1 /*
2 +----------------------------------------------------------------------+
3 | Zend Engine |
4 +----------------------------------------------------------------------+
5 | Copyright (c) Zend Technologies Ltd. (http://www.zend.com) |
6 +----------------------------------------------------------------------+
7 | This source file is subject to version 2.00 of the Zend license, |
8 | that is bundled with this package in the file LICENSE, and is |
9 | available through the world-wide-web at the following url: |
10 | http://www.zend.com/license/2_00.txt. |
11 | If you did not receive a copy of the Zend license and are unable to |
12 | obtain it through the world-wide-web, please send a note to |
13 | license@zend.com so we can mail you a copy immediately. |
14 +----------------------------------------------------------------------+
15 | Authors: Andi Gutmans <andi@php.net> |
16 | Zeev Suraski <zeev@php.net> |
17 | Dmitry Stogov <dmitry@php.net> |
18 +----------------------------------------------------------------------+
19 */
20
21 #include "zend.h"
22 #include "zend_globals.h"
23 #include "zend_variables.h"
24 #include "zend_API.h"
25 #include "zend_objects.h"
26 #include "zend_objects_API.h"
27 #include "zend_object_handlers.h"
28 #include "zend_interfaces.h"
29 #include "zend_exceptions.h"
30 #include "zend_closures.h"
31 #include "zend_compile.h"
32 #include "zend_hash.h"
33
34 #define DEBUG_OBJECT_HANDLERS 0
35
36 #define ZEND_WRONG_PROPERTY_OFFSET 0
37
38 /* guard flags */
39 #define IN_GET (1<<0)
40 #define IN_SET (1<<1)
41 #define IN_UNSET (1<<2)
42 #define IN_ISSET (1<<3)
43
44 /*
45 __X accessors explanation:
46
47 if we have __get and property that is not part of the properties array is
48 requested, we call __get handler. If it fails, we return uninitialized.
49
50 if we have __set and property that is not part of the properties array is
51 set, we call __set handler. If it fails, we do not change the array.
52
53 for both handlers above, when we are inside __get/__set, no further calls for
54 __get/__set for this property of this object will be made, to prevent endless
55 recursion and enable accessors to change properties array.
56
57 if we have __call and method which is not part of the class function table is
58 called, we cal __call handler.
59 */
60
rebuild_object_properties(zend_object * zobj)61 ZEND_API void rebuild_object_properties(zend_object *zobj) /* {{{ */
62 {
63 if (!zobj->properties) {
64 zend_property_info *prop_info;
65 zend_class_entry *ce = zobj->ce;
66 int i;
67
68 zobj->properties = zend_new_array(ce->default_properties_count);
69 if (ce->default_properties_count) {
70 zend_hash_real_init_mixed(zobj->properties);
71 for (i = 0; i < ce->default_properties_count; i++) {
72 prop_info = ce->properties_info_table[i];
73
74 if (!prop_info) {
75 continue;
76 }
77
78 if (UNEXPECTED(Z_TYPE_P(OBJ_PROP(zobj, prop_info->offset)) == IS_UNDEF)) {
79 HT_FLAGS(zobj->properties) |= HASH_FLAG_HAS_EMPTY_IND;
80 }
81
82 _zend_hash_append_ind(zobj->properties, prop_info->name,
83 OBJ_PROP(zobj, prop_info->offset));
84 }
85 }
86 }
87 }
88 /* }}} */
89
zend_std_build_object_properties_array(zend_object * zobj)90 ZEND_API HashTable *zend_std_build_object_properties_array(zend_object *zobj) /* {{{ */
91 {
92 zend_property_info *prop_info;
93 zend_class_entry *ce = zobj->ce;
94 HashTable *ht;
95 zval* prop;
96 int i;
97
98 ZEND_ASSERT(!zobj->properties);
99 ht = zend_new_array(ce->default_properties_count);
100 if (ce->default_properties_count) {
101 zend_hash_real_init_mixed(ht);
102 for (i = 0; i < ce->default_properties_count; i++) {
103 prop_info = ce->properties_info_table[i];
104
105 if (!prop_info) {
106 continue;
107 }
108
109 prop = OBJ_PROP(zobj, prop_info->offset);
110 if (UNEXPECTED(Z_TYPE_P(prop) == IS_UNDEF)) {
111 continue;
112 }
113
114 Z_TRY_ADDREF_P(prop);
115 _zend_hash_append(ht, prop_info->name, prop);
116 }
117 }
118 return ht;
119 }
120 /* }}} */
121
zend_std_get_properties(zend_object * zobj)122 ZEND_API HashTable *zend_std_get_properties(zend_object *zobj) /* {{{ */
123 {
124 if (!zobj->properties) {
125 rebuild_object_properties(zobj);
126 }
127 return zobj->properties;
128 }
129 /* }}} */
130
zend_std_get_gc(zend_object * zobj,zval ** table,int * n)131 ZEND_API HashTable *zend_std_get_gc(zend_object *zobj, zval **table, int *n) /* {{{ */
132 {
133 if (zobj->handlers->get_properties != zend_std_get_properties) {
134 *table = NULL;
135 *n = 0;
136 return zobj->handlers->get_properties(zobj);
137 } else {
138 if (zobj->properties) {
139 *table = NULL;
140 *n = 0;
141 return zobj->properties;
142 } else {
143 *table = zobj->properties_table;
144 *n = zobj->ce->default_properties_count;
145 return NULL;
146 }
147 }
148 }
149 /* }}} */
150
zend_std_get_debug_info(zend_object * object,int * is_temp)151 ZEND_API HashTable *zend_std_get_debug_info(zend_object *object, int *is_temp) /* {{{ */
152 {
153 zend_class_entry *ce = object->ce;
154 zval retval;
155 HashTable *ht;
156
157 if (!ce->__debugInfo) {
158 *is_temp = 0;
159 return object->handlers->get_properties(object);
160 }
161
162 zend_call_known_instance_method_with_0_params(ce->__debugInfo, object, &retval);
163 if (Z_TYPE(retval) == IS_ARRAY) {
164 if (!Z_REFCOUNTED(retval)) {
165 *is_temp = 1;
166 return zend_array_dup(Z_ARRVAL(retval));
167 } else if (Z_REFCOUNT(retval) <= 1) {
168 *is_temp = 1;
169 ht = Z_ARR(retval);
170 return ht;
171 } else {
172 *is_temp = 0;
173 zval_ptr_dtor(&retval);
174 return Z_ARRVAL(retval);
175 }
176 } else if (Z_TYPE(retval) == IS_NULL) {
177 *is_temp = 1;
178 ht = zend_new_array(0);
179 return ht;
180 }
181
182 zend_error_noreturn(E_ERROR, ZEND_DEBUGINFO_FUNC_NAME "() must return an array");
183
184 return NULL; /* Compilers are dumb and don't understand that noreturn means that the function does NOT need a return value... */
185 }
186 /* }}} */
187
zend_std_call_getter(zend_object * zobj,zend_string * prop_name,zval * retval)188 static void zend_std_call_getter(zend_object *zobj, zend_string *prop_name, zval *retval) /* {{{ */
189 {
190 zval member;
191 ZVAL_STR(&member, prop_name);
192 zend_call_known_instance_method_with_1_params(zobj->ce->__get, zobj, retval, &member);
193 }
194 /* }}} */
195
zend_std_call_setter(zend_object * zobj,zend_string * prop_name,zval * value)196 static void zend_std_call_setter(zend_object *zobj, zend_string *prop_name, zval *value) /* {{{ */
197 {
198 zval args[2];
199 ZVAL_STR(&args[0], prop_name);
200 ZVAL_COPY_VALUE(&args[1], value);
201 zend_call_known_instance_method(zobj->ce->__set, zobj, NULL, 2, args);
202 }
203 /* }}} */
204
zend_std_call_unsetter(zend_object * zobj,zend_string * prop_name)205 static void zend_std_call_unsetter(zend_object *zobj, zend_string *prop_name) /* {{{ */
206 {
207 zval member;
208 ZVAL_STR(&member, prop_name);
209 zend_call_known_instance_method_with_1_params(zobj->ce->__unset, zobj, NULL, &member);
210 }
211 /* }}} */
212
zend_std_call_issetter(zend_object * zobj,zend_string * prop_name,zval * retval)213 static void zend_std_call_issetter(zend_object *zobj, zend_string *prop_name, zval *retval) /* {{{ */
214 {
215 zval member;
216 ZVAL_STR(&member, prop_name);
217 zend_call_known_instance_method_with_1_params(zobj->ce->__isset, zobj, retval, &member);
218 }
219 /* }}} */
220
221
is_derived_class(zend_class_entry * child_class,zend_class_entry * parent_class)222 static zend_always_inline bool is_derived_class(zend_class_entry *child_class, zend_class_entry *parent_class) /* {{{ */
223 {
224 child_class = child_class->parent;
225 while (child_class) {
226 if (child_class == parent_class) {
227 return 1;
228 }
229 child_class = child_class->parent;
230 }
231
232 return 0;
233 }
234 /* }}} */
235
is_protected_compatible_scope(zend_class_entry * ce,zend_class_entry * scope)236 static zend_never_inline int is_protected_compatible_scope(zend_class_entry *ce, zend_class_entry *scope) /* {{{ */
237 {
238 return scope &&
239 (is_derived_class(ce, scope) || is_derived_class(scope, ce));
240 }
241 /* }}} */
242
zend_get_parent_private_property(zend_class_entry * scope,zend_class_entry * ce,zend_string * member)243 static zend_never_inline zend_property_info *zend_get_parent_private_property(zend_class_entry *scope, zend_class_entry *ce, zend_string *member) /* {{{ */
244 {
245 zval *zv;
246 zend_property_info *prop_info;
247
248 if (scope != ce && scope && is_derived_class(ce, scope)) {
249 zv = zend_hash_find(&scope->properties_info, member);
250 if (zv != NULL) {
251 prop_info = (zend_property_info*)Z_PTR_P(zv);
252 if ((prop_info->flags & ZEND_ACC_PRIVATE)
253 && prop_info->ce == scope) {
254 return prop_info;
255 }
256 }
257 }
258 return NULL;
259 }
260 /* }}} */
261
zend_bad_property_access(zend_property_info * property_info,zend_class_entry * ce,zend_string * member)262 static ZEND_COLD zend_never_inline void zend_bad_property_access(zend_property_info *property_info, zend_class_entry *ce, zend_string *member) /* {{{ */
263 {
264 zend_throw_error(NULL, "Cannot access %s property %s::$%s", zend_visibility_string(property_info->flags), ZSTR_VAL(ce->name), ZSTR_VAL(member));
265 }
266 /* }}} */
267
zend_bad_property_name(void)268 static ZEND_COLD zend_never_inline void zend_bad_property_name(void) /* {{{ */
269 {
270 zend_throw_error(NULL, "Cannot access property starting with \"\\0\"");
271 }
272 /* }}} */
273
zend_forbidden_dynamic_property(zend_class_entry * ce,zend_string * member)274 static ZEND_COLD zend_never_inline void zend_forbidden_dynamic_property(
275 zend_class_entry *ce, zend_string *member) {
276 zend_throw_error(NULL, "Cannot create dynamic property %s::$%s",
277 ZSTR_VAL(ce->name), ZSTR_VAL(member));
278 }
279
zend_readonly_property_modification_scope_error(zend_class_entry * ce,zend_string * member,zend_class_entry * scope,const char * operation)280 static ZEND_COLD zend_never_inline void zend_readonly_property_modification_scope_error(
281 zend_class_entry *ce, zend_string *member, zend_class_entry *scope, const char *operation) {
282 zend_throw_error(NULL, "Cannot %s readonly property %s::$%s from %s%s",
283 operation, ZSTR_VAL(ce->name), ZSTR_VAL(member),
284 scope ? "scope " : "global scope", scope ? ZSTR_VAL(scope->name) : "");
285 }
286
zend_readonly_property_unset_error(zend_class_entry * ce,zend_string * member)287 static ZEND_COLD zend_never_inline void zend_readonly_property_unset_error(
288 zend_class_entry *ce, zend_string *member) {
289 zend_throw_error(NULL, "Cannot unset readonly property %s::$%s",
290 ZSTR_VAL(ce->name), ZSTR_VAL(member));
291 }
292
zend_get_property_offset(zend_class_entry * ce,zend_string * member,int silent,void ** cache_slot,zend_property_info ** info_ptr)293 static zend_always_inline uintptr_t zend_get_property_offset(zend_class_entry *ce, zend_string *member, int silent, void **cache_slot, zend_property_info **info_ptr) /* {{{ */
294 {
295 zval *zv;
296 zend_property_info *property_info;
297 uint32_t flags;
298 zend_class_entry *scope;
299 uintptr_t offset;
300
301 if (cache_slot && EXPECTED(ce == CACHED_PTR_EX(cache_slot))) {
302 *info_ptr = CACHED_PTR_EX(cache_slot + 2);
303 return (uintptr_t)CACHED_PTR_EX(cache_slot + 1);
304 }
305
306 if (UNEXPECTED(zend_hash_num_elements(&ce->properties_info) == 0)
307 || UNEXPECTED((zv = zend_hash_find(&ce->properties_info, member)) == NULL)) {
308 if (UNEXPECTED(ZSTR_VAL(member)[0] == '\0') && ZSTR_LEN(member) != 0) {
309 if (!silent) {
310 zend_bad_property_name();
311 }
312 return ZEND_WRONG_PROPERTY_OFFSET;
313 }
314 dynamic:
315 if (cache_slot) {
316 CACHE_POLYMORPHIC_PTR_EX(cache_slot, ce, (void*)ZEND_DYNAMIC_PROPERTY_OFFSET);
317 CACHE_PTR_EX(cache_slot + 2, NULL);
318 }
319 return ZEND_DYNAMIC_PROPERTY_OFFSET;
320 }
321
322 property_info = (zend_property_info*)Z_PTR_P(zv);
323 flags = property_info->flags;
324
325 if (flags & (ZEND_ACC_CHANGED|ZEND_ACC_PRIVATE|ZEND_ACC_PROTECTED)) {
326 if (UNEXPECTED(EG(fake_scope))) {
327 scope = EG(fake_scope);
328 } else {
329 scope = zend_get_executed_scope();
330 }
331
332 if (property_info->ce != scope) {
333 if (flags & ZEND_ACC_CHANGED) {
334 zend_property_info *p = zend_get_parent_private_property(scope, ce, member);
335
336 /* If there is a public/protected instance property on ce, don't try to use a
337 * private static property on scope. If both are static, prefer the static
338 * property on scope. This will throw a static property notice, rather than
339 * a visibility error. */
340 if (p && (!(p->flags & ZEND_ACC_STATIC) || (flags & ZEND_ACC_STATIC))) {
341 property_info = p;
342 flags = property_info->flags;
343 goto found;
344 } else if (flags & ZEND_ACC_PUBLIC) {
345 goto found;
346 }
347 }
348 if (flags & ZEND_ACC_PRIVATE) {
349 if (property_info->ce != ce) {
350 goto dynamic;
351 } else {
352 wrong:
353 /* Information was available, but we were denied access. Error out. */
354 if (!silent) {
355 zend_bad_property_access(property_info, ce, member);
356 }
357 return ZEND_WRONG_PROPERTY_OFFSET;
358 }
359 } else {
360 ZEND_ASSERT(flags & ZEND_ACC_PROTECTED);
361 if (UNEXPECTED(!is_protected_compatible_scope(property_info->ce, scope))) {
362 goto wrong;
363 }
364 }
365 }
366 }
367
368 found:
369 if (UNEXPECTED(flags & ZEND_ACC_STATIC)) {
370 if (!silent) {
371 zend_error(E_NOTICE, "Accessing static property %s::$%s as non static", ZSTR_VAL(ce->name), ZSTR_VAL(member));
372 }
373 return ZEND_DYNAMIC_PROPERTY_OFFSET;
374 }
375
376 offset = property_info->offset;
377 if (EXPECTED(!ZEND_TYPE_IS_SET(property_info->type))) {
378 property_info = NULL;
379 } else {
380 *info_ptr = property_info;
381 }
382 if (cache_slot) {
383 CACHE_POLYMORPHIC_PTR_EX(cache_slot, ce, (void*)(uintptr_t)offset);
384 CACHE_PTR_EX(cache_slot + 2, property_info);
385 }
386 return offset;
387 }
388 /* }}} */
389
zend_wrong_offset(zend_class_entry * ce,zend_string * member)390 static ZEND_COLD void zend_wrong_offset(zend_class_entry *ce, zend_string *member) /* {{{ */
391 {
392 zend_property_info *dummy;
393
394 /* Trigger the correct error */
395 zend_get_property_offset(ce, member, 0, NULL, &dummy);
396 }
397 /* }}} */
398
zend_get_property_info(zend_class_entry * ce,zend_string * member,int silent)399 ZEND_API zend_property_info *zend_get_property_info(zend_class_entry *ce, zend_string *member, int silent) /* {{{ */
400 {
401 zval *zv;
402 zend_property_info *property_info;
403 uint32_t flags;
404 zend_class_entry *scope;
405
406 if (UNEXPECTED(zend_hash_num_elements(&ce->properties_info) == 0)
407 || EXPECTED((zv = zend_hash_find(&ce->properties_info, member)) == NULL)) {
408 if (UNEXPECTED(ZSTR_VAL(member)[0] == '\0') && ZSTR_LEN(member) != 0) {
409 if (!silent) {
410 zend_bad_property_name();
411 }
412 return ZEND_WRONG_PROPERTY_INFO;
413 }
414 dynamic:
415 return NULL;
416 }
417
418 property_info = (zend_property_info*)Z_PTR_P(zv);
419 flags = property_info->flags;
420
421 if (flags & (ZEND_ACC_CHANGED|ZEND_ACC_PRIVATE|ZEND_ACC_PROTECTED)) {
422 if (UNEXPECTED(EG(fake_scope))) {
423 scope = EG(fake_scope);
424 } else {
425 scope = zend_get_executed_scope();
426 }
427 if (property_info->ce != scope) {
428 if (flags & ZEND_ACC_CHANGED) {
429 zend_property_info *p = zend_get_parent_private_property(scope, ce, member);
430
431 if (p) {
432 property_info = p;
433 flags = property_info->flags;
434 goto found;
435 } else if (flags & ZEND_ACC_PUBLIC) {
436 goto found;
437 }
438 }
439 if (flags & ZEND_ACC_PRIVATE) {
440 if (property_info->ce != ce) {
441 goto dynamic;
442 } else {
443 wrong:
444 /* Information was available, but we were denied access. Error out. */
445 if (!silent) {
446 zend_bad_property_access(property_info, ce, member);
447 }
448 return ZEND_WRONG_PROPERTY_INFO;
449 }
450 } else {
451 ZEND_ASSERT(flags & ZEND_ACC_PROTECTED);
452 if (UNEXPECTED(!is_protected_compatible_scope(property_info->ce, scope))) {
453 goto wrong;
454 }
455 }
456 }
457 }
458
459 found:
460 if (UNEXPECTED(flags & ZEND_ACC_STATIC)) {
461 if (!silent) {
462 zend_error(E_NOTICE, "Accessing static property %s::$%s as non static", ZSTR_VAL(ce->name), ZSTR_VAL(member));
463 }
464 }
465 return property_info;
466 }
467 /* }}} */
468
zend_check_property_access(zend_object * zobj,zend_string * prop_info_name,bool is_dynamic)469 ZEND_API int zend_check_property_access(zend_object *zobj, zend_string *prop_info_name, bool is_dynamic) /* {{{ */
470 {
471 zend_property_info *property_info;
472 const char *class_name = NULL;
473 const char *prop_name;
474 zend_string *member;
475 size_t prop_name_len;
476
477 if (ZSTR_VAL(prop_info_name)[0] == 0) {
478 if (is_dynamic) {
479 return SUCCESS;
480 }
481
482 zend_unmangle_property_name_ex(prop_info_name, &class_name, &prop_name, &prop_name_len);
483 member = zend_string_init(prop_name, prop_name_len, 0);
484 property_info = zend_get_property_info(zobj->ce, member, 1);
485 zend_string_release_ex(member, 0);
486 if (property_info == NULL || property_info == ZEND_WRONG_PROPERTY_INFO) {
487 return FAILURE;
488 }
489
490 if (class_name[0] != '*') {
491 if (!(property_info->flags & ZEND_ACC_PRIVATE)) {
492 /* we we're looking for a private prop but found a non private one of the same name */
493 return FAILURE;
494 } else if (strcmp(ZSTR_VAL(prop_info_name)+1, ZSTR_VAL(property_info->name)+1)) {
495 /* we we're looking for a private prop but found a private one of the same name but another class */
496 return FAILURE;
497 }
498 } else {
499 ZEND_ASSERT(property_info->flags & ZEND_ACC_PROTECTED);
500 }
501 return SUCCESS;
502 } else {
503 property_info = zend_get_property_info(zobj->ce, prop_info_name, 1);
504 if (property_info == NULL) {
505 ZEND_ASSERT(is_dynamic);
506 return SUCCESS;
507 } else if (property_info == ZEND_WRONG_PROPERTY_INFO) {
508 return FAILURE;
509 }
510 return (property_info->flags & ZEND_ACC_PUBLIC) ? SUCCESS : FAILURE;
511 }
512 }
513 /* }}} */
514
zend_property_guard_dtor(zval * el)515 static void zend_property_guard_dtor(zval *el) /* {{{ */ {
516 uint32_t *ptr = (uint32_t*)Z_PTR_P(el);
517 if (EXPECTED(!(((zend_uintptr_t)ptr) & 1))) {
518 efree_size(ptr, sizeof(uint32_t));
519 }
520 }
521 /* }}} */
522
zend_get_property_guard(zend_object * zobj,zend_string * member)523 ZEND_API uint32_t *zend_get_property_guard(zend_object *zobj, zend_string *member) /* {{{ */
524 {
525 HashTable *guards;
526 zval *zv;
527 uint32_t *ptr;
528
529 ZEND_ASSERT(zobj->ce->ce_flags & ZEND_ACC_USE_GUARDS);
530 zv = zobj->properties_table + zobj->ce->default_properties_count;
531 if (EXPECTED(Z_TYPE_P(zv) == IS_STRING)) {
532 zend_string *str = Z_STR_P(zv);
533 if (EXPECTED(str == member) ||
534 /* "str" always has a pre-calculated hash value here */
535 (EXPECTED(ZSTR_H(str) == zend_string_hash_val(member)) &&
536 EXPECTED(zend_string_equal_content(str, member)))) {
537 return &Z_PROPERTY_GUARD_P(zv);
538 } else if (EXPECTED(Z_PROPERTY_GUARD_P(zv) == 0)) {
539 zval_ptr_dtor_str(zv);
540 ZVAL_STR_COPY(zv, member);
541 return &Z_PROPERTY_GUARD_P(zv);
542 } else {
543 ALLOC_HASHTABLE(guards);
544 zend_hash_init(guards, 8, NULL, zend_property_guard_dtor, 0);
545 /* mark pointer as "special" using low bit */
546 zend_hash_add_new_ptr(guards, str,
547 (void*)(((zend_uintptr_t)&Z_PROPERTY_GUARD_P(zv)) | 1));
548 zval_ptr_dtor_str(zv);
549 ZVAL_ARR(zv, guards);
550 }
551 } else if (EXPECTED(Z_TYPE_P(zv) == IS_ARRAY)) {
552 guards = Z_ARRVAL_P(zv);
553 ZEND_ASSERT(guards != NULL);
554 zv = zend_hash_find(guards, member);
555 if (zv != NULL) {
556 return (uint32_t*)(((zend_uintptr_t)Z_PTR_P(zv)) & ~1);
557 }
558 } else {
559 ZEND_ASSERT(Z_TYPE_P(zv) == IS_UNDEF);
560 ZVAL_STR_COPY(zv, member);
561 Z_PROPERTY_GUARD_P(zv) = 0;
562 return &Z_PROPERTY_GUARD_P(zv);
563 }
564 /* we have to allocate uint32_t separately because ht->arData may be reallocated */
565 ptr = (uint32_t*)emalloc(sizeof(uint32_t));
566 *ptr = 0;
567 return (uint32_t*)zend_hash_add_new_ptr(guards, member, ptr);
568 }
569 /* }}} */
570
zend_std_read_property(zend_object * zobj,zend_string * name,int type,void ** cache_slot,zval * rv)571 ZEND_API zval *zend_std_read_property(zend_object *zobj, zend_string *name, int type, void **cache_slot, zval *rv) /* {{{ */
572 {
573 zval *retval;
574 uintptr_t property_offset;
575 zend_property_info *prop_info = NULL;
576 uint32_t *guard = NULL;
577 zend_string *tmp_name = NULL;
578
579 #if DEBUG_OBJECT_HANDLERS
580 fprintf(stderr, "Read object #%d property: %s\n", zobj->handle, ZSTR_VAL(name));
581 #endif
582
583 /* make zend_get_property_info silent if we have getter - we may want to use it */
584 property_offset = zend_get_property_offset(zobj->ce, name, (type == BP_VAR_IS) || (zobj->ce->__get != NULL), cache_slot, &prop_info);
585
586 if (EXPECTED(IS_VALID_PROPERTY_OFFSET(property_offset))) {
587 retval = OBJ_PROP(zobj, property_offset);
588 if (EXPECTED(Z_TYPE_P(retval) != IS_UNDEF)) {
589 if (prop_info && UNEXPECTED(prop_info->flags & ZEND_ACC_READONLY)
590 && (type == BP_VAR_W || type == BP_VAR_RW || type == BP_VAR_UNSET)) {
591 if (Z_TYPE_P(retval) == IS_OBJECT) {
592 /* For objects, W/RW/UNSET fetch modes might not actually modify object.
593 * Similar as with magic __get() allow them, but return the value as a copy
594 * to make sure no actual modification is possible. */
595 ZVAL_COPY(rv, retval);
596 retval = rv;
597 } else {
598 zend_readonly_property_modification_error(prop_info);
599 retval = &EG(uninitialized_zval);
600 }
601 }
602 goto exit;
603 }
604 if (UNEXPECTED(Z_PROP_FLAG_P(retval) == IS_PROP_UNINIT)) {
605 /* Skip __get() for uninitialized typed properties */
606 goto uninit_error;
607 }
608 } else if (EXPECTED(IS_DYNAMIC_PROPERTY_OFFSET(property_offset))) {
609 if (EXPECTED(zobj->properties != NULL)) {
610 if (!IS_UNKNOWN_DYNAMIC_PROPERTY_OFFSET(property_offset)) {
611 uintptr_t idx = ZEND_DECODE_DYN_PROP_OFFSET(property_offset);
612
613 if (EXPECTED(idx < zobj->properties->nNumUsed * sizeof(Bucket))) {
614 Bucket *p = (Bucket*)((char*)zobj->properties->arData + idx);
615
616 if (EXPECTED(Z_TYPE(p->val) != IS_UNDEF) &&
617 (EXPECTED(p->key == name) ||
618 (EXPECTED(p->h == ZSTR_H(name)) &&
619 EXPECTED(p->key != NULL) &&
620 EXPECTED(zend_string_equal_content(p->key, name))))) {
621 retval = &p->val;
622 goto exit;
623 }
624 }
625 CACHE_PTR_EX(cache_slot + 1, (void*)ZEND_DYNAMIC_PROPERTY_OFFSET);
626 }
627 retval = zend_hash_find(zobj->properties, name);
628 if (EXPECTED(retval)) {
629 if (cache_slot) {
630 uintptr_t idx = (char*)retval - (char*)zobj->properties->arData;
631 CACHE_PTR_EX(cache_slot + 1, (void*)ZEND_ENCODE_DYN_PROP_OFFSET(idx));
632 }
633 goto exit;
634 }
635 }
636 } else if (UNEXPECTED(EG(exception))) {
637 retval = &EG(uninitialized_zval);
638 goto exit;
639 }
640
641 /* magic isset */
642 if ((type == BP_VAR_IS) && zobj->ce->__isset) {
643 zval tmp_result;
644 guard = zend_get_property_guard(zobj, name);
645
646 if (!((*guard) & IN_ISSET)) {
647 if (!tmp_name && !ZSTR_IS_INTERNED(name)) {
648 tmp_name = zend_string_copy(name);
649 }
650 GC_ADDREF(zobj);
651 ZVAL_UNDEF(&tmp_result);
652
653 *guard |= IN_ISSET;
654 zend_std_call_issetter(zobj, name, &tmp_result);
655 *guard &= ~IN_ISSET;
656
657 if (!zend_is_true(&tmp_result)) {
658 retval = &EG(uninitialized_zval);
659 OBJ_RELEASE(zobj);
660 zval_ptr_dtor(&tmp_result);
661 goto exit;
662 }
663
664 zval_ptr_dtor(&tmp_result);
665 if (zobj->ce->__get && !((*guard) & IN_GET)) {
666 goto call_getter;
667 }
668 OBJ_RELEASE(zobj);
669 } else if (zobj->ce->__get && !((*guard) & IN_GET)) {
670 goto call_getter_addref;
671 }
672 } else if (zobj->ce->__get) {
673 /* magic get */
674 guard = zend_get_property_guard(zobj, name);
675 if (!((*guard) & IN_GET)) {
676 /* have getter - try with it! */
677 call_getter_addref:
678 GC_ADDREF(zobj);
679 call_getter:
680 *guard |= IN_GET; /* prevent circular getting */
681 zend_std_call_getter(zobj, name, rv);
682 *guard &= ~IN_GET;
683
684 if (Z_TYPE_P(rv) != IS_UNDEF) {
685 retval = rv;
686 if (!Z_ISREF_P(rv) &&
687 (type == BP_VAR_W || type == BP_VAR_RW || type == BP_VAR_UNSET)) {
688 if (UNEXPECTED(Z_TYPE_P(rv) != IS_OBJECT)) {
689 zend_error(E_NOTICE, "Indirect modification of overloaded property %s::$%s has no effect", ZSTR_VAL(zobj->ce->name), ZSTR_VAL(name));
690 }
691 }
692 } else {
693 retval = &EG(uninitialized_zval);
694 }
695
696 if (UNEXPECTED(prop_info)) {
697 zend_verify_prop_assignable_by_ref(prop_info, retval, (zobj->ce->__get->common.fn_flags & ZEND_ACC_STRICT_TYPES) != 0);
698 }
699
700 OBJ_RELEASE(zobj);
701 goto exit;
702 } else if (UNEXPECTED(IS_WRONG_PROPERTY_OFFSET(property_offset))) {
703 /* Trigger the correct error */
704 zend_get_property_offset(zobj->ce, name, 0, NULL, &prop_info);
705 ZEND_ASSERT(EG(exception));
706 retval = &EG(uninitialized_zval);
707 goto exit;
708 }
709 }
710
711 uninit_error:
712 if (type != BP_VAR_IS) {
713 if (UNEXPECTED(prop_info)) {
714 zend_throw_error(NULL, "Typed property %s::$%s must not be accessed before initialization",
715 ZSTR_VAL(prop_info->ce->name),
716 ZSTR_VAL(name));
717 } else {
718 zend_error(E_WARNING, "Undefined property: %s::$%s", ZSTR_VAL(zobj->ce->name), ZSTR_VAL(name));
719 }
720 }
721 retval = &EG(uninitialized_zval);
722
723 exit:
724 zend_tmp_string_release(tmp_name);
725
726 return retval;
727 }
728 /* }}} */
729
property_uses_strict_types(void)730 static zend_always_inline bool property_uses_strict_types(void) {
731 zend_execute_data *execute_data = EG(current_execute_data);
732 return execute_data
733 && execute_data->func
734 && ZEND_CALL_USES_STRICT_TYPES(EG(current_execute_data));
735 }
736
verify_readonly_initialization_access(zend_property_info * prop_info,zend_class_entry * ce,zend_string * name,const char * operation)737 static bool verify_readonly_initialization_access(
738 zend_property_info *prop_info, zend_class_entry *ce,
739 zend_string *name, const char *operation) {
740 zend_class_entry *scope;
741 if (UNEXPECTED(EG(fake_scope))) {
742 scope = EG(fake_scope);
743 } else {
744 scope = zend_get_executed_scope();
745 }
746 if (prop_info->ce == scope) {
747 return true;
748 }
749
750 /* We may have redeclared a parent property. In that case the parent should still be
751 * allowed to initialize it. */
752 if (scope && is_derived_class(ce, scope)) {
753 zend_property_info *prop_info = zend_hash_find_ptr(&scope->properties_info, name);
754 if (prop_info) {
755 /* This should be ensured by inheritance. */
756 ZEND_ASSERT(prop_info->flags & ZEND_ACC_READONLY);
757 if (prop_info->ce == scope) {
758 return true;
759 }
760 }
761 }
762
763 zend_readonly_property_modification_scope_error(prop_info->ce, name, scope, operation);
764 return false;
765 }
766
zend_std_write_property(zend_object * zobj,zend_string * name,zval * value,void ** cache_slot)767 ZEND_API zval *zend_std_write_property(zend_object *zobj, zend_string *name, zval *value, void **cache_slot) /* {{{ */
768 {
769 zval *variable_ptr, tmp;
770 uintptr_t property_offset;
771 zend_property_info *prop_info = NULL;
772 ZEND_ASSERT(!Z_ISREF_P(value));
773
774 property_offset = zend_get_property_offset(zobj->ce, name, (zobj->ce->__set != NULL), cache_slot, &prop_info);
775
776 if (EXPECTED(IS_VALID_PROPERTY_OFFSET(property_offset))) {
777 variable_ptr = OBJ_PROP(zobj, property_offset);
778 if (Z_TYPE_P(variable_ptr) != IS_UNDEF) {
779 Z_TRY_ADDREF_P(value);
780
781 if (UNEXPECTED(prop_info)) {
782 if (UNEXPECTED(prop_info->flags & ZEND_ACC_READONLY)) {
783 Z_TRY_DELREF_P(value);
784 zend_readonly_property_modification_error(prop_info);
785 variable_ptr = &EG(error_zval);
786 goto exit;
787 }
788
789 ZVAL_COPY_VALUE(&tmp, value);
790 if (UNEXPECTED(!zend_verify_property_type(prop_info, &tmp, property_uses_strict_types()))) {
791 Z_TRY_DELREF_P(value);
792 variable_ptr = &EG(error_zval);
793 goto exit;
794 }
795 value = &tmp;
796 }
797
798 found:
799 variable_ptr = zend_assign_to_variable(
800 variable_ptr, value, IS_TMP_VAR, property_uses_strict_types());
801 goto exit;
802 }
803 if (Z_PROP_FLAG_P(variable_ptr) == IS_PROP_UNINIT) {
804 /* Writes to uninitialized typed properties bypass __set(). */
805 goto write_std_property;
806 }
807 } else if (EXPECTED(IS_DYNAMIC_PROPERTY_OFFSET(property_offset))) {
808 if (EXPECTED(zobj->properties != NULL)) {
809 if (UNEXPECTED(GC_REFCOUNT(zobj->properties) > 1)) {
810 if (EXPECTED(!(GC_FLAGS(zobj->properties) & IS_ARRAY_IMMUTABLE))) {
811 GC_DELREF(zobj->properties);
812 }
813 zobj->properties = zend_array_dup(zobj->properties);
814 }
815 if ((variable_ptr = zend_hash_find(zobj->properties, name)) != NULL) {
816 Z_TRY_ADDREF_P(value);
817 goto found;
818 }
819 }
820 } else if (UNEXPECTED(EG(exception))) {
821 variable_ptr = &EG(error_zval);
822 goto exit;
823 }
824
825 /* magic set */
826 if (zobj->ce->__set) {
827 uint32_t *guard = zend_get_property_guard(zobj, name);
828
829 if (!((*guard) & IN_SET)) {
830 GC_ADDREF(zobj);
831 (*guard) |= IN_SET; /* prevent circular setting */
832 zend_std_call_setter(zobj, name, value);
833 (*guard) &= ~IN_SET;
834 OBJ_RELEASE(zobj);
835 variable_ptr = value;
836 } else if (EXPECTED(!IS_WRONG_PROPERTY_OFFSET(property_offset))) {
837 goto write_std_property;
838 } else {
839 /* Trigger the correct error */
840 zend_wrong_offset(zobj->ce, name);
841 ZEND_ASSERT(EG(exception));
842 variable_ptr = &EG(error_zval);
843 goto exit;
844 }
845 } else {
846 ZEND_ASSERT(!IS_WRONG_PROPERTY_OFFSET(property_offset));
847 write_std_property:
848 if (EXPECTED(IS_VALID_PROPERTY_OFFSET(property_offset))) {
849 variable_ptr = OBJ_PROP(zobj, property_offset);
850
851 Z_TRY_ADDREF_P(value);
852 if (UNEXPECTED(prop_info)) {
853 if (UNEXPECTED((prop_info->flags & ZEND_ACC_READONLY)
854 && !verify_readonly_initialization_access(prop_info, zobj->ce, name, "initialize"))) {
855 Z_TRY_DELREF_P(value);
856 variable_ptr = &EG(error_zval);
857 goto exit;
858 }
859
860 ZVAL_COPY_VALUE(&tmp, value);
861 if (UNEXPECTED(!zend_verify_property_type(prop_info, &tmp, property_uses_strict_types()))) {
862 zval_ptr_dtor(value);
863 goto exit;
864 }
865 value = &tmp;
866 Z_PROP_FLAG_P(variable_ptr) = 0;
867 goto found; /* might have been updated via e.g. __toString() */
868 }
869
870 ZVAL_COPY_VALUE(variable_ptr, value);
871 } else {
872 if (UNEXPECTED(zobj->ce->ce_flags & ZEND_ACC_NO_DYNAMIC_PROPERTIES)) {
873 zend_forbidden_dynamic_property(zobj->ce, name);
874 variable_ptr = &EG(error_zval);
875 goto exit;
876 }
877
878 Z_TRY_ADDREF_P(value);
879 if (!zobj->properties) {
880 rebuild_object_properties(zobj);
881 }
882 variable_ptr = zend_hash_add_new(zobj->properties, name, value);
883 }
884 }
885
886 exit:
887 return variable_ptr;
888 }
889 /* }}} */
890
zend_bad_array_access(zend_class_entry * ce)891 static ZEND_COLD zend_never_inline void zend_bad_array_access(zend_class_entry *ce) /* {{{ */
892 {
893 zend_throw_error(NULL, "Cannot use object of type %s as array", ZSTR_VAL(ce->name));
894 }
895 /* }}} */
896
zend_std_read_dimension(zend_object * object,zval * offset,int type,zval * rv)897 ZEND_API zval *zend_std_read_dimension(zend_object *object, zval *offset, int type, zval *rv) /* {{{ */
898 {
899 zend_class_entry *ce = object->ce;
900 zval tmp_offset;
901
902 if (EXPECTED(zend_class_implements_interface(ce, zend_ce_arrayaccess) != 0)) {
903 if (offset == NULL) {
904 /* [] construct */
905 ZVAL_NULL(&tmp_offset);
906 } else {
907 ZVAL_COPY_DEREF(&tmp_offset, offset);
908 }
909
910 GC_ADDREF(object);
911 if (type == BP_VAR_IS) {
912 zend_call_method_with_1_params(object, ce, NULL, "offsetexists", rv, &tmp_offset);
913 if (UNEXPECTED(Z_ISUNDEF_P(rv))) {
914 OBJ_RELEASE(object);
915 zval_ptr_dtor(&tmp_offset);
916 return NULL;
917 }
918 if (!i_zend_is_true(rv)) {
919 OBJ_RELEASE(object);
920 zval_ptr_dtor(&tmp_offset);
921 zval_ptr_dtor(rv);
922 return &EG(uninitialized_zval);
923 }
924 zval_ptr_dtor(rv);
925 }
926
927 zend_call_method_with_1_params(object, ce, NULL, "offsetget", rv, &tmp_offset);
928
929 OBJ_RELEASE(object);
930 zval_ptr_dtor(&tmp_offset);
931
932 if (UNEXPECTED(Z_TYPE_P(rv) == IS_UNDEF)) {
933 if (UNEXPECTED(!EG(exception))) {
934 zend_throw_error(NULL, "Undefined offset for object of type %s used as array", ZSTR_VAL(ce->name));
935 }
936 return NULL;
937 }
938 return rv;
939 } else {
940 zend_bad_array_access(ce);
941 return NULL;
942 }
943 }
944 /* }}} */
945
zend_std_write_dimension(zend_object * object,zval * offset,zval * value)946 ZEND_API void zend_std_write_dimension(zend_object *object, zval *offset, zval *value) /* {{{ */
947 {
948 zend_class_entry *ce = object->ce;
949 zval tmp_offset;
950
951 if (EXPECTED(zend_class_implements_interface(ce, zend_ce_arrayaccess) != 0)) {
952 if (!offset) {
953 ZVAL_NULL(&tmp_offset);
954 } else {
955 ZVAL_COPY_DEREF(&tmp_offset, offset);
956 }
957 GC_ADDREF(object);
958 zend_call_method_with_2_params(object, ce, NULL, "offsetset", NULL, &tmp_offset, value);
959 OBJ_RELEASE(object);
960 zval_ptr_dtor(&tmp_offset);
961 } else {
962 zend_bad_array_access(ce);
963 }
964 }
965 /* }}} */
966
zend_std_has_dimension(zend_object * object,zval * offset,int check_empty)967 ZEND_API int zend_std_has_dimension(zend_object *object, zval *offset, int check_empty) /* {{{ */
968 {
969 zend_class_entry *ce = object->ce;
970 zval retval, tmp_offset;
971 int result;
972
973 if (EXPECTED(zend_class_implements_interface(ce, zend_ce_arrayaccess) != 0)) {
974 ZVAL_COPY_DEREF(&tmp_offset, offset);
975 GC_ADDREF(object);
976 zend_call_method_with_1_params(object, ce, NULL, "offsetexists", &retval, &tmp_offset);
977 result = i_zend_is_true(&retval);
978 zval_ptr_dtor(&retval);
979 if (check_empty && result && EXPECTED(!EG(exception))) {
980 zend_call_method_with_1_params(object, ce, NULL, "offsetget", &retval, &tmp_offset);
981 result = i_zend_is_true(&retval);
982 zval_ptr_dtor(&retval);
983 }
984 OBJ_RELEASE(object);
985 zval_ptr_dtor(&tmp_offset);
986 } else {
987 zend_bad_array_access(ce);
988 return 0;
989 }
990 return result;
991 }
992 /* }}} */
993
zend_std_get_property_ptr_ptr(zend_object * zobj,zend_string * name,int type,void ** cache_slot)994 ZEND_API zval *zend_std_get_property_ptr_ptr(zend_object *zobj, zend_string *name, int type, void **cache_slot) /* {{{ */
995 {
996 zval *retval = NULL;
997 uintptr_t property_offset;
998 zend_property_info *prop_info = NULL;
999
1000 #if DEBUG_OBJECT_HANDLERS
1001 fprintf(stderr, "Ptr object #%d property: %s\n", zobj->handle, ZSTR_VAL(name));
1002 #endif
1003
1004 property_offset = zend_get_property_offset(zobj->ce, name, (zobj->ce->__get != NULL), cache_slot, &prop_info);
1005
1006 if (EXPECTED(IS_VALID_PROPERTY_OFFSET(property_offset))) {
1007 retval = OBJ_PROP(zobj, property_offset);
1008 if (UNEXPECTED(Z_TYPE_P(retval) == IS_UNDEF)) {
1009 if (EXPECTED(!zobj->ce->__get) ||
1010 UNEXPECTED((*zend_get_property_guard(zobj, name)) & IN_GET) ||
1011 UNEXPECTED(prop_info && Z_PROP_FLAG_P(retval) == IS_PROP_UNINIT)) {
1012 if (UNEXPECTED(type == BP_VAR_RW || type == BP_VAR_R)) {
1013 if (UNEXPECTED(prop_info)) {
1014 zend_throw_error(NULL,
1015 "Typed property %s::$%s must not be accessed before initialization",
1016 ZSTR_VAL(prop_info->ce->name),
1017 ZSTR_VAL(name));
1018 retval = &EG(error_zval);
1019 } else {
1020 ZVAL_NULL(retval);
1021 zend_error(E_WARNING, "Undefined property: %s::$%s", ZSTR_VAL(zobj->ce->name), ZSTR_VAL(name));
1022 }
1023 } else if (prop_info && UNEXPECTED(prop_info->flags & ZEND_ACC_READONLY)
1024 && !verify_readonly_initialization_access(prop_info, zobj->ce, name, "initialize")) {
1025 retval = &EG(error_zval);
1026 }
1027 } else {
1028 /* we do have getter - fail and let it try again with usual get/set */
1029 retval = NULL;
1030 }
1031 } else if (prop_info && UNEXPECTED(prop_info->flags & ZEND_ACC_READONLY)) {
1032 /* Readonly property, delegate to read_property + write_property. */
1033 retval = NULL;
1034 }
1035 } else if (EXPECTED(IS_DYNAMIC_PROPERTY_OFFSET(property_offset))) {
1036 if (EXPECTED(zobj->properties)) {
1037 if (UNEXPECTED(GC_REFCOUNT(zobj->properties) > 1)) {
1038 if (EXPECTED(!(GC_FLAGS(zobj->properties) & IS_ARRAY_IMMUTABLE))) {
1039 GC_DELREF(zobj->properties);
1040 }
1041 zobj->properties = zend_array_dup(zobj->properties);
1042 }
1043 if (EXPECTED((retval = zend_hash_find(zobj->properties, name)) != NULL)) {
1044 return retval;
1045 }
1046 }
1047 if (EXPECTED(!zobj->ce->__get) ||
1048 UNEXPECTED((*zend_get_property_guard(zobj, name)) & IN_GET)) {
1049 if (UNEXPECTED(zobj->ce->ce_flags & ZEND_ACC_NO_DYNAMIC_PROPERTIES)) {
1050 zend_forbidden_dynamic_property(zobj->ce, name);
1051 return &EG(error_zval);
1052 }
1053 if (UNEXPECTED(!zobj->properties)) {
1054 rebuild_object_properties(zobj);
1055 }
1056 retval = zend_hash_update(zobj->properties, name, &EG(uninitialized_zval));
1057 /* Notice is thrown after creation of the property, to avoid EG(std_property_info)
1058 * being overwritten in an error handler. */
1059 if (UNEXPECTED(type == BP_VAR_RW || type == BP_VAR_R)) {
1060 zend_error(E_WARNING, "Undefined property: %s::$%s", ZSTR_VAL(zobj->ce->name), ZSTR_VAL(name));
1061 }
1062 }
1063 } else if (zobj->ce->__get == NULL) {
1064 retval = &EG(error_zval);
1065 }
1066
1067 return retval;
1068 }
1069 /* }}} */
1070
zend_std_unset_property(zend_object * zobj,zend_string * name,void ** cache_slot)1071 ZEND_API void zend_std_unset_property(zend_object *zobj, zend_string *name, void **cache_slot) /* {{{ */
1072 {
1073 uintptr_t property_offset;
1074 zend_property_info *prop_info = NULL;
1075
1076 property_offset = zend_get_property_offset(zobj->ce, name, (zobj->ce->__unset != NULL), cache_slot, &prop_info);
1077
1078 if (EXPECTED(IS_VALID_PROPERTY_OFFSET(property_offset))) {
1079 zval *slot = OBJ_PROP(zobj, property_offset);
1080
1081 if (Z_TYPE_P(slot) != IS_UNDEF) {
1082 if (UNEXPECTED(prop_info && (prop_info->flags & ZEND_ACC_READONLY))) {
1083 zend_readonly_property_unset_error(prop_info->ce, name);
1084 return;
1085 }
1086 if (UNEXPECTED(Z_ISREF_P(slot)) &&
1087 (ZEND_DEBUG || ZEND_REF_HAS_TYPE_SOURCES(Z_REF_P(slot)))) {
1088 if (prop_info) {
1089 ZEND_REF_DEL_TYPE_SOURCE(Z_REF_P(slot), prop_info);
1090 }
1091 }
1092 zval tmp;
1093 ZVAL_COPY_VALUE(&tmp, slot);
1094 ZVAL_UNDEF(slot);
1095 zval_ptr_dtor(&tmp);
1096 if (zobj->properties) {
1097 HT_FLAGS(zobj->properties) |= HASH_FLAG_HAS_EMPTY_IND;
1098 }
1099 return;
1100 }
1101 if (UNEXPECTED(Z_PROP_FLAG_P(slot) == IS_PROP_UNINIT)) {
1102 if (UNEXPECTED(prop_info && (prop_info->flags & ZEND_ACC_READONLY)
1103 && !verify_readonly_initialization_access(prop_info, zobj->ce, name, "unset"))) {
1104 return;
1105 }
1106
1107 /* Reset the IS_PROP_UNINIT flag, if it exists and bypass __unset(). */
1108 Z_PROP_FLAG_P(slot) = 0;
1109 return;
1110 }
1111 } else if (EXPECTED(IS_DYNAMIC_PROPERTY_OFFSET(property_offset))
1112 && EXPECTED(zobj->properties != NULL)) {
1113 if (UNEXPECTED(GC_REFCOUNT(zobj->properties) > 1)) {
1114 if (EXPECTED(!(GC_FLAGS(zobj->properties) & IS_ARRAY_IMMUTABLE))) {
1115 GC_DELREF(zobj->properties);
1116 }
1117 zobj->properties = zend_array_dup(zobj->properties);
1118 }
1119 if (EXPECTED(zend_hash_del(zobj->properties, name) != FAILURE)) {
1120 return;
1121 }
1122 } else if (UNEXPECTED(EG(exception))) {
1123 return;
1124 }
1125
1126 /* magic unset */
1127 if (zobj->ce->__unset) {
1128 uint32_t *guard = zend_get_property_guard(zobj, name);
1129 if (!((*guard) & IN_UNSET)) {
1130 /* have unseter - try with it! */
1131 (*guard) |= IN_UNSET; /* prevent circular unsetting */
1132 zend_std_call_unsetter(zobj, name);
1133 (*guard) &= ~IN_UNSET;
1134 } else if (UNEXPECTED(IS_WRONG_PROPERTY_OFFSET(property_offset))) {
1135 /* Trigger the correct error */
1136 zend_wrong_offset(zobj->ce, name);
1137 ZEND_ASSERT(EG(exception));
1138 return;
1139 } else {
1140 /* Nothing to do: The property already does not exist. */
1141 }
1142 }
1143 }
1144 /* }}} */
1145
zend_std_unset_dimension(zend_object * object,zval * offset)1146 ZEND_API void zend_std_unset_dimension(zend_object *object, zval *offset) /* {{{ */
1147 {
1148 zend_class_entry *ce = object->ce;
1149 zval tmp_offset;
1150
1151 if (zend_class_implements_interface(ce, zend_ce_arrayaccess)) {
1152 ZVAL_COPY_DEREF(&tmp_offset, offset);
1153 GC_ADDREF(object);
1154 zend_call_method_with_1_params(object, ce, NULL, "offsetunset", NULL, &tmp_offset);
1155 OBJ_RELEASE(object);
1156 zval_ptr_dtor(&tmp_offset);
1157 } else {
1158 zend_bad_array_access(ce);
1159 }
1160 }
1161 /* }}} */
1162
zend_get_parent_private_method(zend_class_entry * scope,zend_class_entry * ce,zend_string * function_name)1163 static zend_never_inline zend_function *zend_get_parent_private_method(zend_class_entry *scope, zend_class_entry *ce, zend_string *function_name) /* {{{ */
1164 {
1165 zval *func;
1166 zend_function *fbc;
1167
1168 if (scope != ce && scope && is_derived_class(ce, scope)) {
1169 func = zend_hash_find(&scope->function_table, function_name);
1170 if (func != NULL) {
1171 fbc = Z_FUNC_P(func);
1172 if ((fbc->common.fn_flags & ZEND_ACC_PRIVATE)
1173 && fbc->common.scope == scope) {
1174 return fbc;
1175 }
1176 }
1177 }
1178 return NULL;
1179 }
1180 /* }}} */
1181
1182 /* Ensures that we're allowed to call a protected method.
1183 */
zend_check_protected(zend_class_entry * ce,zend_class_entry * scope)1184 ZEND_API int zend_check_protected(zend_class_entry *ce, zend_class_entry *scope) /* {{{ */
1185 {
1186 zend_class_entry *fbc_scope = ce;
1187
1188 /* Is the context that's calling the function, the same as one of
1189 * the function's parents?
1190 */
1191 while (fbc_scope) {
1192 if (fbc_scope==scope) {
1193 return 1;
1194 }
1195 fbc_scope = fbc_scope->parent;
1196 }
1197
1198 /* Is the function's scope the same as our current object context,
1199 * or any of the parents of our context?
1200 */
1201 while (scope) {
1202 if (scope==ce) {
1203 return 1;
1204 }
1205 scope = scope->parent;
1206 }
1207 return 0;
1208 }
1209 /* }}} */
1210
zend_get_call_trampoline_func(zend_class_entry * ce,zend_string * method_name,int is_static)1211 ZEND_API zend_function *zend_get_call_trampoline_func(zend_class_entry *ce, zend_string *method_name, int is_static) /* {{{ */
1212 {
1213 size_t mname_len;
1214 zend_op_array *func;
1215 zend_function *fbc = is_static ? ce->__callstatic : ce->__call;
1216 /* We use non-NULL value to avoid useless run_time_cache allocation.
1217 * The low bit must be zero, to not be interpreted as a MAP_PTR offset.
1218 */
1219 static const void *dummy = (void*)(intptr_t)2;
1220 static const zend_arg_info arg_info[1] = {{0}};
1221
1222 ZEND_ASSERT(fbc);
1223
1224 if (EXPECTED(EG(trampoline).common.function_name == NULL)) {
1225 func = &EG(trampoline).op_array;
1226 } else {
1227 func = ecalloc(1, sizeof(zend_op_array));
1228 }
1229
1230 func->type = ZEND_USER_FUNCTION;
1231 func->arg_flags[0] = 0;
1232 func->arg_flags[1] = 0;
1233 func->arg_flags[2] = 0;
1234 func->fn_flags = ZEND_ACC_CALL_VIA_TRAMPOLINE | ZEND_ACC_PUBLIC | ZEND_ACC_VARIADIC;
1235 if (is_static) {
1236 func->fn_flags |= ZEND_ACC_STATIC;
1237 }
1238 func->opcodes = &EG(call_trampoline_op);
1239 ZEND_MAP_PTR_INIT(func->run_time_cache, (void***)&dummy);
1240 func->scope = fbc->common.scope;
1241 /* reserve space for arguments, local and temporary variables */
1242 func->T = (fbc->type == ZEND_USER_FUNCTION)? MAX(fbc->op_array.last_var + fbc->op_array.T, 2) : 2;
1243 func->filename = (fbc->type == ZEND_USER_FUNCTION)? fbc->op_array.filename : ZSTR_EMPTY_ALLOC();
1244 func->line_start = (fbc->type == ZEND_USER_FUNCTION)? fbc->op_array.line_start : 0;
1245 func->line_end = (fbc->type == ZEND_USER_FUNCTION)? fbc->op_array.line_end : 0;
1246
1247 //??? keep compatibility for "\0" characters
1248 //??? see: Zend/tests/bug46238.phpt
1249 if (UNEXPECTED((mname_len = strlen(ZSTR_VAL(method_name))) != ZSTR_LEN(method_name))) {
1250 func->function_name = zend_string_init(ZSTR_VAL(method_name), mname_len, 0);
1251 } else {
1252 func->function_name = zend_string_copy(method_name);
1253 }
1254
1255 func->prototype = NULL;
1256 func->num_args = 0;
1257 func->required_num_args = 0;
1258 func->arg_info = (zend_arg_info *) arg_info;
1259
1260 return (zend_function*)func;
1261 }
1262 /* }}} */
1263
zend_get_user_call_function(zend_class_entry * ce,zend_string * method_name)1264 static zend_always_inline zend_function *zend_get_user_call_function(zend_class_entry *ce, zend_string *method_name) /* {{{ */
1265 {
1266 return zend_get_call_trampoline_func(ce, method_name, 0);
1267 }
1268 /* }}} */
1269
zend_bad_method_call(zend_function * fbc,zend_string * method_name,zend_class_entry * scope)1270 static ZEND_COLD zend_never_inline void zend_bad_method_call(zend_function *fbc, zend_string *method_name, zend_class_entry *scope) /* {{{ */
1271 {
1272 zend_throw_error(NULL, "Call to %s method %s::%s() from %s%s",
1273 zend_visibility_string(fbc->common.fn_flags), ZEND_FN_SCOPE_NAME(fbc), ZSTR_VAL(method_name),
1274 scope ? "scope " : "global scope",
1275 scope ? ZSTR_VAL(scope->name) : ""
1276 );
1277 }
1278 /* }}} */
1279
zend_abstract_method_call(zend_function * fbc)1280 static ZEND_COLD zend_never_inline void zend_abstract_method_call(zend_function *fbc) /* {{{ */
1281 {
1282 zend_throw_error(NULL, "Cannot call abstract method %s::%s()",
1283 ZSTR_VAL(fbc->common.scope->name), ZSTR_VAL(fbc->common.function_name));
1284 }
1285 /* }}} */
1286
zend_std_get_method(zend_object ** obj_ptr,zend_string * method_name,const zval * key)1287 ZEND_API zend_function *zend_std_get_method(zend_object **obj_ptr, zend_string *method_name, const zval *key) /* {{{ */
1288 {
1289 zend_object *zobj = *obj_ptr;
1290 zval *func;
1291 zend_function *fbc;
1292 zend_string *lc_method_name;
1293 zend_class_entry *scope;
1294 ALLOCA_FLAG(use_heap);
1295
1296 if (EXPECTED(key != NULL)) {
1297 lc_method_name = Z_STR_P(key);
1298 #ifdef ZEND_ALLOCA_MAX_SIZE
1299 use_heap = 0;
1300 #endif
1301 } else {
1302 ZSTR_ALLOCA_ALLOC(lc_method_name, ZSTR_LEN(method_name), use_heap);
1303 zend_str_tolower_copy(ZSTR_VAL(lc_method_name), ZSTR_VAL(method_name), ZSTR_LEN(method_name));
1304 }
1305
1306 if (UNEXPECTED((func = zend_hash_find(&zobj->ce->function_table, lc_method_name)) == NULL)) {
1307 if (UNEXPECTED(!key)) {
1308 ZSTR_ALLOCA_FREE(lc_method_name, use_heap);
1309 }
1310 if (zobj->ce->__call) {
1311 return zend_get_user_call_function(zobj->ce, method_name);
1312 } else {
1313 return NULL;
1314 }
1315 }
1316
1317 fbc = Z_FUNC_P(func);
1318
1319 /* Check access level */
1320 if (fbc->op_array.fn_flags & (ZEND_ACC_CHANGED|ZEND_ACC_PRIVATE|ZEND_ACC_PROTECTED)) {
1321 scope = zend_get_executed_scope();
1322
1323 if (fbc->common.scope != scope) {
1324 if (fbc->op_array.fn_flags & ZEND_ACC_CHANGED) {
1325 zend_function *updated_fbc = zend_get_parent_private_method(scope, zobj->ce, lc_method_name);
1326
1327 if (EXPECTED(updated_fbc != NULL)) {
1328 fbc = updated_fbc;
1329 goto exit;
1330 } else if (fbc->op_array.fn_flags & ZEND_ACC_PUBLIC) {
1331 goto exit;
1332 }
1333 }
1334 if (UNEXPECTED(fbc->op_array.fn_flags & ZEND_ACC_PRIVATE)
1335 || UNEXPECTED(!zend_check_protected(zend_get_function_root_class(fbc), scope))) {
1336 if (zobj->ce->__call) {
1337 fbc = zend_get_user_call_function(zobj->ce, method_name);
1338 } else {
1339 zend_bad_method_call(fbc, method_name, scope);
1340 fbc = NULL;
1341 }
1342 }
1343 }
1344 }
1345
1346 exit:
1347 if (fbc && UNEXPECTED(fbc->common.fn_flags & ZEND_ACC_ABSTRACT)) {
1348 zend_abstract_method_call(fbc);
1349 fbc = NULL;
1350 }
1351 if (UNEXPECTED(!key)) {
1352 ZSTR_ALLOCA_FREE(lc_method_name, use_heap);
1353 }
1354 return fbc;
1355 }
1356 /* }}} */
1357
zend_get_user_callstatic_function(zend_class_entry * ce,zend_string * method_name)1358 static zend_always_inline zend_function *zend_get_user_callstatic_function(zend_class_entry *ce, zend_string *method_name) /* {{{ */
1359 {
1360 return zend_get_call_trampoline_func(ce, method_name, 1);
1361 }
1362 /* }}} */
1363
get_static_method_fallback(zend_class_entry * ce,zend_string * function_name)1364 static zend_always_inline zend_function *get_static_method_fallback(
1365 zend_class_entry *ce, zend_string *function_name)
1366 {
1367 zend_object *object;
1368 if (ce->__call &&
1369 (object = zend_get_this_object(EG(current_execute_data))) != NULL &&
1370 instanceof_function(object->ce, ce)) {
1371 /* Call the top-level defined __call().
1372 * see: tests/classes/__call_004.phpt */
1373
1374 ZEND_ASSERT(object->ce->__call);
1375 return zend_get_user_call_function(object->ce, function_name);
1376 } else if (ce->__callstatic) {
1377 return zend_get_user_callstatic_function(ce, function_name);
1378 } else {
1379 return NULL;
1380 }
1381 }
1382
zend_std_get_static_method(zend_class_entry * ce,zend_string * function_name,const zval * key)1383 ZEND_API zend_function *zend_std_get_static_method(zend_class_entry *ce, zend_string *function_name, const zval *key) /* {{{ */
1384 {
1385 zend_string *lc_function_name;
1386 if (EXPECTED(key != NULL)) {
1387 lc_function_name = Z_STR_P(key);
1388 } else {
1389 lc_function_name = zend_string_tolower(function_name);
1390 }
1391
1392 zend_function *fbc;
1393 zval *func = zend_hash_find(&ce->function_table, lc_function_name);
1394 if (EXPECTED(func)) {
1395 fbc = Z_FUNC_P(func);
1396 if (!(fbc->op_array.fn_flags & ZEND_ACC_PUBLIC)) {
1397 zend_class_entry *scope = zend_get_executed_scope();
1398 if (UNEXPECTED(fbc->common.scope != scope)) {
1399 if (UNEXPECTED(fbc->op_array.fn_flags & ZEND_ACC_PRIVATE)
1400 || UNEXPECTED(!zend_check_protected(zend_get_function_root_class(fbc), scope))) {
1401 zend_function *fallback_fbc = get_static_method_fallback(ce, function_name);
1402 if (!fallback_fbc) {
1403 zend_bad_method_call(fbc, function_name, scope);
1404 }
1405 fbc = fallback_fbc;
1406 }
1407 }
1408 }
1409 } else {
1410 fbc = get_static_method_fallback(ce, function_name);
1411 }
1412
1413 if (UNEXPECTED(!key)) {
1414 zend_string_release_ex(lc_function_name, 0);
1415 }
1416
1417 if (EXPECTED(fbc)) {
1418 if (UNEXPECTED(fbc->common.fn_flags & ZEND_ACC_ABSTRACT)) {
1419 zend_abstract_method_call(fbc);
1420 fbc = NULL;
1421 } else if (UNEXPECTED(fbc->common.scope->ce_flags & ZEND_ACC_TRAIT)) {
1422 zend_error(E_DEPRECATED,
1423 "Calling static trait method %s::%s is deprecated, "
1424 "it should only be called on a class using the trait",
1425 ZSTR_VAL(fbc->common.scope->name), ZSTR_VAL(fbc->common.function_name));
1426 if (EG(exception)) {
1427 return NULL;
1428 }
1429 }
1430 }
1431
1432 return fbc;
1433 }
1434 /* }}} */
1435
zend_class_init_statics(zend_class_entry * class_type)1436 ZEND_API void zend_class_init_statics(zend_class_entry *class_type) /* {{{ */
1437 {
1438 int i;
1439 zval *p;
1440
1441 if (class_type->default_static_members_count && !CE_STATIC_MEMBERS(class_type)) {
1442 if (class_type->parent) {
1443 zend_class_init_statics(class_type->parent);
1444 }
1445
1446 ZEND_MAP_PTR_SET(class_type->static_members_table, emalloc(sizeof(zval) * class_type->default_static_members_count));
1447 for (i = 0; i < class_type->default_static_members_count; i++) {
1448 p = &class_type->default_static_members_table[i];
1449 if (Z_TYPE_P(p) == IS_INDIRECT) {
1450 zval *q = &CE_STATIC_MEMBERS(class_type->parent)[i];
1451 ZVAL_DEINDIRECT(q);
1452 ZVAL_INDIRECT(&CE_STATIC_MEMBERS(class_type)[i], q);
1453 } else {
1454 ZVAL_COPY_OR_DUP(&CE_STATIC_MEMBERS(class_type)[i], p);
1455 }
1456 }
1457 }
1458 } /* }}} */
1459
zend_std_get_static_property_with_info(zend_class_entry * ce,zend_string * property_name,int type,zend_property_info ** property_info_ptr)1460 ZEND_API zval *zend_std_get_static_property_with_info(zend_class_entry *ce, zend_string *property_name, int type, zend_property_info **property_info_ptr) /* {{{ */
1461 {
1462 zval *ret;
1463 zend_class_entry *scope;
1464 zend_property_info *property_info = zend_hash_find_ptr(&ce->properties_info, property_name);
1465 *property_info_ptr = property_info;
1466
1467 if (UNEXPECTED(property_info == NULL)) {
1468 goto undeclared_property;
1469 }
1470
1471 if (!(property_info->flags & ZEND_ACC_PUBLIC)) {
1472 if (UNEXPECTED(EG(fake_scope))) {
1473 scope = EG(fake_scope);
1474 } else {
1475 scope = zend_get_executed_scope();
1476 }
1477 if (property_info->ce != scope) {
1478 if (UNEXPECTED(property_info->flags & ZEND_ACC_PRIVATE)
1479 || UNEXPECTED(!is_protected_compatible_scope(property_info->ce, scope))) {
1480 if (type != BP_VAR_IS) {
1481 zend_bad_property_access(property_info, ce, property_name);
1482 }
1483 return NULL;
1484 }
1485 }
1486 }
1487
1488 if (UNEXPECTED((property_info->flags & ZEND_ACC_STATIC) == 0)) {
1489 undeclared_property:
1490 if (type != BP_VAR_IS) {
1491 zend_throw_error(NULL, "Access to undeclared static property %s::$%s", ZSTR_VAL(ce->name), ZSTR_VAL(property_name));
1492 }
1493 return NULL;
1494 }
1495
1496 if (UNEXPECTED(!(ce->ce_flags & ZEND_ACC_CONSTANTS_UPDATED))) {
1497 if (UNEXPECTED(zend_update_class_constants(ce)) != SUCCESS) {
1498 return NULL;
1499 }
1500 }
1501
1502 /* Ensure static properties are initialized. */
1503 if (UNEXPECTED(CE_STATIC_MEMBERS(ce) == NULL)) {
1504 zend_class_init_statics(ce);
1505 }
1506
1507 ret = CE_STATIC_MEMBERS(ce) + property_info->offset;
1508 ZVAL_DEINDIRECT(ret);
1509
1510 if (UNEXPECTED((type == BP_VAR_R || type == BP_VAR_RW)
1511 && Z_TYPE_P(ret) == IS_UNDEF && ZEND_TYPE_IS_SET(property_info->type))) {
1512 zend_throw_error(NULL, "Typed static property %s::$%s must not be accessed before initialization",
1513 ZSTR_VAL(property_info->ce->name), ZSTR_VAL(property_name));
1514 return NULL;
1515 }
1516
1517 if (UNEXPECTED(ce->ce_flags & ZEND_ACC_TRAIT)) {
1518 zend_error(E_DEPRECATED,
1519 "Accessing static trait property %s::$%s is deprecated, "
1520 "it should only be accessed on a class using the trait",
1521 ZSTR_VAL(property_info->ce->name), ZSTR_VAL(property_name));
1522 }
1523
1524 return ret;
1525 }
1526 /* }}} */
1527
zend_std_get_static_property(zend_class_entry * ce,zend_string * property_name,int type)1528 ZEND_API zval *zend_std_get_static_property(zend_class_entry *ce, zend_string *property_name, int type) /* {{{ */
1529 {
1530 zend_property_info *prop_info;
1531 return zend_std_get_static_property_with_info(ce, property_name, type, &prop_info);
1532 }
1533
zend_std_unset_static_property(zend_class_entry * ce,zend_string * property_name)1534 ZEND_API ZEND_COLD bool zend_std_unset_static_property(zend_class_entry *ce, zend_string *property_name) /* {{{ */
1535 {
1536 zend_throw_error(NULL, "Attempt to unset static property %s::$%s", ZSTR_VAL(ce->name), ZSTR_VAL(property_name));
1537 return 0;
1538 }
1539 /* }}} */
1540
zend_bad_constructor_call(zend_function * constructor,zend_class_entry * scope)1541 static ZEND_COLD zend_never_inline void zend_bad_constructor_call(zend_function *constructor, zend_class_entry *scope) /* {{{ */
1542 {
1543 if (scope) {
1544 zend_throw_error(NULL, "Call to %s %s::%s() from scope %s",
1545 zend_visibility_string(constructor->common.fn_flags), ZSTR_VAL(constructor->common.scope->name),
1546 ZSTR_VAL(constructor->common.function_name), ZSTR_VAL(scope->name)
1547 );
1548 } else {
1549 zend_throw_error(NULL, "Call to %s %s::%s() from global scope", zend_visibility_string(constructor->common.fn_flags), ZSTR_VAL(constructor->common.scope->name), ZSTR_VAL(constructor->common.function_name));
1550 }
1551 }
1552 /* }}} */
1553
zend_std_get_constructor(zend_object * zobj)1554 ZEND_API zend_function *zend_std_get_constructor(zend_object *zobj) /* {{{ */
1555 {
1556 zend_function *constructor = zobj->ce->constructor;
1557 zend_class_entry *scope;
1558
1559 if (constructor) {
1560 if (UNEXPECTED(!(constructor->op_array.fn_flags & ZEND_ACC_PUBLIC))) {
1561 if (UNEXPECTED(EG(fake_scope))) {
1562 scope = EG(fake_scope);
1563 } else {
1564 scope = zend_get_executed_scope();
1565 }
1566 if (UNEXPECTED(constructor->common.scope != scope)) {
1567 if (UNEXPECTED(constructor->op_array.fn_flags & ZEND_ACC_PRIVATE)
1568 || UNEXPECTED(!zend_check_protected(zend_get_function_root_class(constructor), scope))) {
1569 zend_bad_constructor_call(constructor, scope);
1570 constructor = NULL;
1571 }
1572 }
1573 }
1574 }
1575
1576 return constructor;
1577 }
1578 /* }}} */
1579
zend_std_compare_objects(zval * o1,zval * o2)1580 ZEND_API int zend_std_compare_objects(zval *o1, zval *o2) /* {{{ */
1581 {
1582 zend_object *zobj1, *zobj2;
1583
1584 if (Z_TYPE_P(o1) != Z_TYPE_P(o2)) {
1585 /* Object and non-object */
1586 zval casted;
1587 if (Z_TYPE_P(o1) == IS_OBJECT) {
1588 ZEND_ASSERT(Z_TYPE_P(o2) != IS_OBJECT);
1589 zend_uchar target_type = (Z_TYPE_P(o2) == IS_FALSE || Z_TYPE_P(o2) == IS_TRUE)
1590 ? _IS_BOOL : Z_TYPE_P(o2);
1591 if (Z_OBJ_HT_P(o1)->cast_object(Z_OBJ_P(o1), &casted, target_type) == FAILURE) {
1592 // TODO: Less crazy.
1593 if (target_type == IS_LONG || target_type == IS_DOUBLE) {
1594 zend_error(E_NOTICE, "Object of class %s could not be converted to %s",
1595 ZSTR_VAL(Z_OBJCE_P(o1)->name), zend_get_type_by_const(target_type));
1596 if (target_type == IS_LONG) {
1597 ZVAL_LONG(&casted, 1);
1598 } else {
1599 ZVAL_DOUBLE(&casted, 1.0);
1600 }
1601 } else {
1602 return 1;
1603 }
1604 }
1605 int ret = zend_compare(&casted, o2);
1606 zval_ptr_dtor(&casted);
1607 return ret;
1608 } else {
1609 ZEND_ASSERT(Z_TYPE_P(o2) == IS_OBJECT);
1610 zend_uchar target_type = (Z_TYPE_P(o1) == IS_FALSE || Z_TYPE_P(o1) == IS_TRUE)
1611 ? _IS_BOOL : Z_TYPE_P(o1);
1612 if (Z_OBJ_HT_P(o2)->cast_object(Z_OBJ_P(o2), &casted, target_type) == FAILURE) {
1613 // TODO: Less crazy.
1614 if (target_type == IS_LONG || target_type == IS_DOUBLE) {
1615 zend_error(E_NOTICE, "Object of class %s could not be converted to %s",
1616 ZSTR_VAL(Z_OBJCE_P(o2)->name), zend_get_type_by_const(target_type));
1617 if (target_type == IS_LONG) {
1618 ZVAL_LONG(&casted, 1);
1619 } else {
1620 ZVAL_DOUBLE(&casted, 1.0);
1621 }
1622 } else {
1623 return -1;
1624 }
1625 }
1626 int ret = zend_compare(o1, &casted);
1627 zval_ptr_dtor(&casted);
1628 return ret;
1629 }
1630 return ZEND_UNCOMPARABLE;
1631 }
1632
1633 zobj1 = Z_OBJ_P(o1);
1634 zobj2 = Z_OBJ_P(o2);
1635
1636 if (zobj1 == zobj2) {
1637 return 0; /* the same object */
1638 }
1639 if (zobj1->ce != zobj2->ce) {
1640 return ZEND_UNCOMPARABLE; /* different classes */
1641 }
1642 if (!zobj1->properties && !zobj2->properties) {
1643 zend_property_info *info;
1644 int i;
1645
1646 if (!zobj1->ce->default_properties_count) {
1647 return 0;
1648 }
1649
1650 /* It's enough to protect only one of the objects.
1651 * The second one may be referenced from the first and this may cause
1652 * false recursion detection.
1653 */
1654 /* use bitwise OR to make only one conditional jump */
1655 if (UNEXPECTED(Z_IS_RECURSIVE_P(o1))) {
1656 zend_error_noreturn(E_ERROR, "Nesting level too deep - recursive dependency?");
1657 }
1658 Z_PROTECT_RECURSION_P(o1);
1659
1660 for (i = 0; i < zobj1->ce->default_properties_count; i++) {
1661 zval *p1, *p2;
1662
1663 info = zobj1->ce->properties_info_table[i];
1664
1665 if (!info) {
1666 continue;
1667 }
1668
1669 p1 = OBJ_PROP(zobj1, info->offset);
1670 p2 = OBJ_PROP(zobj2, info->offset);
1671
1672 if (Z_TYPE_P(p1) != IS_UNDEF) {
1673 if (Z_TYPE_P(p2) != IS_UNDEF) {
1674 int ret;
1675
1676 ret = zend_compare(p1, p2);
1677 if (ret != 0) {
1678 Z_UNPROTECT_RECURSION_P(o1);
1679 return ret;
1680 }
1681 } else {
1682 Z_UNPROTECT_RECURSION_P(o1);
1683 return 1;
1684 }
1685 } else {
1686 if (Z_TYPE_P(p2) != IS_UNDEF) {
1687 Z_UNPROTECT_RECURSION_P(o1);
1688 return 1;
1689 }
1690 }
1691 }
1692
1693 Z_UNPROTECT_RECURSION_P(o1);
1694 return 0;
1695 } else {
1696 if (!zobj1->properties) {
1697 rebuild_object_properties(zobj1);
1698 }
1699 if (!zobj2->properties) {
1700 rebuild_object_properties(zobj2);
1701 }
1702 return zend_compare_symbol_tables(zobj1->properties, zobj2->properties);
1703 }
1704 }
1705 /* }}} */
1706
zend_objects_not_comparable(zval * o1,zval * o2)1707 ZEND_API int zend_objects_not_comparable(zval *o1, zval *o2)
1708 {
1709 return ZEND_UNCOMPARABLE;
1710 }
1711
zend_std_has_property(zend_object * zobj,zend_string * name,int has_set_exists,void ** cache_slot)1712 ZEND_API int zend_std_has_property(zend_object *zobj, zend_string *name, int has_set_exists, void **cache_slot) /* {{{ */
1713 {
1714 int result;
1715 zval *value = NULL;
1716 uintptr_t property_offset;
1717 zend_property_info *prop_info = NULL;
1718 zend_string *tmp_name = NULL;
1719
1720 property_offset = zend_get_property_offset(zobj->ce, name, 1, cache_slot, &prop_info);
1721
1722 if (EXPECTED(IS_VALID_PROPERTY_OFFSET(property_offset))) {
1723 value = OBJ_PROP(zobj, property_offset);
1724 if (Z_TYPE_P(value) != IS_UNDEF) {
1725 goto found;
1726 }
1727 if (UNEXPECTED(Z_PROP_FLAG_P(value) == IS_PROP_UNINIT)) {
1728 /* Skip __isset() for uninitialized typed properties */
1729 result = 0;
1730 goto exit;
1731 }
1732 } else if (EXPECTED(IS_DYNAMIC_PROPERTY_OFFSET(property_offset))) {
1733 if (EXPECTED(zobj->properties != NULL)) {
1734 if (!IS_UNKNOWN_DYNAMIC_PROPERTY_OFFSET(property_offset)) {
1735 uintptr_t idx = ZEND_DECODE_DYN_PROP_OFFSET(property_offset);
1736
1737 if (EXPECTED(idx < zobj->properties->nNumUsed * sizeof(Bucket))) {
1738 Bucket *p = (Bucket*)((char*)zobj->properties->arData + idx);
1739
1740 if (EXPECTED(Z_TYPE(p->val) != IS_UNDEF) &&
1741 (EXPECTED(p->key == name) ||
1742 (EXPECTED(p->h == ZSTR_H(name)) &&
1743 EXPECTED(p->key != NULL) &&
1744 EXPECTED(zend_string_equal_content(p->key, name))))) {
1745 value = &p->val;
1746 goto found;
1747 }
1748 }
1749 CACHE_PTR_EX(cache_slot + 1, (void*)ZEND_DYNAMIC_PROPERTY_OFFSET);
1750 }
1751 value = zend_hash_find(zobj->properties, name);
1752 if (value) {
1753 if (cache_slot) {
1754 uintptr_t idx = (char*)value - (char*)zobj->properties->arData;
1755 CACHE_PTR_EX(cache_slot + 1, (void*)ZEND_ENCODE_DYN_PROP_OFFSET(idx));
1756 }
1757 found:
1758 if (has_set_exists == ZEND_PROPERTY_NOT_EMPTY) {
1759 result = zend_is_true(value);
1760 } else if (has_set_exists < ZEND_PROPERTY_NOT_EMPTY) {
1761 ZEND_ASSERT(has_set_exists == ZEND_PROPERTY_ISSET);
1762 ZVAL_DEREF(value);
1763 result = (Z_TYPE_P(value) != IS_NULL);
1764 } else {
1765 ZEND_ASSERT(has_set_exists == ZEND_PROPERTY_EXISTS);
1766 result = 1;
1767 }
1768 goto exit;
1769 }
1770 }
1771 } else if (UNEXPECTED(EG(exception))) {
1772 result = 0;
1773 goto exit;
1774 }
1775
1776 result = 0;
1777 if ((has_set_exists != ZEND_PROPERTY_EXISTS) && zobj->ce->__isset) {
1778 uint32_t *guard = zend_get_property_guard(zobj, name);
1779
1780 if (!((*guard) & IN_ISSET)) {
1781 zval rv;
1782
1783 /* have issetter - try with it! */
1784 if (!tmp_name && !ZSTR_IS_INTERNED(name)) {
1785 tmp_name = zend_string_copy(name);
1786 }
1787 GC_ADDREF(zobj);
1788 (*guard) |= IN_ISSET; /* prevent circular getting */
1789 zend_std_call_issetter(zobj, name, &rv);
1790 result = zend_is_true(&rv);
1791 zval_ptr_dtor(&rv);
1792 if (has_set_exists == ZEND_PROPERTY_NOT_EMPTY && result) {
1793 if (EXPECTED(!EG(exception)) && zobj->ce->__get && !((*guard) & IN_GET)) {
1794 (*guard) |= IN_GET;
1795 zend_std_call_getter(zobj, name, &rv);
1796 (*guard) &= ~IN_GET;
1797 result = i_zend_is_true(&rv);
1798 zval_ptr_dtor(&rv);
1799 } else {
1800 result = 0;
1801 }
1802 }
1803 (*guard) &= ~IN_ISSET;
1804 OBJ_RELEASE(zobj);
1805 }
1806 }
1807
1808 exit:
1809 zend_tmp_string_release(tmp_name);
1810 return result;
1811 }
1812 /* }}} */
1813
zend_std_get_class_name(const zend_object * zobj)1814 ZEND_API zend_string *zend_std_get_class_name(const zend_object *zobj) /* {{{ */
1815 {
1816 return zend_string_copy(zobj->ce->name);
1817 }
1818 /* }}} */
1819
zend_std_cast_object_tostring(zend_object * readobj,zval * writeobj,int type)1820 ZEND_API int zend_std_cast_object_tostring(zend_object *readobj, zval *writeobj, int type) /* {{{ */
1821 {
1822 switch (type) {
1823 case IS_STRING: {
1824 zend_class_entry *ce = readobj->ce;
1825 if (ce->__tostring) {
1826 zval retval;
1827 GC_ADDREF(readobj);
1828 zend_call_known_instance_method_with_0_params(ce->__tostring, readobj, &retval);
1829 zend_object_release(readobj);
1830 if (EXPECTED(Z_TYPE(retval) == IS_STRING)) {
1831 ZVAL_COPY_VALUE(writeobj, &retval);
1832 return SUCCESS;
1833 }
1834 zval_ptr_dtor(&retval);
1835 if (!EG(exception)) {
1836 zend_throw_error(NULL, "Method %s::__toString() must return a string value", ZSTR_VAL(ce->name));
1837 }
1838 }
1839 return FAILURE;
1840 }
1841 case _IS_BOOL:
1842 ZVAL_TRUE(writeobj);
1843 return SUCCESS;
1844 default:
1845 return FAILURE;
1846 }
1847 }
1848 /* }}} */
1849
zend_std_get_closure(zend_object * obj,zend_class_entry ** ce_ptr,zend_function ** fptr_ptr,zend_object ** obj_ptr,bool check_only)1850 ZEND_API int zend_std_get_closure(zend_object *obj, zend_class_entry **ce_ptr, zend_function **fptr_ptr, zend_object **obj_ptr, bool check_only) /* {{{ */
1851 {
1852 zend_class_entry *ce = obj->ce;
1853 zval *func = zend_hash_find_known_hash(&ce->function_table, ZSTR_KNOWN(ZEND_STR_MAGIC_INVOKE));
1854
1855 if (func == NULL) {
1856 return FAILURE;
1857 }
1858 *fptr_ptr = Z_FUNC_P(func);
1859
1860 *ce_ptr = ce;
1861 if ((*fptr_ptr)->common.fn_flags & ZEND_ACC_STATIC) {
1862 if (obj_ptr) {
1863 *obj_ptr = NULL;
1864 }
1865 } else {
1866 if (obj_ptr) {
1867 *obj_ptr = obj;
1868 }
1869 }
1870 return SUCCESS;
1871 }
1872 /* }}} */
1873
zend_std_get_properties_for(zend_object * obj,zend_prop_purpose purpose)1874 ZEND_API HashTable *zend_std_get_properties_for(zend_object *obj, zend_prop_purpose purpose) {
1875 HashTable *ht;
1876 switch (purpose) {
1877 case ZEND_PROP_PURPOSE_DEBUG:
1878 if (obj->handlers->get_debug_info) {
1879 int is_temp;
1880 ht = obj->handlers->get_debug_info(obj, &is_temp);
1881 if (ht && !is_temp) {
1882 GC_TRY_ADDREF(ht);
1883 }
1884 return ht;
1885 }
1886 ZEND_FALLTHROUGH;
1887 case ZEND_PROP_PURPOSE_ARRAY_CAST:
1888 case ZEND_PROP_PURPOSE_SERIALIZE:
1889 case ZEND_PROP_PURPOSE_VAR_EXPORT:
1890 case ZEND_PROP_PURPOSE_JSON:
1891 ht = obj->handlers->get_properties(obj);
1892 if (ht) {
1893 GC_TRY_ADDREF(ht);
1894 }
1895 return ht;
1896 default:
1897 ZEND_UNREACHABLE();
1898 return NULL;
1899 }
1900 }
1901
zend_get_properties_for(zval * obj,zend_prop_purpose purpose)1902 ZEND_API HashTable *zend_get_properties_for(zval *obj, zend_prop_purpose purpose) {
1903 zend_object *zobj = Z_OBJ_P(obj);
1904
1905 if (zobj->handlers->get_properties_for) {
1906 return zobj->handlers->get_properties_for(zobj, purpose);
1907 }
1908
1909 return zend_std_get_properties_for(zobj, purpose);
1910 }
1911
1912 ZEND_API const zend_object_handlers std_object_handlers = {
1913 0, /* offset */
1914
1915 zend_object_std_dtor, /* free_obj */
1916 zend_objects_destroy_object, /* dtor_obj */
1917 zend_objects_clone_obj, /* clone_obj */
1918
1919 zend_std_read_property, /* read_property */
1920 zend_std_write_property, /* write_property */
1921 zend_std_read_dimension, /* read_dimension */
1922 zend_std_write_dimension, /* write_dimension */
1923 zend_std_get_property_ptr_ptr, /* get_property_ptr_ptr */
1924 zend_std_has_property, /* has_property */
1925 zend_std_unset_property, /* unset_property */
1926 zend_std_has_dimension, /* has_dimension */
1927 zend_std_unset_dimension, /* unset_dimension */
1928 zend_std_get_properties, /* get_properties */
1929 zend_std_get_method, /* get_method */
1930 zend_std_get_constructor, /* get_constructor */
1931 zend_std_get_class_name, /* get_class_name */
1932 zend_std_cast_object_tostring, /* cast_object */
1933 NULL, /* count_elements */
1934 zend_std_get_debug_info, /* get_debug_info */
1935 zend_std_get_closure, /* get_closure */
1936 zend_std_get_gc, /* get_gc */
1937 NULL, /* do_operation */
1938 zend_std_compare_objects, /* compare */
1939 NULL, /* get_properties_for */
1940 };
1941