Php::Value objects could crash if comparing non-string values with st…

…rings, fixes #524
CopernicaMarketingSoftware · Apr 20, 2024 · 3cee025 · 3cee025
1 parent f9fe7a9
commit 3cee025
Show file tree

Hide file tree

Showing 2 changed files with 40 additions and 6 deletions.
diff --git a/include/value.h b/include/value.h
@@ -335,12 +335,12 @@ class PHPCPP_EXPORT Value : private HashParent
      *  Comparison operators for hardcoded strings
      *  @param  value
      */
-    bool operator==(const char *value) const { return ::strcmp(rawValue(), value) == 0; }
-    bool operator!=(const char *value) const { return ::strcmp(rawValue(), value) != 0; }
-    bool operator<=(const char *value) const { return ::strcmp(rawValue(), value) <= 0; }
-    bool operator>=(const char *value) const { return ::strcmp(rawValue(), value) >= 0; }
-    bool operator< (const char *value) const { return ::strcmp(rawValue(), value) <  0; }
-    bool operator> (const char *value) const { return ::strcmp(rawValue(), value) >  0; }
+    bool operator==(const char *value) const { return strcmp(value) == 0; }
+    bool operator!=(const char *value) const { return strcmp(value) != 0; }
+    bool operator<=(const char *value) const { return strcmp(value) <= 0; }
+    bool operator>=(const char *value) const { return strcmp(value) >= 0; }
+    bool operator< (const char *value) const { return strcmp(value) <  0; }
+    bool operator> (const char *value) const { return strcmp(value) >  0; }
 
     /**
      *  Comparison operators for hardcoded Value
@@ -424,6 +424,13 @@ class PHPCPP_EXPORT Value : private HashParent
      */
     const char *rawValue() const;
 
+    /**
+     *  Helper function for string comparison
+     *  @param  value
+     *  @return int
+     */
+    int strcmp(const char *value) const;
+
     /**
      *  Retrieve the value as number
      *

diff --git a/zend/value.cpp b/zend/value.cpp
@@ -1334,6 +1334,33 @@ const char *Value::rawValue() const
     return nullptr;
 }
 
+/**
+ *  Helper function for string comparison
+ *  @param  value
+ *  @return int
+ */
+int Value::strcmp(const char *value) const
+{
+    // we need the string representation
+    zend_string *s  = zval_get_string(_val);
+
+    // remember size of the two strings
+    size_t valuelen = ::strlen(value);
+    size_t slen = ZSTR_LEN(s);
+
+    // get the result for comparing the initial, overlapping, bytes
+    auto result = strncmp(ZSTR_VAL(s), value, std::min(valuelen, slen));
+
+    // we no longer need the string
+    zend_string_release(s);
+
+    // if there are differences, we can expose thosw
+    if (result != 0) return result;
+
+    // the shorter string comes first
+    return slen - valuelen;
+}
+
 /**
  *  Retrieve the value as decimal
  *  @return double