From: Nikita Popov Date: Sat, 24 Sep 2016 19:03:13 +0000 (+0200) Subject: Add range inference for ZEND_STRLEN X-Git-Tag: php-7.1.0RC3~32 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=db801763e4aed1083d8b348a6bdc9f9e3f752299;p=php Add range inference for ZEND_STRLEN On 32-bit systems we conservatively allow negative lengths. On 64-bit systems, the range could additionally be restricted to the canonical 48-bit size. --- diff --git a/ext/opcache/Optimizer/zend_inference.c b/ext/opcache/Optimizer/zend_inference.c index 7505e1475c..4e7db1a75b 100644 --- a/ext/opcache/Optimizer/zend_inference.c +++ b/ext/opcache/Optimizer/zend_inference.c @@ -1595,6 +1595,20 @@ int zend_inference_calc_range(const zend_op_array *op_array, zend_ssa *ssa, int } } break; + case ZEND_STRLEN: + if (ssa->ops[line].result_def == var) { +#if SIZEOF_ZEND_LONG == 4 + /* The length of a string is a non-negative integer. However, on 32-bit + * platforms overflows into negative lengths may occur, so it's better + * to not assume any particular range. */ + tmp->min = ZEND_LONG_MIN; +#else + tmp->min = 0; +#endif + tmp->max = ZEND_LONG_MAX; + return 1; + } + break; case ZEND_DO_FCALL: case ZEND_DO_ICALL: case ZEND_DO_UCALL: