archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-16 05:58:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Forbid dynamic calls to scope introspection functions

Browse source 
Per RFC:
https://wiki.php.net/rfc/forbid_dynamic_scope_introspection
This commit is contained in:
Nikita Popov 2016-04-24 23:49:52 +02:00
parent 674297c7e4
commit 91f5940329
16 changed files with 189 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

24
Zend/zend_builtin_functions.c
View file

@ -491,12 +491,16 @@ ZEND_FUNCTION(func_num_args)
{
zend_execute_data *ex = EX(prev_execute_data);
if (!(ZEND_CALL_INFO(ex) & ZEND_CALL_CODE)) {
RETURN_LONG(ZEND_CALL_NUM_ARGS(ex));
} else {
if (ZEND_CALL_INFO(ex) & ZEND_CALL_CODE) {
zend_error(E_WARNING, "func_num_args(): Called from the global scope - no function context");
RETURN_LONG(-1);
}
if (zend_forbid_dynamic_call("func_num_args()") == FAILURE) {
RETURN_LONG(-1);
}
RETURN_LONG(ZEND_CALL_NUM_ARGS(ex));
}
/* }}} */
@ -524,6 +528,10 @@ ZEND_FUNCTION(func_get_arg)
RETURN_FALSE;
}
if (zend_forbid_dynamic_call("func_get_arg()") == FAILURE) {
RETURN_FALSE;
}
arg_count = ZEND_CALL_NUM_ARGS(ex);
if ((zend_ulong)requested_offset >= arg_count) {
@ -558,6 +566,10 @@ ZEND_FUNCTION(func_get_args)
RETURN_FALSE;
}
if (zend_forbid_dynamic_call("func_get_args()") == FAILURE) {
RETURN_FALSE;
}
arg_count = ZEND_CALL_NUM_ARGS(ex);
array_init_size(return_value, arg_count);
@ -2024,8 +2036,12 @@ ZEND_FUNCTION(get_defined_functions)
Returns an associative array of names and values of all currently defined variable names (variables in the current scope) */
ZEND_FUNCTION(get_defined_vars)
{
zend_array *symbol_table = zend_rebuild_symbol_table();
zend_array *symbol_table;
if (zend_forbid_dynamic_call("get_defined_vars()") == FAILURE) {
return;
}
symbol_table = zend_rebuild_symbol_table();
if (UNEXPECTED(symbol_table == NULL)) {
return;
}