1 /*
2 +----------------------------------------------------------------------+
3 | Copyright (c) The PHP Group |
4 +----------------------------------------------------------------------+
5 | This source file is subject to version 3.01 of the PHP license, |
6 | that is bundled with this package in the file LICENSE, and is |
7 | available through the world-wide-web at the following url: |
8 | https://www.php.net/license/3_01.txt |
9 | If you did not receive a copy of the PHP license and are unable to |
10 | obtain it through the world-wide-web, please send a note to |
11 | license@php.net so we can mail you a copy immediately. |
12 +----------------------------------------------------------------------+
13 | Authors: Jani Lehtimäki <jkl@njet.net> |
14 | Thies C. Arntzen <thies@thieso.net> |
15 | Sascha Schumann <sascha@schumann.cx> |
16 +----------------------------------------------------------------------+
17 */
18
19 /* {{{ includes */
20 #include <stdio.h>
21 #include <stdlib.h>
22 #include <errno.h>
23 #include "php.h"
24 #include "php_string.h"
25 #include "php_var.h"
26 #include "zend_smart_str.h"
27 #include "basic_functions.h"
28 #include "php_incomplete_class.h"
29 #include "zend_enum.h"
30 #include "zend_exceptions.h"
31 /* }}} */
32
33 struct php_serialize_data {
34 HashTable ht;
35 uint32_t n;
36 };
37
38 #define COMMON (is_ref ? "&" : "")
39
php_array_element_dump(zval * zv,zend_ulong index,zend_string * key,int level)40 static void php_array_element_dump(zval *zv, zend_ulong index, zend_string *key, int level) /* {{{ */
41 {
42 if (key == NULL) { /* numeric key */
43 php_printf("%*c[" ZEND_LONG_FMT "]=>\n", level + 1, ' ', index);
44 } else { /* string key */
45 php_printf("%*c[\"", level + 1, ' ');
46 PHPWRITE(ZSTR_VAL(key), ZSTR_LEN(key));
47 php_printf("\"]=>\n");
48 }
49 php_var_dump(zv, level + 2);
50 }
51 /* }}} */
52
php_object_property_dump(zend_property_info * prop_info,zval * zv,zend_ulong index,zend_string * key,int level)53 static void php_object_property_dump(zend_property_info *prop_info, zval *zv, zend_ulong index, zend_string *key, int level) /* {{{ */
54 {
55 const char *prop_name, *class_name;
56
57 if (key == NULL) { /* numeric key */
58 php_printf("%*c[" ZEND_LONG_FMT "]=>\n", level + 1, ' ', index);
59 } else { /* string key */
60 int unmangle = zend_unmangle_property_name(key, &class_name, &prop_name);
61 php_printf("%*c[", level + 1, ' ');
62
63 if (class_name && unmangle == SUCCESS) {
64 if (class_name[0] == '*') {
65 php_printf("\"%s\":protected", prop_name);
66 } else {
67 php_printf("\"%s\":\"%s\":private", prop_name, class_name);
68 }
69 } else {
70 php_printf("\"");
71 PHPWRITE(ZSTR_VAL(key), ZSTR_LEN(key));
72 php_printf("\"");
73 }
74 ZEND_PUTS("]=>\n");
75 }
76
77 if (Z_TYPE_P(zv) == IS_UNDEF) {
78 ZEND_ASSERT(ZEND_TYPE_IS_SET(prop_info->type));
79 zend_string *type_str = zend_type_to_string(prop_info->type);
80 php_printf("%*cuninitialized(%s)\n",
81 level + 1, ' ', ZSTR_VAL(type_str));
82 zend_string_release(type_str);
83 } else {
84 php_var_dump(zv, level + 2);
85 }
86 }
87 /* }}} */
88
php_var_dump(zval * struc,int level)89 PHPAPI void php_var_dump(zval *struc, int level) /* {{{ */
90 {
91 HashTable *myht;
92 zend_string *class_name;
93 int is_ref = 0;
94 zend_ulong num;
95 zend_string *key;
96 zval *val;
97 uint32_t count;
98
99 if (level > 1) {
100 php_printf("%*c", level - 1, ' ');
101 }
102
103 again:
104 switch (Z_TYPE_P(struc)) {
105 case IS_FALSE:
106 php_printf("%sbool(false)\n", COMMON);
107 break;
108 case IS_TRUE:
109 php_printf("%sbool(true)\n", COMMON);
110 break;
111 case IS_NULL:
112 php_printf("%sNULL\n", COMMON);
113 break;
114 case IS_LONG:
115 php_printf("%sint(" ZEND_LONG_FMT ")\n", COMMON, Z_LVAL_P(struc));
116 break;
117 case IS_DOUBLE:
118 php_printf_unchecked("%sfloat(%.*H)\n", COMMON, (int) PG(serialize_precision), Z_DVAL_P(struc));
119 break;
120 case IS_STRING:
121 php_printf("%sstring(%zd) \"", COMMON, Z_STRLEN_P(struc));
122 PHPWRITE(Z_STRVAL_P(struc), Z_STRLEN_P(struc));
123 PUTS("\"\n");
124 break;
125 case IS_ARRAY:
126 myht = Z_ARRVAL_P(struc);
127 if (!(GC_FLAGS(myht) & GC_IMMUTABLE)) {
128 if (GC_IS_RECURSIVE(myht)) {
129 PUTS("*RECURSION*\n");
130 return;
131 }
132 GC_ADDREF(myht);
133 GC_PROTECT_RECURSION(myht);
134 }
135 count = zend_hash_num_elements(myht);
136 php_printf("%sarray(%d) {\n", COMMON, count);
137 ZEND_HASH_FOREACH_KEY_VAL(myht, num, key, val) {
138 php_array_element_dump(val, num, key, level);
139 } ZEND_HASH_FOREACH_END();
140 if (!(GC_FLAGS(myht) & GC_IMMUTABLE)) {
141 GC_UNPROTECT_RECURSION(myht);
142 GC_DELREF(myht);
143 }
144 if (level > 1) {
145 php_printf("%*c", level-1, ' ');
146 }
147 PUTS("}\n");
148 break;
149 case IS_OBJECT: {
150 zend_class_entry *ce = Z_OBJCE_P(struc);
151 if (ce->ce_flags & ZEND_ACC_ENUM) {
152 zval *case_name_zval = zend_enum_fetch_case_name(Z_OBJ_P(struc));
153 php_printf("%senum(%s::%s)\n", COMMON, ZSTR_VAL(ce->name), Z_STRVAL_P(case_name_zval));
154 return;
155 }
156 zend_object *zobj = Z_OBJ_P(struc);
157 uint32_t *guard = zend_get_recursion_guard(zobj);
158 if (ZEND_GUARD_OR_GC_IS_RECURSIVE(guard, DEBUG, zobj)) {
159 PUTS("*RECURSION*\n");
160 return;
161 }
162 ZEND_GUARD_OR_GC_PROTECT_RECURSION(guard, DEBUG, zobj);
163
164 myht = zend_get_properties_for(struc, ZEND_PROP_PURPOSE_DEBUG);
165 class_name = Z_OBJ_HANDLER_P(struc, get_class_name)(Z_OBJ_P(struc));
166 php_printf("%sobject(%s)#%d (%d) {\n", COMMON, ZSTR_VAL(class_name), Z_OBJ_HANDLE_P(struc), myht ? zend_array_count(myht) : 0);
167 zend_string_release_ex(class_name, 0);
168
169 if (myht) {
170 zend_ulong num;
171 zend_string *key;
172 zval *val;
173
174 ZEND_HASH_FOREACH_KEY_VAL(myht, num, key, val) {
175 zend_property_info *prop_info = NULL;
176
177 if (Z_TYPE_P(val) == IS_INDIRECT) {
178 val = Z_INDIRECT_P(val);
179 if (key) {
180 prop_info = zend_get_typed_property_info_for_slot(Z_OBJ_P(struc), val);
181 }
182 }
183
184 if (!Z_ISUNDEF_P(val) || prop_info) {
185 php_object_property_dump(prop_info, val, num, key, level);
186 }
187 } ZEND_HASH_FOREACH_END();
188 zend_release_properties(myht);
189 }
190 if (level > 1) {
191 php_printf("%*c", level-1, ' ');
192 }
193 PUTS("}\n");
194 ZEND_GUARD_OR_GC_UNPROTECT_RECURSION(guard, DEBUG, zobj);
195 break;
196 }
197 case IS_RESOURCE: {
198 const char *type_name = zend_rsrc_list_get_rsrc_type(Z_RES_P(struc));
199 php_printf("%sresource(" ZEND_LONG_FMT ") of type (%s)\n", COMMON, Z_RES_P(struc)->handle, type_name ? type_name : "Unknown");
200 break;
201 }
202 case IS_REFERENCE:
203 //??? hide references with refcount==1 (for compatibility)
204 if (Z_REFCOUNT_P(struc) > 1) {
205 is_ref = 1;
206 }
207 struc = Z_REFVAL_P(struc);
208 goto again;
209 break;
210 default:
211 php_printf("%sUNKNOWN:0\n", COMMON);
212 break;
213 }
214 }
215 /* }}} */
216
217 /* {{{ Dumps a string representation of variable to output */
PHP_FUNCTION(var_dump)218 PHP_FUNCTION(var_dump)
219 {
220 zval *args;
221 int argc;
222 int i;
223
224 ZEND_PARSE_PARAMETERS_START(1, -1)
225 Z_PARAM_VARIADIC('+', args, argc)
226 ZEND_PARSE_PARAMETERS_END();
227
228 for (i = 0; i < argc; i++) {
229 php_var_dump(&args[i], 1);
230 }
231 }
232 /* }}} */
233
zval_array_element_dump(zval * zv,zend_ulong index,zend_string * key,int level)234 static void zval_array_element_dump(zval *zv, zend_ulong index, zend_string *key, int level) /* {{{ */
235 {
236 if (key == NULL) { /* numeric key */
237 php_printf("%*c[" ZEND_LONG_FMT "]=>\n", level + 1, ' ', index);
238 } else { /* string key */
239 php_printf("%*c[\"", level + 1, ' ');
240 PHPWRITE(ZSTR_VAL(key), ZSTR_LEN(key));
241 php_printf("\"]=>\n");
242 }
243 php_debug_zval_dump(zv, level + 2);
244 }
245 /* }}} */
246
zval_object_property_dump(zend_property_info * prop_info,zval * zv,zend_ulong index,zend_string * key,int level)247 static void zval_object_property_dump(zend_property_info *prop_info, zval *zv, zend_ulong index, zend_string *key, int level) /* {{{ */
248 {
249 const char *prop_name, *class_name;
250
251 if (key == NULL) { /* numeric key */
252 php_printf("%*c[" ZEND_LONG_FMT "]=>\n", level + 1, ' ', index);
253 } else { /* string key */
254 zend_unmangle_property_name(key, &class_name, &prop_name);
255 php_printf("%*c[", level + 1, ' ');
256
257 if (class_name) {
258 if (class_name[0] == '*') {
259 php_printf("\"%s\":protected", prop_name);
260 } else {
261 php_printf("\"%s\":\"%s\":private", prop_name, class_name);
262 }
263 } else {
264 php_printf("\"%s\"", prop_name);
265 }
266 ZEND_PUTS("]=>\n");
267 }
268 if (prop_info && Z_TYPE_P(zv) == IS_UNDEF) {
269 zend_string *type_str = zend_type_to_string(prop_info->type);
270 php_printf("%*cuninitialized(%s)\n",
271 level + 1, ' ', ZSTR_VAL(type_str));
272 zend_string_release(type_str);
273 } else {
274 php_debug_zval_dump(zv, level + 2);
275 }
276 }
277 /* }}} */
278
php_debug_zval_dump(zval * struc,int level)279 PHPAPI void php_debug_zval_dump(zval *struc, int level) /* {{{ */
280 {
281 HashTable *myht = NULL;
282 zend_string *class_name;
283 zend_ulong index;
284 zend_string *key;
285 zval *val;
286 uint32_t count;
287 char *packed;
288
289 if (level > 1) {
290 php_printf("%*c", level - 1, ' ');
291 }
292
293 switch (Z_TYPE_P(struc)) {
294 case IS_FALSE:
295 PUTS("bool(false)\n");
296 break;
297 case IS_TRUE:
298 PUTS("bool(true)\n");
299 break;
300 case IS_NULL:
301 PUTS("NULL\n");
302 break;
303 case IS_LONG:
304 php_printf("int(" ZEND_LONG_FMT ")\n", Z_LVAL_P(struc));
305 break;
306 case IS_DOUBLE:
307 php_printf_unchecked("float(%.*H)\n", (int) PG(serialize_precision), Z_DVAL_P(struc));
308 break;
309 case IS_STRING:
310 php_printf("string(%zd) \"", Z_STRLEN_P(struc));
311 PHPWRITE(Z_STRVAL_P(struc), Z_STRLEN_P(struc));
312 if (Z_REFCOUNTED_P(struc)) {
313 php_printf("\" refcount(%u)\n", Z_REFCOUNT_P(struc));
314 } else {
315 PUTS("\" interned\n");
316 }
317 break;
318 case IS_ARRAY:
319 myht = Z_ARRVAL_P(struc);
320 if (!(GC_FLAGS(myht) & GC_IMMUTABLE)) {
321 if (GC_IS_RECURSIVE(myht)) {
322 PUTS("*RECURSION*\n");
323 return;
324 }
325 GC_ADDREF(myht);
326 GC_PROTECT_RECURSION(myht);
327 }
328 count = zend_hash_num_elements(myht);
329 packed = HT_IS_PACKED(myht) ? "packed " : "";
330 if (Z_REFCOUNTED_P(struc)) {
331 /* -1 because of ADDREF above. */
332 php_printf("array(%d) %srefcount(%u){\n", count, packed, Z_REFCOUNT_P(struc) - 1);
333 } else {
334 php_printf("array(%d) %sinterned {\n", count, packed);
335 }
336 ZEND_HASH_FOREACH_KEY_VAL(myht, index, key, val) {
337 zval_array_element_dump(val, index, key, level);
338 } ZEND_HASH_FOREACH_END();
339 if (!(GC_FLAGS(myht) & GC_IMMUTABLE)) {
340 GC_UNPROTECT_RECURSION(myht);
341 GC_DELREF(myht);
342 }
343 if (level > 1) {
344 php_printf("%*c", level - 1, ' ');
345 }
346 PUTS("}\n");
347 break;
348 case IS_OBJECT: {
349 /* Check if this is already recursing on the object before calling zend_get_properties_for,
350 * to allow infinite recursion detection to work even if classes return temporary arrays,
351 * and to avoid the need to update the properties table in place to reflect the state
352 * if the result won't be used. (https://github.com/php/php-src/issues/8044) */
353 zend_object *zobj = Z_OBJ_P(struc);
354 uint32_t *guard = zend_get_recursion_guard(zobj);
355 if (ZEND_GUARD_OR_GC_IS_RECURSIVE(guard, DEBUG, zobj)) {
356 PUTS("*RECURSION*\n");
357 return;
358 }
359 ZEND_GUARD_OR_GC_PROTECT_RECURSION(guard, DEBUG, zobj);
360
361 myht = zend_get_properties_for(struc, ZEND_PROP_PURPOSE_DEBUG);
362 class_name = Z_OBJ_HANDLER_P(struc, get_class_name)(Z_OBJ_P(struc));
363 php_printf("object(%s)#%d (%d) refcount(%u){\n", ZSTR_VAL(class_name), Z_OBJ_HANDLE_P(struc), myht ? zend_array_count(myht) : 0, Z_REFCOUNT_P(struc));
364 zend_string_release_ex(class_name, 0);
365 if (myht) {
366 ZEND_HASH_FOREACH_KEY_VAL(myht, index, key, val) {
367 zend_property_info *prop_info = NULL;
368
369 if (Z_TYPE_P(val) == IS_INDIRECT) {
370 val = Z_INDIRECT_P(val);
371 if (key) {
372 prop_info = zend_get_typed_property_info_for_slot(Z_OBJ_P(struc), val);
373 }
374 }
375
376 if (!Z_ISUNDEF_P(val) || prop_info) {
377 zval_object_property_dump(prop_info, val, index, key, level);
378 }
379 } ZEND_HASH_FOREACH_END();
380 zend_release_properties(myht);
381 }
382 if (level > 1) {
383 php_printf("%*c", level - 1, ' ');
384 }
385 PUTS("}\n");
386 ZEND_GUARD_OR_GC_UNPROTECT_RECURSION(guard, DEBUG, zobj);
387 break;
388 }
389 case IS_RESOURCE: {
390 const char *type_name = zend_rsrc_list_get_rsrc_type(Z_RES_P(struc));
391 php_printf("resource(" ZEND_LONG_FMT ") of type (%s) refcount(%u)\n", Z_RES_P(struc)->handle, type_name ? type_name : "Unknown", Z_REFCOUNT_P(struc));
392 break;
393 }
394 case IS_REFERENCE:
395 php_printf("reference refcount(%u) {\n", Z_REFCOUNT_P(struc));
396 php_debug_zval_dump(Z_REFVAL_P(struc), level + 2);
397 if (level > 1) {
398 php_printf("%*c", level - 1, ' ');
399 }
400 PUTS("}\n");
401 break;
402 default:
403 PUTS("UNKNOWN:0\n");
404 break;
405 }
406 }
407 /* }}} */
408
409 /* {{{ Dumps a string representation of an internal zend value to output. */
PHP_FUNCTION(debug_zval_dump)410 PHP_FUNCTION(debug_zval_dump)
411 {
412 zval *args;
413 int argc;
414 int i;
415
416 ZEND_PARSE_PARAMETERS_START(1, -1)
417 Z_PARAM_VARIADIC('+', args, argc)
418 ZEND_PARSE_PARAMETERS_END();
419
420 for (i = 0; i < argc; i++) {
421 php_debug_zval_dump(&args[i], 1);
422 }
423 }
424 /* }}} */
425
426 #define buffer_append_spaces(buf, num_spaces) \
427 do { \
428 char *tmp_spaces; \
429 size_t tmp_spaces_len; \
430 tmp_spaces_len = spprintf(&tmp_spaces, 0,"%*c", num_spaces, ' '); \
431 smart_str_appendl(buf, tmp_spaces, tmp_spaces_len); \
432 efree(tmp_spaces); \
433 } while(0);
434
php_array_element_export(zval * zv,zend_ulong index,zend_string * key,int level,smart_str * buf)435 static void php_array_element_export(zval *zv, zend_ulong index, zend_string *key, int level, smart_str *buf) /* {{{ */
436 {
437 if (key == NULL) { /* numeric key */
438 buffer_append_spaces(buf, level+1);
439 smart_str_append_long(buf, (zend_long) index);
440 smart_str_appendl(buf, " => ", 4);
441
442 } else { /* string key */
443 zend_string *tmp_str;
444 zend_string *ckey = php_addcslashes(key, "'\\", 2);
445 tmp_str = php_str_to_str(ZSTR_VAL(ckey), ZSTR_LEN(ckey), "\0", 1, "' . \"\\0\" . '", 12);
446
447 buffer_append_spaces(buf, level + 1);
448
449 smart_str_appendc(buf, '\'');
450 smart_str_append(buf, tmp_str);
451 smart_str_appendl(buf, "' => ", 5);
452
453 zend_string_free(ckey);
454 zend_string_free(tmp_str);
455 }
456 php_var_export_ex(zv, level + 2, buf);
457
458 smart_str_appendc(buf, ',');
459 smart_str_appendc(buf, '\n');
460 }
461 /* }}} */
462
php_object_element_export(zval * zv,zend_ulong index,zend_string * key,int level,smart_str * buf)463 static void php_object_element_export(zval *zv, zend_ulong index, zend_string *key, int level, smart_str *buf) /* {{{ */
464 {
465 buffer_append_spaces(buf, level + 2);
466 if (key != NULL) {
467 const char *class_name, *prop_name;
468 size_t prop_name_len;
469 zend_string *pname_esc;
470
471 zend_unmangle_property_name_ex(key, &class_name, &prop_name, &prop_name_len);
472 pname_esc = php_addcslashes_str(prop_name, prop_name_len, "'\\", 2);
473
474 smart_str_appendc(buf, '\'');
475 smart_str_append(buf, pname_esc);
476 smart_str_appendc(buf, '\'');
477 zend_string_release_ex(pname_esc, 0);
478 } else {
479 smart_str_append_long(buf, (zend_long) index);
480 }
481 smart_str_appendl(buf, " => ", 4);
482 php_var_export_ex(zv, level + 2, buf);
483 smart_str_appendc(buf, ',');
484 smart_str_appendc(buf, '\n');
485 }
486 /* }}} */
487
php_var_export_ex(zval * struc,int level,smart_str * buf)488 PHPAPI void php_var_export_ex(zval *struc, int level, smart_str *buf) /* {{{ */
489 {
490 HashTable *myht;
491 zend_string *ztmp, *ztmp2;
492 zend_ulong index;
493 zend_string *key;
494 zval *val;
495
496 again:
497 switch (Z_TYPE_P(struc)) {
498 case IS_FALSE:
499 smart_str_appendl(buf, "false", 5);
500 break;
501 case IS_TRUE:
502 smart_str_appendl(buf, "true", 4);
503 break;
504 case IS_NULL:
505 smart_str_appendl(buf, "NULL", 4);
506 break;
507 case IS_LONG:
508 /* INT_MIN as a literal will be parsed as a float. Emit something like
509 * -9223372036854775807-1 to avoid this. */
510 if (Z_LVAL_P(struc) == ZEND_LONG_MIN) {
511 smart_str_append_long(buf, ZEND_LONG_MIN+1);
512 smart_str_appends(buf, "-1");
513 break;
514 }
515 smart_str_append_long(buf, Z_LVAL_P(struc));
516 break;
517 case IS_DOUBLE:
518 smart_str_append_double(
519 buf, Z_DVAL_P(struc), (int) PG(serialize_precision), /* zero_fraction */ true);
520 break;
521 case IS_STRING:
522 ztmp = php_addcslashes(Z_STR_P(struc), "'\\", 2);
523 ztmp2 = php_str_to_str(ZSTR_VAL(ztmp), ZSTR_LEN(ztmp), "\0", 1, "' . \"\\0\" . '", 12);
524
525 smart_str_appendc(buf, '\'');
526 smart_str_append(buf, ztmp2);
527 smart_str_appendc(buf, '\'');
528
529 zend_string_free(ztmp);
530 zend_string_free(ztmp2);
531 break;
532 case IS_ARRAY:
533 myht = Z_ARRVAL_P(struc);
534 if (!(GC_FLAGS(myht) & GC_IMMUTABLE)) {
535 if (GC_IS_RECURSIVE(myht)) {
536 smart_str_appendl(buf, "NULL", 4);
537 zend_error(E_WARNING, "var_export does not handle circular references");
538 return;
539 }
540 GC_ADDREF(myht);
541 GC_PROTECT_RECURSION(myht);
542 }
543 if (level > 1) {
544 smart_str_appendc(buf, '\n');
545 buffer_append_spaces(buf, level - 1);
546 }
547 smart_str_appendl(buf, "array (\n", 8);
548 ZEND_HASH_FOREACH_KEY_VAL(myht, index, key, val) {
549 php_array_element_export(val, index, key, level, buf);
550 } ZEND_HASH_FOREACH_END();
551 if (!(GC_FLAGS(myht) & GC_IMMUTABLE)) {
552 GC_UNPROTECT_RECURSION(myht);
553 GC_DELREF(myht);
554 }
555 if (level > 1) {
556 buffer_append_spaces(buf, level - 1);
557 }
558 smart_str_appendc(buf, ')');
559
560 break;
561
562 case IS_OBJECT: {
563 /* Check if this is already recursing on the object before calling zend_get_properties_for,
564 * to allow infinite recursion detection to work even if classes return temporary arrays,
565 * and to avoid the need to update the properties table in place to reflect the state
566 * if the result won't be used. (https://github.com/php/php-src/issues/8044) */
567 zend_object *zobj = Z_OBJ_P(struc);
568 uint32_t *guard = zend_get_recursion_guard(zobj);
569 if (ZEND_GUARD_OR_GC_IS_RECURSIVE(guard, EXPORT, zobj)) {
570 smart_str_appendl(buf, "NULL", 4);
571 zend_error(E_WARNING, "var_export does not handle circular references");
572 return;
573 }
574 ZEND_GUARD_OR_GC_PROTECT_RECURSION(guard, EXPORT, zobj);
575 myht = zend_get_properties_for(struc, ZEND_PROP_PURPOSE_VAR_EXPORT);
576 if (level > 1) {
577 smart_str_appendc(buf, '\n');
578 buffer_append_spaces(buf, level - 1);
579 }
580
581 zend_class_entry *ce = Z_OBJCE_P(struc);
582 bool is_enum = ce->ce_flags & ZEND_ACC_ENUM;
583
584 /* stdClass has no __set_state method, but can be casted to */
585 if (ce == zend_standard_class_def) {
586 smart_str_appendl(buf, "(object) array(\n", 16);
587 } else {
588 smart_str_appendc(buf, '\\');
589 smart_str_append(buf, ce->name);
590 if (is_enum) {
591 zend_object *zobj = Z_OBJ_P(struc);
592 zval *case_name_zval = zend_enum_fetch_case_name(zobj);
593 smart_str_appendl(buf, "::", 2);
594 smart_str_append(buf, Z_STR_P(case_name_zval));
595 } else {
596 smart_str_appendl(buf, "::__set_state(array(\n", 21);
597 }
598 }
599
600 if (myht) {
601 if (!is_enum) {
602 ZEND_HASH_FOREACH_KEY_VAL_IND(myht, index, key, val) {
603 php_object_element_export(val, index, key, level, buf);
604 } ZEND_HASH_FOREACH_END();
605 }
606 zend_release_properties(myht);
607 }
608 ZEND_GUARD_OR_GC_UNPROTECT_RECURSION(guard, EXPORT, zobj);
609 if (level > 1 && !is_enum) {
610 buffer_append_spaces(buf, level - 1);
611 }
612 if (ce == zend_standard_class_def) {
613 smart_str_appendc(buf, ')');
614 } else if (!is_enum) {
615 smart_str_appendl(buf, "))", 2);
616 }
617
618 break;
619 }
620 case IS_REFERENCE:
621 struc = Z_REFVAL_P(struc);
622 goto again;
623 break;
624 default:
625 smart_str_appendl(buf, "NULL", 4);
626 break;
627 }
628 }
629 /* }}} */
630
631 /* FOR BC reasons, this will always perform and then print */
php_var_export(zval * struc,int level)632 PHPAPI void php_var_export(zval *struc, int level) /* {{{ */
633 {
634 smart_str buf = {0};
635 php_var_export_ex(struc, level, &buf);
636 smart_str_0(&buf);
637 PHPWRITE(ZSTR_VAL(buf.s), ZSTR_LEN(buf.s));
638 smart_str_free(&buf);
639 }
640 /* }}} */
641
642 /* {{{ Outputs or returns a string representation of a variable */
PHP_FUNCTION(var_export)643 PHP_FUNCTION(var_export)
644 {
645 zval *var;
646 bool return_output = 0;
647 smart_str buf = {0};
648
649 ZEND_PARSE_PARAMETERS_START(1, 2)
650 Z_PARAM_ZVAL(var)
651 Z_PARAM_OPTIONAL
652 Z_PARAM_BOOL(return_output)
653 ZEND_PARSE_PARAMETERS_END();
654
655 php_var_export_ex(var, 1, &buf);
656 smart_str_0 (&buf);
657
658 if (return_output) {
659 RETURN_STR(smart_str_extract(&buf));
660 } else {
661 PHPWRITE(ZSTR_VAL(buf.s), ZSTR_LEN(buf.s));
662 smart_str_free(&buf);
663 }
664 }
665 /* }}} */
666
667 static void php_var_serialize_intern(smart_str *buf, zval *struc, php_serialize_data_t var_hash, bool in_rcn_array, bool is_root);
668
669 /**
670 * @param bool in_rcn_array Whether the element appears in a potentially nested array with RC > 1.
671 */
php_add_var_hash(php_serialize_data_t data,zval * var,bool in_rcn_array)672 static inline zend_long php_add_var_hash(php_serialize_data_t data, zval *var, bool in_rcn_array) /* {{{ */
673 {
674 zval *zv;
675 zend_ulong key;
676 bool is_ref = Z_ISREF_P(var);
677
678 data->n += 1;
679
680 if (is_ref) {
681 /* pass */
682 } else if (Z_TYPE_P(var) != IS_OBJECT) {
683 return 0;
684 } else if (!in_rcn_array
685 && Z_REFCOUNT_P(var) == 1
686 && (Z_OBJ_P(var)->properties == NULL || GC_REFCOUNT(Z_OBJ_P(var)->properties) == 1)) {
687 return 0;
688 }
689
690 /* References to objects are treated as if the reference didn't exist */
691 if (is_ref && Z_TYPE_P(Z_REFVAL_P(var)) == IS_OBJECT) {
692 var = Z_REFVAL_P(var);
693 }
694
695 /* Index for the variable is stored using the numeric value of the pointer to
696 * the zend_refcounted struct */
697 key = (zend_ulong) (uintptr_t) Z_COUNTED_P(var);
698 zv = zend_hash_index_find(&data->ht, key);
699
700 if (zv) {
701 /* References are only counted once, undo the data->n increment above */
702 if (is_ref && Z_LVAL_P(zv) != -1) {
703 data->n -= 1;
704 }
705
706 return Z_LVAL_P(zv);
707 } else {
708 zval zv_n;
709 ZVAL_LONG(&zv_n, data->n);
710 zend_hash_index_add_new(&data->ht, key, &zv_n);
711
712 /* Additionally to the index, we also store the variable, to ensure that it is
713 * not destroyed during serialization and its pointer reused. The variable is
714 * stored at the numeric value of the pointer + 1, which cannot be the location
715 * of another zend_refcounted structure. */
716 zend_hash_index_add_new(&data->ht, key + 1, var);
717 Z_ADDREF_P(var);
718
719 return 0;
720 }
721 }
722 /* }}} */
723
php_var_serialize_long(smart_str * buf,zend_long val)724 static inline void php_var_serialize_long(smart_str *buf, zend_long val) /* {{{ */
725 {
726 char b[32];
727 char *s = zend_print_long_to_buf(b + sizeof(b) - 1, val);
728 size_t l = b + sizeof(b) - 1 - s;
729 char *res = smart_str_extend(buf, 2 + l + 1);
730 res = zend_mempcpy(res, "i:", 2);
731 memcpy(res, s, l);
732 res[l] = ';';
733 }
734 /* }}} */
735
php_var_serialize_string(smart_str * buf,char * str,size_t len)736 static inline void php_var_serialize_string(smart_str *buf, char *str, size_t len) /* {{{ */
737 {
738 char b[32];
739 char *s = zend_print_long_to_buf(b + sizeof(b) - 1, len);
740 size_t l = b + sizeof(b) - 1 - s;
741 char *res = smart_str_extend(buf, 2 + l + 2 + len + 2);
742 res = zend_mempcpy(res, "s:", 2);
743 res = zend_mempcpy(res, s, l);
744 res = zend_mempcpy(res, ":\"", 2);
745 res = zend_mempcpy(res, str, len);
746 memcpy(res, "\";", 2);
747 }
748 /* }}} */
749
php_var_serialize_class_name(smart_str * buf,zval * struc)750 static inline bool php_var_serialize_class_name(smart_str *buf, zval *struc) /* {{{ */
751 {
752 char b[32];
753 PHP_CLASS_ATTRIBUTES;
754
755 PHP_SET_CLASS_ATTRIBUTES(struc);
756 size_t class_name_len = ZSTR_LEN(class_name);
757 char *s = zend_print_long_to_buf(b + sizeof(b) - 1, class_name_len);
758 size_t l = b + sizeof(b) - 1 - s;
759 char *res = smart_str_extend(buf, 2 + l + 2 + class_name_len + 2);
760 res = zend_mempcpy(res, "O:", 2);
761 res = zend_mempcpy(res, s, l);
762 res = zend_mempcpy(res, ":\"", 2);
763 res = zend_mempcpy(res, ZSTR_VAL(class_name), class_name_len);
764 memcpy(res, "\":", 2);
765 PHP_CLEANUP_CLASS_ATTRIBUTES();
766 return incomplete_class;
767 }
768 /* }}} */
769
php_var_serialize_call_sleep(zend_object * obj,zend_function * fn)770 static HashTable* php_var_serialize_call_sleep(zend_object *obj, zend_function *fn) /* {{{ */
771 {
772 zval retval;
773
774 BG(serialize_lock)++;
775 zend_call_known_instance_method(fn, obj, &retval, /* param_count */ 0, /* params */ NULL);
776 BG(serialize_lock)--;
777
778 if (Z_ISUNDEF(retval) || EG(exception)) {
779 zval_ptr_dtor(&retval);
780 return NULL;
781 }
782
783 if (Z_TYPE(retval) != IS_ARRAY) {
784 zval_ptr_dtor(&retval);
785 php_error_docref(NULL, E_WARNING, "%s::__sleep() should return an array only containing the names of instance-variables to serialize", ZSTR_VAL(obj->ce->name));
786 return NULL;
787 }
788
789 return Z_ARRVAL(retval);
790 }
791 /* }}} */
792
php_var_serialize_call_magic_serialize(zval * retval,zval * obj)793 static int php_var_serialize_call_magic_serialize(zval *retval, zval *obj) /* {{{ */
794 {
795 BG(serialize_lock)++;
796 zend_call_known_instance_method_with_0_params(
797 Z_OBJCE_P(obj)->__serialize, Z_OBJ_P(obj), retval);
798 BG(serialize_lock)--;
799
800 if (EG(exception)) {
801 zval_ptr_dtor(retval);
802 return FAILURE;
803 }
804
805 if (Z_TYPE_P(retval) != IS_ARRAY) {
806 zval_ptr_dtor(retval);
807 zend_type_error("%s::__serialize() must return an array", ZSTR_VAL(Z_OBJCE_P(obj)->name));
808 return FAILURE;
809 }
810
811 return SUCCESS;
812 }
813 /* }}} */
814
php_var_serialize_try_add_sleep_prop(HashTable * ht,HashTable * props,zend_string * name,zend_string * error_name,zval * struc)815 static int php_var_serialize_try_add_sleep_prop(
816 HashTable *ht, HashTable *props, zend_string *name, zend_string *error_name, zval *struc) /* {{{ */
817 {
818 zval *val = zend_hash_find(props, name);
819 if (val == NULL) {
820 return FAILURE;
821 }
822
823 if (Z_TYPE_P(val) == IS_INDIRECT) {
824 val = Z_INDIRECT_P(val);
825 if (Z_TYPE_P(val) == IS_UNDEF) {
826 zend_property_info *info = zend_get_typed_property_info_for_slot(Z_OBJ_P(struc), val);
827 if (info) {
828 return SUCCESS;
829 }
830 return FAILURE;
831 }
832 }
833
834 if (!zend_hash_add(ht, name, val)) {
835 php_error_docref(NULL, E_WARNING,
836 "\"%s\" is returned from __sleep() multiple times", ZSTR_VAL(error_name));
837 return SUCCESS;
838 }
839
840 Z_TRY_ADDREF_P(val);
841 return SUCCESS;
842 }
843 /* }}} */
844
php_var_serialize_get_sleep_props(HashTable * ht,zval * struc,HashTable * sleep_retval)845 static int php_var_serialize_get_sleep_props(
846 HashTable *ht, zval *struc, HashTable *sleep_retval) /* {{{ */
847 {
848 zend_class_entry *ce = Z_OBJCE_P(struc);
849 HashTable *props = zend_get_properties_for(struc, ZEND_PROP_PURPOSE_SERIALIZE);
850 zval *name_val;
851 int retval = SUCCESS;
852
853 zend_hash_init(ht, zend_hash_num_elements(sleep_retval), NULL, ZVAL_PTR_DTOR, 0);
854 /* TODO: Rewrite this by fetching the property info instead of trying out different
855 * name manglings? */
856 ZEND_HASH_FOREACH_VAL_IND(sleep_retval, name_val) {
857 zend_string *name, *tmp_name, *priv_name, *prot_name;
858
859 ZVAL_DEREF(name_val);
860 if (Z_TYPE_P(name_val) != IS_STRING) {
861 php_error_docref(NULL, E_WARNING,
862 "%s::__sleep() should return an array only containing the names of instance-variables to serialize",
863 ZSTR_VAL(ce->name));
864 }
865
866 name = zval_get_tmp_string(name_val, &tmp_name);
867 if (php_var_serialize_try_add_sleep_prop(ht, props, name, name, struc) == SUCCESS) {
868 zend_tmp_string_release(tmp_name);
869 continue;
870 }
871
872 if (EG(exception)) {
873 zend_tmp_string_release(tmp_name);
874 retval = FAILURE;
875 break;
876 }
877
878 priv_name = zend_mangle_property_name(
879 ZSTR_VAL(ce->name), ZSTR_LEN(ce->name),
880 ZSTR_VAL(name), ZSTR_LEN(name), ce->type & ZEND_INTERNAL_CLASS);
881 if (php_var_serialize_try_add_sleep_prop(ht, props, priv_name, name, struc) == SUCCESS) {
882 zend_tmp_string_release(tmp_name);
883 zend_string_release(priv_name);
884 continue;
885 }
886 zend_string_release(priv_name);
887
888 if (EG(exception)) {
889 zend_tmp_string_release(tmp_name);
890 retval = FAILURE;
891 break;
892 }
893
894 prot_name = zend_mangle_property_name(
895 "*", 1, ZSTR_VAL(name), ZSTR_LEN(name), ce->type & ZEND_INTERNAL_CLASS);
896 if (php_var_serialize_try_add_sleep_prop(ht, props, prot_name, name, struc) == SUCCESS) {
897 zend_tmp_string_release(tmp_name);
898 zend_string_release(prot_name);
899 continue;
900 }
901 zend_string_release(prot_name);
902
903 if (EG(exception)) {
904 zend_tmp_string_release(tmp_name);
905 retval = FAILURE;
906 break;
907 }
908
909 php_error_docref(NULL, E_WARNING,
910 "\"%s\" returned as member variable from __sleep() but does not exist", ZSTR_VAL(name));
911 zend_tmp_string_release(tmp_name);
912 } ZEND_HASH_FOREACH_END();
913
914 zend_release_properties(props);
915 return retval;
916 }
917 /* }}} */
918
php_var_serialize_nested_data(smart_str * buf,zval * struc,HashTable * ht,uint32_t count,bool incomplete_class,php_serialize_data_t var_hash,bool in_rcn_array)919 static void php_var_serialize_nested_data(smart_str *buf, zval *struc, HashTable *ht, uint32_t count, bool incomplete_class, php_serialize_data_t var_hash, bool in_rcn_array) /* {{{ */
920 {
921 smart_str_append_unsigned(buf, count);
922 smart_str_appendl(buf, ":{", 2);
923 if (count > 0) {
924 zend_string *key;
925 zval *data;
926 zend_ulong index;
927
928 ZEND_HASH_FOREACH_KEY_VAL_IND(ht, index, key, data) {
929 if (incomplete_class && zend_string_equals_literal(key, MAGIC_MEMBER)) {
930 incomplete_class = 0;
931 continue;
932 }
933
934 if (!key) {
935 php_var_serialize_long(buf, index);
936 } else {
937 php_var_serialize_string(buf, ZSTR_VAL(key), ZSTR_LEN(key));
938 }
939
940 if (Z_ISREF_P(data) && Z_REFCOUNT_P(data) == 1) {
941 data = Z_REFVAL_P(data);
942 }
943
944 /* we should still add element even if it's not OK,
945 * since we already wrote the length of the array before */
946 if (Z_TYPE_P(data) == IS_ARRAY) {
947 if (UNEXPECTED(Z_IS_RECURSIVE_P(data))
948 || UNEXPECTED(Z_TYPE_P(struc) == IS_ARRAY && Z_ARR_P(data) == Z_ARR_P(struc))) {
949 php_add_var_hash(var_hash, struc, in_rcn_array);
950 smart_str_appendl(buf, "N;", 2);
951 } else {
952 if (Z_REFCOUNTED_P(data)) {
953 Z_PROTECT_RECURSION_P(data);
954 }
955 php_var_serialize_intern(buf, data, var_hash, in_rcn_array, false);
956 if (Z_REFCOUNTED_P(data)) {
957 Z_UNPROTECT_RECURSION_P(data);
958 }
959 }
960 } else {
961 php_var_serialize_intern(buf, data, var_hash, in_rcn_array, false);
962 }
963 } ZEND_HASH_FOREACH_END();
964 }
965 smart_str_appendc(buf, '}');
966 }
967 /* }}} */
968
php_var_serialize_class(smart_str * buf,zval * struc,HashTable * ht,php_serialize_data_t var_hash)969 static void php_var_serialize_class(smart_str *buf, zval *struc, HashTable *ht, php_serialize_data_t var_hash) /* {{{ */
970 {
971 HashTable props;
972
973 if (php_var_serialize_get_sleep_props(&props, struc, ht) == SUCCESS) {
974 php_var_serialize_class_name(buf, struc);
975 php_var_serialize_nested_data(
976 buf, struc, &props, zend_hash_num_elements(&props), /* incomplete_class */ 0, var_hash, GC_REFCOUNT(&props) > 1);
977 }
978 zend_hash_destroy(&props);
979 }
980 /* }}} */
981
php_var_serialize_intern(smart_str * buf,zval * struc,php_serialize_data_t var_hash,bool in_rcn_array,bool is_root)982 static void php_var_serialize_intern(smart_str *buf, zval *struc, php_serialize_data_t var_hash, bool in_rcn_array, bool is_root) /* {{{ */
983 {
984 zend_long var_already;
985 HashTable *myht;
986
987 if (EG(exception)) {
988 return;
989 }
990
991 if (var_hash && (var_already = php_add_var_hash(var_hash, struc, in_rcn_array))) {
992 if (var_already == -1) {
993 /* Reference to an object that failed to serialize, replace with null. */
994 smart_str_appendl(buf, "N;", 2);
995 return;
996 } else if (Z_ISREF_P(struc)) {
997 smart_str_appendl(buf, "R:", 2);
998 smart_str_append_long(buf, var_already);
999 smart_str_appendc(buf, ';');
1000 return;
1001 } else if (Z_TYPE_P(struc) == IS_OBJECT) {
1002 smart_str_appendl(buf, "r:", 2);
1003 smart_str_append_long(buf, var_already);
1004 smart_str_appendc(buf, ';');
1005 return;
1006 }
1007 }
1008
1009 again:
1010 switch (Z_TYPE_P(struc)) {
1011 case IS_FALSE:
1012 smart_str_appendl(buf, "b:0;", 4);
1013 return;
1014
1015 case IS_TRUE:
1016 smart_str_appendl(buf, "b:1;", 4);
1017 return;
1018
1019 case IS_NULL:
1020 smart_str_appendl(buf, "N;", 2);
1021 return;
1022
1023 case IS_LONG:
1024 php_var_serialize_long(buf, Z_LVAL_P(struc));
1025 return;
1026
1027 case IS_DOUBLE: {
1028 char tmp_str[ZEND_DOUBLE_MAX_LENGTH];
1029 zend_gcvt(Z_DVAL_P(struc), (int)PG(serialize_precision), '.', 'E', tmp_str);
1030
1031 size_t len = strlen(tmp_str);
1032 char *res = smart_str_extend(buf, 2 + len + 1);
1033 res = zend_mempcpy(res, "d:", 2);
1034 memcpy(res, tmp_str, len);
1035 res[len] = ';';
1036 return;
1037 }
1038
1039 case IS_STRING:
1040 php_var_serialize_string(buf, Z_STRVAL_P(struc), Z_STRLEN_P(struc));
1041 return;
1042
1043 case IS_OBJECT: {
1044 zend_class_entry *ce = Z_OBJCE_P(struc);
1045 bool incomplete_class;
1046 uint32_t count;
1047
1048 if (ce->ce_flags & ZEND_ACC_NOT_SERIALIZABLE) {
1049 zend_throw_exception_ex(NULL, 0, "Serialization of '%s' is not allowed",
1050 ZSTR_VAL(ce->name));
1051 return;
1052 }
1053
1054 if (ce->ce_flags & ZEND_ACC_ENUM) {
1055 PHP_CLASS_ATTRIBUTES;
1056
1057 zval *case_name_zval = zend_enum_fetch_case_name(Z_OBJ_P(struc));
1058
1059 PHP_SET_CLASS_ATTRIBUTES(struc);
1060 smart_str_appendl(buf, "E:", 2);
1061 smart_str_append_unsigned(buf, ZSTR_LEN(class_name) + strlen(":") + Z_STRLEN_P(case_name_zval));
1062 smart_str_appendl(buf, ":\"", 2);
1063 smart_str_append(buf, class_name);
1064 smart_str_appendc(buf, ':');
1065 smart_str_append(buf, Z_STR_P(case_name_zval));
1066 smart_str_appendl(buf, "\";", 2);
1067 PHP_CLEANUP_CLASS_ATTRIBUTES();
1068 return;
1069 }
1070
1071 if (ce->__serialize) {
1072 zval retval, obj;
1073 zend_string *key;
1074 zval *data;
1075 zend_ulong index;
1076
1077 ZVAL_OBJ_COPY(&obj, Z_OBJ_P(struc));
1078 if (php_var_serialize_call_magic_serialize(&retval, &obj) == FAILURE) {
1079 if (!EG(exception)) {
1080 smart_str_appendl(buf, "N;", 2);
1081 }
1082 zval_ptr_dtor(&obj);
1083 return;
1084 }
1085
1086 php_var_serialize_class_name(buf, &obj);
1087 smart_str_append_unsigned(buf, zend_hash_num_elements(Z_ARRVAL(retval)));
1088 smart_str_appendl(buf, ":{", 2);
1089 ZEND_HASH_FOREACH_KEY_VAL(Z_ARRVAL(retval), index, key, data) {
1090 if (!key) {
1091 php_var_serialize_long(buf, index);
1092 } else {
1093 php_var_serialize_string(buf, ZSTR_VAL(key), ZSTR_LEN(key));
1094 }
1095
1096 if (Z_ISREF_P(data) && Z_REFCOUNT_P(data) == 1) {
1097 data = Z_REFVAL_P(data);
1098 }
1099 php_var_serialize_intern(buf, data, var_hash, Z_REFCOUNT(retval) > 1, false);
1100 } ZEND_HASH_FOREACH_END();
1101 smart_str_appendc(buf, '}');
1102
1103 zval_ptr_dtor(&obj);
1104 zval_ptr_dtor(&retval);
1105 return;
1106 }
1107
1108 if (ce->serialize != NULL) {
1109 /* has custom handler */
1110 unsigned char *serialized_data = NULL;
1111 size_t serialized_length;
1112
1113 if (ce->serialize(struc, &serialized_data, &serialized_length, (zend_serialize_data *)var_hash) == SUCCESS) {
1114 char b1[32], b2[32];
1115 char *s1 = zend_print_long_to_buf(b1 + sizeof(b1) - 1, ZSTR_LEN(Z_OBJCE_P(struc)->name));
1116 size_t l1 = b1 + sizeof(b1) - 1 - s1;
1117 char *s2 = zend_print_long_to_buf(b2 + sizeof(b2) - 1, serialized_length);
1118 size_t l2 = b2 + sizeof(b2) - 1 - s2;
1119 char *res = smart_str_extend(buf, 2 + l1 + 2 + ZSTR_LEN(Z_OBJCE_P(struc)->name) + 2 + l2 + 2 + serialized_length + 1);
1120 res = zend_mempcpy(res, "C:", 2);
1121 res = zend_mempcpy(res, s1, l1);
1122 res = zend_mempcpy(res, ":\"", 2);
1123 res = zend_mempcpy(res, ZSTR_VAL(Z_OBJCE_P(struc)->name), ZSTR_LEN(Z_OBJCE_P(struc)->name));
1124 res = zend_mempcpy(res, "\":", 2);
1125 res = zend_mempcpy(res, s2, l2);
1126 res = zend_mempcpy(res, ":{", 2);
1127 memcpy(res, (char *) serialized_data, serialized_length);
1128 res[serialized_length] = '}';
1129 } else {
1130 /* Mark this value in the var_hash, to avoid creating references to it. */
1131 zval *var_idx = zend_hash_index_find(&var_hash->ht,
1132 (zend_ulong) (uintptr_t) Z_COUNTED_P(struc));
1133 if (var_idx) {
1134 ZVAL_LONG(var_idx, -1);
1135 }
1136 smart_str_appendl(buf, "N;", 2);
1137 }
1138 if (serialized_data) {
1139 efree(serialized_data);
1140 }
1141 return;
1142 }
1143
1144 if (ce != PHP_IC_ENTRY) {
1145 zval *zv = zend_hash_find_known_hash(&ce->function_table, ZSTR_KNOWN(ZEND_STR_SLEEP));
1146
1147 if (zv) {
1148 HashTable *ht;
1149 zval tmp;
1150
1151 ZVAL_OBJ_COPY(&tmp, Z_OBJ_P(struc));
1152 if (!(ht = php_var_serialize_call_sleep(Z_OBJ(tmp), Z_FUNC_P(zv)))) {
1153 if (!EG(exception)) {
1154 /* we should still add element even if it's not OK,
1155 * since we already wrote the length of the array before */
1156 smart_str_appendl(buf, "N;", 2);
1157 }
1158 OBJ_RELEASE(Z_OBJ(tmp));
1159 return;
1160 }
1161
1162 php_var_serialize_class(buf, &tmp, ht, var_hash);
1163 zend_array_release(ht);
1164 OBJ_RELEASE(Z_OBJ(tmp));
1165 return;
1166 }
1167 }
1168
1169 incomplete_class = php_var_serialize_class_name(buf, struc);
1170
1171 if (Z_OBJ_P(struc)->properties == NULL
1172 && Z_OBJ_HT_P(struc)->get_properties_for == NULL
1173 && Z_OBJ_HT_P(struc)->get_properties == zend_std_get_properties) {
1174 /* Optimized version without rebulding properties HashTable */
1175 zend_object *obj = Z_OBJ_P(struc);
1176 zend_class_entry *ce = obj->ce;
1177 zend_property_info *prop_info;
1178 zval *prop;
1179 int i;
1180
1181 count = ce->default_properties_count;
1182 for (i = 0; i < ce->default_properties_count; i++) {
1183 prop_info = ce->properties_info_table[i];
1184 if (!prop_info) {
1185 count--;
1186 continue;
1187 }
1188 prop = OBJ_PROP(obj, prop_info->offset);
1189 if (Z_TYPE_P(prop) == IS_UNDEF) {
1190 count--;
1191 continue;
1192 }
1193 }
1194 if (count) {
1195 smart_str_append_unsigned(buf, count);
1196 smart_str_appendl(buf, ":{", 2);
1197 for (i = 0; i < ce->default_properties_count; i++) {
1198 prop_info = ce->properties_info_table[i];
1199 if (!prop_info) {
1200 continue;
1201 }
1202 prop = OBJ_PROP(obj, prop_info->offset);
1203 if (Z_TYPE_P(prop) == IS_UNDEF) {
1204 continue;
1205 }
1206
1207 php_var_serialize_string(buf, ZSTR_VAL(prop_info->name), ZSTR_LEN(prop_info->name));
1208
1209 if (Z_ISREF_P(prop) && Z_REFCOUNT_P(prop) == 1) {
1210 prop = Z_REFVAL_P(prop);
1211 }
1212
1213 php_var_serialize_intern(buf, prop, var_hash, false, false);
1214 }
1215 smart_str_appendc(buf, '}');
1216 } else {
1217 smart_str_appendl(buf, "0:{}", 4);
1218 }
1219 return;
1220 }
1221 myht = zend_get_properties_for(struc, ZEND_PROP_PURPOSE_SERIALIZE);
1222 /* count after serializing name, since php_var_serialize_class_name
1223 * changes the count if the variable is incomplete class */
1224 count = zend_array_count(myht);
1225 if (count > 0 && incomplete_class) {
1226 --count;
1227 }
1228 php_var_serialize_nested_data(buf, struc, myht, count, incomplete_class, var_hash, GC_REFCOUNT(myht) > 1);
1229 zend_release_properties(myht);
1230 return;
1231 }
1232 case IS_ARRAY:
1233 smart_str_appendl(buf, "a:", 2);
1234 myht = Z_ARRVAL_P(struc);
1235 php_var_serialize_nested_data(
1236 buf, struc, myht, zend_array_count(myht), /* incomplete_class */ 0, var_hash,
1237 !is_root && (in_rcn_array || GC_REFCOUNT(myht) > 1));
1238 return;
1239 case IS_REFERENCE:
1240 struc = Z_REFVAL_P(struc);
1241 goto again;
1242 default:
1243 smart_str_appendl(buf, "i:0;", 4);
1244 return;
1245 }
1246 }
1247 /* }}} */
1248
php_var_serialize(smart_str * buf,zval * struc,php_serialize_data_t * data)1249 PHPAPI void php_var_serialize(smart_str *buf, zval *struc, php_serialize_data_t *data) /* {{{ */
1250 {
1251 php_var_serialize_intern(buf, struc, *data, false, true);
1252 smart_str_0(buf);
1253 }
1254 /* }}} */
1255
php_var_serialize_init(void)1256 PHPAPI php_serialize_data_t php_var_serialize_init(void) {
1257 struct php_serialize_data *d;
1258 /* fprintf(stderr, "SERIALIZE_INIT == lock: %u, level: %u\n", BG(serialize_lock), BG(serialize).level); */
1259 if (BG(serialize_lock) || !BG(serialize).level) {
1260 d = emalloc(sizeof(struct php_serialize_data));
1261 zend_hash_init(&d->ht, 16, NULL, ZVAL_PTR_DTOR, 0);
1262 d->n = 0;
1263 if (!BG(serialize_lock)) {
1264 BG(serialize).data = d;
1265 BG(serialize).level = 1;
1266 }
1267 } else {
1268 d = BG(serialize).data;
1269 ++BG(serialize).level;
1270 }
1271 return d;
1272 }
1273
php_var_serialize_destroy(php_serialize_data_t d)1274 PHPAPI void php_var_serialize_destroy(php_serialize_data_t d) {
1275 /* fprintf(stderr, "SERIALIZE_DESTROY == lock: %u, level: %u\n", BG(serialize_lock), BG(serialize).level); */
1276 if (BG(serialize_lock) || BG(serialize).level == 1) {
1277 zend_hash_destroy(&d->ht);
1278 efree(d);
1279 }
1280 if (!BG(serialize_lock) && !--BG(serialize).level) {
1281 BG(serialize).data = NULL;
1282 }
1283 }
1284
1285 /* {{{ Returns a string representation of variable (which can later be unserialized) */
PHP_FUNCTION(serialize)1286 PHP_FUNCTION(serialize)
1287 {
1288 zval *struc;
1289 php_serialize_data_t var_hash;
1290 smart_str buf = {0};
1291
1292 ZEND_PARSE_PARAMETERS_START(1, 1)
1293 Z_PARAM_ZVAL(struc)
1294 ZEND_PARSE_PARAMETERS_END();
1295
1296 PHP_VAR_SERIALIZE_INIT(var_hash);
1297 php_var_serialize(&buf, struc, &var_hash);
1298 PHP_VAR_SERIALIZE_DESTROY(var_hash);
1299
1300 if (EG(exception)) {
1301 smart_str_free(&buf);
1302 RETURN_THROWS();
1303 }
1304
1305 RETURN_STR(smart_str_extract(&buf));
1306 }
1307 /* }}} */
1308
1309 /* {{{ Takes a string representation of variable and recreates it, subject to the optional unserialize options HashTable */
php_unserialize_with_options(zval * return_value,const char * buf,const size_t buf_len,HashTable * options,const char * function_name)1310 PHPAPI void php_unserialize_with_options(zval *return_value, const char *buf, const size_t buf_len, HashTable *options, const char* function_name)
1311 {
1312 const unsigned char *p;
1313 php_unserialize_data_t var_hash;
1314 zval *retval;
1315 HashTable *class_hash = NULL, *prev_class_hash;
1316 zend_long prev_max_depth, prev_cur_depth;
1317
1318 if (buf_len == 0) {
1319 RETURN_FALSE;
1320 }
1321
1322 p = (const unsigned char*) buf;
1323 PHP_VAR_UNSERIALIZE_INIT(var_hash);
1324
1325 prev_class_hash = php_var_unserialize_get_allowed_classes(var_hash);
1326 prev_max_depth = php_var_unserialize_get_max_depth(var_hash);
1327 prev_cur_depth = php_var_unserialize_get_cur_depth(var_hash);
1328 if (options != NULL) {
1329 zval *classes, *max_depth;
1330
1331 classes = zend_hash_str_find_deref(options, "allowed_classes", sizeof("allowed_classes")-1);
1332 if (classes && Z_TYPE_P(classes) != IS_ARRAY && Z_TYPE_P(classes) != IS_TRUE && Z_TYPE_P(classes) != IS_FALSE) {
1333 zend_type_error("%s(): Option \"allowed_classes\" must be of type array|bool, %s given", function_name, zend_zval_value_name(classes));
1334 goto cleanup;
1335 }
1336
1337 if(classes && (Z_TYPE_P(classes) == IS_ARRAY || !zend_is_true(classes))) {
1338 ALLOC_HASHTABLE(class_hash);
1339 zend_hash_init(class_hash, (Z_TYPE_P(classes) == IS_ARRAY)?zend_hash_num_elements(Z_ARRVAL_P(classes)):0, NULL, NULL, 0);
1340 }
1341 if(class_hash && Z_TYPE_P(classes) == IS_ARRAY) {
1342 zval *entry;
1343 zend_string *lcname;
1344
1345 ZEND_HASH_FOREACH_VAL(Z_ARRVAL_P(classes), entry) {
1346 convert_to_string(entry);
1347 lcname = zend_string_tolower(Z_STR_P(entry));
1348 zend_hash_add_empty_element(class_hash, lcname);
1349 zend_string_release_ex(lcname, 0);
1350 } ZEND_HASH_FOREACH_END();
1351
1352 /* Exception during string conversion. */
1353 if (EG(exception)) {
1354 goto cleanup;
1355 }
1356 }
1357 php_var_unserialize_set_allowed_classes(var_hash, class_hash);
1358
1359 max_depth = zend_hash_str_find_deref(options, "max_depth", sizeof("max_depth") - 1);
1360 if (max_depth) {
1361 if (Z_TYPE_P(max_depth) != IS_LONG) {
1362 zend_type_error("%s(): Option \"max_depth\" must be of type int, %s given", function_name, zend_zval_value_name(max_depth));
1363 goto cleanup;
1364 }
1365 if (Z_LVAL_P(max_depth) < 0) {
1366 zend_value_error("%s(): Option \"max_depth\" must be greater than or equal to 0", function_name);
1367 goto cleanup;
1368 }
1369
1370 php_var_unserialize_set_max_depth(var_hash, Z_LVAL_P(max_depth));
1371 /* If the max_depth for a nested unserialize() call has been overridden,
1372 * start counting from zero again (for the nested call only). */
1373 php_var_unserialize_set_cur_depth(var_hash, 0);
1374 }
1375 }
1376
1377 if (BG(unserialize).level > 1) {
1378 retval = var_tmp_var(&var_hash);
1379 } else {
1380 retval = return_value;
1381 }
1382 if (!php_var_unserialize(retval, &p, p + buf_len, &var_hash)) {
1383 if (!EG(exception)) {
1384 php_error_docref(NULL, E_WARNING, "Error at offset " ZEND_LONG_FMT " of %zd bytes",
1385 (zend_long)((char*)p - buf), buf_len);
1386 }
1387 if (BG(unserialize).level <= 1) {
1388 zval_ptr_dtor(return_value);
1389 }
1390 RETVAL_FALSE;
1391 } else {
1392 if ((char*)p < buf + buf_len) {
1393 if (!EG(exception)) {
1394 php_error_docref(NULL, E_WARNING, "Extra data starting at offset " ZEND_LONG_FMT " of %zd bytes",
1395 (zend_long)((char*)p - buf), buf_len);
1396 }
1397 }
1398 if (BG(unserialize).level > 1) {
1399 ZVAL_COPY(return_value, retval);
1400 } else if (Z_REFCOUNTED_P(return_value)) {
1401 zend_refcounted *ref = Z_COUNTED_P(return_value);
1402 gc_check_possible_root(ref);
1403 }
1404 }
1405
1406 cleanup:
1407 if (class_hash) {
1408 zend_hash_destroy(class_hash);
1409 FREE_HASHTABLE(class_hash);
1410 }
1411
1412 /* Reset to previous options in case this is a nested call */
1413 php_var_unserialize_set_allowed_classes(var_hash, prev_class_hash);
1414 php_var_unserialize_set_max_depth(var_hash, prev_max_depth);
1415 php_var_unserialize_set_cur_depth(var_hash, prev_cur_depth);
1416 PHP_VAR_UNSERIALIZE_DESTROY(var_hash);
1417
1418 /* Per calling convention we must not return a reference here, so unwrap. We're doing this at
1419 * the very end, because __wakeup() calls performed during UNSERIALIZE_DESTROY might affect
1420 * the value we unwrap here. This is compatible with behavior in PHP <=7.0. */
1421 if (Z_ISREF_P(return_value)) {
1422 zend_unwrap_reference(return_value);
1423 }
1424 }
1425 /* }}} */
1426
1427 /* {{{ Takes a string representation of variable and recreates it */
PHP_FUNCTION(unserialize)1428 PHP_FUNCTION(unserialize)
1429 {
1430 char *buf = NULL;
1431 size_t buf_len;
1432 HashTable *options = NULL;
1433
1434 ZEND_PARSE_PARAMETERS_START(1, 2)
1435 Z_PARAM_STRING(buf, buf_len)
1436 Z_PARAM_OPTIONAL
1437 Z_PARAM_ARRAY_HT(options)
1438 ZEND_PARSE_PARAMETERS_END();
1439
1440 php_unserialize_with_options(return_value, buf, buf_len, options, "unserialize");
1441 }
1442 /* }}} */
1443
1444 /* {{{ Returns the allocated by PHP memory */
PHP_FUNCTION(memory_get_usage)1445 PHP_FUNCTION(memory_get_usage) {
1446 bool real_usage = 0;
1447
1448 ZEND_PARSE_PARAMETERS_START(0, 1)
1449 Z_PARAM_OPTIONAL
1450 Z_PARAM_BOOL(real_usage)
1451 ZEND_PARSE_PARAMETERS_END();
1452
1453 RETURN_LONG(zend_memory_usage(real_usage));
1454 }
1455 /* }}} */
1456
1457 /* {{{ Returns the peak allocated by PHP memory */
PHP_FUNCTION(memory_get_peak_usage)1458 PHP_FUNCTION(memory_get_peak_usage) {
1459 bool real_usage = 0;
1460
1461 ZEND_PARSE_PARAMETERS_START(0, 1)
1462 Z_PARAM_OPTIONAL
1463 Z_PARAM_BOOL(real_usage)
1464 ZEND_PARSE_PARAMETERS_END();
1465
1466 RETURN_LONG(zend_memory_peak_usage(real_usage));
1467 }
1468 /* }}} */
1469
1470 /* {{{ Resets the peak PHP memory usage */
PHP_FUNCTION(memory_reset_peak_usage)1471 PHP_FUNCTION(memory_reset_peak_usage) {
1472 ZEND_PARSE_PARAMETERS_NONE();
1473
1474 zend_memory_reset_peak_usage();
1475 }
1476 /* }}} */
1477
1478 PHP_INI_BEGIN()
1479 STD_PHP_INI_ENTRY("unserialize_max_depth", "4096", PHP_INI_ALL, OnUpdateLong, unserialize_max_depth, php_basic_globals, basic_globals)
PHP_INI_END()1480 PHP_INI_END()
1481
1482 PHP_MINIT_FUNCTION(var)
1483 {
1484 REGISTER_INI_ENTRIES();
1485 return SUCCESS;
1486 }
1487