Fuzzer zts stuff

Girgias · Girgias · commit 5bf575355389 · 2024-05-25T15:20:33.000+02:00
diff --git a/main/php_version.h b/main/php_version.h
@@ -1,8 +1,8 @@
 /* automatically generated by configure */
 /* edit configure.ac to change version number */
 #define PHP_MAJOR_VERSION 8
-#define PHP_MINOR_VERSION 4
+#define PHP_MINOR_VERSION 3
 #define PHP_RELEASE_VERSION 0
 #define PHP_EXTRA_VERSION "-dev"
-#define PHP_VERSION "8.4.0-dev"
-#define PHP_VERSION_ID 80400
+#define PHP_VERSION "8.3.0-dev"
+#define PHP_VERSION_ID 80300
diff --git a/sapi/fuzzer/fuzzer-json.c b/sapi/fuzzer/fuzzer-json.c
@@ -20,6 +20,7 @@
 #include "fuzzer.h"
 
 #include "Zend/zend.h"
+#include "main/php.h"
 #include "main/php_config.h"
 #include "main/php_main.h"
 
diff --git a/sapi/fuzzer/fuzzer-sapi.c b/sapi/fuzzer/fuzzer-sapi.c
@@ -56,8 +56,6 @@ static const char HARDCODED_INI[] =
 	",crypt"
 	/* openlog() has a known memory-management issue. */
 	",openlog"
-	/* Can cause long loops that bypass the executor step limit. */
-	"\ndisable_classes=InfiniteIterator"
 ;
 
 static int startup(sapi_module_struct *sapi_module)
@@ -128,6 +126,21 @@ static sapi_module_struct fuzzer_module = {
 	STANDARD_SAPI_MODULE_PROPERTIES
 };
 
+static ZEND_COLD zend_object *disable_class_create_handler(zend_class_entry *class_type) /* {{{ */
+{
+	zend_throw_error(NULL, "Cannot construct class %s, as it is disabled", ZSTR_VAL(class_type->name));
+	return NULL;
+}
+
+static void fuzzer_disable_classes(void)
+{
+	/* Overwrite built-in constructor for InfiniteIterator as it
+	 * can cause long loops that bypass the executor step limit. */
+	/* Lowercase as this is how the CE as stored */
+	zend_class_entry *InfiniteIterator_class = zend_hash_str_find(CG(class_table), "infiniteiterator", strlen("infiniteiterator"));
+	InfiniteIterator_class->create_object = disable_class_create_handler;
+}
+
 int fuzzer_init_php(const char *extra_ini)
 {
 #ifdef __SANITIZE_ADDRESS__
@@ -183,6 +196,8 @@ int fuzzer_request_startup(void)
 	SIGG(check) = 0;
 #endif
 
+	fuzzer_disable_classes();
+
 	return SUCCESS;
 }
 
diff --git a/sapi/fuzzer/fuzzer-unserialize.c b/sapi/fuzzer/fuzzer-unserialize.c
@@ -18,6 +18,7 @@
 #include "fuzzer.h"
 
 #include "Zend/zend.h"
+#include "main/php.h"
 #include "main/php_config.h"
 #include "main/php_main.h"
 
diff --git a/sapi/fuzzer/fuzzer-unserializehash.c b/sapi/fuzzer/fuzzer-unserializehash.c
@@ -16,6 +16,7 @@
 #include "fuzzer.h"
 
 #include "Zend/zend.h"
+#include "main/php.h"
 #include "main/php_config.h"
 #include "main/php_main.h"
 
