Skip to content

Commit

Permalink
Configurable serialization/deserialization depth (#463)
Browse files Browse the repository at this point in the history
  • Loading branch information
@lstrojny
lstrojny authored Aug 17, 2023
1 parent 6c98bf1 commit f5eaf8a
Show file tree
Hide file tree
Showing 4 changed files with 54 additions and 25 deletions.
30 changes: 29 additions & 1 deletion amqp.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -217,19 +217,47 @@ PHP_INI_BEGIN()
PHP_INI_ENTRY("amqp.cert", DEFAULT_CERT, PHP_INI_ALL, NULL)
PHP_INI_ENTRY("amqp.key", DEFAULT_KEY, PHP_INI_ALL, NULL)
PHP_INI_ENTRY("amqp.verify", DEFAULT_VERIFY, PHP_INI_ALL, NULL)
PHP_INI_ENTRY("amqp.sasl_method", (const char *) DEFAULT_SASL_METHOD, PHP_INI_ALL, NULL)
PHP_INI_ENTRY("amqp.sasl_method", PHP_AMQP_STRINGIFY(DEFAULT_SASL_METHOD), PHP_INI_ALL, NULL)
STD_PHP_INI_ENTRY(
"amqp.serialization_depth",
DEFAULT_SERIALIZATION_DEPTH,
PHP_INI_ALL,
OnUpdateLongGEZero,
serialization_depth,
zend_amqp_globals,
amqp_globals
)
STD_PHP_INI_ENTRY(
"amqp.deserialization_depth",
DEFAULT_SERIALIZATION_DEPTH,
PHP_INI_ALL,
OnUpdateLongGEZero,
deserialization_depth,
zend_amqp_globals,
amqp_globals
)
PHP_INI_END()

ZEND_DECLARE_MODULE_GLOBALS(amqp)

static PHP_GINIT_FUNCTION(amqp) /* {{{ */
{
#if defined(COMPILE_DL_AMQP) && defined(ZTS)
ZEND_TSRMLS_CACHE_UPDATE();
#endif

memset(amqp_globals, 0, sizeof(*amqp_globals));

amqp_globals->error_message = NULL;
amqp_globals->error_code = 0;
} /* }}} */

static PHP_MINIT_FUNCTION(amqp) /* {{{ */
{
#if defined(COMPILE_DL_AMQP) && defined(ZTS)
ZEND_TSRMLS_CACHE_UPDATE();
#endif

zend_class_entry ce;

/* Set up the connection resource */
Expand Down
22 changes: 11 additions & 11 deletions amqp_basic_properties.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,9 +60,9 @@
#include "amqp_timestamp.h"
#include "amqp_decimal.h"

void php_amqp_basic_properties_table_to_zval_internal(amqp_table_t *table, zval *result, uint8_t depth);
void php_amqp_basic_properties_array_to_zval_internal(amqp_array_t *array, zval *result, uint8_t depth);
bool php_amqp_basic_properties_value_to_zval_internal(amqp_field_value_t *value, zval *result, uint8_t depth);
void php_amqp_basic_properties_table_to_zval_internal(amqp_table_t *table, zval *result, zend_ulong depth);
void php_amqp_basic_properties_array_to_zval_internal(amqp_array_t *array, zval *result, zend_ulong depth);
bool php_amqp_basic_properties_value_to_zval_internal(amqp_field_value_t *value, zval *result, zend_ulong depth);

zend_class_entry *amqp_basic_properties_class_entry;
#define this_ce amqp_basic_properties_class_entry
Expand Down Expand Up @@ -562,14 +562,14 @@ PHP_MINIT_FUNCTION(amqp_basic_properties)
return SUCCESS;
}

bool php_amqp_basic_properties_value_to_zval_internal(amqp_field_value_t *value, zval *result, uint8_t depth)
bool php_amqp_basic_properties_value_to_zval_internal(amqp_field_value_t *value, zval *result, zend_ulong depth)
{
if (depth >= PHP_AMQP_RECURSION_DEPTH_LIMIT) {
if (depth > PHP_AMQP_G(deserialization_depth)) {
zend_throw_exception_ex(
amqp_exception_class_entry,
0,
"Recursion depth limit of %d reached while serializing value",
PHP_AMQP_RECURSION_DEPTH_LIMIT
"Maximum deserialization depth limit of %ld reached while deserializing value",
PHP_AMQP_G(deserialization_depth)
);
return 0;
}
Expand Down Expand Up @@ -693,23 +693,23 @@ bool php_amqp_basic_properties_value_to_zval_internal(amqp_field_value_t *value,
return 1;
}

void php_amqp_basic_properties_array_to_zval_internal(amqp_array_t *array, zval *result, uint8_t depth)
void php_amqp_basic_properties_array_to_zval_internal(amqp_array_t *array, zval *result, zend_ulong depth)
{
assert(Z_TYPE_P(result) == IS_ARRAY);

int i;
for (i = 0; i < array->num_entries; ++i) {
zval result_nested;
ZVAL_UNDEF(&result_nested);
if (php_amqp_basic_properties_value_to_zval_internal(&(array->entries[i]), &result_nested, depth)) {
if (php_amqp_basic_properties_value_to_zval_internal(&(array->entries[i]), &result_nested, depth + 1)) {
add_next_index_zval(result, &result_nested);
} else if (!Z_ISUNDEF(result_nested)) {
zval_ptr_dtor(&result_nested);
}
}
}

void php_amqp_basic_properties_table_to_zval_internal(amqp_table_t *table, zval *result, uint8_t depth)
void php_amqp_basic_properties_table_to_zval_internal(amqp_table_t *table, zval *result, zend_ulong depth)
{
int i;
zval result_nested;
Expand All @@ -719,7 +719,7 @@ void php_amqp_basic_properties_table_to_zval_internal(amqp_table_t *table, zval
for (i = 0; i < table->num_entries; ++i) {
amqp_table_entry_t *entry = &(table->entries[i]);
ZVAL_UNDEF(&result_nested);
if (php_amqp_basic_properties_value_to_zval_internal(&(entry->value), &result_nested, depth)) {
if (php_amqp_basic_properties_value_to_zval_internal(&(entry->value), &result_nested, depth + 1)) {
char *key = estrndup(entry->key.bytes, (unsigned) entry->key.len);
add_assoc_zval(result, key, &result_nested);
efree(key);
Expand Down
22 changes: 11 additions & 11 deletions amqp_type.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,10 +41,10 @@

static void php_amqp_type_free_amqp_array_internal(amqp_array_t *array);
static void php_amqp_type_free_amqp_table_internal(amqp_table_t *object, bool clear_root);
void php_amqp_type_internal_zval_to_amqp_array(zval *value, amqp_array_t *arguments, uint8_t depth);
void php_amqp_type_zval_to_amqp_container_internal(zval *array, amqp_field_value_t **field, uint8_t depth);
void php_amqp_type_zval_to_amqp_table_internal(zval *array, amqp_table_t *amqp_table, uint8_t depth);
bool php_amqp_zval_to_amqp_value_internal(zval *value, amqp_field_value_t **field_ptr, char *key, uint8_t depth);
void php_amqp_type_internal_zval_to_amqp_array(zval *value, amqp_array_t *arguments, zend_ulong depth);
void php_amqp_type_zval_to_amqp_container_internal(zval *array, amqp_field_value_t **field, zend_ulong depth);
void php_amqp_type_zval_to_amqp_table_internal(zval *array, amqp_table_t *amqp_table, zend_ulong depth);
bool php_amqp_zval_to_amqp_value_internal(zval *value, amqp_field_value_t **field_ptr, char *key, zend_ulong depth);

amqp_bytes_t php_amqp_type_char_to_amqp_long(char const *cstr, size_t len)
{
Expand Down Expand Up @@ -83,7 +83,7 @@ char *php_amqp_type_amqp_bytes_to_char(amqp_bytes_t bytes)
return res;
}

void php_amqp_type_zval_to_amqp_container_internal(zval *array, amqp_field_value_t **field, uint8_t depth)
void php_amqp_type_zval_to_amqp_container_internal(zval *array, amqp_field_value_t **field, zend_ulong depth)
{
HashTable *ht;
zend_string *key;
Expand All @@ -108,7 +108,7 @@ void php_amqp_type_zval_to_amqp_container_internal(zval *array, amqp_field_value
}
}

void php_amqp_type_zval_to_amqp_table_internal(zval *array, amqp_table_t *amqp_table, uint8_t depth)
void php_amqp_type_zval_to_amqp_table_internal(zval *array, amqp_table_t *amqp_table, zend_ulong depth)
{
HashTable *ht;
zval *value_nested;
Expand Down Expand Up @@ -163,7 +163,7 @@ void php_amqp_type_zval_to_amqp_table_internal(zval *array, amqp_table_t *amqp_t
ZEND_HASH_FOREACH_END();
}

void php_amqp_type_internal_zval_to_amqp_array(zval *value, amqp_array_t *arguments, uint8_t depth)
void php_amqp_type_internal_zval_to_amqp_array(zval *value, amqp_array_t *arguments, zend_ulong depth)
{
HashTable *ht;

Expand All @@ -190,18 +190,18 @@ void php_amqp_type_internal_zval_to_amqp_array(zval *value, amqp_array_t *argume
ZEND_HASH_FOREACH_END ();
}

bool php_amqp_zval_to_amqp_value_internal(zval *value, amqp_field_value_t **field_ptr, char *key, uint8_t depth)
bool php_amqp_zval_to_amqp_value_internal(zval *value, amqp_field_value_t **field_ptr, char *key, zend_ulong depth)
{
bool result;
char type[16];
amqp_field_value_t *field;

if (depth >= PHP_AMQP_RECURSION_DEPTH_LIMIT) {
if (depth > PHP_AMQP_G(serialization_depth)) {
zend_throw_exception_ex(
amqp_exception_class_entry,
0,
"Recursion depth limit of %d reached while serializing value",
PHP_AMQP_RECURSION_DEPTH_LIMIT
"Maximum serialization depth of %ld reached while serializing value",
PHP_AMQP_G(serialization_depth)
);
return 0;
}
Expand Down
5 changes: 3 additions & 2 deletions php_amqp.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -256,15 +256,14 @@ struct _amqp_connection_object {
#define PHP_AMQP_STRINGIFY(value) PHP_AMQP_TO_STRING(value)
#define PHP_AMQP_TO_STRING(value) #value


#define DEFAULT_CHANNEL_MAX PHP_AMQP_STRINGIFY(PHP_AMQP_MAX_CHANNELS)
#define DEFAULT_FRAME_MAX PHP_AMQP_STRINGIFY(PHP_AMQP_DEFAULT_FRAME_MAX)
#define DEFAULT_HEARTBEAT PHP_AMQP_STRINGIFY(PHP_AMQP_DEFAULT_HEARTBEAT)
#define DEFAULT_CACERT ""
#define DEFAULT_CERT ""
#define DEFAULT_KEY ""
#define DEFAULT_VERIFY "1"

#define DEFAULT_SERIALIZATION_DEPTH "128"

#define IS_PASSIVE(bitmask) (AMQP_PASSIVE & (bitmask)) ? 1 : 0
#define IS_DURABLE(bitmask) (AMQP_DURABLE & (bitmask)) ? 1 : 0
Expand Down Expand Up @@ -418,6 +417,8 @@ static inline amqp_channel_object *php_amqp_channel_object_fetch(zend_object *ob
ZEND_BEGIN_MODULE_GLOBALS(amqp)
char *error_message;
zend_long error_code;
zend_long deserialization_depth;
zend_long serialization_depth;
ZEND_END_MODULE_GLOBALS(amqp)

ZEND_EXTERN_MODULE_GLOBALS(amqp)
Expand Down

0 comments on commit f5eaf8a

Please sign in to comment.