archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-16 05:58:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Merge branch 'PHP-8.1'

Browse source 
* PHP-8.1:
  Fix clobering of operand by error handler in assignment to string offset
This commit is contained in:
Dmitry Stogov 2021-12-02 01:22:15 +03:00
commit c8dca00d15
6 changed files with 178 additions and 83 deletions
Download patch file Download diff file Expand all files Collapse all files

16
Zend/tests/str_offset_006.phpt Normal file
View file

@ -0,0 +1,16 @@
--TEST--
string offset 006 indirect string modification by error handler
--FILE--
<?php
set_error_handler(function($code, $msg) {
echo "Err: $msg\n";
$GLOBALS['a']=null;
});
$a[$y]=$a.=($y);
var_dump($a);
?>
--EXPECT--
Err: Undefined variable $y
Err: Undefined variable $y
Err: String offset cast occurred
NULL

16
Zend/tests/str_offset_007.phpt Normal file
View file

@ -0,0 +1,16 @@
--TEST--
string offset 007 indirect string modification by error handler
--FILE--
<?php
set_error_handler(function($code, $msg) {
echo "Err: $msg\n";
$GLOBALS['a']='';
});
$a=['a'];
$a[0][$d]='b';
var_dump($a);
?>
--EXPECT--
Err: Undefined variable $d
Err: String offset cast occurred
string(0) ""

163
Zend/zend_execute.c
View file

@ -1484,45 +1484,41 @@ static zend_never_inline zend_long zend_check_string_offset(zval *dim, int type
zend_long offset;
try_again:
if (UNEXPECTED(Z_TYPE_P(dim) != IS_LONG)) {
switch(Z_TYPE_P(dim)) {
case IS_STRING:
{
bool trailing_data = false;
/* For BC reasons we allow errors so that we can warn on leading numeric string */
if (IS_LONG == is_numeric_string_ex(Z_STRVAL_P(dim), Z_STRLEN_P(dim), &offset, NULL,
/* allow errors */ true, NULL, &trailing_data)) {
if (UNEXPECTED(trailing_data) && type != BP_VAR_UNSET) {
zend_error(E_WARNING, "Illegal string offset \"%s\"", Z_STRVAL_P(dim));
}
return offset;
switch(Z_TYPE_P(dim)) {
case IS_LONG:
return Z_LVAL_P(dim);
case IS_STRING:
{
bool trailing_data = false;
/* For BC reasons we allow errors so that we can warn on leading numeric string */
if (IS_LONG == is_numeric_string_ex(Z_STRVAL_P(dim), Z_STRLEN_P(dim), &offset, NULL,
/* allow errors */ true, NULL, &trailing_data)) {
if (UNEXPECTED(trailing_data) && type != BP_VAR_UNSET) {
zend_error(E_WARNING, "Illegal string offset \"%s\"", Z_STRVAL_P(dim));
}
zend_illegal_string_offset(dim);
return 0;
return offset;
}
case IS_UNDEF:
ZVAL_UNDEFINED_OP2();
ZEND_FALLTHROUGH;
case IS_DOUBLE:
case IS_NULL:
case IS_FALSE:
case IS_TRUE:
zend_error(E_WARNING, "String offset cast occurred");
break;
case IS_REFERENCE:
dim = Z_REFVAL_P(dim);
goto try_again;
default:
zend_illegal_string_offset(dim);
return 0;
zend_illegal_string_offset(dim);
return 0;
}
offset = zval_get_long_func(dim, /* is_strict */ false);
} else {
offset = Z_LVAL_P(dim);
case IS_UNDEF:
ZVAL_UNDEFINED_OP2();
ZEND_FALLTHROUGH;
case IS_DOUBLE:
case IS_NULL:
case IS_FALSE:
case IS_TRUE:
zend_error(E_WARNING, "String offset cast occurred");
break;
case IS_REFERENCE:
dim = Z_REFVAL_P(dim);
goto try_again;
default:
zend_illegal_string_offset(dim);
return 0;
}
return offset;
return zval_get_long_func(dim, /* is_strict */ false);
}
ZEND_API ZEND_COLD void zend_wrong_string_offset_error(void)
@ -1598,17 +1594,43 @@ static zend_never_inline void zend_assign_to_string_offset(zval *str, zval *dim,
zend_uchar c;
size_t string_len;
zend_long offset;
zend_string *s;
offset = zend_check_string_offset(dim, BP_VAR_W EXECUTE_DATA_CC);
/* Illegal offset assignment */
if (UNEXPECTED(EG(exception) != NULL)) {
if (UNEXPECTED(RETURN_VALUE_USED(opline))) {
ZVAL_UNDEF(EX_VAR(opline->result.var));
}
return;
/* separate string */
if (Z_REFCOUNTED_P(str) && Z_REFCOUNT_P(str) == 1) {
s = Z_STR_P(str);
} else {
s = zend_string_init(Z_STRVAL_P(str), Z_STRLEN_P(str), 0);
ZSTR_H(s) = ZSTR_H(Z_STR_P(str));
ZVAL_NEW_STR(str, s);
}
if (offset < -(zend_long)Z_STRLEN_P(str)) {
if (EXPECTED(Z_TYPE_P(dim) == IS_LONG)) {
offset = Z_LVAL_P(dim);
} else {
/* The string may be destroyed while throwing the notice.
* Temporarily increase the refcount to detect this situation. */
if (!(GC_FLAGS(s) & IS_ARRAY_IMMUTABLE)) {
GC_ADDREF(s);
}
offset = zend_check_string_offset(dim, BP_VAR_W EXECUTE_DATA_CC);
if (!(GC_FLAGS(s) & IS_ARRAY_IMMUTABLE) && GC_DELREF(s) == 0) {
zend_string_efree(s);
if (UNEXPECTED(RETURN_VALUE_USED(opline))) {
ZVAL_NULL(EX_VAR(opline->result.var));
}
return;
}
/* Illegal offset assignment */
if (UNEXPECTED(EG(exception) != NULL)) {
if (UNEXPECTED(RETURN_VALUE_USED(opline))) {
ZVAL_UNDEF(EX_VAR(opline->result.var));
}
return;
}
}
if (UNEXPECTED(offset < -(zend_long)ZSTR_LEN(s))) {
/* Error on negative offset */
zend_error(E_WARNING, "Illegal string offset " ZEND_LONG_FMT, offset);
if (UNEXPECTED(RETURN_VALUE_USED(opline))) {
@ -1617,9 +1639,28 @@ static zend_never_inline void zend_assign_to_string_offset(zval *str, zval *dim,
return;
}
if (Z_TYPE_P(value) != IS_STRING) {
if (offset < 0) { /* Handle negative offset */
offset += (zend_long)ZSTR_LEN(s);
}
if (UNEXPECTED(Z_TYPE_P(value) != IS_STRING)) {
/* The string may be destroyed while throwing the notice.
* Temporarily increase the refcount to detect this situation. */
if (!(GC_FLAGS(s) & IS_ARRAY_IMMUTABLE)) {
GC_ADDREF(s);
}
if (UNEXPECTED(Z_TYPE_P(value) == IS_UNDEF)) {
zval_undefined_cv((opline+1)->op1.var EXECUTE_DATA_CC);
}
/* Convert to string, just the time to pick the 1st byte */
zend_string *tmp = zval_try_get_string_func(value);
if (!(GC_FLAGS(s) & IS_ARRAY_IMMUTABLE) && GC_DELREF(s) == 0) {
zend_string_efree(s);
if (UNEXPECTED(RETURN_VALUE_USED(opline))) {
ZVAL_NULL(EX_VAR(opline->result.var));
}
return;
}
if (UNEXPECTED(!tmp)) {
if (UNEXPECTED(RETURN_VALUE_USED(opline))) {
ZVAL_UNDEF(EX_VAR(opline->result.var));
@ -1635,7 +1676,7 @@ static zend_never_inline void zend_assign_to_string_offset(zval *str, zval *dim,
c = (zend_uchar)Z_STRVAL_P(value)[0];
}
if (string_len != 1) {
if (UNEXPECTED(string_len != 1)) {
if (string_len == 0) {
/* Error on empty input string */
zend_throw_error(NULL, "Cannot assign an empty string to a string offset");
@ -1645,24 +1686,34 @@ static zend_never_inline void zend_assign_to_string_offset(zval *str, zval *dim,
return;
}
/* The string may be destroyed while throwing the notice.
* Temporarily increase the refcount to detect this situation. */
if (!(GC_FLAGS(s) & IS_ARRAY_IMMUTABLE)) {
GC_ADDREF(s);
}
zend_error(E_WARNING, "Only the first byte will be assigned to the string offset");
if (!(GC_FLAGS(s) & IS_ARRAY_IMMUTABLE) && GC_DELREF(s) == 0) {
zend_string_efree(s);
if (UNEXPECTED(RETURN_VALUE_USED(opline))) {
ZVAL_NULL(EX_VAR(opline->result.var));
}
return;
}
/* Illegal offset assignment */
if (UNEXPECTED(EG(exception) != NULL)) {
if (UNEXPECTED(RETURN_VALUE_USED(opline))) {
ZVAL_UNDEF(EX_VAR(opline->result.var));
}
return;
}
}
if (offset < 0) { /* Handle negative offset */
offset += (zend_long)Z_STRLEN_P(str);
}
if ((size_t)offset >= Z_STRLEN_P(str)) {
if ((size_t)offset >= ZSTR_LEN(s)) {
/* Extend string if needed */
zend_long old_len = Z_STRLEN_P(str);
ZVAL_NEW_STR(str, zend_string_extend(Z_STR_P(str), (size_t)offset + 1, 0));
zend_long old_len = ZSTR_LEN(s);
ZVAL_NEW_STR(str, zend_string_extend(s, (size_t)offset + 1, 0));
memset(Z_STRVAL_P(str) + old_len, ' ', offset - old_len);
Z_STRVAL_P(str)[offset+1] = 0;
} else if (!Z_REFCOUNTED_P(str)) {
ZVAL_NEW_STR(str, zend_string_init(Z_STRVAL_P(str), Z_STRLEN_P(str), 0));
} else if (Z_REFCOUNT_P(str) > 1) {
Z_DELREF_P(str);
ZVAL_NEW_STR(str, zend_string_init(Z_STRVAL_P(str), Z_STRLEN_P(str), 0));
} else {
zend_string_forget_hash_val(Z_STR_P(str));
}

4
Zend/zend_vm_def.h
View file

@ -2601,8 +2601,8 @@ ZEND_VM_C_LABEL(try_assign_dim_array):
FREE_OP_DATA();
UNDEF_RESULT();
} else {
dim = GET_OP2_ZVAL_PTR(BP_VAR_R);
value = GET_OP_DATA_ZVAL_PTR_DEREF(BP_VAR_R);
dim = GET_OP2_ZVAL_PTR_UNDEF(BP_VAR_R);
value = GET_OP_DATA_ZVAL_PTR_UNDEF(BP_VAR_R);
zend_assign_to_string_offset(object_ptr, dim, value OPLINE_CC EXECUTE_DATA_CC);
FREE_OP_DATA();
}

48
Zend/zend_vm_execute.h
View file

@ -23701,7 +23701,7 @@ try_assign_dim_array:
UNDEF_RESULT();
} else {
dim = RT_CONSTANT(opline, opline->op2);
value = _get_zval_ptr_var_deref((opline+1)->op1.var EXECUTE_DATA_CC);
value = _get_zval_ptr_var((opline+1)->op1.var EXECUTE_DATA_CC);
zend_assign_to_string_offset(object_ptr, dim, value OPLINE_CC EXECUTE_DATA_CC);
zval_ptr_dtor_nogc(EX_VAR((opline+1)->op1.var));
}
@ -23817,7 +23817,7 @@ try_assign_dim_array:
UNDEF_RESULT();
} else {
dim = RT_CONSTANT(opline, opline->op2);
value = _get_zval_ptr_cv_deref_BP_VAR_R((opline+1)->op1.var EXECUTE_DATA_CC);
value = EX_VAR((opline+1)->op1.var);
zend_assign_to_string_offset(object_ptr, dim, value OPLINE_CC EXECUTE_DATA_CC);
}
@ -26259,7 +26259,7 @@ try_assign_dim_array:
UNDEF_RESULT();
} else {
dim = _get_zval_ptr_var(opline->op2.var EXECUTE_DATA_CC);
value = _get_zval_ptr_var_deref((opline+1)->op1.var EXECUTE_DATA_CC);
value = _get_zval_ptr_var((opline+1)->op1.var EXECUTE_DATA_CC);
zend_assign_to_string_offset(object_ptr, dim, value OPLINE_CC EXECUTE_DATA_CC);
zval_ptr_dtor_nogc(EX_VAR((opline+1)->op1.var));
}
@ -26375,7 +26375,7 @@ try_assign_dim_array:
UNDEF_RESULT();
} else {
dim = _get_zval_ptr_var(opline->op2.var EXECUTE_DATA_CC);
value = _get_zval_ptr_cv_deref_BP_VAR_R((opline+1)->op1.var EXECUTE_DATA_CC);
value = EX_VAR((opline+1)->op1.var);
zend_assign_to_string_offset(object_ptr, dim, value OPLINE_CC EXECUTE_DATA_CC);
}
@ -27649,7 +27649,7 @@ try_assign_dim_array:
UNDEF_RESULT();
} else {
dim = NULL;
value = _get_zval_ptr_var_deref((opline+1)->op1.var EXECUTE_DATA_CC);
value = _get_zval_ptr_var((opline+1)->op1.var EXECUTE_DATA_CC);
zend_assign_to_string_offset(object_ptr, dim, value OPLINE_CC EXECUTE_DATA_CC);
zval_ptr_dtor_nogc(EX_VAR((opline+1)->op1.var));
}
@ -27765,7 +27765,7 @@ try_assign_dim_array:
UNDEF_RESULT();
} else {
dim = NULL;
value = _get_zval_ptr_cv_deref_BP_VAR_R((opline+1)->op1.var EXECUTE_DATA_CC);
value = EX_VAR((opline+1)->op1.var);
zend_assign_to_string_offset(object_ptr, dim, value OPLINE_CC EXECUTE_DATA_CC);
}
@ -29949,7 +29949,7 @@ try_assign_dim_array:
UNDEF_RESULT();
} else {
dim = _get_zval_ptr_cv_BP_VAR_R(opline->op2.var EXECUTE_DATA_CC);
dim = EX_VAR(opline->op2.var);
value = RT_CONSTANT((opline+1), (opline+1)->op1);
zend_assign_to_string_offset(object_ptr, dim, value OPLINE_CC EXECUTE_DATA_CC);
@ -30066,7 +30066,7 @@ try_assign_dim_array:
zval_ptr_dtor_nogc(EX_VAR((opline+1)->op1.var));
UNDEF_RESULT();
} else {
dim = _get_zval_ptr_cv_BP_VAR_R(opline->op2.var EXECUTE_DATA_CC);
dim = EX_VAR(opline->op2.var);
value = _get_zval_ptr_tmp((opline+1)->op1.var EXECUTE_DATA_CC);
zend_assign_to_string_offset(object_ptr, dim, value OPLINE_CC EXECUTE_DATA_CC);
zval_ptr_dtor_nogc(EX_VAR((opline+1)->op1.var));
@ -30183,8 +30183,8 @@ try_assign_dim_array:
zval_ptr_dtor_nogc(EX_VAR((opline+1)->op1.var));
UNDEF_RESULT();
} else {
dim = _get_zval_ptr_cv_BP_VAR_R(opline->op2.var EXECUTE_DATA_CC);
value = _get_zval_ptr_var_deref((opline+1)->op1.var EXECUTE_DATA_CC);
dim = EX_VAR(opline->op2.var);
value = _get_zval_ptr_var((opline+1)->op1.var EXECUTE_DATA_CC);
zend_assign_to_string_offset(object_ptr, dim, value OPLINE_CC EXECUTE_DATA_CC);
zval_ptr_dtor_nogc(EX_VAR((opline+1)->op1.var));
}
@ -30299,8 +30299,8 @@ try_assign_dim_array:
UNDEF_RESULT();
} else {
dim = _get_zval_ptr_cv_BP_VAR_R(opline->op2.var EXECUTE_DATA_CC);
value = _get_zval_ptr_cv_deref_BP_VAR_R((opline+1)->op1.var EXECUTE_DATA_CC);
dim = EX_VAR(opline->op2.var);
value = EX_VAR((opline+1)->op1.var);
zend_assign_to_string_offset(object_ptr, dim, value OPLINE_CC EXECUTE_DATA_CC);
}
@ -41123,7 +41123,7 @@ try_assign_dim_array:
UNDEF_RESULT();
} else {
dim = RT_CONSTANT(opline, opline->op2);
value = _get_zval_ptr_var_deref((opline+1)->op1.var EXECUTE_DATA_CC);
value = _get_zval_ptr_var((opline+1)->op1.var EXECUTE_DATA_CC);
zend_assign_to_string_offset(object_ptr, dim, value OPLINE_CC EXECUTE_DATA_CC);
zval_ptr_dtor_nogc(EX_VAR((opline+1)->op1.var));
}
@ -41239,7 +41239,7 @@ try_assign_dim_array:
UNDEF_RESULT();
} else {
dim = RT_CONSTANT(opline, opline->op2);
value = _get_zval_ptr_cv_deref_BP_VAR_R((opline+1)->op1.var EXECUTE_DATA_CC);
value = EX_VAR((opline+1)->op1.var);
zend_assign_to_string_offset(object_ptr, dim, value OPLINE_CC EXECUTE_DATA_CC);
}
@ -44763,7 +44763,7 @@ try_assign_dim_array:
UNDEF_RESULT();
} else {
dim = _get_zval_ptr_var(opline->op2.var EXECUTE_DATA_CC);
value = _get_zval_ptr_var_deref((opline+1)->op1.var EXECUTE_DATA_CC);
value = _get_zval_ptr_var((opline+1)->op1.var EXECUTE_DATA_CC);
zend_assign_to_string_offset(object_ptr, dim, value OPLINE_CC EXECUTE_DATA_CC);
zval_ptr_dtor_nogc(EX_VAR((opline+1)->op1.var));
}
@ -44879,7 +44879,7 @@ try_assign_dim_array:
UNDEF_RESULT();
} else {
dim = _get_zval_ptr_var(opline->op2.var EXECUTE_DATA_CC);
value = _get_zval_ptr_cv_deref_BP_VAR_R((opline+1)->op1.var EXECUTE_DATA_CC);
value = EX_VAR((opline+1)->op1.var);
zend_assign_to_string_offset(object_ptr, dim, value OPLINE_CC EXECUTE_DATA_CC);
}
@ -46600,7 +46600,7 @@ try_assign_dim_array:
UNDEF_RESULT();
} else {
dim = NULL;
value = _get_zval_ptr_var_deref((opline+1)->op1.var EXECUTE_DATA_CC);
value = _get_zval_ptr_var((opline+1)->op1.var EXECUTE_DATA_CC);
zend_assign_to_string_offset(object_ptr, dim, value OPLINE_CC EXECUTE_DATA_CC);
zval_ptr_dtor_nogc(EX_VAR((opline+1)->op1.var));
}
@ -46716,7 +46716,7 @@ try_assign_dim_array:
UNDEF_RESULT();
} else {
dim = NULL;
value = _get_zval_ptr_cv_deref_BP_VAR_R((opline+1)->op1.var EXECUTE_DATA_CC);
value = EX_VAR((opline+1)->op1.var);
zend_assign_to_string_offset(object_ptr, dim, value OPLINE_CC EXECUTE_DATA_CC);
}
@ -49571,7 +49571,7 @@ try_assign_dim_array:
UNDEF_RESULT();
} else {
dim = _get_zval_ptr_cv_BP_VAR_R(opline->op2.var EXECUTE_DATA_CC);
dim = EX_VAR(opline->op2.var);
value = RT_CONSTANT((opline+1), (opline+1)->op1);
zend_assign_to_string_offset(object_ptr, dim, value OPLINE_CC EXECUTE_DATA_CC);
@ -49688,7 +49688,7 @@ try_assign_dim_array:
zval_ptr_dtor_nogc(EX_VAR((opline+1)->op1.var));
UNDEF_RESULT();
} else {
dim = _get_zval_ptr_cv_BP_VAR_R(opline->op2.var EXECUTE_DATA_CC);
dim = EX_VAR(opline->op2.var);
value = _get_zval_ptr_tmp((opline+1)->op1.var EXECUTE_DATA_CC);
zend_assign_to_string_offset(object_ptr, dim, value OPLINE_CC EXECUTE_DATA_CC);
zval_ptr_dtor_nogc(EX_VAR((opline+1)->op1.var));
@ -49805,8 +49805,8 @@ try_assign_dim_array:
zval_ptr_dtor_nogc(EX_VAR((opline+1)->op1.var));
UNDEF_RESULT();
} else {
dim = _get_zval_ptr_cv_BP_VAR_R(opline->op2.var EXECUTE_DATA_CC);
value = _get_zval_ptr_var_deref((opline+1)->op1.var EXECUTE_DATA_CC);
dim = EX_VAR(opline->op2.var);
value = _get_zval_ptr_var((opline+1)->op1.var EXECUTE_DATA_CC);
zend_assign_to_string_offset(object_ptr, dim, value OPLINE_CC EXECUTE_DATA_CC);
zval_ptr_dtor_nogc(EX_VAR((opline+1)->op1.var));
}
@ -49921,8 +49921,8 @@ try_assign_dim_array:
UNDEF_RESULT();
} else {
dim = _get_zval_ptr_cv_BP_VAR_R(opline->op2.var EXECUTE_DATA_CC);
value = _get_zval_ptr_cv_deref_BP_VAR_R((opline+1)->op1.var EXECUTE_DATA_CC);
dim = EX_VAR(opline->op2.var);
value = EX_VAR((opline+1)->op1.var);
zend_assign_to_string_offset(object_ptr, dim, value OPLINE_CC EXECUTE_DATA_CC);
}

14
Zend/zend_vm_gen.php
View file

@ -494,6 +494,17 @@ $op_data_get_zval_ptr = array(
"TMPVARCV" => "???",
);
$op_data_get_zval_ptr_undef = array(
"ANY" => "get_op_data_zval_ptr_undef((opline+1)->op1_type, (opline+1)->op1)",
"TMP" => "_get_zval_ptr_tmp((opline+1)->op1.var EXECUTE_DATA_CC)",
"VAR" => "_get_zval_ptr_var((opline+1)->op1.var EXECUTE_DATA_CC)",
"CONST" => "RT_CONSTANT((opline+1), (opline+1)->op1)",
"UNUSED" => "NULL",
"CV" => "EX_VAR((opline+1)->op1.var)",
"TMPVAR" => "_get_zval_ptr_var((opline+1)->op1.var EXECUTE_DATA_CC)",
"TMPVARCV" => "EX_VAR((opline+1)->op1.var)",
);
$op_data_get_zval_ptr_deref = array(
"ANY" => "get_op_data_zval_ptr_deref_r((opline+1)->op1_type, (opline+1)->op1)",
"TMP" => "_get_zval_ptr_tmp((opline+1)->op1.var EXECUTE_DATA_CC)",
@ -687,7 +698,7 @@ function gen_code($f, $spec, $kind, $code, $op1, $op2, $name, $extra_spec=null)
$op1_get_obj_zval_ptr_ptr_undef, $op2_get_obj_zval_ptr_ptr_undef,
$op1_free_op, $op2_free_op, $op1_free_op_if_var, $op2_free_op_if_var,
$prefix,
$op_data_type, $op_data_get_zval_ptr,
$op_data_type, $op_data_get_zval_ptr, $op_data_get_zval_ptr_undef,
$op_data_get_zval_ptr_deref, $op_data_get_zval_ptr_ptr,
$op_data_free_op;
@ -729,6 +740,7 @@ function gen_code($f, $spec, $kind, $code, $op1, $op2, $name, $extra_spec=null)
"/^#(\s*)elif\s+0\s*&&.*[^\\\\]$/m" => "#\\1elif 0",
"/OP_DATA_TYPE/" => $op_data_type[isset($extra_spec['OP_DATA']) ? $extra_spec['OP_DATA'] : "ANY"],
"/GET_OP_DATA_ZVAL_PTR\(([^)]*)\)/" => $op_data_get_zval_ptr[isset($extra_spec['OP_DATA']) ? $extra_spec['OP_DATA'] : "ANY"],
"/GET_OP_DATA_ZVAL_PTR_UNDEF\(([^)]*)\)/" => $op_data_get_zval_ptr_undef[isset($extra_spec['OP_DATA']) ? $extra_spec['OP_DATA'] : "ANY"],
"/GET_OP_DATA_ZVAL_PTR_DEREF\(([^)]*)\)/" => $op_data_get_zval_ptr_deref[isset($extra_spec['OP_DATA']) ? $extra_spec['OP_DATA'] : "ANY"],
"/GET_OP_DATA_ZVAL_PTR_PTR\(([^)]*)\)/" => $op_data_get_zval_ptr_ptr[isset($extra_spec['OP_DATA']) ? $extra_spec['OP_DATA'] : "ANY"],
"/FREE_OP_DATA\(\)/" => $op_data_free_op[isset($extra_spec['OP_DATA']) ? $extra_spec['OP_DATA'] : "ANY"],