clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-21 18:07:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Disable the hash_apply() protection on hashes that persist across requests - it's unsafe

Browse Source 
because we may be aborted at any point
This commit is contained in:
Zeev Suraski 2000-07-11 14:27:31 +00:00
parent 148317f979
commit 1263932a0d
3 changed files with 36 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
Zend/zend.c
View File

@ -233,8 +233,8 @@ static void register_standard_class(void)
zend_standard_class_def.name_length = sizeof("stdClass") - 1;
zend_standard_class_def.name = zend_strndup("stdClass", zend_standard_class_def.name_length);
zend_standard_class_def.parent = NULL;
zend_hash_init(&zend_standard_class_def.default_properties, 0, NULL, ZVAL_PTR_DTOR, 1);
zend_hash_init(&zend_standard_class_def.function_table, 0, NULL, ZEND_FUNCTION_DTOR, 1);
zend_hash_init_ex(&zend_standard_class_def.default_properties, 0, NULL, ZVAL_PTR_DTOR, 1, 0);
zend_hash_init_ex(&zend_standard_class_def.function_table, 0, NULL, ZEND_FUNCTION_DTOR, 1, 0);
zend_standard_class_def.handle_function_call = NULL;
zend_standard_class_def.handle_property_get = NULL;
zend_standard_class_def.handle_property_set = NULL;
@ -261,11 +261,11 @@ static void compiler_globals_ctor(zend_compiler_globals *compiler_globals)
zend_class_entry tmp_class;
compiler_globals->function_table = (HashTable *) malloc(sizeof(HashTable));
zend_hash_init(compiler_globals->function_table, 100, NULL, ZEND_FUNCTION_DTOR, 1);
zend_hash_init_ex(compiler_globals->function_table, 100, NULL, ZEND_FUNCTION_DTOR, 1, 0);
zend_hash_copy(compiler_globals->function_table, global_function_table, NULL, &tmp_func, sizeof(zend_function));
compiler_globals->class_table = (HashTable *) malloc(sizeof(HashTable));
zend_hash_init(compiler_globals->class_table, 10, NULL, ZEND_CLASS_DTOR, 1);
zend_hash_init_ex(compiler_globals->class_table, 10, NULL, ZEND_CLASS_DTOR, 1, 0);
zend_hash_copy(compiler_globals->class_table, global_class_table, (copy_ctor_func_t) zend_class_add_ref, &tmp_class, sizeof(zend_class_entry));
zend_set_default_compile_time_values(CLS_C);
@ -366,10 +366,10 @@ int zend_startup(zend_utility_functions *utility_functions, char **extensions, i
GLOBAL_FUNCTION_TABLE = (HashTable *) malloc(sizeof(HashTable));
GLOBAL_CLASS_TABLE = (HashTable *) malloc(sizeof(HashTable));
zend_hash_init(GLOBAL_FUNCTION_TABLE, 100, NULL, ZEND_FUNCTION_DTOR, 1);
zend_hash_init(GLOBAL_CLASS_TABLE, 10, NULL, ZEND_CLASS_DTOR, 1);
zend_hash_init_ex(GLOBAL_FUNCTION_TABLE, 100, NULL, ZEND_FUNCTION_DTOR, 1, 0);
zend_hash_init_ex(GLOBAL_CLASS_TABLE, 10, NULL, ZEND_CLASS_DTOR, 1, 0);
register_standard_class();
zend_hash_init(&module_registry, 50, NULL, ZEND_MODULE_DTOR, 1);
zend_hash_init_ex(&module_registry, 50, NULL, ZEND_MODULE_DTOR, 1, 0);
zend_init_rsrc_list_dtors();
/* This zval can be used to initialize allocate zval's to an uninit'ed value */

34
Zend/zend_hash.c
View File

@ -108,14 +108,16 @@ static void _zend_is_inconsistent(HashTable *ht, char *file, int line)
#define SET_INCONSISTENT(n)
#endif
#define HASH_APPLY_BEGIN(ht) \
if ((ht)->nApplyCount>=3) { \
zend_error(E_WARNING, "Nesting level too deep - recursive dependency?"); \
return; \
} \
(ht)->nApplyCount++;
#define HASH_APPLY_BEGIN(ht) \
if ((ht)->bApplyProtection) { \
if ((ht)->nApplyCount>=3) { \
zend_error(E_WARNING, "Nesting level too deep - recursive dependency?"); \
return; \
} \
(ht)->nApplyCount++; \
}
#define HASH_APPLY_END(ht) \
#define HASH_APPLY_END(ht) \
(ht)->nApplyCount--;
@ -216,9 +218,27 @@ ZEND_API int zend_hash_init(HashTable *ht, uint nSize, hash_func_t pHashFunction
ht->pInternalPointer = NULL;
ht->persistent = persistent;
ht->nApplyCount = 0;
ht->bApplyProtection = 1;
return SUCCESS;
}
ZEND_API int zend_hash_init_ex(HashTable *ht, uint nSize, hash_func_t pHashFunction, dtor_func_t pDestructor, int persistent, zend_bool bApplyProtection)
{
int retval = zend_hash_init(ht, nSize, pHashFunction, pDestructor, persistent);
ht->bApplyProtection = bApplyProtection;
return retval;
}
ZEND_API void zend_hash_set_apply_protection(HashTable *ht, zend_bool bApplyProtection)
{
ht->bApplyProtection = bApplyProtection;
}
ZEND_API int zend_hash_add_or_update(HashTable *ht, char *arKey, uint nKeyLength, void *pData, uint nDataSize, void **pDest, int flag)
{
ulong h;

2
Zend/zend_hash.h
View File

@ -68,6 +68,7 @@ typedef struct _hashtable {
dtor_func_t pDestructor;
zend_bool persistent;
unsigned char nApplyCount;
zend_bool bApplyProtection;
#if ZEND_DEBUG
int inconsistent;
#endif
@ -79,6 +80,7 @@ BEGIN_EXTERN_C()
/* startup/shutdown */
ZEND_API int zend_hash_init(HashTable *ht, uint nSize, hash_func_t pHashFunction, dtor_func_t pDestructor, int persistent);
ZEND_API int zend_hash_init_ex(HashTable *ht, uint nSize, hash_func_t pHashFunction, dtor_func_t pDestructor, int persistent, zend_bool bApplyProtection);
ZEND_API void zend_hash_destroy(HashTable *ht);
ZEND_API void zend_hash_clean(HashTable *ht);