diff options
| author | Reeze Xia <reeze@php.net> | 2015-03-03 16:27:35 +0800 |
|---|---|---|
| committer | Reeze Xia <reeze@php.net> | 2015-03-03 16:27:35 +0800 |
| commit | 6cb3b941df1a0390a1e1c2de1c001fc6df8e955e (patch) | |
| tree | b012036215639cea1d96c1f3a4b219b65f4b8d07 | |
| parent | f353162ca2f33baf79cd77d7aa05693b03b121d8 (diff) | |
| parent | 304fb7a3d6adbf08fee7e27f4da4e2bd0ef09c48 (diff) | |
| download | php-git-6cb3b941df1a0390a1e1c2de1c001fc6df8e955e.tar.gz | |
Merge branch 'PHP-5.5' into PHP-5.6
* PHP-5.5:
Improve fix for bug 67741
Added type checks
Added type checks
| -rw-r--r-- | ext/soap/php_encoding.c | 30 | ||||
| -rw-r--r-- | ext/soap/php_http.c | 23 | ||||
| -rw-r--r-- | ext/soap/soap.c | 47 | ||||
| -rw-r--r-- | main/main.c | 22 |
4 files changed, 76 insertions, 46 deletions
diff --git a/ext/soap/php_encoding.c b/ext/soap/php_encoding.c index 032e17beec..dd557a7950 100644 --- a/ext/soap/php_encoding.c +++ b/ext/soap/php_encoding.c @@ -402,12 +402,15 @@ static xmlNodePtr master_to_xml_int(encodePtr encode, zval *data, int style, xml encodePtr enc = NULL; HashTable *ht = Z_OBJPROP_P(data); - if (zend_hash_find(ht, "enc_type", sizeof("enc_type"), (void **)&ztype) == FAILURE) { + if (zend_hash_find(ht, "enc_type", sizeof("enc_type"), (void **)&ztype) == FAILURE || + Z_TYPE_PP(ztype) != IS_LONG) { soap_error0(E_ERROR, "Encoding: SoapVar has no 'enc_type' property"); } - if (zend_hash_find(ht, "enc_stype", sizeof("enc_stype"), (void **)&zstype) == SUCCESS) { - if (zend_hash_find(ht, "enc_ns", sizeof("enc_ns"), (void **)&zns) == SUCCESS) { + if (zend_hash_find(ht, "enc_stype", sizeof("enc_stype"), (void **)&zstype) == SUCCESS && + Z_TYPE_PP(zstype) == IS_STRING) { + if (zend_hash_find(ht, "enc_ns", sizeof("enc_ns"), (void **)&zns) == SUCCESS && + Z_TYPE_PP(zns) == IS_STRING) { enc = get_encoder(SOAP_GLOBAL(sdl), Z_STRVAL_PP(zns), Z_STRVAL_PP(zstype)); } else { zns = NULL; @@ -443,8 +446,10 @@ static xmlNodePtr master_to_xml_int(encodePtr encode, zval *data, int style, xml } if (style == SOAP_ENCODED || (SOAP_GLOBAL(sdl) && encode != enc)) { - if (zend_hash_find(ht, "enc_stype", sizeof("enc_stype"), (void **)&zstype) == SUCCESS) { - if (zend_hash_find(ht, "enc_ns", sizeof("enc_ns"), (void **)&zns) == SUCCESS) { + if (zend_hash_find(ht, "enc_stype", sizeof("enc_stype"), (void **)&zstype) == SUCCESS && + Z_TYPE_PP(zstype) == IS_STRING) { + if (zend_hash_find(ht, "enc_ns", sizeof("enc_ns"), (void **)&zns) == SUCCESS && + Z_TYPE_PP(zns) == IS_STRING) { set_ns_and_type_ex(node, Z_STRVAL_PP(zns), Z_STRVAL_PP(zstype)); } else { set_ns_and_type_ex(node, NULL, Z_STRVAL_PP(zstype)); @@ -452,10 +457,12 @@ static xmlNodePtr master_to_xml_int(encodePtr encode, zval *data, int style, xml } } - if (zend_hash_find(ht, "enc_name", sizeof("enc_name"), (void **)&zname) == SUCCESS) { + if (zend_hash_find(ht, "enc_name", sizeof("enc_name"), (void **)&zname) == SUCCESS && + Z_TYPE_PP(zname) == IS_STRING) { xmlNodeSetName(node, BAD_CAST(Z_STRVAL_PP(zname))); } - if (zend_hash_find(ht, "enc_namens", sizeof("enc_namens"), (void **)&znamens) == SUCCESS) { + if (zend_hash_find(ht, "enc_namens", sizeof("enc_namens"), (void **)&znamens) == SUCCESS && + Z_TYPE_PP(zname) == IS_STRING) { xmlNsPtr nsp = encode_add_ns(node, Z_STRVAL_PP(znamens)); xmlSetNs(node, nsp); } @@ -3638,18 +3645,21 @@ static encodePtr get_array_type(xmlNodePtr node, zval *array, smart_str *type TS Z_OBJCE_PP(tmp) == soap_var_class_entry) { zval **ztype; - if (zend_hash_find(Z_OBJPROP_PP(tmp), "enc_type", sizeof("enc_type"), (void **)&ztype) == FAILURE) { + if (zend_hash_find(Z_OBJPROP_PP(tmp), "enc_type", sizeof("enc_type"), (void **)&ztype) == FAILURE || + Z_TYPE_PP(ztype) != IS_LONG) { soap_error0(E_ERROR, "Encoding: SoapVar has no 'enc_type' property"); } cur_type = Z_LVAL_PP(ztype); - if (zend_hash_find(Z_OBJPROP_PP(tmp), "enc_stype", sizeof("enc_stype"), (void **)&ztype) == SUCCESS) { + if (zend_hash_find(Z_OBJPROP_PP(tmp), "enc_stype", sizeof("enc_stype"), (void **)&ztype) == SUCCESS && + Z_TYPE_PP(ztype) == IS_STRING) { cur_stype = Z_STRVAL_PP(ztype); } else { cur_stype = NULL; } - if (zend_hash_find(Z_OBJPROP_PP(tmp), "enc_ns", sizeof("enc_ns"), (void **)&ztype) == SUCCESS) { + if (zend_hash_find(Z_OBJPROP_PP(tmp), "enc_ns", sizeof("enc_ns"), (void **)&ztype) == SUCCESS && + Z_TYPE_PP(ztype) == IS_STRING) { cur_ns = Z_STRVAL_PP(ztype); } else { cur_ns = NULL; diff --git a/ext/soap/php_http.c b/ext/soap/php_http.c index 41b73514eb..2045162367 100644 --- a/ext/soap/php_http.c +++ b/ext/soap/php_http.c @@ -36,14 +36,16 @@ int proxy_authentication(zval* this_ptr, smart_str* soap_headers TSRMLS_DC) { zval **login, **password; - if (zend_hash_find(Z_OBJPROP_P(this_ptr), "_proxy_login", sizeof("_proxy_login"), (void **)&login) == SUCCESS) { + if (zend_hash_find(Z_OBJPROP_P(this_ptr), "_proxy_login", sizeof("_proxy_login"), (void **)&login) == SUCCESS && + Z_TYPE_PP(login) == IS_STRING) { unsigned char* buf; int len; smart_str auth = {0}; smart_str_appendl(&auth, Z_STRVAL_PP(login), Z_STRLEN_PP(login)); smart_str_appendc(&auth, ':'); - if (zend_hash_find(Z_OBJPROP_P(this_ptr), "_proxy_password", sizeof("_proxy_password"), (void **)&password) == SUCCESS) { + if (zend_hash_find(Z_OBJPROP_P(this_ptr), "_proxy_password", sizeof("_proxy_password"), (void **)&password) == SUCCESS && + Z_TYPE_PP(password) == IS_STRING) { smart_str_appendl(&auth, Z_STRVAL_PP(password), Z_STRLEN_PP(password)); } smart_str_0(&auth); @@ -64,14 +66,16 @@ int basic_authentication(zval* this_ptr, smart_str* soap_headers TSRMLS_DC) zval **login, **password; if (zend_hash_find(Z_OBJPROP_P(this_ptr), "_login", sizeof("_login"), (void **)&login) == SUCCESS && - !zend_hash_exists(Z_OBJPROP_P(this_ptr), "_digest", sizeof("_digest"))) { + Z_TYPE_PP(login) == IS_STRING && + !zend_hash_exists(Z_OBJPROP_P(this_ptr), "_digest", sizeof("_digest"))) { unsigned char* buf; int len; smart_str auth = {0}; smart_str_appendl(&auth, Z_STRVAL_PP(login), Z_STRLEN_PP(login)); smart_str_appendc(&auth, ':'); - if (zend_hash_find(Z_OBJPROP_P(this_ptr), "_password", sizeof("_password"), (void **)&password) == SUCCESS) { + if (zend_hash_find(Z_OBJPROP_P(this_ptr), "_password", sizeof("_password"), (void **)&password) == SUCCESS && + Z_TYPE_PP(password) == IS_STRING) { smart_str_appendl(&auth, Z_STRVAL_PP(password), Z_STRLEN_PP(password)); } smart_str_0(&auth); @@ -571,6 +575,7 @@ try_again: } if (!http_1_1 || (zend_hash_find(Z_OBJPROP_P(this_ptr), "_keep_alive", sizeof("_keep_alive"), (void **)&tmp) == SUCCESS && + (Z_TYPE_PP(tmp) == IS_BOOL || Z_TYPE_PP(tmp) == IS_LONG) && Z_LVAL_PP(tmp) == 0)) { smart_str_append_const(&soap_headers, "\r\n" "Connection: close\r\n"); @@ -804,7 +809,8 @@ try_again: } /* Send cookies along with request */ - if (zend_hash_find(Z_OBJPROP_P(this_ptr), "_cookies", sizeof("_cookies"), (void **)&cookies) == SUCCESS) { + if (zend_hash_find(Z_OBJPROP_P(this_ptr), "_cookies", sizeof("_cookies"), (void **)&cookies) == SUCCESS && + Z_TYPE_PP(cookies) == IS_ARRAY) { zval **data; char *key; uint key_len; @@ -848,7 +854,7 @@ try_again: smart_str_append_const(&soap_headers, "\r\n"); smart_str_0(&soap_headers); if (zend_hash_find(Z_OBJPROP_P(this_ptr), "trace", sizeof("trace"), (void **) &trace) == SUCCESS && - Z_LVAL_PP(trace) > 0) { + (Z_TYPE_PP(trace) == IS_BOOL || Z_TYPE_PP(trace) == IS_LONG) && Z_LVAL_PP(trace) != 0) { add_property_stringl(this_ptr, "__last_request_headers", soap_headers.c, soap_headers.len, 1); } smart_str_appendl(&soap_headers, request, request_size); @@ -893,7 +899,7 @@ try_again: } if (zend_hash_find(Z_OBJPROP_P(this_ptr), "trace", sizeof("trace"), (void **) &trace) == SUCCESS && - Z_LVAL_PP(trace) > 0) { + (Z_TYPE_PP(trace) == IS_BOOL || Z_TYPE_PP(trace) == IS_LONG) && Z_LVAL_PP(trace) != 0) { add_property_stringl(this_ptr, "__last_response_headers", http_headers, http_header_size, 1); } @@ -942,7 +948,8 @@ try_again: char *eqpos, *sempos; zval **cookies; - if (zend_hash_find(Z_OBJPROP_P(this_ptr), "_cookies", sizeof("_cookies"), (void **)&cookies) == FAILURE) { + if (zend_hash_find(Z_OBJPROP_P(this_ptr), "_cookies", sizeof("_cookies"), (void **)&cookies) == FAILURE || + Z_TYPE_PP(cookies) != IS_ARRAY) { zval *tmp_cookies; MAKE_STD_ZVAL(tmp_cookies); array_init(tmp_cookies); diff --git a/ext/soap/soap.c b/ext/soap/soap.c index 6f56216aa3..697dc9c21c 100644 --- a/ext/soap/soap.c +++ b/ext/soap/soap.c @@ -2563,7 +2563,7 @@ static int do_request(zval *this_ptr, xmlDoc *request, char *location, char *act } if (zend_hash_find(Z_OBJPROP_P(this_ptr), "trace", sizeof("trace"), (void **) &trace) == SUCCESS && - Z_TYPE_PP(trace) == IS_LONG && Z_LVAL_PP(trace) > 0) { + (Z_LVAL_PP(trace) == IS_BOOL || Z_LVAL_PP(trace) == IS_LONG) && Z_LVAL_PP(trace) != 0) { add_property_stringl(this_ptr, "__last_request", buf, buf_size, 1); } @@ -2598,7 +2598,7 @@ static int do_request(zval *this_ptr, xmlDoc *request, char *location, char *act } ret = FALSE; } else if (zend_hash_find(Z_OBJPROP_P(this_ptr), "trace", sizeof("trace"), (void **) &trace) == SUCCESS && - Z_TYPE_PP(trace) == IS_LONG && Z_LVAL_PP(trace) > 0) { + (Z_LVAL_PP(trace) == IS_BOOL || Z_LVAL_PP(trace) == IS_LONG) && Z_LVAL_PP(trace) != 0) { add_property_stringl(this_ptr, "__last_response", Z_STRVAL_P(response), Z_STRLEN_P(response), 1); } zval_ptr_dtor(¶ms[4]); @@ -2642,13 +2642,13 @@ static void do_soap_call(zval* this_ptr, SOAP_CLIENT_BEGIN_CODE(); - if (zend_hash_find(Z_OBJPROP_P(this_ptr), "trace", sizeof("trace"), (void **) &trace) == SUCCESS - && Z_LVAL_PP(trace) > 0) { + if (zend_hash_find(Z_OBJPROP_P(this_ptr), "trace", sizeof("trace"), (void **) &trace) == SUCCESS && + (Z_LVAL_PP(trace) == IS_BOOL || Z_LVAL_PP(trace) == IS_LONG) && Z_LVAL_PP(trace) != 0) { zend_hash_del(Z_OBJPROP_P(this_ptr), "__last_request", sizeof("__last_request")); zend_hash_del(Z_OBJPROP_P(this_ptr), "__last_response", sizeof("__last_response")); } - if (zend_hash_find(Z_OBJPROP_P(this_ptr), "_soap_version", sizeof("_soap_version"), (void **) &tmp) == SUCCESS - && Z_LVAL_PP(tmp) == SOAP_1_2) { + if (zend_hash_find(Z_OBJPROP_P(this_ptr), "_soap_version", sizeof("_soap_version"), (void **) &tmp) == SUCCESS && + Z_TYPE_PP(tmp) == IS_LONG && Z_LVAL_PP(tmp) == SOAP_1_2) { soap_version = SOAP_1_2; } else { soap_version = SOAP_1_1; @@ -2745,7 +2745,7 @@ static void do_soap_call(zval* this_ptr, zval **uri; smart_str action = {0}; - if (zend_hash_find(Z_OBJPROP_P(this_ptr), "uri", sizeof("uri"), (void *)&uri) == FAILURE) { + if (zend_hash_find(Z_OBJPROP_P(this_ptr), "uri", sizeof("uri"), (void *)&uri) == FAILURE || Z_TYPE_PP(uri) != IS_STRING) { add_soap_fault(this_ptr, "Client", "Error finding \"uri\" property", NULL, NULL TSRMLS_CC); } else if (location == NULL) { add_soap_fault(this_ptr, "Client", "Error could not find \"location\" property", NULL, NULL TSRMLS_CC); @@ -3024,7 +3024,8 @@ PHP_METHOD(SoapClient, __getLastRequest) return; } - if (zend_hash_find(Z_OBJPROP_P(this_ptr), "__last_request", sizeof("__last_request"), (void **)&tmp) == SUCCESS) { + if (zend_hash_find(Z_OBJPROP_P(this_ptr), "__last_request", sizeof("__last_request"), (void **)&tmp) == SUCCESS && + Z_TYPE_PP(tmp) == IS_STRING) { RETURN_STRINGL(Z_STRVAL_PP(tmp), Z_STRLEN_PP(tmp), 1); } RETURN_NULL(); @@ -3042,7 +3043,8 @@ PHP_METHOD(SoapClient, __getLastResponse) return; } - if (zend_hash_find(Z_OBJPROP_P(this_ptr), "__last_response", sizeof("__last_response"), (void **)&tmp) == SUCCESS) { + if (zend_hash_find(Z_OBJPROP_P(this_ptr), "__last_response", sizeof("__last_response"), (void **)&tmp) == SUCCESS && + Z_TYPE_PP(tmp) == IS_STRING) { RETURN_STRINGL(Z_STRVAL_PP(tmp), Z_STRLEN_PP(tmp), 1); } RETURN_NULL(); @@ -3060,7 +3062,8 @@ PHP_METHOD(SoapClient, __getLastRequestHeaders) return; } - if (zend_hash_find(Z_OBJPROP_P(this_ptr), "__last_request_headers", sizeof("__last_request_headers"), (void **)&tmp) == SUCCESS) { + if (zend_hash_find(Z_OBJPROP_P(this_ptr), "__last_request_headers", sizeof("__last_request_headers"), (void **)&tmp) == SUCCESS && + Z_TYPE_PP(tmp) == IS_STRING) { RETURN_STRINGL(Z_STRVAL_PP(tmp), Z_STRLEN_PP(tmp), 1); } RETURN_NULL(); @@ -3078,7 +3081,8 @@ PHP_METHOD(SoapClient, __getLastResponseHeaders) return; } - if (zend_hash_find(Z_OBJPROP_P(this_ptr), "__last_response_headers", sizeof("__last_response_headers"), (void **)&tmp) == SUCCESS) { + if (zend_hash_find(Z_OBJPROP_P(this_ptr), "__last_response_headers", sizeof("__last_response_headers"), (void **)&tmp) == SUCCESS && + Z_TYPE_PP(tmp) == IS_STRING) { RETURN_STRINGL(Z_STRVAL_PP(tmp), Z_STRLEN_PP(tmp), 1); } RETURN_NULL(); @@ -3134,13 +3138,15 @@ PHP_METHOD(SoapClient, __setCookie) } if (val == NULL) { - if (zend_hash_find(Z_OBJPROP_P(this_ptr), "_cookies", sizeof("_cookies"), (void **)&cookies) == SUCCESS) { + if (zend_hash_find(Z_OBJPROP_P(this_ptr), "_cookies", sizeof("_cookies"), (void **)&cookies) == SUCCESS && + Z_TYPE_PP(cookies) == IS_ARRAY) { zend_hash_del(Z_ARRVAL_PP(cookies), name, name_len+1); } } else { zval *zcookie; - if (zend_hash_find(Z_OBJPROP_P(this_ptr), "_cookies", sizeof("_cookies"), (void **)&cookies) == FAILURE) { + if (zend_hash_find(Z_OBJPROP_P(this_ptr), "_cookies", sizeof("_cookies"), (void **)&cookies) == FAILURE || + Z_TYPE_PP(cookies) != IS_ARRAY) { zval *tmp_cookies; MAKE_STD_ZVAL(tmp_cookies); @@ -3168,7 +3174,8 @@ PHP_METHOD(SoapClient, __getCookies) array_init(return_value); - if (zend_hash_find(Z_OBJPROP_P(this_ptr), "_cookies", sizeof("_cookies"), (void **)&cookies) != FAILURE) { + if (zend_hash_find(Z_OBJPROP_P(this_ptr), "_cookies", sizeof("_cookies"), (void **)&cookies) != FAILURE && + Z_TYPE_PP(cookies) == IS_ARRAY) { zend_hash_copy(Z_ARRVAL_P(return_value), Z_ARRVAL_P(*cookies), (copy_ctor_func_t) zval_add_ref, (void *)&tmp, sizeof(zval*)); } } @@ -3990,7 +3997,8 @@ static xmlDocPtr serialize_response_call(sdlFunctionPtr function, char *function } if (version == SOAP_1_1) { - if (zend_hash_find(prop, "faultcode", sizeof("faultcode"), (void**)&tmp) == SUCCESS) { + if (zend_hash_find(prop, "faultcode", sizeof("faultcode"), (void**)&tmp) == SUCCESS && + Z_TYPE_PP(tmp) == IS_STRING) { size_t new_len; xmlNodePtr node = xmlNewNode(NULL, BAD_CAST("faultcode")); char *str = php_escape_html_entities((unsigned char*)Z_STRVAL_PP(tmp), Z_STRLEN_PP(tmp), &new_len, 0, 0, NULL TSRMLS_CC); @@ -4015,7 +4023,8 @@ static xmlDocPtr serialize_response_call(sdlFunctionPtr function, char *function } detail_name = "detail"; } else { - if (zend_hash_find(prop, "faultcode", sizeof("faultcode"), (void**)&tmp) == SUCCESS) { + if (zend_hash_find(prop, "faultcode", sizeof("faultcode"), (void**)&tmp) == SUCCESS && + Z_TYPE_PP(tmp) == IS_STRING) { size_t new_len; xmlNodePtr node = xmlNewChild(param, ns, BAD_CAST("Code"), NULL); char *str = php_escape_html_entities((unsigned char*)Z_STRVAL_PP(tmp), Z_STRLEN_PP(tmp), &new_len, 0, 0, NULL TSRMLS_CC); @@ -4255,7 +4264,8 @@ static xmlDocPtr serialize_function_call(zval *this_ptr, sdlFunctionPtr function } } } else { - if (zend_hash_find(Z_OBJPROP_P(this_ptr), "style", sizeof("style"), (void **)&zstyle) == SUCCESS) { + if (zend_hash_find(Z_OBJPROP_P(this_ptr), "style", sizeof("style"), (void **)&zstyle) == SUCCESS && + Z_TYPE_PP(zstyle) == IS_LONG) { style = Z_LVAL_PP(zstyle); } else { style = SOAP_RPC; @@ -4278,7 +4288,7 @@ static xmlDocPtr serialize_function_call(zval *this_ptr, sdlFunctionPtr function } if (zend_hash_find(Z_OBJPROP_P(this_ptr), "use", sizeof("use"), (void **)&zuse) == SUCCESS && - Z_LVAL_PP(zuse) == SOAP_LITERAL) { + Z_TYPE_PP(zuse) == IS_LONG && Z_LVAL_PP(zuse) == SOAP_LITERAL) { use = SOAP_LITERAL; } else { use = SOAP_ENCODED; @@ -4408,6 +4418,7 @@ static xmlNodePtr serialize_parameter(sdlParamPtr param, zval *param_val, int in zval **param_data; if (zend_hash_find(Z_OBJPROP_P(param_val), "param_name", sizeof("param_name"), (void **)¶m_name) == SUCCESS && + Z_TYPE_PP(param_name) == IS_STRING && zend_hash_find(Z_OBJPROP_P(param_val), "param_data", sizeof("param_data"), (void **)¶m_data) == SUCCESS) { param_val = *param_data; name = Z_STRVAL_PP(param_name); diff --git a/main/main.c b/main/main.c index 8a2c48dcd2..f7a768fdd2 100644 --- a/main/main.c +++ b/main/main.c @@ -2580,19 +2580,21 @@ PHPAPI int php_execute_script(zend_file_handle *primary_file TSRMLS_DC) zend_set_timeout(INI_INT("max_execution_time"), 0); } - { - /* - If cli primary file has shabang line and there is a prepend file, - the `start_lineno` will be used by prepend file but not primary file, - save it and restore after prepend file been executed. - */ + /* + If cli primary file has shabang line and there is a prepend file, + the `start_lineno` will be used by prepend file but not primary file, + save it and restore after prepend file been executed. + */ + if (CG(start_lineno) && prepend_file_p) { int orig_start_lineno = CG(start_lineno); CG(start_lineno) = 0; - retval = (zend_execute_scripts(ZEND_REQUIRE TSRMLS_CC, NULL, 1, prepend_file_p) == SUCCESS); - CG(start_lineno) = orig_start_lineno; - - retval = retval && (zend_execute_scripts(ZEND_REQUIRE TSRMLS_CC, NULL, 2, primary_file, append_file_p) == SUCCESS); + if (zend_execute_scripts(ZEND_REQUIRE TSRMLS_CC, NULL, 1, prepend_file_p) == SUCCESS) { + CG(start_lineno) = orig_start_lineno; + retval = (zend_execute_scripts(ZEND_REQUIRE TSRMLS_CC, NULL, 2, primary_file, append_file_p) == SUCCESS); + } + } else { + retval = (zend_execute_scripts(ZEND_REQUIRE TSRMLS_CC, NULL, 3, prepend_file_p, primary_file, append_file_p) == SUCCESS); } } zend_end_try(); |