handle type visibility

Author: withinboredom

Zend/zend_execute.c

@@ -1045,12 +1045,57 @@ static zend_always_inline bool i_zend_check_property_type(const zend_property_in
 	return zend_verify_scalar_type_hint(type_mask, property, strict, 0);
 }
 
+static zend_always_inline bool zend_check_class_visibility(const zend_class_entry *ce, const zend_property_info *info, uint32_t current_visibility) {
+	// a public class is always visible
+	if (!ce->required_scope) {
+		return 1;
+	}
+
+	// a protected class is visible if it is a subclass of the lexical scope and the current visibility is protected or private
+	if (!ce->required_scope_absolute) {
+		if (current_visibility & ZEND_ACC_PUBLIC) {
+			zend_type_error("Cannot assign private %s to higher visibile property %s::%s",
+				ZSTR_VAL(ce->name),
+				ZSTR_VAL(info->ce->name),
+				zend_get_unmangled_property_name(info->name));
+			return 0;
+		}
+
+		return 0;
+	}
+
+	// a private class is visible if it is the same class as the lexical scope and the current visibility is private
+	if (ce->required_scope_absolute && current_visibility & ZEND_ACC_PRIVATE) {
+		return 1;
+	}
+
+	zend_type_error("Cannot assign private %s to higher visibile property %s::%s",
+		ZSTR_VAL(ce->name),
+		ZSTR_VAL(info->ce->name),
+		zend_get_unmangled_property_name(info->name));
+
+	return 0;
+}
+
 static zend_always_inline bool i_zend_verify_property_type(const zend_property_info *info, zval *property, bool strict)
 {
+	if(Z_TYPE_P(property) == IS_OBJECT && !zend_check_class_visibility(Z_OBJCE_P(property), info, info->flags)) {
+		zend_verify_property_type_error(info, property);
+		return 0;
+	}
+
 	if (i_zend_check_property_type(info, property, strict)) {
 		return 1;
 	}
 
+        // todo:
+        // 1: add a flag to the type so we can tell the type is an inner class
+        // 2: use said flag to flag the property info
+        // 3: same with parameters/args too
+        // 4: create a simple function to take a visibility flag and ce, it should return SUCCESS if the ce can be used
+        // 5: if we have an inner class in a prop/arg, we validate it can be returned (do not autoload) by looping over types
+        //    that are inner classes and looking up the ce. If it is not autoloaded, then it is not going to match the type anyway.
+
 	zend_verify_property_type_error(info, property);
 	return 0;
 }

Zend/zend_object_handlers.c

@@ -401,6 +401,10 @@ static zend_always_inline uintptr_t zend_get_property_offset(zend_class_entry *c
 				if (property_info->ce != ce) {
 					goto dynamic;
 				} else {
+					if (scope && scope->lexical_scope && scope->lexical_scope == ce) {
+						// Allow access to private properties from within the same outer class
+						goto found;
+					}
 wrong:
 					/* Information was available, but we were denied access.  Error out. */
 					if (!silent) {

Zend/zend_vm_def.h

@@ -1869,12 +1869,22 @@ ZEND_VM_HANDLER(210, ZEND_FETCH_INNER_CLASS, CONST|TMPVAR|UNUSED, CONST, CACHE_S
 	}
 
 	if (inner_ce->required_scope) {
-		if (inner_ce->required_scope_absolute && inner_ce->required_scope != scope) {
-			zend_error(E_ERROR, "Class '%s' is private", ZSTR_VAL(full_class_name));
-			HANDLE_EXCEPTION();
-		} else if (scope == NULL || !instanceof_function(scope, inner_ce->required_scope)) {
-			zend_error(E_ERROR, "Class '%s' is protected", ZSTR_VAL(full_class_name));
-			HANDLE_EXCEPTION();
+		if (inner_ce->required_scope_absolute) {
+			// for private classes, we check if the scope we are currently in has access
+			if (scope != NULL && (inner_ce->required_scope == scope || scope->lexical_scope == inner_ce->required_scope)) {
+				// we are in the correct scope
+			} else {
+				zend_error(E_ERROR, "Class '%s' is private", ZSTR_VAL(full_class_name));
+				HANDLE_EXCEPTION();
+			}
+		} else {
+			// for protected classes, we check if the scope is an instance of the required scope
+			if (scope != NULL && (instanceof_function(scope, inner_ce->required_scope) || instanceof_function(scope->lexical_scope, inner_ce->required_scope))) {
+				// we are in the correct scope
+			} else {
+				zend_error(E_ERROR, "Class '%s' is protected", ZSTR_VAL(full_class_name));
+				HANDLE_EXCEPTION();
+			}
 		}
 	}
 

tests/classes/inner_classes/properties_001.phpt

@@ -4,20 +4,22 @@ outer class visibility
 <?php
 
 class Outer {
-    private class Inner {}
-    private class Other {
-        public function __construct(private Outer:>Inner $inner) {}
+        private class Inner {}
+        public Outer:>Inner $illegal;
 
-        public function reset(): void {
-            $prev = $this->inner;
-            $this->inner = new Outer:>Inner();
-            var_dump($prev === $this->inner);
+        public function test(): void {
+                $this->illegal = new Outer:>Inner();
         }
-    }
-    public static function test(): void {
-        new self:>Other(new Outer:>Inner());
-    }
 }
-Outer::test();
+
+$x = new Outer();
+$x->test();
+
+var_dump($x);
 ?>
---EXPECT--
+--EXPECTF--
+Fatal error: Uncaught TypeError: Cannot assign private Outer:>Inner to higher visibile property Outer::illegal in %s:%d
+Stack trace:
+#0 %s(%d): Outer->test()
+#1 {main}
+  thrown in %s on line %d

tests/classes/inner_classes/visibility_001.phpt

@@ -0,0 +1,30 @@
+--TEST--
+accessing outer class private vars
+--FILE--
+<?php
+
+class Outer {
+        private class Inner {
+                public function test(Outer $i) {
+                        $i->illegal = $this;
+                }
+        }
+        private Outer:>Inner $illegal;
+
+        public function test(): void {
+                new Outer:>Inner()->test($this);
+        }
+}
+
+$x = new Outer();
+$x->test();
+
+var_dump($x);
+
+?>
+--EXPECT--
+object(Outer)#1 (1) {
+  ["illegal":"Outer":private]=>
+  object(Outer:>Inner)#2 (0) {
+  }
+}

tests/classes/inner_classes/visibility_002.phpt

@@ -0,0 +1,30 @@
+--TEST--
+accessing outer protected vars
+--FILE--
+<?php
+
+class Outer {
+        private class Inner {
+                public function test(Outer $i) {
+                        $i->illegal = $this;
+                }
+        }
+        private Outer:>Inner $illegal;
+
+        public function test(): void {
+                new Outer:>Inner()->test($this);
+        }
+}
+
+$x = new Outer();
+$x->test();
+
+var_dump($x);
+
+?>
+--EXPECT--
+object(Outer)#1 (1) {
+  ["illegal":"Outer":private]=>
+  object(Outer:>Inner)#2 (0) {
+  }
+}

tests/classes/inner_classes/visibility_003.phpt

@@ -0,0 +1,25 @@
+--TEST--
+outer class visibility
+--FILE--
+<?php
+
+class Outer {
+        protected class Inner {}
+        public Outer:>Inner $illegal;
+
+        public function test(): void {
+                $this->illegal = new Outer:>Inner();
+        }
+}
+
+$x = new Outer();
+$x->test();
+
+var_dump($x);
+?>
+--EXPECTF--
+Fatal error: Uncaught TypeError: Cannot assign private Outer:>Inner to higher visibile property Outer::illegal in %s:%d
+Stack trace:
+#0 %s(%d): Outer->test()
+#1 {main}
+  thrown in %s on line %d