php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-24 00:02:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix disabling of InfiniteIterator in fuzzer (#19690)

Browse Source 
The canonical way to do this is via `get_constructor` as `create_object`
may not return NULL.
This commit is contained in:
Niels Dossche
2025-09-04 06:01:58 +02:00
committed by GitHub
parent 3f3a266a2b
commit a88a5ecbef
1 changed files with 7 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
sapi/fuzzer/fuzzer-sapi.c
View File

@@ -126,9 +126,9 @@ static sapi_module_struct fuzzer_module = {
STANDARD_SAPI_MODULE_PROPERTIES
};
static ZEND_COLD zend_object *disable_class_create_handler(zend_class_entry *class_type) /* {{{ */
static ZEND_COLD zend_function *disable_class_get_constructor_handler(zend_object *obj) /* {{{ */
{
zend_throw_error(NULL, "Cannot construct class %s, as it is disabled", ZSTR_VAL(class_type->name));
zend_throw_error(NULL, "Cannot construct class %s, as it is disabled", ZSTR_VAL(obj->ce->name));
return NULL;
}
@@ -138,7 +138,11 @@ static void fuzzer_disable_classes(void)
* can cause long loops that bypass the executor step limit. */
/* Lowercase as this is how the CE as stored */
zend_class_entry *InfiniteIterator_class = zend_hash_str_find_ptr(CG(class_table), "infiniteiterator", strlen("infiniteiterator"));
InfiniteIterator_class->create_object = disable_class_create_handler;
static zend_object_handlers handlers;
memcpy(&handlers, InfiniteIterator_class->default_object_handlers, sizeof(handlers));
handlers.get_constructor = disable_class_get_constructor_handler;
InfiniteIterator_class->default_object_handlers = &handlers;
}
int fuzzer_init_php(const char *extra_ini)