Unpoison opcache mem buf for file cache checksum calc

The buffer may contain uninitialized bytes, like padding, zval.value for IS_TRUE, IS_NULL, etc. and other unused fields. The checksum calculation loops over all bytes and thus will trigger uninitialized reads in MSAN. It doesn't matter too much, as the bytes in the file will still match the checksum.
php · Aug 2, 2023 · 3586264 · 3586264
1 parent b2dbf0a
commit 3586264
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/ext/opcache/zend_file_cache.c b/ext/opcache/zend_file_cache.c
@@ -1118,9 +1118,6 @@ int zend_file_cache_script_store(zend_persistent_script *script, bool in_shm)
 
 	zend_string *const s = (zend_string*)ZCG(mem);
 
-	info.checksum = zend_adler32(ADLER32_INIT, buf, script->size);
-	info.checksum = zend_adler32(info.checksum, (unsigned char*)ZSTR_VAL(s), info.str_size);
-
 #if __has_feature(memory_sanitizer)
 	/* The buffer may contain uninitialized regions. However, the uninitialized parts will not be
 	 * used when reading the cache. We should probably still try to get things fully initialized
@@ -1129,6 +1126,9 @@ int zend_file_cache_script_store(zend_persistent_script *script, bool in_shm)
 	__msan_unpoison(buf, script->size);
 #endif
 
+	info.checksum = zend_adler32(ADLER32_INIT, buf, script->size);
+	info.checksum = zend_adler32(info.checksum, (unsigned char*)ZSTR_VAL(s), info.str_size);
+
 	if (!zend_file_cache_script_write(fd, script, &info, buf, s)) {
 		zend_accel_error(ACCEL_LOG_WARNING, "opcache cannot write to file '%s': %s\n", filename, strerror(errno));
 		zend_string_release_ex(s, 0);