Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Fix bug preventing unserializing representation of strings > 4GB, add macro to detect igbinary data header #367

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
TysonAndre merged 4 commits into from
Nov 6, 2022
Merged

Fix bug preventing unserializing representation of strings > 4GB, add macro to detect igbinary data header #367

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
522c2c1
Add a macro that callers can use to check for igbinary header
TysonAndre Oct 19, 2022
3dd8e12
Fix bug in unserializing strings > 4GB
TysonAndre Oct 19, 2022
537861d
Change expectation for platforms with 32-bit size_t
TysonAndre Oct 19, 2022
e7b2a1b
[skip ci] update release date
TysonAndre Nov 6, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 22 additions & 4 deletions 26 package.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,19 +31,20 @@ memcached or similar memory based storages for serialized data.</description>
<email>tandre@php.net</email>
<active>yes</active>
</lead>
<date>2022-10-17</date>
<date>2022-11-06</date>
<time>16:00:00</time>
<version>
<release>3.2.9</release>
<api>1.3.1</api>
<release>3.2.10</release>
<api>1.4.0</api>
</version>
<stability>
<release>stable</release>
<api>stable</api>
</stability>
<license uri="https://github.com/igbinary/igbinary/blob/master/COPYING">BSD-3-Clause</license>
<notes>
* Fix invalid release artifact name in job to build dlls for https://github.com/igbinary/igbinary
* Add a macro that callers can use to check if igbinary will accept the header for data being unserialized.
* Fix bug preventing the unserialization of data containing representations of strings larger than 4GB.
</notes>
<contents>
<dir name="/">
Expand Down Expand Up @@ -199,6 +200,7 @@ memcached or similar memory based storages for serialized data.</description>
<file name="igbinary_087.phpt" role="test" />
<file name="igbinary_088.phpt" role="test" />
<file name="igbinary_089.phpt" role="test" />
<file name="igbinary_089_32bit.phpt" role="test" />
<file name="igbinary_090.phpt" role="test" />
<file name="igbinary_091.phpt" role="test" />
<file name="igbinary_092.phpt" role="test" />
Expand Down Expand Up @@ -229,6 +231,22 @@ memcached or similar memory based storages for serialized data.</description>
<providesextension>igbinary</providesextension>
<extsrcrelease />
<changelog>
<release>
<date>2022-10-17</date>
<time>16:00:00</time>
<version>
<release>3.2.9</release>
<api>1.3.1</api>
</version>
<stability>
<release>stable</release>
<api>stable</api>
</stability>
<license uri="https://github.com/igbinary/igbinary/blob/master/COPYING">BSD-3-Clause</license>
<notes>
* Fix invalid release artifact name in job to build dlls for https://github.com/igbinary/igbinary
</notes>
</release>
<release>
<date>2022-10-16</date>
<time>16:00:00</time>
Expand Down
5 changes: 3 additions & 2 deletions 5 src/php7/igbinary.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2161,7 +2161,7 @@ inline static int igbinary_unserialize_header(struct igbinary_unserialize_data *
version = igbinary_unserialize32(igsd);

/* Support older version 1 and the current format 2 */
if (version == IGBINARY_FORMAT_VERSION || version == 0x00000001) {
if (EXPECTED(version == IGBINARY_FORMAT_VERSION || version == 0x00000001)) {
return 0;
} else {
igbinary_unserialize_header_emit_warning(igsd, version);
Expand Down Expand Up @@ -2345,7 +2345,8 @@ inline static zend_string *igbinary_unserialize_string(struct igbinary_unseriali
/* }}} */
/* igbinary_unserialize_extremely_long_chararray {{{ */
static ZEND_COLD zend_never_inline zend_string* igbinary_unserialize_extremely_long_chararray(struct igbinary_unserialize_data *igsd) {
#if SIZEOF_ZEND_LONG > 4
#if SIZEOF_SIZE_T <= 4
(void)igsd;
zend_error(E_WARNING, "igbinary_unserialize_chararray: cannot unserialize 64-bit data on 32-bit platform");
return NULL;
#else
Expand Down
21 changes: 20 additions & 1 deletion 21 src/php7/igbinary.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ struct zval;
/** Binary protocol version of igbinary. */
#define IGBINARY_FORMAT_VERSION 0x00000002

#define PHP_IGBINARY_VERSION "3.2.9"
#define PHP_IGBINARY_VERSION "3.2.10"

/* Macros */

Expand Down Expand Up @@ -73,4 +73,23 @@ IGBINARY_API int igbinary_serialize_ex(uint8_t **ret, size_t *ret_len, zval *z,
*/
IGBINARY_API int igbinary_unserialize(const uint8_t *buf, size_t buf_len, zval *z);

static zend_always_inline int _igbinary_has_valid_header(const uint8_t *buf, size_t buf_len) {
if (buf_len < 5) {
/* Must have 4 header bytes and at least one byte of data */
return 0;
}
/* Unserialize 32bit value the same way on big-endian and little-endian architectures.
* This compiles to a load+optional bswap when compiler optimizations are enabled. */
const uint32_t ret =
((uint32_t)(buf[0]) << 24) |
((uint32_t)(buf[1]) << 16) |
((uint32_t)(buf[2]) << 8) |
((uint32_t)(buf[3]));
return ret == 1 || ret == 2;
}
/** This is defined as a macro and a static C function
* to allow callers to use the macro from newer igbinary versions even with older igbinary installations. */
#define igbinary_has_valid_header(buf, buf_len) _igbinary_has_valid_header((buf), (buf_len))


#endif /* IGBINARY_H */
8 changes: 7 additions & 1 deletion 8 tests/igbinary_089.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,14 @@
Test serializing string > 4G
--INI--
memory_limit=15G
display_errors=stderr
error_reporting=E_ALL
--CONFLICTS--
high_memory
--SKIPIF--
<?php
if (!extension_loaded("igbinary")) print "skip\n";
if (PHP_INT_SIZE <= 4) { print "skip requires 74-bit\n"; }
if (PHP_INT_SIZE <= 4) { print "skip requires 64-bit\n"; }
if (!getenv('IGBINARY_HIGH_MEMORY_TESTS')) { print "skip requires IGBINARY_HIGH_MEMORY_TESTS=1\n"; }
?>
--FILE--
Expand All @@ -19,9 +21,13 @@ echo bin2hex(substr($ser, 0, 20)) . "\n";
$unser = igbinary_unserialize($ser);
unset($ser);
var_dump($unser === str_repeat('*', 4200000000));
$ser_invalid = hex2bin('0000000213fa56ea002a');
var_dump(igbinary_unserialize($ser_invalid));

?>
--EXPECTF--
len=4200000009
0000000213fa56ea002a2a2a2a2a2a2a2a2a2a2a
bool(true)
Warning: igbinary_unserialize_chararray: end-of-data in %sigbinary_089.php on line 10
NULL
21 changes: 21 additions & 0 deletions 21 tests/igbinary_089_32bit.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
--TEST--
Test unserializing invalid 64-bit string header on 32-bit platform
--INI--
display_errors=stderr
error_reporting=E_ALL
--CONFLICTS--
high_memory
--SKIPIF--
<?php
if (!extension_loaded("igbinary")) print "skip\n";
if (PHP_INT_SIZE > 4) { print "skip requires 32-bit\n"; }
?>
--FILE--
<?php
$ser_invalid = hex2bin('0000000213fa56ea002a');
var_dump(igbinary_unserialize($ser_invalid));

?>
--EXPECTF--
Warning: igbinary_unserialize_chararray: %s in %sigbinary_089_32bit.php on line 3
NULL
Morty Proxy This is a proxified and sanitized view of the page, visit original site.