Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:85001
Return-Path: <pierre.php@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 13970 invoked from network); 16 Mar 2015 08:17:49 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 16 Mar 2015 08:17:49 -0000
Authentication-Results: pb1.pair.com header.from=pierre.php@gmail.com; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=pierre.php@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.216.176 as permitted sender)
X-PHP-List-Original-Sender: pierre.php@gmail.com
X-Host-Fingerprint: 209.85.216.176 mail-qc0-f176.google.com  
Received: from [209.85.216.176] ([209.85.216.176:34445] helo=mail-qc0-f176.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id B6/E1-00492-CA196055 for <internals@lists.php.net>; Mon, 16 Mar 2015 03:17:49 -0500
Received: by qcaz10 with SMTP id z10so37106081qca.1
        for <internals@lists.php.net>; Mon, 16 Mar 2015 01:17:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :cc:content-type;
        bh=2UVIbqNP0UPOlbIrPfN0jDwJdK6+caWzA0GbHxwpH6w=;
        b=sIyzJP/DukU7qdN8XJT+4mHwlIgMMO05KxuNsSY5D3eat1V66rtOzX+l4eI/SaxdZK
         E2hyfgADN57aL9mhoFfF1UZnVzi9HP9G0h3s7MjJJHpUaYbwvCWv6bHzUPaOUK7pitPk
         CjRwdt7q1QlqQch2Gi9Wt6EfSM6kWX3mPRZFItfLhf1HnioElyVClWvQBX/gyEXeiuXe
         I3+PlzUBt/r+e6ViDojgC29ZgBfPK4+pIMBe9y4BzRZ1B2A2gt+8ptin4FsMH+6LezRR
         kYHcjsnXHT4/GB/SyfTfpd6rAecpnAVXUgpqh/phuuxZ50sEYhfSjwrKhI1pCsZcdY0C
         qeDA==
MIME-Version: 1.0
X-Received: by 10.55.22.168 with SMTP id 40mr59980279qkw.101.1426493865847;
 Mon, 16 Mar 2015 01:17:45 -0700 (PDT)
Received: by 10.96.39.195 with HTTP; Mon, 16 Mar 2015 01:17:44 -0700 (PDT)
Received: by 10.96.39.195 with HTTP; Mon, 16 Mar 2015 01:17:44 -0700 (PDT)
In-Reply-To: <CAGa2bXbGxr4E8hi1_faNWOWSeLi6kn5kQJknCaZ4vUTNxHR+tg@mail.gmail.com>
References: <CABBJUpfiy1BpdyZ5MJmQb3vQz9U8TkSECHCRctupV+BUG1H=fw@mail.gmail.com>
	<55066F07.80308@birkholz.biz>
	<CABBJUpd+yd_7g8VkU0SHRMt0a35idyyLS_7m6=-cGgBB1RzkQg@mail.gmail.com>
	<CAN=kQJe6civW3x=uT2wMB7Mb-33LvkSyHfU=FfB8cfbWsVE+_A@mail.gmail.com>
	<CAGa2bXaMPs2WNOvJzJz6S3Qm1z28H=msi8SdVsmPYJGz-kM8hQ@mail.gmail.com>
	<5506794B.8090008@birkholz.biz>
	<CAGa2bXbGxr4E8hi1_faNWOWSeLi6kn5kQJknCaZ4vUTNxHR+tg@mail.gmail.com>
Date: Mon, 16 Mar 2015 19:17:44 +1100
Message-ID: <CAEZPtU68oFYN5YoQk7+kJPDancrfj9eEbau9BCB6OgkQEV7p8Q@mail.gmail.com>
To: Yasuo Ohgaki <yohgaki@ohgaki.net>
Cc: PHP internals <internals@lists.php.net>, Dennis Birkholz <dennis@birkholz.biz>
Content-Type: multipart/alternative; boundary=001a11493f2e25f2370511637c99
Subject: Re: [PHP-DEV] About declare(strict_types = 1)
From: pierre.php@gmail.com (Pierre Joye)

--001a11493f2e25f2370511637c99
Content-Type: text/plain; charset=UTF-8

On Mar 16, 2015 6:46 PM, "Yasuo Ohgaki" <yohgaki@ohgaki.net> wrote:
>
> Hi Dennis,
>
> On Mon, Mar 16, 2015 at 3:33 PM, Dennis Birkholz <dennis@birkholz.biz>
> wrote:
>
> > Am 16.03.2015 um 07:22 schrieb Yasuo Ohgaki:
> > > Caller _must_ satisfy callee requirements. This is simple principle to
> > > write a secure code.
> > >
> > > With this RFC, caller overrides security related setting. This means
> > > scripts
> > > that are prepared for type safety is "ignored" and it leads security
> > breach.
> >
> > that is simply not true! The callee always gets the type it expects.
> > There is no security problem involved here. The only difference is if
> > type conversion rules apply or if an error is raised for a type
mismatch.
> >
> > You clearly dislike the RFC (you voted no), that is OK, but don't scream
> > of "security" bugs that don't exist. If they would exist, all type hint
> > RFCs would have them in general.
> >
>
> Not only Java/etc programmers but also PHP programmers will assume type
> safety by types.
>
> Programmers assume integer type data is safe once it passes as integer
type
> parameter.
> I'm sure PHP programmer do assume the same thing.
>
> I posted "bad code"
>
> <?php
> function check_num_range(int $num) { if ($num < 0 || $num > 100)
> trigger_error('Invalid range'); }
> // Somewhere far from function definition.
> $num = $GET['num'];
> // Somewhere far from $num definition.
> check_num_range($num); // Trying to check validity, int and range.
> echo 'You have '.$num. ' now <br />'; // But $num could have any string.
>                                                             //
> "check_num_range((int)$num)" wouldn't help also.
> ?>
>
> Caller controlled strict typing makes this worse... i.e.
> <?php
> declare(strict_types=1);
> // We are safe since $num is strictly int. Callee has responsibility to
> pass valid int . (But it's not)
> function check_num_range(int $num) { if ($num < 0 || $num > 100)
> trigger_error('Invalid range'); }
> ?>
>
> Setting register_globals=On while callee script assumes
> register_globals=Off is bad thing to do.
> Similar argument applies to declare(strict_types=1) also.
>
> As I suggested in other thread, we are better to sit down and make
> reasonable decision.
> It's not religion, but technical issue. We can reach reasonable consensus
> if we try to. If we
> cannot, it is better to introduce weak type hint only for the time being.

So basically you mixed topics and voted no for the one RFC that would allow
what you want to do later while allowing strict hinting already. Accepting
the other means changing casting rules again later at best. Not sure you
did well here ;-)

--001a11493f2e25f2370511637c99--