Skip to content

Commit 0cb5a69

Browse files
committed
Audit INI_STR
1 parent 338d795 commit 0cb5a69

File tree

9 files changed

+20
-26
lines changed

9 files changed

+20
-26
lines changed

Zend/zend_fibers.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -573,8 +573,8 @@ static ZEND_STACK_ALIGNED void zend_fiber_execute(zend_fiber_transfer *transfer)
573573

574574
/* Determine the current error_reporting ini setting. */
575575
zend_long error_reporting = INI_INT("error_reporting");
576-
/* If error_reporting is 0 and not explicitly set to 0, INI_STR returns a null pointer. */
577-
if (!error_reporting && !INI_STR("error_reporting")) {
576+
/* If error_reporting is 0 and not explicitly set to 0, zend_ini_str returns a null pointer. */
577+
if (!error_reporting && !zend_ini_str(ZEND_STRL("error_reporting"), false)) {
578578
error_reporting = E_ALL;
579579
}
580580

ext/com_dotnet/com_dotnet.c

Lines changed: 3 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -127,7 +127,6 @@ static HRESULT dotnet_bind_runtime(LPVOID FAR *ppv)
127127
typedef HRESULT (STDAPICALLTYPE *cbtr_t)(LPCWSTR pwszVersion, LPCWSTR pwszBuildFlavor, REFCLSID rclsid, REFIID riid, LPVOID FAR *ppv);
128128
cbtr_t CorBindToRuntime;
129129
OLECHAR *oleversion;
130-
char *version;
131130

132131
mscoree = LoadLibraryA("mscoree.dll");
133132
if (mscoree == NULL) {
@@ -140,11 +139,11 @@ static HRESULT dotnet_bind_runtime(LPVOID FAR *ppv)
140139
return S_FALSE;
141140
}
142141

143-
version = INI_STR("com.dotnet_version");
144-
if (version == NULL || *version == '\0') {
142+
const zend_string *version = zend_ini_str(ZEND_STRL("com.dotnet_version"), false);
143+
if (version == NULL || ZSTR_LEN(version) == 0) {
145144
oleversion = NULL;
146145
} else {
147-
oleversion = php_com_string_to_olestring(version, strlen(version), COMG(code_page));
146+
oleversion = php_com_string_to_olestring(ZSTR_VAL(version), ZSTR_LEN(version), COMG(code_page));
148147
}
149148

150149
hr = CorBindToRuntime(oleversion, NULL, &CLSID_CorRuntimeHost, &IID_ICorRuntimeHost, ppv);

ext/curl/interface.c

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1100,8 +1100,6 @@ static void create_certinfo(struct curl_certinfo *ci, zval *listcode)
11001100
Set default options for a handle */
11011101
static void _php_curl_set_default_options(php_curl *ch)
11021102
{
1103-
char *cainfo;
1104-
11051103
curl_easy_setopt(ch->cp, CURLOPT_NOPROGRESS, 1L);
11061104
curl_easy_setopt(ch->cp, CURLOPT_VERBOSE, 0L);
11071105
curl_easy_setopt(ch->cp, CURLOPT_ERRORBUFFER, ch->err.str);
@@ -1114,7 +1112,7 @@ static void _php_curl_set_default_options(php_curl *ch)
11141112
curl_easy_setopt(ch->cp, CURLOPT_DNS_CACHE_TIMEOUT, 120L);
11151113
curl_easy_setopt(ch->cp, CURLOPT_MAXREDIRS, 20L); /* prevent infinite redirects */
11161114

1117-
cainfo = INI_STR("openssl.cafile");
1115+
const char* cainfo = INI_STR("openssl.cafile");
11181116
if (!(cainfo && cainfo[0] != '\0')) {
11191117
cainfo = INI_STR("curl.cainfo");
11201118
}

ext/standard/browscap.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -399,7 +399,7 @@ static void php_browscap_parser_cb(zval *arg1, zval *arg2, zval *arg3, int callb
399399
}
400400
/* }}} */
401401

402-
static zend_result browscap_read_file(char *filename, browser_data *browdata, bool persistent) /* {{{ */
402+
static zend_result browscap_read_file(const char *filename, browser_data *browdata, bool persistent) /* {{{ */
403403
{
404404
zend_file_handle fh;
405405
browscap_parser_ctx ctx = {0};
@@ -499,7 +499,7 @@ PHP_INI_MH(OnChangeBrowscap)
499499

500500
PHP_MINIT_FUNCTION(browscap) /* {{{ */
501501
{
502-
char *browscap = INI_STR("browscap");
502+
const char *browscap = INI_STR("browscap");
503503

504504
#ifdef ZTS
505505
ts_allocate_id(&browscap_globals_id, sizeof(browser_data), (ts_allocate_ctor) browscap_globals_ctor, NULL);

ext/standard/dl.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -114,7 +114,7 @@ PHPAPI int php_load_extension(const char *filename, int type, int start_now)
114114
zend_module_entry *module_entry;
115115
zend_module_entry *(*get_module)(void);
116116
int error_type, slash_suffix = 0;
117-
char *extension_dir;
117+
const char *extension_dir;
118118
char *err1, *err2;
119119

120120
if (type == MODULE_PERSISTENT) {

ext/standard/mail.c

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -437,7 +437,7 @@ static int php_mail_detect_multiple_crlf(const char *hdr) {
437437
PHPAPI bool php_mail(const char *to, const char *subject, const char *message, const char *headers, const zend_string *extra_cmd)
438438
{
439439
FILE *sendmail;
440-
char *sendmail_path = INI_STR("sendmail_path");
440+
const char *sendmail_path = INI_STR("sendmail_path");
441441
char *sendmail_cmd = NULL;
442442
const zend_string *mail_log = zend_ini_str(ZEND_STRL("mail.log"), false);
443443
const char *hdr = headers;
@@ -553,7 +553,7 @@ PHPAPI bool php_mail(const char *to, const char *subject, const char *message, c
553553
if (extra_cmd != NULL) {
554554
spprintf(&sendmail_cmd, 0, "%s %s", sendmail_path, ZSTR_VAL(extra_cmd));
555555
} else {
556-
sendmail_cmd = sendmail_path;
556+
sendmail_cmd = (char*)sendmail_path;
557557
}
558558

559559
#if PHP_SIGCHILD
@@ -701,7 +701,7 @@ PHPAPI bool php_mail(const char *to, const char *subject, const char *message, c
701701
/* {{{ PHP_MINFO_FUNCTION */
702702
PHP_MINFO_FUNCTION(mail)
703703
{
704-
char *sendmail_path = INI_STR("sendmail_path");
704+
const char *sendmail_path = INI_STR("sendmail_path");
705705

706706
#ifdef PHP_WIN32
707707
if (!sendmail_path) {

main/main.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1471,8 +1471,8 @@ static ZEND_COLD void php_error_cb(int orig_type, zend_string *error_filename, c
14711471
if (PG(xmlrpc_errors)) {
14721472
php_printf("<?xml version=\"1.0\"?><methodResponse><fault><value><struct><member><name>faultCode</name><value><int>" ZEND_LONG_FMT "</int></value></member><member><name>faultString</name><value><string>%s:%s in %s on line %" PRIu32 "%s%s</string></value></member></struct></value></fault></methodResponse>", PG(xmlrpc_error_number), error_type_str, ZSTR_VAL(message), ZSTR_VAL(error_filename), error_lineno, ZSTR_LEN(backtrace) ? "\nStack trace:\n" : "", ZSTR_VAL(backtrace));
14731473
} else {
1474-
char *prepend_string = INI_STR("error_prepend_string");
1475-
char *append_string = INI_STR("error_append_string");
1474+
const char *prepend_string = INI_STR("error_prepend_string");
1475+
const char *append_string = INI_STR("error_append_string");
14761476

14771477
if (PG(html_errors)) {
14781478
if (type == E_ERROR || type == E_PARSE) {

main/php_ini.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -334,7 +334,7 @@ static void php_load_zend_extension_cb(void *arg)
334334
} else {
335335
DL_HANDLE handle;
336336
char *libpath;
337-
char *extension_dir = INI_STR("extension_dir");
337+
const char *extension_dir = INI_STR("extension_dir");
338338
int slash_suffix = 0;
339339
char *err1, *err2;
340340

sapi/phpdbg/phpdbg_prompt.c

Lines changed: 5 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1190,19 +1190,16 @@ static void add_zendext_info(zend_extension *ext) /* {{{ */ {
11901190
#ifdef HAVE_LIBDL
11911191
PHPDBG_API const char *phpdbg_load_module_or_extension(char **path, const char **name) /* {{{ */ {
11921192
DL_HANDLE handle;
1193-
char *extension_dir;
1194-
1195-
extension_dir = INI_STR("extension_dir");
1193+
zend_string *extension_dir = zend_ini_str(ZEND_STRL("extension_dir"), false);
11961194

11971195
if (strchr(*path, '/') != NULL || strchr(*path, DEFAULT_SLASH) != NULL) {
11981196
/* path is fine */
1199-
} else if (extension_dir && extension_dir[0]) {
1197+
} else if (extension_dir && ZSTR_LEN(extension_dir)) {
12001198
char *libpath;
1201-
int extension_dir_len = strlen(extension_dir);
1202-
if (IS_SLASH(extension_dir[extension_dir_len-1])) {
1203-
spprintf(&libpath, 0, "%s%s", extension_dir, *path); /* SAFE */
1199+
if (IS_SLASH(ZSTR_VAL(extension_dir)[ZSTR_LEN(extension_dir-1)])) {
1200+
spprintf(&libpath, 0, "%s%s", ZSTR_VAL(extension_dir), *path); /* SAFE */
12041201
} else {
1205-
spprintf(&libpath, 0, "%s%c%s", extension_dir, DEFAULT_SLASH, *path); /* SAFE */
1202+
spprintf(&libpath, 0, "%s%c%s", ZSTR_VAL(extension_dir), DEFAULT_SLASH, *path); /* SAFE */
12061203
}
12071204
efree(*path);
12081205
*path = libpath;

0 commit comments

Comments
 (0)