archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-15 13:38:49 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Replace memcmp() with zend_string functions (#8216)

Browse source 
* ext/oci8: use zend_string_equals()

Eliminate duplicate code.

* main/php_variables: use zend_string_equals_literal()

Eliminate duplicate code.

* Zend/zend_string: add zend_string_equals_cstr()

Allows eliminating duplicate code.

* Zend, ext/{opcache,standard}, main/output: use zend_string_equals_cstr()

Eliminate duplicate code.

* Zend/zend_string: add zend_string_starts_with()

* ext/{opcache,phar,spl,standard}: use zend_string_starts_with()

This adds missing length checks to several callers, e.g. in
cache_script_in_shared_memory().  This is important when the
zend_string is shorter than the string parameter, when memcmp()
happens to check backwards; this can result in an out-of-bounds memory
access.
This commit is contained in:
Max Kellermann 2022-03-31 16:27:58 +02:00 committed by GitHub
parent 54440fa6eb
commit b9e895bca0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
15 changed files with 44 additions and 48 deletions
Download patch file Download diff file Expand all files Collapse all files

3
main/php_variables.c
View file

@ -702,8 +702,7 @@ static void php_autoglobal_merge(HashTable *dest, HashTable *src)
|| Z_TYPE_P(dest_entry) != IS_ARRAY) {
Z_TRY_ADDREF_P(src_entry);
if (string_key) {
if (!globals_check || ZSTR_LEN(string_key) != sizeof("GLOBALS") - 1
|| memcmp(ZSTR_VAL(string_key), "GLOBALS", sizeof("GLOBALS") - 1)) {
if (!globals_check || !zend_string_equals_literal(string_key, "GLOBALS")) {
zend_hash_update(dest, string_key, src_entry);
} else {
Z_TRY_DELREF_P(src_entry);