1<?php 2/* 3 +----------------------------------------------------------------------+ 4 | PHP Version 7 | 5 +----------------------------------------------------------------------+ 6 | Copyright (c) 1997-2007 The PHP Group | 7 +----------------------------------------------------------------------+ 8 | This source file is subject to version 3.01 of the PHP license, | 9 | that is bundled with this package in the file LICENSE, and is | 10 | available through the world-wide-web at the following url: | 11 | http://www.php.net/license/3_01.txt | 12 | If you did not receive a copy of the PHP license and are unable to | 13 | obtain it through the world-wide-web, please send a note to | 14 | license@php.net so we can mail you a copy immediately. | 15 +----------------------------------------------------------------------+ 16 | Author: Nuno Lopes <nlopess@php.net> | 17 +----------------------------------------------------------------------+ 18*/ 19 20/* $Id$ */ 21 22 23define('REPORT_LEVEL', 1); // 0 reports less false-positives. up to level 5. 24define('VERSION', '7.0'); // minimum is 7.0 25define('PHPDIR', realpath(dirname(__FILE__) . '/../..')); 26 27 28// be sure you have enough memory and stack for PHP. pcre will push the limits! 29ini_set('pcre.backtrack_limit', 10000000); 30 31 32// ------------------------ end of config ---------------------------- 33 34 35$API_params = array( 36 'a' => array('zval**'), // array 37 'A' => array('zval**'), // array or object 38 'b' => array('zend_bool*'), // boolean 39 'd' => array('double*'), // double 40 'f' => array('zend_fcall_info*', 'zend_fcall_info_cache*'), // function 41 'h' => array('HashTable**'), // array as an HashTable* 42 'H' => array('HashTable**'), // array or HASH_OF(object) 43 'l' => array('zend_long*'), // long 44 //TODO 'L' => array('zend_long*, '), // long 45 'o' => array('zval**'), //object 46 'O' => array('zval**', 'zend_class_entry*'), // object of given type 47 'P' => array('zend_string**'), // valid path 48 'r' => array('zval**'), // resource 49 'S' => array('zend_string**'), // string 50 'z' => array('zval**'), // zval* 51 'Z' => array('zval***') // zval** 52 // 's', 'p', 'C' handled separately 53); 54 55/** reports an error, according to its level */ 56function error($str, $level = 0) 57{ 58 global $current_file, $current_function, $line; 59 60 if ($level <= REPORT_LEVEL) { 61 if (strpos($current_file,PHPDIR) === 0) { 62 $filename = substr($current_file, strlen(PHPDIR)+1); 63 } else { 64 $filename = $current_file; 65 } 66 echo $filename , " [$line] $current_function : $str\n"; 67 } 68} 69 70 71/** this updates the global var $line (for error reporting) */ 72function update_lineno($offset) 73{ 74 global $lines_offset, $line; 75 76 $left = 0; 77 $right = $count = count($lines_offset)-1; 78 79 // a nice binary search :) 80 do { 81 $mid = intval(($left + $right)/2); 82 $val = $lines_offset[$mid]; 83 84 if ($val < $offset) { 85 if (++$mid > $count || $lines_offset[$mid] > $offset) { 86 $line = $mid; 87 return; 88 } else { 89 $left = $mid; 90 } 91 } else if ($val > $offset) { 92 if ($lines_offset[--$mid] < $offset) { 93 $line = $mid+1; 94 return; 95 } else { 96 $right = $mid; 97 } 98 } else { 99 $line = $mid+1; 100 return; 101 } 102 } while (true); 103} 104 105 106/** parses the sources and fetches its vars name, type and if they are initialized or not */ 107function get_vars($txt) 108{ 109 $ret = array(); 110 preg_match_all('/((?:(?:unsigned|struct)\s+)?\w+)(?:\s*(\*+)\s+|\s+(\**))(\w+(?:\[\s*\w*\s*\])?)\s*(?:(=)[^,;]+)?((?:\s*,\s*\**\s*\w+(?:\[\s*\w*\s*\])?\s*(?:=[^,;]+)?)*)\s*;/S', $txt, $m, PREG_SET_ORDER); 111 112 foreach ($m as $x) { 113 // the first parameter is special 114 if (!in_array($x[1], array('else', 'endif', 'return'))) // hack to skip reserved words 115 $ret[$x[4]] = array($x[1] . $x[2] . $x[3], $x[5]); 116 117 // are there more vars? 118 if ($x[6]) { 119 preg_match_all('/(\**)\s*(\w+(?:\[\s*\w*\s*\])?)\s*(=?)/S', $x[6], $y, PREG_SET_ORDER); 120 foreach ($y as $z) { 121 $ret[$z[2]] = array($x[1] . $z[1], $z[3]); 122 } 123 } 124 } 125 126// if ($GLOBALS['current_function'] == 'for_debugging') { print_r($m);print_r($ret); } 127 return $ret; 128} 129 130 131/** run diagnostic checks against one var. */ 132function check_param($db, $idx, $exp, $optional, $allow_uninit = false) 133{ 134 global $error_few_vars_given; 135 136 if ($idx >= count($db)) { 137 if (!$error_few_vars_given) { 138 error("too few variables passed to function"); 139 $error_few_vars_given = true; 140 } 141 return; 142 } elseif ($db[$idx][0] === '**dummy**') { 143 return; 144 } 145 146 if ($db[$idx][1] != $exp) { 147 error("{$db[$idx][0]}: expected '$exp' but got '{$db[$idx][1]}' [".($idx+1).']'); 148 } 149 150 if (!$optional && $db[$idx][2]) { 151 error("not optional var is initialized: {$db[$idx][0]} [".($idx+1).']', 2); 152 } 153 if (!$allow_uninit && $optional && !$db[$idx][2]) { 154 error("optional var not initialized: {$db[$idx][0]} [".($idx+1).']', 1); 155 } 156} 157 158/** fetch params passed to zend_parse_params*() */ 159function get_params($vars, $str) 160{ 161 $ret = array(); 162 preg_match_all('/(?:\([^)]+\))?(&?)([\w>.()-]+(?:\[\w+\])?)\s*,?((?:\)*\s*=)?)/S', $str, $m, PREG_SET_ORDER); 163 164 foreach ($m as $x) { 165 $name = $x[2]; 166 167 // little hack for last parameter 168 if (strpos($name, '(') === false) { 169 $name = rtrim($name, ')'); 170 } 171 172 if (empty($vars[$name][0])) { 173 error("variable not found: '$name'", 3); 174 $ret[][] = '**dummy**'; 175 176 } else { 177 $ret[] = array($name, $vars[$name][0] . ($x[1] ? '*' : ''), $vars[$name][1]); 178 } 179 180 // the end (yes, this is a little hack :P) 181 if ($x[3]) { 182 break; 183 } 184 } 185 186// if ($GLOBALS['current_function'] == 'for_debugging') { var_dump($m); var_dump($ret); } 187 return $ret; 188} 189 190 191/** run tests on a function. the code is passed in $txt */ 192function check_function($name, $txt, $offset) 193{ 194 global $API_params; 195 196 $regex = '/ 197 (?: zend_parse_parameters(?:_throw)? \s*\([^,]+ 198 | zend_parse_(?:parameters_ex|method_parameters) \s*\([^,]+,[^,]+ 199 | zend_parse_method_parameters_ex \s*\([^,]+,[^,]+,[^,+] 200 ) 201 ,\s*"([^"]*)"\s* 202 ,\s*([^{;]*) 203 /Sx'; 204 if (preg_match_all($regex, $txt, $matches, PREG_SET_ORDER | PREG_OFFSET_CAPTURE)) { 205 206 $GLOBALS['current_function'] = $name; 207 208 foreach ($matches as $m) { 209 $GLOBALS['error_few_vars_given'] = false; 210 update_lineno($offset + $m[2][1]); 211 212 $vars = get_vars(substr($txt, 0, $m[0][1])); // limit var search to current location 213 $params = get_params($vars, $m[2][0]); 214 $optional = $varargs = false; 215 $last_char = ''; 216 $j = -1; 217 218 $spec = $m[1][0]; 219 $len = strlen($spec); 220 for ($i = 0; $i < $len; ++$i) { 221 $char = $spec[$i]; 222 switch ($char = $spec[$i]) { 223 // separator for optional parameters 224 case '|': 225 if ($optional) { 226 error("more than one optional separator at char #$i"); 227 } else { 228 $optional = true; 229 if ($i == $len-1) { 230 error("unnecessary optional separator"); 231 } 232 } 233 break; 234 235 // separate_zval_if_not_ref 236 case '/': 237 if (in_array($last_char, array('l', 'L', 'd', 'b'))) { 238 error("the '/' specifier should not be applied to '$last_char'"); 239 } 240 break; 241 242 // nullable arguments 243 case '!': 244 if (in_array($last_char, array('l', 'L', 'd', 'b'))) { 245 check_param($params, ++$j, 'zend_bool*', $optional); 246 } 247 break; 248 249 // variadic arguments 250 case '+': 251 case '*': 252 if ($varargs) { 253 error("A varargs specifier can only be used once. repeated char at column $i"); 254 } else { 255 check_param($params, ++$j, 'zval**', $optional); 256 check_param($params, ++$j, 'int*', $optional); 257 $varargs = true; 258 } 259 break; 260 261 case 's': 262 case 'p': 263 check_param($params, ++$j, 'char**', $optional, $allow_uninit=true); 264 check_param($params, ++$j, 'size_t*', $optional, $allow_uninit=true); 265 if ($optional && !$params[$j-1][2] && !$params[$j][2] 266 && $params[$j-1][0] !== '**dummy**' && $params[$j][0] !== '**dummy**') { 267 error("one of optional vars {$params[$j-1][0]} or {$params[$j][0]} must be initialized", 1); 268 } 269 break; 270 271 case 'C': 272 // C must always be initialized, independently of whether it's optional 273 check_param($params, ++$j, 'zend_class_entry**', false); 274 break; 275 276 default: 277 if (!isset($API_params[$char])) { 278 error("unknown char ('$char') at column $i"); 279 } 280 281 // If an is_null flag is in use, only that flag is required to be 282 // initialized 283 $allow_uninit = $i+1 < $len && $spec[$i+1] === '!' 284 && in_array($char, array('l', 'L', 'd', 'b')); 285 286 foreach ($API_params[$char] as $exp) { 287 check_param($params, ++$j, $exp, $optional, $allow_uninit); 288 } 289 } 290 291 $last_char = $char; 292 } 293 } 294 } 295} 296 297 298/** the main recursion function. splits files in functions and calls the other functions */ 299function recurse($path) 300{ 301 foreach (scandir($path) as $file) { 302 if ($file == '.' || $file == '..' || $file == 'CVS') continue; 303 304 $file = "$path/$file"; 305 if (is_dir($file)) { 306 recurse($file); 307 continue; 308 } 309 310 // parse only .c and .cpp files 311 if (substr_compare($file, '.c', -2) && substr_compare($file, '.cpp', -4)) continue; 312 313 $txt = file_get_contents($file); 314 // remove comments (but preserve the number of lines) 315 $txt = preg_replace('@//.*@S', '', $txt); 316 $txt = preg_replace_callback('@/\*.*\*/@SsU', function($matches) { 317 return preg_replace("/[^\r\n]+/S", "", $matches[0]); 318 }, $txt); 319 320 $split = preg_split('/PHP_(?:NAMED_)?(?:FUNCTION|METHOD)\s*\((\w+(?:,\s*\w+)?)\)/S', $txt, -1, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_OFFSET_CAPTURE); 321 322 if (count($split) < 2) continue; // no functions defined on this file 323 array_shift($split); // the first part isn't relevant 324 325 326 // generate the line offsets array 327 $j = 0; 328 $lines = preg_split("/(\r\n?|\n)/S", $txt, -1, PREG_SPLIT_DELIM_CAPTURE); 329 $lines_offset = array(); 330 331 for ($i = 0; $i < count($lines); ++$i) { 332 $j += strlen($lines[$i]) + strlen(@$lines[++$i]); 333 $lines_offset[] = $j; 334 } 335 336 $GLOBALS['lines_offset'] = $lines_offset; 337 $GLOBALS['current_file'] = $file; 338 339 340 for ($i = 0; $i < count($split); $i+=2) { 341 // if the /* }}} */ comment is found use it to reduce false positives 342 // TODO: check the other indexes 343 list($f) = preg_split('@/\*\s*}}}\s*\*/@S', $split[$i+1][0]); 344 check_function(preg_replace('/\s*,\s*/S', '::', $split[$i][0]), $f, $split[$i][1]); 345 } 346 } 347} 348 349$dirs = array(); 350 351if (isset($argc) && $argc > 1) { 352 if ($argv[1] == '-h' || $argv[1] == '-help' || $argv[1] == '--help') { 353 echo <<<HELP 354Synopsis: 355 php check_parameters.php [directories] 356 357HELP; 358 exit(0); 359 } 360 for ($i = 1; $i < $argc; $i++) { 361 $dirs[] = $argv[$i]; 362 } 363} else { 364 $dirs[] = PHPDIR; 365} 366 367foreach($dirs as $dir) { 368 if (is_dir($dir)) { 369 if (!is_readable($dir)) { 370 echo "ERROR: directory '", $dir ,"' is not readable\n"; 371 exit(1); 372 } 373 } else { 374 echo "ERROR: bogus directory '", $dir ,"'\n"; 375 exit(1); 376 } 377} 378 379foreach ($dirs as $dir) { 380 recurse(realpath($dir)); 381} 382