From: Christoph M. Becker Date: Thu, 12 Jul 2018 13:05:56 +0000 (+0200) Subject: Fix #33502: Some nullary functions don't check the number of arguments X-Git-Tag: php-7.3.0alpha4~32 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=6c630eefcb4936dab30d315b672f9eee0e485369;p=php Fix #33502: Some nullary functions don't check the number of arguments We add the missing zend_parse_parameters_none() checks for: * output_reset_rewrite_vars() * func_num_args() * gc_status() * gc_disable() * gc_enable() * gc_enabled() * gc_collect_cycles() * gc_mem_caches() * zend_version() --- diff --git a/NEWS b/NEWS index 6153423236..928ddfb861 100644 --- a/NEWS +++ b/NEWS @@ -3,6 +3,8 @@ PHP NEWS ?? ??? ????, PHP 7.3.0beta1 - Core: + . Fixed bug #33502 (Some nullary functions don't check the number of + arguments). (cmb) . Fixed bug #76392 (Error relocating sapi/cli/php: unsupported relocation type 37). (Peter Kokot) diff --git a/Zend/zend_builtin_functions.c b/Zend/zend_builtin_functions.c index 30e6094930..57e5d77380 100644 --- a/Zend/zend_builtin_functions.c +++ b/Zend/zend_builtin_functions.c @@ -338,6 +338,10 @@ int zend_startup_builtin_functions(void) /* {{{ */ Get the version of the Zend Engine */ ZEND_FUNCTION(zend_version) { + if (zend_parse_parameters_none() == FAILURE) { + return; + } + RETURN_STRINGL(ZEND_VERSION, sizeof(ZEND_VERSION)-1); } /* }}} */ @@ -347,6 +351,10 @@ ZEND_FUNCTION(zend_version) Returns number of freed bytes */ ZEND_FUNCTION(gc_mem_caches) { + if (zend_parse_parameters_none() == FAILURE) { + return; + } + RETURN_LONG(zend_mm_gc(zend_mm_get_heap())); } /* }}} */ @@ -356,6 +364,10 @@ ZEND_FUNCTION(gc_mem_caches) Returns number of freed zvals */ ZEND_FUNCTION(gc_collect_cycles) { + if (zend_parse_parameters_none() == FAILURE) { + return; + } + RETURN_LONG(gc_collect_cycles()); } /* }}} */ @@ -364,6 +376,10 @@ ZEND_FUNCTION(gc_collect_cycles) Returns status of the circular reference collector */ ZEND_FUNCTION(gc_enabled) { + if (zend_parse_parameters_none() == FAILURE) { + return; + } + RETURN_BOOL(gc_enabled()); } /* }}} */ @@ -372,7 +388,13 @@ ZEND_FUNCTION(gc_enabled) Activates the circular reference collector */ ZEND_FUNCTION(gc_enable) { - zend_string *key = zend_string_init("zend.enable_gc", sizeof("zend.enable_gc")-1, 0); + zend_string *key; + + if (zend_parse_parameters_none() == FAILURE) { + return; + } + + key = zend_string_init("zend.enable_gc", sizeof("zend.enable_gc")-1, 0); zend_alter_ini_entry_chars(key, "1", sizeof("1")-1, ZEND_INI_USER, ZEND_INI_STAGE_RUNTIME); zend_string_release_ex(key, 0); } @@ -382,7 +404,13 @@ ZEND_FUNCTION(gc_enable) Deactivates the circular reference collector */ ZEND_FUNCTION(gc_disable) { - zend_string *key = zend_string_init("zend.enable_gc", sizeof("zend.enable_gc")-1, 0); + zend_string *key; + + if (zend_parse_parameters_none() == FAILURE) { + return; + } + + key = zend_string_init("zend.enable_gc", sizeof("zend.enable_gc")-1, 0); zend_alter_ini_entry_chars(key, "0", sizeof("0")-1, ZEND_INI_USER, ZEND_INI_STAGE_RUNTIME); zend_string_release_ex(key, 0); } @@ -394,6 +422,10 @@ ZEND_FUNCTION(gc_status) { zend_gc_status status; + if (zend_parse_parameters_none() == FAILURE) { + return; + } + zend_gc_get_status(&status); array_init_size(return_value, 3); @@ -411,6 +443,10 @@ ZEND_FUNCTION(func_num_args) { zend_execute_data *ex = EX(prev_execute_data); + if (zend_parse_parameters_none() == FAILURE) { + return; + } + if (ZEND_CALL_INFO(ex) & ZEND_CALL_CODE) { zend_error(E_WARNING, "func_num_args(): Called from the global scope - no function context"); RETURN_LONG(-1); diff --git a/main/output.c b/main/output.c index 8518aa7c16..5d9acb6210 100644 --- a/main/output.c +++ b/main/output.c @@ -1543,6 +1543,10 @@ PHP_FUNCTION(ob_implicit_flush) Reset(clear) URL rewriter values */ PHP_FUNCTION(output_reset_rewrite_vars) { + if (zend_parse_parameters_none() == FAILURE) { + return; + } + if (php_url_scanner_reset_vars() == SUCCESS) { RETURN_TRUE; } else {