Commit f433820
authored
Implement memory handling correctness fixes (#2016)
* Guard field path pop against empty path
Add an early return in phongo_field_path_pop when the path has no
elements to decrement. The function previously assumed callers
maintained push/pop balance, which makes the helper fragile under
future error-recovery edits.
* Match PHP semantics for Int64 bit-shift operators
ZEND_SL and ZEND_SR previously delegated directly to the C shift
operators without bounding the shift amount. Match the behaviour of
PHP's native integer shift handlers: throw ArithmeticError on negative
shift counts, return 0 (or -1 for arithmetic right-shift of a negative
value) when the count is at or above the operand width, and use an
unsigned cast for the left-shift to avoid relying on signed shift
semantics.
* Propagate failure from phongo_zval_to_bson_value_ex
Have the helper return whether the conversion populated the destination
bson_value_t and forward that result through phongo_zval_to_bson_value.
The IS_ARRAY/IS_OBJECT branch previously returned true unconditionally,
which is misleading when an exception was thrown inside the inner
encoder.
* Halt BSON traversal on exception during bsonUnserialize
The document and array visitors call into userland bsonUnserialize() but
did not consult EG(exception) before inserting the resulting object
into the parent container. When bsonUnserialize() throws, abort the
traversal cleanly and propagate the exception instead of attaching a
partially-constructed object to the parent.
* Use a digest of the URI in the persistent client cache key
The cache key produced by phongo_manager_make_client_hash previously
contained the raw connection string. Replace it with a SHA-1 digest of
the URI so the key remains a stable per-URI identifier without
embedding the connection string verbatim into long-lived process
storage.
* Handle empty field path in phongo_field_path_as_string
When all entries in field_path->elements are NULL, the loop appends
nothing and the trailing '.' overwrite would land before the start of
the allocated buffer. Branch on whether the loop wrote anything before
trimming the trailing separator.
* Drop tautological sparsity upper-bound check
The condition sparsity > INT64_MAX is always false because sparsity is
declared as int64_t. Remove the dead branch and keep the meaningful
sparsity < 0 guard.
* Use size_t for BSON data lengths in zval converters
Change phongo_bson_data_to_zval and phongo_bson_data_to_zval_ex to
accept size_t lengths instead of int, matching the unsigned width
expected by libbson's reader API. Existing callers pass uint32_t from
bson_iter_document, so the widening is implicit.
* Use size_t for pattern and flags lengths in phongo_regex_t
Bring phongo_regex_t in line with the other string-carrying structs in
this file, which already use size_t for length fields. Removes a
silent narrowing of the size_t parameter accepted by phongo_regex_init.
* Route phongo_regex_new through phongo_regex_init
phongo_regex_new (used when decoding a Regex from BSON) previously
copied the pattern and flags directly without sorting the flags
alphabetically, while phongo_regex_init does. This caused two Regex
instances representing the same pattern and flags to compare unequal
depending on which path constructed them. Defer to phongo_regex_init
to keep the canonicalisation in one place.
* Validate UTF-8 in scalar phongo_zval_to_bson_value path
The IS_STRING branch wrote the PHP string verbatim into the
bson_value_t without checking that it was valid UTF-8, while the
phongo_bson_append document-encoding path already validates. Match the
existing pattern so that invalid UTF-8 is rejected with an exception
in both code paths.
* Surface scope encoding errors from phongo_javascript_init
When phongo_zval_to_bson throws while encoding the scope, release the
already-allocated code buffer and the partially-written scope BSON,
and report failure to the caller. Previously the function returned
true even though intern was left in an inconsistent state.
* Free existing buffers before re-init in BSON value classes
phongo_binary_init, phongo_regex_init, and phongo_javascript_init
overwrote heap-owned struct members without freeing what was already
there. Re-init the slots cleanly so a second call (e.g. from a
subclass that invokes parent::__unserialize twice) does not leak the
prior allocation. As part of this, hoist the regex flags null-byte
check above the pattern allocation so a flag rejection can no longer
leave a stray pattern buffer behind.
* Address PR 2016 review feedback
- Restructure phongo_javascript_init to stage the new code/scope buffers
in temporaries and only swap them into the object once both steps have
succeeded, so a failure during scope encoding no longer leaves the
object with a freed code pointer and a stale code_len.
- Declare hash as an extension dependency in config.m4 and config.w32
now that phongo_client.c uses ext/hash for SHA-256, so non-default and
shared builds link cleanly.
- Test coverage for the new Int64 shift-bound and bson_value UTF-8
validation paths is intentionally deferred to a follow-up.
- Drop hex conversion in phongo_manager_make_client_hash: use the raw
32-byte SHA-256 digest directly as the uri key in the serialized
args array — PHP strings are binary-safe so the serialization output
is still a stable, unique cache key
- Add tests for Int64 shift-by-negative (ArithmeticError) and
shift-count-at-or-above-64 (clamp to 0 / -1)
- Add test for invalid UTF-8 in a scalar comment string passed to
BulkWrite::__construct(), covering the scalar path in
phongo_zval_to_bson_value
* Update regex for matching client hashes1 parent 332674c commit f433820
24 files changed
Lines changed: 225 additions & 49 deletions
File tree
- src
- BSON
- MongoDB
- tests
- bson
- bulk
- manager
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
480 | 480 | | |
481 | 481 | | |
482 | 482 | | |
| 483 | + | |
483 | 484 | | |
484 | 485 | | |
485 | 486 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
75 | 75 | | |
76 | 76 | | |
77 | 77 | | |
| 78 | + | |
78 | 79 | | |
79 | 80 | | |
80 | 81 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
51 | 51 | | |
52 | 52 | | |
53 | 53 | | |
| 54 | + | |
| 55 | + | |
| 56 | + | |
| 57 | + | |
54 | 58 | | |
55 | 59 | | |
56 | 60 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
443 | 443 | | |
444 | 444 | | |
445 | 445 | | |
446 | | - | |
| 446 | + | |
| 447 | + | |
| 448 | + | |
| 449 | + | |
| 450 | + | |
447 | 451 | | |
448 | 452 | | |
449 | 453 | | |
450 | 454 | | |
451 | | - | |
| 455 | + | |
| 456 | + | |
| 457 | + | |
| 458 | + | |
| 459 | + | |
452 | 460 | | |
453 | 461 | | |
454 | 462 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
30 | 30 | | |
31 | 31 | | |
32 | 32 | | |
| 33 | + | |
| 34 | + | |
| 35 | + | |
33 | 36 | | |
34 | 37 | | |
35 | 38 | | |
| |||
40 | 43 | | |
41 | 44 | | |
42 | 45 | | |
43 | | - | |
44 | | - | |
| 46 | + | |
45 | 47 | | |
46 | 48 | | |
47 | | - | |
48 | | - | |
49 | | - | |
50 | | - | |
| 49 | + | |
| 50 | + | |
| 51 | + | |
| 52 | + | |
| 53 | + | |
| 54 | + | |
| 55 | + | |
| 56 | + | |
51 | 57 | | |
52 | 58 | | |
| 59 | + | |
| 60 | + | |
| 61 | + | |
| 62 | + | |
| 63 | + | |
| 64 | + | |
| 65 | + | |
| 66 | + | |
| 67 | + | |
| 68 | + | |
| 69 | + | |
| 70 | + | |
| 71 | + | |
53 | 72 | | |
54 | 73 | | |
55 | 74 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
42 | 42 | | |
43 | 43 | | |
44 | 44 | | |
| 45 | + | |
| 46 | + | |
| 47 | + | |
| 48 | + | |
| 49 | + | |
| 50 | + | |
| 51 | + | |
| 52 | + | |
| 53 | + | |
| 54 | + | |
| 55 | + | |
| 56 | + | |
| 57 | + | |
45 | 58 | | |
46 | 59 | | |
47 | 60 | | |
48 | 61 | | |
49 | | - | |
50 | | - | |
51 | | - | |
52 | | - | |
53 | 62 | | |
54 | 63 | | |
55 | 64 | | |
| |||
296 | 305 | | |
297 | 306 | | |
298 | 307 | | |
299 | | - | |
300 | | - | |
301 | | - | |
302 | | - | |
303 | 308 | | |
304 | | - | |
| 309 | + | |
305 | 310 | | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
856 | 856 | | |
857 | 857 | | |
858 | 858 | | |
859 | | - | |
| 859 | + | |
860 | 860 | | |
861 | 861 | | |
862 | 862 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
115 | 115 | | |
116 | 116 | | |
117 | 117 | | |
118 | | - | |
| 118 | + | |
| 119 | + | |
| 120 | + | |
| 121 | + | |
| 122 | + | |
119 | 123 | | |
120 | 124 | | |
121 | 125 | | |
| |||
205 | 209 | | |
206 | 210 | | |
207 | 211 | | |
| 212 | + | |
| 213 | + | |
| 214 | + | |
| 215 | + | |
208 | 216 | | |
209 | 217 | | |
210 | 218 | | |
| |||
783 | 791 | | |
784 | 792 | | |
785 | 793 | | |
| 794 | + | |
| 795 | + | |
| 796 | + | |
| 797 | + | |
| 798 | + | |
| 799 | + | |
| 800 | + | |
| 801 | + | |
| 802 | + | |
786 | 803 | | |
787 | 804 | | |
788 | 805 | | |
| |||
859 | 876 | | |
860 | 877 | | |
861 | 878 | | |
| 879 | + | |
| 880 | + | |
| 881 | + | |
| 882 | + | |
| 883 | + | |
| 884 | + | |
| 885 | + | |
| 886 | + | |
| 887 | + | |
862 | 888 | | |
863 | 889 | | |
864 | 890 | | |
| |||
901 | 927 | | |
902 | 928 | | |
903 | 929 | | |
904 | | - | |
| 930 | + | |
905 | 931 | | |
906 | 932 | | |
907 | 933 | | |
| |||
1183 | 1209 | | |
1184 | 1210 | | |
1185 | 1211 | | |
1186 | | - | |
| 1212 | + | |
1187 | 1213 | | |
1188 | 1214 | | |
1189 | 1215 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
109 | 109 | | |
110 | 110 | | |
111 | 111 | | |
112 | | - | |
113 | | - | |
| 112 | + | |
| 113 | + | |
114 | 114 | | |
115 | 115 | | |
116 | 116 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
571 | 571 | | |
572 | 572 | | |
573 | 573 | | |
574 | | - | |
| 574 | + | |
575 | 575 | | |
576 | 576 | | |
577 | 577 | | |
578 | 578 | | |
| 579 | + | |
579 | 580 | | |
580 | 581 | | |
581 | 582 | | |
| |||
584 | 585 | | |
585 | 586 | | |
586 | 587 | | |
587 | | - | |
| 588 | + | |
588 | 589 | | |
| 590 | + | |
589 | 591 | | |
590 | 592 | | |
591 | 593 | | |
592 | 594 | | |
| 595 | + | |
| 596 | + | |
593 | 597 | | |
594 | 598 | | |
595 | 599 | | |
| |||
639 | 643 | | |
640 | 644 | | |
641 | 645 | | |
| 646 | + | |
| 647 | + | |
| 648 | + | |
| 649 | + | |
| 650 | + | |
642 | 651 | | |
643 | 652 | | |
644 | 653 | | |
| |||
651 | 660 | | |
652 | 661 | | |
653 | 662 | | |
654 | | - | |
655 | | - | |
| 663 | + | |
656 | 664 | | |
657 | 665 | | |
658 | 666 | | |
| |||
0 commit comments