1 /*
2 +----------------------------------------------------------------------+
3 | Zend Engine |
4 +----------------------------------------------------------------------+
5 | Copyright (c) Zend Technologies Ltd. (http://www.zend.com) |
6 +----------------------------------------------------------------------+
7 | This source file is subject to version 2.00 of the Zend license, |
8 | that is bundled with this package in the file LICENSE, and is |
9 | available through the world-wide-web at the following url: |
10 | http://www.zend.com/license/2_00.txt. |
11 | If you did not receive a copy of the Zend license and are unable to |
12 | obtain it through the world-wide-web, please send a note to |
13 | license@zend.com so we can mail you a copy immediately. |
14 +----------------------------------------------------------------------+
15 | Authors: Andi Gutmans <andi@php.net> |
16 | Zeev Suraski <zeev@php.net> |
17 | Dmitry Stogov <dmitry@php.net> |
18 +----------------------------------------------------------------------+
19 */
20
21 #include "zend.h"
22 #include "zend_globals.h"
23 #include "zend_variables.h"
24 #include "zend_API.h"
25 #include "zend_objects.h"
26 #include "zend_objects_API.h"
27 #include "zend_object_handlers.h"
28 #include "zend_interfaces.h"
29 #include "zend_exceptions.h"
30 #include "zend_closures.h"
31 #include "zend_compile.h"
32 #include "zend_hash.h"
33
34 #define DEBUG_OBJECT_HANDLERS 0
35
36 #define ZEND_WRONG_PROPERTY_OFFSET 0
37
38 /* guard flags */
39 #define IN_GET (1<<0)
40 #define IN_SET (1<<1)
41 #define IN_UNSET (1<<2)
42 #define IN_ISSET (1<<3)
43
44 /*
45 __X accessors explanation:
46
47 if we have __get and property that is not part of the properties array is
48 requested, we call __get handler. If it fails, we return uninitialized.
49
50 if we have __set and property that is not part of the properties array is
51 set, we call __set handler. If it fails, we do not change the array.
52
53 for both handlers above, when we are inside __get/__set, no further calls for
54 __get/__set for this property of this object will be made, to prevent endless
55 recursion and enable accessors to change properties array.
56
57 if we have __call and method which is not part of the class function table is
58 called, we cal __call handler.
59 */
60
rebuild_object_properties(zend_object * zobj)61 ZEND_API void rebuild_object_properties(zend_object *zobj) /* {{{ */
62 {
63 if (!zobj->properties) {
64 zend_property_info *prop_info;
65 zend_class_entry *ce = zobj->ce;
66 int i;
67
68 zobj->properties = zend_new_array(ce->default_properties_count);
69 if (ce->default_properties_count) {
70 zend_hash_real_init_mixed(zobj->properties);
71 for (i = 0; i < ce->default_properties_count; i++) {
72 prop_info = ce->properties_info_table[i];
73
74 if (!prop_info) {
75 continue;
76 }
77
78 if (UNEXPECTED(Z_TYPE_P(OBJ_PROP(zobj, prop_info->offset)) == IS_UNDEF)) {
79 HT_FLAGS(zobj->properties) |= HASH_FLAG_HAS_EMPTY_IND;
80 }
81
82 _zend_hash_append_ind(zobj->properties, prop_info->name,
83 OBJ_PROP(zobj, prop_info->offset));
84 }
85 }
86 }
87 }
88 /* }}} */
89
zend_std_build_object_properties_array(zend_object * zobj)90 ZEND_API HashTable *zend_std_build_object_properties_array(zend_object *zobj) /* {{{ */
91 {
92 zend_property_info *prop_info;
93 zend_class_entry *ce = zobj->ce;
94 HashTable *ht;
95 zval* prop;
96 int i;
97
98 ZEND_ASSERT(!zobj->properties);
99 ht = zend_new_array(ce->default_properties_count);
100 if (ce->default_properties_count) {
101 zend_hash_real_init_mixed(ht);
102 for (i = 0; i < ce->default_properties_count; i++) {
103 prop_info = ce->properties_info_table[i];
104
105 if (!prop_info) {
106 continue;
107 }
108
109 prop = OBJ_PROP(zobj, prop_info->offset);
110 if (UNEXPECTED(Z_TYPE_P(prop) == IS_UNDEF)) {
111 continue;
112 }
113
114 if (Z_ISREF_P(prop) && Z_REFCOUNT_P(prop) == 1) {
115 prop = Z_REFVAL_P(prop);
116 }
117
118 Z_TRY_ADDREF_P(prop);
119 _zend_hash_append(ht, prop_info->name, prop);
120 }
121 }
122 return ht;
123 }
124 /* }}} */
125
zend_std_get_properties(zend_object * zobj)126 ZEND_API HashTable *zend_std_get_properties(zend_object *zobj) /* {{{ */
127 {
128 if (!zobj->properties) {
129 rebuild_object_properties(zobj);
130 }
131 return zobj->properties;
132 }
133 /* }}} */
134
zend_std_get_gc(zend_object * zobj,zval ** table,int * n)135 ZEND_API HashTable *zend_std_get_gc(zend_object *zobj, zval **table, int *n) /* {{{ */
136 {
137 if (zobj->handlers->get_properties != zend_std_get_properties) {
138 *table = NULL;
139 *n = 0;
140 return zobj->handlers->get_properties(zobj);
141 } else {
142 if (zobj->properties) {
143 *table = NULL;
144 *n = 0;
145 return zobj->properties;
146 } else {
147 *table = zobj->properties_table;
148 *n = zobj->ce->default_properties_count;
149 return NULL;
150 }
151 }
152 }
153 /* }}} */
154
zend_std_get_debug_info(zend_object * object,int * is_temp)155 ZEND_API HashTable *zend_std_get_debug_info(zend_object *object, int *is_temp) /* {{{ */
156 {
157 zend_class_entry *ce = object->ce;
158 zval retval;
159 HashTable *ht;
160
161 if (!ce->__debugInfo) {
162 *is_temp = 0;
163 return object->handlers->get_properties(object);
164 }
165
166 zend_call_known_instance_method_with_0_params(ce->__debugInfo, object, &retval);
167 if (Z_TYPE(retval) == IS_ARRAY) {
168 if (!Z_REFCOUNTED(retval)) {
169 *is_temp = 1;
170 return zend_array_dup(Z_ARRVAL(retval));
171 } else if (Z_REFCOUNT(retval) <= 1) {
172 *is_temp = 1;
173 ht = Z_ARR(retval);
174 return ht;
175 } else {
176 *is_temp = 0;
177 zval_ptr_dtor(&retval);
178 return Z_ARRVAL(retval);
179 }
180 } else if (Z_TYPE(retval) == IS_NULL) {
181 *is_temp = 1;
182 ht = zend_new_array(0);
183 return ht;
184 }
185
186 zend_error_noreturn(E_ERROR, ZEND_DEBUGINFO_FUNC_NAME "() must return an array");
187
188 return NULL; /* Compilers are dumb and don't understand that noreturn means that the function does NOT need a return value... */
189 }
190 /* }}} */
191
zend_std_call_getter(zend_object * zobj,zend_string * prop_name,zval * retval)192 static void zend_std_call_getter(zend_object *zobj, zend_string *prop_name, zval *retval) /* {{{ */
193 {
194 zval member;
195 ZVAL_STR(&member, prop_name);
196 zend_call_known_instance_method_with_1_params(zobj->ce->__get, zobj, retval, &member);
197 }
198 /* }}} */
199
zend_std_call_setter(zend_object * zobj,zend_string * prop_name,zval * value)200 static void zend_std_call_setter(zend_object *zobj, zend_string *prop_name, zval *value) /* {{{ */
201 {
202 zval args[2];
203 ZVAL_STR(&args[0], prop_name);
204 ZVAL_COPY_VALUE(&args[1], value);
205 zend_call_known_instance_method(zobj->ce->__set, zobj, NULL, 2, args);
206 }
207 /* }}} */
208
zend_std_call_unsetter(zend_object * zobj,zend_string * prop_name)209 static void zend_std_call_unsetter(zend_object *zobj, zend_string *prop_name) /* {{{ */
210 {
211 zval member;
212 ZVAL_STR(&member, prop_name);
213 zend_call_known_instance_method_with_1_params(zobj->ce->__unset, zobj, NULL, &member);
214 }
215 /* }}} */
216
zend_std_call_issetter(zend_object * zobj,zend_string * prop_name,zval * retval)217 static void zend_std_call_issetter(zend_object *zobj, zend_string *prop_name, zval *retval) /* {{{ */
218 {
219 zval member;
220 ZVAL_STR(&member, prop_name);
221 zend_call_known_instance_method_with_1_params(zobj->ce->__isset, zobj, retval, &member);
222 }
223 /* }}} */
224
225
is_derived_class(zend_class_entry * child_class,zend_class_entry * parent_class)226 static zend_always_inline bool is_derived_class(zend_class_entry *child_class, zend_class_entry *parent_class) /* {{{ */
227 {
228 child_class = child_class->parent;
229 while (child_class) {
230 if (child_class == parent_class) {
231 return 1;
232 }
233 child_class = child_class->parent;
234 }
235
236 return 0;
237 }
238 /* }}} */
239
is_protected_compatible_scope(zend_class_entry * ce,zend_class_entry * scope)240 static zend_never_inline int is_protected_compatible_scope(zend_class_entry *ce, zend_class_entry *scope) /* {{{ */
241 {
242 return scope &&
243 (is_derived_class(ce, scope) || is_derived_class(scope, ce));
244 }
245 /* }}} */
246
zend_get_parent_private_property(zend_class_entry * scope,zend_class_entry * ce,zend_string * member)247 static zend_never_inline zend_property_info *zend_get_parent_private_property(zend_class_entry *scope, zend_class_entry *ce, zend_string *member) /* {{{ */
248 {
249 zval *zv;
250 zend_property_info *prop_info;
251
252 if (scope != ce && scope && is_derived_class(ce, scope)) {
253 zv = zend_hash_find(&scope->properties_info, member);
254 if (zv != NULL) {
255 prop_info = (zend_property_info*)Z_PTR_P(zv);
256 if ((prop_info->flags & ZEND_ACC_PRIVATE)
257 && prop_info->ce == scope) {
258 return prop_info;
259 }
260 }
261 }
262 return NULL;
263 }
264 /* }}} */
265
zend_bad_property_access(zend_property_info * property_info,zend_class_entry * ce,zend_string * member)266 static ZEND_COLD zend_never_inline void zend_bad_property_access(zend_property_info *property_info, zend_class_entry *ce, zend_string *member) /* {{{ */
267 {
268 zend_throw_error(NULL, "Cannot access %s property %s::$%s", zend_visibility_string(property_info->flags), ZSTR_VAL(ce->name), ZSTR_VAL(member));
269 }
270 /* }}} */
271
zend_bad_property_name(void)272 static ZEND_COLD zend_never_inline void zend_bad_property_name(void) /* {{{ */
273 {
274 zend_throw_error(NULL, "Cannot access property starting with \"\\0\"");
275 }
276 /* }}} */
277
zend_forbidden_dynamic_property(zend_class_entry * ce,zend_string * member)278 static ZEND_COLD zend_never_inline void zend_forbidden_dynamic_property(
279 zend_class_entry *ce, zend_string *member) {
280 zend_throw_error(NULL, "Cannot create dynamic property %s::$%s",
281 ZSTR_VAL(ce->name), ZSTR_VAL(member));
282 }
283
zend_readonly_property_modification_scope_error(zend_class_entry * ce,zend_string * member,zend_class_entry * scope,const char * operation)284 static ZEND_COLD zend_never_inline void zend_readonly_property_modification_scope_error(
285 zend_class_entry *ce, zend_string *member, zend_class_entry *scope, const char *operation) {
286 zend_throw_error(NULL, "Cannot %s readonly property %s::$%s from %s%s",
287 operation, ZSTR_VAL(ce->name), ZSTR_VAL(member),
288 scope ? "scope " : "global scope", scope ? ZSTR_VAL(scope->name) : "");
289 }
290
zend_readonly_property_unset_error(zend_class_entry * ce,zend_string * member)291 static ZEND_COLD zend_never_inline void zend_readonly_property_unset_error(
292 zend_class_entry *ce, zend_string *member) {
293 zend_throw_error(NULL, "Cannot unset readonly property %s::$%s",
294 ZSTR_VAL(ce->name), ZSTR_VAL(member));
295 }
296
zend_get_property_offset(zend_class_entry * ce,zend_string * member,int silent,void ** cache_slot,zend_property_info ** info_ptr)297 static zend_always_inline uintptr_t zend_get_property_offset(zend_class_entry *ce, zend_string *member, int silent, void **cache_slot, zend_property_info **info_ptr) /* {{{ */
298 {
299 zval *zv;
300 zend_property_info *property_info;
301 uint32_t flags;
302 zend_class_entry *scope;
303 uintptr_t offset;
304
305 if (cache_slot && EXPECTED(ce == CACHED_PTR_EX(cache_slot))) {
306 *info_ptr = CACHED_PTR_EX(cache_slot + 2);
307 return (uintptr_t)CACHED_PTR_EX(cache_slot + 1);
308 }
309
310 if (UNEXPECTED(zend_hash_num_elements(&ce->properties_info) == 0)
311 || UNEXPECTED((zv = zend_hash_find(&ce->properties_info, member)) == NULL)) {
312 if (UNEXPECTED(ZSTR_VAL(member)[0] == '\0') && ZSTR_LEN(member) != 0) {
313 if (!silent) {
314 zend_bad_property_name();
315 }
316 return ZEND_WRONG_PROPERTY_OFFSET;
317 }
318 dynamic:
319 if (cache_slot) {
320 CACHE_POLYMORPHIC_PTR_EX(cache_slot, ce, (void*)ZEND_DYNAMIC_PROPERTY_OFFSET);
321 CACHE_PTR_EX(cache_slot + 2, NULL);
322 }
323 return ZEND_DYNAMIC_PROPERTY_OFFSET;
324 }
325
326 property_info = (zend_property_info*)Z_PTR_P(zv);
327 flags = property_info->flags;
328
329 if (flags & (ZEND_ACC_CHANGED|ZEND_ACC_PRIVATE|ZEND_ACC_PROTECTED)) {
330 if (UNEXPECTED(EG(fake_scope))) {
331 scope = EG(fake_scope);
332 } else {
333 scope = zend_get_executed_scope();
334 }
335
336 if (property_info->ce != scope) {
337 if (flags & ZEND_ACC_CHANGED) {
338 zend_property_info *p = zend_get_parent_private_property(scope, ce, member);
339
340 /* If there is a public/protected instance property on ce, don't try to use a
341 * private static property on scope. If both are static, prefer the static
342 * property on scope. This will throw a static property notice, rather than
343 * a visibility error. */
344 if (p && (!(p->flags & ZEND_ACC_STATIC) || (flags & ZEND_ACC_STATIC))) {
345 property_info = p;
346 flags = property_info->flags;
347 goto found;
348 } else if (flags & ZEND_ACC_PUBLIC) {
349 goto found;
350 }
351 }
352 if (flags & ZEND_ACC_PRIVATE) {
353 if (property_info->ce != ce) {
354 goto dynamic;
355 } else {
356 wrong:
357 /* Information was available, but we were denied access. Error out. */
358 if (!silent) {
359 zend_bad_property_access(property_info, ce, member);
360 }
361 return ZEND_WRONG_PROPERTY_OFFSET;
362 }
363 } else {
364 ZEND_ASSERT(flags & ZEND_ACC_PROTECTED);
365 if (UNEXPECTED(!is_protected_compatible_scope(property_info->ce, scope))) {
366 goto wrong;
367 }
368 }
369 }
370 }
371
372 found:
373 if (UNEXPECTED(flags & ZEND_ACC_STATIC)) {
374 if (!silent) {
375 zend_error(E_NOTICE, "Accessing static property %s::$%s as non static", ZSTR_VAL(ce->name), ZSTR_VAL(member));
376 }
377 return ZEND_DYNAMIC_PROPERTY_OFFSET;
378 }
379
380 offset = property_info->offset;
381 if (EXPECTED(!ZEND_TYPE_IS_SET(property_info->type))) {
382 property_info = NULL;
383 } else {
384 *info_ptr = property_info;
385 }
386 if (cache_slot) {
387 CACHE_POLYMORPHIC_PTR_EX(cache_slot, ce, (void*)(uintptr_t)offset);
388 CACHE_PTR_EX(cache_slot + 2, property_info);
389 }
390 return offset;
391 }
392 /* }}} */
393
zend_wrong_offset(zend_class_entry * ce,zend_string * member)394 static ZEND_COLD void zend_wrong_offset(zend_class_entry *ce, zend_string *member) /* {{{ */
395 {
396 zend_property_info *dummy;
397
398 /* Trigger the correct error */
399 zend_get_property_offset(ce, member, 0, NULL, &dummy);
400 }
401 /* }}} */
402
zend_get_property_info(zend_class_entry * ce,zend_string * member,int silent)403 ZEND_API zend_property_info *zend_get_property_info(zend_class_entry *ce, zend_string *member, int silent) /* {{{ */
404 {
405 zval *zv;
406 zend_property_info *property_info;
407 uint32_t flags;
408 zend_class_entry *scope;
409
410 if (UNEXPECTED(zend_hash_num_elements(&ce->properties_info) == 0)
411 || EXPECTED((zv = zend_hash_find(&ce->properties_info, member)) == NULL)) {
412 if (UNEXPECTED(ZSTR_VAL(member)[0] == '\0') && ZSTR_LEN(member) != 0) {
413 if (!silent) {
414 zend_bad_property_name();
415 }
416 return ZEND_WRONG_PROPERTY_INFO;
417 }
418 dynamic:
419 return NULL;
420 }
421
422 property_info = (zend_property_info*)Z_PTR_P(zv);
423 flags = property_info->flags;
424
425 if (flags & (ZEND_ACC_CHANGED|ZEND_ACC_PRIVATE|ZEND_ACC_PROTECTED)) {
426 if (UNEXPECTED(EG(fake_scope))) {
427 scope = EG(fake_scope);
428 } else {
429 scope = zend_get_executed_scope();
430 }
431 if (property_info->ce != scope) {
432 if (flags & ZEND_ACC_CHANGED) {
433 zend_property_info *p = zend_get_parent_private_property(scope, ce, member);
434
435 if (p) {
436 property_info = p;
437 flags = property_info->flags;
438 goto found;
439 } else if (flags & ZEND_ACC_PUBLIC) {
440 goto found;
441 }
442 }
443 if (flags & ZEND_ACC_PRIVATE) {
444 if (property_info->ce != ce) {
445 goto dynamic;
446 } else {
447 wrong:
448 /* Information was available, but we were denied access. Error out. */
449 if (!silent) {
450 zend_bad_property_access(property_info, ce, member);
451 }
452 return ZEND_WRONG_PROPERTY_INFO;
453 }
454 } else {
455 ZEND_ASSERT(flags & ZEND_ACC_PROTECTED);
456 if (UNEXPECTED(!is_protected_compatible_scope(property_info->ce, scope))) {
457 goto wrong;
458 }
459 }
460 }
461 }
462
463 found:
464 if (UNEXPECTED(flags & ZEND_ACC_STATIC)) {
465 if (!silent) {
466 zend_error(E_NOTICE, "Accessing static property %s::$%s as non static", ZSTR_VAL(ce->name), ZSTR_VAL(member));
467 }
468 }
469 return property_info;
470 }
471 /* }}} */
472
zend_check_property_access(zend_object * zobj,zend_string * prop_info_name,bool is_dynamic)473 ZEND_API int zend_check_property_access(zend_object *zobj, zend_string *prop_info_name, bool is_dynamic) /* {{{ */
474 {
475 zend_property_info *property_info;
476 const char *class_name = NULL;
477 const char *prop_name;
478 zend_string *member;
479 size_t prop_name_len;
480
481 if (ZSTR_VAL(prop_info_name)[0] == 0) {
482 if (is_dynamic) {
483 return SUCCESS;
484 }
485
486 zend_unmangle_property_name_ex(prop_info_name, &class_name, &prop_name, &prop_name_len);
487 member = zend_string_init(prop_name, prop_name_len, 0);
488 property_info = zend_get_property_info(zobj->ce, member, 1);
489 zend_string_release_ex(member, 0);
490 if (property_info == NULL || property_info == ZEND_WRONG_PROPERTY_INFO) {
491 return FAILURE;
492 }
493
494 if (class_name[0] != '*') {
495 if (!(property_info->flags & ZEND_ACC_PRIVATE)) {
496 /* we we're looking for a private prop but found a non private one of the same name */
497 return FAILURE;
498 } else if (strcmp(ZSTR_VAL(prop_info_name)+1, ZSTR_VAL(property_info->name)+1)) {
499 /* we we're looking for a private prop but found a private one of the same name but another class */
500 return FAILURE;
501 }
502 } else {
503 ZEND_ASSERT(property_info->flags & ZEND_ACC_PROTECTED);
504 }
505 return SUCCESS;
506 } else {
507 property_info = zend_get_property_info(zobj->ce, prop_info_name, 1);
508 if (property_info == NULL) {
509 ZEND_ASSERT(is_dynamic);
510 return SUCCESS;
511 } else if (property_info == ZEND_WRONG_PROPERTY_INFO) {
512 return FAILURE;
513 }
514 return (property_info->flags & ZEND_ACC_PUBLIC) ? SUCCESS : FAILURE;
515 }
516 }
517 /* }}} */
518
zend_property_guard_dtor(zval * el)519 static void zend_property_guard_dtor(zval *el) /* {{{ */ {
520 uint32_t *ptr = (uint32_t*)Z_PTR_P(el);
521 if (EXPECTED(!(((zend_uintptr_t)ptr) & 1))) {
522 efree_size(ptr, sizeof(uint32_t));
523 }
524 }
525 /* }}} */
526
zend_get_property_guard(zend_object * zobj,zend_string * member)527 ZEND_API uint32_t *zend_get_property_guard(zend_object *zobj, zend_string *member) /* {{{ */
528 {
529 HashTable *guards;
530 zval *zv;
531 uint32_t *ptr;
532
533 ZEND_ASSERT(zobj->ce->ce_flags & ZEND_ACC_USE_GUARDS);
534 zv = zobj->properties_table + zobj->ce->default_properties_count;
535 if (EXPECTED(Z_TYPE_P(zv) == IS_STRING)) {
536 zend_string *str = Z_STR_P(zv);
537 if (EXPECTED(str == member) ||
538 /* str and member don't necessarily have a pre-calculated hash value here */
539 EXPECTED(zend_string_equal_content(str, member))) {
540 return &Z_PROPERTY_GUARD_P(zv);
541 } else if (EXPECTED(Z_PROPERTY_GUARD_P(zv) == 0)) {
542 zval_ptr_dtor_str(zv);
543 ZVAL_STR_COPY(zv, member);
544 return &Z_PROPERTY_GUARD_P(zv);
545 } else {
546 ALLOC_HASHTABLE(guards);
547 zend_hash_init(guards, 8, NULL, zend_property_guard_dtor, 0);
548 /* mark pointer as "special" using low bit */
549 zend_hash_add_new_ptr(guards, str,
550 (void*)(((zend_uintptr_t)&Z_PROPERTY_GUARD_P(zv)) | 1));
551 zval_ptr_dtor_str(zv);
552 ZVAL_ARR(zv, guards);
553 }
554 } else if (EXPECTED(Z_TYPE_P(zv) == IS_ARRAY)) {
555 guards = Z_ARRVAL_P(zv);
556 ZEND_ASSERT(guards != NULL);
557 zv = zend_hash_find(guards, member);
558 if (zv != NULL) {
559 return (uint32_t*)(((zend_uintptr_t)Z_PTR_P(zv)) & ~1);
560 }
561 } else {
562 ZEND_ASSERT(Z_TYPE_P(zv) == IS_UNDEF);
563 ZVAL_STR_COPY(zv, member);
564 Z_PROPERTY_GUARD_P(zv) = 0;
565 return &Z_PROPERTY_GUARD_P(zv);
566 }
567 /* we have to allocate uint32_t separately because ht->arData may be reallocated */
568 ptr = (uint32_t*)emalloc(sizeof(uint32_t));
569 *ptr = 0;
570 return (uint32_t*)zend_hash_add_new_ptr(guards, member, ptr);
571 }
572 /* }}} */
573
zend_std_read_property(zend_object * zobj,zend_string * name,int type,void ** cache_slot,zval * rv)574 ZEND_API zval *zend_std_read_property(zend_object *zobj, zend_string *name, int type, void **cache_slot, zval *rv) /* {{{ */
575 {
576 zval *retval;
577 uintptr_t property_offset;
578 zend_property_info *prop_info = NULL;
579 uint32_t *guard = NULL;
580 zend_string *tmp_name = NULL;
581
582 #if DEBUG_OBJECT_HANDLERS
583 fprintf(stderr, "Read object #%d property: %s\n", zobj->handle, ZSTR_VAL(name));
584 #endif
585
586 /* make zend_get_property_info silent if we have getter - we may want to use it */
587 property_offset = zend_get_property_offset(zobj->ce, name, (type == BP_VAR_IS) || (zobj->ce->__get != NULL), cache_slot, &prop_info);
588
589 if (EXPECTED(IS_VALID_PROPERTY_OFFSET(property_offset))) {
590 retval = OBJ_PROP(zobj, property_offset);
591 if (EXPECTED(Z_TYPE_P(retval) != IS_UNDEF)) {
592 if (prop_info && UNEXPECTED(prop_info->flags & ZEND_ACC_READONLY)
593 && (type == BP_VAR_W || type == BP_VAR_RW || type == BP_VAR_UNSET)) {
594 if (Z_TYPE_P(retval) == IS_OBJECT) {
595 /* For objects, W/RW/UNSET fetch modes might not actually modify object.
596 * Similar as with magic __get() allow them, but return the value as a copy
597 * to make sure no actual modification is possible. */
598 ZVAL_COPY(rv, retval);
599 retval = rv;
600 } else {
601 zend_readonly_property_modification_error(prop_info);
602 retval = &EG(uninitialized_zval);
603 }
604 }
605 goto exit;
606 } else {
607 if (prop_info && UNEXPECTED(prop_info->flags & ZEND_ACC_READONLY)) {
608 if (type == BP_VAR_W || type == BP_VAR_RW) {
609 zend_readonly_property_indirect_modification_error(prop_info);
610 retval = &EG(uninitialized_zval);
611 goto exit;
612 } else if (type == BP_VAR_UNSET) {
613 retval = &EG(uninitialized_zval);
614 goto exit;
615 }
616 }
617 }
618 if (UNEXPECTED(Z_PROP_FLAG_P(retval) == IS_PROP_UNINIT)) {
619 /* Skip __get() for uninitialized typed properties */
620 goto uninit_error;
621 }
622 } else if (EXPECTED(IS_DYNAMIC_PROPERTY_OFFSET(property_offset))) {
623 if (EXPECTED(zobj->properties != NULL)) {
624 if (!IS_UNKNOWN_DYNAMIC_PROPERTY_OFFSET(property_offset)) {
625 uintptr_t idx = ZEND_DECODE_DYN_PROP_OFFSET(property_offset);
626
627 if (EXPECTED(idx < zobj->properties->nNumUsed * sizeof(Bucket))) {
628 Bucket *p = (Bucket*)((char*)zobj->properties->arData + idx);
629
630 if (EXPECTED(Z_TYPE(p->val) != IS_UNDEF) &&
631 (EXPECTED(p->key == name) ||
632 (EXPECTED(p->h == ZSTR_H(name)) &&
633 EXPECTED(p->key != NULL) &&
634 EXPECTED(zend_string_equal_content(p->key, name))))) {
635 retval = &p->val;
636 goto exit;
637 }
638 }
639 CACHE_PTR_EX(cache_slot + 1, (void*)ZEND_DYNAMIC_PROPERTY_OFFSET);
640 }
641 retval = zend_hash_find(zobj->properties, name);
642 if (EXPECTED(retval)) {
643 if (cache_slot) {
644 uintptr_t idx = (char*)retval - (char*)zobj->properties->arData;
645 CACHE_PTR_EX(cache_slot + 1, (void*)ZEND_ENCODE_DYN_PROP_OFFSET(idx));
646 }
647 goto exit;
648 }
649 }
650 } else if (UNEXPECTED(EG(exception))) {
651 retval = &EG(uninitialized_zval);
652 goto exit;
653 }
654
655 /* magic isset */
656 if ((type == BP_VAR_IS) && zobj->ce->__isset) {
657 zval tmp_result;
658 guard = zend_get_property_guard(zobj, name);
659
660 if (!((*guard) & IN_ISSET)) {
661 if (!tmp_name && !ZSTR_IS_INTERNED(name)) {
662 tmp_name = zend_string_copy(name);
663 }
664 GC_ADDREF(zobj);
665 ZVAL_UNDEF(&tmp_result);
666
667 *guard |= IN_ISSET;
668 zend_std_call_issetter(zobj, name, &tmp_result);
669 *guard &= ~IN_ISSET;
670
671 if (!zend_is_true(&tmp_result)) {
672 retval = &EG(uninitialized_zval);
673 OBJ_RELEASE(zobj);
674 zval_ptr_dtor(&tmp_result);
675 goto exit;
676 }
677
678 zval_ptr_dtor(&tmp_result);
679 if (zobj->ce->__get && !((*guard) & IN_GET)) {
680 goto call_getter;
681 }
682 OBJ_RELEASE(zobj);
683 } else if (zobj->ce->__get && !((*guard) & IN_GET)) {
684 goto call_getter_addref;
685 }
686 } else if (zobj->ce->__get) {
687 /* magic get */
688 guard = zend_get_property_guard(zobj, name);
689 if (!((*guard) & IN_GET)) {
690 /* have getter - try with it! */
691 call_getter_addref:
692 GC_ADDREF(zobj);
693 call_getter:
694 *guard |= IN_GET; /* prevent circular getting */
695 zend_std_call_getter(zobj, name, rv);
696 *guard &= ~IN_GET;
697
698 if (Z_TYPE_P(rv) != IS_UNDEF) {
699 retval = rv;
700 if (!Z_ISREF_P(rv) &&
701 (type == BP_VAR_W || type == BP_VAR_RW || type == BP_VAR_UNSET)) {
702 if (UNEXPECTED(Z_TYPE_P(rv) != IS_OBJECT)) {
703 zend_error(E_NOTICE, "Indirect modification of overloaded property %s::$%s has no effect", ZSTR_VAL(zobj->ce->name), ZSTR_VAL(name));
704 }
705 }
706 } else {
707 retval = &EG(uninitialized_zval);
708 }
709
710 if (UNEXPECTED(prop_info)) {
711 zend_verify_prop_assignable_by_ref(prop_info, retval, (zobj->ce->__get->common.fn_flags & ZEND_ACC_STRICT_TYPES) != 0);
712 }
713
714 OBJ_RELEASE(zobj);
715 goto exit;
716 } else if (UNEXPECTED(IS_WRONG_PROPERTY_OFFSET(property_offset))) {
717 /* Trigger the correct error */
718 zend_get_property_offset(zobj->ce, name, 0, NULL, &prop_info);
719 ZEND_ASSERT(EG(exception));
720 retval = &EG(uninitialized_zval);
721 goto exit;
722 }
723 }
724
725 uninit_error:
726 if (type != BP_VAR_IS) {
727 if (UNEXPECTED(prop_info)) {
728 zend_throw_error(NULL, "Typed property %s::$%s must not be accessed before initialization",
729 ZSTR_VAL(prop_info->ce->name),
730 ZSTR_VAL(name));
731 } else {
732 zend_error(E_WARNING, "Undefined property: %s::$%s", ZSTR_VAL(zobj->ce->name), ZSTR_VAL(name));
733 }
734 }
735 retval = &EG(uninitialized_zval);
736
737 exit:
738 zend_tmp_string_release(tmp_name);
739
740 return retval;
741 }
742 /* }}} */
743
property_uses_strict_types(void)744 static zend_always_inline bool property_uses_strict_types(void) {
745 zend_execute_data *execute_data = EG(current_execute_data);
746 return execute_data
747 && execute_data->func
748 && ZEND_CALL_USES_STRICT_TYPES(EG(current_execute_data));
749 }
750
verify_readonly_initialization_access(zend_property_info * prop_info,zend_class_entry * ce,zend_string * name,const char * operation)751 static bool verify_readonly_initialization_access(
752 zend_property_info *prop_info, zend_class_entry *ce,
753 zend_string *name, const char *operation) {
754 zend_class_entry *scope;
755 if (UNEXPECTED(EG(fake_scope))) {
756 scope = EG(fake_scope);
757 } else {
758 scope = zend_get_executed_scope();
759 }
760 if (prop_info->ce == scope) {
761 return true;
762 }
763
764 /* We may have redeclared a parent property. In that case the parent should still be
765 * allowed to initialize it. */
766 if (scope && is_derived_class(ce, scope)) {
767 zend_property_info *prop_info = zend_hash_find_ptr(&scope->properties_info, name);
768 if (prop_info) {
769 /* This should be ensured by inheritance. */
770 ZEND_ASSERT(prop_info->flags & ZEND_ACC_READONLY);
771 if (prop_info->ce == scope) {
772 return true;
773 }
774 }
775 }
776
777 zend_readonly_property_modification_scope_error(prop_info->ce, name, scope, operation);
778 return false;
779 }
780
zend_std_write_property(zend_object * zobj,zend_string * name,zval * value,void ** cache_slot)781 ZEND_API zval *zend_std_write_property(zend_object *zobj, zend_string *name, zval *value, void **cache_slot) /* {{{ */
782 {
783 zval *variable_ptr, tmp;
784 uintptr_t property_offset;
785 zend_property_info *prop_info = NULL;
786 ZEND_ASSERT(!Z_ISREF_P(value));
787
788 property_offset = zend_get_property_offset(zobj->ce, name, (zobj->ce->__set != NULL), cache_slot, &prop_info);
789
790 if (EXPECTED(IS_VALID_PROPERTY_OFFSET(property_offset))) {
791 variable_ptr = OBJ_PROP(zobj, property_offset);
792 if (Z_TYPE_P(variable_ptr) != IS_UNDEF) {
793 Z_TRY_ADDREF_P(value);
794
795 if (UNEXPECTED(prop_info)) {
796 if (UNEXPECTED(prop_info->flags & ZEND_ACC_READONLY)) {
797 Z_TRY_DELREF_P(value);
798 zend_readonly_property_modification_error(prop_info);
799 variable_ptr = &EG(error_zval);
800 goto exit;
801 }
802
803 ZVAL_COPY_VALUE(&tmp, value);
804 if (UNEXPECTED(!zend_verify_property_type(prop_info, &tmp, property_uses_strict_types()))) {
805 Z_TRY_DELREF_P(value);
806 variable_ptr = &EG(error_zval);
807 goto exit;
808 }
809 value = &tmp;
810 }
811
812 found:
813 variable_ptr = zend_assign_to_variable(
814 variable_ptr, value, IS_TMP_VAR, property_uses_strict_types());
815 goto exit;
816 }
817 if (Z_PROP_FLAG_P(variable_ptr) == IS_PROP_UNINIT) {
818 /* Writes to uninitialized typed properties bypass __set(). */
819 goto write_std_property;
820 }
821 } else if (EXPECTED(IS_DYNAMIC_PROPERTY_OFFSET(property_offset))) {
822 if (EXPECTED(zobj->properties != NULL)) {
823 if (UNEXPECTED(GC_REFCOUNT(zobj->properties) > 1)) {
824 if (EXPECTED(!(GC_FLAGS(zobj->properties) & IS_ARRAY_IMMUTABLE))) {
825 GC_DELREF(zobj->properties);
826 }
827 zobj->properties = zend_array_dup(zobj->properties);
828 }
829 if ((variable_ptr = zend_hash_find(zobj->properties, name)) != NULL) {
830 Z_TRY_ADDREF_P(value);
831 goto found;
832 }
833 }
834 } else if (UNEXPECTED(EG(exception))) {
835 variable_ptr = &EG(error_zval);
836 goto exit;
837 }
838
839 /* magic set */
840 if (zobj->ce->__set) {
841 uint32_t *guard = zend_get_property_guard(zobj, name);
842
843 if (!((*guard) & IN_SET)) {
844 GC_ADDREF(zobj);
845 (*guard) |= IN_SET; /* prevent circular setting */
846 zend_std_call_setter(zobj, name, value);
847 (*guard) &= ~IN_SET;
848 OBJ_RELEASE(zobj);
849 variable_ptr = value;
850 } else if (EXPECTED(!IS_WRONG_PROPERTY_OFFSET(property_offset))) {
851 goto write_std_property;
852 } else {
853 /* Trigger the correct error */
854 zend_wrong_offset(zobj->ce, name);
855 ZEND_ASSERT(EG(exception));
856 variable_ptr = &EG(error_zval);
857 goto exit;
858 }
859 } else {
860 ZEND_ASSERT(!IS_WRONG_PROPERTY_OFFSET(property_offset));
861 write_std_property:
862 if (EXPECTED(IS_VALID_PROPERTY_OFFSET(property_offset))) {
863 variable_ptr = OBJ_PROP(zobj, property_offset);
864
865 Z_TRY_ADDREF_P(value);
866 if (UNEXPECTED(prop_info)) {
867 if (UNEXPECTED((prop_info->flags & ZEND_ACC_READONLY)
868 && !verify_readonly_initialization_access(prop_info, zobj->ce, name, "initialize"))) {
869 Z_TRY_DELREF_P(value);
870 variable_ptr = &EG(error_zval);
871 goto exit;
872 }
873
874 ZVAL_COPY_VALUE(&tmp, value);
875 if (UNEXPECTED(!zend_verify_property_type(prop_info, &tmp, property_uses_strict_types()))) {
876 zval_ptr_dtor(value);
877 goto exit;
878 }
879 value = &tmp;
880 Z_PROP_FLAG_P(variable_ptr) = 0;
881 goto found; /* might have been updated via e.g. __toString() */
882 }
883
884 ZVAL_COPY_VALUE(variable_ptr, value);
885 } else {
886 if (UNEXPECTED(zobj->ce->ce_flags & ZEND_ACC_NO_DYNAMIC_PROPERTIES)) {
887 zend_forbidden_dynamic_property(zobj->ce, name);
888 variable_ptr = &EG(error_zval);
889 goto exit;
890 }
891
892 Z_TRY_ADDREF_P(value);
893 if (!zobj->properties) {
894 rebuild_object_properties(zobj);
895 }
896 variable_ptr = zend_hash_add_new(zobj->properties, name, value);
897 }
898 }
899
900 exit:
901 return variable_ptr;
902 }
903 /* }}} */
904
zend_bad_array_access(zend_class_entry * ce)905 static ZEND_COLD zend_never_inline void zend_bad_array_access(zend_class_entry *ce) /* {{{ */
906 {
907 zend_throw_error(NULL, "Cannot use object of type %s as array", ZSTR_VAL(ce->name));
908 }
909 /* }}} */
910
zend_std_read_dimension(zend_object * object,zval * offset,int type,zval * rv)911 ZEND_API zval *zend_std_read_dimension(zend_object *object, zval *offset, int type, zval *rv) /* {{{ */
912 {
913 zend_class_entry *ce = object->ce;
914 zval tmp_offset;
915
916 if (EXPECTED(zend_class_implements_interface(ce, zend_ce_arrayaccess) != 0)) {
917 if (offset == NULL) {
918 /* [] construct */
919 ZVAL_NULL(&tmp_offset);
920 } else {
921 ZVAL_COPY_DEREF(&tmp_offset, offset);
922 }
923
924 GC_ADDREF(object);
925 if (type == BP_VAR_IS) {
926 zend_call_method_with_1_params(object, ce, NULL, "offsetexists", rv, &tmp_offset);
927 if (UNEXPECTED(Z_ISUNDEF_P(rv))) {
928 OBJ_RELEASE(object);
929 zval_ptr_dtor(&tmp_offset);
930 return NULL;
931 }
932 if (!i_zend_is_true(rv)) {
933 OBJ_RELEASE(object);
934 zval_ptr_dtor(&tmp_offset);
935 zval_ptr_dtor(rv);
936 return &EG(uninitialized_zval);
937 }
938 zval_ptr_dtor(rv);
939 }
940
941 zend_call_method_with_1_params(object, ce, NULL, "offsetget", rv, &tmp_offset);
942
943 OBJ_RELEASE(object);
944 zval_ptr_dtor(&tmp_offset);
945
946 if (UNEXPECTED(Z_TYPE_P(rv) == IS_UNDEF)) {
947 if (UNEXPECTED(!EG(exception))) {
948 zend_throw_error(NULL, "Undefined offset for object of type %s used as array", ZSTR_VAL(ce->name));
949 }
950 return NULL;
951 }
952 return rv;
953 } else {
954 zend_bad_array_access(ce);
955 return NULL;
956 }
957 }
958 /* }}} */
959
zend_std_write_dimension(zend_object * object,zval * offset,zval * value)960 ZEND_API void zend_std_write_dimension(zend_object *object, zval *offset, zval *value) /* {{{ */
961 {
962 zend_class_entry *ce = object->ce;
963 zval tmp_offset;
964
965 if (EXPECTED(zend_class_implements_interface(ce, zend_ce_arrayaccess) != 0)) {
966 if (!offset) {
967 ZVAL_NULL(&tmp_offset);
968 } else {
969 ZVAL_COPY_DEREF(&tmp_offset, offset);
970 }
971 GC_ADDREF(object);
972 zend_call_method_with_2_params(object, ce, NULL, "offsetset", NULL, &tmp_offset, value);
973 OBJ_RELEASE(object);
974 zval_ptr_dtor(&tmp_offset);
975 } else {
976 zend_bad_array_access(ce);
977 }
978 }
979 /* }}} */
980
zend_std_has_dimension(zend_object * object,zval * offset,int check_empty)981 ZEND_API int zend_std_has_dimension(zend_object *object, zval *offset, int check_empty) /* {{{ */
982 {
983 zend_class_entry *ce = object->ce;
984 zval retval, tmp_offset;
985 int result;
986
987 if (EXPECTED(zend_class_implements_interface(ce, zend_ce_arrayaccess) != 0)) {
988 ZVAL_COPY_DEREF(&tmp_offset, offset);
989 GC_ADDREF(object);
990 zend_call_method_with_1_params(object, ce, NULL, "offsetexists", &retval, &tmp_offset);
991 result = i_zend_is_true(&retval);
992 zval_ptr_dtor(&retval);
993 if (check_empty && result && EXPECTED(!EG(exception))) {
994 zend_call_method_with_1_params(object, ce, NULL, "offsetget", &retval, &tmp_offset);
995 result = i_zend_is_true(&retval);
996 zval_ptr_dtor(&retval);
997 }
998 OBJ_RELEASE(object);
999 zval_ptr_dtor(&tmp_offset);
1000 } else {
1001 zend_bad_array_access(ce);
1002 return 0;
1003 }
1004 return result;
1005 }
1006 /* }}} */
1007
zend_std_get_property_ptr_ptr(zend_object * zobj,zend_string * name,int type,void ** cache_slot)1008 ZEND_API zval *zend_std_get_property_ptr_ptr(zend_object *zobj, zend_string *name, int type, void **cache_slot) /* {{{ */
1009 {
1010 zval *retval = NULL;
1011 uintptr_t property_offset;
1012 zend_property_info *prop_info = NULL;
1013
1014 #if DEBUG_OBJECT_HANDLERS
1015 fprintf(stderr, "Ptr object #%d property: %s\n", zobj->handle, ZSTR_VAL(name));
1016 #endif
1017
1018 property_offset = zend_get_property_offset(zobj->ce, name, (zobj->ce->__get != NULL), cache_slot, &prop_info);
1019
1020 if (EXPECTED(IS_VALID_PROPERTY_OFFSET(property_offset))) {
1021 retval = OBJ_PROP(zobj, property_offset);
1022 if (UNEXPECTED(Z_TYPE_P(retval) == IS_UNDEF)) {
1023 if (EXPECTED(!zobj->ce->__get) ||
1024 UNEXPECTED((*zend_get_property_guard(zobj, name)) & IN_GET) ||
1025 UNEXPECTED(prop_info && Z_PROP_FLAG_P(retval) == IS_PROP_UNINIT)) {
1026 if (UNEXPECTED(type == BP_VAR_RW || type == BP_VAR_R)) {
1027 if (UNEXPECTED(prop_info)) {
1028 zend_throw_error(NULL,
1029 "Typed property %s::$%s must not be accessed before initialization",
1030 ZSTR_VAL(prop_info->ce->name),
1031 ZSTR_VAL(name));
1032 retval = &EG(error_zval);
1033 } else {
1034 ZVAL_NULL(retval);
1035 zend_error(E_WARNING, "Undefined property: %s::$%s", ZSTR_VAL(zobj->ce->name), ZSTR_VAL(name));
1036 }
1037 } else if (prop_info && UNEXPECTED(prop_info->flags & ZEND_ACC_READONLY)) {
1038 /* Readonly property, delegate to read_property + write_property. */
1039 retval = NULL;
1040 } else if (!prop_info || !ZEND_TYPE_IS_SET(prop_info->type)) {
1041 ZVAL_NULL(retval);
1042 }
1043 } else {
1044 /* we do have getter - fail and let it try again with usual get/set */
1045 retval = NULL;
1046 }
1047 } else if (prop_info && UNEXPECTED(prop_info->flags & ZEND_ACC_READONLY)) {
1048 /* Readonly property, delegate to read_property + write_property. */
1049 retval = NULL;
1050 }
1051 } else if (EXPECTED(IS_DYNAMIC_PROPERTY_OFFSET(property_offset))) {
1052 if (EXPECTED(zobj->properties)) {
1053 if (UNEXPECTED(GC_REFCOUNT(zobj->properties) > 1)) {
1054 if (EXPECTED(!(GC_FLAGS(zobj->properties) & IS_ARRAY_IMMUTABLE))) {
1055 GC_DELREF(zobj->properties);
1056 }
1057 zobj->properties = zend_array_dup(zobj->properties);
1058 }
1059 if (EXPECTED((retval = zend_hash_find(zobj->properties, name)) != NULL)) {
1060 return retval;
1061 }
1062 }
1063 if (EXPECTED(!zobj->ce->__get) ||
1064 UNEXPECTED((*zend_get_property_guard(zobj, name)) & IN_GET)) {
1065 if (UNEXPECTED(zobj->ce->ce_flags & ZEND_ACC_NO_DYNAMIC_PROPERTIES)) {
1066 zend_forbidden_dynamic_property(zobj->ce, name);
1067 return &EG(error_zval);
1068 }
1069 if (UNEXPECTED(!zobj->properties)) {
1070 rebuild_object_properties(zobj);
1071 }
1072 retval = zend_hash_update(zobj->properties, name, &EG(uninitialized_zval));
1073 /* Notice is thrown after creation of the property, to avoid EG(std_property_info)
1074 * being overwritten in an error handler. */
1075 if (UNEXPECTED(type == BP_VAR_RW || type == BP_VAR_R)) {
1076 zend_error(E_WARNING, "Undefined property: %s::$%s", ZSTR_VAL(zobj->ce->name), ZSTR_VAL(name));
1077 }
1078 }
1079 } else if (zobj->ce->__get == NULL) {
1080 retval = &EG(error_zval);
1081 }
1082
1083 return retval;
1084 }
1085 /* }}} */
1086
zend_std_unset_property(zend_object * zobj,zend_string * name,void ** cache_slot)1087 ZEND_API void zend_std_unset_property(zend_object *zobj, zend_string *name, void **cache_slot) /* {{{ */
1088 {
1089 uintptr_t property_offset;
1090 zend_property_info *prop_info = NULL;
1091
1092 property_offset = zend_get_property_offset(zobj->ce, name, (zobj->ce->__unset != NULL), cache_slot, &prop_info);
1093
1094 if (EXPECTED(IS_VALID_PROPERTY_OFFSET(property_offset))) {
1095 zval *slot = OBJ_PROP(zobj, property_offset);
1096
1097 if (Z_TYPE_P(slot) != IS_UNDEF) {
1098 if (UNEXPECTED(prop_info && (prop_info->flags & ZEND_ACC_READONLY))) {
1099 zend_readonly_property_unset_error(prop_info->ce, name);
1100 return;
1101 }
1102 if (UNEXPECTED(Z_ISREF_P(slot)) &&
1103 (ZEND_DEBUG || ZEND_REF_HAS_TYPE_SOURCES(Z_REF_P(slot)))) {
1104 if (prop_info) {
1105 ZEND_REF_DEL_TYPE_SOURCE(Z_REF_P(slot), prop_info);
1106 }
1107 }
1108 zval tmp;
1109 ZVAL_COPY_VALUE(&tmp, slot);
1110 ZVAL_UNDEF(slot);
1111 zval_ptr_dtor(&tmp);
1112 if (zobj->properties) {
1113 HT_FLAGS(zobj->properties) |= HASH_FLAG_HAS_EMPTY_IND;
1114 }
1115 return;
1116 }
1117 if (UNEXPECTED(Z_PROP_FLAG_P(slot) == IS_PROP_UNINIT)) {
1118 if (UNEXPECTED(prop_info && (prop_info->flags & ZEND_ACC_READONLY)
1119 && !verify_readonly_initialization_access(prop_info, zobj->ce, name, "unset"))) {
1120 return;
1121 }
1122
1123 /* Reset the IS_PROP_UNINIT flag, if it exists and bypass __unset(). */
1124 Z_PROP_FLAG_P(slot) = 0;
1125 return;
1126 }
1127 } else if (EXPECTED(IS_DYNAMIC_PROPERTY_OFFSET(property_offset))
1128 && EXPECTED(zobj->properties != NULL)) {
1129 if (UNEXPECTED(GC_REFCOUNT(zobj->properties) > 1)) {
1130 if (EXPECTED(!(GC_FLAGS(zobj->properties) & IS_ARRAY_IMMUTABLE))) {
1131 GC_DELREF(zobj->properties);
1132 }
1133 zobj->properties = zend_array_dup(zobj->properties);
1134 }
1135 if (EXPECTED(zend_hash_del(zobj->properties, name) != FAILURE)) {
1136 return;
1137 }
1138 } else if (UNEXPECTED(EG(exception))) {
1139 return;
1140 }
1141
1142 /* magic unset */
1143 if (zobj->ce->__unset) {
1144 uint32_t *guard = zend_get_property_guard(zobj, name);
1145 if (!((*guard) & IN_UNSET)) {
1146 /* have unseter - try with it! */
1147 (*guard) |= IN_UNSET; /* prevent circular unsetting */
1148 zend_std_call_unsetter(zobj, name);
1149 (*guard) &= ~IN_UNSET;
1150 } else if (UNEXPECTED(IS_WRONG_PROPERTY_OFFSET(property_offset))) {
1151 /* Trigger the correct error */
1152 zend_wrong_offset(zobj->ce, name);
1153 ZEND_ASSERT(EG(exception));
1154 return;
1155 } else {
1156 /* Nothing to do: The property already does not exist. */
1157 }
1158 }
1159 }
1160 /* }}} */
1161
zend_std_unset_dimension(zend_object * object,zval * offset)1162 ZEND_API void zend_std_unset_dimension(zend_object *object, zval *offset) /* {{{ */
1163 {
1164 zend_class_entry *ce = object->ce;
1165 zval tmp_offset;
1166
1167 if (zend_class_implements_interface(ce, zend_ce_arrayaccess)) {
1168 ZVAL_COPY_DEREF(&tmp_offset, offset);
1169 GC_ADDREF(object);
1170 zend_call_method_with_1_params(object, ce, NULL, "offsetunset", NULL, &tmp_offset);
1171 OBJ_RELEASE(object);
1172 zval_ptr_dtor(&tmp_offset);
1173 } else {
1174 zend_bad_array_access(ce);
1175 }
1176 }
1177 /* }}} */
1178
zend_get_parent_private_method(zend_class_entry * scope,zend_class_entry * ce,zend_string * function_name)1179 static zend_never_inline zend_function *zend_get_parent_private_method(zend_class_entry *scope, zend_class_entry *ce, zend_string *function_name) /* {{{ */
1180 {
1181 zval *func;
1182 zend_function *fbc;
1183
1184 if (scope != ce && scope && is_derived_class(ce, scope)) {
1185 func = zend_hash_find(&scope->function_table, function_name);
1186 if (func != NULL) {
1187 fbc = Z_FUNC_P(func);
1188 if ((fbc->common.fn_flags & ZEND_ACC_PRIVATE)
1189 && fbc->common.scope == scope) {
1190 return fbc;
1191 }
1192 }
1193 }
1194 return NULL;
1195 }
1196 /* }}} */
1197
1198 /* Ensures that we're allowed to call a protected method.
1199 */
zend_check_protected(zend_class_entry * ce,zend_class_entry * scope)1200 ZEND_API int zend_check_protected(zend_class_entry *ce, zend_class_entry *scope) /* {{{ */
1201 {
1202 zend_class_entry *fbc_scope = ce;
1203
1204 /* Is the context that's calling the function, the same as one of
1205 * the function's parents?
1206 */
1207 while (fbc_scope) {
1208 if (fbc_scope==scope) {
1209 return 1;
1210 }
1211 fbc_scope = fbc_scope->parent;
1212 }
1213
1214 /* Is the function's scope the same as our current object context,
1215 * or any of the parents of our context?
1216 */
1217 while (scope) {
1218 if (scope==ce) {
1219 return 1;
1220 }
1221 scope = scope->parent;
1222 }
1223 return 0;
1224 }
1225 /* }}} */
1226
zend_get_call_trampoline_func(zend_class_entry * ce,zend_string * method_name,int is_static)1227 ZEND_API zend_function *zend_get_call_trampoline_func(zend_class_entry *ce, zend_string *method_name, int is_static) /* {{{ */
1228 {
1229 size_t mname_len;
1230 zend_op_array *func;
1231 zend_function *fbc = is_static ? ce->__callstatic : ce->__call;
1232 /* We use non-NULL value to avoid useless run_time_cache allocation.
1233 * The low bit must be zero, to not be interpreted as a MAP_PTR offset.
1234 */
1235 static const void *dummy = (void*)(intptr_t)2;
1236 static const zend_arg_info arg_info[1] = {{0}};
1237
1238 ZEND_ASSERT(fbc);
1239
1240 if (EXPECTED(EG(trampoline).common.function_name == NULL)) {
1241 func = &EG(trampoline).op_array;
1242 } else {
1243 func = ecalloc(1, sizeof(zend_op_array));
1244 }
1245
1246 func->type = ZEND_USER_FUNCTION;
1247 func->arg_flags[0] = 0;
1248 func->arg_flags[1] = 0;
1249 func->arg_flags[2] = 0;
1250 func->fn_flags = ZEND_ACC_CALL_VIA_TRAMPOLINE | ZEND_ACC_PUBLIC | ZEND_ACC_VARIADIC;
1251 if (is_static) {
1252 func->fn_flags |= ZEND_ACC_STATIC;
1253 }
1254 func->opcodes = &EG(call_trampoline_op);
1255 ZEND_MAP_PTR_INIT(func->run_time_cache, (void***)&dummy);
1256 func->scope = fbc->common.scope;
1257 /* reserve space for arguments, local and temporary variables */
1258 /* EG(trampoline) is reused from other places, like FFI (e.g. zend_ffi_cdata_get_closure()) where
1259 * it is used as an internal function. It may set fields that don't belong to common, thus
1260 * modifying zend_op_array specific data, most significantly last_var. We need to reset this
1261 * value so that it doesn't contain garbage when the engine allocates space for the next stack
1262 * frame. This didn't cause any issues until now due to "lucky" structure layout. */
1263 func->last_var = 0;
1264 func->T = (fbc->type == ZEND_USER_FUNCTION)? MAX(fbc->op_array.last_var + fbc->op_array.T, 2) : 2;
1265 func->filename = (fbc->type == ZEND_USER_FUNCTION)? fbc->op_array.filename : ZSTR_EMPTY_ALLOC();
1266 func->line_start = (fbc->type == ZEND_USER_FUNCTION)? fbc->op_array.line_start : 0;
1267 func->line_end = (fbc->type == ZEND_USER_FUNCTION)? fbc->op_array.line_end : 0;
1268
1269 //??? keep compatibility for "\0" characters
1270 //??? see: Zend/tests/bug46238.phpt
1271 if (UNEXPECTED((mname_len = strlen(ZSTR_VAL(method_name))) != ZSTR_LEN(method_name))) {
1272 func->function_name = zend_string_init(ZSTR_VAL(method_name), mname_len, 0);
1273 } else {
1274 func->function_name = zend_string_copy(method_name);
1275 }
1276
1277 func->prototype = NULL;
1278 func->num_args = 0;
1279 func->required_num_args = 0;
1280 func->arg_info = (zend_arg_info *) arg_info;
1281
1282 return (zend_function*)func;
1283 }
1284 /* }}} */
1285
zend_get_user_call_function(zend_class_entry * ce,zend_string * method_name)1286 static zend_always_inline zend_function *zend_get_user_call_function(zend_class_entry *ce, zend_string *method_name) /* {{{ */
1287 {
1288 return zend_get_call_trampoline_func(ce, method_name, 0);
1289 }
1290 /* }}} */
1291
zend_bad_method_call(zend_function * fbc,zend_string * method_name,zend_class_entry * scope)1292 static ZEND_COLD zend_never_inline void zend_bad_method_call(zend_function *fbc, zend_string *method_name, zend_class_entry *scope) /* {{{ */
1293 {
1294 zend_throw_error(NULL, "Call to %s method %s::%s() from %s%s",
1295 zend_visibility_string(fbc->common.fn_flags), ZEND_FN_SCOPE_NAME(fbc), ZSTR_VAL(method_name),
1296 scope ? "scope " : "global scope",
1297 scope ? ZSTR_VAL(scope->name) : ""
1298 );
1299 }
1300 /* }}} */
1301
zend_abstract_method_call(zend_function * fbc)1302 static ZEND_COLD zend_never_inline void zend_abstract_method_call(zend_function *fbc) /* {{{ */
1303 {
1304 zend_throw_error(NULL, "Cannot call abstract method %s::%s()",
1305 ZSTR_VAL(fbc->common.scope->name), ZSTR_VAL(fbc->common.function_name));
1306 }
1307 /* }}} */
1308
zend_std_get_method(zend_object ** obj_ptr,zend_string * method_name,const zval * key)1309 ZEND_API zend_function *zend_std_get_method(zend_object **obj_ptr, zend_string *method_name, const zval *key) /* {{{ */
1310 {
1311 zend_object *zobj = *obj_ptr;
1312 zval *func;
1313 zend_function *fbc;
1314 zend_string *lc_method_name;
1315 zend_class_entry *scope;
1316 ALLOCA_FLAG(use_heap);
1317
1318 if (EXPECTED(key != NULL)) {
1319 lc_method_name = Z_STR_P(key);
1320 #ifdef ZEND_ALLOCA_MAX_SIZE
1321 use_heap = 0;
1322 #endif
1323 } else {
1324 ZSTR_ALLOCA_ALLOC(lc_method_name, ZSTR_LEN(method_name), use_heap);
1325 zend_str_tolower_copy(ZSTR_VAL(lc_method_name), ZSTR_VAL(method_name), ZSTR_LEN(method_name));
1326 }
1327
1328 if (UNEXPECTED((func = zend_hash_find(&zobj->ce->function_table, lc_method_name)) == NULL)) {
1329 if (UNEXPECTED(!key)) {
1330 ZSTR_ALLOCA_FREE(lc_method_name, use_heap);
1331 }
1332 if (zobj->ce->__call) {
1333 return zend_get_user_call_function(zobj->ce, method_name);
1334 } else {
1335 return NULL;
1336 }
1337 }
1338
1339 fbc = Z_FUNC_P(func);
1340
1341 /* Check access level */
1342 if (fbc->op_array.fn_flags & (ZEND_ACC_CHANGED|ZEND_ACC_PRIVATE|ZEND_ACC_PROTECTED)) {
1343 scope = zend_get_executed_scope();
1344
1345 if (fbc->common.scope != scope) {
1346 if (fbc->op_array.fn_flags & ZEND_ACC_CHANGED) {
1347 zend_function *updated_fbc = zend_get_parent_private_method(scope, zobj->ce, lc_method_name);
1348
1349 if (EXPECTED(updated_fbc != NULL)) {
1350 fbc = updated_fbc;
1351 goto exit;
1352 } else if (fbc->op_array.fn_flags & ZEND_ACC_PUBLIC) {
1353 goto exit;
1354 }
1355 }
1356 if (UNEXPECTED(fbc->op_array.fn_flags & ZEND_ACC_PRIVATE)
1357 || UNEXPECTED(!zend_check_protected(zend_get_function_root_class(fbc), scope))) {
1358 if (zobj->ce->__call) {
1359 fbc = zend_get_user_call_function(zobj->ce, method_name);
1360 } else {
1361 zend_bad_method_call(fbc, method_name, scope);
1362 fbc = NULL;
1363 }
1364 }
1365 }
1366 }
1367
1368 exit:
1369 if (fbc && UNEXPECTED(fbc->common.fn_flags & ZEND_ACC_ABSTRACT)) {
1370 zend_abstract_method_call(fbc);
1371 fbc = NULL;
1372 }
1373 if (UNEXPECTED(!key)) {
1374 ZSTR_ALLOCA_FREE(lc_method_name, use_heap);
1375 }
1376 return fbc;
1377 }
1378 /* }}} */
1379
zend_get_user_callstatic_function(zend_class_entry * ce,zend_string * method_name)1380 static zend_always_inline zend_function *zend_get_user_callstatic_function(zend_class_entry *ce, zend_string *method_name) /* {{{ */
1381 {
1382 return zend_get_call_trampoline_func(ce, method_name, 1);
1383 }
1384 /* }}} */
1385
get_static_method_fallback(zend_class_entry * ce,zend_string * function_name)1386 static zend_always_inline zend_function *get_static_method_fallback(
1387 zend_class_entry *ce, zend_string *function_name)
1388 {
1389 zend_object *object;
1390 if (ce->__call &&
1391 (object = zend_get_this_object(EG(current_execute_data))) != NULL &&
1392 instanceof_function(object->ce, ce)) {
1393 /* Call the top-level defined __call().
1394 * see: tests/classes/__call_004.phpt */
1395
1396 ZEND_ASSERT(object->ce->__call);
1397 return zend_get_user_call_function(object->ce, function_name);
1398 } else if (ce->__callstatic) {
1399 return zend_get_user_callstatic_function(ce, function_name);
1400 } else {
1401 return NULL;
1402 }
1403 }
1404
zend_std_get_static_method(zend_class_entry * ce,zend_string * function_name,const zval * key)1405 ZEND_API zend_function *zend_std_get_static_method(zend_class_entry *ce, zend_string *function_name, const zval *key) /* {{{ */
1406 {
1407 zend_string *lc_function_name;
1408 if (EXPECTED(key != NULL)) {
1409 lc_function_name = Z_STR_P(key);
1410 } else {
1411 lc_function_name = zend_string_tolower(function_name);
1412 }
1413
1414 zend_function *fbc;
1415 zval *func = zend_hash_find(&ce->function_table, lc_function_name);
1416 if (EXPECTED(func)) {
1417 fbc = Z_FUNC_P(func);
1418 if (!(fbc->op_array.fn_flags & ZEND_ACC_PUBLIC)) {
1419 zend_class_entry *scope = zend_get_executed_scope();
1420 if (UNEXPECTED(fbc->common.scope != scope)) {
1421 if (UNEXPECTED(fbc->op_array.fn_flags & ZEND_ACC_PRIVATE)
1422 || UNEXPECTED(!zend_check_protected(zend_get_function_root_class(fbc), scope))) {
1423 zend_function *fallback_fbc = get_static_method_fallback(ce, function_name);
1424 if (!fallback_fbc) {
1425 zend_bad_method_call(fbc, function_name, scope);
1426 }
1427 fbc = fallback_fbc;
1428 }
1429 }
1430 }
1431 } else {
1432 fbc = get_static_method_fallback(ce, function_name);
1433 }
1434
1435 if (UNEXPECTED(!key)) {
1436 zend_string_release_ex(lc_function_name, 0);
1437 }
1438
1439 if (EXPECTED(fbc)) {
1440 if (UNEXPECTED(fbc->common.fn_flags & ZEND_ACC_ABSTRACT)) {
1441 zend_abstract_method_call(fbc);
1442 fbc = NULL;
1443 } else if (UNEXPECTED(fbc->common.scope->ce_flags & ZEND_ACC_TRAIT)) {
1444 zend_error(E_DEPRECATED,
1445 "Calling static trait method %s::%s is deprecated, "
1446 "it should only be called on a class using the trait",
1447 ZSTR_VAL(fbc->common.scope->name), ZSTR_VAL(fbc->common.function_name));
1448 if (EG(exception)) {
1449 return NULL;
1450 }
1451 }
1452 }
1453
1454 return fbc;
1455 }
1456 /* }}} */
1457
zend_class_init_statics(zend_class_entry * class_type)1458 ZEND_API void zend_class_init_statics(zend_class_entry *class_type) /* {{{ */
1459 {
1460 int i;
1461 zval *p;
1462
1463 if (class_type->default_static_members_count && !CE_STATIC_MEMBERS(class_type)) {
1464 if (class_type->parent) {
1465 zend_class_init_statics(class_type->parent);
1466 }
1467
1468 ZEND_MAP_PTR_SET(class_type->static_members_table, emalloc(sizeof(zval) * class_type->default_static_members_count));
1469 for (i = 0; i < class_type->default_static_members_count; i++) {
1470 p = &class_type->default_static_members_table[i];
1471 if (Z_TYPE_P(p) == IS_INDIRECT) {
1472 zval *q = &CE_STATIC_MEMBERS(class_type->parent)[i];
1473 ZVAL_DEINDIRECT(q);
1474 ZVAL_INDIRECT(&CE_STATIC_MEMBERS(class_type)[i], q);
1475 } else {
1476 ZVAL_COPY_OR_DUP(&CE_STATIC_MEMBERS(class_type)[i], p);
1477 }
1478 }
1479 }
1480 } /* }}} */
1481
zend_std_get_static_property_with_info(zend_class_entry * ce,zend_string * property_name,int type,zend_property_info ** property_info_ptr)1482 ZEND_API zval *zend_std_get_static_property_with_info(zend_class_entry *ce, zend_string *property_name, int type, zend_property_info **property_info_ptr) /* {{{ */
1483 {
1484 zval *ret;
1485 zend_class_entry *scope;
1486 zend_property_info *property_info = zend_hash_find_ptr(&ce->properties_info, property_name);
1487 *property_info_ptr = property_info;
1488
1489 if (UNEXPECTED(property_info == NULL)) {
1490 goto undeclared_property;
1491 }
1492
1493 if (!(property_info->flags & ZEND_ACC_PUBLIC)) {
1494 if (UNEXPECTED(EG(fake_scope))) {
1495 scope = EG(fake_scope);
1496 } else {
1497 scope = zend_get_executed_scope();
1498 }
1499 if (property_info->ce != scope) {
1500 if (UNEXPECTED(property_info->flags & ZEND_ACC_PRIVATE)
1501 || UNEXPECTED(!is_protected_compatible_scope(property_info->ce, scope))) {
1502 if (type != BP_VAR_IS) {
1503 zend_bad_property_access(property_info, ce, property_name);
1504 }
1505 return NULL;
1506 }
1507 }
1508 }
1509
1510 if (UNEXPECTED((property_info->flags & ZEND_ACC_STATIC) == 0)) {
1511 undeclared_property:
1512 if (type != BP_VAR_IS) {
1513 zend_throw_error(NULL, "Access to undeclared static property %s::$%s", ZSTR_VAL(ce->name), ZSTR_VAL(property_name));
1514 }
1515 return NULL;
1516 }
1517
1518 if (UNEXPECTED(!(ce->ce_flags & ZEND_ACC_CONSTANTS_UPDATED))) {
1519 if (UNEXPECTED(zend_update_class_constants(ce)) != SUCCESS) {
1520 return NULL;
1521 }
1522 }
1523
1524 /* Ensure static properties are initialized. */
1525 if (UNEXPECTED(CE_STATIC_MEMBERS(ce) == NULL)) {
1526 zend_class_init_statics(ce);
1527 }
1528
1529 ret = CE_STATIC_MEMBERS(ce) + property_info->offset;
1530 ZVAL_DEINDIRECT(ret);
1531
1532 if (UNEXPECTED((type == BP_VAR_R || type == BP_VAR_RW)
1533 && Z_TYPE_P(ret) == IS_UNDEF && ZEND_TYPE_IS_SET(property_info->type))) {
1534 zend_throw_error(NULL, "Typed static property %s::$%s must not be accessed before initialization",
1535 ZSTR_VAL(property_info->ce->name), ZSTR_VAL(property_name));
1536 return NULL;
1537 }
1538
1539 if (UNEXPECTED(ce->ce_flags & ZEND_ACC_TRAIT)) {
1540 zend_error(E_DEPRECATED,
1541 "Accessing static trait property %s::$%s is deprecated, "
1542 "it should only be accessed on a class using the trait",
1543 ZSTR_VAL(property_info->ce->name), ZSTR_VAL(property_name));
1544 }
1545
1546 return ret;
1547 }
1548 /* }}} */
1549
zend_std_get_static_property(zend_class_entry * ce,zend_string * property_name,int type)1550 ZEND_API zval *zend_std_get_static_property(zend_class_entry *ce, zend_string *property_name, int type) /* {{{ */
1551 {
1552 zend_property_info *prop_info;
1553 return zend_std_get_static_property_with_info(ce, property_name, type, &prop_info);
1554 }
1555
zend_std_unset_static_property(zend_class_entry * ce,zend_string * property_name)1556 ZEND_API ZEND_COLD bool zend_std_unset_static_property(zend_class_entry *ce, zend_string *property_name) /* {{{ */
1557 {
1558 zend_throw_error(NULL, "Attempt to unset static property %s::$%s", ZSTR_VAL(ce->name), ZSTR_VAL(property_name));
1559 return 0;
1560 }
1561 /* }}} */
1562
zend_bad_constructor_call(zend_function * constructor,zend_class_entry * scope)1563 static ZEND_COLD zend_never_inline void zend_bad_constructor_call(zend_function *constructor, zend_class_entry *scope) /* {{{ */
1564 {
1565 if (scope) {
1566 zend_throw_error(NULL, "Call to %s %s::%s() from scope %s",
1567 zend_visibility_string(constructor->common.fn_flags), ZSTR_VAL(constructor->common.scope->name),
1568 ZSTR_VAL(constructor->common.function_name), ZSTR_VAL(scope->name)
1569 );
1570 } else {
1571 zend_throw_error(NULL, "Call to %s %s::%s() from global scope", zend_visibility_string(constructor->common.fn_flags), ZSTR_VAL(constructor->common.scope->name), ZSTR_VAL(constructor->common.function_name));
1572 }
1573 }
1574 /* }}} */
1575
zend_std_get_constructor(zend_object * zobj)1576 ZEND_API zend_function *zend_std_get_constructor(zend_object *zobj) /* {{{ */
1577 {
1578 zend_function *constructor = zobj->ce->constructor;
1579 zend_class_entry *scope;
1580
1581 if (constructor) {
1582 if (UNEXPECTED(!(constructor->op_array.fn_flags & ZEND_ACC_PUBLIC))) {
1583 if (UNEXPECTED(EG(fake_scope))) {
1584 scope = EG(fake_scope);
1585 } else {
1586 scope = zend_get_executed_scope();
1587 }
1588 if (UNEXPECTED(constructor->common.scope != scope)) {
1589 if (UNEXPECTED(constructor->op_array.fn_flags & ZEND_ACC_PRIVATE)
1590 || UNEXPECTED(!zend_check_protected(zend_get_function_root_class(constructor), scope))) {
1591 zend_bad_constructor_call(constructor, scope);
1592 constructor = NULL;
1593 }
1594 }
1595 }
1596 }
1597
1598 return constructor;
1599 }
1600 /* }}} */
1601
zend_std_compare_objects(zval * o1,zval * o2)1602 ZEND_API int zend_std_compare_objects(zval *o1, zval *o2) /* {{{ */
1603 {
1604 zend_object *zobj1, *zobj2;
1605
1606 if (Z_TYPE_P(o1) != Z_TYPE_P(o2)) {
1607 /* Object and non-object */
1608 zval casted;
1609 if (Z_TYPE_P(o1) == IS_OBJECT) {
1610 ZEND_ASSERT(Z_TYPE_P(o2) != IS_OBJECT);
1611 zend_uchar target_type = (Z_TYPE_P(o2) == IS_FALSE || Z_TYPE_P(o2) == IS_TRUE)
1612 ? _IS_BOOL : Z_TYPE_P(o2);
1613 if (Z_OBJ_HT_P(o1)->cast_object(Z_OBJ_P(o1), &casted, target_type) == FAILURE) {
1614 // TODO: Less crazy.
1615 if (target_type == IS_LONG || target_type == IS_DOUBLE) {
1616 zend_error(E_NOTICE, "Object of class %s could not be converted to %s",
1617 ZSTR_VAL(Z_OBJCE_P(o1)->name), zend_get_type_by_const(target_type));
1618 if (target_type == IS_LONG) {
1619 ZVAL_LONG(&casted, 1);
1620 } else {
1621 ZVAL_DOUBLE(&casted, 1.0);
1622 }
1623 } else {
1624 return 1;
1625 }
1626 }
1627 int ret = zend_compare(&casted, o2);
1628 zval_ptr_dtor(&casted);
1629 return ret;
1630 } else {
1631 ZEND_ASSERT(Z_TYPE_P(o2) == IS_OBJECT);
1632 zend_uchar target_type = (Z_TYPE_P(o1) == IS_FALSE || Z_TYPE_P(o1) == IS_TRUE)
1633 ? _IS_BOOL : Z_TYPE_P(o1);
1634 if (Z_OBJ_HT_P(o2)->cast_object(Z_OBJ_P(o2), &casted, target_type) == FAILURE) {
1635 // TODO: Less crazy.
1636 if (target_type == IS_LONG || target_type == IS_DOUBLE) {
1637 zend_error(E_NOTICE, "Object of class %s could not be converted to %s",
1638 ZSTR_VAL(Z_OBJCE_P(o2)->name), zend_get_type_by_const(target_type));
1639 if (target_type == IS_LONG) {
1640 ZVAL_LONG(&casted, 1);
1641 } else {
1642 ZVAL_DOUBLE(&casted, 1.0);
1643 }
1644 } else {
1645 return -1;
1646 }
1647 }
1648 int ret = zend_compare(o1, &casted);
1649 zval_ptr_dtor(&casted);
1650 return ret;
1651 }
1652 return ZEND_UNCOMPARABLE;
1653 }
1654
1655 zobj1 = Z_OBJ_P(o1);
1656 zobj2 = Z_OBJ_P(o2);
1657
1658 if (zobj1 == zobj2) {
1659 return 0; /* the same object */
1660 }
1661 if (zobj1->ce != zobj2->ce) {
1662 return ZEND_UNCOMPARABLE; /* different classes */
1663 }
1664 if (!zobj1->properties && !zobj2->properties) {
1665 zend_property_info *info;
1666 int i;
1667
1668 if (!zobj1->ce->default_properties_count) {
1669 return 0;
1670 }
1671
1672 /* It's enough to protect only one of the objects.
1673 * The second one may be referenced from the first and this may cause
1674 * false recursion detection.
1675 */
1676 /* use bitwise OR to make only one conditional jump */
1677 if (UNEXPECTED(Z_IS_RECURSIVE_P(o1))) {
1678 zend_error_noreturn(E_ERROR, "Nesting level too deep - recursive dependency?");
1679 }
1680 Z_PROTECT_RECURSION_P(o1);
1681
1682 for (i = 0; i < zobj1->ce->default_properties_count; i++) {
1683 zval *p1, *p2;
1684
1685 info = zobj1->ce->properties_info_table[i];
1686
1687 if (!info) {
1688 continue;
1689 }
1690
1691 p1 = OBJ_PROP(zobj1, info->offset);
1692 p2 = OBJ_PROP(zobj2, info->offset);
1693
1694 if (Z_TYPE_P(p1) != IS_UNDEF) {
1695 if (Z_TYPE_P(p2) != IS_UNDEF) {
1696 int ret;
1697
1698 ret = zend_compare(p1, p2);
1699 if (ret != 0) {
1700 Z_UNPROTECT_RECURSION_P(o1);
1701 return ret;
1702 }
1703 } else {
1704 Z_UNPROTECT_RECURSION_P(o1);
1705 return 1;
1706 }
1707 } else {
1708 if (Z_TYPE_P(p2) != IS_UNDEF) {
1709 Z_UNPROTECT_RECURSION_P(o1);
1710 return 1;
1711 }
1712 }
1713 }
1714
1715 Z_UNPROTECT_RECURSION_P(o1);
1716 return 0;
1717 } else {
1718 if (!zobj1->properties) {
1719 rebuild_object_properties(zobj1);
1720 }
1721 if (!zobj2->properties) {
1722 rebuild_object_properties(zobj2);
1723 }
1724 return zend_compare_symbol_tables(zobj1->properties, zobj2->properties);
1725 }
1726 }
1727 /* }}} */
1728
zend_objects_not_comparable(zval * o1,zval * o2)1729 ZEND_API int zend_objects_not_comparable(zval *o1, zval *o2)
1730 {
1731 return ZEND_UNCOMPARABLE;
1732 }
1733
zend_std_has_property(zend_object * zobj,zend_string * name,int has_set_exists,void ** cache_slot)1734 ZEND_API int zend_std_has_property(zend_object *zobj, zend_string *name, int has_set_exists, void **cache_slot) /* {{{ */
1735 {
1736 int result;
1737 zval *value = NULL;
1738 uintptr_t property_offset;
1739 zend_property_info *prop_info = NULL;
1740 zend_string *tmp_name = NULL;
1741
1742 property_offset = zend_get_property_offset(zobj->ce, name, 1, cache_slot, &prop_info);
1743
1744 if (EXPECTED(IS_VALID_PROPERTY_OFFSET(property_offset))) {
1745 value = OBJ_PROP(zobj, property_offset);
1746 if (Z_TYPE_P(value) != IS_UNDEF) {
1747 goto found;
1748 }
1749 if (UNEXPECTED(Z_PROP_FLAG_P(value) == IS_PROP_UNINIT)) {
1750 /* Skip __isset() for uninitialized typed properties */
1751 result = 0;
1752 goto exit;
1753 }
1754 } else if (EXPECTED(IS_DYNAMIC_PROPERTY_OFFSET(property_offset))) {
1755 if (EXPECTED(zobj->properties != NULL)) {
1756 if (!IS_UNKNOWN_DYNAMIC_PROPERTY_OFFSET(property_offset)) {
1757 uintptr_t idx = ZEND_DECODE_DYN_PROP_OFFSET(property_offset);
1758
1759 if (EXPECTED(idx < zobj->properties->nNumUsed * sizeof(Bucket))) {
1760 Bucket *p = (Bucket*)((char*)zobj->properties->arData + idx);
1761
1762 if (EXPECTED(Z_TYPE(p->val) != IS_UNDEF) &&
1763 (EXPECTED(p->key == name) ||
1764 (EXPECTED(p->h == ZSTR_H(name)) &&
1765 EXPECTED(p->key != NULL) &&
1766 EXPECTED(zend_string_equal_content(p->key, name))))) {
1767 value = &p->val;
1768 goto found;
1769 }
1770 }
1771 CACHE_PTR_EX(cache_slot + 1, (void*)ZEND_DYNAMIC_PROPERTY_OFFSET);
1772 }
1773 value = zend_hash_find(zobj->properties, name);
1774 if (value) {
1775 if (cache_slot) {
1776 uintptr_t idx = (char*)value - (char*)zobj->properties->arData;
1777 CACHE_PTR_EX(cache_slot + 1, (void*)ZEND_ENCODE_DYN_PROP_OFFSET(idx));
1778 }
1779 found:
1780 if (has_set_exists == ZEND_PROPERTY_NOT_EMPTY) {
1781 result = zend_is_true(value);
1782 } else if (has_set_exists < ZEND_PROPERTY_NOT_EMPTY) {
1783 ZEND_ASSERT(has_set_exists == ZEND_PROPERTY_ISSET);
1784 ZVAL_DEREF(value);
1785 result = (Z_TYPE_P(value) != IS_NULL);
1786 } else {
1787 ZEND_ASSERT(has_set_exists == ZEND_PROPERTY_EXISTS);
1788 result = 1;
1789 }
1790 goto exit;
1791 }
1792 }
1793 } else if (UNEXPECTED(EG(exception))) {
1794 result = 0;
1795 goto exit;
1796 }
1797
1798 result = 0;
1799 if ((has_set_exists != ZEND_PROPERTY_EXISTS) && zobj->ce->__isset) {
1800 uint32_t *guard = zend_get_property_guard(zobj, name);
1801
1802 if (!((*guard) & IN_ISSET)) {
1803 zval rv;
1804
1805 /* have issetter - try with it! */
1806 if (!tmp_name && !ZSTR_IS_INTERNED(name)) {
1807 tmp_name = zend_string_copy(name);
1808 }
1809 GC_ADDREF(zobj);
1810 (*guard) |= IN_ISSET; /* prevent circular getting */
1811 zend_std_call_issetter(zobj, name, &rv);
1812 result = zend_is_true(&rv);
1813 zval_ptr_dtor(&rv);
1814 if (has_set_exists == ZEND_PROPERTY_NOT_EMPTY && result) {
1815 if (EXPECTED(!EG(exception)) && zobj->ce->__get && !((*guard) & IN_GET)) {
1816 (*guard) |= IN_GET;
1817 zend_std_call_getter(zobj, name, &rv);
1818 (*guard) &= ~IN_GET;
1819 result = i_zend_is_true(&rv);
1820 zval_ptr_dtor(&rv);
1821 } else {
1822 result = 0;
1823 }
1824 }
1825 (*guard) &= ~IN_ISSET;
1826 OBJ_RELEASE(zobj);
1827 }
1828 }
1829
1830 exit:
1831 zend_tmp_string_release(tmp_name);
1832 return result;
1833 }
1834 /* }}} */
1835
zend_std_get_class_name(const zend_object * zobj)1836 ZEND_API zend_string *zend_std_get_class_name(const zend_object *zobj) /* {{{ */
1837 {
1838 return zend_string_copy(zobj->ce->name);
1839 }
1840 /* }}} */
1841
zend_std_cast_object_tostring(zend_object * readobj,zval * writeobj,int type)1842 ZEND_API int zend_std_cast_object_tostring(zend_object *readobj, zval *writeobj, int type) /* {{{ */
1843 {
1844 switch (type) {
1845 case IS_STRING: {
1846 zend_class_entry *ce = readobj->ce;
1847 if (ce->__tostring) {
1848 zval retval;
1849 GC_ADDREF(readobj);
1850 zend_call_known_instance_method_with_0_params(ce->__tostring, readobj, &retval);
1851 zend_object_release(readobj);
1852 if (EXPECTED(Z_TYPE(retval) == IS_STRING)) {
1853 ZVAL_COPY_VALUE(writeobj, &retval);
1854 return SUCCESS;
1855 }
1856 zval_ptr_dtor(&retval);
1857 if (!EG(exception)) {
1858 zend_throw_error(NULL, "Method %s::__toString() must return a string value", ZSTR_VAL(ce->name));
1859 }
1860 }
1861 return FAILURE;
1862 }
1863 case _IS_BOOL:
1864 ZVAL_TRUE(writeobj);
1865 return SUCCESS;
1866 default:
1867 return FAILURE;
1868 }
1869 }
1870 /* }}} */
1871
zend_std_get_closure(zend_object * obj,zend_class_entry ** ce_ptr,zend_function ** fptr_ptr,zend_object ** obj_ptr,bool check_only)1872 ZEND_API int zend_std_get_closure(zend_object *obj, zend_class_entry **ce_ptr, zend_function **fptr_ptr, zend_object **obj_ptr, bool check_only) /* {{{ */
1873 {
1874 zend_class_entry *ce = obj->ce;
1875 zval *func = zend_hash_find_known_hash(&ce->function_table, ZSTR_KNOWN(ZEND_STR_MAGIC_INVOKE));
1876
1877 if (func == NULL) {
1878 return FAILURE;
1879 }
1880 *fptr_ptr = Z_FUNC_P(func);
1881
1882 *ce_ptr = ce;
1883 if ((*fptr_ptr)->common.fn_flags & ZEND_ACC_STATIC) {
1884 if (obj_ptr) {
1885 *obj_ptr = NULL;
1886 }
1887 } else {
1888 if (obj_ptr) {
1889 *obj_ptr = obj;
1890 }
1891 }
1892 return SUCCESS;
1893 }
1894 /* }}} */
1895
zend_std_get_properties_for(zend_object * obj,zend_prop_purpose purpose)1896 ZEND_API HashTable *zend_std_get_properties_for(zend_object *obj, zend_prop_purpose purpose) {
1897 HashTable *ht;
1898 switch (purpose) {
1899 case ZEND_PROP_PURPOSE_DEBUG:
1900 if (obj->handlers->get_debug_info) {
1901 int is_temp;
1902 ht = obj->handlers->get_debug_info(obj, &is_temp);
1903 if (ht && !is_temp) {
1904 GC_TRY_ADDREF(ht);
1905 }
1906 return ht;
1907 }
1908 ZEND_FALLTHROUGH;
1909 case ZEND_PROP_PURPOSE_ARRAY_CAST:
1910 case ZEND_PROP_PURPOSE_SERIALIZE:
1911 case ZEND_PROP_PURPOSE_VAR_EXPORT:
1912 case ZEND_PROP_PURPOSE_JSON:
1913 ht = obj->handlers->get_properties(obj);
1914 if (ht) {
1915 GC_TRY_ADDREF(ht);
1916 }
1917 return ht;
1918 default:
1919 ZEND_UNREACHABLE();
1920 return NULL;
1921 }
1922 }
1923
zend_get_properties_for(zval * obj,zend_prop_purpose purpose)1924 ZEND_API HashTable *zend_get_properties_for(zval *obj, zend_prop_purpose purpose) {
1925 zend_object *zobj = Z_OBJ_P(obj);
1926
1927 if (zobj->handlers->get_properties_for) {
1928 return zobj->handlers->get_properties_for(zobj, purpose);
1929 }
1930
1931 return zend_std_get_properties_for(zobj, purpose);
1932 }
1933
1934 ZEND_API const zend_object_handlers std_object_handlers = {
1935 0, /* offset */
1936
1937 zend_object_std_dtor, /* free_obj */
1938 zend_objects_destroy_object, /* dtor_obj */
1939 zend_objects_clone_obj, /* clone_obj */
1940
1941 zend_std_read_property, /* read_property */
1942 zend_std_write_property, /* write_property */
1943 zend_std_read_dimension, /* read_dimension */
1944 zend_std_write_dimension, /* write_dimension */
1945 zend_std_get_property_ptr_ptr, /* get_property_ptr_ptr */
1946 zend_std_has_property, /* has_property */
1947 zend_std_unset_property, /* unset_property */
1948 zend_std_has_dimension, /* has_dimension */
1949 zend_std_unset_dimension, /* unset_dimension */
1950 zend_std_get_properties, /* get_properties */
1951 zend_std_get_method, /* get_method */
1952 zend_std_get_constructor, /* get_constructor */
1953 zend_std_get_class_name, /* get_class_name */
1954 zend_std_cast_object_tostring, /* cast_object */
1955 NULL, /* count_elements */
1956 zend_std_get_debug_info, /* get_debug_info */
1957 zend_std_get_closure, /* get_closure */
1958 zend_std_get_gc, /* get_gc */
1959 NULL, /* do_operation */
1960 zend_std_compare_objects, /* compare */
1961 NULL, /* get_properties_for */
1962 };
1963