Warning to Error promotion in ext/standard
authorGeorge Peter Banyard <girgias@php.net>
Thu, 3 Sep 2020 15:43:57 +0000 (17:43 +0200)
committerGeorge Peter Banyard <girgias@php.net>
Thu, 3 Sep 2020 15:43:57 +0000 (17:43 +0200)
Those should be the last ones other than set(raw)cookie()

Closes GH-5814

ext/standard/basic_functions.c
ext/standard/dns.c
ext/standard/exec.c
ext/standard/ftok.c
ext/standard/iptc.c
ext/standard/streamsfuncs.c
ext/standard/tests/misc/exec_basic1.phpt
ext/standard/tests/network/bug68925.phpt
ext/standard/user_filters.c
ext/sysvshm/tests/001.phpt

index 7051e4a456b8e61505a3e15848c2ff60da945b6d..6ff4c3d573f3420abffec00328f7587196509b59 100755 (executable)
@@ -2647,8 +2647,8 @@ PHP_FUNCTION(parse_ini_file)
        ZEND_PARSE_PARAMETERS_END();
 
        if (filename_len == 0) {
-               php_error_docref(NULL, E_WARNING, "Filename cannot be empty!");
-               RETURN_FALSE;
+               zend_argument_value_error(1, "cannot be empty");
+               RETURN_THROWS();
        }
 
        /* Set callback function */
index cb45eeebf3f78ec043e6d3a5e6d6b539b5a5e11b..42bc93c41a34a5b478983d85818cbc5aa3b748f7 100644 (file)
@@ -210,9 +210,9 @@ PHP_FUNCTION(gethostbyname)
                Z_PARAM_STRING(hostname, hostname_len)
        ZEND_PARSE_PARAMETERS_END();
 
-       if(hostname_len > MAXFQDNLEN) {
+       if (hostname_len > MAXFQDNLEN) {
                /* name too long, protect from CVE-2015-0235 */
-               php_error_docref(NULL, E_WARNING, "Host name is too long, the limit is %d characters", MAXFQDNLEN);
+               php_error_docref(NULL, E_WARNING, "Host name cannot be longer than %d characters", MAXFQDNLEN);
                RETURN_STRINGL(hostname, hostname_len);
        }
 
@@ -233,9 +233,9 @@ PHP_FUNCTION(gethostbynamel)
                Z_PARAM_STRING(hostname, hostname_len)
        ZEND_PARSE_PARAMETERS_END();
 
-       if(hostname_len > MAXFQDNLEN) {
+       if (hostname_len > MAXFQDNLEN) {
                /* name too long, protect from CVE-2015-0235 */
-               php_error_docref(NULL, E_WARNING, "Host name is too long, the limit is %d characters", MAXFQDNLEN);
+               php_error_docref(NULL, E_WARNING, "Host name cannot be longer than %d characters", MAXFQDNLEN);
                RETURN_FALSE;
        }
 
@@ -393,8 +393,8 @@ PHP_FUNCTION(dns_check_record)
                else if (!strcasecmp("NAPTR", rectype)) type = DNS_T_NAPTR;
                else if (!strcasecmp("A6",    rectype)) type = DNS_T_A6;
                else {
-                       php_error_docref(NULL, E_WARNING, "Type '%s' not supported", rectype);
-                       RETURN_FALSE;
+                       zend_argument_value_error(2, "must be a valid DNS record type");
+                       RETURN_THROWS();
                }
        }
 
@@ -837,14 +837,13 @@ PHP_FUNCTION(dns_get_record)
 
        if (!raw) {
                if ((type_param & ~PHP_DNS_ALL) && (type_param != PHP_DNS_ANY)) {
-                       php_error_docref(NULL, E_WARNING, "Type '" ZEND_LONG_FMT "' not supported", type_param);
-                       RETURN_FALSE;
+                       zend_argument_value_error(2, "must be a DNS_* constant");
+                       RETURN_THROWS();
                }
        } else {
                if ((type_param < 1) || (type_param > 0xFFFF)) {
-                       php_error_docref(NULL, E_WARNING,
-                               "Numeric DNS record type must be between 1 and 65535, '" ZEND_LONG_FMT "' given", type_param);
-                       RETURN_FALSE;
+                       zend_argument_value_error(2, "must be between 1 and 65535 when argument #5 ($raw) is true");
+                       RETURN_THROWS();
                }
        }
 
index 81135669f5e9fce15a2ba325ea774ead4ad73210..0be8df28e82f806a68f1d5300e1e8c1f4458cef0 100644 (file)
@@ -220,12 +220,12 @@ static void php_exec_ex(INTERNAL_FUNCTION_PARAMETERS, int mode) /* {{{ */
        ZEND_PARSE_PARAMETERS_END();
 
        if (!cmd_len) {
-               php_error_docref(NULL, E_WARNING, "Cannot execute a blank command");
-               RETURN_FALSE;
+               zend_argument_value_error(1, "cannot be empty");
+               RETURN_THROWS();
        }
        if (strlen(cmd) != cmd_len) {
-               php_error_docref(NULL, E_WARNING, "NULL byte detected. Possible attack");
-               RETURN_FALSE;
+               zend_argument_type_error(1, "must not contain any null bytes");
+               RETURN_THROWS();
        }
 
        if (!ret_array) {
@@ -523,12 +523,12 @@ PHP_FUNCTION(shell_exec)
        ZEND_PARSE_PARAMETERS_END();
 
        if (!command_len) {
-               php_error_docref(NULL, E_WARNING, "Cannot execute a blank command");
-               RETURN_FALSE;
+               zend_argument_value_error(1, "cannot be empty");
+               RETURN_THROWS();
        }
        if (strlen(command) != command_len) {
-               php_error_docref(NULL, E_WARNING, "NULL byte detected. Possible attack");
-               RETURN_FALSE;
+               zend_argument_type_error(1, "must not contain any null bytes");
+               RETURN_THROWS();
        }
 
 #ifdef PHP_WIN32
index 616890d283b2c725776d16377cbc9559585b22f2..04830fb6df623a27775f8e2ada1d42a63417f020 100644 (file)
@@ -40,8 +40,8 @@ PHP_FUNCTION(ftok)
        ZEND_PARSE_PARAMETERS_END();
 
        if (pathname_len == 0){
-               php_error_docref(NULL, E_WARNING, "Pathname is invalid");
-               RETURN_LONG(-1);
+               zend_argument_value_error(1, "cannot be empty");
+               RETURN_THROWS();
        }
 
        if (proj_len != 1){
index d7d7729db88c13f8115bbdfeff6d2abf971ffc35..6e9df19c30065b9b9cb7253b0180bf513c514492 100644 (file)
@@ -193,8 +193,8 @@ PHP_FUNCTION(iptcembed)
        }
 
        if (iptcdata_len >= SIZE_MAX - sizeof(psheader) - 1025) {
-               php_error_docref(NULL, E_WARNING, "IPTC data too large");
-               RETURN_FALSE;
+               zend_argument_value_error(1, "is too large");
+               RETURN_THROWS();
        }
 
        if ((fp = VCWD_FOPEN(jpeg_file, "rb")) == 0) {
index affe637e047d7da2b43b5ec8f77e0efa089fb23d..0bc475498f3962294b1138221f2a3dfca9c5d2a3 100644 (file)
@@ -1698,8 +1698,8 @@ PHP_FUNCTION(stream_socket_shutdown)
        if (how != STREAM_SHUT_RD &&
            how != STREAM_SHUT_WR &&
            how != STREAM_SHUT_RDWR) {
-               php_error_docref(NULL, E_WARNING, "Second parameter $how needs to be one of STREAM_SHUT_RD, STREAM_SHUT_WR or STREAM_SHUT_RDWR");
-               RETURN_FALSE;
+           zend_argument_value_error(2, "must be one of STREAM_SHUT_RD, STREAM_SHUT_WR, or STREAM_SHUT_RDWR");
+               RETURN_THROWS();
        }
 
        php_stream_from_zval(stream, zstream);
index 514c116d6853ccaf8c482584e69cf2d040ce0af8..61e057b728b3c9cccfaf4bd1c9f47f7d7c4e743c 100644 (file)
@@ -8,18 +8,23 @@ exec, system, passthru  — Basic command execution functions
 --FILE--
 <?php
 $cmd = "echo abc\n\0command";
-var_dump(exec($cmd, $output));
-var_dump($output);
-var_dump(system($cmd));
-var_dump(passthru($cmd));
+try {
+    var_dump(exec($cmd, $output));
+} catch (\TypeError $e) {
+    echo $e->getMessage() . \PHP_EOL;
+}
+try {
+    var_dump(system($cmd, $output));
+} catch (\TypeError $e) {
+    echo $e->getMessage() . \PHP_EOL;
+}
+try {
+    var_dump(passthru($cmd, $output));
+} catch (\TypeError $e) {
+    echo $e->getMessage() . \PHP_EOL;
+}
 ?>
---EXPECTF--
-Warning: exec(): NULL byte detected. Possible attack in %s on line %d
-bool(false)
-NULL
-
-Warning: system(): NULL byte detected. Possible attack in %s on line %d
-bool(false)
-
-Warning: passthru(): NULL byte detected. Possible attack in %s on line %d
-bool(false)
+--EXPECT--
+exec(): Argument #1 ($command) must not contain any null bytes
+system(): Argument #1 ($command) must not contain any null bytes
+passthru(): Argument #1 ($command) must not contain any null bytes
index 764e13e0eda38d77cfa23f496000b64ce239846b..fc097e25fb301a7988cfc6869aa775c465a2e81c 100644 (file)
@@ -6,8 +6,8 @@ var_dump(gethostbyname(str_repeat("0", 2501)));
 var_dump(gethostbynamel(str_repeat("0", 2501)));
 ?>
 --EXPECTF--
-Warning: gethostbyname(): Host name is too long, the limit is %d characters in %s%ebug68925.php on line %d
+Warning: gethostbyname(): Host name cannot be longer than %d characters in %s%ebug68925.php on line %d
 string(2501) "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
 
-Warning: gethostbynamel(): Host name is too long, the limit is %d characters in %s%ebug68925.php on line %d
+Warning: gethostbynamel(): Host name cannot be longer than %d characters in %s%ebug68925.php on line %d
 bool(false)
index e60bce56be70f536779cd6899b3818f6144c5ed0..7c8e02fa28f3727b141b4d12aa97c91373ae5ac1 100644 (file)
@@ -299,11 +299,7 @@ static php_stream_filter *user_filter_factory_create(const char *filtername,
                        }
                        efree(wildcard);
                }
-               if (fdat == NULL) {
-                       php_error_docref(NULL, E_WARNING,
-                                       "Err, filter \"%s\" is not in the user-filter map, but somehow the user-filter-factory was invoked for it!?", filtername);
-                       return NULL;
-               }
+               ZEND_ASSERT(fdat);
        }
 
        /* bind the classname to the actual class */
index 55d5444b98c1eabfc241ab6d3b47251d72526d6c..106f6699ee87aa34f1863a8367beff690dc7302f 100644 (file)
@@ -7,8 +7,11 @@ if (!function_exists('ftok')){ print 'skip'; }
 ?>
 --FILE--
 <?php
-
-var_dump(ftok("",""));
+try {
+    var_dump(ftok("",""));
+} catch (\ValueError $e) {
+    echo $e->getMessage() . \PHP_EOL;
+}
 var_dump(ftok(-1, -1));
 var_dump(ftok("qwertyu","qwertyu"));
 
@@ -19,8 +22,7 @@ var_dump(ftok(__FILE__,"q"));
 echo "Done\n";
 ?>
 --EXPECTF--
-Warning: ftok(): Pathname is invalid in %s on line %d
-int(-1)
+ftok(): Argument #1 ($pathname) cannot be empty
 
 Warning: ftok(): Project identifier is invalid in %s on line %d
 int(-1)