php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #79432 spl_autoload_call() with non-string argument violates assertion
Submitted: 2020-03-30 07:11 UTC Modified: 2020-04-27 14:18 UTC
From: wxhusst at gmail dot com Assigned:
Status: Closed Package: SPL related
PHP Version: master-Git-2020-03-30 (Git) OS: *
Private report: No CVE-ID: None
 [2020-03-30 07:11 UTC] wxhusst at gmail dot com
Description:
------------
/mnt/d/work/fuzz/php-src/ext/spl/php_spl.c:401: void zif_spl_autoload_call(zend_execute_data *, zval *): Assertion `(executor_globals.exception)' failed.

Test script:
---------------
<?php
$a = NULL;
$b = spl_autoload_call($a,);
?>

Expected result:
----------------
normal

Actual result:
--------------
assert crash

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2020-03-30 07:13 UTC] stas@php.net
-Type: Security +Type: Bug
 [2020-03-30 08:19 UTC] cmb@php.net
-Summary: /mnt/d/work/fuzz/php-src/ext/spl/php_spl.c:401: void zif_spl_autoload_call(zend +Summary: spl_autoload_call() with non-string argument violates assertion -Status: Open +Status: Verified -Operating System: linux +Operating System: *
 [2020-03-30 08:24 UTC] nikic@php.net
We should move the string check into zpp, yes. The internal autoloading mechanism is always going to pass a string, so there seems to be no reason to silently ignore non-strings.
 [2020-04-27 04:46 UTC] laruence@php.net
according to PSR-4, autoload function should never throw exception, so I think the RETURN_THROW should be fixed instead.
 [2020-04-27 14:18 UTC] nikic@php.net
@laruence: Throwing in autoloader is fine in general, you just shouldn't throw if the class has not been found. But things like "loaded file has syntax error" or "passed argument is not a string" can still throw.
 [2020-04-27 14:22 UTC] nikic@php.net
Automatic comment on behalf of nikita.ppv@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=16e9d74f078c48eb62afc97a29fa30d1969cc7fd
Log: Fixed bug #79432
 [2020-04-27 14:22 UTC] nikic@php.net
-Status: Verified +Status: Closed
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Sat Nov 28 00:01:24 2020 UTC