Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:87309 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 46859 invoked from network); 27 Jul 2015 04:11:34 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 27 Jul 2015 04:11:34 -0000 Authentication-Results: pb1.pair.com header.from=scott@paragonie.com; sender-id=unknown Authentication-Results: pb1.pair.com smtp.mail=scott@paragonie.com; spf=permerror; sender-id=unknown Received-SPF: error (pb1.pair.com: domain paragonie.com from 209.85.192.54 cause and error) X-PHP-List-Original-Sender: scott@paragonie.com X-Host-Fingerprint: 209.85.192.54 mail-qg0-f54.google.com Received: from [209.85.192.54] ([209.85.192.54:36129] helo=mail-qg0-f54.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id C3/35-06606-57FA5B55 for ; Mon, 27 Jul 2015 00:11:34 -0400 Received: by qgy5 with SMTP id 5so44056120qgy.3 for ; Sun, 26 Jul 2015 21:11:31 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=7YNR7Ofy8JbUeFTK6o03BBu/ox0tbLva+/vBh0WWDFc=; b=A5uYd/IqKfdg3/usOjBqOQ1zi3bRxkBtfPn1pwGoG6EQxqNsBq/qtlV4738dJMBR3/ 2Ox2ULZZxiADqRCSQJIumgeS068yJ28Y8NwdGg0IchUX/kO0BqGWU/dD/XuqvGYy/Gc4 NaY8BcXLzVGoad7cPctK+Bh9UMvY0D824ymNPo/geVbVSiz5iQbsNI/ggBDJBWwd+QL7 XF+CwzAhfQFHrg8XHlldwPbVO8C3sZAEhVPLCNZZbgZh6w3nLseMa/RridJi2bypVtq+ LX4eos7aRcnS2GNMAVt3idaOZGdW1MgawLScqudX0jV0z92N5mWGHtsM6b5O/Rtd8rAb 2ZYg== X-Gm-Message-State: ALoCoQlgPqNQucSuV0bGanU0Y9hATjYGNSGKfcL1emjBebD/e+XPv8OV9F3voj9Oo7cSkadrLCds MIME-Version: 1.0 X-Received: by 10.140.148.86 with SMTP id 83mr40502876qhu.4.1437970291284; Sun, 26 Jul 2015 21:11:31 -0700 (PDT) Received: by 10.96.83.102 with HTTP; Sun, 26 Jul 2015 21:11:31 -0700 (PDT) Received: by 10.96.83.102 with HTTP; Sun, 26 Jul 2015 21:11:31 -0700 (PDT) In-Reply-To: <0AD335F5-35F3-4D98-8F82-800A1EDF8FD8@icicle.io> References: <836BA21C-AE99-4E7B-AB06-EBC30E41BA0E@icicle.io> <0AD335F5-35F3-4D98-8F82-800A1EDF8FD8@icicle.io> Date: Mon, 27 Jul 2015 00:11:31 -0400 Message-ID: To: Aaron Piotrowski Cc: Anatol Belski , Yasuo Ohgaki , rowan.collins@gmail.com, PHP Internals , larry@garfieldtech.com, Stanislav Malyshev , =?UTF-8?B?SmFrdWIgS3Viw63EjWVr?= , pierre.php@gmail.com, Sammy Kaye Powers , Dean Eigenmann Content-Type: multipart/alternative; boundary=001a1135469068f586051bd38c48 Subject: Re: [PHP-DEV] Core functions throwing exceptions in PHP7 From: scott@paragonie.com (Scott Arciszewski) --001a1135469068f586051bd38c48 Content-Type: text/plain; charset=UTF-8 +1 for Error On Jul 26, 2015 11:32 PM, "Aaron Piotrowski" wrote: > > > I must have overlooked a detail here. > > > > According to https://github.com/tpunt/PHP7-Reference#throwable-interface > > there are Throwables called Error, as a separate designation from an > > exception. I didn't see this in the engine exceptions RFC, so I was > > unaware that was even a thing. > > > > In this case, yes, as long as you can wrap it in try/catch blocks, > > SecurityError which extends Error and/or implements Throwable is an > > excellent suggestion. > > > > Previously, I thought the suggestion was to stick to triggering errors > > (E_ERROR, E_RECOVERABLE_ERROR, etc.). > > > > Scott Arciszewski > > Chief Development Officer > > Paragon Initiative Enterprises > > > > -- > > PHP Internals - PHP Runtime Development Mailing List > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > I believe some were suggesting triggering an E_ERROR, though most E_ERRORs > in the engine have been replaced with thrown Error exceptions, so I think > using E_ERROR in this case would be inappropriate. > > As I suggested in my prior email, I think throwing an instance of Error > would be appropriate when the functions random_bytes() and random_int() > fail. > > There are several conditions that already cause the engine to throw an > Error (or subclass thereof): > > (1)->method(); // Throws Error > declare(strict_types=1); array_map(1, 1); // Throws TypeError > require 'file-with-parse-error.php'; // Throws ParseError > eval("$a[ = 1;"); // Throws ParseError > 1 << -1; // Throws ArithmeticError > intdiv(1, 0); // Throws DivisionByZeroError > 1 % 0; // Throws DivisionByZeroError > > Of particular interest in the above examples is intdiv(), an internal > function that can throw an instance of Error if the denominator is zero. > > I propose that random_bytes() and random_int() should throw an instance of > Error if the parameters are not as expected or if generating a random > number fails. (To avoid further debate about a subclass, the function > should throw just a plain instance of Error, it can always be subclassed > later without BC concerns). > > random_bytes() and random_int() failing closed is very important to > prevent misguided or lazy programmers from using false in place of a random > value. A return of false can easily be overlooked and unintentionally be > cast to a zero or empty string. A thrown instance of Error must be > purposely caught and ignored to produce the same behavior. As Larry pointed > out, it is a very common error for programmers to not do a strict check > using === against false when calling strpos(). > > Does anyone have a strong objection to the above proposal? If not, then I > think Sammy should update his PRs to throw an Error so they can be merged > before the next beta release. > > Aaron Piotrowski > > --001a1135469068f586051bd38c48--