From 85439a30e54ed0e8b17584cb9f55235ce9b06a45 Mon Sep 17 00:00:00 2001 From: Daniel Scherzer Date: Wed, 18 Sep 2024 17:45:13 -0700 Subject: [PATCH 1/3] ext/standard/exec.c: combine conditions, update docs While `php_escape_shell_cmd()` did indeed `emalloc` a string that needed to be freed by the caller in the original implementation that was put in GitHub (see commit 257de2baded9330ff392f33fd5a7cc0ba271e18d) a few months ago the return type was changed to use `zend_string`, see #14353. --- ext/standard/exec.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/ext/standard/exec.c b/ext/standard/exec.c index 8ebca90bce396..3807c0206358a 100644 --- a/ext/standard/exec.c +++ b/ext/standard/exec.c @@ -119,9 +119,6 @@ PHPAPI int php_exec(int type, const char *cmd, zval *array, zval *return_value) size_t buflen, bufl = 0; #if PHP_SIGCHILD void (*sig_handler)() = NULL; -#endif - -#if PHP_SIGCHILD sig_handler = signal (SIGCHLD, SIG_DFL); #endif @@ -272,8 +269,7 @@ PHP_FUNCTION(passthru) Escape all chars that could possibly be used to break out of a shell command - This function emalloc's a string and returns the pointer. - Remember to efree it when done with it. + This function allocates a new zend_string, remember to free it when done. *NOT* safe for binary strings */ From e6aa125f2c56e84f5009fc987ad6292f7704fa3a Mon Sep 17 00:00:00 2001 From: DanielEScherzer Date: Wed, 9 Oct 2024 12:05:20 -0700 Subject: [PATCH 2/3] exec.c - better comment --- ext/standard/exec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ext/standard/exec.c b/ext/standard/exec.c index 3807c0206358a..343cc17c64f92 100644 --- a/ext/standard/exec.c +++ b/ext/standard/exec.c @@ -269,7 +269,7 @@ PHP_FUNCTION(passthru) Escape all chars that could possibly be used to break out of a shell command - This function allocates a new zend_string, remember to free it when done. + This function returns a zend_string, remember to release it when done. *NOT* safe for binary strings */ From c343357d93ebc39c0c60a1eb0a609d8c5d605129 Mon Sep 17 00:00:00 2001 From: DanielEScherzer Date: Thu, 10 Oct 2024 16:25:57 -0700 Subject: [PATCH 3/3] exec.c - even better comment [skip ci] --- ext/standard/exec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ext/standard/exec.c b/ext/standard/exec.c index 343cc17c64f92..2a6d4fab81254 100644 --- a/ext/standard/exec.c +++ b/ext/standard/exec.c @@ -269,7 +269,7 @@ PHP_FUNCTION(passthru) Escape all chars that could possibly be used to break out of a shell command - This function returns a zend_string, remember to release it when done. + This function returns an owned zend_string, remember to release it when done. *NOT* safe for binary strings */