Skip to content

Commit 278137c

Browse files
iliaaliliaal
committed
Merge branch 'PHP-8.5'
* PHP-8.5: zend_ast: Escape control bytes in exported string literals
2 parents 5f11f42 + 5b4b177 commit 278137c

2 files changed

Lines changed: 59 additions & 6 deletions

File tree

Zend/zend_ast.c

Lines changed: 20 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1636,6 +1636,23 @@ static ZEND_COLD void zend_ast_export_qstr(smart_str *str, char quote, const zen
16361636
}
16371637
}
16381638

1639+
static ZEND_COLD void zend_ast_export_quoted_str(smart_str *str, zend_string *s)
1640+
{
1641+
size_t i;
1642+
1643+
for (i = 0; i < ZSTR_LEN(s); i++) {
1644+
if ((unsigned char) ZSTR_VAL(s)[i] < ' ') {
1645+
smart_str_appendc(str, '"');
1646+
zend_ast_export_qstr(str, '"', s);
1647+
smart_str_appendc(str, '"');
1648+
return;
1649+
}
1650+
}
1651+
smart_str_appendc(str, '\'');
1652+
zend_ast_export_str(str, s);
1653+
smart_str_appendc(str, '\'');
1654+
}
1655+
16391656
static ZEND_COLD void zend_ast_export_indent(smart_str *str, int indent)
16401657
{
16411658
while (indent > 0) {
@@ -1907,9 +1924,7 @@ static ZEND_COLD void zend_ast_export_zval(smart_str *str, const zval *zv, int p
19071924
str, Z_DVAL_P(zv), (int) EG(precision), /* zero_fraction */ true);
19081925
break;
19091926
case IS_STRING:
1910-
smart_str_appendc(str, '\'');
1911-
zend_ast_export_str(str, Z_STR_P(zv));
1912-
smart_str_appendc(str, '\'');
1927+
zend_ast_export_quoted_str(str, Z_STR_P(zv));
19131928
break;
19141929
case IS_ARRAY: {
19151930
zend_long idx;
@@ -1924,9 +1939,8 @@ static ZEND_COLD void zend_ast_export_zval(smart_str *str, const zval *zv, int p
19241939
smart_str_appends(str, ", ");
19251940
}
19261941
if (key) {
1927-
smart_str_appendc(str, '\'');
1928-
zend_ast_export_str(str, key);
1929-
smart_str_appends(str, "' => ");
1942+
zend_ast_export_quoted_str(str, key);
1943+
smart_str_appends(str, " => ");
19301944
} else {
19311945
smart_str_append_long(str, idx);
19321946
smart_str_appends(str, " => ");

ext/standard/tests/assert/gh22290.phpt

Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,39 @@
1+
--TEST--
2+
GH-22290: AST pretty printing does not correctly handle strings containing NUL
3+
--INI--
4+
zend.assertions=1
5+
assert.exception=1
6+
--FILE--
7+
<?php
8+
9+
try {
10+
$string = "Foo\x00bar";
11+
assert(!str_contains($string, "\x00"));
12+
} catch (AssertionError $e) {
13+
echo $e->getMessage(), PHP_EOL;
14+
}
15+
16+
try {
17+
assert(["a\x00b" => 1] === []);
18+
} catch (AssertionError $e) {
19+
echo $e->getMessage(), PHP_EOL;
20+
}
21+
22+
try {
23+
assert("tab\there" === "");
24+
} catch (AssertionError $e) {
25+
echo $e->getMessage(), PHP_EOL;
26+
}
27+
28+
try {
29+
assert(str_contains("plain", "zzz"));
30+
} catch (AssertionError $e) {
31+
echo $e->getMessage(), PHP_EOL;
32+
}
33+
34+
?>
35+
--EXPECT--
36+
assert(!str_contains($string, "\000"))
37+
assert(["a\000b" => 1] === [])
38+
assert("tab\there" === '')
39+
assert(str_contains('plain', 'zzz'))

0 commit comments

Comments
 (0)