Skip to content

Commit b106fea

Browse files
dstogovdstogov
authored
Improve zend_jit_may_be_modified() check (php#16760)
1 parent 7f5a888 commit b106fea

File tree

2 files changed

+63
-20
lines changed

2 files changed

+63
-20
lines changed

ext/opcache/jit/zend_jit.c

Lines changed: 63 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -692,6 +692,69 @@ static bool zend_may_be_dynamic_property(zend_class_entry *ce, zend_string *memb
692692
return 0;
693693
}
694694

695+
static bool zend_jit_class_may_be_modified(const zend_class_entry *ce, const zend_op_array *called_from)
696+
{
697+
uint32_t i;
698+
699+
if (ce->type == ZEND_INTERNAL_CLASS) {
700+
#ifdef _WIN32
701+
/* ASLR */
702+
return 1;
703+
#else
704+
return 0;
705+
#endif
706+
} else if (ce->type == ZEND_USER_CLASS) {
707+
if (ce->ce_flags & ZEND_ACC_PRELOADED) {
708+
return 0;
709+
}
710+
if (ce->info.user.filename == called_from->filename) {
711+
if (ce->parent && zend_jit_class_may_be_modified(ce->parent, called_from)) {
712+
return 1;
713+
}
714+
if (ce->num_interfaces) {
715+
for (i = 0; i < ce->num_interfaces; i++) {
716+
if (zend_jit_class_may_be_modified(ce->interfaces[i], called_from)) {
717+
return 1;
718+
}
719+
}
720+
}
721+
if (ce->num_traits) {
722+
for (i=0; i < ce->num_traits; i++) {
723+
zend_class_entry *trait = zend_fetch_class_by_name(ce->trait_names[i].name,
724+
ce->trait_names[i].lc_name, ZEND_FETCH_CLASS_TRAIT);
725+
if (zend_jit_class_may_be_modified(trait, called_from)) {
726+
return 1;
727+
}
728+
}
729+
}
730+
return 0;
731+
}
732+
}
733+
return 1;
734+
}
735+
736+
static bool zend_jit_may_be_modified(const zend_function *func, const zend_op_array *called_from)
737+
{
738+
if (func->type == ZEND_INTERNAL_FUNCTION) {
739+
#ifdef _WIN32
740+
/* ASLR */
741+
return 1;
742+
#else
743+
return 0;
744+
#endif
745+
} else if (func->type == ZEND_USER_FUNCTION) {
746+
if (func->common.fn_flags & ZEND_ACC_PRELOADED) {
747+
return 0;
748+
}
749+
if (func->op_array.filename == called_from->filename
750+
&& (!func->op_array.scope
751+
|| !zend_jit_class_may_be_modified(func->op_array.scope, called_from))) {
752+
return 0;
753+
}
754+
}
755+
return 1;
756+
}
757+
695758
#define OP_RANGE(ssa_op, opN) \
696759
(((opline->opN##_type & (IS_TMP_VAR|IS_VAR|IS_CV)) && \
697760
ssa->var_info && \

ext/opcache/jit/zend_jit_internal.h

Lines changed: 0 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -683,26 +683,6 @@ static zend_always_inline const zend_op* zend_jit_trace_get_exit_opline(zend_jit
683683
return NULL;
684684
}
685685

686-
static inline bool zend_jit_may_be_modified(const zend_function *func, const zend_op_array *called_from)
687-
{
688-
if (func->type == ZEND_INTERNAL_FUNCTION) {
689-
#ifdef _WIN32
690-
/* ASLR */
691-
return 1;
692-
#else
693-
return 0;
694-
#endif
695-
} else if (func->type == ZEND_USER_FUNCTION) {
696-
if (func->common.fn_flags & ZEND_ACC_PRELOADED) {
697-
return 0;
698-
}
699-
if (func->op_array.filename == called_from->filename && !func->op_array.scope) {
700-
return 0;
701-
}
702-
}
703-
return 1;
704-
}
705-
706686
static zend_always_inline bool zend_jit_may_be_polymorphic_call(const zend_op *opline)
707687
{
708688
if (opline->opcode == ZEND_INIT_FCALL

0 commit comments

Comments
 (0)