Replace memcmp() with zend_string functions (#8216)

* ext/oci8: use zend_string_equals() Eliminate duplicate code. * main/php_variables: use zend_string_equals_literal() Eliminate duplicate code. * Zend/zend_string: add zend_string_equals_cstr() Allows eliminating duplicate code. * Zend, ext/{opcache,standard}, main/output: use zend_string_equals_cstr() Eliminate duplicate code. * Zend/zend_string: add zend_string_starts_with() * ext/{opcache,phar,spl,standard}: use zend_string_starts_with() This adds missing length checks to several callers, e.g. in cache_script_in_shared_memory(). This is important when the zend_string is shorter than the string parameter, when memcmp() happens to check backwards; this can result in an out-of-bounds memory access.
2026-03-24 00:02:20 +01:00 · 2022-03-31 16:27:58 +02:00
parent 54440fa6eb
commit b9e895bca0
15 changed files with 44 additions and 48 deletions
--- a/main/php_variables.c
+++ b/main/php_variables.c
@@ -702,8 +702,7 @@ static void php_autoglobal_merge(HashTable *dest, HashTable *src)
 			|| Z_TYPE_P(dest_entry) != IS_ARRAY) {
 			Z_TRY_ADDREF_P(src_entry);
 			if (string_key) {
-				if (!globals_check || ZSTR_LEN(string_key) != sizeof("GLOBALS") - 1
-						|| memcmp(ZSTR_VAL(string_key), "GLOBALS", sizeof("GLOBALS") - 1)) {
+				if (!globals_check || !zend_string_equals_literal(string_key, "GLOBALS")) {
 					zend_hash_update(dest, string_key, src_entry);
 				} else {
 					Z_TRY_DELREF_P(src_entry);