cURL: make possible to send file from buffer string

[Irker]

In my practice, very often I needed to send a file that was created in the current script and stored in memory. Most often these were small generated images, PDF documents, XML files, and etc.

At the current moment in PHP we can send a file from a string variable only through a temporary file on a file system(CURLFile) or with unnecessary base64 converting:

$file_stream = 'data://application/octet-stream;base64,' . base64_encode($file);
$curlFile = new \CURLFile($path);
$curlFile->setPostFilename($file_name);

However, libcurl itself has an easy way to send a file from a string.

Since sending a file in this way always requires passing the file name, it will not work to embed this functionality into an existing CurlFile class without losing backward compatibility. Therefore, I decided to create a new class CURLStringFile.

Usage:

$curlFile = new CURLStringFile($file_content, $postname, $mime);

[nikic]

Sorry for the delay! This looks like a nice addition to me. I have one safety concern regarding the CURLFORM_BUFFERPTR use. And a more general design concern on whether we need all those methods on CURLStringFile at all, and can't just use typed properties.

Maybe @cmb69 or @kocsismate have thoughts on this addition as well?

[nikic]

I don't think this is safe. According to curl docs:

is used in combination with CURLFORM_BUFFER. The parameter is a pointer to the buffer to be uploaded. This buffer must not be freed until after curl_easy_cleanup is called. You must also use CURLFORM_BUFFERLENGTH to set the number of bytes in the buffer.

This means that curl is not making a copy of the buffer. If the CURLStringFile object is destroyed before the request is sent, this will probably result in use-after-free.

[Irker]

Hi @nikic! Great thanks for the code review!
This issue scares me because looks like I need to copy the data somewhere inside CurlHandle. And also copy them when cloning, and destroy them in the curl destructor. Most likely I will not have enough knowledge in the C language.
I can suggest adding CurlStringFile only for curl >= 7.56.0. Or someone will help me with this issue.
Right now, I have code changes based on all your comments, except this one.

[Irker]

Nevermind. I tried to do it myself. =)

[nikic]

This should $mime = null and pass it unconditionally rather than checking empty

[nikic]

CURLFile also has a setPostFilename method.

Though, taking a step back here, seeing as the class has public properties, these getters and setters are really redundant. I think we'd be better off declaring them as typed properties and just omitting the methods entirely.

It depends on whether we need to have the same interface as CURLFile. It doesn't seem necessary to me, as I would expect the common usage to just construct CURLStringFile and directly pass it to curl.

[cmb69]

Nit: missing newline

[Irker]

@nikic @cmb69
Thanks again for the code review.
I updated the patch in which I tried to accommodate all your suggestions.
However, I'm not sure about some of my solutions:

1. I made a mime parameter with null as default like in CurlFile. Null is then replaced with "application/octet-stream". But we can make this value default right in the class instead of null.
2. I'm really not sure if I did everything right with ch-> to_free-> buffers
3. I accidentally discovered a bug that CurlFile has. If an object property zval is converted to reference ($postname =& $file->postname), then this file property will not pass validation.
   I added checks like this:

if (Z_TYPE_P (prop) == IS_REFERENCE) {
    prop = Z_REFVAL_P (prop);
}

Not sure if this is correct.

[nikic]

This will perform a copy of the data. You can use zend_update_property_str to avoid the copy.

[nikic]

Same here -- unless this is intentionally written this way to truncate the filename at a null byte?

[Irker]

I did it for mime and postname the same way as for CURLFile. I think it required to be truncated.
But what the best way? Truncate or, for example, throw an exception if we found null-byte, or do something else?

[nikic]

I think it's okay to stick with the CURLFile behavior here.

[nikic]

You can leave off the default values on these properties (and on $mime as well if you assign it unconditionally).

[nikic]

ZVAL_DEREF(prop) is simpler :)

[nikic]

@nikic @cmb69
Thanks again for the code review.
I updated the patch in which I tried to accommodate all your suggestions.
However, I'm not sure about some of my solutions:

1. I made a mime parameter with null as default like in CurlFile. Null is then replaced with "application/octet-stream". But we can make this value default right in the class instead of null.

Directly using "application/octect-stream" as the default makes sense to me.

2. I'm really not sure if I did everything right with `ch-> to_free-> buffers`

I think you did everything right!

3. I accidentally discovered a bug that CurlFile has. If an object property zval is converted to reference (`$postname =& $file->postname`), then this file property will not pass validation.
   I added checks like this:

if (Z_TYPE_P (prop) == IS_REFERENCE) {
    prop = Z_REFVAL_P (prop);
}

Not sure if this is correct.

Nice catch! I've backported this fix to the 7.4 branch in 54fa0a6, to make sure older versions get fixed.

[nikic]

Not directly related: @kocsismate I just noticed that

php-src/ext/curl/curl_file.stub.php

Line 17 in 8c00c91

public function __construct(string $filename, ?string $mime_type = null, ?string $posted_filename = null) {}

uses different names in the constructor from the property names. We actually managed to have three different names between $postname, $posted_filename and getPostFilename()...

[kocsismate]

Uhh 🤦

[Irker]

@nikic Thanks for the review!
I tried to accommodate all the notes and updated the patch again.
There is only a question with null-byte truncation in postname and mime

[nikic]

This looks fine to me. Anyone else have feedback?

Personally I'd probably merge curl_string_file.c into curl_file.c, as the final implementation ended up being rather small.

[nikic]

I think it's okay to stick with the CURLFile behavior here.

[Irker]

This looks fine to me. Anyone else have feedback?

Personally I'd probably merge curl_string_file.c into curl_file.c, as the final implementation ended up being rather small.

Thank you! I merged files.

[kocsismate]

You can now get rid of @generate-function-entries

[Irker]

Got it, thank you.

[kocsismate]

As CURLStringFile::$postname is a property of type string, is this condition true only if the property is uninitialized, right? If this is the case, shouldn't we throw an exception that we do in other cases? Or am I missing something?

[Irker]

You're right, no need to call php_error_docref here. The exception is already being thrown inside zend_read_property. But I'm do not know how to process it correctly. Is it correct to do just this? :

prop = zend_read_property(curl_CURLStringFile_class, Z_OBJ_P(current), "postname", sizeof("postname")-1, 0, &rv);
ZVAL_DEREF(prop);
if (Z_TYPE_P(prop) != IS_STRING) {
	zend_string_release_ex(string_key, 0);
	return FAILURE;
}

I cannot find a good example in other code =/

[nikic]

That would be fine, or possibly something like this?

prop = ...;
if (EG(exception)) {
    zend_string_release_ex(string_key, 0);
    return FAILURE;
}
ZVAL_DEREF(prop);
ZEND_ASSERT(Z_TYPE_P(prop) == IS_STRING);

[kocsismate]

is there any specific reason you use both zend_update_property_string() and zend_update_property_str(), even though the latter would be sufficient (and wouldn't require a ZSTR_VAL() call)?

[Irker]

As I mentioned before we need to truncate mime and postname to null-terminated strings. But looks like it will be truncated during reading their values. So we can use zend_update_property_str for all parameters.
But I do not know how to provide a default value for mime property for method zend_update_property_str. I can use "zend_string_init" method, but at least I do not know which value for its third option I must use.
Right now I know only this way:

	if (mime) {
		zend_update_property_str(curl_CURLStringFile_class, Z_OBJ_P(object), "mime", sizeof("mime")-1, mime);
	} else {
		zend_update_property_string(curl_CURLStringFile_class, Z_OBJ_P(object), "mime", sizeof("mime")-1, "application/octet-stream");
	}

[nikic]

You suggested code looks reasonable to me.

For zend_string_init the last parameter should be 0, but in this case it's probably a bit nicer to write it as you did.

[Irker]

@kocsismate @nikic, Thanks a lot for the review! I updated the PR again =)