From 4f97664b19f70b70c10e17dd39fe7eb91fe8563a Mon Sep 17 00:00:00 2001 From: Ilija Tovilo Date: Sat, 30 Aug 2025 22:18:22 +0200 Subject: [PATCH 1/6] Add pmalloc API --- TSRM/TSRM.c | 12 +++--- Zend/zend.c | 20 ++++----- Zend/zend_API.c | 8 ++-- Zend/zend_alloc.c | 4 +- Zend/zend_alloc.h | 4 ++ Zend/zend_call_stack.c | 2 +- Zend/zend_constants.c | 2 +- Zend/zend_ini.c | 2 +- Zend/zend_list.c | 2 +- Zend/zend_types.h | 6 +-- Zend/zend_vm_execute.h | 2 +- Zend/zend_vm_execute.skl | 2 +- build/gen_stub.php | 2 +- ext/exif/exif.c | 2 +- ext/ffi/ffi.c | 4 +- ext/json/json_parser.y | 2 +- ext/mysqlnd/mysqlnd_auth.c | 10 ++--- ext/opcache/zend_shared_alloc.c | 2 +- ext/pcre/php_pcre.c | 2 +- ext/readline/readline.c | 2 +- ext/readline/readline_cli.c | 6 +-- ext/soap/php_sdl.c | 64 ++++++++++++++-------------- ext/zend_test/observer.c | 2 +- ext/zend_test/test.c | 8 ++-- ext/zend_test/test_arginfo.h | 6 +-- main/fastcgi.c | 12 +++--- main/network.c | 6 +-- main/streams/php_streams_int.h | 2 +- sapi/apache2handler/apache_config.c | 2 +- sapi/cgi/cgi_main.c | 4 +- sapi/fpm/fpm/fpm_stdio.c | 2 +- sapi/fuzzer/fuzzer-json.c | 2 +- sapi/fuzzer/fuzzer-mbregex.c | 2 +- sapi/fuzzer/fuzzer-sapi.c | 2 +- sapi/fuzzer/fuzzer-unserialize.c | 2 +- sapi/fuzzer/fuzzer-unserializehash.c | 2 +- sapi/phpdbg/phpdbg.c | 2 +- sapi/phpdbg/phpdbg_btree.c | 2 +- sapi/phpdbg/phpdbg_parser.y | 2 +- sapi/phpdbg/phpdbg_watch.c | 4 +- win32/wsyslog.c | 2 +- 41 files changed, 116 insertions(+), 112 deletions(-) diff --git a/TSRM/TSRM.c b/TSRM/TSRM.c index e99993204b6f9..3705e83941f4b 100644 --- a/TSRM/TSRM.c +++ b/TSRM/TSRM.c @@ -259,7 +259,7 @@ static void tsrm_update_active_threads(void) if (resource_types_table[j].fast_offset) { p->storage[j] = (void *) (((char*)p) + resource_types_table[j].fast_offset); } else { - p->storage[j] = (void *) malloc(resource_types_table[j].size); + p->storage[j] = (void *) pmalloc(resource_types_table[j].size); } if (resource_types_table[j].ctor) { resource_types_table[j].ctor(p->storage[j]); @@ -378,10 +378,10 @@ static void set_thread_local_storage_resource_to(tsrm_tls_entry *thread_resource static void allocate_new_resource(tsrm_tls_entry **thread_resources_ptr, THREAD_T thread_id) {/*{{{*/ TSRM_ERROR((TSRM_ERROR_LEVEL_CORE, "Creating data structures for thread %x", thread_id)); - (*thread_resources_ptr) = (tsrm_tls_entry *) malloc(TSRM_ALIGNED_SIZE(sizeof(tsrm_tls_entry)) + tsrm_reserved_size); + (*thread_resources_ptr) = (tsrm_tls_entry *) pmalloc(TSRM_ALIGNED_SIZE(sizeof(tsrm_tls_entry)) + tsrm_reserved_size); (*thread_resources_ptr)->storage = NULL; if (id_count > 0) { - (*thread_resources_ptr)->storage = (void **) malloc(sizeof(void *)*id_count); + (*thread_resources_ptr)->storage = (void **) pmalloc(sizeof(void *)*id_count); } (*thread_resources_ptr)->count = id_count; (*thread_resources_ptr)->thread_id = thread_id; @@ -400,7 +400,7 @@ static void allocate_new_resource(tsrm_tls_entry **thread_resources_ptr, THREAD_ if (resource_types_table[i].fast_offset) { (*thread_resources_ptr)->storage[i] = (void *) (((char*)(*thread_resources_ptr)) + resource_types_table[i].fast_offset); } else { - (*thread_resources_ptr)->storage[i] = (void *) malloc(resource_types_table[i].size); + (*thread_resources_ptr)->storage[i] = (void *) pmalloc(resource_types_table[i].size); } if (resource_types_table[i].ctor) { resource_types_table[i].ctor((*thread_resources_ptr)->storage[i]); @@ -618,10 +618,10 @@ TSRM_API MUTEX_T tsrm_mutex_alloc(void) {/*{{{*/ MUTEX_T mutexp; #ifdef TSRM_WIN32 - mutexp = malloc(sizeof(CRITICAL_SECTION)); + mutexp = pmalloc(sizeof(CRITICAL_SECTION)); InitializeCriticalSection(mutexp); #else - mutexp = (pthread_mutex_t *)malloc(sizeof(pthread_mutex_t)); + mutexp = (pthread_mutex_t *)pmalloc(sizeof(pthread_mutex_t)); pthread_mutex_init(mutexp,NULL); #endif #ifdef THR_DEBUG diff --git a/Zend/zend.c b/Zend/zend.c index 045d25134f8c9..c5b5402d11bfd 100644 --- a/Zend/zend.c +++ b/Zend/zend.c @@ -715,18 +715,18 @@ static void compiler_globals_ctor(zend_compiler_globals *compiler_globals) /* {{ compiler_globals->compiled_filename = NULL; compiler_globals->zend_lineno = 0; - compiler_globals->function_table = (HashTable *) malloc(sizeof(HashTable)); + compiler_globals->function_table = (HashTable *) pmalloc(sizeof(HashTable)); zend_hash_init(compiler_globals->function_table, 1024, NULL, ZEND_FUNCTION_DTOR, 1); zend_hash_copy(compiler_globals->function_table, global_function_table, NULL); compiler_globals->copied_functions_count = zend_hash_num_elements(compiler_globals->function_table); - compiler_globals->class_table = (HashTable *) malloc(sizeof(HashTable)); + compiler_globals->class_table = (HashTable *) pmalloc(sizeof(HashTable)); zend_hash_init(compiler_globals->class_table, 64, NULL, ZEND_CLASS_DTOR, 1); zend_hash_copy(compiler_globals->class_table, global_class_table, zend_class_add_ref); zend_set_default_compile_time_values(); - compiler_globals->auto_globals = (HashTable *) malloc(sizeof(HashTable)); + compiler_globals->auto_globals = (HashTable *) pmalloc(sizeof(HashTable)); zend_hash_init(compiler_globals->auto_globals, 8, NULL, auto_global_dtor, 1); zend_hash_copy(compiler_globals->auto_globals, global_auto_globals_table, auto_global_copy_ctor); @@ -1004,10 +1004,10 @@ void zend_startup(zend_utility_functions *utility_functions) /* {{{ */ zend_version_info = strdup(ZEND_CORE_VERSION_INFO); zend_version_info_length = sizeof(ZEND_CORE_VERSION_INFO) - 1; - GLOBAL_FUNCTION_TABLE = (HashTable *) malloc(sizeof(HashTable)); - GLOBAL_CLASS_TABLE = (HashTable *) malloc(sizeof(HashTable)); - GLOBAL_AUTO_GLOBALS_TABLE = (HashTable *) malloc(sizeof(HashTable)); - GLOBAL_CONSTANTS_TABLE = (HashTable *) malloc(sizeof(HashTable)); + GLOBAL_FUNCTION_TABLE = (HashTable *) pmalloc(sizeof(HashTable)); + GLOBAL_CLASS_TABLE = (HashTable *) pmalloc(sizeof(HashTable)); + GLOBAL_AUTO_GLOBALS_TABLE = (HashTable *) pmalloc(sizeof(HashTable)); + GLOBAL_CONSTANTS_TABLE = (HashTable *) pmalloc(sizeof(HashTable)); zend_hash_init(GLOBAL_FUNCTION_TABLE, 1024, NULL, ZEND_FUNCTION_DTOR, 1); zend_hash_init(GLOBAL_CLASS_TABLE, 64, NULL, ZEND_CLASS_DTOR, 1); @@ -1027,8 +1027,8 @@ void zend_startup(zend_utility_functions *utility_functions) /* {{{ */ compiler_globals_dtor(compiler_globals); compiler_globals->in_compilation = 0; - compiler_globals->function_table = (HashTable *) malloc(sizeof(HashTable)); - compiler_globals->class_table = (HashTable *) malloc(sizeof(HashTable)); + compiler_globals->function_table = (HashTable *) pmalloc(sizeof(HashTable)); + compiler_globals->class_table = (HashTable *) pmalloc(sizeof(HashTable)); *compiler_globals->function_table = *GLOBAL_FUNCTION_TABLE; *compiler_globals->class_table = *GLOBAL_CLASS_TABLE; @@ -1296,7 +1296,7 @@ ZEND_API void zend_append_version_info(const zend_extension *extension) /* {{{ * + strlen(extension->copyright) + strlen(extension->author)); - new_info = (char *) malloc(new_info_length + 1); + new_info = (char *) pmalloc(new_info_length + 1); snprintf(new_info, new_info_length, " with %s v%s, %s, by %s\n", extension->name, extension->version, extension->copyright, extension->author); diff --git a/Zend/zend_API.c b/Zend/zend_API.c index fa5365b776d2c..d65951955946f 100644 --- a/Zend/zend_API.c +++ b/Zend/zend_API.c @@ -3083,7 +3083,7 @@ ZEND_API zend_result zend_register_functions(zend_class_entry *scope, const zend } lowercase_name = zend_string_tolower_ex(internal_function->function_name, type == MODULE_PERSISTENT); lowercase_name = zend_new_interned_string(lowercase_name); - reg_function = malloc(sizeof(zend_internal_function)); + reg_function = pmalloc(sizeof(zend_internal_function)); memcpy(reg_function, &function, sizeof(zend_internal_function)); if (zend_hash_add_ptr(target_function_table, lowercase_name, reg_function) == NULL) { unload=1; @@ -3150,7 +3150,7 @@ ZEND_API zend_result zend_register_functions(zend_class_entry *scope, const zend /* Treat return type as an extra argument */ num_args++; - new_arg_info = malloc(sizeof(zend_internal_arg_info) * num_args); + new_arg_info = pmalloc(sizeof(zend_internal_arg_info) * num_args); memcpy(new_arg_info, arg_info, sizeof(zend_internal_arg_info) * num_args); reg_function->arg_info = new_arg_info + 1; for (i = 0; i < num_args; i++) { @@ -3176,7 +3176,7 @@ ZEND_API zend_result zend_register_functions(zend_class_entry *scope, const zend new_arg_info[i].type.type_mask |= _ZEND_TYPE_NAME_BIT; } else { /* Union type */ - zend_type_list *list = malloc(ZEND_TYPE_LIST_SIZE(num_types)); + zend_type_list *list = pmalloc(ZEND_TYPE_LIST_SIZE(num_types)); list->num_types = num_types; ZEND_TYPE_SET_LIST(new_arg_info[i].type, list); ZEND_TYPE_FULL_MASK(new_arg_info[i].type) |= _ZEND_TYPE_UNION_BIT; @@ -3487,7 +3487,7 @@ ZEND_API int zend_next_free_module(void) /* {{{ */ static zend_class_entry *do_register_internal_class(zend_class_entry *orig_class_entry, uint32_t ce_flags) /* {{{ */ { - zend_class_entry *class_entry = malloc(sizeof(zend_class_entry)); + zend_class_entry *class_entry = pmalloc(sizeof(zend_class_entry)); zend_string *lowercase_name; *class_entry = *orig_class_entry; diff --git a/Zend/zend_alloc.c b/Zend/zend_alloc.c index edadf024df24b..e3776334b8c12 100644 --- a/Zend/zend_alloc.c +++ b/Zend/zend_alloc.c @@ -3300,7 +3300,7 @@ static void alloc_globals_ctor(zend_alloc_globals *alloc_globals) tmp = getenv("USE_ZEND_ALLOC"); if (tmp && !ZEND_ATOL(tmp)) { bool tracked = (tmp = getenv("USE_TRACKED_ALLOC")) && ZEND_ATOL(tmp); - zend_mm_heap *mm_heap = alloc_globals->mm_heap = malloc(sizeof(zend_mm_heap)); + zend_mm_heap *mm_heap = alloc_globals->mm_heap = pmalloc(sizeof(zend_mm_heap)); memset(mm_heap, 0, sizeof(zend_mm_heap)); mm_heap->use_custom_heap = ZEND_MM_CUSTOM_HEAP_STD; mm_heap->limit = (size_t)Z_L(-1) >> 1; @@ -3316,7 +3316,7 @@ static void alloc_globals_ctor(zend_alloc_globals *alloc_globals) mm_heap->custom_heap._malloc = tracked_malloc; mm_heap->custom_heap._free = tracked_free; mm_heap->custom_heap._realloc = tracked_realloc; - mm_heap->tracked_allocs = malloc(sizeof(HashTable)); + mm_heap->tracked_allocs = pmalloc(sizeof(HashTable)); zend_hash_init(mm_heap->tracked_allocs, 1024, NULL, NULL, 1); } return; diff --git a/Zend/zend_alloc.h b/Zend/zend_alloc.h index 264e13848d1b7..8b8235823aef0 100644 --- a/Zend/zend_alloc.h +++ b/Zend/zend_alloc.h @@ -185,6 +185,10 @@ ZEND_API void * __zend_realloc(void *p, size_t len ZEND_FILE_LINE_DC ZEND_FILE_L ZEND_API void __zend_free(void *p ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC); ZEND_API ZEND_ATTRIBUTE_MALLOC char * __zend_strdup(const char *s); +#define pmalloc(size) (__zend_malloc(size ZEND_FILE_LINE_CC ZEND_FILE_LINE_EMPTY_CC)) +#define pcalloc(nmemb, size) (__zend_calloc((nmemb), (size) ZEND_FILE_LINE_CC ZEND_FILE_LINE_EMPTY_CC)) +#define prealloc(ptr, size) (__zend_realloc((ptr), (size) ZEND_FILE_LINE_CC ZEND_FILE_LINE_EMPTY_CC)) + /* Selective persistent/non persistent allocation macros */ #define pemalloc(size, persistent) ((persistent)?__zend_malloc(size ZEND_FILE_LINE_CC ZEND_FILE_LINE_EMPTY_CC):emalloc(size)) #define safe_pemalloc(nmemb, size, offset, persistent) ((persistent)?_safe_malloc(nmemb, size, offset):safe_emalloc(nmemb, size, offset)) diff --git a/Zend/zend_call_stack.c b/Zend/zend_call_stack.c index ed86ecc74a238..6aaded33fc48f 100644 --- a/Zend/zend_call_stack.c +++ b/Zend/zend_call_stack.c @@ -632,7 +632,7 @@ static bool zend_call_stack_get_netbsd_vm(zend_call_stack *stack, void **ptr) // kinfo_getvmmap uses the same formula, only we do not want to rely on libkvm len = len * 4 / 3 ; - *ptr = malloc(len); + *ptr = pmalloc(len); if (sysctl(mib, 5, *ptr, &len, NULL, 0) != 0) { return false; diff --git a/Zend/zend_constants.c b/Zend/zend_constants.c index efdcb905fd773..a1013d0f59bd8 100644 --- a/Zend/zend_constants.c +++ b/Zend/zend_constants.c @@ -121,7 +121,7 @@ void clean_module_constants(int module_number) void zend_startup_constants(void) { - EG(zend_constants) = (HashTable *) malloc(sizeof(HashTable)); + EG(zend_constants) = (HashTable *) pmalloc(sizeof(HashTable)); zend_hash_init(EG(zend_constants), 128, NULL, ZEND_CONSTANT_DTOR, 1); } diff --git a/Zend/zend_ini.c b/Zend/zend_ini.c index 689e76794df34..42ee313a8e733 100644 --- a/Zend/zend_ini.c +++ b/Zend/zend_ini.c @@ -98,7 +98,7 @@ static void free_ini_entry(zval *zv) /* {{{ */ */ ZEND_API void zend_ini_startup(void) /* {{{ */ { - registered_zend_ini_directives = (HashTable *) malloc(sizeof(HashTable)); + registered_zend_ini_directives = (HashTable *) pmalloc(sizeof(HashTable)); EG(ini_directives) = registered_zend_ini_directives; EG(modified_ini_directives) = NULL; diff --git a/Zend/zend_list.c b/Zend/zend_list.c index bf599a2efca9b..f36cadd03a659 100644 --- a/Zend/zend_list.c +++ b/Zend/zend_list.c @@ -267,7 +267,7 @@ ZEND_API int zend_register_list_destructors_ex(rsrc_dtor_func_t ld, rsrc_dtor_fu zend_rsrc_list_dtors_entry *lde; zval zv; - lde = malloc(sizeof(zend_rsrc_list_dtors_entry)); + lde = pmalloc(sizeof(zend_rsrc_list_dtors_entry)); lde->list_dtor_ex = ld; lde->plist_dtor_ex = pld; lde->module_number = module_number; diff --git a/Zend/zend_types.h b/Zend/zend_types.h index a3d3e4da6362d..a881d32133abb 100644 --- a/Zend/zend_types.h +++ b/Zend/zend_types.h @@ -1157,7 +1157,7 @@ static zend_always_inline uint32_t zval_gc_info(uint32_t gc_type_info) { #define ZVAL_NEW_PERSISTENT_ARR(z) do { \ zval *__z = (z); \ zend_array *_arr = \ - (zend_array *) malloc(sizeof(zend_array)); \ + (zend_array *) pmalloc(sizeof(zend_array)); \ Z_ARR_P(__z) = _arr; \ Z_TYPE_INFO_P(__z) = IS_ARRAY_EX; \ } while (0) @@ -1198,7 +1198,7 @@ static zend_always_inline uint32_t zval_gc_info(uint32_t gc_type_info) { #define ZVAL_NEW_PERSISTENT_RES(z, h, p, t) do { \ zend_resource *_res = \ - (zend_resource *) malloc(sizeof(zend_resource)); \ + (zend_resource *) pmalloc(sizeof(zend_resource)); \ zval *__z; \ GC_SET_REFCOUNT(_res, 1); \ GC_TYPE_INFO(_res) = GC_RESOURCE | \ @@ -1252,7 +1252,7 @@ static zend_always_inline uint32_t zval_gc_info(uint32_t gc_type_info) { #define ZVAL_NEW_PERSISTENT_REF(z, r) do { \ zend_reference *_ref = \ - (zend_reference *) malloc(sizeof(zend_reference)); \ + (zend_reference *) pmalloc(sizeof(zend_reference)); \ GC_SET_REFCOUNT(_ref, 1); \ GC_TYPE_INFO(_ref) = GC_REFERENCE | \ (GC_PERSISTENT << GC_FLAGS_SHIFT); \ diff --git a/Zend/zend_vm_execute.h b/Zend/zend_vm_execute.h index e1a94fd07a11a..94116f4c66134 100644 --- a/Zend/zend_vm_execute.h +++ b/Zend/zend_vm_execute.h @@ -126440,7 +126440,7 @@ static void init_opcode_serialiser(void) int i; zval tmp; - zend_handlers_table = malloc(sizeof(HashTable)); + zend_handlers_table = pmalloc(sizeof(HashTable)); zend_hash_init(zend_handlers_table, zend_handlers_count, NULL, NULL, 1); zend_hash_real_init(zend_handlers_table, 0); Z_TYPE_INFO(tmp) = IS_LONG; diff --git a/Zend/zend_vm_execute.skl b/Zend/zend_vm_execute.skl index 53b1ac6baf0a3..fd8c9a461628d 100644 --- a/Zend/zend_vm_execute.skl +++ b/Zend/zend_vm_execute.skl @@ -107,7 +107,7 @@ static void init_opcode_serialiser(void) int i; zval tmp; - zend_handlers_table = malloc(sizeof(HashTable)); + zend_handlers_table = pmalloc(sizeof(HashTable)); zend_hash_init(zend_handlers_table, zend_handlers_count, NULL, NULL, 1); zend_hash_real_init(zend_handlers_table, 0); Z_TYPE_INFO(tmp) = IS_LONG; diff --git a/build/gen_stub.php b/build/gen_stub.php index 5c8407c0564c5..20da3185da8df 100755 --- a/build/gen_stub.php +++ b/build/gen_stub.php @@ -2491,7 +2491,7 @@ protected function getTypeCode(string $variableLikeName, string &$code): string } $classTypeCount = count($arginfoType->classTypes); - $code .= "\tzend_type_list *{$variableLikeType}_{$variableLikeName}_type_list = malloc(ZEND_TYPE_LIST_SIZE($classTypeCount));\n"; + $code .= "\tzend_type_list *{$variableLikeType}_{$variableLikeName}_type_list = pmalloc(ZEND_TYPE_LIST_SIZE($classTypeCount));\n"; $code .= "\t{$variableLikeType}_{$variableLikeName}_type_list->num_types = $classTypeCount;\n"; foreach ($arginfoType->classTypes as $k => $classType) { diff --git a/ext/exif/exif.c b/ext/exif/exif.c index 9169861728869..fa33cfcb025ca 100644 --- a/ext/exif/exif.c +++ b/ext/exif/exif.c @@ -1323,7 +1323,7 @@ static const maker_note_type maker_note_array[] = { static HashTable *exif_make_tag_ht(tag_info_type *tag_table) { - HashTable *ht = malloc(sizeof(HashTable)); + HashTable *ht = pmalloc(sizeof(HashTable)); zend_hash_init(ht, 0, NULL, NULL, 1); while (tag_table->Tag != TAG_END_OF_LIST) { if (!zend_hash_index_add_ptr(ht, tag_table->Tag, tag_table->Desc)) { diff --git a/ext/ffi/ffi.c b/ext/ffi/ffi.c index 10fc11f52e70f..0f8002741fb23 100644 --- a/ext/ffi/ffi.c +++ b/ext/ffi/ffi.c @@ -3531,12 +3531,12 @@ static zend_ffi *zend_ffi_load(const char *filename, bool preload) /* {{{ */ } if (!scope) { - scope = malloc(sizeof(zend_ffi_scope)); + scope = pmalloc(sizeof(zend_ffi_scope)); scope->symbols = FFI_G(symbols); scope->tags = FFI_G(tags); if (!FFI_G(scopes)) { - FFI_G(scopes) = malloc(sizeof(HashTable)); + FFI_G(scopes) = pmalloc(sizeof(HashTable)); zend_hash_init(FFI_G(scopes), 0, NULL, zend_ffi_scope_hash_dtor, 1); } diff --git a/ext/json/json_parser.y b/ext/json/json_parser.y index d570cddc91e4b..1b217b886da2e 100644 --- a/ext/json/json_parser.y +++ b/ext/json/json_parser.y @@ -27,7 +27,7 @@ int json_yydebug = 1; #endif #ifdef _MSC_VER -#define YYMALLOC malloc +#define YYMALLOC pmalloc #define YYFREE free #endif diff --git a/ext/mysqlnd/mysqlnd_auth.c b/ext/mysqlnd/mysqlnd_auth.c index 691375b1a6959..33b0f5a1fcfd6 100644 --- a/ext/mysqlnd/mysqlnd_auth.c +++ b/ext/mysqlnd/mysqlnd_auth.c @@ -575,7 +575,7 @@ mysqlnd_native_auth_get_auth_data(struct st_mysqlnd_authentication_plugin * self /* copy scrambled pass*/ if (passwd && passwd_len) { - ret = malloc(SCRAMBLE_LENGTH); + ret = pmalloc(SCRAMBLE_LENGTH); *auth_data_len = SCRAMBLE_LENGTH; /* In 4.1 we use CLIENT_SECURE_CONNECTION and thus the len of the buf should be passed */ php_mysqlnd_scramble((zend_uchar*)ret, auth_plugin_data, (zend_uchar*)passwd, passwd_len); @@ -715,7 +715,7 @@ mysqlnd_sha256_public_encrypt(MYSQLND_CONN_DATA * conn, mysqlnd_rsa_t server_pub } *auth_data_len = server_public_key_len; - ret = malloc(*auth_data_len); + ret = pmalloc(*auth_data_len); EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new(server_public_key, NULL); if (!ctx || EVP_PKEY_encrypt_init(ctx) <= 0 || EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_OAEP_PADDING) <= 0 || @@ -804,7 +804,7 @@ mysqlnd_sha256_public_encrypt(MYSQLND_CONN_DATA * conn, mysqlnd_rsa_t server_pub } *auth_data_len = server_public_key_len; - ret = malloc(*auth_data_len); + ret = pmalloc(*auth_data_len); if (BCryptEncrypt((BCRYPT_KEY_HANDLE) server_public_key, (zend_uchar *) xor_str, passwd_len + 1, &padding_info, NULL, 0, ret, server_public_key_len, &server_public_key_len, BCRYPT_PAD_OAEP)) { BCryptDestroyKey((BCRYPT_KEY_HANDLE) server_public_key); @@ -911,7 +911,7 @@ mysqlnd_sha256_auth_get_auth_data(struct st_mysqlnd_authentication_plugin * self /* NUL termination byte required: https://dev.mysql.com/doc/dev/mysql-server/latest/page_protocol_connection_phase_authentication_methods_clear_text_password.html * (this is similar to bug #78680, but now as GH-11440) */ *auth_data_len = passwd_len + 1; - ret = malloc(passwd_len + 1); + ret = pmalloc(passwd_len + 1); memcpy(ret, passwd, passwd_len); ret[passwd_len] = '\0'; } else { @@ -1114,7 +1114,7 @@ mysqlnd_caching_sha2_get_auth_data(struct st_mysqlnd_authentication_plugin * sel DBG_INF("First auth step: send hashed password"); /* copy scrambled pass*/ if (passwd && passwd_len) { - ret = malloc(SHA256_LENGTH + 1); + ret = pmalloc(SHA256_LENGTH + 1); *auth_data_len = SHA256_LENGTH; php_mysqlnd_scramble_sha2((zend_uchar*)ret, auth_plugin_data, (zend_uchar*)passwd, passwd_len); ret[SHA256_LENGTH] = '\0'; diff --git a/ext/opcache/zend_shared_alloc.c b/ext/opcache/zend_shared_alloc.c index 80ef36b8749d9..9b86015d6e171 100644 --- a/ext/opcache/zend_shared_alloc.c +++ b/ext/opcache/zend_shared_alloc.c @@ -321,7 +321,7 @@ void zend_shared_alloc_shutdown(void) smm_shared_globals = &tmp_shared_globals; shared_segments_array_size = ZSMMG(shared_segments_count) * (S_H(segment_type_size)() + sizeof(void *)); if (shared_segments_array_size > 16) { - tmp_shared_segments = malloc(shared_segments_array_size); + tmp_shared_segments = pmalloc(shared_segments_array_size); } else { tmp_shared_segments = shared_segments_buf; } diff --git a/ext/pcre/php_pcre.c b/ext/pcre/php_pcre.c index 8e0fb2cce5f9b..4159bf6b6df98 100644 --- a/ext/pcre/php_pcre.c +++ b/ext/pcre/php_pcre.c @@ -357,7 +357,7 @@ PHP_INI_END() static char *_pcre2_config_str(uint32_t what) {/*{{{*/ int len = pcre2_config(what, NULL); - char *ret = (char *) malloc(len + 1); + char *ret = (char *) pmalloc(len + 1); len = pcre2_config(what, ret); if (!len) { diff --git a/ext/readline/readline.c b/ext/readline/readline.c index d292921856909..ca00cd4aa1c29 100644 --- a/ext/readline/readline.c +++ b/ext/readline/readline.c @@ -188,7 +188,7 @@ PHP_FUNCTION(readline_info) } #if !defined(PHP_WIN32) && !defined(HAVE_LIBEDIT) if (!rl_line_buffer) { - rl_line_buffer = malloc(Z_STRLEN_P(value) + 1); + rl_line_buffer = pmalloc(Z_STRLEN_P(value) + 1); } else if (strlen(oldstr) < Z_STRLEN_P(value)) { rl_extend_line_buffer(Z_STRLEN_P(value) + 1); free(oldstr); diff --git a/ext/readline/readline_cli.c b/ext/readline/readline_cli.c index 312129991c708..6421090845ae8 100644 --- a/ext/readline/readline_cli.c +++ b/ext/readline/readline_cli.c @@ -447,7 +447,7 @@ static char *cli_completion_generator_var(const char *text, size_t textlen, int tmp = retval = cli_completion_generator_ht(text + 1, textlen - 1, state, symbol_table, NULL); if (retval) { - retval = malloc(strlen(tmp) + 2); + retval = pmalloc(strlen(tmp) + 2); retval[0] = '$'; strcpy(&retval[1], tmp); rl_completion_append_character = '\0'; @@ -461,7 +461,7 @@ static char *cli_completion_generator_ini(const char *text, size_t textlen, int tmp = retval = cli_completion_generator_ht(text + 1, textlen - 1, state, EG(ini_directives), NULL); if (retval) { - retval = malloc(strlen(tmp) + 2); + retval = pmalloc(strlen(tmp) + 2); retval[0] = '#'; strcpy(&retval[1], tmp); rl_completion_append_character = '='; @@ -576,7 +576,7 @@ static char *cli_completion_generator(const char *text, int index) /* {{{ */ } if (ce && retval) { size_t len = ZSTR_LEN(ce->name) + 2 + strlen(retval) + 1; - char *tmp = malloc(len); + char *tmp = pmalloc(len); snprintf(tmp, len, "%s::%s", ZSTR_VAL(ce->name), retval); free(retval); diff --git a/ext/soap/php_sdl.c b/ext/soap/php_sdl.c index cc01b598bd9c3..5038f04715301 100644 --- a/ext/soap/php_sdl.c +++ b/ext/soap/php_sdl.c @@ -2373,7 +2373,7 @@ static void make_persistent_restriction_int(void *data) sdlRestrictionIntPtr *rest = (sdlRestrictionIntPtr *)data; sdlRestrictionIntPtr prest = NULL; - prest = malloc(sizeof(sdlRestrictionInt)); + prest = pmalloc(sizeof(sdlRestrictionInt)); *prest = **rest; *rest = prest; } @@ -2383,7 +2383,7 @@ static void make_persistent_restriction_char_int(sdlRestrictionCharPtr *rest) { sdlRestrictionCharPtr prest = NULL; - prest = malloc(sizeof(sdlRestrictionChar)); + prest = pmalloc(sizeof(sdlRestrictionChar)); memset(prest, 0, sizeof(sdlRestrictionChar)); prest->value = strdup((*rest)->value); prest->fixed = (*rest)->fixed; @@ -2428,11 +2428,11 @@ static HashTable* make_persistent_sdl_function_headers(HashTable *headers, HashT sdlTypePtr ptype; zend_string *key; - pheaders = malloc(sizeof(HashTable)); + pheaders = pmalloc(sizeof(HashTable)); zend_hash_init(pheaders, zend_hash_num_elements(headers), NULL, delete_header_persistent, 1); ZEND_HASH_MAP_FOREACH_STR_KEY_PTR(headers, key, tmp) { - pheader = malloc(sizeof(sdlSoapBindingFunctionHeader)); + pheader = pmalloc(sizeof(sdlSoapBindingFunctionHeader)); memset(pheader, 0, sizeof(sdlSoapBindingFunctionHeader)); *pheader = *tmp; @@ -2492,11 +2492,11 @@ static HashTable* make_persistent_sdl_parameters(HashTable *params, HashTable *p encodePtr penc; zend_string *key; - pparams = malloc(sizeof(HashTable)); + pparams = pmalloc(sizeof(HashTable)); zend_hash_init(pparams, zend_hash_num_elements(params), NULL, delete_parameter_persistent, 1); ZEND_HASH_FOREACH_STR_KEY_PTR(params, key, tmp) { - pparam = malloc(sizeof(sdlParam)); + pparam = pmalloc(sizeof(sdlParam)); memset(pparam, 0, sizeof(sdlParam)); *pparam = *tmp; @@ -2534,11 +2534,11 @@ static HashTable* make_persistent_sdl_function_faults(sdlFunctionPtr func, HashT sdlFaultPtr tmp, pfault; zend_string *key; - pfaults = malloc(sizeof(HashTable)); + pfaults = pmalloc(sizeof(HashTable)); zend_hash_init(pfaults, zend_hash_num_elements(faults), NULL, delete_fault_persistent, 1); ZEND_HASH_MAP_FOREACH_STR_KEY_PTR(faults, key, tmp) { - pfault = malloc(sizeof(sdlFault)); + pfault = pmalloc(sizeof(sdlFault)); memset(pfault, 0, sizeof(sdlFault)); *pfault = *tmp; @@ -2552,7 +2552,7 @@ static HashTable* make_persistent_sdl_function_faults(sdlFunctionPtr func, HashT if (func->binding->bindingType == BINDING_SOAP && pfault->bindingAttributes) { sdlSoapBindingFunctionFaultPtr soap_binding; - soap_binding = malloc(sizeof(sdlSoapBindingFunctionFault)); + soap_binding = pmalloc(sizeof(sdlSoapBindingFunctionFault)); memset(soap_binding, 0, sizeof(sdlSoapBindingFunctionFault)); *soap_binding = *(sdlSoapBindingFunctionFaultPtr)pfault->bindingAttributes; if (soap_binding->ns) { @@ -2579,7 +2579,7 @@ static sdlAttributePtr make_persistent_sdl_attribute(sdlAttributePtr attr, HashT sdlAttributePtr pattr; zend_string *key; - pattr = malloc(sizeof(sdlAttribute)); + pattr = pmalloc(sizeof(sdlAttribute)); memset(pattr, 0, sizeof(sdlAttribute)); *pattr = *attr; @@ -2608,12 +2608,12 @@ static sdlAttributePtr make_persistent_sdl_attribute(sdlAttributePtr attr, HashT if (pattr->extraAttributes) { sdlExtraAttributePtr tmp, pextra; - pattr->extraAttributes = malloc(sizeof(HashTable)); + pattr->extraAttributes = pmalloc(sizeof(HashTable)); zend_hash_init(pattr->extraAttributes, zend_hash_num_elements(attr->extraAttributes), NULL, delete_extra_attribute_persistent, 1); ZEND_HASH_MAP_FOREACH_STR_KEY_PTR(attr->extraAttributes, key, tmp) { if (key) { - pextra = malloc(sizeof(sdlExtraAttribute)); + pextra = pmalloc(sizeof(sdlExtraAttribute)); memset(pextra, 0, sizeof(sdlExtraAttribute)); if (tmp->ns) { @@ -2638,7 +2638,7 @@ static sdlContentModelPtr make_persistent_sdl_model(sdlContentModelPtr model, Ha sdlContentModelPtr pmodel; sdlContentModelPtr tmp, pcontent; - pmodel = malloc(sizeof(sdlContentModel)); + pmodel = pmalloc(sizeof(sdlContentModel)); memset(pmodel, 0, sizeof(sdlContentModel)); *pmodel = *model; @@ -2652,7 +2652,7 @@ static sdlContentModelPtr make_persistent_sdl_model(sdlContentModelPtr model, Ha case XSD_CONTENT_SEQUENCE: case XSD_CONTENT_ALL: case XSD_CONTENT_CHOICE: - pmodel->u.content = malloc(sizeof(HashTable)); + pmodel->u.content = pmalloc(sizeof(HashTable)); zend_hash_init(pmodel->u.content, zend_hash_num_elements(model->u.content), NULL, delete_model_persistent, 1); ZEND_HASH_FOREACH_PTR(model->u.content, tmp) { @@ -2686,7 +2686,7 @@ static sdlTypePtr make_persistent_sdl_type(sdlTypePtr type, HashTable *ptr_map, zend_string *key; sdlTypePtr ptype = NULL; - ptype = malloc(sizeof(sdlType)); + ptype = pmalloc(sizeof(sdlType)); memset(ptype, 0, sizeof(sdlType)); *ptype = *type; @@ -2713,7 +2713,7 @@ static sdlTypePtr make_persistent_sdl_type(sdlTypePtr type, HashTable *ptr_map, } if (ptype->restrictions) { - ptype->restrictions = malloc(sizeof(sdlRestrictions)); + ptype->restrictions = pmalloc(sizeof(sdlRestrictions)); memset(ptype->restrictions, 0, sizeof(sdlRestrictions)); *ptype->restrictions = *type->restrictions; @@ -2753,7 +2753,7 @@ static sdlTypePtr make_persistent_sdl_type(sdlTypePtr type, HashTable *ptr_map, if (type->restrictions->enumeration) { sdlRestrictionCharPtr tmp, penum; - ptype->restrictions->enumeration = malloc(sizeof(HashTable)); + ptype->restrictions->enumeration = pmalloc(sizeof(HashTable)); zend_hash_init(ptype->restrictions->enumeration, zend_hash_num_elements(type->restrictions->enumeration), NULL, delete_restriction_var_char_persistent, 1); ZEND_HASH_MAP_FOREACH_STR_KEY_PTR(type->restrictions->enumeration, key, tmp) { penum = tmp; @@ -2767,7 +2767,7 @@ static sdlTypePtr make_persistent_sdl_type(sdlTypePtr type, HashTable *ptr_map, if (ptype->elements) { sdlTypePtr tmp, pelem; - ptype->elements = malloc(sizeof(HashTable)); + ptype->elements = pmalloc(sizeof(HashTable)); zend_hash_init(ptype->elements, zend_hash_num_elements(type->elements), NULL, delete_type_persistent, 1); ZEND_HASH_FOREACH_STR_KEY_PTR(type->elements, key, tmp) { @@ -2785,7 +2785,7 @@ static sdlTypePtr make_persistent_sdl_type(sdlTypePtr type, HashTable *ptr_map, if (ptype->attributes) { sdlAttributePtr tmp, pattr; - ptype->attributes = malloc(sizeof(HashTable)); + ptype->attributes = pmalloc(sizeof(HashTable)); zend_hash_init(ptype->attributes, zend_hash_num_elements(type->attributes), NULL, delete_attribute_persistent, 1); ZEND_HASH_FOREACH_STR_KEY_PTR(type->attributes, key, tmp) { @@ -2810,7 +2810,7 @@ static encodePtr make_persistent_sdl_encoder(encodePtr enc, HashTable *ptr_map, { encodePtr penc = NULL; - penc = malloc(sizeof(encode)); + penc = pmalloc(sizeof(encode)); memset(penc, 0, sizeof(encode)); *penc = *enc; @@ -2834,7 +2834,7 @@ static sdlBindingPtr make_persistent_sdl_binding(sdlBindingPtr bind, HashTable * { sdlBindingPtr pbind = NULL; - pbind = malloc(sizeof(sdlBinding)); + pbind = pmalloc(sizeof(sdlBinding)); memset(pbind, 0, sizeof(sdlBinding)); *pbind = *bind; @@ -2849,7 +2849,7 @@ static sdlBindingPtr make_persistent_sdl_binding(sdlBindingPtr bind, HashTable * if (pbind->bindingType == BINDING_SOAP && pbind->bindingAttributes) { sdlSoapBindingPtr soap_binding; - soap_binding = malloc(sizeof(sdlSoapBinding)); + soap_binding = pmalloc(sizeof(sdlSoapBinding)); memset(soap_binding, 0, sizeof(sdlSoapBinding)); *soap_binding = *(sdlSoapBindingPtr)pbind->bindingAttributes; pbind->bindingAttributes = soap_binding; @@ -2862,7 +2862,7 @@ static sdlFunctionPtr make_persistent_sdl_function(sdlFunctionPtr func, HashTabl { sdlFunctionPtr pfunc = NULL; - pfunc = malloc(sizeof(sdlFunction)); + pfunc = pmalloc(sizeof(sdlFunction)); memset(pfunc, 0, sizeof(sdlFunction)); *pfunc = *func; @@ -2888,7 +2888,7 @@ static sdlFunctionPtr make_persistent_sdl_function(sdlFunctionPtr func, HashTabl if (pfunc->binding->bindingType == BINDING_SOAP && pfunc->bindingAttributes) { sdlSoapBindingFunctionPtr soap_binding; - soap_binding = malloc(sizeof(sdlSoapBindingFunction)); + soap_binding = pmalloc(sizeof(sdlSoapBindingFunction)); memset(soap_binding, 0, sizeof(sdlSoapBindingFunction)); *soap_binding = *(sdlSoapBindingFunctionPtr)pfunc->bindingAttributes; if (soap_binding->soapAction) { @@ -2924,7 +2924,7 @@ static sdlPtr make_persistent_sdl(sdlPtr sdl) zend_hash_init(&bp_encoders, 0, NULL, NULL, 0); zend_hash_init(&ptr_map, 0, NULL, NULL, 0); - psdl = malloc(sizeof(*sdl)); + psdl = pmalloc(sizeof(*sdl)); memset(psdl, 0, sizeof(*sdl)); if (sdl->source) { @@ -2938,7 +2938,7 @@ static sdlPtr make_persistent_sdl(sdlPtr sdl) sdlTypePtr tmp; sdlTypePtr ptype; - psdl->groups = malloc(sizeof(HashTable)); + psdl->groups = pmalloc(sizeof(HashTable)); zend_hash_init(psdl->groups, zend_hash_num_elements(sdl->groups), NULL, delete_type_persistent, 1); ZEND_HASH_MAP_FOREACH_STR_KEY_PTR(sdl->groups, key, tmp) { @@ -2957,7 +2957,7 @@ static sdlPtr make_persistent_sdl(sdlPtr sdl) sdlTypePtr tmp; sdlTypePtr ptype; - psdl->types = malloc(sizeof(HashTable)); + psdl->types = pmalloc(sizeof(HashTable)); zend_hash_init(psdl->types, zend_hash_num_elements(sdl->types), NULL, delete_type_persistent, 1); ZEND_HASH_FOREACH_STR_KEY_PTR(sdl->types, key, tmp) { @@ -2976,7 +2976,7 @@ static sdlPtr make_persistent_sdl(sdlPtr sdl) sdlTypePtr tmp; sdlTypePtr ptype; - psdl->elements = malloc(sizeof(HashTable)); + psdl->elements = pmalloc(sizeof(HashTable)); zend_hash_init(psdl->elements, zend_hash_num_elements(sdl->elements), NULL, delete_type_persistent, 1); ZEND_HASH_MAP_FOREACH_STR_KEY_PTR(sdl->elements, key, tmp) { @@ -2995,7 +2995,7 @@ static sdlPtr make_persistent_sdl(sdlPtr sdl) encodePtr tmp; encodePtr penc; - psdl->encoders = malloc(sizeof(HashTable)); + psdl->encoders = pmalloc(sizeof(HashTable)); zend_hash_init(psdl->encoders, zend_hash_num_elements(sdl->encoders), NULL, delete_encoder_persistent, 1); ZEND_HASH_FOREACH_STR_KEY_PTR(sdl->encoders, key, tmp) { @@ -3037,7 +3037,7 @@ static sdlPtr make_persistent_sdl(sdlPtr sdl) sdlBindingPtr tmp; sdlBindingPtr pbind; - psdl->bindings = malloc(sizeof(HashTable)); + psdl->bindings = pmalloc(sizeof(HashTable)); zend_hash_init(psdl->bindings, zend_hash_num_elements(sdl->bindings), NULL, delete_binding_persistent, 1); ZEND_HASH_MAP_FOREACH_STR_KEY_PTR(sdl->bindings, key, tmp) { @@ -3074,7 +3074,7 @@ static sdlPtr make_persistent_sdl(sdlPtr sdl) sdlFunctionPtr tmp; sdlFunctionPtr preq; - psdl->requests = malloc(sizeof(HashTable)); + psdl->requests = pmalloc(sizeof(HashTable)); zend_hash_init(psdl->requests, zend_hash_num_elements(sdl->requests), NULL, NULL, 1); ZEND_HASH_MAP_FOREACH_STR_KEY_VAL(sdl->requests, key, zv) { @@ -3336,7 +3336,7 @@ sdlPtr get_sdl(zval *this_ptr, char *uri, zend_long cache_wsdl) sdl_cache_bucket p; if (SOAP_GLOBAL(mem_cache) == NULL) { - SOAP_GLOBAL(mem_cache) = malloc(sizeof(HashTable)); + SOAP_GLOBAL(mem_cache) = pmalloc(sizeof(HashTable)); zend_hash_init(SOAP_GLOBAL(mem_cache), 0, NULL, delete_psdl, 1); } else if (SOAP_GLOBAL(cache_limit) > 0 && SOAP_GLOBAL(cache_limit) <= (zend_long)zend_hash_num_elements(SOAP_GLOBAL(mem_cache))) { diff --git a/ext/zend_test/observer.c b/ext/zend_test/observer.c index d2a91d16840e0..fcd62db2d811e 100644 --- a/ext/zend_test/observer.c +++ b/ext/zend_test/observer.c @@ -408,7 +408,7 @@ void zend_test_observer_shutdown(SHUTDOWN_FUNC_ARGS) } void zend_test_observer_ginit(zend_zend_test_globals *zend_test_globals) { - zend_test_globals->observer_observe_function_names = malloc(sizeof(HashTable)); + zend_test_globals->observer_observe_function_names = pmalloc(sizeof(HashTable)); _zend_hash_init(zend_test_globals->observer_observe_function_names, 8, ZVAL_PTR_DTOR, 1); GC_MAKE_PERSISTENT_LOCAL(zend_test_globals->observer_observe_function_names); } diff --git a/ext/zend_test/test.c b/ext/zend_test/test.c index df51fa2189891..acfca326af896 100644 --- a/ext/zend_test/test.c +++ b/ext/zend_test/test.c @@ -844,7 +844,7 @@ static PHP_INI_MH(OnUpdateZendTestObserveOplineInZendMM) if (int_value == 1) { // `zend_mm_heap` is a private struct, so we have not way to find the // actual size, but 4096 bytes should be enough - ZT_G(zend_test_heap) = malloc(4096); + ZT_G(zend_test_heap) = pmalloc(4096); memset(ZT_G(zend_test_heap), 0, 4096); zend_mm_set_custom_handlers( ZT_G(zend_test_heap), @@ -932,7 +932,7 @@ static ZEND_FUNCTION(zend_test_cast_fread) } size_t size = 10240; /* Must be large enough to trigger the issue */ - char *buf = malloc(size); + char *buf = pmalloc(size); bool bail = false; zend_try { (void) !fread(buf, 1, size, fp); @@ -1307,11 +1307,11 @@ static zend_type create_test_dnf_type(void) { zend_string *class_Countable = zend_string_init_interned("Countable", sizeof("Countable") - 1, true); zend_alloc_ce_cache(class_Countable); // - zend_type_list *intersection_list = malloc(ZEND_TYPE_LIST_SIZE(2)); + zend_type_list *intersection_list = pmalloc(ZEND_TYPE_LIST_SIZE(2)); intersection_list->num_types = 2; intersection_list->types[0] = (zend_type) ZEND_TYPE_INIT_CLASS(class_Traversable, 0, 0); intersection_list->types[1] = (zend_type) ZEND_TYPE_INIT_CLASS(class_Countable, 0, 0); - zend_type_list *union_list = malloc(ZEND_TYPE_LIST_SIZE(2)); + zend_type_list *union_list = pmalloc(ZEND_TYPE_LIST_SIZE(2)); union_list->num_types = 2; union_list->types[0] = (zend_type) ZEND_TYPE_INIT_CLASS(class_Iterator, 0, 0); union_list->types[1] = (zend_type) ZEND_TYPE_INIT_INTERSECTION(intersection_list, 0); diff --git a/ext/zend_test/test_arginfo.h b/ext/zend_test/test_arginfo.h index 0d95340e12289..bc3d12f09c3a2 100644 --- a/ext/zend_test/test_arginfo.h +++ b/ext/zend_test/test_arginfo.h @@ -774,7 +774,7 @@ static zend_class_entry *register_class__ZendTestClass(zend_class_entry *class_e zend_string *property_classUnionProp_name = zend_string_init("classUnionProp", sizeof("classUnionProp") - 1, 1); zend_string *property_classUnionProp_class_stdClass = zend_string_init("stdClass", sizeof("stdClass") - 1, 1); zend_string *property_classUnionProp_class_Iterator = zend_string_init("Iterator", sizeof("Iterator") - 1, 1); - zend_type_list *property_classUnionProp_type_list = malloc(ZEND_TYPE_LIST_SIZE(2)); + zend_type_list *property_classUnionProp_type_list = pmalloc(ZEND_TYPE_LIST_SIZE(2)); property_classUnionProp_type_list->num_types = 2; property_classUnionProp_type_list->types[0] = (zend_type) ZEND_TYPE_INIT_CLASS(property_classUnionProp_class_stdClass, 0, 0); property_classUnionProp_type_list->types[1] = (zend_type) ZEND_TYPE_INIT_CLASS(property_classUnionProp_class_Iterator, 0, 0); @@ -787,7 +787,7 @@ static zend_class_entry *register_class__ZendTestClass(zend_class_entry *class_e zend_string *property_classIntersectionProp_name = zend_string_init("classIntersectionProp", sizeof("classIntersectionProp") - 1, 1); zend_string *property_classIntersectionProp_class_Traversable = zend_string_init("Traversable", sizeof("Traversable") - 1, 1); zend_string *property_classIntersectionProp_class_Countable = zend_string_init("Countable", sizeof("Countable") - 1, 1); - zend_type_list *property_classIntersectionProp_type_list = malloc(ZEND_TYPE_LIST_SIZE(2)); + zend_type_list *property_classIntersectionProp_type_list = pmalloc(ZEND_TYPE_LIST_SIZE(2)); property_classIntersectionProp_type_list->num_types = 2; property_classIntersectionProp_type_list->types[0] = (zend_type) ZEND_TYPE_INIT_CLASS(property_classIntersectionProp_class_Traversable, 0, 0); property_classIntersectionProp_type_list->types[1] = (zend_type) ZEND_TYPE_INIT_CLASS(property_classIntersectionProp_class_Countable, 0, 0); @@ -961,7 +961,7 @@ static zend_class_entry *register_class__ZendTestTrait(void) zend_string *property_classUnionProp_name = zend_string_init("classUnionProp", sizeof("classUnionProp") - 1, 1); zend_string *property_classUnionProp_class_Traversable = zend_string_init("Traversable", sizeof("Traversable") - 1, 1); zend_string *property_classUnionProp_class_Countable = zend_string_init("Countable", sizeof("Countable") - 1, 1); - zend_type_list *property_classUnionProp_type_list = malloc(ZEND_TYPE_LIST_SIZE(2)); + zend_type_list *property_classUnionProp_type_list = pmalloc(ZEND_TYPE_LIST_SIZE(2)); property_classUnionProp_type_list->num_types = 2; property_classUnionProp_type_list->types[0] = (zend_type) ZEND_TYPE_INIT_CLASS(property_classUnionProp_class_Traversable, 0, 0); property_classUnionProp_type_list->types[1] = (zend_type) ZEND_TYPE_INIT_CLASS(property_classUnionProp_class_Countable, 0, 0); diff --git a/main/fastcgi.c b/main/fastcgi.c index 448576a978598..fb2f80e88de84 100644 --- a/main/fastcgi.c +++ b/main/fastcgi.c @@ -253,10 +253,10 @@ static void fcgi_hash_init(fcgi_hash *h) { memset(h->hash_table, 0, sizeof(h->hash_table)); h->list = NULL; - h->buckets = (fcgi_hash_buckets*)malloc(sizeof(fcgi_hash_buckets)); + h->buckets = (fcgi_hash_buckets*)pmalloc(sizeof(fcgi_hash_buckets)); h->buckets->idx = 0; h->buckets->next = NULL; - h->data = (fcgi_data_seg*)malloc(sizeof(fcgi_data_seg) - 1 + FCGI_HASH_SEG_SIZE); + h->data = (fcgi_data_seg*)pmalloc(sizeof(fcgi_data_seg) - 1 + FCGI_HASH_SEG_SIZE); h->data->pos = h->data->data; h->data->end = h->data->pos + FCGI_HASH_SEG_SIZE; h->data->next = NULL; @@ -309,7 +309,7 @@ static inline char* fcgi_hash_strndup(fcgi_hash *h, char *str, unsigned int str_ if (UNEXPECTED(h->data->pos + str_len + 1 >= h->data->end)) { unsigned int seg_size = (str_len + 1 > FCGI_HASH_SEG_SIZE) ? str_len + 1 : FCGI_HASH_SEG_SIZE; - fcgi_data_seg *p = (fcgi_data_seg*)malloc(sizeof(fcgi_data_seg) - 1 + seg_size); + fcgi_data_seg *p = (fcgi_data_seg*)pmalloc(sizeof(fcgi_data_seg) - 1 + seg_size); p->pos = p->data; p->end = p->pos + seg_size; @@ -341,7 +341,7 @@ static char* fcgi_hash_set(fcgi_hash *h, unsigned int hash_value, char *var, uns } if (UNEXPECTED(h->buckets->idx >= FCGI_HASH_TABLE_SIZE)) { - fcgi_hash_buckets *b = (fcgi_hash_buckets*)malloc(sizeof(fcgi_hash_buckets)); + fcgi_hash_buckets *b = (fcgi_hash_buckets*)pmalloc(sizeof(fcgi_hash_buckets)); b->idx = 0; b->next = h->buckets; h->buckets = b; @@ -772,7 +772,7 @@ int fcgi_listen(const char *path, int backlog) if (*cur == ',') n++; cur++; } - allowed_clients = malloc(sizeof(sa_t) * (n+2)); + allowed_clients = pmalloc(sizeof(sa_t) * (n+2)); n = 0; cur = ip; while (cur) { @@ -832,7 +832,7 @@ void fcgi_set_allowed_clients(char *ip) cur++; } if (allowed_clients) free(allowed_clients); - allowed_clients = malloc(sizeof(sa_t) * (n+2)); + allowed_clients = pmalloc(sizeof(sa_t) * (n+2)); n = 0; cur = ip; while (cur) { diff --git a/main/network.c b/main/network.c index 70dc505582868..79a4cda59f0c8 100644 --- a/main/network.c +++ b/main/network.c @@ -1285,7 +1285,7 @@ static struct hostent * gethostname_re (const char *host,struct hostent *hostbuf if (*hstbuflen == 0) { *hstbuflen = 1024; - *tmphstbuf = (char *)malloc (*hstbuflen); + *tmphstbuf = (char *)pmalloc (*hstbuflen); } while (( res = @@ -1311,7 +1311,7 @@ static struct hostent * gethostname_re (const char *host,struct hostent *hostbuf if (*hstbuflen == 0) { *hstbuflen = 1024; - *tmphstbuf = (char *)malloc (*hstbuflen); + *tmphstbuf = (char *)pmalloc (*hstbuflen); } while ((NULL == ( hp = @@ -1329,7 +1329,7 @@ static struct hostent * gethostname_re (const char *host,struct hostent *hostbuf { if (*hstbuflen == 0) { *hstbuflen = sizeof(struct hostent_data); - *tmphstbuf = (char *)malloc (*hstbuflen); + *tmphstbuf = (char *)pmalloc (*hstbuflen); } else { if (*hstbuflen < sizeof(struct hostent_data)) { *hstbuflen = sizeof(struct hostent_data); diff --git a/main/streams/php_streams_int.h b/main/streams/php_streams_int.h index 7580088fba316..de6fb22dcc0cc 100644 --- a/main/streams/php_streams_int.h +++ b/main/streams/php_streams_int.h @@ -28,7 +28,7 @@ ? _erealloc((ptr), (size), 0 ZEND_FILE_LINE_CC ZEND_FILE_LINE_RELAY_CC) \ : _erealloc((ptr), (size), 0 ZEND_FILE_LINE_CC ZEND_FILE_LINE_ORIG_RELAY_CC) ) -#define pemalloc_rel_orig(size, persistent) ((persistent) ? malloc((size)) : emalloc_rel_orig((size))) +#define pemalloc_rel_orig(size, persistent) ((persistent) ? pmalloc((size)) : emalloc_rel_orig((size))) #define perealloc_rel_orig(ptr, size, persistent) ((persistent) ? realloc((ptr), (size)) : erealloc_rel_orig((ptr), (size))) #else # define pemalloc_rel_orig(size, persistent) pemalloc((size), (persistent)) diff --git a/sapi/apache2handler/apache_config.c b/sapi/apache2handler/apache_config.c index e051964a81591..1d92c954bb6d7 100644 --- a/sapi/apache2handler/apache_config.c +++ b/sapi/apache2handler/apache_config.c @@ -140,7 +140,7 @@ static bool should_overwrite_per_dir_entry(HashTable *target_ht, zval *zv, zend_ void config_entry_ctor(zval *zv) { php_dir_entry *pe = (php_dir_entry*)Z_PTR_P(zv); - php_dir_entry *npe = malloc(sizeof(php_dir_entry)); + php_dir_entry *npe = pmalloc(sizeof(php_dir_entry)); memcpy(npe, pe, sizeof(php_dir_entry)); ZVAL_PTR(zv, npe); diff --git a/sapi/cgi/cgi_main.c b/sapi/cgi/cgi_main.c index 6db96a43ac97b..32d491e6cbb3f 100644 --- a/sapi/cgi/cgi_main.c +++ b/sapi/cgi/cgi_main.c @@ -761,7 +761,7 @@ static void sapi_cgi_log_message(const char *message, int syslog_type_int) request = (fcgi_request*) SG(server_context); if (request) { int ret, len = (int)strlen(message); - char *buf = malloc(len+2); + char *buf = pmalloc(len+2); memcpy(buf, message, len); memcpy(buf + len, "\n", sizeof("\n")); @@ -2433,7 +2433,7 @@ consult the installation file that came with this distribution, or visit \n\ } len += 2; - s = malloc(len); + s = pmalloc(len); *s = '\0'; /* we are pretending it came from the environment */ for (i = php_optind; i < argc; i++) { strlcat(s, argv[i], len); diff --git a/sapi/fpm/fpm/fpm_stdio.c b/sapi/fpm/fpm/fpm_stdio.c index c9386f941f18f..3391edd59f36d 100644 --- a/sapi/fpm/fpm/fpm_stdio.c +++ b/sapi/fpm/fpm/fpm_stdio.c @@ -191,7 +191,7 @@ static void fpm_stdio_child_said(struct fpm_event_s *ev, short which, void *arg) create_log_stream = !child->log_stream; if (create_log_stream) { - log_stream = child->log_stream = malloc(sizeof(struct zlog_stream)); + log_stream = child->log_stream = pmalloc(sizeof(struct zlog_stream)); zlog_stream_init_ex(log_stream, ZLOG_WARNING, STDERR_FILENO); zlog_stream_set_decorating(log_stream, child->wp->config->decorate_workers_output); zlog_stream_set_wrapping(log_stream, ZLOG_TRUE); diff --git a/sapi/fuzzer/fuzzer-json.c b/sapi/fuzzer/fuzzer-json.c index 78c8505c2f1dc..08b6d00e6abda 100644 --- a/sapi/fuzzer/fuzzer-json.c +++ b/sapi/fuzzer/fuzzer-json.c @@ -34,7 +34,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { return 0; } - char *data = malloc(Size + 1); + char *data = pmalloc(Size + 1); memcpy(data, Data, Size); data[Size] = '\0'; diff --git a/sapi/fuzzer/fuzzer-mbregex.c b/sapi/fuzzer/fuzzer-mbregex.c index f96e593ba8d24..6f7e03e8319fe 100644 --- a/sapi/fuzzer/fuzzer-mbregex.c +++ b/sapi/fuzzer/fuzzer-mbregex.c @@ -36,7 +36,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { } char *args[2]; - char *data = malloc(Size+1); + char *data = pmalloc(Size+1); memcpy(data, Data, Size); data[Size] = '\0'; diff --git a/sapi/fuzzer/fuzzer-sapi.c b/sapi/fuzzer/fuzzer-sapi.c index a81e533a6b5f0..671e1cdef5672 100644 --- a/sapi/fuzzer/fuzzer-sapi.c +++ b/sapi/fuzzer/fuzzer-sapi.c @@ -157,7 +157,7 @@ int fuzzer_init_php(const char *extra_ini) if (extra_ini) { ini_len += extra_ini_len + 1; } - char *p = malloc(ini_len + 1); + char *p = pmalloc(ini_len + 1); fuzzer_module.ini_entries = p; p = zend_mempcpy(p, HARDCODED_INI, sizeof(HARDCODED_INI) - 1); if (extra_ini) { diff --git a/sapi/fuzzer/fuzzer-unserialize.c b/sapi/fuzzer/fuzzer-unserialize.c index 8a889883a97d8..315f26edb4843 100644 --- a/sapi/fuzzer/fuzzer-unserialize.c +++ b/sapi/fuzzer/fuzzer-unserialize.c @@ -35,7 +35,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { return 0; } - unsigned char *orig_data = malloc(Size+1); + unsigned char *orig_data = pmalloc(Size+1); memcpy(orig_data, Data, Size); orig_data[Size] = '\0'; diff --git a/sapi/fuzzer/fuzzer-unserializehash.c b/sapi/fuzzer/fuzzer-unserializehash.c index 447e95d0ee815..9c56f678b6ff6 100644 --- a/sapi/fuzzer/fuzzer-unserializehash.c +++ b/sapi/fuzzer/fuzzer-unserializehash.c @@ -39,7 +39,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t FullSize) { } size_t Size = (Data + FullSize) - Start; - unsigned char *orig_data = malloc(Size+1); + unsigned char *orig_data = pmalloc(Size+1); memcpy(orig_data, Start, Size); orig_data[Size] = '\0'; diff --git a/sapi/phpdbg/phpdbg.c b/sapi/phpdbg/phpdbg.c index c169c11bfbb77..2fab31ccb1803 100644 --- a/sapi/phpdbg/phpdbg.c +++ b/sapi/phpdbg/phpdbg.c @@ -1210,7 +1210,7 @@ int main(int argc, char **argv) /* {{{ */ if (zend_extensions_list) { zend_extensions_list = realloc(zend_extensions_list, sizeof(char*) * zend_extensions_len); } else { - zend_extensions_list = malloc(sizeof(char*) * zend_extensions_len); + zend_extensions_list = pmalloc(sizeof(char*) * zend_extensions_len); } zend_extensions_list[zend_extensions_len-1] = strdup(php_optarg); break; diff --git a/sapi/phpdbg/phpdbg_btree.c b/sapi/phpdbg/phpdbg_btree.c index 81571c17c01a9..6b61967f08dbb 100644 --- a/sapi/phpdbg/phpdbg_btree.c +++ b/sapi/phpdbg/phpdbg_btree.c @@ -25,7 +25,7 @@ #ifdef _Win32 # undef pemalloc # undef pefree -# define pemalloc(size, persistent) malloc(size) +# define pemalloc(size, persistent) pmalloc(size) # define pefree(ptr, persistent) free(ptr) #endif diff --git a/sapi/phpdbg/phpdbg_parser.y b/sapi/phpdbg/phpdbg_parser.y index 50cb93f05f6f0..12a06140837bd 100644 --- a/sapi/phpdbg/phpdbg_parser.y +++ b/sapi/phpdbg/phpdbg_parser.y @@ -28,7 +28,7 @@ static int yyerror(const char *msg); ZEND_EXTERN_MODULE_GLOBALS(phpdbg) #ifdef _MSC_VER -#define YYMALLOC malloc +#define YYMALLOC pmalloc #define YYFREE free #endif diff --git a/sapi/phpdbg/phpdbg_watch.c b/sapi/phpdbg/phpdbg_watch.c index 5657649efdb69..16eef1dfed552 100644 --- a/sapi/phpdbg/phpdbg_watch.c +++ b/sapi/phpdbg/phpdbg_watch.c @@ -1469,10 +1469,10 @@ void phpdbg_setup_watchpoints(void) { zend_hash_init(&PHPDBG_G(watch_free), 8, NULL, NULL, 0); /* put these on a separate page, to avoid conflicts with other memory */ - PHPDBG_G(watchlist_mem) = malloc(phpdbg_pagesize > sizeof(HashTable) ? phpdbg_pagesize : sizeof(HashTable)); + PHPDBG_G(watchlist_mem) = pmalloc(phpdbg_pagesize > sizeof(HashTable) ? phpdbg_pagesize : sizeof(HashTable)); PHPDBG_G(original_watchlist_mem) = PHPDBG_G(watchlist_mem); zend_hash_init(PHPDBG_G(watchlist_mem), phpdbg_pagesize / (sizeof(Bucket) + sizeof(uint32_t)), NULL, NULL, 1); - PHPDBG_G(watchlist_mem_backup) = malloc(phpdbg_pagesize > sizeof(HashTable) ? phpdbg_pagesize : sizeof(HashTable)); + PHPDBG_G(watchlist_mem_backup) = pmalloc(phpdbg_pagesize > sizeof(HashTable) ? phpdbg_pagesize : sizeof(HashTable)); zend_hash_init(PHPDBG_G(watchlist_mem_backup), phpdbg_pagesize / (sizeof(Bucket) + sizeof(uint32_t)), NULL, NULL, 1); PHPDBG_G(watch_tmp) = NULL; diff --git a/win32/wsyslog.c b/win32/wsyslog.c index 0cf3c263bc3a0..ee2e3262aff4c 100644 --- a/win32/wsyslog.c +++ b/win32/wsyslog.c @@ -151,6 +151,6 @@ void openlog(const char *ident, int logopt, int facility) PW32G(log_source) = RegisterEventSource(NULL, "PHP-" PHP_VERSION); header_len = strlen(ident) + 2 + 11; - PW32G(log_header) = malloc(header_len*sizeof(char)); + PW32G(log_header) = pmalloc(header_len*sizeof(char)); sprintf_s(PW32G(log_header), header_len, (logopt & LOG_PID) ? "%s[%d]" : "%s", ident, getpid()); } From 7b087e5beccad09e3073dfd81c4875f12d678040 Mon Sep 17 00:00:00 2001 From: Ilija Tovilo Date: Sat, 30 Aug 2025 22:18:37 +0200 Subject: [PATCH 2/6] Add pcalloc API --- ext/mysqli/mysqli_nonapi.c | 2 +- ext/mysqlnd/mysqlnd_debug.c | 2 +- ext/opcache/ZendAccelerator.c | 2 +- ext/opcache/jit/zend_jit_trace.c | 2 +- main/fastcgi.c | 2 +- sapi/phpdbg/phpdbg.c | 2 +- sapi/phpdbg/phpdbg_cmd.c | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/ext/mysqli/mysqli_nonapi.c b/ext/mysqli/mysqli_nonapi.c index e0e14eeccbc92..83b874124df9d 100644 --- a/ext/mysqli/mysqli_nonapi.c +++ b/ext/mysqli/mysqli_nonapi.c @@ -210,7 +210,7 @@ void mysqli_common_connect(INTERNAL_FUNCTION_PARAMETERS, bool is_real_connect, b } while (0); } } else { - plist = calloc(1, sizeof(mysqli_plist_entry)); + plist = pcalloc(1, sizeof(mysqli_plist_entry)); zend_ptr_stack_init_ex(&plist->free_links, 1); zend_register_persistent_resource(ZSTR_VAL(hash_key), ZSTR_LEN(hash_key), plist, php_le_pmysqli()); diff --git a/ext/mysqlnd/mysqlnd_debug.c b/ext/mysqlnd/mysqlnd_debug.c index ff80c620bee14..a68fba66e288b 100644 --- a/ext/mysqlnd/mysqlnd_debug.c +++ b/ext/mysqlnd/mysqlnd_debug.c @@ -688,7 +688,7 @@ static void free_ptr(zval *zv) { PHPAPI MYSQLND_DEBUG * mysqlnd_debug_init(const char * skip_functions[]) { - MYSQLND_DEBUG *ret = calloc(1, sizeof(MYSQLND_DEBUG)); + MYSQLND_DEBUG *ret = pcalloc(1, sizeof(MYSQLND_DEBUG)); ret->nest_level_limit = 0; ret->pid = getpid(); diff --git a/ext/opcache/ZendAccelerator.c b/ext/opcache/ZendAccelerator.c index f597df36e290c..0b67bd1ac0347 100644 --- a/ext/opcache/ZendAccelerator.c +++ b/ext/opcache/ZendAccelerator.c @@ -3307,7 +3307,7 @@ static zend_result accel_post_startup(void) JIT_G(enabled) = false; JIT_G(on) = false; #endif - accel_shared_globals = calloc(1, sizeof(zend_accel_shared_globals)); + accel_shared_globals = pcalloc(1, sizeof(zend_accel_shared_globals)); } /* opcache.file_cache_read_only should only be enabled when all script files are read-only */ diff --git a/ext/opcache/jit/zend_jit_trace.c b/ext/opcache/jit/zend_jit_trace.c index d0f8fabe6e9c1..2ed2b2704b623 100644 --- a/ext/opcache/jit/zend_jit_trace.c +++ b/ext/opcache/jit/zend_jit_trace.c @@ -8996,7 +8996,7 @@ static void zend_jit_trace_reset_caches(void) JIT_G(tracing) = 0; #ifdef ZTS if (!JIT_G(exit_counters)) { - JIT_G(exit_counters) = calloc(JIT_G(max_exit_counters), 1); + JIT_G(exit_counters) = pcalloc(JIT_G(max_exit_counters), 1); } #endif } diff --git a/main/fastcgi.c b/main/fastcgi.c index fb2f80e88de84..7b9515d5a4f2a 100644 --- a/main/fastcgi.c +++ b/main/fastcgi.c @@ -869,7 +869,7 @@ static void fcgi_hook_dummy(void) { fcgi_request *fcgi_init_request(int listen_socket, void(*on_accept)(void), void(*on_read)(void), void(*on_close)(void)) { - fcgi_request *req = calloc(1, sizeof(fcgi_request)); + fcgi_request *req = pcalloc(1, sizeof(fcgi_request)); req->listen_socket = listen_socket; req->fd = -1; req->id = -1; diff --git a/sapi/phpdbg/phpdbg.c b/sapi/phpdbg/phpdbg.c index 2fab31ccb1803..2a6eeb5551655 100644 --- a/sapi/phpdbg/phpdbg.c +++ b/sapi/phpdbg/phpdbg.c @@ -1678,7 +1678,7 @@ int main(int argc, char **argv) /* {{{ */ /* backup globals when cleaning */ if ((cleaning > 0) && !quit_immediately) { - settings = calloc(1, sizeof(zend_phpdbg_globals)); + settings = pcalloc(1, sizeof(zend_phpdbg_globals)); php_phpdbg_globals_ctor(settings); diff --git a/sapi/phpdbg/phpdbg_cmd.c b/sapi/phpdbg/phpdbg_cmd.c index 9877d60de95cb..254891cb10b90 100644 --- a/sapi/phpdbg/phpdbg_cmd.c +++ b/sapi/phpdbg/phpdbg_cmd.c @@ -460,7 +460,7 @@ PHPDBG_API void phpdbg_stack_push(phpdbg_param_t *stack, phpdbg_param_t *param) /* {{{ */ PHPDBG_API void phpdbg_stack_separate(phpdbg_param_t *param) { - phpdbg_param_t *stack = calloc(1, sizeof(phpdbg_param_t)); + phpdbg_param_t *stack = pcalloc(1, sizeof(phpdbg_param_t)); stack->type = STACK_PARAM; stack->next = param->next; From 661b01f7d6398c321625082f25a8af7dbb763898 Mon Sep 17 00:00:00 2001 From: Ilija Tovilo Date: Sat, 30 Aug 2025 22:24:46 +0200 Subject: [PATCH 3/6] Add prealloc API --- TSRM/TSRM.c | 2 +- Zend/zend.c | 2 +- Zend/zend_API.c | 10 +++++----- Zend/zend_inheritance.c | 4 ++-- ext/opcache/zend_accelerator_blacklist.c | 2 +- main/network.c | 6 +++--- main/php_ini.c | 2 +- main/php_ini_builder.h | 2 +- main/streams/php_streams_int.h | 2 +- sapi/phpdbg/phpdbg.c | 2 +- sapi/phpdbg/phpdbg_prompt.c | 2 +- 11 files changed, 18 insertions(+), 18 deletions(-) diff --git a/TSRM/TSRM.c b/TSRM/TSRM.c index 3705e83941f4b..2c7dd7a03a789 100644 --- a/TSRM/TSRM.c +++ b/TSRM/TSRM.c @@ -254,7 +254,7 @@ static void tsrm_update_active_threads(void) if (p->count < id_count) { int j; - p->storage = (void *) realloc(p->storage, sizeof(void *)*id_count); + p->storage = (void *) prealloc(p->storage, sizeof(void *)*id_count); for (j=p->count; jstorage[j] = (void *) (((char*)p) + resource_types_table[j].fast_offset); diff --git a/Zend/zend.c b/Zend/zend.c index c5b5402d11bfd..07d1376048102 100644 --- a/Zend/zend.c +++ b/Zend/zend.c @@ -1300,7 +1300,7 @@ ZEND_API void zend_append_version_info(const zend_extension *extension) /* {{{ * snprintf(new_info, new_info_length, " with %s v%s, %s, by %s\n", extension->name, extension->version, extension->copyright, extension->author); - zend_version_info = (char *) realloc(zend_version_info, zend_version_info_length+new_info_length + 1); + zend_version_info = (char *) prealloc(zend_version_info, zend_version_info_length+new_info_length + 1); strncat(zend_version_info, new_info, new_info_length); zend_version_info_length += new_info_length; free(new_info); diff --git a/Zend/zend_API.c b/Zend/zend_API.c index d65951955946f..3b32e36b77f35 100644 --- a/Zend/zend_API.c +++ b/Zend/zend_API.c @@ -2519,7 +2519,7 @@ ZEND_API void zend_collect_module_handlers(void) /* {{{ */ dl_loaded_count++; } } ZEND_HASH_FOREACH_END(); - module_request_startup_handlers = (zend_module_entry**)realloc( + module_request_startup_handlers = (zend_module_entry**)prealloc( module_request_startup_handlers, sizeof(zend_module_entry*) * (startup_count + 1 + @@ -2531,7 +2531,7 @@ ZEND_API void zend_collect_module_handlers(void) /* {{{ */ module_post_deactivate_handlers = module_request_shutdown_handlers + shutdown_count + 1; module_post_deactivate_handlers[post_deactivate_count] = NULL; /* Cannot reuse module_request_startup_handlers because it is freed in zend_destroy_modules, which happens before zend_unload_modules. */ - modules_dl_loaded = realloc(modules_dl_loaded, sizeof(zend_module_entry*) * (dl_loaded_count + 1)); + modules_dl_loaded = prealloc(modules_dl_loaded, sizeof(zend_module_entry*) * (dl_loaded_count + 1)); modules_dl_loaded[dl_loaded_count] = NULL; startup_count = 0; @@ -2558,7 +2558,7 @@ ZEND_API void zend_collect_module_handlers(void) /* {{{ */ } } ZEND_HASH_FOREACH_END(); - class_cleanup_handlers = (zend_class_entry**)realloc( + class_cleanup_handlers = (zend_class_entry**)prealloc( class_cleanup_handlers, sizeof(zend_class_entry*) * (class_count + 1)); @@ -3101,8 +3101,8 @@ ZEND_API zend_result zend_register_functions(zend_class_entry *scope, const zend zend_flf_capacity *= 2; } /* +1 for NULL terminator */ - zend_flf_handlers = realloc(zend_flf_handlers, (zend_flf_capacity + 1) * sizeof(void *)); - zend_flf_functions = realloc(zend_flf_functions, (zend_flf_capacity + 1) * sizeof(zend_function *)); + zend_flf_handlers = prealloc(zend_flf_handlers, (zend_flf_capacity + 1) * sizeof(void *)); + zend_flf_functions = prealloc(zend_flf_functions, (zend_flf_capacity + 1) * sizeof(zend_function *)); } zend_flf_handlers[zend_flf_count] = flf_info->handler; zend_flf_functions[zend_flf_count] = (zend_function *)reg_function; diff --git a/Zend/zend_inheritance.c b/Zend/zend_inheritance.c index 8679a53e8ff59..1869196c43585 100644 --- a/Zend/zend_inheritance.c +++ b/Zend/zend_inheritance.c @@ -1600,7 +1600,7 @@ static void zend_do_inherit_interfaces(zend_class_entry *ce, const zend_class_en ce_num = ce->num_interfaces; if (ce->type == ZEND_INTERNAL_CLASS) { - ce->interfaces = (zend_class_entry **) realloc(ce->interfaces, sizeof(zend_class_entry *) * (ce_num + if_num)); + ce->interfaces = (zend_class_entry **) prealloc(ce->interfaces, sizeof(zend_class_entry *) * (ce_num + if_num)); } else { ce->interfaces = (zend_class_entry **) erealloc(ce->interfaces, sizeof(zend_class_entry *) * (ce_num + if_num)); } @@ -2238,7 +2238,7 @@ ZEND_API void zend_do_implement_interface(zend_class_entry *ce, zend_class_entry } else { if (ce->num_interfaces >= current_iface_num) { if (ce->type == ZEND_INTERNAL_CLASS) { - ce->interfaces = (zend_class_entry **) realloc(ce->interfaces, sizeof(zend_class_entry *) * (++current_iface_num)); + ce->interfaces = (zend_class_entry **) prealloc(ce->interfaces, sizeof(zend_class_entry *) * (++current_iface_num)); } else { ce->interfaces = (zend_class_entry **) erealloc(ce->interfaces, sizeof(zend_class_entry *) * (++current_iface_num)); } diff --git a/ext/opcache/zend_accelerator_blacklist.c b/ext/opcache/zend_accelerator_blacklist.c index b7ffb164cdd2b..ee260cd105069 100644 --- a/ext/opcache/zend_accelerator_blacklist.c +++ b/ext/opcache/zend_accelerator_blacklist.c @@ -227,7 +227,7 @@ static inline void zend_accel_blacklist_allocate(zend_blacklist *blacklist) { if (blacklist->pos == blacklist->size) { blacklist->size += ZEND_BLACKLIST_BLOCK_SIZE; - blacklist->entries = (zend_blacklist_entry *) realloc(blacklist->entries, sizeof(zend_blacklist_entry)*blacklist->size); + blacklist->entries = (zend_blacklist_entry *) prealloc(blacklist->entries, sizeof(zend_blacklist_entry)*blacklist->size); } } diff --git a/main/network.c b/main/network.c index 79a4cda59f0c8..18c0b7a99c136 100644 --- a/main/network.c +++ b/main/network.c @@ -1293,7 +1293,7 @@ static struct hostent * gethostname_re (const char *host,struct hostent *hostbuf && (errno == ERANGE)) { /* Enlarge the buffer. */ *hstbuflen *= 2; - *tmphstbuf = (char *)realloc (*tmphstbuf,*hstbuflen); + *tmphstbuf = (char *)prealloc (*tmphstbuf,*hstbuflen); } if (res != 0) { @@ -1319,7 +1319,7 @@ static struct hostent * gethostname_re (const char *host,struct hostent *hostbuf && (errno == ERANGE)) { /* Enlarge the buffer. */ *hstbuflen *= 2; - *tmphstbuf = (char *)realloc (*tmphstbuf,*hstbuflen); + *tmphstbuf = (char *)prealloc (*tmphstbuf,*hstbuflen); } return hp; } @@ -1333,7 +1333,7 @@ static struct hostent * gethostname_re (const char *host,struct hostent *hostbuf } else { if (*hstbuflen < sizeof(struct hostent_data)) { *hstbuflen = sizeof(struct hostent_data); - *tmphstbuf = (char *)realloc(*tmphstbuf, *hstbuflen); + *tmphstbuf = (char *)prealloc(*tmphstbuf, *hstbuflen); } } memset((void *)(*tmphstbuf),0,*hstbuflen); diff --git a/main/php_ini.c b/main/php_ini.c index e464c05d1fcc1..85d80c8086dca 100644 --- a/main/php_ini.c +++ b/main/php_ini.c @@ -696,7 +696,7 @@ void php_init_config(void) if (total_l) { size_t php_ini_scanned_files_len = (php_ini_scanned_files) ? strlen(php_ini_scanned_files) + 1 : 0; - php_ini_scanned_files = (char *) realloc(php_ini_scanned_files, php_ini_scanned_files_len + total_l + 1); + php_ini_scanned_files = (char *) prealloc(php_ini_scanned_files, php_ini_scanned_files_len + total_l + 1); if (!php_ini_scanned_files_len) { *php_ini_scanned_files = '\0'; } diff --git a/main/php_ini_builder.h b/main/php_ini_builder.h index 7f5be81c10ac7..e07b838329f49 100644 --- a/main/php_ini_builder.h +++ b/main/php_ini_builder.h @@ -62,7 +62,7 @@ static inline char *php_ini_builder_finish(struct php_ini_builder *b) static inline void php_ini_builder_realloc(struct php_ini_builder *b, size_t delta) { /* reserve enough space for the null terminator */ - b->value = realloc(b->value, b->length + delta + 1); + b->value = prealloc(b->value, b->length + delta + 1); } /** diff --git a/main/streams/php_streams_int.h b/main/streams/php_streams_int.h index de6fb22dcc0cc..5311e5c3167d1 100644 --- a/main/streams/php_streams_int.h +++ b/main/streams/php_streams_int.h @@ -29,7 +29,7 @@ : _erealloc((ptr), (size), 0 ZEND_FILE_LINE_CC ZEND_FILE_LINE_ORIG_RELAY_CC) ) #define pemalloc_rel_orig(size, persistent) ((persistent) ? pmalloc((size)) : emalloc_rel_orig((size))) -#define perealloc_rel_orig(ptr, size, persistent) ((persistent) ? realloc((ptr), (size)) : erealloc_rel_orig((ptr), (size))) +#define perealloc_rel_orig(ptr, size, persistent) ((persistent) ? prealloc((ptr), (size)) : erealloc_rel_orig((ptr), (size))) #else # define pemalloc_rel_orig(size, persistent) pemalloc((size), (persistent)) # define perealloc_rel_orig(ptr, size, persistent) perealloc((ptr), (size), (persistent)) diff --git a/sapi/phpdbg/phpdbg.c b/sapi/phpdbg/phpdbg.c index 2a6eeb5551655..5145ad8c5f6a3 100644 --- a/sapi/phpdbg/phpdbg.c +++ b/sapi/phpdbg/phpdbg.c @@ -1208,7 +1208,7 @@ int main(int argc, char **argv) /* {{{ */ case 'z': zend_extensions_len++; if (zend_extensions_list) { - zend_extensions_list = realloc(zend_extensions_list, sizeof(char*) * zend_extensions_len); + zend_extensions_list = prealloc(zend_extensions_list, sizeof(char*) * zend_extensions_len); } else { zend_extensions_list = pmalloc(sizeof(char*) * zend_extensions_len); } diff --git a/sapi/phpdbg/phpdbg_prompt.c b/sapi/phpdbg/phpdbg_prompt.c index 7215888cb25ec..5a5570f0dae02 100644 --- a/sapi/phpdbg/phpdbg_prompt.c +++ b/sapi/phpdbg/phpdbg_prompt.c @@ -219,7 +219,7 @@ static void phpdbg_line_init(char *cmd, struct phpdbg_init_state *state) { if (state->code == NULL) { state->code = malloc(cmd_len + 1); } else { - state->code = realloc(state->code, state->code_len + cmd_len + 1); + state->code = prealloc(state->code, state->code_len + cmd_len + 1); } if (state->code) { From f1a68c410cb6edcec36fd49f39472d29e75ee01e Mon Sep 17 00:00:00 2001 From: Ilija Tovilo Date: Sat, 30 Aug 2025 22:29:40 +0200 Subject: [PATCH 4/6] Add returns_nonnull attribute to pmalloc API --- Zend/zend_alloc.h | 8 ++++---- Zend/zend_portability.h | 6 ++++++ 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/Zend/zend_alloc.h b/Zend/zend_alloc.h index 8b8235823aef0..52d05e5d5d7cb 100644 --- a/Zend/zend_alloc.h +++ b/Zend/zend_alloc.h @@ -179,11 +179,11 @@ ZEND_API void ZEND_FASTCALL _efree_huge(void *, size_t size); #define estrndup_rel(s, length) _estrndup((s), (length) ZEND_FILE_LINE_RELAY_CC ZEND_FILE_LINE_CC) #define zend_mem_block_size_rel(ptr) _zend_mem_block_size((ptr) ZEND_FILE_LINE_RELAY_CC ZEND_FILE_LINE_CC) -ZEND_API ZEND_ATTRIBUTE_MALLOC void * __zend_malloc(size_t len ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC) ZEND_ATTRIBUTE_ALLOC_SIZE(1); -ZEND_API ZEND_ATTRIBUTE_MALLOC void * __zend_calloc(size_t nmemb, size_t len ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC) ZEND_ATTRIBUTE_ALLOC_SIZE2(1,2); -ZEND_API void * __zend_realloc(void *p, size_t len ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC) ZEND_ATTRIBUTE_ALLOC_SIZE(2); +ZEND_API ZEND_ATTRIBUTE_MALLOC ZEND_RETURNS_NONNULL void * __zend_malloc(size_t len ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC) ZEND_ATTRIBUTE_ALLOC_SIZE(1); +ZEND_API ZEND_ATTRIBUTE_MALLOC ZEND_RETURNS_NONNULL void * __zend_calloc(size_t nmemb, size_t len ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC) ZEND_ATTRIBUTE_ALLOC_SIZE2(1,2); +ZEND_API ZEND_RETURNS_NONNULL void * __zend_realloc(void *p, size_t len ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC) ZEND_ATTRIBUTE_ALLOC_SIZE(2); ZEND_API void __zend_free(void *p ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC); -ZEND_API ZEND_ATTRIBUTE_MALLOC char * __zend_strdup(const char *s); +ZEND_API ZEND_RETURNS_NONNULL ZEND_ATTRIBUTE_MALLOC char * __zend_strdup(const char *s); #define pmalloc(size) (__zend_malloc(size ZEND_FILE_LINE_CC ZEND_FILE_LINE_EMPTY_CC)) #define pcalloc(nmemb, size) (__zend_calloc((nmemb), (size) ZEND_FILE_LINE_CC ZEND_FILE_LINE_EMPTY_CC)) diff --git a/Zend/zend_portability.h b/Zend/zend_portability.h index 277204260ce82..2b5be65f15762 100644 --- a/Zend/zend_portability.h +++ b/Zend/zend_portability.h @@ -792,6 +792,12 @@ extern "C++" { # define ZEND_NONSTRING #endif +#if __has_attribute(returns_nonnull) +# define ZEND_RETURNS_NONNULL __attribute__((returns_nonnull)) +#else +# define ZEND_RETURNS_NONNULL +#endif + #define __ZEND_DO_PRAGMA(x) _Pragma(#x) #define _ZEND_DO_PRAGMA(x) __ZEND_DO_PRAGMA(x) #if defined(__clang__) From ec215d6f77df9383c852588bee87489d01eea41e Mon Sep 17 00:00:00 2001 From: Ilija Tovilo Date: Tue, 2 Sep 2025 19:07:06 +0200 Subject: [PATCH 5/6] Fix missing header --- TSRM/TSRM.c | 1 + 1 file changed, 1 insertion(+) diff --git a/TSRM/TSRM.c b/TSRM/TSRM.c index 2c7dd7a03a789..c0fc8cc8bbe91 100644 --- a/TSRM/TSRM.c +++ b/TSRM/TSRM.c @@ -11,6 +11,7 @@ */ #include "TSRM.h" +#include "zend_alloc.h" #ifdef ZTS From 8406626ee0bc052767479be860ed5719f54b80ca Mon Sep 17 00:00:00 2001 From: Ilija Tovilo Date: Tue, 2 Sep 2025 19:28:29 +0200 Subject: [PATCH 6/6] Revert bison changes OOM is already handled by bison. --- ext/json/json_parser.y | 2 +- sapi/phpdbg/phpdbg_parser.y | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ext/json/json_parser.y b/ext/json/json_parser.y index 1b217b886da2e..d570cddc91e4b 100644 --- a/ext/json/json_parser.y +++ b/ext/json/json_parser.y @@ -27,7 +27,7 @@ int json_yydebug = 1; #endif #ifdef _MSC_VER -#define YYMALLOC pmalloc +#define YYMALLOC malloc #define YYFREE free #endif diff --git a/sapi/phpdbg/phpdbg_parser.y b/sapi/phpdbg/phpdbg_parser.y index 12a06140837bd..50cb93f05f6f0 100644 --- a/sapi/phpdbg/phpdbg_parser.y +++ b/sapi/phpdbg/phpdbg_parser.y @@ -28,7 +28,7 @@ static int yyerror(const char *msg); ZEND_EXTERN_MODULE_GLOBALS(phpdbg) #ifdef _MSC_VER -#define YYMALLOC pmalloc +#define YYMALLOC malloc #define YYFREE free #endif