php-src/ext/standard/php_var.h

/*
   +----------------------------------------------------------------------+
   | Copyright (c) The PHP Group                                          |
   +----------------------------------------------------------------------+
   | This source file is subject to version 3.01 of the PHP license,      |
   | that is bundled with this package in the file LICENSE, and is        |
   | available through the world-wide-web at the following url:           |
   | http://www.php.net/license/3_01.txt                                  |
   | If you did not receive a copy of the PHP license and are unable to   |
   | obtain it through the world-wide-web, please send a note to          |
   | license@php.net so we can mail you a copy immediately.               |
   +----------------------------------------------------------------------+
   | Author: Jani Lehtimäki <jkl@njet.net>                                |
   +----------------------------------------------------------------------+
*/

#ifndef PHP_VAR_H
#define PHP_VAR_H

#include "ext/standard/basic_functions.h"
#include "zend_smart_str_public.h"

PHP_MINIT_FUNCTION(var);

PHPAPI void php_var_dump(zval *struc, int level);
PHPAPI void php_var_export(zval *struc, int level);
PHPAPI void php_var_export_ex(zval *struc, int level, smart_str *buf);

PHPAPI void php_debug_zval_dump(zval *struc, int level);

typedef struct php_serialize_data *php_serialize_data_t;
typedef struct php_unserialize_data *php_unserialize_data_t;

PHPAPI void php_var_serialize(smart_str *buf, zval *struc, php_serialize_data_t *data);
PHPAPI int php_var_unserialize(zval *rval, const unsigned char **p, const unsigned char *max, php_unserialize_data_t *var_hash);
PHPAPI int php_var_unserialize_ref(zval *rval, const unsigned char **p, const unsigned char *max, php_unserialize_data_t *var_hash);
PHPAPI int php_var_unserialize_intern(zval *rval, const unsigned char **p, const unsigned char *max, php_unserialize_data_t *var_hash);

PHPAPI php_serialize_data_t php_var_serialize_init(void);
PHPAPI void php_var_serialize_destroy(php_serialize_data_t d);
PHPAPI php_unserialize_data_t php_var_unserialize_init(void);
PHPAPI void php_var_unserialize_destroy(php_unserialize_data_t d);
PHPAPI HashTable *php_var_unserialize_get_allowed_classes(php_unserialize_data_t d);
PHPAPI void php_var_unserialize_set_allowed_classes(php_unserialize_data_t d, HashTable *classes);
PHPAPI void php_var_unserialize_set_max_depth(php_unserialize_data_t d, zend_long max_depth);
PHPAPI zend_long php_var_unserialize_get_max_depth(php_unserialize_data_t d);
PHPAPI void php_var_unserialize_set_cur_depth(php_unserialize_data_t d, zend_long cur_depth);
PHPAPI zend_long php_var_unserialize_get_cur_depth(php_unserialize_data_t d);

#define PHP_VAR_SERIALIZE_INIT(d) \
	(d) = php_var_serialize_init()

#define PHP_VAR_SERIALIZE_DESTROY(d) \
	php_var_serialize_destroy(d)

#define PHP_VAR_UNSERIALIZE_INIT(d) \
	(d) = php_var_unserialize_init()

#define PHP_VAR_UNSERIALIZE_DESTROY(d) \
	php_var_unserialize_destroy(d)

PHPAPI void php_unserialize_with_options(zval *return_value, const char *buf, const size_t buf_len, HashTable *options, const char* function_name);

PHPAPI void var_replace(php_unserialize_data_t *var_hash, zval *ozval, zval *nzval);
PHPAPI void var_push_dtor(php_unserialize_data_t *var_hash, zval *val);
PHPAPI zval *var_tmp_var(php_unserialize_data_t *var_hashx);
PHPAPI void var_destroy(php_unserialize_data_t *var_hash);

#endif /* PHP_VAR_H */
trailing whitespace removal 2015-01-03 09:22:58 +00:00			`/*`
First commit of re-structuring phase one. We have started using automake in sub-directories and started to move extension code into ext/<name>. For now, I have moved the "standard" extension (which is quite a mix of everything right now) and the GD extension into their own subdirs in ext/. The configure script now also runs configure in the libzend directory automatically and makes sure php4 and libzend use the same config.cache file. To avoid running configure in libzend, use the --no-recursion option. "make" in php4 also builds libzend now. The Apache module doesn't compile right now, but a fix for that is coming up. 1999-04-17 00:37:12 +00:00			`+----------------------------------------------------------------------+`
Remove year range from copyright notice 2019-01-30 09:00:23 +00:00			`\| Copyright (c) The PHP Group \|`
First commit of re-structuring phase one. We have started using automake in sub-directories and started to move extension code into ext/<name>. For now, I have moved the "standard" extension (which is quite a mix of everything right now) and the GD extension into their own subdirs in ext/. The configure script now also runs configure in the libzend directory automatically and makes sure php4 and libzend use the same config.cache file. To avoid running configure in libzend, use the --no-recursion option. "make" in php4 also builds libzend now. The Apache module doesn't compile right now, but a fix for that is coming up. 1999-04-17 00:37:12 +00:00			`+----------------------------------------------------------------------+`
bump year and license version 2006-01-01 12:51:34 +00:00			`\| This source file is subject to version 3.01 of the PHP license, \|`
Changed lots of PHP 3 licence headers to PHP 4, mainly in .h files. Added a few RCS $Id$ tags. # Note: I have avoided changing any .h files if the corresponding .c file # had not already been changed as I am not sure if there are any legal # issues here. So some extensions still have PHP 3 headers. 2000-07-24 01:40:02 +00:00			`\| that is bundled with this package in the file LICENSE, and is \|`
updating license information in the headers. 2003-06-10 20:04:29 +00:00			`\| available through the world-wide-web at the following url: \|`
bump year and license version 2006-01-01 12:51:34 +00:00			`\| http://www.php.net/license/3_01.txt \|`
Changed lots of PHP 3 licence headers to PHP 4, mainly in .h files. Added a few RCS $Id$ tags. # Note: I have avoided changing any .h files if the corresponding .c file # had not already been changed as I am not sure if there are any legal # issues here. So some extensions still have PHP 3 headers. 2000-07-24 01:40:02 +00:00			`\| If you did not receive a copy of the PHP license and are unable to \|`
			`\| obtain it through the world-wide-web, please send a note to \|`
			`\| license@php.net so we can mail you a copy immediately. \|`
First commit of re-structuring phase one. We have started using automake in sub-directories and started to move extension code into ext/<name>. For now, I have moved the "standard" extension (which is quite a mix of everything right now) and the GD extension into their own subdirs in ext/. The configure script now also runs configure in the libzend directory automatically and makes sure php4 and libzend use the same config.cache file. To avoid running configure in libzend, use the --no-recursion option. "make" in php4 also builds libzend now. The Apache module doesn't compile right now, but a fix for that is coming up. 1999-04-17 00:37:12 +00:00			`+----------------------------------------------------------------------+`
Fix Bug #55801 Behavior of unserialize has changed: (un)serialize in __wakeup/__sleep now use clean var_hashes 2011-10-19 10:09:24 +00:00			`\| Author: Jani Lehtimäki <jkl@njet.net> \|`
First commit of re-structuring phase one. We have started using automake in sub-directories and started to move extension code into ext/<name>. For now, I have moved the "standard" extension (which is quite a mix of everything right now) and the GD extension into their own subdirs in ext/. The configure script now also runs configure in the libzend directory automatically and makes sure php4 and libzend use the same config.cache file. To avoid running configure in libzend, use the --no-recursion option. "make" in php4 also builds libzend now. The Apache module doesn't compile right now, but a fix for that is coming up. 1999-04-17 00:37:12 +00:00			`+----------------------------------------------------------------------+`
Changed lots of PHP 3 licence headers to PHP 4, mainly in .h files. Added a few RCS $Id$ tags. # Note: I have avoided changing any .h files if the corresponding .c file # had not already been changed as I am not sure if there are any legal # issues here. So some extensions still have PHP 3 headers. 2000-07-24 01:40:02 +00:00			`*/`
First commit of re-structuring phase one. We have started using automake in sub-directories and started to move extension code into ext/<name>. For now, I have moved the "standard" extension (which is quite a mix of everything right now) and the GD extension into their own subdirs in ext/. The configure script now also runs configure in the libzend directory automatically and makes sure php4 and libzend use the same config.cache file. To avoid running configure in libzend, use the --no-recursion option. "make" in php4 also builds libzend now. The Apache module doesn't compile right now, but a fix for that is coming up. 1999-04-17 00:37:12 +00:00
Rename macros which begin with underscore to appropiate macros. The general rule is: macro_name=`echo $filename\|tr a-z A-Z\|sed 's/\./_/'` 2000-07-03 00:41:19 +00:00			`#ifndef PHP_VAR_H`
			`#define PHP_VAR_H`
First commit of re-structuring phase one. We have started using automake in sub-directories and started to move extension code into ext/<name>. For now, I have moved the "standard" extension (which is quite a mix of everything right now) and the GD extension into their own subdirs in ext/. The configure script now also runs configure in the libzend directory automatically and makes sure php4 and libzend use the same config.cache file. To avoid running configure in libzend, use the --no-recursion option. "make" in php4 also builds libzend now. The Apache module doesn't compile right now, but a fix for that is coming up. 1999-04-17 00:37:12 +00:00
Added support for object references in recursive serialize() calls. FR #36424 2010-05-26 07:24:37 +00:00			`#include "ext/standard/basic_functions.h"`
Move smart_str implementation into Zend/ So we can use it there as well... For now I've retained the zend_smart_str_public.h header, though it would probably be better to just move that one struct into zend_types.h. 2014-09-20 20:42:02 +00:00			`#include "zend_smart_str_public.h"`
Convert serializer to smart_str.. avoids lots of sprintf's and copying of data. 2001-08-03 07:25:27 +00:00
Add max_depth option to unserialize() Add a max_depth option to unserialize and an unserialize_max_depth ini setting, which can be used to control the depth limit. The default value is 4096. This option is intended to prevent stack overflows during the unserialization of deeply nested structures. This fixes bug #78549 and addresses oss-fuzz #17581, #17589, #17664, and #17788. 2019-09-24 09:50:26 +00:00			`PHP_MINIT_FUNCTION(var);`
First commit of re-structuring phase one. We have started using automake in sub-directories and started to move extension code into ext/<name>. For now, I have moved the "standard" extension (which is quite a mix of everything right now) and the GD extension into their own subdirs in ext/. The configure script now also runs configure in the libzend directory automatically and makes sure php4 and libzend use the same config.cache file. To avoid running configure in libzend, use the --no-recursion option. "make" in php4 also builds libzend now. The Apache module doesn't compile right now, but a fix for that is coming up. 1999-04-17 00:37:12 +00:00
first shot remove TSRMLS_* things 2014-12-13 22:06:14 +00:00			`PHPAPI void php_var_dump(zval *struc, int level);`
			`PHPAPI void php_var_export(zval *struc, int level);`
			`PHPAPI void php_var_export_ex(zval struc, int level, smart_str buf);`
Fix a bug when var_export() causes a fatal error that could inadvertently display data due to flushing of the output buffer. Examples include, memory limit, execution time and recursion. 2010-07-09 21:11:37 +00:00
first shot remove TSRMLS_* things 2014-12-13 22:06:14 +00:00			`PHPAPI void php_debug_zval_dump(zval *struc, int level);`
Add support for serializing references. @- Add support for serializing references (Stas) # WDDX and shared memory functions not covered yet 2000-10-30 17:10:06 +00:00
Fix tests/serialize/bug64146.phpt The var hash now retains a reference to its elements, to ensure that addresses are not reused. Furthermore the var hash now only stores objects and references and directly uses their pointer as key, thus making serialization about two times faster. 2014-09-21 21:42:55 +00:00			`typedef struct php_serialize_data *php_serialize_data_t;`
			`typedef struct php_unserialize_data *php_unserialize_data_t;`
Rewrite of unserializer which should be more maintainable and extensible. Changes pass `make test´ and a couple of custom tests. Enjoy. 2001-11-10 21:18:34 +00:00
first shot remove TSRMLS_* things 2014-12-13 22:06:14 +00:00			`PHPAPI void php_var_serialize(smart_str buf, zval struc, php_serialize_data_t *data);`
			`PHPAPI int php_var_unserialize(zval rval, const unsigned char p, const unsigned char max, php_unserialize_data_t *var_hash);`
			`PHPAPI int php_var_unserialize_ref(zval rval, const unsigned char p, const unsigned char max, php_unserialize_data_t *var_hash);`
			`PHPAPI int php_var_unserialize_intern(zval rval, const unsigned char p, const unsigned char max, php_unserialize_data_t *var_hash);`
Add support for serializing references. @- Add support for serializing references (Stas) # WDDX and shared memory functions not covered yet 2000-10-30 17:10:06 +00:00
Hide (un)serialize data from ABI The (UN)SERIALIZE_INIT/DESTROY macros now go through non-inlined functions, so any changes to them will apply to extensions without rebuilds. Additionally, the (un)serialize_data structures are now no longer exported. This means that we are allowed to change these structures in patch releases without breaking the ABI. 2016-08-10 10:51:48 +00:00			`PHPAPI php_serialize_data_t php_var_serialize_init(void);`
			`PHPAPI void php_var_serialize_destroy(php_serialize_data_t d);`
			`PHPAPI php_unserialize_data_t php_var_unserialize_init(void);`
			`PHPAPI void php_var_unserialize_destroy(php_unserialize_data_t d);`
Followup for bug #72785 Fix incorrect handling of nesting ... need to reset to the old value afterwards. 2016-09-06 10:59:35 +00:00			`PHPAPI HashTable *php_var_unserialize_get_allowed_classes(php_unserialize_data_t d);`
Fix bug #72785 - allowed_classes only applies to outermost unserialize() 2016-09-06 02:56:36 +00:00			`PHPAPI void php_var_unserialize_set_allowed_classes(php_unserialize_data_t d, HashTable *classes);`
Add max_depth option to unserialize() Add a max_depth option to unserialize and an unserialize_max_depth ini setting, which can be used to control the depth limit. The default value is 4096. This option is intended to prevent stack overflows during the unserialization of deeply nested structures. This fixes bug #78549 and addresses oss-fuzz #17581, #17589, #17664, and #17788. 2019-09-24 09:50:26 +00:00			`PHPAPI void php_var_unserialize_set_max_depth(php_unserialize_data_t d, zend_long max_depth);`
			`PHPAPI zend_long php_var_unserialize_get_max_depth(php_unserialize_data_t d);`
			`PHPAPI void php_var_unserialize_set_cur_depth(php_unserialize_data_t d, zend_long cur_depth);`
			`PHPAPI zend_long php_var_unserialize_get_cur_depth(php_unserialize_data_t d);`
Hide (un)serialize data from ABI The (UN)SERIALIZE_INIT/DESTROY macros now go through non-inlined functions, so any changes to them will apply to extensions without rebuilds. Additionally, the (un)serialize_data structures are now no longer exported. This means that we are allowed to change these structures in patch releases without breaking the ABI. 2016-08-10 10:51:48 +00:00
Fix tests/serialize/bug64146.phpt The var hash now retains a reference to its elements, to ensure that addresses are not reused. Furthermore the var hash now only stores objects and references and directly uses their pointer as key, thus making serialization about two times faster. 2014-09-21 21:42:55 +00:00			`#define PHP_VAR_SERIALIZE_INIT(d) \`
Hide (un)serialize data from ABI The (UN)SERIALIZE_INIT/DESTROY macros now go through non-inlined functions, so any changes to them will apply to extensions without rebuilds. Additionally, the (un)serialize_data structures are now no longer exported. This means that we are allowed to change these structures in patch releases without breaking the ABI. 2016-08-10 10:51:48 +00:00			`(d) = php_var_serialize_init()`
Add support for serializing references. @- Add support for serializing references (Stas) # WDDX and shared memory functions not covered yet 2000-10-30 17:10:06 +00:00
Fix tests/serialize/bug64146.phpt The var hash now retains a reference to its elements, to ensure that addresses are not reused. Furthermore the var hash now only stores objects and references and directly uses their pointer as key, thus making serialization about two times faster. 2014-09-21 21:42:55 +00:00			`#define PHP_VAR_SERIALIZE_DESTROY(d) \`
Hide (un)serialize data from ABI The (UN)SERIALIZE_INIT/DESTROY macros now go through non-inlined functions, so any changes to them will apply to extensions without rebuilds. Additionally, the (un)serialize_data structures are now no longer exported. This means that we are allowed to change these structures in patch releases without breaking the ABI. 2016-08-10 10:51:48 +00:00			`php_var_serialize_destroy(d)`
Added support for object references in recursive serialize() calls. FR #36424 2010-05-26 07:24:37 +00:00
Fix tests/serialize/bug64146.phpt The var hash now retains a reference to its elements, to ensure that addresses are not reused. Furthermore the var hash now only stores objects and references and directly uses their pointer as key, thus making serialization about two times faster. 2014-09-21 21:42:55 +00:00			`#define PHP_VAR_UNSERIALIZE_INIT(d) \`
Hide (un)serialize data from ABI The (UN)SERIALIZE_INIT/DESTROY macros now go through non-inlined functions, so any changes to them will apply to extensions without rebuilds. Additionally, the (un)serialize_data structures are now no longer exported. This means that we are allowed to change these structures in patch releases without breaking the ABI. 2016-08-10 10:51:48 +00:00			`(d) = php_var_unserialize_init()`
Added support for object references in recursive serialize() calls. FR #36424 2010-05-26 07:24:37 +00:00
Fix tests/serialize/bug64146.phpt The var hash now retains a reference to its elements, to ensure that addresses are not reused. Furthermore the var hash now only stores objects and references and directly uses their pointer as key, thus making serialization about two times faster. 2014-09-21 21:42:55 +00:00			`#define PHP_VAR_UNSERIALIZE_DESTROY(d) \`
Hide (un)serialize data from ABI The (UN)SERIALIZE_INIT/DESTROY macros now go through non-inlined functions, so any changes to them will apply to extensions without rebuilds. Additionally, the (un)serialize_data structures are now no longer exported. This means that we are allowed to change these structures in patch releases without breaking the ABI. 2016-08-10 10:51:48 +00:00			`php_var_unserialize_destroy(d)`
First commit of re-structuring phase one. We have started using automake in sub-directories and started to move extension code into ext/<name>. For now, I have moved the "standard" extension (which is quite a mix of everything right now) and the GD extension into their own subdirs in ext/. The configure script now also runs configure in the libzend directory automatically and makes sure php4 and libzend use the same config.cache file. To avoid running configure in libzend, use the --no-recursion option. "make" in php4 also builds libzend now. The Apache module doesn't compile right now, but a fix for that is coming up. 1999-04-17 00:37:12 +00:00
[RFC] Only unserialize Phar metadata when getMetadata() is called In other words, don't automatically unserialize when the magic phar:// stream wrappers are used. RFC: https://wiki.php.net/rfc/phar_stop_autoloading_metadata Also, change the signature from `getMetadata()` to `getMetadata(array $unserialize_options = [])`. Start throwing earlier if setMetadata() is called and serialization threw. See https://externals.io/message/110856 and https://bugs.php.net/bug.php?id=76774 This was refactored to add a phar_metadata_tracker for the following reasons: - The way to properly copy a zval was previously implicit and undocumented (e.g. is it a pointer to a raw string or an actual value) - Avoid unnecessary serialization and unserialization in the most common case - If a metadata value is serialized once while saving a new/modified phar file, this allows reusing the same serialized string. - Have as few ways to copy/clone/lazily parse metadata (etc.) as possible, so that code changes can be limited to only a few places in the future. - Performance is hopefully not a concern - copying a string should be faster than unserializing a value, and metadata should be rare in most cases. Remove unnecessary skip in a test(Compression's unused) Add additional assertions about usage of persistent phars Improve robustness of `Phar*->setMetadata()` - Add sanity checks for edge cases freeing metadata, when destructors or serializers modify the phar recursively. - Typical use cases of php have phar.readonly=1 and would not be affected. Closes GH-5855 2020-07-07 22:47:52 +00:00			`PHPAPI void php_unserialize_with_options(zval return_value, const char buf, const size_t buf_len, HashTable options, const char function_name);`

Fixed unserialize() 2014-04-10 14:08:11 +00:00			`PHPAPI void var_replace(php_unserialize_data_t var_hash, zval ozval, zval *nzval);`
Use better data structures (incomplete) 2014-02-14 09:40:11 +00:00			`PHPAPI void var_push_dtor(php_unserialize_data_t var_hash, zval val);`
fix merge 2015-08-05 06:41:00 +00:00			`PHPAPI zval var_tmp_var(php_unserialize_data_t var_hashx);`
need to export var_replace and var_destroy for win32 2002-08-04 23:45:38 +00:00			`PHPAPI void var_destroy(php_unserialize_data_t *var_hash);`
trailing whitespace removal 2015-01-03 09:22:58 +00:00
Rename macros which begin with underscore to appropiate macros. The general rule is: macro_name=`echo $filename\|tr a-z A-Z\|sed 's/\./_/'` 2000-07-03 00:41:19 +00:00			`#endif /* PHP_VAR_H */`