Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:87684 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 36458 invoked from network); 8 Aug 2015 03:08:40 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 8 Aug 2015 03:08:40 -0000 Authentication-Results: pb1.pair.com smtp.mail=yohgaki@gmail.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=yohgaki@gmail.com; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.160.179 as permitted sender) X-PHP-List-Original-Sender: yohgaki@gmail.com X-Host-Fingerprint: 209.85.160.179 mail-yk0-f179.google.com Received: from [209.85.160.179] ([209.85.160.179:36250] helo=mail-yk0-f179.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 1A/70-31948-7B275C55 for ; Fri, 07 Aug 2015 23:08:40 -0400 Received: by ykeo23 with SMTP id o23so102741868yke.3 for ; Fri, 07 Aug 2015 20:08:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:content-type; bh=I6O8kPow6rjZ8hFwNeG1kZ3HUqf+8SordHHYIsV0Yi4=; b=w7kPzQ8x2fFuVDwMp0avGXG2b1jBs+s2qeixGAZGs5qKpL5ZyADvU0HSyDfFGkc+kt EiexYOYRX1cxaNfjWlIgdXznWv4bAyP1vsqTEeC437pOLtrMwRJDP4xSgTfBwqO8JaLA F4jYqu2NVjbOl+GDyVXLlrFaLyQLxyO8Wx8uKFgq/xXCOZft9gyjYT25OIOHvf8lD2Jw 5PUHJJQZZ+7Zd3ZJDJcgjVqW80BJ7p61cL13cLyf0jfVwQLFY/xkeCGBY59KfbObHWIo UmCQUbwihZt/WmOpAO9bpZEf9YIpc5nBl8y7Hz4+pN3DFIe481KTPEY09gQ3Cfm2KzSb V03Q== X-Received: by 10.13.225.11 with SMTP id k11mr11325872ywe.148.1439003316071; Fri, 07 Aug 2015 20:08:36 -0700 (PDT) MIME-Version: 1.0 Sender: yohgaki@gmail.com Received: by 10.129.81.87 with HTTP; Fri, 7 Aug 2015 20:07:56 -0700 (PDT) In-Reply-To: References: Date: Sat, 8 Aug 2015 12:07:56 +0900 X-Google-Sender-Auth: f24L0LQLQrBSdo5C2KuU0IBcKH0 Message-ID: To: "internals@lists.php.net" Content-Type: multipart/alternative; boundary=94eb2c0763707c3485051cc4118d Subject: Re: zend_string or not? From: yohgaki@ohgaki.net (Yasuo Ohgaki) --94eb2c0763707c3485051cc4118d Content-Type: text/plain; charset=UTF-8 HI all, On Fri, Aug 7, 2015 at 4:25 AM, Yasuo Ohgaki wrote: > Is there zend_string usage guideline? > I'm wondering if zend_string is used where it is appropriate. > > Once we release PHP7, adopting zend_string for PHPAPI functions become > difficult. > (We have to keep legacy API or it will be 3rd party module author's > headache if we > change this with minor version up.) > > Evaluation for all PHPAPI functions that have "char *" parameter is > finished? > If not, we are better to do this now at least for core functions. > LXR output seems there are number of core functions that may use > zend_string. > > > http://lxr.php.net/search?q=PHPAPI&defs=&refs=&path=&hist=&project=PHP_TRUNK > I looked into the list quickly to see functions may be better to use zend_string. I picked up functions may have problem with null byte in char *. This is NOT exhaustive list, but partial list. I didn't check all function definitions as well as their usage. http://lxr.php.net/xref/PHP_TRUNK/ext/standard/php_var.h#57 http://lxr.php.net/xref/PHP_TRUNK/main/php_ini.h#33 http://lxr.php.net/xref/PHP_TRUNK/main/php_ini.h#34 http://lxr.php.net/xref/PHP_TRUNK/main/php_ini.h#35 http://lxr.php.net/xref/PHP_TRUNK/main/php_ini.h#36 http://lxr.php.net/xref/PHP_TRUNK/main/php_main.h#51 http://lxr.php.net/xref/PHP_TRUNK/main/php_network.h#233 http://lxr.php.net/xref/PHP_TRUNK/main/php_network.h#236 http://lxr.php.net/xref/PHP_TRUNK/main/php_network.h#252 http://lxr.php.net/xref/PHP_TRUNK/main/php_network.h#308 http://lxr.php.net/xref/PHP_TRUNK/main/fopen_wrappers.h#29 http://lxr.php.net/xref/PHP_TRUNK/main/fopen_wrappers.h#30 http://lxr.php.net/xref/PHP_TRUNK/main/fopen_wrappers.h#31 http://lxr.php.net/xref/PHP_TRUNK/main/fopen_wrappers.h#33 http://lxr.php.net/xref/PHP_TRUNK/main/fopen_wrappers.h#34 http://lxr.php.net/xref/PHP_TRUNK/main/fopen_wrappers.h#35 http://lxr.php.net/xref/PHP_TRUNK/main/fopen_wrappers.h#47 http://lxr.php.net/xref/PHP_TRUNK/main/fopen_wrappers.h#51 http://lxr.php.net/xref/PHP_TRUNK/main/fopen_wrappers.h#53 http://lxr.php.net/xref/PHP_TRUNK/main/php_streams.h#565 http://lxr.php.net/xref/PHP_TRUNK/main/php_streams.h#566 http://lxr.php.net/xref/PHP_TRUNK/main/php_streams.h#567 http://lxr.php.net/xref/PHP_TRUNK/main/php_streams.h#568 http://lxr.php.net/xref/PHP_TRUNK/main/php_streams.h#569 http://lxr.php.net/xref/PHP_TRUNK/main/php.h#283 http://lxr.php.net/xref/PHP_TRUNK/main/fopen_wrappers.h#29 http://lxr.php.net/xref/PHP_TRUNK/main/fopen_wrappers.h#30 http://lxr.php.net/xref/PHP_TRUNK/ext/standard/basic_functions.h#148 http://lxr.php.net/xref/PHP_TRUNK/ext/standard/basic_functions.h#149 We have input parameter validation for null bytes with ZPP. However, source of string may be database, file, network, etc. i.e. Strings may be passed without ZPP null byte check. There is potential risk that null byte injection attack may work. With zend_string, length/null byte could be checked if it is necessary. Function usage should be considered to decide if zend_string should be used or not, but it seems many of these functions are better to use zend_string. Except null byte injection, there are functions become more convenient with zend_string probably. Any comments? -- Yasuo Ohgaki yohgaki@ohgaki.net --94eb2c0763707c3485051cc4118d--