Don't use scope when validating Attribute

This is not safe to do at this point. Even if we made it safe, we'd see inconsistencies due to a partially compiled class. Fixes oss-fuzz #28129.
2025-08-15 21:48:51 +02:00 · 2020-12-01 11:49:27 +01:00 · 2020-12-01 11:49:27 +01:00 · f06afc434a
commit f06afc434a
parent 5dfec886d6
2 changed files with 13 additions and 1 deletions
--- a/Zend/tests/attributes/032_attribute_validation_scope.phpt
+++ b/Zend/tests/attributes/032_attribute_validation_scope.phpt
@ -0,0 +1,9 @@
+--TEST--
+Validation for "Attribute" does not use a scope when evaluating constant ASTs
+--FILE--
+<?php
+#[Attribute(parent::x)]
+class x extends y {}
+?>
+--EXPECTF--
+Fatal error: Cannot access "parent" when no class scope is active in %s on line %d
--- a/Zend/zend_attributes.c
+++ b/Zend/zend_attributes.c
@ -33,7 +33,10 @@ void validate_attribute(zend_attribute *attr, uint32_t target, zend_class_entry
 	if (attr->argc > 0) {
 		zval flags;

-		if (FAILURE == zend_get_attribute_value(&flags, attr, 0, scope)) {
+		/* As this is run in the middle of compilation, fetch the attribute value without
+		 * specifying a scope. The class is not fully linked yet, and we may seen an
+		 * inconsistent state. */
+		if (FAILURE == zend_get_attribute_value(&flags, attr, 0, NULL)) {
 			return;
 		}