gbuteyko/vkext_upload_crash_0

Author: hrissan

vkext/vk_zend.h

@@ -226,6 +226,25 @@ static zend_always_inline void vk_zend_update_public_property_long(zval *object,
 #endif
 }
 
+static zend_always_inline void vk_zend_call_known_instance_method(zval *object,
+                                                                    const char * name, size_t name_len, zval *retval_ptr,
+                                                                    uint32_t param_count, zval *params) {
+  zend_object* zobj = Z_OBJ_P(object);
+  zend_string* method_name = zend_string_init(name, name_len, 0);
+  zend_function* fun = Z_OBJ_HANDLER_P(object, get_method)(&zobj, method_name, 0);
+  zend_string_release(method_name);
+  if (!fun) {
+    return; // retval stays UNDEF
+  }
+#if PHP_MAJOR_VERSION >= 8
+  zend_call_known_instance_method(fun, zobj, retval_ptr, param_count, params);
+#else
+  zval method_name_zval;
+  ZVAL_STR(&method_name_zval, method_name);
+  call_user_function(NULL, object, &method_name_zval, retval_ptr, param_count, params);
+#endif
+}
+
 #define ZAPI_TO_PP(az)          (&(az))
 #define ZP_TO_API_P(az)         (az)
 #define SMART_STRDATA(ss)       ((ss).s)

vkext/vkext-rpc-req-error.cpp

@@ -68,13 +68,15 @@ void tl::RpcReqError::tl_fetch() {
 }
 
 void RpcError::try_fetch() {
-  int op = tl_parse_int();
+  int op = tl_lookup_int();
   if (op == TL_REQ_RESULT_HEADER) {
+    (void)tl_parse_int(); // skip op
     flags = tl_parse_int();
     header.emplace().tl_fetch(flags);
-    op = tl_parse_int();
+    op = tl_lookup_int();
   }
   if (op == TL_RPC_REQ_ERROR) {
+    (void)tl_parse_int(); // skip op
     error.emplace().tl_fetch();
   }
 }

vkext/vkext-rpc.cpp

@@ -854,9 +854,7 @@ static struct rpc_query *rpc_query_alloc(double timeout) {
   q->qid = qid;
   q->start_time = precise_now;
   q->timeout = timeout;
-  if (tl_current_function_name) {
-    q->fun_name = tl_current_function_name;
-  }
+  q->fun_name = tl_current_function_name;
 /*  ADD_CNT(tree_insert);
   START_TICKS(tree_insert);
   query_tree = tree_insert_query (query_tree, q, lrand48 ());

vkext/vkext-rpc.h

@@ -12,7 +12,7 @@
 #define RPC_BUF_SIZE (1 << 12)
 #define RPC_SERVER_MAGIC 0x8940303d
 #define RPC_BUFFER_MAGIC 0x8fa0da0c
-#define RPC_MAX_QUERY_LEN (1 << 24)
+#define RPC_MAX_QUERY_LEN ((1 << 24) - 1)
 
 #define RPC_SKIP 0
 

vkext/vkext-tl-parse.cpp

@@ -27,6 +27,13 @@ int tl_parse_int() {
   return do_rpc_fetch_int(&tl.error);
 }
 
+int tl_lookup_int() {
+  if (tl.error) {
+    return -1;
+  }
+  return do_rpc_lookup_int(&tl.error);
+}
+
 long long tl_parse_long() {
   if (tl.error) {
     return -1;
@@ -90,6 +97,7 @@ std::string tl_parse_string() {
     return res;
   }
   res.assign(s);
+  free(s);
   return res;
 }
 

vkext/vkext-tl-parse.h

@@ -9,6 +9,7 @@
 
 void tl_parse_init();
 int tl_parse_int();
+int tl_lookup_int();
 long long tl_parse_long();
 double tl_parse_double();
 float tl_parse_float();

vkext/vkext.h

@@ -7,7 +7,7 @@
 
 #include "vkext/vk_zend.h"
 
-#define VKEXT_VERSION "1.02"
+#define VKEXT_VERSION "1.02-upload-crash-0"
 
 #define VKEXT_NAME "vk_extension"