Make visibilty check in is_callable() to be consistent with zend_std_get_method()

author Dmitry Stogov <dmitry@zend.com>

Thu, 13 Sep 2018 09:24:59 +0000 (12:24 +0300)

committer Dmitry Stogov <dmitry@zend.com>

Thu, 13 Sep 2018 09:24:59 +0000 (12:24 +0300)
author Dmitry Stogov <dmitry@zend.com>
Thu, 13 Sep 2018 09:24:59 +0000 (12:24 +0300)
committer Dmitry Stogov <dmitry@zend.com>
Thu, 13 Sep 2018 09:24:59 +0000 (12:24 +0300)
diff --git a/Zend/zend_API.c b/Zend/zend_API.c

index 0cf6ef0c082c7425828e82c79235ecf0e422170e..7f7a9d7f1aa2d0228f8c20be6646438bd60ff660 100644 (file)
--- a/Zend/zend_API.c
+++ b/Zend/zend_API.c
@@ -3097,24 +3097,17 @@ static zend_always_inline int zend_is_callable_check_func(int check_flags, zval
                                 }
                         }
                 }
-               if ((check_flags & IS_CALLABLE_CHECK_NO_ACCESS) == 0 &&
+               if (!(fcc->function_handler->common.fn_flags & ZEND_ACC_PUBLIC) &&
+                   !(check_flags & IS_CALLABLE_CHECK_NO_ACCESS) &&
                     (fcc->calling_scope &&
                      ((fcc->object && fcc->calling_scope->__call) ||
                       (!fcc->object && fcc->calling_scope->__callstatic)))) {
-                       if (fcc->function_handler->op_array.fn_flags & ZEND_ACC_PRIVATE) {
-                               scope = zend_get_executed_scope();
-                               if (!zend_check_private(fcc->function_handler, fcc->object ? fcc->object->ce : scope, lmname)) {
-                                       retval = 0;
-                                       fcc->function_handler = NULL;
-                                       goto get_function_via_handler;
-                               }
-                       } else if (fcc->function_handler->common.fn_flags & ZEND_ACC_PROTECTED) {
-                               scope = zend_get_executed_scope();
-                               if (!zend_check_protected(fcc->function_handler->common.scope, scope)) {
-                                       retval = 0;
-                                       fcc->function_handler = NULL;
-                                       goto get_function_via_handler;
-                               }
+                       scope = zend_get_executed_scope();
+                       if (fcc->function_handler->common.scope != scope
+                        || !zend_check_protected(zend_get_function_root_class(fcc->function_handler), scope)) {
+                               retval = 0;
+                               fcc->function_handler = NULL;
+                               goto get_function_via_handler;
                         }
                 }
         } else {
@@ -3200,26 +3193,18 @@ get_function_via_handler:
                                         }
                                 }
                         }
-                       if (retval && (check_flags & IS_CALLABLE_CHECK_NO_ACCESS) == 0) {
-                               if (fcc->function_handler->op_array.fn_flags & ZEND_ACC_PRIVATE) {
-                                       scope = zend_get_executed_scope();
-                                       if (!zend_check_private(fcc->function_handler, fcc->object ? fcc->object->ce : scope, lmname)) {
-                                               if (error) {
-                                                       if (*error) {
-                                                               efree(*error);
-                                                       }
-                                                       zend_spprintf(error, 0, "cannot access private method %s::%s()", ZSTR_VAL(fcc->calling_scope->name), ZSTR_VAL(fcc->function_handler->common.function_name));
-                                               }
-                                               retval = 0;
-                                       }
-                               } else if ((fcc->function_handler->common.fn_flags & ZEND_ACC_PROTECTED)) {
-                                       scope = zend_get_executed_scope();
-                                       if (!zend_check_protected(fcc->function_handler->common.scope, scope)) {
+                       if (retval
+                        && !(fcc->function_handler->common.fn_flags & ZEND_ACC_PUBLIC)
+                        && !(check_flags & IS_CALLABLE_CHECK_NO_ACCESS)) {
+                               scope = zend_get_executed_scope();
+                               if (fcc->function_handler->common.scope != scope) {
+                                       if ((fcc->function_handler->common.fn_flags & ZEND_ACC_PRIVATE)
+                                        || (!zend_check_protected(zend_get_function_root_class(fcc->function_handler), scope))) {
                                                 if (error) {
                                                         if (*error) {
                                                                 efree(*error);
                                                         }
-                                                       zend_spprintf(error, 0, "cannot access protected method %s::%s()", ZSTR_VAL(fcc->calling_scope->name), ZSTR_VAL(fcc->function_handler->common.function_name));
+                                                       zend_spprintf(error, 0, "cannot access %s method %s::%s()", zend_visibility_string(fcc->function_handler->common.fn_flags), ZSTR_VAL(fcc->calling_scope->name), ZSTR_VAL(fcc->function_handler->common.function_name));
                                                 }
                                                 retval = 0;
                                         }
author	Dmitry Stogov <dmitry@zend.com>
	Thu, 13 Sep 2018 09:24:59 +0000 (12:24 +0300)
committer	Dmitry Stogov <dmitry@zend.com>
	Thu, 13 Sep 2018 09:24:59 +0000 (12:24 +0300)