mirror of
https://github.com/php/php-src.git
synced 2025-08-16 05:58:45 +02:00
Merge branch 'PHP-8.2' into PHP-8.3
* PHP-8.2: Fix leak of call->extra_named_params on internal __call
This commit is contained in:
Ilija Tovilo
commit
b7a468cd06
7 changed files with 83 additions and 1 deletions
2
NEWS
2
NEWS
|
|
@ -6,6 +6,8 @@ PHP NEWS
|
|||
. Fixed bug GH-12758 / GH-12768 (Invalid opline in OOM handlers within
|
||||
ZEND_FUNC_GET_ARGS and ZEND_BIND_STATIC). (Florian Engelhardt)
|
||||
. Fix various missing NULL checks. (nielsdos, dstogov)
|
||||
. Fixed bug GH-12835 (Leak of call->extra_named_params on internal __call).
|
||||
(ilutov)
|
||||
|
||||
- FPM:
|
||||
. Fixed bug GH-12705 (Segmentation fault in fpm_status_export_to_zval).
|
||||
|
|
|
|||
|
|
@ -8887,6 +8887,9 @@ ZEND_VM_HANDLER(158, ZEND_CALL_TRAMPOLINE, ANY, ANY, SPEC(OBSERVER))
|
|||
EG(current_execute_data) = call->prev_execute_data;
|
||||
|
||||
zend_vm_stack_free_args(call);
|
||||
if (UNEXPECTED(call_info & ZEND_CALL_HAS_EXTRA_NAMED_PARAMS)) {
|
||||
zend_free_extra_named_params(call->extra_named_params);
|
||||
}
|
||||
if (ret == &retval) {
|
||||
zval_ptr_dtor(ret);
|
||||
}
|
||||
|
|
|
|||
6
Zend/zend_vm_execute.h
generated
6
Zend/zend_vm_execute.h
generated
|
|
@ -3504,6 +3504,9 @@ static ZEND_OPCODE_HANDLER_RET ZEND_FASTCALL ZEND_CALL_TRAMPOLINE_SPEC_HANDLER(Z
|
|||
EG(current_execute_data) = call->prev_execute_data;
|
||||
|
||||
zend_vm_stack_free_args(call);
|
||||
if (UNEXPECTED(call_info & ZEND_CALL_HAS_EXTRA_NAMED_PARAMS)) {
|
||||
zend_free_extra_named_params(call->extra_named_params);
|
||||
}
|
||||
if (ret == &retval) {
|
||||
zval_ptr_dtor(ret);
|
||||
}
|
||||
|
|
@ -3645,6 +3648,9 @@ static ZEND_OPCODE_HANDLER_RET ZEND_FASTCALL ZEND_CALL_TRAMPOLINE_SPEC_OBSERVER_
|
|||
EG(current_execute_data) = call->prev_execute_data;
|
||||
|
||||
zend_vm_stack_free_args(call);
|
||||
if (UNEXPECTED(call_info & ZEND_CALL_HAS_EXTRA_NAMED_PARAMS)) {
|
||||
zend_free_extra_named_params(call->extra_named_params);
|
||||
}
|
||||
if (ret == &retval) {
|
||||
zval_ptr_dtor(ret);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -70,6 +70,7 @@ static zend_class_entry *zend_test_ns2_ns_foo_class;
|
|||
static zend_class_entry *zend_test_unit_enum;
|
||||
static zend_class_entry *zend_test_string_enum;
|
||||
static zend_class_entry *zend_test_int_enum;
|
||||
static zend_class_entry *zend_test_magic_call;
|
||||
static zend_object_handlers zend_test_class_handlers;
|
||||
|
||||
static int le_throwing_resource;
|
||||
|
|
@ -962,6 +963,24 @@ static ZEND_METHOD(ZendTestForbidDynamicCall, callStatic)
|
|||
zend_forbid_dynamic_call();
|
||||
}
|
||||
|
||||
static ZEND_METHOD(_ZendTestMagicCall, __call)
|
||||
{
|
||||
zend_string *name;
|
||||
zval *arguments;
|
||||
|
||||
ZEND_PARSE_PARAMETERS_START(2, 2)
|
||||
Z_PARAM_STR(name)
|
||||
Z_PARAM_ARRAY(arguments)
|
||||
ZEND_PARSE_PARAMETERS_END();
|
||||
|
||||
zval name_zv;
|
||||
ZVAL_STR(&name_zv, name);
|
||||
|
||||
zend_string_addref(name);
|
||||
Z_TRY_ADDREF_P(arguments);
|
||||
RETURN_ARR(zend_new_pair(&name_zv, arguments));
|
||||
}
|
||||
|
||||
PHP_INI_BEGIN()
|
||||
STD_PHP_INI_BOOLEAN("zend_test.replace_zend_execute_ex", "0", PHP_INI_SYSTEM, OnUpdateBool, replace_zend_execute_ex, zend_zend_test_globals, zend_test_globals)
|
||||
STD_PHP_INI_BOOLEAN("zend_test.register_passes", "0", PHP_INI_SYSTEM, OnUpdateBool, register_passes, zend_zend_test_globals, zend_test_globals)
|
||||
|
|
@ -1146,6 +1165,8 @@ PHP_MINIT_FUNCTION(zend_test)
|
|||
zend_test_string_enum = register_class_ZendTestStringEnum();
|
||||
zend_test_int_enum = register_class_ZendTestIntEnum();
|
||||
|
||||
zend_test_magic_call = register_class__ZendTestMagicCall();
|
||||
|
||||
zend_register_functions(NULL, ext_function_legacy, NULL, EG(current_module)->type);
|
||||
|
||||
// Loading via dl() not supported with the observer API
|
||||
|
|
|
|||
|
|
@ -57,6 +57,11 @@ namespace {
|
|||
public function takesUnionType(stdclass|Iterator $arg): void {}
|
||||
}
|
||||
|
||||
class _ZendTestMagicCall
|
||||
{
|
||||
public function __call(string $name, array $args): mixed {}
|
||||
}
|
||||
|
||||
class _ZendTestChildClass extends _ZendTestClass
|
||||
{
|
||||
public function returnsThrowable(): Exception {}
|
||||
|
|
|
|||
24
ext/zend_test/test_arginfo.h
generated
24
ext/zend_test/test_arginfo.h
generated
|
|
@ -1,5 +1,5 @@
|
|||
/* This is a generated file, edit the .stub.php file instead.
|
||||
* Stub hash: 1ac529029c01af5d6698f06c7e5f74b7149ea749 */
|
||||
* Stub hash: 39a14fb061199171b0a0a08b821dabcba516ccf5 */
|
||||
|
||||
ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_zend_test_array_return, 0, 0, IS_ARRAY, 0)
|
||||
ZEND_END_ARG_INFO()
|
||||
|
|
@ -178,6 +178,11 @@ ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_class__ZendTestClass_takesUnionT
|
|||
ZEND_ARG_OBJ_TYPE_MASK(0, arg, stdclass|Iterator, 0, NULL)
|
||||
ZEND_END_ARG_INFO()
|
||||
|
||||
ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_class__ZendTestMagicCall___call, 0, 2, IS_MIXED, 0)
|
||||
ZEND_ARG_TYPE_INFO(0, name, IS_STRING, 0)
|
||||
ZEND_ARG_TYPE_INFO(0, args, IS_ARRAY, 0)
|
||||
ZEND_END_ARG_INFO()
|
||||
|
||||
ZEND_BEGIN_ARG_WITH_RETURN_OBJ_INFO_EX(arginfo_class__ZendTestChildClass_returnsThrowable, 0, 0, Exception, 0)
|
||||
ZEND_END_ARG_INFO()
|
||||
|
||||
|
|
@ -271,6 +276,7 @@ static ZEND_METHOD(_ZendTestClass, returnsStatic);
|
|||
static ZEND_METHOD(_ZendTestClass, returnsThrowable);
|
||||
static ZEND_METHOD(_ZendTestClass, variadicTest);
|
||||
static ZEND_METHOD(_ZendTestClass, takesUnionType);
|
||||
static ZEND_METHOD(_ZendTestMagicCall, __call);
|
||||
static ZEND_METHOD(_ZendTestChildClass, returnsThrowable);
|
||||
static ZEND_METHOD(ZendAttributeTest, testMethod);
|
||||
static ZEND_METHOD(_ZendTestTrait, testMethod);
|
||||
|
|
@ -361,6 +367,12 @@ static const zend_function_entry class__ZendTestClass_methods[] = {
|
|||
};
|
||||
|
||||
|
||||
static const zend_function_entry class__ZendTestMagicCall_methods[] = {
|
||||
ZEND_ME(_ZendTestMagicCall, __call, arginfo_class__ZendTestMagicCall___call, ZEND_ACC_PUBLIC)
|
||||
ZEND_FE_END
|
||||
};
|
||||
|
||||
|
||||
static const zend_function_entry class__ZendTestChildClass_methods[] = {
|
||||
ZEND_ME(_ZendTestChildClass, returnsThrowable, arginfo_class__ZendTestChildClass_returnsThrowable, ZEND_ACC_PUBLIC)
|
||||
ZEND_FE_END
|
||||
|
|
@ -606,6 +618,16 @@ static zend_class_entry *register_class__ZendTestClass(zend_class_entry *class_e
|
|||
return class_entry;
|
||||
}
|
||||
|
||||
static zend_class_entry *register_class__ZendTestMagicCall(void)
|
||||
{
|
||||
zend_class_entry ce, *class_entry;
|
||||
|
||||
INIT_CLASS_ENTRY(ce, "_ZendTestMagicCall", class__ZendTestMagicCall_methods);
|
||||
class_entry = zend_register_internal_class_ex(&ce, NULL);
|
||||
|
||||
return class_entry;
|
||||
}
|
||||
|
||||
static zend_class_entry *register_class__ZendTestChildClass(zend_class_entry *class_entry__ZendTestClass)
|
||||
{
|
||||
zend_class_entry ce, *class_entry;
|
||||
|
|
|
|||
23
ext/zend_test/tests/internal_magic_call.phpt
Normal file
23
ext/zend_test/tests/internal_magic_call.phpt
Normal file
|
|
@ -0,0 +1,23 @@
|
|||
--TEST--
|
||||
GH-12835: call->extra_named_params leaks on internal __call
|
||||
--EXTENSIONS--
|
||||
zend_test
|
||||
--FILE--
|
||||
<?php
|
||||
$obj = new _ZendTestMagicCall;
|
||||
var_dump($obj->test('a', 'b', c: 'c'));
|
||||
?>
|
||||
--EXPECT--
|
||||
array(2) {
|
||||
[0]=>
|
||||
string(4) "test"
|
||||
[1]=>
|
||||
array(3) {
|
||||
[0]=>
|
||||
string(1) "a"
|
||||
[1]=>
|
||||
string(1) "b"
|
||||
["c"]=>
|
||||
string(1) "c"
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue