archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-16 22:18:50 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Make visibilty check in is_callable() to be consistent with zend_std_get_method()

Browse source
This commit is contained in:
Dmitry Stogov 2018-09-13 12:24:59 +03:00
parent 67a75a79ae
commit 72bf2def6b
1 changed files with 16 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

37
Zend/zend_API.c
View file

@ -3097,25 +3097,18 @@ static zend_always_inline int zend_is_callable_check_func(int check_flags, zval
}
}
}
if ((check_flags & IS_CALLABLE_CHECK_NO_ACCESS) == 0 &&
if (!(fcc->function_handler->common.fn_flags & ZEND_ACC_PUBLIC) &&
!(check_flags & IS_CALLABLE_CHECK_NO_ACCESS) &&
(fcc->calling_scope &&
((fcc->object && fcc->calling_scope->__call) ||
(!fcc->object && fcc->calling_scope->__callstatic)))) {
if (fcc->function_handler->op_array.fn_flags & ZEND_ACC_PRIVATE) {
scope = zend_get_executed_scope();
if (!zend_check_private(fcc->function_handler, fcc->object ? fcc->object->ce : scope, lmname)) {
if (fcc->function_handler->common.scope != scope
|| !zend_check_protected(zend_get_function_root_class(fcc->function_handler), scope)) {
retval = 0;
fcc->function_handler = NULL;
goto get_function_via_handler;
}
} else if (fcc->function_handler->common.fn_flags & ZEND_ACC_PROTECTED) {
scope = zend_get_executed_scope();
if (!zend_check_protected(fcc->function_handler->common.scope, scope)) {
retval = 0;
fcc->function_handler = NULL;
goto get_function_via_handler;
}
}
}
} else {
get_function_via_handler:
@ -3200,26 +3193,18 @@ get_function_via_handler:
}
}
}
if (retval && (check_flags & IS_CALLABLE_CHECK_NO_ACCESS) == 0) {
if (fcc->function_handler->op_array.fn_flags & ZEND_ACC_PRIVATE) {
if (retval
&& !(fcc->function_handler->common.fn_flags & ZEND_ACC_PUBLIC)
&& !(check_flags & IS_CALLABLE_CHECK_NO_ACCESS)) {
scope = zend_get_executed_scope();
if (!zend_check_private(fcc->function_handler, fcc->object ? fcc->object->ce : scope, lmname)) {
if (fcc->function_handler->common.scope != scope) {
if ((fcc->function_handler->common.fn_flags & ZEND_ACC_PRIVATE)
|| (!zend_check_protected(zend_get_function_root_class(fcc->function_handler), scope))) {
if (error) {
if (*error) {
efree(*error);
}
zend_spprintf(error, 0, "cannot access private method %s::%s()", ZSTR_VAL(fcc->calling_scope->name), ZSTR_VAL(fcc->function_handler->common.function_name));
}
retval = 0;
}
} else if ((fcc->function_handler->common.fn_flags & ZEND_ACC_PROTECTED)) {
scope = zend_get_executed_scope();
if (!zend_check_protected(fcc->function_handler->common.scope, scope)) {
if (error) {
if (*error) {
efree(*error);
}
zend_spprintf(error, 0, "cannot access protected method %s::%s()", ZSTR_VAL(fcc->calling_scope->name), ZSTR_VAL(fcc->function_handler->common.function_name));
zend_spprintf(error, 0, "cannot access %s method %s::%s()", zend_visibility_string(fcc->function_handler->common.fn_flags), ZSTR_VAL(fcc->calling_scope->name), ZSTR_VAL(fcc->function_handler->common.function_name));
}
retval = 0;
}