diff options
author | Nikita Popov <nikita.ppv@gmail.com> | 2020-12-02 17:47:33 +0100 |
---|---|---|
committer | Nikita Popov <nikita.ppv@gmail.com> | 2021-01-06 12:46:24 +0100 |
commit | 3c68f38fdaec7a6f81f986a639bdd29716cf8f22 (patch) | |
tree | 5d1d8831cb016ba74d6ac6c6dc90419e536c48b6 /Zend/zend_vm_def.h | |
parent | 73f989a83b8338cd8348134b6df8dded27fae300 (diff) | |
download | php-git-3c68f38fdaec7a6f81f986a639bdd29716cf8f22.tar.gz |
Restrict allowed usages of $GLOBALS
This restricts allowed usage of $GLOBALS, with the effect that
plain PHP arrays can no longer contain INDIRECT elements.
RFC: https://wiki.php.net/rfc/restrict_globals_usage
Closes GH-6487.
Diffstat (limited to 'Zend/zend_vm_def.h')
-rw-r--r-- | Zend/zend_vm_def.h | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/Zend/zend_vm_def.h b/Zend/zend_vm_def.h index 2932bfbdfa..09193db5ff 100644 --- a/Zend/zend_vm_def.h +++ b/Zend/zend_vm_def.h @@ -1727,8 +1727,9 @@ ZEND_VM_C_LABEL(fetch_this): } else if (type == BP_VAR_IS) { retval = &EG(uninitialized_zval); } else { - zend_error(E_WARNING, "Undefined variable $%s", ZSTR_VAL(name)); - if (type == BP_VAR_RW) { + zend_error(E_WARNING, "Undefined %svariable $%s", + (opline->extended_value & ZEND_FETCH_GLOBAL ? "global " : ""), ZSTR_VAL(name)); + if (type == BP_VAR_RW && !EG(exception)) { retval = zend_hash_update(target_symbol_table, name, &EG(uninitialized_zval)); } else { retval = &EG(uninitialized_zval); @@ -1746,8 +1747,9 @@ ZEND_VM_C_LABEL(fetch_this): } else if (type == BP_VAR_IS) { retval = &EG(uninitialized_zval); } else { - zend_error(E_WARNING, "Undefined variable $%s", ZSTR_VAL(name)); - if (type == BP_VAR_RW) { + zend_error(E_WARNING, "Undefined %svariable $%s", + (opline->extended_value & ZEND_FETCH_GLOBAL ? "global " : ""), ZSTR_VAL(name)); + if (type == BP_VAR_RW && !EG(exception)) { ZVAL_NULL(retval); } else { retval = &EG(uninitialized_zval); @@ -8703,6 +8705,16 @@ ZEND_VM_HOT_HANDLER(184, ZEND_FETCH_THIS, UNUSED, UNUSED) } } +ZEND_VM_HANDLER(200, ZEND_FETCH_GLOBALS, UNUSED, UNUSED) +{ + USE_OPLINE + + /* For symbol tables we need to deal with exactly the same problems as for property tables. */ + ZVAL_ARR(EX_VAR(opline->result.var), + zend_proptable_to_symtable(&EG(symbol_table), /* always_duplicate */ 1)); + ZEND_VM_NEXT_OPCODE(); +} + ZEND_VM_HANDLER(186, ZEND_ISSET_ISEMPTY_THIS, UNUSED, UNUSED) { USE_OPLINE |