1#!/usr/bin/env php 2<?php 3/* 4 +----------------------------------------------------------------------+ 5 | PHP Version 7 | 6 +----------------------------------------------------------------------+ 7 | Copyright (c) The PHP Group | 8 +----------------------------------------------------------------------+ 9 | This source file is subject to version 3.01 of the PHP license, | 10 | that is bundled with this package in the file LICENSE, and is | 11 | available through the world-wide-web at the following url: | 12 | http://www.php.net/license/3_01.txt | 13 | If you did not receive a copy of the PHP license and are unable to | 14 | obtain it through the world-wide-web, please send a note to | 15 | license@php.net so we can mail you a copy immediately. | 16 +----------------------------------------------------------------------+ 17 | Author: Nuno Lopes <nlopess@php.net> | 18 +----------------------------------------------------------------------+ 19*/ 20 21define('REPORT_LEVEL', 1); // 0 reports less false-positives. up to level 5. 22define('VERSION', '7.0'); // minimum is 7.0 23define('PHPDIR', realpath(dirname(__FILE__) . '/../..')); 24 25 26// be sure you have enough memory and stack for PHP. pcre will push the limits! 27ini_set('pcre.backtrack_limit', 10000000); 28 29 30// ------------------------ end of config ---------------------------- 31 32 33$API_params = array( 34 'a' => array('zval**'), // array 35 'A' => array('zval**'), // array or object 36 'b' => array('zend_bool*'), // boolean 37 'd' => array('double*'), // double 38 'f' => array('zend_fcall_info*', 'zend_fcall_info_cache*'), // function 39 'h' => array('HashTable**'), // array as an HashTable* 40 'H' => array('HashTable**'), // array or HASH_OF(object) 41 'l' => array('zend_long*'), // long 42 //TODO 'L' => array('zend_long*, '), // long 43 'o' => array('zval**'), //object 44 'O' => array('zval**', 'zend_class_entry*'), // object of given type 45 'P' => array('zend_string**'), // valid path 46 'r' => array('zval**'), // resource 47 'S' => array('zend_string**'), // string 48 'z' => array('zval**'), // zval* 49 'Z' => array('zval***') // zval** 50 // 's', 'p', 'C' handled separately 51); 52 53/** reports an error, according to its level */ 54function error($str, $level = 0) 55{ 56 global $current_file, $current_function, $line; 57 58 if ($level <= REPORT_LEVEL) { 59 if (strpos($current_file,PHPDIR) === 0) { 60 $filename = substr($current_file, strlen(PHPDIR)+1); 61 } else { 62 $filename = $current_file; 63 } 64 echo $filename , " [$line] $current_function : $str\n"; 65 } 66} 67 68 69/** this updates the global var $line (for error reporting) */ 70function update_lineno($offset) 71{ 72 global $lines_offset, $line; 73 74 $left = 0; 75 $right = $count = count($lines_offset)-1; 76 77 // a nice binary search :) 78 do { 79 $mid = intval(($left + $right)/2); 80 $val = $lines_offset[$mid]; 81 82 if ($val < $offset) { 83 if (++$mid > $count || $lines_offset[$mid] > $offset) { 84 $line = $mid; 85 return; 86 } else { 87 $left = $mid; 88 } 89 } else if ($val > $offset) { 90 if ($lines_offset[--$mid] < $offset) { 91 $line = $mid+1; 92 return; 93 } else { 94 $right = $mid; 95 } 96 } else { 97 $line = $mid+1; 98 return; 99 } 100 } while (true); 101} 102 103 104/** parses the sources and fetches its vars name, type and if they are initialized or not */ 105function get_vars($txt) 106{ 107 $ret = array(); 108 preg_match_all('/((?:(?:unsigned|struct)\s+)?\w+)(?:\s*(\*+)\s+|\s+(\**))(\w+(?:\[\s*\w*\s*\])?)\s*(?:(=)[^,;]+)?((?:\s*,\s*\**\s*\w+(?:\[\s*\w*\s*\])?\s*(?:=[^,;]+)?)*)\s*;/S', $txt, $m, PREG_SET_ORDER); 109 110 foreach ($m as $x) { 111 // the first parameter is special 112 if (!in_array($x[1], array('else', 'endif', 'return'))) // hack to skip reserved words 113 $ret[$x[4]] = array($x[1] . $x[2] . $x[3], $x[5]); 114 115 // are there more vars? 116 if ($x[6]) { 117 preg_match_all('/(\**)\s*(\w+(?:\[\s*\w*\s*\])?)\s*(=?)/S', $x[6], $y, PREG_SET_ORDER); 118 foreach ($y as $z) { 119 $ret[$z[2]] = array($x[1] . $z[1], $z[3]); 120 } 121 } 122 } 123 124// if ($GLOBALS['current_function'] == 'for_debugging') { print_r($m);print_r($ret); } 125 return $ret; 126} 127 128 129/** run diagnostic checks against one var. */ 130function check_param($db, $idx, $exp, $optional, $allow_uninit = false) 131{ 132 global $error_few_vars_given; 133 134 if ($idx >= count($db)) { 135 if (!$error_few_vars_given) { 136 error("too few variables passed to function"); 137 $error_few_vars_given = true; 138 } 139 return; 140 } elseif ($db[$idx][0] === '**dummy**') { 141 return; 142 } 143 144 if ($db[$idx][1] != $exp) { 145 error("{$db[$idx][0]}: expected '$exp' but got '{$db[$idx][1]}' [".($idx+1).']'); 146 } 147 148 if (!$optional && $db[$idx][2]) { 149 error("not optional var is initialized: {$db[$idx][0]} [".($idx+1).']', 2); 150 } 151 if (!$allow_uninit && $optional && !$db[$idx][2]) { 152 error("optional var not initialized: {$db[$idx][0]} [".($idx+1).']', 1); 153 } 154} 155 156/** fetch params passed to zend_parse_params*() */ 157function get_params($vars, $str) 158{ 159 $ret = array(); 160 preg_match_all('/(?:\([^)]+\))?(&?)([\w>.()-]+(?:\[\w+\])?)\s*,?((?:\)*\s*=)?)/S', $str, $m, PREG_SET_ORDER); 161 162 foreach ($m as $x) { 163 $name = $x[2]; 164 165 // little hack for last parameter 166 if (strpos($name, '(') === false) { 167 $name = rtrim($name, ')'); 168 } 169 170 if (empty($vars[$name][0])) { 171 error("variable not found: '$name'", 3); 172 $ret[][] = '**dummy**'; 173 174 } else { 175 $ret[] = array($name, $vars[$name][0] . ($x[1] ? '*' : ''), $vars[$name][1]); 176 } 177 178 // the end (yes, this is a little hack :P) 179 if ($x[3]) { 180 break; 181 } 182 } 183 184// if ($GLOBALS['current_function'] == 'for_debugging') { var_dump($m); var_dump($ret); } 185 return $ret; 186} 187 188 189/** run tests on a function. the code is passed in $txt */ 190function check_function($name, $txt, $offset) 191{ 192 global $API_params; 193 194 $regex = '/ 195 (?: zend_parse_parameters(?:_throw)? \s*\([^,]+ 196 | zend_parse_(?:parameters_ex|method_parameters) \s*\([^,]+,[^,]+ 197 | zend_parse_method_parameters_ex \s*\([^,]+,[^,]+,[^,+] 198 ) 199 ,\s*"([^"]*)"\s* 200 ,\s*([^{;]*) 201 /Sx'; 202 if (preg_match_all($regex, $txt, $matches, PREG_SET_ORDER | PREG_OFFSET_CAPTURE)) { 203 204 $GLOBALS['current_function'] = $name; 205 206 foreach ($matches as $m) { 207 $GLOBALS['error_few_vars_given'] = false; 208 update_lineno($offset + $m[2][1]); 209 210 $vars = get_vars(substr($txt, 0, $m[0][1])); // limit var search to current location 211 $params = get_params($vars, $m[2][0]); 212 $optional = $varargs = false; 213 $last_char = ''; 214 $j = -1; 215 216 $spec = $m[1][0]; 217 $len = strlen($spec); 218 for ($i = 0; $i < $len; ++$i) { 219 $char = $spec[$i]; 220 switch ($char = $spec[$i]) { 221 // separator for optional parameters 222 case '|': 223 if ($optional) { 224 error("more than one optional separator at char #$i"); 225 } else { 226 $optional = true; 227 if ($i == $len-1) { 228 error("unnecessary optional separator"); 229 } 230 } 231 break; 232 233 // separate_zval_if_not_ref 234 case '/': 235 if (in_array($last_char, array('l', 'L', 'd', 'b'))) { 236 error("the '/' specifier should not be applied to '$last_char'"); 237 } 238 break; 239 240 // nullable arguments 241 case '!': 242 if (in_array($last_char, array('l', 'L', 'd', 'b'))) { 243 check_param($params, ++$j, 'zend_bool*', $optional); 244 } 245 break; 246 247 // variadic arguments 248 case '+': 249 case '*': 250 if ($varargs) { 251 error("A varargs specifier can only be used once. repeated char at column $i"); 252 } else { 253 check_param($params, ++$j, 'zval**', $optional); 254 check_param($params, ++$j, 'int*', $optional); 255 $varargs = true; 256 } 257 break; 258 259 case 's': 260 case 'p': 261 check_param($params, ++$j, 'char**', $optional, $allow_uninit=true); 262 check_param($params, ++$j, 'size_t*', $optional, $allow_uninit=true); 263 if ($optional && !$params[$j-1][2] && !$params[$j][2] 264 && $params[$j-1][0] !== '**dummy**' && $params[$j][0] !== '**dummy**') { 265 error("one of optional vars {$params[$j-1][0]} or {$params[$j][0]} must be initialized", 1); 266 } 267 break; 268 269 case 'C': 270 // C must always be initialized, independently of whether it's optional 271 check_param($params, ++$j, 'zend_class_entry**', false); 272 break; 273 274 default: 275 if (!isset($API_params[$char])) { 276 error("unknown char ('$char') at column $i"); 277 } 278 279 // If an is_null flag is in use, only that flag is required to be 280 // initialized 281 $allow_uninit = $i+1 < $len && $spec[$i+1] === '!' 282 && in_array($char, array('l', 'L', 'd', 'b')); 283 284 foreach ($API_params[$char] as $exp) { 285 check_param($params, ++$j, $exp, $optional, $allow_uninit); 286 } 287 } 288 289 $last_char = $char; 290 } 291 } 292 } 293} 294 295 296/** the main recursion function. splits files in functions and calls the other functions */ 297function recurse($path) 298{ 299 foreach (scandir($path) as $file) { 300 if ($file == '.' || $file == '..' || $file == 'CVS') continue; 301 302 $file = "$path/$file"; 303 if (is_dir($file)) { 304 recurse($file); 305 continue; 306 } 307 308 // parse only .c and .cpp files 309 if (substr_compare($file, '.c', -2) && substr_compare($file, '.cpp', -4)) continue; 310 311 $txt = file_get_contents($file); 312 // remove comments (but preserve the number of lines) 313 $txt = preg_replace('@//.*@S', '', $txt); 314 $txt = preg_replace_callback('@/\*.*\*/@SsU', function($matches) { 315 return preg_replace("/[^\r\n]+/S", "", $matches[0]); 316 }, $txt); 317 318 $split = preg_split('/PHP_(?:NAMED_)?(?:FUNCTION|METHOD)\s*\((\w+(?:,\s*\w+)?)\)/S', $txt, -1, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_OFFSET_CAPTURE); 319 320 if (count($split) < 2) continue; // no functions defined on this file 321 array_shift($split); // the first part isn't relevant 322 323 324 // generate the line offsets array 325 $j = 0; 326 $lines = preg_split("/(\r\n?|\n)/S", $txt, -1, PREG_SPLIT_DELIM_CAPTURE); 327 $lines_offset = array(); 328 329 for ($i = 0; $i < count($lines); ++$i) { 330 $j += strlen($lines[$i]) + strlen(@$lines[++$i]); 331 $lines_offset[] = $j; 332 } 333 334 $GLOBALS['lines_offset'] = $lines_offset; 335 $GLOBALS['current_file'] = $file; 336 337 338 for ($i = 0; $i < count($split); $i+=2) { 339 // if the /* }}} */ comment is found use it to reduce false positives 340 // TODO: check the other indexes 341 list($f) = preg_split('@/\*\s*}}}\s*\*/@S', $split[$i+1][0]); 342 check_function(preg_replace('/\s*,\s*/S', '::', $split[$i][0]), $f, $split[$i][1]); 343 } 344 } 345} 346 347$dirs = array(); 348 349if (isset($argc) && $argc > 1) { 350 if ($argv[1] == '-h' || $argv[1] == '-help' || $argv[1] == '--help') { 351 echo <<<HELP 352Synopsis: 353 php check_parameters.php [directories] 354 355HELP; 356 exit(0); 357 } 358 for ($i = 1; $i < $argc; $i++) { 359 $dirs[] = $argv[$i]; 360 } 361} else { 362 $dirs[] = PHPDIR; 363} 364 365foreach($dirs as $dir) { 366 if (is_dir($dir)) { 367 if (!is_readable($dir)) { 368 echo "ERROR: directory '", $dir ,"' is not readable\n"; 369 exit(1); 370 } 371 } else { 372 echo "ERROR: bogus directory '", $dir ,"'\n"; 373 exit(1); 374 } 375} 376 377foreach ($dirs as $dir) { 378 recurse(realpath($dir)); 379} 380
