Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Fix behavior of return-by-reference functions. Remove erroneous warni…

…ngs,

add E_STRICT warnings in case you return something by reference that you're
not supposed to (anything that's not a variable, or a return-value of a
function that returned by reference).
  • Loading branch information...
commit 3a42babad6b6d8d39310df94f49b34f03e20e244 1 parent c1e905d
Zeev Suraski zsuraski authored
15 Zend/zend_compile.c
View
@@ -739,7 +739,7 @@ void zend_check_writable_variable(znode *variable)
}
}
-zend_bool zend_is_function_or_method_call(znode *variable)
+static inline zend_bool zend_is_function_or_method_call(znode *variable)
{
zend_uint type = variable->u.EA.type;
@@ -1475,10 +1475,6 @@ void zend_do_return(znode *expr, int do_end_vparse TSRMLS_DC)
} else {
zend_do_end_variable_parse(BP_VAR_R, 0 TSRMLS_CC);
}
-#if 0
- } else if (expr && CG(active_op_array)->return_reference) {
- zend_error(E_COMPILE_ERROR, "Only variables may be returned by reference");
-#endif
}
#ifdef ZTS
@@ -1499,6 +1495,15 @@ void zend_do_return(znode *expr, int do_end_vparse TSRMLS_DC)
opline->op1.op_type = IS_CONST;
INIT_ZVAL(opline->op1.u.constant);
}
+
+ if (do_end_vparse) {
+ if (zend_is_function_or_method_call(expr)) {
+ opline->extended_value = ZEND_RETURNS_FUNCTION;
+ } else {
+ opline->extended_value = 0;
+ }
+ }
+
SET_UNUSED(opline->op2);
}
3  Zend/zend_compile.h
View
@@ -790,6 +790,9 @@ int zendlex(znode *zendlval TSRMLS_DC);
#define ZEND_RETURN_VAL 0
#define ZEND_RETURN_REF 1
+
+#define ZEND_RETURNS_FUNCTION 1<<0
+
END_EXTERN_C()
#define ZEND_CLONE_FUNC_NAME "__clone"
28 Zend/zend_execute.c
View
@@ -2512,6 +2512,8 @@ int zend_do_fcall_common_helper(ZEND_OPCODE_HANDLER_ARGS)
should_change_scope = 0;
}
+ EX_T(EX(opline)->result.u.var).var.fcall_returned_reference = 0;
+
if (EX(function_state).function->type == ZEND_INTERNAL_FUNCTION) {
ALLOC_ZVAL(EX_T(EX(opline)->result.u.var).var.ptr);
INIT_ZVAL(*(EX_T(EX(opline)->result.u.var).var.ptr));
@@ -2561,6 +2563,7 @@ int zend_do_fcall_common_helper(ZEND_OPCODE_HANDLER_ARGS)
EG(active_op_array) = (zend_op_array *) EX(function_state).function;
zend_execute(EG(active_op_array) TSRMLS_CC);
+ EX_T(EX(opline)->result.u.var).var.fcall_returned_reference = EG(active_op_array)->return_reference;
if (return_value_used && !EX_T(EX(opline)->result.u.var).var.ptr) {
if (!EG(exception)) {
@@ -2685,20 +2688,28 @@ int zend_return_handler(ZEND_OPCODE_HANDLER_ARGS)
{
zval *retval_ptr;
zval **retval_ptr_ptr;
-
- if ((EG(active_op_array)->return_reference == ZEND_RETURN_REF) &&
- (EX(opline)->op1.op_type != IS_CONST) &&
- (EX(opline)->op1.op_type != IS_TMP_VAR)) {
-
+
+ if (EG(active_op_array)->return_reference == ZEND_RETURN_REF) {
+ if (EX(opline)->op1.op_type == IS_CONST || EX(opline)->op1.op_type == IS_TMP_VAR) {
+ /* Not supposed to happen, but we'll allow it */
+ zend_error(E_STRICT, "Only variable references should be returned by reference");
+ goto return_by_value;
+ }
+
retval_ptr_ptr = get_zval_ptr_ptr(&EX(opline)->op1, EX(Ts), BP_VAR_W);
if (!retval_ptr_ptr) {
- zend_error(E_ERROR, "Cannot return overloaded elements or string offsets by reference");
+ zend_error(E_ERROR, "Cannot return string offsets by reference");
}
if (!(*retval_ptr_ptr)->is_ref
- && EX_T(EX(opline)->op1.u.var).var.ptr_ptr == &EX_T(EX(opline)->op1.u.var).var.ptr) {
- zend_error(E_ERROR, "Only variables or references can be returned by reference");
+ /*&& EX_T(EX(opline)->op1.u.var).var.ptr_ptr == &EX_T(EX(opline)->op1.u.var).var.ptr*/) {
+ if (EX(opline)->extended_value == ZEND_RETURNS_FUNCTION
+ && !EX_T(EX(opline)->op1.u.var).var.fcall_returned_reference) {
+ zend_error(E_STRICT, "Only variable references should be returned by reference");
+ PZVAL_LOCK(*retval_ptr_ptr); /* undo the effect of get_zval_ptr_ptr() */
+ goto return_by_value;
+ }
}
SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr_ptr);
@@ -2706,6 +2717,7 @@ int zend_return_handler(ZEND_OPCODE_HANDLER_ARGS)
(*EG(return_value_ptr_ptr)) = (*retval_ptr_ptr);
} else {
+return_by_value:
retval_ptr = get_zval_ptr(&EX(opline)->op1, EX(Ts), &EG(free_op1), BP_VAR_R);
if (!EG(free_op1)) { /* Not a temp var */
1  Zend/zend_execute.h
View
@@ -36,6 +36,7 @@ typedef union _temp_variable {
zval *str;
zend_uint offset;
} str_offset;
+ zend_bool fcall_returned_reference;
} var;
zend_class_entry *class_entry;
} temp_variable;
Please sign in to comment.
Something went wrong with that request. Please try again.