) {
3677+
zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
3678+
} else {
3679+
zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
3680+
}
36673681
}
3668-
} else {
3669-
if (opline->extended_value == ZEND_INCLUDE_ONCE) {
3670-
zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
3671-
} else {
3672-
zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
3682+
if (resolved_path != Z_STRVAL_P(inc_filename)) {
3683+
efree(resolved_path);
36733684
}
36743685
}
3675-
if (resolved_path != Z_STRVAL_P(inc_filename)) {
3676-
efree(resolved_path);
3677-
}
3678-
}
3679-
break;
3680-
case ZEND_INCLUDE:
3681-
case ZEND_REQUIRE:
3682-
new_op_array = compile_filename(opline->extended_value, inc_filename TSRMLS_CC);
3683-
break;
3684-
case ZEND_EVAL: {
3685-
char *eval_desc = zend_make_compiled_string_description("eval()'d code" TSRMLS_CC);
3686+
break;
3687+
case ZEND_INCLUDE:
3688+
case ZEND_REQUIRE:
3689+
new_op_array = compile_filename(opline->extended_value, inc_filename TSRMLS_CC);
3690+
break;
3691+
case ZEND_EVAL: {
3692+
char *eval_desc = zend_make_compiled_string_description("eval()'d code" TSRMLS_CC);
36863693

3687-
new_op_array = zend_compile_string(inc_filename, eval_desc TSRMLS_CC);
3688-
efree(eval_desc);
3689-
}
3690-
break;
3691-
EMPTY_SWITCH_DEFAULT_CASE()
3694+
new_op_array = zend_compile_string(inc_filename, eval_desc TSRMLS_CC);
3695+
efree(eval_desc);
3696+
}
3697+
break;
3698+
EMPTY_SWITCH_DEFAULT_CASE()
3699+
}
36923700
}
36933701
if (inc_filename==&tmp_inc_filename) {
36943702
zval_dtor(&tmp_inc_filename);

0 commit comments

Comments
 (0)