-
Notifications
You must be signed in to change notification settings - Fork 8k
Do not copy the normalized URI when cloning RFC 3986 URIs - alternative approach #19744
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Closed
+15
−8
Closed
Changes from all commits
Commits
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -990,7 +990,13 @@ zend_object *uri_clone_obj_handler(zend_object *object) | |
|
||
new_uri_object->internal.parser = internal_uri->parser; | ||
|
||
void *uri = internal_uri->parser->clone_uri(internal_uri->uri); | ||
zend_execute_data *execute_data = EG(current_execute_data); | ||
bool is_clone_op = execute_data != NULL && | ||
execute_data->func && | ||
ZEND_USER_CODE(execute_data->func->type) && | ||
execute_data->opline != NULL && | ||
execute_data->opline->opcode == ZEND_CLONE; | ||
void *uri = internal_uri->parser->clone_uri(internal_uri->uri, is_clone_op == false); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This way the extra check affects all URI parsers - so the above check could be directly added to the clone_uri handler of RFC 3986... 🤔 |
||
ZEND_ASSERT(uri != NULL); | ||
|
||
new_uri_object->internal.uri = uri; | ||
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please no, I object against these kinds of hacks. This might also not work well with the clone-as-function feature.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
:( alright
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is there any other solution you can see that achieves similar result? The only thing I can is to set a global variable before cloning that the RFC 3986 implementation could check. But I guess this is also going to be considered hacky :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would assume that
uri_clone_obj_handler()
is always called byclone
, and introduce a separate function with extra arguments for other use-cases.uri_clone_obj_handler()
can call the new function.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, that is a reasonable assumption, however Tim has just changed the code of the withers to call the clone obj handler instead of directly calling
uri_clone_obj_handler()
(https://github.com/php/php-src/pull/19649/files#diff-5b8085788a05a46216af5a9b0c9db7e47351d41f3550952d497ba3d54922be15L92). He did this so that the chance of calling the improper clone obj handler is eliminated, and this also makes sense at the first sight, but now that I think about it again,uri_write_component_ex
is not public code, and it's only used by PHP's own implementations... So I guess we could assume that uri_clone_obj_handler() can be called directly.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It is still unclear to me, why we try to add this amount of complexity to the C code, when my previous suggestion of “just don't clone the normalized URI, because it's very likely to be invalidated” would be obviously correct. As part of my cleanup and review of ext/uri, I've fixed more one one case of memory unsafety.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You're doing too much premature optimization here. Go for the simple solution of Tim where we just don't copy the normalized URI. It's going to be much easier and less error-prone.
If you find in a (realistic) benchmark that it does matter, you can come up with a solution. But keep it simple at first and only when numbers show it you should optimize.
Uh oh!
There was an error while loading. Please reload this page.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The change to properly copy normalized URIs when needed didn't seem complex to me: we could go back using
uri_clone_obj_handler()
insideuri_write_component_ex()
and then we could pass false/true depending on the use-case (by using Arnaud's suggestion).Yes, this improves the situation for only a small minority of use-cases, but for them, it's a huge improvement not to have to reparse the whole URI. Of course, real world benchmarks won't reveal this, unless I deliberately start cloning URIs like crazy for whatever reason.
In my opinion, this warrants the extra care. Not missing this opportunity seems more vital for me than optimizing other smaller details like converting
zend_string_release()
calls tozend_string_release_ex()
.With all that said, if you both agree that we shouldn't take care of this usecase, then I'll accept and respect your decision, and close this PR.
Uh oh!
There was an error while loading. Please reload this page.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
FWIW: I also agree with that. For me it's needless mental load that all these variants exist and just always use
zend_string_release()
. Doing C correctly itself is already complicated enough.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah and what I also wanted to add: One issue I'm having here is that this would be adding another parameter to the API that only matters for one of the implementations, similarly to the
errors
parameter existing only for WhatWg. The current implementation tries to use generic helpers for something that differs in detail, leading to combinatorial explosion of (boolean) parameters in those helpers.