Skip to content

Restrict allowed usages of $GLOBALS #6487

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 4 commits into from
Closed

Restrict allowed usages of $GLOBALS #6487

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
5619f27
Restrict allowed usages of $GLOBALS
nikic Dec 2, 2020
8856f92
Remove some INDIRECT handling in VM
nikic Dec 3, 2020
e89f220
Remove some INDIRECT handling in array functions
nikic Dec 3, 2020
a9a489c
Remove unnecessary zend_array_count() uses
nikic Dec 3, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 0 additions & 1 deletion Zend/tests/array_self_add_globals.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@
Add $GLOBALS to itself
--FILE--
<?php
$GLOBALS += $GLOBALS;
$x = $GLOBALS + $GLOBALS;
?>
===DONE===
Expand Down
15 changes: 0 additions & 15 deletions Zend/tests/bug71539_6.phpt
View file
Open in desktop

This file was deleted.

17 changes: 0 additions & 17 deletions Zend/tests/bug71695.phpt
View file
Open in desktop

This file was deleted.

21 changes: 0 additions & 21 deletions Zend/tests/gc_010.phpt
View file
Open in desktop

This file was deleted.

2 changes: 1 addition & 1 deletion Zend/tests/globals_001.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,6 @@ string(%d) "%s"
Warning: Undefined array key "PHP_SELF" in %s on line %d
NULL

Warning: Undefined variable $_SERVER in %s on line %d
Warning: Undefined global variable $_SERVER in %s on line %d
NULL
Done
2 changes: 1 addition & 1 deletion Zend/tests/globals_002.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,6 @@ string(%d) "%s"
Warning: Undefined array key "PHP_SELF" in %s on line %d
NULL

Warning: Undefined variable $_SERVER in %s on line %d
Warning: Undefined global variable $_SERVER in %s on line %d
NULL
Done
2 changes: 1 addition & 1 deletion Zend/tests/globals_003.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,6 @@ string(%d) "%s"
Warning: Undefined array key "PHP_SELF" in %s on line %d
NULL

Warning: Undefined variable $_SERVER in %s on line %d
Warning: Undefined global variable $_SERVER in %s on line %d
NULL
Done
2 changes: 1 addition & 1 deletion Zend/tests/globals_004.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,6 @@ string(%d) "%s"
Warning: Undefined array key "PHP_SELF" in %s on line %d
NULL

Warning: Undefined variable $_SERVER in %s on line %d
Warning: Undefined global variable $_SERVER in %s on line %d
NULL
Done
11 changes: 11 additions & 0 deletions Zend/tests/restrict_globals/globals_in_globals.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
--TEST--
$GLOBALS no longer contains 'GLOBALS'
--FILE--
<?php

$g = $GLOBALS;
var_dump(isset($g['GLOBALS']));

?>
--EXPECT--
bool(false)
10 changes: 10 additions & 0 deletions Zend/tests/restrict_globals/invalid_assign.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
--TEST--
Cannot assign to $GLOBALS
--FILE--
<?php

$GLOBALS = [];

?>
--EXPECTF--
Fatal error: $GLOBALS can only be modified using the $GLOBALS[$name] = $value syntax in %s on line %d
10 changes: 10 additions & 0 deletions Zend/tests/restrict_globals/invalid_assign_list.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
--TEST--
Cannot list-assign to $GLOBALS
--FILE--
<?php

list($GLOBALS) = [1];

?>
--EXPECTF--
Fatal error: $GLOBALS can only be modified using the $GLOBALS[$name] = $value syntax in %s on line %d
10 changes: 10 additions & 0 deletions Zend/tests/restrict_globals/invalid_assign_list_ref.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
--TEST--
Cannot list-assign to $GLOBALS (by-ref)
--FILE--
<?php

list(&$GLOBALS) = [1];

?>
--EXPECTF--
Fatal error: Cannot assign reference to non referencable value in %s on line %d
Copy link
Contributor

@chapeupreto chapeupreto Dec 24, 2020
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Out of curiosity: it is referencable or referenceable (or both)?

As you can see here,

php-src/Zend/zend_vm_def.h

Line 2334 in 5bd7305

zend_error(E_NOTICE, "Attempting to set reference to non referenceable value");
the word referenceable is being used.

There are a few other places that use the referencable word.

If referenceable is the proper option, I can submit a PR that changes those files.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems that both spellings are accepted, but google prefers referenceable.

10 changes: 10 additions & 0 deletions Zend/tests/restrict_globals/invalid_assign_op.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
--TEST--
Cannot compound assign to $GLOBALS
--FILE--
<?php

$GLOBALS += [];

?>
--EXPECTF--
Fatal error: $GLOBALS can only be modified using the $GLOBALS[$name] = $value syntax in %s on line %d
11 changes: 11 additions & 0 deletions Zend/tests/restrict_globals/invalid_assign_ref_lhs.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
--TEST--
Cannot by-ref assign to $GLOBALS (LHS)
--FILE--
<?php

$var = [];
$GLOBALS =& $var;

?>
--EXPECTF--
Fatal error: $GLOBALS can only be modified using the $GLOBALS[$name] = $value syntax in %s on line %d
11 changes: 11 additions & 0 deletions Zend/tests/restrict_globals/invalid_assign_ref_rhs.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
--TEST--
Cannot by-ref assign to $GLOBALS (RHS)
--FILE--
<?php

$var = [];
$var =& $GLOBALS;

?>
--EXPECTF--
Fatal error: Cannot acquire reference to $GLOBALS in %s on line %d
10 changes: 10 additions & 0 deletions Zend/tests/restrict_globals/invalid_foreach.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
--TEST--
Cannot use $GLOBALS as foreach result variable
--FILE--
<?php

foreach ([1] as $GLOBALS) {}

?>
--EXPECTF--
Fatal error: $GLOBALS can only be modified using the $GLOBALS[$name] = $value syntax in %s on line %d
10 changes: 10 additions & 0 deletions Zend/tests/restrict_globals/invalid_foreach_ref.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
--TEST--
Cannot use $GLOBALS as foreach result variable (by-ref)
--FILE--
<?php

foreach ([1] as &$GLOBALS) {}

?>
--EXPECTF--
Fatal error: $GLOBALS can only be modified using the $GLOBALS[$name] = $value syntax in %s on line %d
23 changes: 23 additions & 0 deletions Zend/tests/restrict_globals/invalid_pass_by_ref.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
--TEST--
$GLOBALS cannot be passed by reference (runtime error)
--FILE--
<?php

function by_ref(&$ref) {}
try {
by_ref($GLOBALS);
} catch (Error $e) {
echo $e->getMessage(), "\n";
}

try {
by_ref2($GLOBALS);
} catch (Error $e) {
echo $e->getMessage(), "\n";
}
function by_ref2(&$ref) {}

?>
--EXPECT--
by_ref(): Argument #1 ($ref) cannot be passed by reference
by_ref2(): Argument #1 ($ref) cannot be passed by reference
10 changes: 10 additions & 0 deletions Zend/tests/restrict_globals/invalid_unset.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
--TEST--
Cannot unset $GLOBALS
--FILE--
<?php

unset($GLOBALS);

?>
--EXPECTF--
Fatal error: $GLOBALS can only be modified using the $GLOBALS[$name] = $value syntax in %s on line %d
11 changes: 11 additions & 0 deletions Zend/tests/restrict_globals/key_canonicalization.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
--TEST--
$GLOBALS should have canonicalized keys
--FILE--
<?php

${1} = 42;
var_dump($GLOBALS[1]);

?>
--EXPECT--
int(42)
52 changes: 52 additions & 0 deletions Zend/tests/restrict_globals/valid.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
--TEST--
Supported operations on $GLOBALS
--FILE--
<?php

function test() {
var_dump($GLOBALS['x']);
$GLOBALS['x'] = 1;
var_dump($GLOBALS['x']);
$GLOBALS['x']++;
var_dump($GLOBALS['x']);
$GLOBALS['x'] += 2;
var_dump($GLOBALS['x']);
unset($GLOBALS['y']);
var_dump(isset($GLOBALS['x']));
var_dump(isset($GLOBALS['y']));
$GLOBALS['z'][] = 1;
}

$y = 1;
test();
var_dump($x, $y, $z);

$ref = 1;
$GLOBALS['z'] =& $ref;
$ref++;
var_dump($z);

$x = 1;
$ref2 =& $GLOBALS['x'];
$ref2++;
var_dump($x);

?>
--EXPECTF--
Warning: Undefined global variable $x in %s on line %d
NULL
int(1)
int(2)
int(4)
bool(true)
bool(false)

Warning: Undefined variable $y in %s on line %d
int(4)
NULL
array(1) {
[0]=>
int(1)
}
int(2)
int(2)
2 changes: 1 addition & 1 deletion Zend/tests/undef_index_to_exception.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,5 +42,5 @@ array(0) {
Undefined array key "key"
array(0) {
}
Undefined array key "test"
Undefined global variable $test
Undefined variable $test
14 changes: 0 additions & 14 deletions Zend/tests/unset_cv09.phpt
View file
Open in desktop

This file was deleted.

4 changes: 3 additions & 1 deletion Zend/tests/unset_cv10.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
unset() CV 10 (unset() of global variable in ArrayObject::offsetUnset($GLOBALS))
--FILE--
<?php
/* This is working on a copy of $GLOBALS, so nothing interesting happens here. */
$a = new ArrayObject($GLOBALS);
$x = "ok\n";
echo $x;
Expand All @@ -12,5 +13,6 @@ echo "ok\n";
--EXPECTF--
ok

Warning: Undefined variable $x in %s on line %d
Warning: Undefined array key "x" in %s on line %d
ok
ok
9 changes: 2 additions & 7 deletions Zend/zend.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -786,13 +786,8 @@ static void module_destructor_zval(zval *zv) /* {{{ */

static zend_bool php_auto_globals_create_globals(zend_string *name) /* {{{ */
{
zval globals;

/* IS_ARRAY, but with ref-counter 1 and not IS_TYPE_REFCOUNTED */
ZVAL_ARR(&globals, &EG(symbol_table));
Z_TYPE_FLAGS_P(&globals) = 0;
ZVAL_NEW_REF(&globals, &globals);
zend_hash_update(&EG(symbol_table), name, &globals);
/* While we keep registering $GLOBALS as an auto-global, we do not create an
* actual variable for it. Access to it handled specially by the compiler. */
return 0;
}
/* }}} */
Expand Down
Loading