Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:67385
Return-Path: <tyra3l@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 90843 invoked from network); 10 May 2013 10:53:18 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 10 May 2013 10:53:18 -0000
Authentication-Results: pb1.pair.com smtp.mail=tyra3l@gmail.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=tyra3l@gmail.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.223.178 as permitted sender)
X-PHP-List-Original-Sender: tyra3l@gmail.com
X-Host-Fingerprint: 209.85.223.178 mail-ie0-f178.google.com  
Received: from [209.85.223.178] ([209.85.223.178:35826] helo=mail-ie0-f178.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 33/72-05255-B91DC815 for <internals@lists.php.net>; Fri, 10 May 2013 06:53:15 -0400
Received: by mail-ie0-f178.google.com with SMTP id b11so7834476iee.9
        for <internals@lists.php.net>; Fri, 10 May 2013 03:53:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:x-received:in-reply-to:references:date:message-id
         :subject:from:to:cc:content-type;
        bh=0adv1MFvuWZi7mPIoeBrOnjpLj2RG8n9eH6EQNjp0Eg=;
        b=XCiwVZWT2I9BYEZNI28gPj8JgLI2RgBJ3EzhpScx7XhnY0m+Ulj3ENc3SrGltC0fX6
         Aspmak//74dZSotb5k9JRwIdMH2yNJi4qdxVXgpyejcb1K0BQUU2q29e4K5bjKDbm7uu
         eWDyMiqqEHHxqbDJ8sgSwJDbPv0FIz6M9FfmA/T7Beca+NfOv12D59lDrE9USqEhj8Lp
         wqV0Tm0mUTQzBg9KLiUH2POr+uhR/9qCT+aRHVtx/D2Z8kE0YdcUfbPj6V5w4kq8FuMP
         lOn2c2JBcrYKxq+eOiThPQIsHnSVA9uk4WMlZrZPtdP8JO0kqa1SHKLPxyrhxDwC6GaC
         gPIQ==
MIME-Version: 1.0
X-Received: by 10.50.78.37 with SMTP id y5mr1541330igw.43.1368183193016; Fri,
 10 May 2013 03:53:13 -0700 (PDT)
Received: by 10.50.209.3 with HTTP; Fri, 10 May 2013 03:53:12 -0700 (PDT)
In-Reply-To: <CACQesk7nu1xSFWs=pq-z4Bbm6hNUkCOxZ_q4sJwkvjz9tJRLFg@mail.gmail.com>
References: <CADqTB_jNFN0oUmrxef-p3Yn7in0u6jMo-2Wi2QyqA983R5bBtA@mail.gmail.com>
	<CACQesk7nu1xSFWs=pq-z4Bbm6hNUkCOxZ_q4sJwkvjz9tJRLFg@mail.gmail.com>
Date: Fri, 10 May 2013 12:53:12 +0200
Message-ID: <CAH-PCH5mWuhF84zUvyRamtcv35=c8SZ9XMzutAL3BzqtHJp4tw@mail.gmail.com>
To: Etienne Kneuss <colder@php.net>
Cc: Rasmus Schultz <me@rasmus-schultz.com>, PHP internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary=089e011838ea35241e04dc5af9b8
Subject: Re: [PHP-DEV] exceptions during __toString()
From: tyra3l@gmail.com (Ferenc Kovacs)

--089e011838ea35241e04dc5af9b8
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

On Fri, May 10, 2013 at 12:50 AM, Etienne Kneuss <colder@php.net> wrote:

> On Fri, May 10, 2013 at 12:00 AM, Rasmus Schultz <me@rasmus-schultz.com
> >wrote:
>
> > I just ran into this issue again:
> >
> >
> >
> http://stackoverflow.com/questions/2429642/why-its-impossible-to-throw-ex=
ception-from-tostring
> >
> > Instead of throwing some nonsense "you're not allowed to throw from her=
e"
> > error-message, how about actually unwinding the stack and passing the
> > exception to the global exception-handler?
> >
> > I understand there's a technical limitation making it
> difficult/impossible
> > to handle exceptions during __toString() - and it looks like you can
> still
> > try {...} catch (Exception $e) in __toString() just fine, but then what=
?
> > You have the exception, but you have no way to pass it to the standard
> > global exception-handler.
> >
> > If the script has to terminate either way, why not terminate the same w=
ay
> > an unhandled exception would normally cause the script to terminate?
> >
> > E.g. output the actual error-message, or pass it to whatever was
> registered
> > with register_exception_handler() so it can be output or handled in the
> > usual way?
> >
>
>
> The reason is that toString can be triggered from a lot of internal place=
s.
> If an exception is thrown and caught within toString, it's not a problem.
> The problem is if the exception escapes toString, because it thus means
> that the code invoking toString must be interrupted.
>
> We in fact have no guarantee that all those internal places will work
> consistently/correctly in the presence of an exception, and if the engine
> will remain in a state that allows executing code afterward.
> Not executing code means we need to bypass error handlers as well.
>
> Handling an exception from internal code is a "manual" procedure, and cod=
e
> written that relies on conversions to strings may not have been written
> with support for exceptions in mind.
>
> I guess the alternative approach is to allow exceptions, review the code
> (i.e. a lot of work), and eventually fix reports as they come in.
>
> Best,
>
> --
> Etienne Kneuss
>

if somebody thinks that these kind of vulnerabilities are hypotetical, we
had a bunch of Interruption Vulnerabilities in the past and this could
potentionally introduce a lot more, but I think that this is something that
we have to resolve sooner or later, otherwise a whole bunch of proposed
features can never be introduced (for example accepting ArrayObjects
everywhere where array is accepted).

--=20
Ferenc Kov=C3=A1cs
@Tyr43l - http://tyrael.hu

--089e011838ea35241e04dc5af9b8--