From 105c1e9896073083fc3f60b6a4a8840da39f8f64 Mon Sep 17 00:00:00 2001
From: Gina Peter Banyard <girgias@php.net>
Date: Thu, 31 Jul 2025 23:57:27 +0100
Subject: [PATCH] tree: use zend_str_has_nul_byte() API (#19336)

---
 Zend/zend_API.h         |  2 +-
 Zend/zend_execute.c     |  4 ++--
 ext/mbstring/mbstring.c |  2 +-
 ext/odbc/php_odbc.c     |  2 +-
 ext/standard/exec.c     | 19 +++++++------------
 ext/standard/filestat.c |  4 ++--
 ext/standard/image.c    |  2 +-
 ext/standard/mail.c     |  2 +-
 ext/xsl/xsltprocessor.c |  6 +++---
 main/main.c             |  2 +-
 10 files changed, 20 insertions(+), 25 deletions(-)

diff --git a/Zend/zend_API.h b/Zend/zend_API.h
index 8ab32a280b0..78a30d630ae 100644
--- a/Zend/zend_API.h
+++ b/Zend/zend_API.h
@@ -2326,7 +2326,7 @@ static zend_always_inline bool zend_parse_arg_string(zval *arg, char **dest, siz
 static zend_always_inline bool zend_parse_arg_path_str(zval *arg, zend_string **dest, bool check_null, uint32_t arg_num)
 {
 	if (!zend_parse_arg_str(arg, dest, check_null, arg_num) ||
-	    (*dest && UNEXPECTED(CHECK_NULL_PATH(ZSTR_VAL(*dest), ZSTR_LEN(*dest))))) {
+	    (*dest && UNEXPECTED(zend_str_has_nul_byte(*dest)))) {
 		return 0;
 	}
 	return 1;
diff --git a/Zend/zend_execute.c b/Zend/zend_execute.c
index 734494d252d..3908299a41c 100644
--- a/Zend/zend_execute.c
+++ b/Zend/zend_execute.c
@@ -5211,7 +5211,7 @@ static zend_never_inline zend_op_array* ZEND_FASTCALL zend_include_or_eval(zval
 					}
 				} else if (UNEXPECTED(EG(exception))) {
 					break;
-				} else if (UNEXPECTED(strlen(ZSTR_VAL(inc_filename)) != ZSTR_LEN(inc_filename))) {
+				} else if (UNEXPECTED(zend_str_has_nul_byte(inc_filename))) {
 					zend_message_dispatcher(
 						(type == ZEND_INCLUDE_ONCE) ?
 							ZMSG_FAILED_INCLUDE_FOPEN : ZMSG_FAILED_REQUIRE_FOPEN,
@@ -5245,7 +5245,7 @@ static zend_never_inline zend_op_array* ZEND_FASTCALL zend_include_or_eval(zval
 			break;
 		case ZEND_INCLUDE:
 		case ZEND_REQUIRE:
-			if (UNEXPECTED(strlen(ZSTR_VAL(inc_filename)) != ZSTR_LEN(inc_filename))) {
+			if (UNEXPECTED(zend_str_has_nul_byte(inc_filename))) {
 				zend_message_dispatcher(
 					(type == ZEND_INCLUDE) ?
 						ZMSG_FAILED_INCLUDE_FOPEN : ZMSG_FAILED_REQUIRE_FOPEN,
diff --git a/ext/mbstring/mbstring.c b/ext/mbstring/mbstring.c
index 9c1759f05db..f4e50fbd7c8 100644
--- a/ext/mbstring/mbstring.c
+++ b/ext/mbstring/mbstring.c
@@ -4506,7 +4506,7 @@ PHP_FUNCTION(mb_send_mail)
 	ZEND_PARSE_PARAMETERS_END();
 
 	if (str_headers) {
-		if (strlen(ZSTR_VAL(str_headers)) != ZSTR_LEN(str_headers)) {
+		if (UNEXPECTED(zend_str_has_nul_byte(str_headers))) {
 			zend_argument_value_error(4, "must not contain any null bytes");
 			RETURN_THROWS();
 		}
diff --git a/ext/odbc/php_odbc.c b/ext/odbc/php_odbc.c
index 4b2cfa955a2..55334fa15b1 100644
--- a/ext/odbc/php_odbc.c
+++ b/ext/odbc/php_odbc.c
@@ -1062,7 +1062,7 @@ PHP_FUNCTION(odbc_execute)
 				ZSTR_VAL(tmpstr)[0] == '\'' &&
 				ZSTR_VAL(tmpstr)[ZSTR_LEN(tmpstr) - 1] == '\'') {
 
-				if (ZSTR_LEN(tmpstr) != strlen(ZSTR_VAL(tmpstr))) {
+				if (UNEXPECTED(zend_str_has_nul_byte(tmpstr))) {
 					odbc_release_params(result, params);
 					RETURN_FALSE;
 				}
diff --git a/ext/standard/exec.c b/ext/standard/exec.c
index ce3e8565ad2..762d8bee13c 100644
--- a/ext/standard/exec.c
+++ b/ext/standard/exec.c
@@ -199,13 +199,12 @@ err:
 
 static void php_exec_ex(INTERNAL_FUNCTION_PARAMETERS, int mode) /* {{{ */
 {
-	char *cmd;
-	size_t cmd_len;
+	zend_string *cmd;
 	zval *ret_code=NULL, *ret_array=NULL;
 	int ret;
 
 	ZEND_PARSE_PARAMETERS_START(1, (mode ? 2 : 3))
-		Z_PARAM_STRING(cmd, cmd_len)
+		Z_PARAM_PATH_STR(cmd)
 		Z_PARAM_OPTIONAL
 		if (!mode) {
 			Z_PARAM_ZVAL(ret_array)
@@ -213,17 +212,13 @@ static void php_exec_ex(INTERNAL_FUNCTION_PARAMETERS, int mode) /* {{{ */
 		Z_PARAM_ZVAL(ret_code)
 	ZEND_PARSE_PARAMETERS_END();
 
-	if (!cmd_len) {
+	if (UNEXPECTED(!ZSTR_LEN(cmd))) {
 		zend_argument_must_not_be_empty_error(1);
 		RETURN_THROWS();
 	}
-	if (strlen(cmd) != cmd_len) {
-		zend_argument_value_error(1, "must not contain any null bytes");
-		RETURN_THROWS();
-	}
 
 	if (!ret_array) {
-		ret = php_exec(mode, cmd, NULL, return_value);
+		ret = php_exec(mode, ZSTR_VAL(cmd), NULL, return_value);
 	} else {
 		if (Z_TYPE_P(Z_REFVAL_P(ret_array)) == IS_ARRAY) {
 			ZVAL_DEREF(ret_array);
@@ -235,7 +230,7 @@ static void php_exec_ex(INTERNAL_FUNCTION_PARAMETERS, int mode) /* {{{ */
 			}
 		}
 
-		ret = php_exec(2, cmd, ret_array, return_value);
+		ret = php_exec(2, ZSTR_VAL(cmd), ret_array, return_value);
 	}
 	if (ret_code) {
 		ZEND_TRY_ASSIGN_REF_LONG(ret_code, ret);
@@ -280,7 +275,7 @@ PHPAPI zend_string *php_escape_shell_cmd(const zend_string *unescaped_cmd)
 	char *p = NULL;
 #endif
 
-	ZEND_ASSERT(ZSTR_LEN(unescaped_cmd) == strlen(ZSTR_VAL(unescaped_cmd)) && "Must be a binary safe string");
+	ZEND_ASSERT(!zend_str_has_nul_byte(unescaped_cmd) && "Must be a binary safe string");
 	size_t l = ZSTR_LEN(unescaped_cmd);
 	const char *str = ZSTR_VAL(unescaped_cmd);
 
@@ -387,7 +382,7 @@ PHPAPI zend_string *php_escape_shell_arg(const zend_string *unescaped_arg)
 	size_t x, y = 0;
 	zend_string *cmd;
 
-	ZEND_ASSERT(ZSTR_LEN(unescaped_arg) == strlen(ZSTR_VAL(unescaped_arg)) && "Must be a binary safe string");
+	ZEND_ASSERT(!zend_str_has_nul_byte(unescaped_arg) && "Must be a binary safe string");
 	size_t l = ZSTR_LEN(unescaped_arg);
 	const char *str = ZSTR_VAL(unescaped_arg);
 
diff --git a/ext/standard/filestat.c b/ext/standard/filestat.c
index 7cb54aa0aca..85c2517ed91 100644
--- a/ext/standard/filestat.c
+++ b/ext/standard/filestat.c
@@ -749,7 +749,7 @@ PHPAPI void php_stat(zend_string *filename, int type, zval *return_value)
 	php_stream_wrapper *wrapper = NULL;
 
 	if (IS_ACCESS_CHECK(type)) {
-		if (!ZSTR_LEN(filename) || CHECK_NULL_PATH(ZSTR_VAL(filename), ZSTR_LEN(filename))) {
+		if (!ZSTR_LEN(filename) || zend_str_has_nul_byte(filename)) {
 			if (ZSTR_LEN(filename) && !IS_EXISTS_CHECK(type)) {
 				php_error_docref(NULL, E_WARNING, "Filename contains null byte");
 			}
@@ -821,7 +821,7 @@ PHPAPI void php_stat(zend_string *filename, int type, zval *return_value)
 		}
 
 		if (!wrapper) {
-			if (!ZSTR_LEN(filename) || CHECK_NULL_PATH(ZSTR_VAL(filename), ZSTR_LEN(filename))) {
+			if (!ZSTR_LEN(filename) || zend_str_has_nul_byte(filename)) {
 				if (ZSTR_LEN(filename) && !IS_EXISTS_CHECK(type)) {
 					php_error_docref(NULL, E_WARNING, "Filename contains null byte");
 				}
diff --git a/ext/standard/image.c b/ext/standard/image.c
index 8556320e671..722f0a1edbd 100644
--- a/ext/standard/image.c
+++ b/ext/standard/image.c
@@ -1618,7 +1618,7 @@ static void php_getimagesize_from_any(INTERNAL_FUNCTION_PARAMETERS, int mode) {
 		Z_PARAM_ZVAL(info)
 	ZEND_PARSE_PARAMETERS_END();
 
-	if (mode == FROM_PATH && CHECK_NULL_PATH(ZSTR_VAL(input), ZSTR_LEN(input))) {
+	if (mode == FROM_PATH && zend_str_has_nul_byte(input)) {
 		zend_argument_value_error(1, "must not contain any null bytes");
 		RETURN_THROWS();
 	}
diff --git a/ext/standard/mail.c b/ext/standard/mail.c
index 41e2a02078e..4263656a515 100644
--- a/ext/standard/mail.c
+++ b/ext/standard/mail.c
@@ -290,7 +290,7 @@ PHP_FUNCTION(mail)
 	ZEND_PARSE_PARAMETERS_END();
 
 	if (headers_str) {
-		if (strlen(ZSTR_VAL(headers_str)) != ZSTR_LEN(headers_str)) {
+		if (UNEXPECTED(zend_str_has_nul_byte(headers_str))) {
 			zend_argument_value_error(4, "must not contain any null bytes");
 			RETURN_THROWS();
 		}
diff --git a/ext/xsl/xsltprocessor.c b/ext/xsl/xsltprocessor.c
index ea0f9232ace..95e2e2e8754 100644
--- a/ext/xsl/xsltprocessor.c
+++ b/ext/xsl/xsltprocessor.c
@@ -609,7 +609,7 @@ PHP_METHOD(XSLTProcessor, setParameter)
 				RETURN_THROWS();
 			}
 
-			if (UNEXPECTED(CHECK_NULL_PATH(ZSTR_VAL(string_key), ZSTR_LEN(string_key)))) {
+			if (UNEXPECTED(zend_str_has_nul_byte(string_key))) {
 				zend_argument_value_error(3, "must not contain keys with any null bytes");
 				RETURN_THROWS();
 			}
@@ -625,7 +625,7 @@ PHP_METHOD(XSLTProcessor, setParameter)
 				RETURN_THROWS();
 			}
 
-			if (UNEXPECTED(CHECK_NULL_PATH(ZSTR_VAL(str), ZSTR_LEN(str)))) {
+			if (UNEXPECTED(zend_str_has_nul_byte(str))) {
 				zend_string_release(str);
 				zend_string_release_ex(ht_key, false);
 				zend_argument_value_error(3, "must not contain values with any null bytes");
@@ -643,7 +643,7 @@ PHP_METHOD(XSLTProcessor, setParameter)
 			RETURN_THROWS();
 		}
 
-		if (UNEXPECTED(CHECK_NULL_PATH(ZSTR_VAL(name), ZSTR_LEN(name)))) {
+		if (UNEXPECTED(zend_str_has_nul_byte(name))) {
 			zend_argument_value_error(2, "must not contain any null bytes");
 			RETURN_THROWS();
 		}
diff --git a/main/main.c b/main/main.c
index e2973f17c24..a1a2da56def 100644
--- a/main/main.c
+++ b/main/main.c
@@ -707,7 +707,7 @@ static PHP_INI_MH(OnUpdateMailLog)
 static PHP_INI_MH(OnChangeMailForceExtra)
 {
 	/* Check that INI setting does not have any nul bytes */
-	if (new_value && ZSTR_LEN(new_value) != strlen(ZSTR_VAL(new_value))) {
+	if (new_value && zend_str_has_nul_byte(new_value)) {
 		/* TODO Emit warning? */
 		return FAILURE;
 	}