xref: /PHP-8.2/scripts/dev/check_parameters.php (revision a87f4dd9)
1#!/usr/bin/env php
2<?php
3/*
4  +----------------------------------------------------------------------+
5  | Copyright (c) The PHP Group                                          |
6  +----------------------------------------------------------------------+
7  | This source file is subject to version 3.01 of the PHP license,      |
8  | that is bundled with this package in the file LICENSE, and is        |
9  | available through the world-wide-web at the following url:           |
10  | https://www.php.net/license/3_01.txt                                 |
11  | If you did not receive a copy of the PHP license and are unable to   |
12  | obtain it through the world-wide-web, please send a note to          |
13  | license@php.net so we can mail you a copy immediately.               |
14  +----------------------------------------------------------------------+
15  | Author: Nuno Lopes <nlopess@php.net>                                 |
16  +----------------------------------------------------------------------+
17*/
18
19define('REPORT_LEVEL', 1); // 0 reports less false-positives. up to level 5.
20define('VERSION', '7.0');  // minimum is 7.0
21define('PHPDIR', realpath(dirname(__FILE__) . '/../..'));
22
23
24// be sure you have enough memory and stack for PHP. pcre will push the limits!
25ini_set('pcre.backtrack_limit', 10000000);
26
27
28// ------------------------ end of config ----------------------------
29
30
31$API_params = array(
32    'a' => array('zval**'), // array
33    'A' => array('zval**'), // array or object
34    'b' => array('bool*'), // boolean
35    'd' => array('double*'), // double
36    'f' => array('zend_fcall_info*', 'zend_fcall_info_cache*'), // function
37    'h' => array('HashTable**'), // array as an HashTable*
38    'H' => array('HashTable**'), // array or HASH_OF(object)
39    'l' => array('zend_long*'), // long
40    //TODO 'L' => array('zend_long*, '), // long
41    'o' => array('zval**'), //object
42    'O' => array('zval**', 'zend_class_entry*'), // object of given type
43    'P' => array('zend_string**'), // valid path
44    'r' => array('zval**'), // resource
45    'S' => array('zend_string**'), // string
46    'z' => array('zval**'), // zval*
47    'Z' => array('zval***') // zval**
48    // 's', 'p', 'C' handled separately
49);
50
51/** reports an error, according to its level */
52function error($str, $level = 0)
53{
54    global $current_file, $current_function, $line, $error_reported;
55
56    if ($level <= REPORT_LEVEL) {
57        if (strpos($current_file,PHPDIR) === 0) {
58            $filename = substr($current_file, strlen(PHPDIR)+1);
59        } else {
60            $filename = $current_file;
61        }
62        echo $filename , " [$line] $current_function : $str\n";
63        $error_reported = true;
64    }
65}
66
67
68/** this updates the global var $line (for error reporting) */
69function update_lineno($offset)
70{
71    global $lines_offset, $line;
72
73    $left  = 0;
74    $right = $count = count($lines_offset)-1;
75
76    // a nice binary search :)
77    do {
78        $mid = intval(($left + $right)/2);
79        $val = $lines_offset[$mid];
80
81        if ($val < $offset) {
82            if (++$mid > $count || $lines_offset[$mid] > $offset) {
83                $line = $mid;
84                return;
85            } else {
86                $left = $mid;
87            }
88        } else if ($val > $offset) {
89            if ($lines_offset[--$mid] < $offset) {
90                $line = $mid+1;
91                return;
92            } else {
93                $right = $mid;
94            }
95        } else {
96            $line = $mid+1;
97            return;
98        }
99    } while (true);
100}
101
102
103/** parses the sources and fetches its vars name, type and if they are initialized or not */
104function get_vars($txt)
105{
106    $ret =  array();
107    preg_match_all('/((?:(?:unsigned|struct)\s+)?\w+)(?:\s*(\*+)\s+|\s+(\**))(\w+(?:\[\s*\w*\s*\])?)\s*(?:(=)[^,;]+)?((?:\s*,\s*\**\s*\w+(?:\[\s*\w*\s*\])?\s*(?:=[^,;]+)?)*)\s*;/S', $txt, $m, PREG_SET_ORDER);
108
109    foreach ($m as $x) {
110        // the first parameter is special
111        if (!in_array($x[1], array('else', 'endif', 'return'))) // hack to skip reserved words
112            $ret[$x[4]] = array($x[1] . $x[2] . $x[3], $x[5]);
113
114        // are there more vars?
115        if ($x[6]) {
116            preg_match_all('/(\**)\s*(\w+(?:\[\s*\w*\s*\])?)\s*(=?)/S', $x[6], $y, PREG_SET_ORDER);
117            foreach ($y as $z) {
118                $ret[$z[2]] = array($x[1] . $z[1], $z[3]);
119            }
120        }
121    }
122
123//	if ($GLOBALS['current_function'] == 'for_debugging') { print_r($m);print_r($ret); }
124    return $ret;
125}
126
127
128/** run diagnostic checks against one var. */
129function check_param($db, $idx, $exp, $optional, $allow_uninit = false)
130{
131    global $error_few_vars_given;
132
133    if ($idx >= count($db)) {
134        if (!$error_few_vars_given) {
135            error("too few variables passed to function");
136            $error_few_vars_given = true;
137        }
138        return;
139    } elseif ($db[$idx][0] === '**dummy**') {
140        return;
141    }
142
143    if ($db[$idx][1] != $exp) {
144        error("{$db[$idx][0]}: expected '$exp' but got '{$db[$idx][1]}' [".($idx+1).']');
145    }
146
147    if (!$optional && $db[$idx][2]) {
148        error("not optional var is initialized: {$db[$idx][0]} [".($idx+1).']', 2);
149    }
150    if (!$allow_uninit && $optional && !$db[$idx][2]) {
151        error("optional var not initialized: {$db[$idx][0]} [".($idx+1).']', 1);
152    }
153}
154
155/** fetch params passed to zend_parse_params*() */
156function get_params($vars, $str)
157{
158    $ret = array();
159    preg_match_all('/(?:\([^)]+\))?(&?)([\w>.()-]+(?:\[\w+\])?)\s*,?((?:\)*\s*=)?)/S', $str, $m, PREG_SET_ORDER);
160
161    foreach ($m as $x) {
162        $name = $x[2];
163
164        // little hack for last parameter
165        if (strpos($name, '(') === false) {
166            $name = rtrim($name, ')');
167        }
168
169        if (empty($vars[$name][0])) {
170            error("variable not found: '$name'", 3);
171            $ret[][] = '**dummy**';
172
173        } else {
174            $ret[] = array($name, $vars[$name][0] . ($x[1] ? '*' : ''), $vars[$name][1]);
175        }
176
177        // the end (yes, this is a little hack :P)
178        if ($x[3]) {
179            break;
180        }
181    }
182
183//	if ($GLOBALS['current_function'] == 'for_debugging') { var_dump($m); var_dump($ret); }
184    return $ret;
185}
186
187
188/** run tests on a function. the code is passed in $txt */
189function check_function($name, $txt, $offset)
190{
191    global $API_params;
192
193    $regex = '/
194        (?: zend_parse_parameters(?:_throw)?               \s*\([^,]+
195        |   zend_parse_(?:parameters_ex|method_parameters) \s*\([^,]+,[^,]+
196        |   zend_parse_method_parameters_ex                \s*\([^,]+,[^,]+,[^,+]
197        )
198        ,\s*"([^"]*)"\s*
199        ,\s*([^{;]*)
200    /Sx';
201    if (preg_match_all($regex, $txt, $matches, PREG_SET_ORDER | PREG_OFFSET_CAPTURE)) {
202
203        $GLOBALS['current_function'] = $name;
204
205        foreach ($matches as $m) {
206            $GLOBALS['error_few_vars_given'] = false;
207            update_lineno($offset + $m[2][1]);
208
209            $vars = get_vars(substr($txt, 0, $m[0][1])); // limit var search to current location
210            $params = get_params($vars, $m[2][0]);
211            $optional = $varargs = false;
212            $last_char = '';
213            $j = -1;
214
215            $spec = $m[1][0];
216            $len = strlen($spec);
217            for ($i = 0; $i < $len; ++$i) {
218                $char = $spec[$i];
219                switch ($char = $spec[$i]) {
220                    // separator for optional parameters
221                    case '|':
222                        if ($optional) {
223                            error("more than one optional separator at char #$i");
224                        } else {
225                            $optional = true;
226                            if ($i == $len-1) {
227                                error("unnecessary optional separator");
228                            }
229                        }
230                    break;
231
232                    // separate_zval_if_not_ref
233                    case '/':
234                        if (in_array($last_char, array('l', 'L', 'd', 'b'))) {
235                            error("the '/' specifier should not be applied to '$last_char'");
236                        }
237                    break;
238
239                    // nullable arguments
240                    case '!':
241                        if (in_array($last_char, array('l', 'L', 'd', 'b'))) {
242                            check_param($params, ++$j, 'bool*', $optional);
243                        }
244                    break;
245
246                    // variadic arguments
247                    case '+':
248                    case '*':
249                        if ($varargs) {
250                            error("A varargs specifier can only be used once. repeated char at column $i");
251                        } else {
252                            check_param($params, ++$j, 'zval**', $optional);
253                            check_param($params, ++$j, 'int*', $optional);
254                            $varargs = true;
255                        }
256                    break;
257
258                    case 's':
259                    case 'p':
260                        check_param($params, ++$j, 'char**', $optional, $allow_uninit=true);
261                        check_param($params, ++$j, 'size_t*', $optional, $allow_uninit=true);
262                        if ($optional && !$params[$j-1][2] && !$params[$j][2]
263                                && $params[$j-1][0] !== '**dummy**' && $params[$j][0] !== '**dummy**') {
264                            error("one of optional vars {$params[$j-1][0]} or {$params[$j][0]} must be initialized", 1);
265                        }
266                    break;
267
268                    case 'C':
269                        // C must always be initialized, independently of whether it's optional
270                        check_param($params, ++$j, 'zend_class_entry**', false);
271                    break;
272
273                    default:
274                        if (!isset($API_params[$char])) {
275                            error("unknown char ('$char') at column $i");
276                        }
277
278                        // If an is_null flag is in use, only that flag is required to be
279                        // initialized
280                        $allow_uninit = $i+1 < $len && $spec[$i+1] === '!'
281                                && in_array($char, array('l', 'L', 'd', 'b'));
282
283                        foreach ($API_params[$char] as $exp) {
284                            check_param($params, ++$j, $exp, $optional, $allow_uninit);
285                        }
286                }
287
288                $last_char = $char;
289            }
290        }
291    }
292}
293
294
295/** the main recursion function. splits files in functions and calls the other functions */
296function recurse($path)
297{
298    foreach (scandir($path) as $file) {
299        if ($file == '.' || $file == '..' || $file == 'CVS') continue;
300
301        $file = "$path/$file";
302        if (is_dir($file)) {
303            recurse($file);
304            continue;
305        }
306
307        // parse only .c and .cpp files
308        if (substr_compare($file, '.c', -2) && substr_compare($file, '.cpp', -4)) continue;
309
310        $txt = file_get_contents($file);
311        // remove comments (but preserve the number of lines)
312        $txt = preg_replace('@//.*@S', '', $txt);
313        $txt = preg_replace_callback('@/\*.*\*/@SsU', function($matches) {
314            return preg_replace("/[^\r\n]+/S", "", $matches[0]);
315        }, $txt);
316
317        $split = preg_split('/PHP_(?:NAMED_)?(?:FUNCTION|METHOD)\s*\((\w+(?:,\s*\w+)?)\)/S', $txt, -1, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_OFFSET_CAPTURE);
318
319        if (count($split) < 2) continue; // no functions defined on this file
320        array_shift($split); // the first part isn't relevant
321
322
323        // generate the line offsets array
324        $j = 0;
325        $lines = preg_split("/(\r\n?|\n)/S", $txt, -1, PREG_SPLIT_DELIM_CAPTURE);
326        $lines_offset = array();
327
328        for ($i = 0; $i < count($lines); ++$i) {
329            $j += strlen($lines[$i]) + strlen(@$lines[++$i]);
330            $lines_offset[] = $j;
331        }
332
333        $GLOBALS['lines_offset'] = $lines_offset;
334        $GLOBALS['current_file'] = $file;
335
336
337        for ($i = 0; $i < count($split); $i+=2) {
338            // if the /* }}} */ comment is found use it to reduce false positives
339            // TODO: check the other indexes
340            list($f) = preg_split('@/\*\s*}}}\s*\*/@S', $split[$i+1][0]);
341            check_function(preg_replace('/\s*,\s*/S', '::', $split[$i][0]), $f, $split[$i][1]);
342        }
343    }
344}
345
346$dirs = array();
347
348if (isset($argc) && $argc > 1) {
349    if ($argv[1] == '-h' || $argv[1] == '-help' || $argv[1] == '--help') {
350        echo <<<HELP
351Synopsis:
352    php check_parameters.php [directories]
353
354HELP;
355        exit(0);
356    }
357    for ($i = 1; $i < $argc; $i++) {
358        $dirs[] = $argv[$i];
359    }
360} else {
361    $dirs[] = PHPDIR;
362}
363
364foreach($dirs as $dir) {
365    if (is_dir($dir)) {
366        if (!is_readable($dir)) {
367            echo "ERROR: directory '", $dir ,"' is not readable\n";
368            exit(1);
369        }
370    } else {
371        echo "ERROR: bogus directory '", $dir ,"'\n";
372        exit(1);
373    }
374}
375
376$error_reported = false;
377foreach ($dirs as $dir) {
378    recurse(realpath($dir));
379}
380
381exit($error_reported === false ? 0 : 2);
382