Coverage Report

Created: 2025-06-13 06:43

/src/php-src/Zend/zend_object_handlers.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
   +----------------------------------------------------------------------+
3
   | Zend Engine                                                          |
4
   +----------------------------------------------------------------------+
5
   | Copyright (c) Zend Technologies Ltd. (http://www.zend.com)           |
6
   +----------------------------------------------------------------------+
7
   | This source file is subject to version 2.00 of the Zend license,     |
8
   | that is bundled with this package in the file LICENSE, and is        |
9
   | available through the world-wide-web at the following url:           |
10
   | http://www.zend.com/license/2_00.txt.                                |
11
   | If you did not receive a copy of the Zend license and are unable to  |
12
   | obtain it through the world-wide-web, please send a note to          |
13
   | license@zend.com so we can mail you a copy immediately.              |
14
   +----------------------------------------------------------------------+
15
   | Authors: Andi Gutmans <andi@php.net>                                 |
16
   |          Zeev Suraski <zeev@php.net>                                 |
17
   |          Dmitry Stogov <dmitry@php.net>                              |
18
   +----------------------------------------------------------------------+
19
*/
20
21
#include "zend.h"
22
#include "zend_globals.h"
23
#include "zend_lazy_objects.h"
24
#include "zend_variables.h"
25
#include "zend_API.h"
26
#include "zend_objects.h"
27
#include "zend_objects_API.h"
28
#include "zend_object_handlers.h"
29
#include "zend_interfaces.h"
30
#include "zend_exceptions.h"
31
#include "zend_closures.h"
32
#include "zend_compile.h"
33
#include "zend_hash.h"
34
#include "zend_property_hooks.h"
35
#include "zend_observer.h"
36
37
#define DEBUG_OBJECT_HANDLERS 0
38
39
551
#define ZEND_WRONG_PROPERTY_OFFSET   0
40
3.01k
#define ZEND_HOOKED_PROPERTY_OFFSET 1
41
42
/* guard flags */
43
5.48k
#define IN_GET    ZEND_GUARD_PROPERTY_GET
44
2.54k
#define IN_SET    ZEND_GUARD_PROPERTY_SET
45
323
#define IN_UNSET  ZEND_GUARD_PROPERTY_UNSET
46
1.10k
#define IN_ISSET  ZEND_GUARD_PROPERTY_ISSET
47
#define IN_HOOK   ZEND_GUARD_PROPERTY_HOOK
48
49
static zend_always_inline bool zend_objects_check_stack_limit(void)
50
802
{
51
802
#ifdef ZEND_CHECK_STACK_LIMIT
52
802
  return zend_call_stack_overflowed(EG(stack_limit));
53
#else
54
  return false;
55
#endif
56
802
}
57
58
/*
59
  __X accessors explanation:
60
61
  if we have __get and property that is not part of the properties array is
62
  requested, we call __get handler. If it fails, we return uninitialized.
63
64
  if we have __set and property that is not part of the properties array is
65
  set, we call __set handler. If it fails, we do not change the array.
66
67
  for both handlers above, when we are inside __get/__set, no further calls for
68
  __get/__set for this property of this object will be made, to prevent endless
69
  recursion and enable accessors to change properties array.
70
71
  if we have __call and method which is not part of the class function table is
72
  called, we cal __call handler.
73
*/
74
75
ZEND_API HashTable *rebuild_object_properties_internal(zend_object *zobj) /* {{{ */
76
790k
{
77
790k
  if (!zobj->properties) {
78
790k
    zend_property_info *prop_info;
79
790k
    zend_class_entry *ce = zobj->ce;
80
790k
    int i;
81
82
790k
    zobj->properties = zend_new_array(ce->default_properties_count);
83
790k
    if (ce->default_properties_count) {
84
149k
      zend_hash_real_init_mixed(zobj->properties);
85
1.15M
      for (i = 0; i < ce->default_properties_count; i++) {
86
1.00M
        prop_info = ce->properties_info_table[i];
87
88
1.00M
        if (!prop_info) {
89
129
          continue;
90
129
        }
91
92
1.00M
        if (UNEXPECTED(Z_TYPE_P(OBJ_PROP(zobj, prop_info->offset)) == IS_UNDEF)) {
93
2.50k
          HT_FLAGS(zobj->properties) |= HASH_FLAG_HAS_EMPTY_IND;
94
2.50k
        }
95
96
1.00M
        _zend_hash_append_ind(zobj->properties, prop_info->name,
97
1.00M
          OBJ_PROP(zobj, prop_info->offset));
98
1.00M
      }
99
149k
    }
100
790k
  }
101
102
790k
  return zobj->properties;
103
790k
}
104
/* }}} */
105
106
/* Implements the fast path for array cast */
107
ZEND_API HashTable *zend_std_build_object_properties_array(zend_object *zobj) /* {{{ */
108
118
{
109
118
  zend_property_info *prop_info;
110
118
  zend_class_entry *ce = zobj->ce;
111
118
  HashTable *ht;
112
118
  zval* prop;
113
118
  int i;
114
115
118
  ZEND_ASSERT(!(zend_object_is_lazy_proxy(zobj) && zend_lazy_object_initialized(zobj)));
116
118
  ZEND_ASSERT(!zobj->properties);
117
118
  ht = zend_new_array(ce->default_properties_count);
118
118
  if (ce->default_properties_count) {
119
74
    zend_hash_real_init_mixed(ht);
120
183
    for (i = 0; i < ce->default_properties_count; i++) {
121
109
      prop_info = ce->properties_info_table[i];
122
123
109
      if (!prop_info) {
124
0
        continue;
125
0
      }
126
127
109
      prop = OBJ_PROP(zobj, prop_info->offset);
128
109
      if (UNEXPECTED(Z_TYPE_P(prop) == IS_UNDEF)) {
129
43
        continue;
130
43
      }
131
132
66
      if (Z_ISREF_P(prop) && Z_REFCOUNT_P(prop) == 1) {
133
10
        prop = Z_REFVAL_P(prop);
134
10
      }
135
136
66
      Z_TRY_ADDREF_P(prop);
137
66
      _zend_hash_append(ht, prop_info->name, prop);
138
66
    }
139
74
  }
140
118
  return ht;
141
118
}
142
/* }}} */
143
144
ZEND_API HashTable *zend_std_get_properties(zend_object *zobj) /* {{{ */
145
1.75M
{
146
1.75M
  return zend_std_get_properties_ex(zobj);
147
1.75M
}
148
/* }}} */
149
150
/* Fetch properties HashTable without triggering lazy initialization */
151
ZEND_API HashTable *zend_get_properties_no_lazy_init(zend_object *zobj)
152
975
{
153
975
  if (zobj->handlers->get_properties == zend_std_get_properties) {
154
975
    if (UNEXPECTED(zend_object_is_lazy_proxy(zobj)
155
975
        && zend_lazy_object_initialized(zobj))) {
156
27
      zend_object *instance = zend_lazy_object_get_instance(zobj);
157
27
      return zend_get_properties_no_lazy_init(instance);
158
27
    }
159
160
948
    if (!zobj->properties) {
161
647
      rebuild_object_properties_internal(zobj);
162
647
    }
163
948
    return zobj->properties;
164
975
  }
165
166
0
  ZEND_ASSERT(!zend_object_is_lazy(zobj));
167
168
0
  return zobj->handlers->get_properties(zobj);
169
0
}
170
171
ZEND_API HashTable *zend_std_get_gc(zend_object *zobj, zval **table, int *n) /* {{{ */
172
940k
{
173
940k
  if (zobj->handlers->get_properties != zend_std_get_properties) {
174
0
    *table = NULL;
175
0
    *n = 0;
176
0
    return zobj->handlers->get_properties(zobj);
177
940k
  } else {
178
940k
    if (UNEXPECTED(zend_object_is_lazy(zobj))) {
179
1.78k
      return zend_lazy_object_get_gc(zobj, table, n);
180
938k
    } else if (zobj->properties) {
181
852k
      *table = NULL;
182
852k
      *n = 0;
183
852k
      return zobj->properties;
184
852k
    } else {
185
85.7k
      *table = zobj->properties_table;
186
85.7k
      *n = zobj->ce->default_properties_count;
187
85.7k
      return NULL;
188
85.7k
    }
189
940k
  }
190
940k
}
191
/* }}} */
192
193
ZEND_API HashTable *zend_std_get_debug_info(zend_object *object, int *is_temp) /* {{{ */
194
7.88k
{
195
7.88k
  zend_class_entry *ce = object->ce;
196
7.88k
  zval retval;
197
7.88k
  HashTable *ht;
198
199
7.88k
  if (!ce->__debugInfo) {
200
7.61k
    if (UNEXPECTED(zend_object_is_lazy(object))) {
201
975
      return zend_lazy_object_debug_info(object, is_temp);
202
975
    }
203
204
6.64k
    *is_temp = 0;
205
6.64k
    return object->handlers->get_properties(object);
206
7.61k
  }
207
208
265
  zend_call_known_instance_method_with_0_params(ce->__debugInfo, object, &retval);
209
265
  if (UNEXPECTED(Z_ISREF(retval))) {
210
5
    zend_unwrap_reference(&retval);
211
5
  }
212
265
  if (Z_TYPE(retval) == IS_ARRAY) {
213
250
    if (!Z_REFCOUNTED(retval)) {
214
20
      *is_temp = 1;
215
20
      return zend_array_dup(Z_ARRVAL(retval));
216
230
    } else if (Z_REFCOUNT(retval) <= 1) {
217
230
      *is_temp = 1;
218
230
      ht = Z_ARR(retval);
219
230
      return ht;
220
230
    } else {
221
0
      *is_temp = 0;
222
0
      zval_ptr_dtor(&retval);
223
0
      return Z_ARRVAL(retval);
224
0
    }
225
250
  } else if (Z_TYPE(retval) == IS_NULL) {
226
5
    *is_temp = 1;
227
5
    ht = zend_new_array(0);
228
5
    return ht;
229
5
  }
230
231
10
  zend_error_noreturn(E_ERROR, ZEND_DEBUGINFO_FUNC_NAME "() must return an array");
232
233
0
  return NULL; /* Compilers are dumb and don't understand that noreturn means that the function does NOT need a return value... */
234
265
}
235
/* }}} */
236
237
static void zend_std_call_getter(zend_object *zobj, zend_string *prop_name, zval *retval) /* {{{ */
238
1.71k
{
239
1.71k
  zval member;
240
1.71k
  ZVAL_STR(&member, prop_name);
241
1.71k
  zend_call_known_instance_method_with_1_params(zobj->ce->__get, zobj, retval, &member);
242
1.71k
}
243
/* }}} */
244
245
static void zend_std_call_setter(zend_object *zobj, zend_string *prop_name, zval *value) /* {{{ */
246
798
{
247
798
  zval args[2];
248
798
  ZVAL_STR(&args[0], prop_name);
249
798
  ZVAL_COPY_VALUE(&args[1], value);
250
798
  zend_call_known_instance_method(zobj->ce->__set, zobj, NULL, 2, args);
251
798
}
252
/* }}} */
253
254
static void zend_std_call_unsetter(zend_object *zobj, zend_string *prop_name) /* {{{ */
255
72
{
256
72
  zval member;
257
72
  ZVAL_STR(&member, prop_name);
258
72
  zend_call_known_instance_method_with_1_params(zobj->ce->__unset, zobj, NULL, &member);
259
72
}
260
/* }}} */
261
262
static void zend_std_call_issetter(zend_object *zobj, zend_string *prop_name, zval *retval) /* {{{ */
263
332
{
264
332
  zval member;
265
332
  ZVAL_STR(&member, prop_name);
266
332
  zend_call_known_instance_method_with_1_params(zobj->ce->__isset, zobj, retval, &member);
267
332
}
268
/* }}} */
269
270
271
static zend_always_inline bool is_derived_class(const zend_class_entry *child_class, const zend_class_entry *parent_class) /* {{{ */
272
1.95M
{
273
1.95M
  child_class = child_class->parent;
274
2.92M
  while (child_class) {
275
1.94M
    if (child_class == parent_class) {
276
980k
      return 1;
277
980k
    }
278
965k
    child_class = child_class->parent;
279
965k
  }
280
281
979k
  return 0;
282
1.95M
}
283
/* }}} */
284
285
static zend_never_inline int is_protected_compatible_scope(const zend_class_entry *ce, const zend_class_entry *scope) /* {{{ */
286
980k
{
287
980k
  return scope &&
288
980k
    (is_derived_class(ce, scope) || is_derived_class(scope, ce));
289
980k
}
290
/* }}} */
291
292
static zend_never_inline zend_property_info *zend_get_parent_private_property(zend_class_entry *scope, const zend_class_entry *ce, zend_string *member) /* {{{ */
293
500
{
294
500
  zval *zv;
295
500
  zend_property_info *prop_info;
296
297
500
  if (scope != ce && scope && is_derived_class(ce, scope)) {
298
380
    zv = zend_hash_find(&scope->properties_info, member);
299
380
    if (zv != NULL) {
300
380
      prop_info = (zend_property_info*)Z_PTR_P(zv);
301
380
      if ((prop_info->flags & ZEND_ACC_PRIVATE)
302
380
       && prop_info->ce == scope) {
303
360
        return prop_info;
304
360
      }
305
380
    }
306
380
  }
307
140
  return NULL;
308
500
}
309
/* }}} */
310
311
static ZEND_COLD zend_never_inline void zend_bad_property_access(const zend_property_info *property_info, const zend_class_entry *ce, const zend_string *member) /* {{{ */
312
122
{
313
122
  zend_throw_error(NULL, "Cannot access %s property %s::$%s", zend_visibility_string(property_info->flags), ZSTR_VAL(ce->name), ZSTR_VAL(member));
314
122
}
315
/* }}} */
316
317
static ZEND_COLD zend_never_inline void zend_bad_property_name(void) /* {{{ */
318
44
{
319
44
  zend_throw_error(NULL, "Cannot access property starting with \"\\0\"");
320
44
}
321
/* }}} */
322
323
static ZEND_COLD zend_never_inline void zend_forbidden_dynamic_property(
324
64
    const zend_class_entry *ce, const zend_string *member) {
325
64
  zend_throw_error(NULL, "Cannot create dynamic property %s::$%s",
326
64
    ZSTR_VAL(ce->name), ZSTR_VAL(member));
327
64
}
328
329
static ZEND_COLD zend_never_inline bool zend_deprecated_dynamic_property(
330
23.1k
    zend_object *obj, const zend_string *member) {
331
23.1k
  GC_ADDREF(obj);
332
23.1k
  zend_error(E_DEPRECATED, "Creation of dynamic property %s::$%s is deprecated",
333
23.1k
    ZSTR_VAL(obj->ce->name), ZSTR_VAL(member));
334
23.1k
  if (UNEXPECTED(GC_DELREF(obj) == 0)) {
335
9
    zend_class_entry *ce = obj->ce;
336
9
    zend_objects_store_del(obj);
337
9
    if (!EG(exception)) {
338
      /* We cannot continue execution and have to throw an exception */
339
9
      zend_throw_error(NULL, "Cannot create dynamic property %s::$%s",
340
9
        ZSTR_VAL(ce->name), ZSTR_VAL(member));
341
9
    }
342
9
    return 0;
343
9
  }
344
23.1k
  return 1;
345
23.1k
}
346
347
static ZEND_COLD zend_never_inline void zend_readonly_property_unset_error(
348
37
    zend_class_entry *ce, zend_string *member) {
349
37
  zend_throw_error(NULL, "Cannot unset readonly property %s::$%s",
350
37
    ZSTR_VAL(ce->name), ZSTR_VAL(member));
351
37
}
352
353
static zend_always_inline zend_class_entry *get_fake_or_executed_scope(void)
354
28.6M
{
355
28.6M
  if (UNEXPECTED(EG(fake_scope))) {
356
28.6M
    return EG(fake_scope);
357
28.6M
  } else {
358
6.92k
    return zend_get_executed_scope();
359
6.92k
  }
360
28.6M
}
361
362
static zend_always_inline uintptr_t zend_get_property_offset(zend_class_entry *ce, zend_string *member, int silent, void **cache_slot, const zend_property_info **info_ptr) /* {{{ */
363
24.8M
{
364
24.8M
  zval *zv;
365
24.8M
  zend_property_info *property_info;
366
24.8M
  uint32_t flags;
367
24.8M
  uintptr_t offset;
368
369
24.8M
  if (cache_slot && EXPECTED(ce == CACHED_PTR_EX(cache_slot))) {
370
12.6k
    *info_ptr = CACHED_PTR_EX(cache_slot + 2);
371
12.6k
    return (uintptr_t)CACHED_PTR_EX(cache_slot + 1);
372
12.6k
  }
373
374
24.8M
  if (UNEXPECTED(zend_hash_num_elements(&ce->properties_info) == 0)
375
24.8M
   || UNEXPECTED((zv = zend_hash_find(&ce->properties_info, member)) == NULL)) {
376
58.5k
    if (UNEXPECTED(ZSTR_VAL(member)[0] == '\0') && ZSTR_LEN(member) != 0) {
377
84
      if (!silent) {
378
44
        zend_bad_property_name();
379
44
      }
380
84
      return ZEND_WRONG_PROPERTY_OFFSET;
381
84
    }
382
58.4k
dynamic:
383
58.4k
    if (cache_slot) {
384
9.50k
      CACHE_POLYMORPHIC_PTR_EX(cache_slot, ce, (void*)ZEND_DYNAMIC_PROPERTY_OFFSET);
385
9.50k
      CACHE_PTR_EX(cache_slot + 2, NULL);
386
9.50k
    }
387
58.4k
    return ZEND_DYNAMIC_PROPERTY_OFFSET;
388
58.5k
  }
389
390
24.8M
  property_info = (zend_property_info*)Z_PTR_P(zv);
391
24.8M
  flags = property_info->flags;
392
393
24.8M
  if (flags & (ZEND_ACC_CHANGED|ZEND_ACC_PRIVATE|ZEND_ACC_PROTECTED)) {
394
24.7M
    zend_class_entry *scope = get_fake_or_executed_scope();
395
396
24.7M
    if (property_info->ce != scope) {
397
980k
      if (flags & ZEND_ACC_CHANGED) {
398
362
        zend_property_info *p = zend_get_parent_private_property(scope, ce, member);
399
400
        /* If there is a public/protected instance property on ce, don't try to use a
401
         * private static property on scope. If both are static, prefer the static
402
         * property on scope. This will throw a static property notice, rather than
403
         * a visibility error. */
404
362
        if (p && (!(p->flags & ZEND_ACC_STATIC) || (flags & ZEND_ACC_STATIC))) {
405
261
          property_info = p;
406
261
          flags = property_info->flags;
407
261
          goto found;
408
261
        } else if (flags & ZEND_ACC_PUBLIC) {
409
44
          goto found;
410
44
        }
411
362
      }
412
980k
      if (flags & ZEND_ACC_PRIVATE) {
413
337
        if (property_info->ce != ce) {
414
52
          goto dynamic;
415
285
        } else {
416
467
wrong:
417
          /* Information was available, but we were denied access.  Error out. */
418
467
          if (!silent) {
419
107
            zend_bad_property_access(property_info, ce, member);
420
107
          }
421
467
          return ZEND_WRONG_PROPERTY_OFFSET;
422
285
        }
423
979k
      } else {
424
979k
        ZEND_ASSERT(flags & ZEND_ACC_PROTECTED);
425
979k
        if (UNEXPECTED(!is_protected_compatible_scope(property_info->ce, scope))) {
426
182
          goto wrong;
427
182
        }
428
979k
      }
429
980k
    }
430
24.7M
  }
431
432
24.8M
found:
433
24.8M
  if (UNEXPECTED(flags & ZEND_ACC_STATIC)) {
434
97
    if (!silent) {
435
64
      zend_error(E_NOTICE, "Accessing static property %s::$%s as non static", ZSTR_VAL(ce->name), ZSTR_VAL(member));
436
64
    }
437
97
    return ZEND_DYNAMIC_PROPERTY_OFFSET;
438
97
  }
439
440
24.8M
  if (property_info->hooks) {
441
3.01k
    *info_ptr = property_info;
442
3.01k
    if (cache_slot) {
443
1.61k
      CACHE_POLYMORPHIC_PTR_EX(cache_slot, ce, (void*)ZEND_HOOKED_PROPERTY_OFFSET);
444
1.61k
      CACHE_PTR_EX(cache_slot + 2, property_info);
445
1.61k
    }
446
3.01k
    return ZEND_HOOKED_PROPERTY_OFFSET;
447
3.01k
  }
448
449
24.8M
  offset = property_info->offset;
450
24.8M
  if (EXPECTED(!ZEND_TYPE_IS_SET(property_info->type))) {
451
1.24M
    property_info = NULL;
452
23.5M
  } else {
453
23.5M
    *info_ptr = property_info;
454
23.5M
  }
455
24.8M
  if (cache_slot) {
456
16.1k
    CACHE_POLYMORPHIC_PTR_EX(cache_slot, ce, (void*)(uintptr_t)offset);
457
16.1k
    CACHE_PTR_EX(cache_slot + 2, property_info);
458
16.1k
  }
459
24.8M
  return offset;
460
24.8M
}
461
/* }}} */
462
463
static ZEND_COLD void zend_wrong_offset(zend_class_entry *ce, zend_string *member) /* {{{ */
464
42
{
465
42
  const zend_property_info *dummy;
466
467
  /* Trigger the correct error */
468
42
  zend_get_property_offset(ce, member, 0, NULL, &dummy);
469
42
}
470
/* }}} */
471
472
ZEND_API zend_property_info *zend_get_property_info(const zend_class_entry *ce, zend_string *member, int silent) /* {{{ */
473
3.88M
{
474
3.88M
  zval *zv;
475
3.88M
  zend_property_info *property_info;
476
3.88M
  uint32_t flags;
477
478
3.88M
  if (UNEXPECTED(zend_hash_num_elements(&ce->properties_info) == 0)
479
3.88M
   || EXPECTED((zv = zend_hash_find(&ce->properties_info, member)) == NULL)) {
480
8.00k
    if (UNEXPECTED(ZSTR_VAL(member)[0] == '\0') && ZSTR_LEN(member) != 0) {
481
734
      if (!silent) {
482
0
        zend_bad_property_name();
483
0
      }
484
734
      return ZEND_WRONG_PROPERTY_INFO;
485
734
    }
486
7.35k
dynamic:
487
7.35k
    return NULL;
488
8.00k
  }
489
490
3.88M
  property_info = (zend_property_info*)Z_PTR_P(zv);
491
3.88M
  flags = property_info->flags;
492
493
3.88M
  if (flags & (ZEND_ACC_CHANGED|ZEND_ACC_PRIVATE|ZEND_ACC_PROTECTED)) {
494
3.87M
    zend_class_entry *scope = get_fake_or_executed_scope();
495
3.87M
    if (property_info->ce != scope) {
496
791
      if (flags & ZEND_ACC_CHANGED) {
497
138
        zend_property_info *p = zend_get_parent_private_property(scope, ce, member);
498
499
138
        if (p) {
500
80
          property_info = p;
501
80
          flags = property_info->flags;
502
80
          goto found;
503
80
        } else if (flags & ZEND_ACC_PUBLIC) {
504
20
          goto found;
505
20
        }
506
138
      }
507
691
      if (flags & ZEND_ACC_PRIVATE) {
508
453
        if (property_info->ce != ce) {
509
92
          goto dynamic;
510
361
        } else {
511
386
wrong:
512
          /* Information was available, but we were denied access.  Error out. */
513
386
          if (!silent) {
514
0
            zend_bad_property_access(property_info, ce, member);
515
0
          }
516
386
          return ZEND_WRONG_PROPERTY_INFO;
517
361
        }
518
453
      } else {
519
238
        ZEND_ASSERT(flags & ZEND_ACC_PROTECTED);
520
238
        if (UNEXPECTED(!is_protected_compatible_scope(property_info->ce, scope))) {
521
25
          goto wrong;
522
25
        }
523
238
      }
524
691
    }
525
3.87M
  }
526
527
3.88M
found:
528
3.88M
  if (UNEXPECTED(flags & ZEND_ACC_STATIC)) {
529
1.79k
    if (!silent) {
530
0
      zend_error(E_NOTICE, "Accessing static property %s::$%s as non static", ZSTR_VAL(ce->name), ZSTR_VAL(member));
531
0
    }
532
1.79k
  }
533
3.88M
  return property_info;
534
3.88M
}
535
/* }}} */
536
537
ZEND_API zend_result zend_check_property_access(const zend_object *zobj, zend_string *prop_info_name, bool is_dynamic) /* {{{ */
538
2.20k
{
539
2.20k
  zend_property_info *property_info;
540
2.20k
  const char *class_name = NULL;
541
2.20k
  const char *prop_name;
542
2.20k
  zend_string *member;
543
2.20k
  size_t prop_name_len;
544
545
2.20k
  if (ZSTR_VAL(prop_info_name)[0] == 0) {
546
709
    if (is_dynamic) {
547
6
      return SUCCESS;
548
6
    }
549
550
703
    zend_unmangle_property_name_ex(prop_info_name, &class_name, &prop_name, &prop_name_len);
551
703
    member = zend_string_init(prop_name, prop_name_len, 0);
552
703
    property_info = zend_get_property_info(zobj->ce, member, 1);
553
703
    zend_string_release_ex(member, 0);
554
703
    if (property_info == NULL || property_info == ZEND_WRONG_PROPERTY_INFO) {
555
430
      return FAILURE;
556
430
    }
557
558
273
    if (class_name[0] != '*') {
559
200
      if (!(property_info->flags & ZEND_ACC_PRIVATE)) {
560
        /* we we're looking for a private prop but found a non private one of the same name */
561
10
        return FAILURE;
562
190
      } else if (strcmp(ZSTR_VAL(prop_info_name)+1, ZSTR_VAL(property_info->name)+1)) {
563
        /* we we're looking for a private prop but found a private one of the same name but another class */
564
37
        return FAILURE;
565
37
      }
566
200
    } else {
567
73
      ZEND_ASSERT(property_info->flags & ZEND_ACC_PROTECTED);
568
73
    }
569
226
    return SUCCESS;
570
1.49k
  } else {
571
1.49k
    property_info = zend_get_property_info(zobj->ce, prop_info_name, 1);
572
1.49k
    if (property_info == NULL) {
573
210
      ZEND_ASSERT(is_dynamic);
574
210
      return SUCCESS;
575
1.28k
    } else if (property_info == ZEND_WRONG_PROPERTY_INFO) {
576
0
      return FAILURE;
577
0
    }
578
1.28k
    return (property_info->flags & ZEND_ACC_PUBLIC) ? SUCCESS : FAILURE;
579
1.49k
  }
580
2.20k
}
581
/* }}} */
582
583
2.72k
ZEND_API bool ZEND_FASTCALL zend_asymmetric_property_has_set_access(const zend_property_info *prop_info) {
584
2.72k
  ZEND_ASSERT(prop_info->flags & ZEND_ACC_PPP_SET_MASK);
585
2.72k
  ZEND_ASSERT(!(prop_info->flags & ZEND_ACC_PUBLIC_SET));
586
2.72k
  zend_class_entry *scope = get_fake_or_executed_scope();
587
2.72k
  if (prop_info->ce == scope) {
588
2.07k
    return true;
589
2.07k
  }
590
651
  return EXPECTED((prop_info->flags & ZEND_ACC_PROTECTED_SET)
591
2.72k
    && is_protected_compatible_scope(prop_info->ce, scope));
592
2.72k
}
593
594
520
static void zend_property_guard_dtor(zval *el) /* {{{ */ {
595
520
  uint32_t *ptr = (uint32_t*)Z_PTR_P(el);
596
520
  if (EXPECTED(!(((uintptr_t)ptr) & 1))) {
597
459
    efree_size(ptr, sizeof(uint32_t));
598
459
  }
599
520
}
600
/* }}} */
601
602
static zend_always_inline zval *zend_get_guard_value(zend_object *zobj)
603
4.61k
{
604
4.61k
  return zobj->properties_table + zobj->ce->default_properties_count;
605
4.61k
}
606
607
ZEND_API uint32_t *zend_get_property_guard(zend_object *zobj, zend_string *member) /* {{{ */
608
3.87k
{
609
3.87k
  HashTable *guards;
610
3.87k
  zval *zv;
611
3.87k
  uint32_t *ptr;
612
613
614
3.87k
  ZEND_ASSERT(zobj->ce->ce_flags & ZEND_ACC_USE_GUARDS);
615
3.87k
  zv = zend_get_guard_value(zobj);
616
3.87k
  if (EXPECTED(Z_TYPE_P(zv) == IS_STRING)) {
617
2.09k
    zend_string *str = Z_STR_P(zv);
618
2.09k
    if (EXPECTED(str == member) ||
619
        /* str and member don't necessarily have a pre-calculated hash value here */
620
2.09k
        EXPECTED(zend_string_equal_content(str, member))) {
621
1.52k
      return &Z_GUARD_P(zv);
622
1.52k
    } else if (EXPECTED(Z_GUARD_P(zv) == 0)) {
623
511
      zval_ptr_dtor_str(zv);
624
511
      ZVAL_STR_COPY(zv, member);
625
511
      return &Z_GUARD_P(zv);
626
511
    } else {
627
61
      ALLOC_HASHTABLE(guards);
628
61
      zend_hash_init(guards, 8, NULL, zend_property_guard_dtor, 0);
629
      /* mark pointer as "special" using low bit */
630
61
      zend_hash_add_new_ptr(guards, str,
631
61
        (void*)(((uintptr_t)&Z_GUARD_P(zv)) | 1));
632
61
      zval_ptr_dtor_str(zv);
633
61
      ZVAL_ARR(zv, guards);
634
61
    }
635
2.09k
  } else if (EXPECTED(Z_TYPE_P(zv) == IS_ARRAY)) {
636
788
    guards = Z_ARRVAL_P(zv);
637
788
    ZEND_ASSERT(guards != NULL);
638
788
    zv = zend_hash_find(guards, member);
639
788
    if (zv != NULL) {
640
390
      return (uint32_t*)(((uintptr_t)Z_PTR_P(zv)) & ~1);
641
390
    }
642
992
  } else {
643
992
    ZEND_ASSERT(Z_TYPE_P(zv) == IS_UNDEF);
644
992
    ZVAL_STR_COPY(zv, member);
645
992
    Z_GUARD_P(zv) &= ~ZEND_GUARD_PROPERTY_MASK;
646
992
    return &Z_GUARD_P(zv);
647
992
  }
648
  /* we have to allocate uint32_t separately because ht->arData may be reallocated */
649
459
  ptr = (uint32_t*)emalloc(sizeof(uint32_t));
650
459
  *ptr = 0;
651
459
  return (uint32_t*)zend_hash_add_new_ptr(guards, member, ptr);
652
3.87k
}
653
/* }}} */
654
655
ZEND_API uint32_t *zend_get_recursion_guard(zend_object *zobj)
656
9.75k
{
657
9.75k
  if (!(zobj->ce->ce_flags & ZEND_ACC_USE_GUARDS)) {
658
9.01k
    return NULL;
659
9.01k
  }
660
737
  zval *zv = zend_get_guard_value(zobj);
661
737
  return &Z_GUARD_P(zv);
662
9.75k
}
663
664
ZEND_COLD static void zend_typed_property_uninitialized_access(const zend_property_info *prop_info, zend_string *name)
665
205
{
666
205
  zend_throw_error(NULL, "Typed property %s::$%s must not be accessed before initialization",
667
205
    ZSTR_VAL(prop_info->ce->name),
668
205
    ZSTR_VAL(name));
669
205
}
670
671
static ZEND_FUNCTION(zend_parent_hook_get_trampoline);
672
static ZEND_FUNCTION(zend_parent_hook_set_trampoline);
673
674
static bool zend_is_in_hook(const zend_property_info *prop_info)
675
7.20k
{
676
7.20k
  zend_execute_data *execute_data = EG(current_execute_data);
677
7.20k
  if (!execute_data || !EX(func) || !EX(func)->common.prop_info) {
678
5.41k
    return false;
679
5.41k
  }
680
681
1.79k
  const zend_property_info *parent_info = EX(func)->common.prop_info;
682
1.79k
  ZEND_ASSERT(prop_info->prototype && parent_info->prototype);
683
1.79k
  return prop_info->prototype == parent_info->prototype;
684
1.79k
}
685
686
static bool zend_should_call_hook(const zend_property_info *prop_info, const zend_object *obj)
687
6.80k
{
688
6.80k
  if (!zend_is_in_hook(prop_info)) {
689
6.00k
    return true;
690
6.00k
  }
691
692
  /* execute_data and This are guaranteed to be set if zend_is_in_hook() returns true. */
693
798
  zend_object *parent_obj = Z_OBJ(EG(current_execute_data)->This);
694
798
  if (parent_obj == obj) {
695
753
    return false;
696
753
  }
697
698
45
  if (zend_object_is_lazy_proxy(parent_obj)
699
45
   && zend_lazy_object_initialized(parent_obj)
700
45
   && zend_lazy_object_get_instance(parent_obj) == obj) {
701
33
    return false;
702
33
  }
703
704
12
  return true;
705
45
}
706
707
static ZEND_COLD void zend_throw_no_prop_backing_value_access(zend_string *class_name, zend_string *prop_name, bool is_read)
708
6
{
709
6
  zend_throw_error(NULL, "Must not %s virtual property %s::$%s",
710
6
    is_read ? "read from" : "write to",
711
6
    ZSTR_VAL(class_name), ZSTR_VAL(prop_name));
712
6
}
713
714
static bool zend_call_get_hook(
715
  const zend_property_info *prop_info, zend_string *prop_name,
716
  zend_function *get, zend_object *zobj, zval *rv)
717
4.29k
{
718
4.29k
  if (!zend_should_call_hook(prop_info, zobj)) {
719
546
    if (UNEXPECTED(prop_info->flags & ZEND_ACC_VIRTUAL)) {
720
4
      zend_throw_no_prop_backing_value_access(zobj->ce->name, prop_name, /* is_read */ true);
721
4
    }
722
546
    return false;
723
546
  }
724
725
3.75k
  zend_call_known_instance_method_with_0_params(get, zobj, rv);
726
727
3.75k
  return true;
728
4.29k
}
729
730
ZEND_API zval *zend_std_read_property(zend_object *zobj, zend_string *name, int type, void **cache_slot, zval *rv) /* {{{ */
731
23.5M
{
732
23.5M
  zval *retval;
733
23.5M
  uintptr_t property_offset;
734
23.5M
  const zend_property_info *prop_info = NULL;
735
23.5M
  uint32_t *guard = NULL;
736
737
#if DEBUG_OBJECT_HANDLERS
738
  fprintf(stderr, "Read object #%d property: %s\n", zobj->handle, ZSTR_VAL(name));
739
#endif
740
741
  /* make zend_get_property_info silent if we have getter - we may want to use it */
742
23.5M
  property_offset = zend_get_property_offset(zobj->ce, name, (type == BP_VAR_IS) || (zobj->ce->__get != NULL), cache_slot, &prop_info);
743
744
23.5M
  if (EXPECTED(IS_VALID_PROPERTY_OFFSET(property_offset))) {
745
23.5M
try_again:
746
23.5M
    retval = OBJ_PROP(zobj, property_offset);
747
748
23.5M
    if (prop_info && UNEXPECTED(prop_info->flags & (ZEND_ACC_READONLY|ZEND_ACC_PPP_SET_MASK))
749
23.5M
     && (type == BP_VAR_W || type == BP_VAR_RW || type == BP_VAR_UNSET)
750
23.5M
     && ((prop_info->flags & ZEND_ACC_READONLY) || !zend_asymmetric_property_has_set_access(prop_info))) {
751
332
      if (Z_TYPE_P(retval) == IS_OBJECT) {
752
        /* For objects, W/RW/UNSET fetch modes might not actually modify object.
753
         * Similar as with magic __get() allow them, but return the value as a copy
754
         * to make sure no actual modification is possible. */
755
120
        ZVAL_COPY(rv, retval);
756
120
        retval = rv;
757
120
        goto exit;
758
212
      } else if (Z_TYPE_P(retval) == IS_UNDEF && type == BP_VAR_UNSET) {
759
43
        retval = &EG(uninitialized_zval);
760
43
        goto exit;
761
43
      }
762
169
      if (prop_info->flags & ZEND_ACC_READONLY) {
763
115
        zend_readonly_property_indirect_modification_error(prop_info);
764
115
      } else {
765
54
        zend_asymmetric_visibility_property_modification_error(prop_info, "indirectly modify");
766
54
      }
767
169
      retval = &EG(uninitialized_zval);
768
169
      goto exit;
769
332
    }
770
23.5M
    if (EXPECTED(Z_TYPE_P(retval) != IS_UNDEF)) {
771
23.5M
      goto exit;
772
23.5M
    }
773
625
    if (UNEXPECTED(Z_PROP_FLAG_P(retval) & IS_PROP_UNINIT)) {
774
      /* Skip __get() for uninitialized typed properties */
775
516
      goto uninit_error;
776
516
    }
777
12.4k
  } else if (EXPECTED(IS_DYNAMIC_PROPERTY_OFFSET(property_offset))) {
778
7.75k
    if (EXPECTED(zobj->properties != NULL)) {
779
1.65k
      if (!IS_UNKNOWN_DYNAMIC_PROPERTY_OFFSET(property_offset)) {
780
0
        uintptr_t idx = ZEND_DECODE_DYN_PROP_OFFSET(property_offset);
781
782
0
        if (EXPECTED(idx < zobj->properties->nNumUsed * sizeof(Bucket))) {
783
0
          Bucket *p = (Bucket*)((char*)zobj->properties->arData + idx);
784
785
0
          if (EXPECTED(p->key == name) ||
786
0
                (EXPECTED(p->h == ZSTR_H(name)) &&
787
0
                 EXPECTED(p->key != NULL) &&
788
0
                 EXPECTED(zend_string_equal_content(p->key, name)))) {
789
0
            retval = &p->val;
790
0
            goto exit;
791
0
          }
792
0
        }
793
0
        CACHE_PTR_EX(cache_slot + 1, (void*)ZEND_DYNAMIC_PROPERTY_OFFSET);
794
0
      }
795
1.65k
      retval = zend_hash_find(zobj->properties, name);
796
1.65k
      if (EXPECTED(retval)) {
797
715
        if (cache_slot) {
798
414
          uintptr_t idx = (char*)retval - (char*)zobj->properties->arData;
799
414
          CACHE_PTR_EX(cache_slot + 1, (void*)ZEND_ENCODE_DYN_PROP_OFFSET(idx));
800
414
        }
801
715
        goto exit;
802
715
      }
803
1.65k
    }
804
7.75k
  } else if (IS_HOOKED_PROPERTY_OFFSET(property_offset)) {
805
4.38k
    zend_function *get = prop_info->hooks[ZEND_PROPERTY_HOOK_GET];
806
4.38k
    if (!get) {
807
155
      if (prop_info->flags & ZEND_ACC_VIRTUAL) {
808
8
        zend_throw_error(NULL, "Property %s::$%s is write-only",
809
8
          ZSTR_VAL(zobj->ce->name), ZSTR_VAL(name));
810
8
        return &EG(uninitialized_zval);
811
8
      }
812
      /* Cache the fact that this hook has trivial read. This only applies to
813
       * BP_VAR_R and BP_VAR_IS fetches. */
814
147
      ZEND_SET_PROPERTY_HOOK_SIMPLE_READ(cache_slot);
815
816
147
      retval = OBJ_PROP(zobj, prop_info->offset);
817
147
      if (UNEXPECTED(Z_TYPE_P(retval) == IS_UNDEF)) {
818
        /* As hooked properties can't be unset, the only way to end up with an undef
819
         * value is via an uninitialized property. */
820
21
        ZEND_ASSERT(Z_PROP_FLAG_P(retval) & IS_PROP_UNINIT);
821
21
        goto uninit_error;
822
21
      }
823
824
126
      if (UNEXPECTED(type == BP_VAR_W || type == BP_VAR_RW || type == BP_VAR_UNSET)) {
825
13
        if (UNEXPECTED(Z_TYPE_P(retval) != IS_OBJECT)) {
826
13
          zend_throw_error(NULL, "Indirect modification of %s::$%s is not allowed",
827
13
            ZSTR_VAL(zobj->ce->name), ZSTR_VAL(name));
828
13
          goto exit;
829
13
        }
830
0
        ZVAL_COPY(rv, retval);
831
0
        retval = rv;
832
0
      }
833
113
      goto exit;
834
126
    }
835
836
4.23k
    zend_class_entry *ce = zobj->ce;
837
838
4.23k
    if (!zend_call_get_hook(prop_info, name, get, zobj, rv)) {
839
541
      if (EG(exception)) {
840
4
        return &EG(uninitialized_zval);
841
4
      }
842
843
      /* Reads from backing store can only occur in hooks, and hence will always remain simple. */
844
537
      zend_execute_data *execute_data = EG(current_execute_data);
845
537
      if (cache_slot && EX(opline) && EX(opline)->opcode == ZEND_FETCH_OBJ_R && EX(opline)->op1_type == IS_UNUSED) {
846
264
        ZEND_SET_PROPERTY_HOOK_SIMPLE_READ(cache_slot);
847
264
      }
848
849
537
      property_offset = prop_info->offset;
850
537
      if (!ZEND_TYPE_IS_SET(prop_info->type)) {
851
455
        prop_info = NULL;
852
455
      }
853
537
      goto try_again;
854
541
    }
855
856
3.69k
    if (EXPECTED(cache_slot
857
3.69k
     && zend_execute_ex == execute_ex
858
3.69k
     && ce->default_object_handlers->read_property == zend_std_read_property
859
3.69k
     && !ce->create_object
860
3.69k
     && !zend_is_in_hook(prop_info)
861
3.69k
     && !(prop_info->hooks[ZEND_PROPERTY_HOOK_GET]->common.fn_flags & ZEND_ACC_RETURN_REFERENCE))) {
862
360
      ZEND_SET_PROPERTY_HOOK_SIMPLE_GET(cache_slot);
863
360
    }
864
865
3.69k
    if (Z_TYPE_P(rv) != IS_UNDEF) {
866
1.62k
      retval = rv;
867
1.62k
      if (!Z_ISREF_P(rv)
868
1.62k
       && (type == BP_VAR_W || type == BP_VAR_RW || type == BP_VAR_UNSET)
869
1.62k
       && UNEXPECTED(Z_TYPE_P(rv) != IS_OBJECT)) {
870
39
        zend_throw_error(NULL, "Indirect modification of %s::$%s is not allowed",
871
39
          ZSTR_VAL(ce->name), ZSTR_VAL(name));
872
39
      }
873
2.06k
    } else {
874
2.06k
      retval = &EG(uninitialized_zval);
875
2.06k
    }
876
877
3.69k
    goto exit;
878
4.23k
  } else if (UNEXPECTED(EG(exception))) {
879
67
    retval = &EG(uninitialized_zval);
880
67
    goto exit;
881
67
  }
882
883
7.34k
  retval = &EG(uninitialized_zval);
884
885
  /* magic isset */
886
7.34k
  if ((type == BP_VAR_IS) && zobj->ce->__isset) {
887
216
    zval tmp_result;
888
216
    guard = zend_get_property_guard(zobj, name);
889
890
216
    if (!((*guard) & IN_ISSET)) {
891
186
      GC_ADDREF(zobj);
892
893
186
      *guard |= IN_ISSET;
894
186
      zend_std_call_issetter(zobj, name, &tmp_result);
895
186
      *guard &= ~IN_ISSET;
896
897
186
      if (!zend_is_true(&tmp_result)) {
898
117
        retval = &EG(uninitialized_zval);
899
117
        OBJ_RELEASE(zobj);
900
117
        zval_ptr_dtor(&tmp_result);
901
117
        goto exit;
902
117
      }
903
904
69
      zval_ptr_dtor(&tmp_result);
905
69
      if (zobj->ce->__get && !((*guard) & IN_GET)) {
906
54
        goto call_getter;
907
54
      }
908
15
      OBJ_RELEASE(zobj);
909
30
    } else if (zobj->ce->__get && !((*guard) & IN_GET)) {
910
5
      goto call_getter_addref;
911
5
    }
912
7.12k
  } else if (zobj->ce->__get) {
913
    /* magic get */
914
1.94k
    guard = zend_get_property_guard(zobj, name);
915
1.94k
    if (!((*guard) & IN_GET)) {
916
      /* have getter - try with it! */
917
1.63k
call_getter_addref:
918
1.63k
      GC_ADDREF(zobj);
919
1.68k
call_getter:
920
1.68k
      *guard |= IN_GET; /* prevent circular getting */
921
1.68k
      zend_std_call_getter(zobj, name, rv);
922
1.68k
      *guard &= ~IN_GET;
923
924
1.68k
      if (Z_TYPE_P(rv) != IS_UNDEF) {
925
1.20k
        retval = rv;
926
1.20k
        if (!Z_ISREF_P(rv) &&
927
1.20k
            (type == BP_VAR_W || type == BP_VAR_RW  || type == BP_VAR_UNSET)) {
928
125
          if (UNEXPECTED(Z_TYPE_P(rv) != IS_OBJECT)) {
929
82
            zend_error(E_NOTICE, "Indirect modification of overloaded property %s::$%s has no effect", ZSTR_VAL(zobj->ce->name), ZSTR_VAL(name));
930
82
          }
931
125
        }
932
1.20k
      } else {
933
487
        retval = &EG(uninitialized_zval);
934
487
      }
935
936
1.68k
      if (prop_info) {
937
35
        zend_verify_prop_assignable_by_ref_ex(prop_info, retval, (zobj->ce->__get->common.fn_flags & ZEND_ACC_STRICT_TYPES) != 0, ZEND_VERIFY_PROP_ASSIGNABLE_BY_REF_CONTEXT_MAGIC_GET);
938
35
      }
939
940
1.68k
      OBJ_RELEASE(zobj);
941
1.68k
      goto exit;
942
1.63k
    } else if (UNEXPECTED(IS_WRONG_PROPERTY_OFFSET(property_offset))) {
943
      /* Trigger the correct error */
944
15
      zend_wrong_offset(zobj->ce, name);
945
15
      ZEND_ASSERT(EG(exception));
946
15
      retval = &EG(uninitialized_zval);
947
15
      goto exit;
948
15
    }
949
1.94k
  }
950
951
6.05k
uninit_error:
952
6.05k
  if (UNEXPECTED(zend_lazy_object_must_init(zobj))) {
953
536
    if (!prop_info || (Z_PROP_FLAG_P(retval) & IS_PROP_LAZY)) {
954
521
      zobj = zend_lazy_object_init(zobj);
955
521
      if (!zobj) {
956
86
        retval = &EG(uninitialized_zval);
957
86
        goto exit;
958
86
      }
959
960
435
      if (UNEXPECTED(guard)) {
961
41
        uint32_t guard_type = (type == BP_VAR_IS) && zobj->ce->__isset
962
41
          ? IN_ISSET : IN_GET;
963
41
        guard = zend_get_property_guard(zobj, name);
964
41
        if (!((*guard) & guard_type)) {
965
23
          (*guard) |= guard_type;
966
23
          retval = zend_std_read_property(zobj, name, type, cache_slot, rv);
967
23
          (*guard) &= ~guard_type;
968
23
          return retval;
969
23
        }
970
41
      }
971
972
412
      return zend_std_read_property(zobj, name, type, cache_slot, rv);
973
435
    }
974
536
  }
975
5.53k
  if (type != BP_VAR_IS) {
976
5.20k
    if (prop_info) {
977
123
      zend_typed_property_uninitialized_access(prop_info, name);
978
5.07k
    } else {
979
5.07k
      zend_error(E_WARNING, "Undefined property: %s::$%s", ZSTR_VAL(zobj->ce->name), ZSTR_VAL(name));
980
5.07k
    }
981
5.20k
  }
982
5.53k
  retval = &EG(uninitialized_zval);
983
984
23.5M
exit:
985
23.5M
  return retval;
986
5.53k
}
987
/* }}} */
988
989
1.46M
static zend_always_inline bool property_uses_strict_types(void) {
990
1.46M
  zend_execute_data *execute_data = EG(current_execute_data);
991
1.46M
  return execute_data
992
1.46M
    && execute_data->func
993
1.46M
    && ZEND_CALL_USES_STRICT_TYPES(EG(current_execute_data));
994
1.46M
}
995
996
static zval *forward_write_to_lazy_object(zend_object *zobj,
997
    zend_string *name, zval *value, void **cache_slot, bool guarded)
998
231
{
999
231
  zval *variable_ptr;
1000
1001
  /* backup value as it may change during initialization */
1002
231
  zval backup;
1003
231
  ZVAL_COPY(&backup, value);
1004
1005
231
  zend_object *instance = zend_lazy_object_init(zobj);
1006
231
  if (UNEXPECTED(!instance)) {
1007
53
    zval_ptr_dtor(&backup);
1008
53
    return &EG(error_zval);
1009
53
  }
1010
1011
178
  if (UNEXPECTED(guarded)) {
1012
20
    uint32_t *guard = zend_get_property_guard(instance, name);
1013
20
    if (!((*guard) & IN_SET)) {
1014
5
      (*guard) |= IN_SET;
1015
5
      variable_ptr = zend_std_write_property(instance, name, &backup, cache_slot);
1016
5
      (*guard) &= ~IN_SET;
1017
5
      goto exit;
1018
5
    }
1019
20
  }
1020
1021
173
  variable_ptr = zend_std_write_property(instance, name, &backup, cache_slot);
1022
1023
178
exit:
1024
178
  zval_ptr_dtor(&backup);
1025
1026
178
  if (variable_ptr == &backup) {
1027
0
    variable_ptr = value;
1028
0
  }
1029
1030
178
  return variable_ptr;
1031
173
}
1032
1033
ZEND_API zval *zend_std_write_property(zend_object *zobj, zend_string *name, zval *value, void **cache_slot) /* {{{ */
1034
1.35M
{
1035
1.35M
  zval *variable_ptr, tmp;
1036
1.35M
  uintptr_t property_offset;
1037
1.35M
  const zend_property_info *prop_info = NULL;
1038
1.35M
  uint32_t *guard = NULL;
1039
1.35M
  ZEND_ASSERT(!Z_ISREF_P(value));
1040
1041
1.35M
  property_offset = zend_get_property_offset(zobj->ce, name, (zobj->ce->__set != NULL), cache_slot, &prop_info);
1042
1043
1.35M
  if (EXPECTED(IS_VALID_PROPERTY_OFFSET(property_offset))) {
1044
1.29M
try_again:
1045
1.29M
    variable_ptr = OBJ_PROP(zobj, property_offset);
1046
1047
1.29M
    if (prop_info && UNEXPECTED(prop_info->flags & (ZEND_ACC_READONLY|ZEND_ACC_PPP_SET_MASK))) {
1048
2.76k
      bool error;
1049
2.76k
      if (Z_TYPE_P(variable_ptr) != IS_UNDEF || (Z_PROP_FLAG_P(variable_ptr) & IS_PROP_UNINIT) || !zobj->ce->__set) {
1050
2.74k
        error = true;
1051
2.74k
      } else {
1052
20
        guard = zend_get_property_guard(zobj, name);
1053
20
        error = (*guard) & IN_SET;
1054
20
      }
1055
2.76k
      if (error) {
1056
2.75k
        if ((prop_info->flags & ZEND_ACC_READONLY)
1057
2.75k
         && Z_TYPE_P(variable_ptr) != IS_UNDEF
1058
2.75k
         && !(Z_PROP_FLAG_P(variable_ptr) & IS_PROP_REINITABLE)) {
1059
209
          zend_readonly_property_modification_error(prop_info);
1060
209
          variable_ptr = &EG(error_zval);
1061
209
          goto exit;
1062
209
        }
1063
2.54k
        if ((prop_info->flags & ZEND_ACC_PPP_SET_MASK) && !zend_asymmetric_property_has_set_access(prop_info)) {
1064
136
          zend_asymmetric_visibility_property_modification_error(prop_info, "modify");
1065
136
          variable_ptr = &EG(error_zval);
1066
136
          goto exit;
1067
136
        }
1068
2.54k
      }
1069
2.76k
    }
1070
1071
1.29M
    if (Z_TYPE_P(variable_ptr) != IS_UNDEF) {
1072
1.29M
      Z_TRY_ADDREF_P(value);
1073
1074
1.29M
      if (prop_info) {
1075
159k
typed_property:
1076
159k
        ZVAL_COPY_VALUE(&tmp, value);
1077
        // Increase refcount to prevent object from being released in __toString()
1078
159k
        GC_ADDREF(zobj);
1079
159k
        bool type_matched = zend_verify_property_type(prop_info, &tmp, property_uses_strict_types());
1080
159k
        if (UNEXPECTED(GC_DELREF(zobj) == 0)) {
1081
14
          zend_object_released_while_assigning_to_property_error(prop_info);
1082
14
          zend_objects_store_del(zobj);
1083
14
          zval_ptr_dtor(&tmp);
1084
14
          variable_ptr = &EG(error_zval);
1085
14
          goto exit;
1086
14
        }
1087
159k
        if (UNEXPECTED(!type_matched)) {
1088
349
          zval_ptr_dtor(&tmp);
1089
349
          variable_ptr = &EG(error_zval);
1090
349
          goto exit;
1091
349
        }
1092
158k
        Z_PROP_FLAG_P(variable_ptr) &= ~(IS_PROP_UNINIT|IS_PROP_REINITABLE);
1093
158k
        value = &tmp;
1094
158k
      }
1095
1096
1.30M
found:;
1097
1.30M
      zend_refcounted *garbage = NULL;
1098
1099
1.30M
      variable_ptr = zend_assign_to_variable_ex(
1100
1.30M
        variable_ptr, value, IS_TMP_VAR, property_uses_strict_types(), &garbage);
1101
1102
1.30M
      if (garbage) {
1103
4.01k
        if (GC_DELREF(garbage) == 0) {
1104
2.53k
          zend_execute_data *execute_data = EG(current_execute_data);
1105
          // Assign to result variable before calling the destructor as it may release the object
1106
2.53k
          if (execute_data
1107
2.53k
           && EX(func)
1108
2.53k
           && ZEND_USER_CODE(EX(func)->common.type)
1109
2.53k
           && EX(opline)
1110
2.53k
           && EX(opline)->opcode == ZEND_ASSIGN_OBJ
1111
2.53k
           && EX(opline)->result_type) {
1112
60
            ZVAL_COPY_DEREF(EX_VAR(EX(opline)->result.var), variable_ptr);
1113
60
            variable_ptr = NULL;
1114
60
          }
1115
2.53k
          rc_dtor_func(garbage);
1116
2.53k
        } else {
1117
1.48k
          gc_check_possible_root_no_ref(garbage);
1118
1.48k
        }
1119
4.01k
      }
1120
1.30M
      goto exit;
1121
1.29M
    }
1122
6.03k
    if (Z_PROP_FLAG_P(variable_ptr) & IS_PROP_UNINIT) {
1123
5.71k
      if (UNEXPECTED(zend_lazy_object_must_init(zobj))) {
1124
584
        if (Z_PROP_FLAG_P(variable_ptr) & IS_PROP_LAZY) {
1125
191
          goto lazy_init;
1126
191
        }
1127
584
      }
1128
      /* Writes to uninitialized typed properties bypass __set(). */
1129
5.52k
      goto write_std_property;
1130
5.71k
    }
1131
53.7k
  } else if (EXPECTED(IS_DYNAMIC_PROPERTY_OFFSET(property_offset))) {
1132
51.0k
    if (EXPECTED(zobj->properties != NULL)) {
1133
19.7k
      if (UNEXPECTED(GC_REFCOUNT(zobj->properties) > 1)) {
1134
26
        if (EXPECTED(!(GC_FLAGS(zobj->properties) & IS_ARRAY_IMMUTABLE))) {
1135
26
          GC_DELREF(zobj->properties);
1136
26
        }
1137
26
        zobj->properties = zend_array_dup(zobj->properties);
1138
26
      }
1139
19.7k
      if ((variable_ptr = zend_hash_find(zobj->properties, name)) != NULL) {
1140
9.35k
        Z_TRY_ADDREF_P(value);
1141
9.35k
        goto found;
1142
9.35k
      }
1143
19.7k
    }
1144
51.0k
  } else if (IS_HOOKED_PROPERTY_OFFSET(property_offset)) {
1145
2.54k
    zend_function *set = prop_info->hooks[ZEND_PROPERTY_HOOK_SET];
1146
1147
2.54k
    if (!set) {
1148
38
      if (prop_info->flags & ZEND_ACC_VIRTUAL) {
1149
10
        zend_throw_error(NULL, "Property %s::$%s is read-only", ZSTR_VAL(zobj->ce->name), ZSTR_VAL(name));
1150
10
        variable_ptr = &EG(error_zval);
1151
10
        goto exit;
1152
10
      }
1153
28
      ZEND_SET_PROPERTY_HOOK_SIMPLE_WRITE(cache_slot);
1154
28
      property_offset = prop_info->offset;
1155
28
      if (!ZEND_TYPE_IS_SET(prop_info->type)) {
1156
20
        prop_info = NULL;
1157
20
      }
1158
28
      goto try_again;
1159
38
    }
1160
1161
2.50k
    if (!zend_should_call_hook(prop_info, zobj)) {
1162
240
      if (prop_info->flags & ZEND_ACC_VIRTUAL) {
1163
2
        zend_throw_no_prop_backing_value_access(zobj->ce->name, name, /* is_read */ false);
1164
2
        variable_ptr = &EG(error_zval);
1165
2
        goto exit;
1166
2
      }
1167
1168
      /* Writes to backing store can only occur in hooks, and hence will always remain simple. */
1169
238
      zend_execute_data *execute_data = EG(current_execute_data);
1170
238
      if (cache_slot && EX(opline) && EX(opline)->opcode == ZEND_ASSIGN_OBJ && EX(opline)->op1_type == IS_UNUSED) {
1171
204
        ZEND_SET_PROPERTY_HOOK_SIMPLE_WRITE(cache_slot);
1172
204
      }
1173
1174
238
      property_offset = prop_info->offset;
1175
238
      if (!ZEND_TYPE_IS_SET(prop_info->type)) {
1176
167
        prop_info = NULL;
1177
167
      }
1178
238
      goto try_again;
1179
240
    }
1180
1181
2.26k
    if (UNEXPECTED(prop_info->flags & ZEND_ACC_PPP_SET_MASK
1182
2.26k
     && !zend_asymmetric_property_has_set_access(prop_info))) {
1183
8
      zend_asymmetric_visibility_property_modification_error(prop_info, "modify");
1184
8
      variable_ptr = &EG(error_zval);
1185
8
      goto exit;
1186
8
    }
1187
1188
2.25k
    GC_ADDREF(zobj);
1189
2.25k
    zend_call_known_instance_method_with_1_params(set, zobj, NULL, value);
1190
2.25k
    OBJ_RELEASE(zobj);
1191
1192
2.25k
    variable_ptr = value;
1193
2.25k
    goto exit;
1194
2.26k
  } else if (UNEXPECTED(EG(exception))) {
1195
30
    variable_ptr = &EG(error_zval);
1196
30
    goto exit;
1197
30
  }
1198
1199
  /* magic set */
1200
42.1k
  if (zobj->ce->__set) {
1201
901
    if (!guard) {
1202
886
      guard = zend_get_property_guard(zobj, name);
1203
886
    }
1204
1205
901
    if (!((*guard) & IN_SET)) {
1206
798
      GC_ADDREF(zobj);
1207
798
      (*guard) |= IN_SET; /* prevent circular setting */
1208
798
      zend_std_call_setter(zobj, name, value);
1209
798
      (*guard) &= ~IN_SET;
1210
798
      OBJ_RELEASE(zobj);
1211
798
      variable_ptr = value;
1212
798
    } else if (EXPECTED(!IS_WRONG_PROPERTY_OFFSET(property_offset))) {
1213
86
      if (UNEXPECTED(zend_lazy_object_must_init(zobj))) {
1214
20
        return forward_write_to_lazy_object(zobj, name, value,
1215
20
            cache_slot, /* guarded */ true);
1216
20
      }
1217
1218
66
      goto write_std_property;
1219
86
    } else {
1220
      /* Trigger the correct error */
1221
17
      zend_wrong_offset(zobj->ce, name);
1222
17
      ZEND_ASSERT(EG(exception));
1223
17
      variable_ptr = &EG(error_zval);
1224
17
      goto exit;
1225
17
    }
1226
41.2k
  } else {
1227
41.2k
    ZEND_ASSERT(!IS_WRONG_PROPERTY_OFFSET(property_offset));
1228
41.2k
    if (UNEXPECTED(zend_lazy_object_must_init(zobj))) {
1229
20
      goto lazy_init;
1230
20
    }
1231
46.8k
write_std_property:
1232
46.8k
    if (EXPECTED(IS_VALID_PROPERTY_OFFSET(property_offset))) {
1233
5.79k
      variable_ptr = OBJ_PROP(zobj, property_offset);
1234
1235
5.79k
      Z_TRY_ADDREF_P(value);
1236
5.79k
      if (prop_info) {
1237
5.39k
        goto typed_property;
1238
5.39k
      }
1239
1240
394
      ZVAL_COPY_VALUE(variable_ptr, value);
1241
41.0k
    } else {
1242
41.0k
      if (UNEXPECTED(zobj->ce->ce_flags & ZEND_ACC_NO_DYNAMIC_PROPERTIES)) {
1243
49
        zend_forbidden_dynamic_property(zobj->ce, name);
1244
49
        variable_ptr = &EG(error_zval);
1245
49
        goto exit;
1246
49
      }
1247
40.9k
      if (UNEXPECTED(!(zobj->ce->ce_flags & ZEND_ACC_ALLOW_DYNAMIC_PROPERTIES))) {
1248
22.8k
        if (UNEXPECTED(!zend_deprecated_dynamic_property(zobj, name))) {
1249
0
          variable_ptr = &EG(error_zval);
1250
0
          goto exit;
1251
0
        }
1252
22.8k
      }
1253
1254
40.9k
      Z_TRY_ADDREF_P(value);
1255
40.9k
      variable_ptr = zend_hash_add_new(zend_std_get_properties(zobj), name, value);
1256
40.9k
    }
1257
46.8k
  }
1258
1259
1.35M
exit:
1260
1.35M
  return variable_ptr;
1261
1262
211
lazy_init:
1263
211
  return forward_write_to_lazy_object(zobj, name, value, cache_slot,
1264
      /* guarded */ false);
1265
42.1k
}
1266
/* }}} */
1267
1268
static ZEND_COLD zend_never_inline void zend_bad_array_access(zend_class_entry *ce) /* {{{ */
1269
67
{
1270
67
  zend_throw_error(NULL, "Cannot use object of type %s as array", ZSTR_VAL(ce->name));
1271
67
}
1272
/* }}} */
1273
1274
ZEND_API zval *zend_std_read_dimension(zend_object *object, zval *offset, int type, zval *rv) /* {{{ */
1275
1.63k
{
1276
1.63k
  zend_class_entry *ce = object->ce;
1277
1.63k
  zval tmp_offset;
1278
1279
  /* arrayaccess_funcs_ptr is set if (and only if) the class implements zend_ce_arrayaccess */
1280
1.63k
  zend_class_arrayaccess_funcs *funcs = ce->arrayaccess_funcs_ptr;
1281
1.63k
  if (EXPECTED(funcs)) {
1282
1.57k
    if (offset == NULL) {
1283
      /* [] construct */
1284
12
      ZVAL_NULL(&tmp_offset);
1285
1.56k
    } else {
1286
1.56k
      ZVAL_COPY_DEREF(&tmp_offset, offset);
1287
1.56k
    }
1288
1289
1.57k
    GC_ADDREF(object);
1290
1.57k
    if (type == BP_VAR_IS) {
1291
136
      zend_call_known_instance_method_with_1_params(funcs->zf_offsetexists, object, rv, &tmp_offset);
1292
136
      if (UNEXPECTED(Z_ISUNDEF_P(rv))) {
1293
11
        OBJ_RELEASE(object);
1294
11
        zval_ptr_dtor(&tmp_offset);
1295
11
        return NULL;
1296
11
      }
1297
125
      if (!i_zend_is_true(rv)) {
1298
54
        OBJ_RELEASE(object);
1299
54
        zval_ptr_dtor(&tmp_offset);
1300
54
        zval_ptr_dtor(rv);
1301
54
        return &EG(uninitialized_zval);
1302
54
      }
1303
71
      zval_ptr_dtor(rv);
1304
71
    }
1305
1306
1.51k
    zend_call_known_instance_method_with_1_params(funcs->zf_offsetget, object, rv, &tmp_offset);
1307
1308
1.51k
    OBJ_RELEASE(object);
1309
1.51k
    zval_ptr_dtor(&tmp_offset);
1310
1311
1.51k
    if (UNEXPECTED(Z_TYPE_P(rv) == IS_UNDEF)) {
1312
9
      if (UNEXPECTED(!EG(exception))) {
1313
0
        zend_throw_error(NULL, "Undefined offset for object of type %s used as array", ZSTR_VAL(ce->name));
1314
0
      }
1315
9
      return NULL;
1316
9
    }
1317
1.50k
    return rv;
1318
1.51k
  } else {
1319
52
      zend_bad_array_access(ce);
1320
52
    return NULL;
1321
52
  }
1322
1.63k
}
1323
/* }}} */
1324
1325
ZEND_API void zend_std_write_dimension(zend_object *object, zval *offset, zval *value) /* {{{ */
1326
287
{
1327
287
  zend_class_entry *ce = object->ce;
1328
287
  zval tmp_offset;
1329
1330
287
  zend_class_arrayaccess_funcs *funcs = ce->arrayaccess_funcs_ptr;
1331
287
  if (EXPECTED(funcs)) {
1332
279
    if (!offset) {
1333
20
      ZVAL_NULL(&tmp_offset);
1334
259
    } else {
1335
259
      ZVAL_COPY_DEREF(&tmp_offset, offset);
1336
259
    }
1337
279
    GC_ADDREF(object);
1338
279
    zend_call_known_instance_method_with_2_params(funcs->zf_offsetset, object, NULL, &tmp_offset, value);
1339
279
    OBJ_RELEASE(object);
1340
279
    zval_ptr_dtor(&tmp_offset);
1341
279
  } else {
1342
8
      zend_bad_array_access(ce);
1343
8
  }
1344
287
}
1345
/* }}} */
1346
1347
// todo: make zend_std_has_dimension return bool as well
1348
ZEND_API int zend_std_has_dimension(zend_object *object, zval *offset, int check_empty) /* {{{ */
1349
179
{
1350
179
  zend_class_entry *ce = object->ce;
1351
179
  zval retval, tmp_offset;
1352
179
  bool result;
1353
1354
179
  zend_class_arrayaccess_funcs *funcs = ce->arrayaccess_funcs_ptr;
1355
179
  if (EXPECTED(funcs)) {
1356
179
    ZVAL_COPY_DEREF(&tmp_offset, offset);
1357
179
    GC_ADDREF(object);
1358
179
    zend_call_known_instance_method_with_1_params(funcs->zf_offsetexists, object, &retval, &tmp_offset);
1359
179
    result = i_zend_is_true(&retval);
1360
179
    zval_ptr_dtor(&retval);
1361
179
    if (check_empty && result && EXPECTED(!EG(exception))) {
1362
26
      zend_call_known_instance_method_with_1_params(funcs->zf_offsetget, object, &retval, &tmp_offset);
1363
26
      result = i_zend_is_true(&retval);
1364
26
      zval_ptr_dtor(&retval);
1365
26
    }
1366
179
    OBJ_RELEASE(object);
1367
179
    zval_ptr_dtor(&tmp_offset);
1368
179
  } else {
1369
0
      zend_bad_array_access(ce);
1370
0
    return 0;
1371
0
  }
1372
1373
179
  return result;
1374
179
}
1375
/* }}} */
1376
1377
ZEND_API zval *zend_std_get_property_ptr_ptr(zend_object *zobj, zend_string *name, int type, void **cache_slot) /* {{{ */
1378
7.74k
{
1379
7.74k
  zval *retval = NULL;
1380
7.74k
  uintptr_t property_offset;
1381
7.74k
  const zend_property_info *prop_info = NULL;
1382
1383
#if DEBUG_OBJECT_HANDLERS
1384
  fprintf(stderr, "Ptr object #%d property: %s\n", zobj->handle, ZSTR_VAL(name));
1385
#endif
1386
1387
7.74k
  property_offset = zend_get_property_offset(zobj->ce, name, (zobj->ce->__get != NULL), cache_slot, &prop_info);
1388
1389
7.74k
  if (EXPECTED(IS_VALID_PROPERTY_OFFSET(property_offset))) {
1390
5.07k
    retval = OBJ_PROP(zobj, property_offset);
1391
5.07k
    if (UNEXPECTED(Z_TYPE_P(retval) == IS_UNDEF)) {
1392
658
      if (EXPECTED(!zobj->ce->__get) ||
1393
658
          UNEXPECTED((*zend_get_property_guard(zobj, name)) & IN_GET) ||
1394
658
          UNEXPECTED(prop_info && (Z_PROP_FLAG_P(retval) & IS_PROP_UNINIT))) {
1395
653
        if (UNEXPECTED(zend_lazy_object_must_init(zobj) && (Z_PROP_FLAG_P(retval) & IS_PROP_LAZY))) {
1396
143
          zobj = zend_lazy_object_init(zobj);
1397
143
          if (!zobj) {
1398
12
            return &EG(error_zval);
1399
12
          }
1400
1401
131
          return zend_std_get_property_ptr_ptr(zobj, name, type, cache_slot);
1402
143
        }
1403
510
        if (UNEXPECTED(type == BP_VAR_RW || type == BP_VAR_R)) {
1404
118
          if (prop_info) {
1405
82
            zend_typed_property_uninitialized_access(prop_info, name);
1406
82
            retval = &EG(error_zval);
1407
82
          } else {
1408
36
            zend_error(E_WARNING, "Undefined property: %s::$%s", ZSTR_VAL(zobj->ce->name), ZSTR_VAL(name));
1409
            /* An error handler may set the property */
1410
36
             if (EXPECTED(Z_TYPE_P(retval) == IS_UNDEF)) {
1411
31
              ZVAL_NULL(retval);
1412
31
             }
1413
36
          }
1414
392
        } else if (prop_info && UNEXPECTED(prop_info->flags & (ZEND_ACC_READONLY|ZEND_ACC_PPP_SET_MASK))) {
1415
123
          if ((prop_info->flags & ZEND_ACC_READONLY) || !zend_asymmetric_property_has_set_access(prop_info)) {
1416
110
            retval = NULL;
1417
110
          }
1418
269
        } else if (!prop_info || !ZEND_TYPE_IS_SET(prop_info->type)) {
1419
5
          ZVAL_NULL(retval);
1420
5
        }
1421
510
      } else {
1422
        /* we do have getter - fail and let it try again with usual get/set */
1423
5
        retval = NULL;
1424
5
      }
1425
4.41k
    } else if (prop_info && UNEXPECTED(prop_info->flags & (ZEND_ACC_READONLY|ZEND_ACC_PPP_SET_MASK))) {
1426
422
      if ((prop_info->flags & ZEND_ACC_READONLY) || !zend_asymmetric_property_has_set_access(prop_info)) {
1427
391
        retval = NULL;
1428
391
      }
1429
422
    }
1430
5.07k
  } else if (EXPECTED(IS_DYNAMIC_PROPERTY_OFFSET(property_offset))) {
1431
2.35k
    if (EXPECTED(zobj->properties)) {
1432
1.49k
      if (UNEXPECTED(GC_REFCOUNT(zobj->properties) > 1)) {
1433
15
        if (EXPECTED(!(GC_FLAGS(zobj->properties) & IS_ARRAY_IMMUTABLE))) {
1434
15
          GC_DELREF(zobj->properties);
1435
15
        }
1436
15
        zobj->properties = zend_array_dup(zobj->properties);
1437
15
      }
1438
1.49k
        if (EXPECTED((retval = zend_hash_find(zobj->properties, name)) != NULL)) {
1439
955
        return retval;
1440
955
        }
1441
1.49k
    }
1442
1.40k
    if (EXPECTED(!zobj->ce->__get) ||
1443
1.40k
        UNEXPECTED((*zend_get_property_guard(zobj, name)) & IN_GET)) {
1444
1.01k
      if (UNEXPECTED(zobj->ce->ce_flags & ZEND_ACC_NO_DYNAMIC_PROPERTIES)) {
1445
15
        zend_forbidden_dynamic_property(zobj->ce, name);
1446
15
        return &EG(error_zval);
1447
15
      }
1448
1.00k
      if (UNEXPECTED(!(zobj->ce->ce_flags & ZEND_ACC_ALLOW_DYNAMIC_PROPERTIES))) {
1449
279
        if (UNEXPECTED(!zend_deprecated_dynamic_property(zobj, name))) {
1450
9
          return &EG(error_zval);
1451
9
        }
1452
279
      }
1453
991
      if (UNEXPECTED(zend_lazy_object_must_init(zobj))) {
1454
66
        zobj = zend_lazy_object_init(zobj);
1455
66
        if (!zobj) {
1456
13
          return &EG(error_zval);
1457
13
        }
1458
1459
53
        return zend_std_get_property_ptr_ptr(zobj, name, type, cache_slot);
1460
66
      }
1461
925
      if (UNEXPECTED(!zobj->properties)) {
1462
437
        rebuild_object_properties_internal(zobj);
1463
437
      }
1464
925
      if (UNEXPECTED(type == BP_VAR_RW || type == BP_VAR_R)) {
1465
363
        zend_error(E_WARNING, "Undefined property: %s::$%s", ZSTR_VAL(zobj->ce->name), ZSTR_VAL(name));
1466
363
      }
1467
925
      retval = zend_hash_add(zobj->properties, name, &EG(uninitialized_zval));
1468
925
    }
1469
1.40k
  } else if (!IS_HOOKED_PROPERTY_OFFSET(property_offset) && zobj->ce->__get == NULL) {
1470
10
    retval = &EG(error_zval);
1471
10
  }
1472
1473
6.55k
  return retval;
1474
7.74k
}
1475
/* }}} */
1476
1477
ZEND_API void zend_std_unset_property(zend_object *zobj, zend_string *name, void **cache_slot) /* {{{ */
1478
1.96k
{
1479
1.96k
  uintptr_t property_offset;
1480
1.96k
  const zend_property_info *prop_info = NULL;
1481
1.96k
  uint32_t *guard = NULL;
1482
1483
1.96k
  property_offset = zend_get_property_offset(zobj->ce, name, (zobj->ce->__unset != NULL), cache_slot, &prop_info);
1484
1485
1.96k
  if (EXPECTED(IS_VALID_PROPERTY_OFFSET(property_offset))) {
1486
1.15k
    zval *slot = OBJ_PROP(zobj, property_offset);
1487
1488
1.15k
    if (prop_info && UNEXPECTED(prop_info->flags & (ZEND_ACC_READONLY|ZEND_ACC_PPP_SET_MASK))) {
1489
200
      bool error;
1490
200
      if (Z_TYPE_P(slot) != IS_UNDEF || Z_PROP_FLAG_P(slot) & IS_PROP_UNINIT || !zobj->ce->__unset) {
1491
175
        error = true;
1492
175
      } else {
1493
25
        guard = zend_get_property_guard(zobj, name);
1494
25
        error = (*guard) & IN_UNSET;
1495
25
      }
1496
200
      if (error) {
1497
180
        if ((prop_info->flags & ZEND_ACC_READONLY)
1498
180
         && Z_TYPE_P(slot) != IS_UNDEF
1499
180
         && !(Z_PROP_FLAG_P(slot) & IS_PROP_REINITABLE)) {
1500
37
          zend_readonly_property_unset_error(prop_info->ce, name);
1501
37
          return;
1502
37
        }
1503
143
        if ((prop_info->flags & ZEND_ACC_PPP_SET_MASK) && !zend_asymmetric_property_has_set_access(prop_info)) {
1504
62
          zend_asymmetric_visibility_property_modification_error(prop_info, "unset");
1505
62
          return;
1506
62
        }
1507
143
      }
1508
200
    }
1509
1510
1.05k
    if (Z_TYPE_P(slot) != IS_UNDEF) {
1511
904
      if (UNEXPECTED(Z_ISREF_P(slot)) &&
1512
904
          (ZEND_DEBUG || ZEND_REF_HAS_TYPE_SOURCES(Z_REF_P(slot)))) {
1513
90
        if (prop_info) {
1514
84
          ZEND_REF_DEL_TYPE_SOURCE(Z_REF_P(slot), prop_info);
1515
84
        }
1516
90
      }
1517
904
      zval tmp;
1518
904
      ZVAL_COPY_VALUE(&tmp, slot);
1519
904
      ZVAL_UNDEF(slot);
1520
904
      zval_ptr_dtor(&tmp);
1521
904
      if (zobj->properties) {
1522
126
        HT_FLAGS(zobj->properties) |= HASH_FLAG_HAS_EMPTY_IND;
1523
126
      }
1524
904
      return;
1525
904
    }
1526
150
    if (UNEXPECTED(Z_PROP_FLAG_P(slot) & IS_PROP_UNINIT)) {
1527
100
      if (UNEXPECTED(zend_lazy_object_must_init(zobj) && (Z_PROP_FLAG_P(slot) & IS_PROP_LAZY))) {
1528
23
        zobj = zend_lazy_object_init(zobj);
1529
23
        if (!zobj) {
1530
4
          return;
1531
4
        }
1532
19
        zend_std_unset_property(zobj, name, cache_slot);
1533
19
        return;
1534
23
      }
1535
1536
      /* Reset the IS_PROP_UNINIT flag, if it exists and bypass __unset(). */
1537
77
      Z_PROP_FLAG_P(slot) = 0;
1538
77
      return;
1539
100
    }
1540
812
  } else if (EXPECTED(IS_DYNAMIC_PROPERTY_OFFSET(property_offset))
1541
812
   && EXPECTED(zobj->properties != NULL)) {
1542
652
    if (UNEXPECTED(GC_REFCOUNT(zobj->properties) > 1)) {
1543
0
      if (EXPECTED(!(GC_FLAGS(zobj->properties) & IS_ARRAY_IMMUTABLE))) {
1544
0
        GC_DELREF(zobj->properties);
1545
0
      }
1546
0
      zobj->properties = zend_array_dup(zobj->properties);
1547
0
    }
1548
652
    if (EXPECTED(zend_hash_del(zobj->properties, name) != FAILURE)) {
1549
231
      return;
1550
231
    }
1551
652
  } else if (IS_HOOKED_PROPERTY_OFFSET(property_offset)) {
1552
24
    zend_throw_error(NULL, "Cannot unset hooked property %s::$%s",
1553
24
      ZSTR_VAL(zobj->ce->name), ZSTR_VAL(name));
1554
24
    return;
1555
136
  } else if (UNEXPECTED(EG(exception))) {
1556
2
    return;
1557
2
  }
1558
1559
  /* magic unset */
1560
605
  if (zobj->ce->__unset) {
1561
119
    if (!guard) {
1562
99
      guard = zend_get_property_guard(zobj, name);
1563
99
    }
1564
119
    if (!((*guard) & IN_UNSET)) {
1565
      /* have unsetter - try with it! */
1566
72
      (*guard) |= IN_UNSET; /* prevent circular unsetting */
1567
72
      zend_std_call_unsetter(zobj, name);
1568
72
      (*guard) &= ~IN_UNSET;
1569
72
      return;
1570
72
    } else if (UNEXPECTED(IS_WRONG_PROPERTY_OFFSET(property_offset))) {
1571
      /* Trigger the correct error */
1572
10
      zend_wrong_offset(zobj->ce, name);
1573
10
      ZEND_ASSERT(EG(exception));
1574
10
      return;
1575
37
    } else {
1576
      /* Nothing to do: The property already does not exist. */
1577
37
    }
1578
119
  }
1579
1580
523
  if (UNEXPECTED(zend_lazy_object_must_init(zobj))) {
1581
36
    zobj = zend_lazy_object_init(zobj);
1582
36
    if (!zobj) {
1583
2
      return;
1584
2
    }
1585
1586
34
    if (UNEXPECTED(guard)) {
1587
15
      guard = zend_get_property_guard(zobj, name);
1588
15
      if (!((*guard) & IN_UNSET)) {
1589
10
        (*guard) |= IN_UNSET;
1590
10
        zend_std_unset_property(zobj, name, cache_slot);
1591
10
        (*guard) &= ~IN_UNSET;
1592
10
        return;
1593
10
      }
1594
15
    }
1595
1596
24
    zend_std_unset_property(zobj, name, cache_slot);
1597
24
    return;
1598
34
  }
1599
523
}
1600
/* }}} */
1601
1602
ZEND_API void zend_std_unset_dimension(zend_object *object, zval *offset) /* {{{ */
1603
140
{
1604
140
  zend_class_entry *ce = object->ce;
1605
140
  zval tmp_offset;
1606
1607
140
  zend_class_arrayaccess_funcs *funcs = ce->arrayaccess_funcs_ptr;
1608
140
  if (EXPECTED(funcs)) {
1609
133
    ZVAL_COPY_DEREF(&tmp_offset, offset);
1610
133
    GC_ADDREF(object);
1611
133
    zend_call_known_instance_method_with_1_params(funcs->zf_offsetunset, object, NULL, &tmp_offset);
1612
133
    OBJ_RELEASE(object);
1613
133
    zval_ptr_dtor(&tmp_offset);
1614
133
  } else {
1615
7
      zend_bad_array_access(ce);
1616
7
  }
1617
140
}
1618
/* }}} */
1619
1620
static zend_never_inline zend_function *zend_get_parent_private_method(zend_class_entry *scope, zend_class_entry *ce, zend_string *function_name) /* {{{ */
1621
63
{
1622
63
  zval *func;
1623
63
  zend_function *fbc;
1624
1625
63
  if (scope != ce && scope && is_derived_class(ce, scope)) {
1626
48
    func = zend_hash_find(&scope->function_table, function_name);
1627
48
    if (func != NULL) {
1628
48
      fbc = Z_FUNC_P(func);
1629
48
      if ((fbc->common.fn_flags & ZEND_ACC_PRIVATE)
1630
48
       && fbc->common.scope == scope) {
1631
38
        return fbc;
1632
38
      }
1633
48
    }
1634
48
  }
1635
25
  return NULL;
1636
63
}
1637
/* }}} */
1638
1639
/* Ensures that we're allowed to call a protected method.
1640
 */
1641
ZEND_API bool zend_check_protected(const zend_class_entry *ce, const zend_class_entry *scope) /* {{{ */
1642
688
{
1643
688
  const zend_class_entry *fbc_scope = ce;
1644
1645
  /* Is the context that's calling the function, the same as one of
1646
   * the function's parents?
1647
   */
1648
1.36k
  while (fbc_scope) {
1649
801
    if (fbc_scope==scope) {
1650
122
      return 1;
1651
122
    }
1652
679
    fbc_scope = fbc_scope->parent;
1653
679
  }
1654
1655
  /* Is the function's scope the same as our current object context,
1656
   * or any of the parents of our context?
1657
   */
1658
988
  while (scope) {
1659
726
    if (scope==ce) {
1660
304
      return 1;
1661
304
    }
1662
422
    scope = scope->parent;
1663
422
  }
1664
262
  return 0;
1665
566
}
1666
/* }}} */
1667
1668
ZEND_API zend_function *zend_get_call_trampoline_func(const zend_class_entry *ce, zend_string *method_name, bool is_static) /* {{{ */
1669
3.40k
{
1670
3.40k
  size_t mname_len;
1671
3.40k
  zend_op_array *func;
1672
3.40k
  zend_function *fbc = is_static ? ce->__callstatic : ce->__call;
1673
  /* We use non-NULL value to avoid useless run_time_cache allocation.
1674
   * The low bit must be zero, to not be interpreted as a MAP_PTR offset.
1675
   */
1676
3.40k
  static const void *dummy = (void*)(intptr_t)2;
1677
3.40k
  static const zend_arg_info arg_info[1] = {{0}};
1678
1679
3.40k
  ZEND_ASSERT(fbc);
1680
1681
3.40k
  if (EXPECTED(EG(trampoline).common.function_name == NULL)) {
1682
3.39k
    func = &EG(trampoline).op_array;
1683
3.39k
  } else {
1684
10
    func = ecalloc(1, sizeof(zend_op_array));
1685
10
  }
1686
1687
3.40k
  func->type = ZEND_USER_FUNCTION;
1688
3.40k
  func->arg_flags[0] = 0;
1689
3.40k
  func->arg_flags[1] = 0;
1690
3.40k
  func->arg_flags[2] = 0;
1691
3.40k
  func->fn_flags = ZEND_ACC_CALL_VIA_TRAMPOLINE
1692
3.40k
    | ZEND_ACC_PUBLIC
1693
3.40k
    | ZEND_ACC_VARIADIC
1694
3.40k
    | (fbc->common.fn_flags & (ZEND_ACC_RETURN_REFERENCE|ZEND_ACC_ABSTRACT|ZEND_ACC_DEPRECATED|ZEND_ACC_NODISCARD));
1695
  /* Attributes outlive the trampoline because they are created by the compiler. */
1696
3.40k
  func->attributes = fbc->common.attributes;
1697
3.40k
  if (is_static) {
1698
490
    func->fn_flags |= ZEND_ACC_STATIC;
1699
490
  }
1700
3.40k
  func->opcodes = &EG(call_trampoline_op);
1701
3.40k
  ZEND_MAP_PTR_INIT(func->run_time_cache, (void**)dummy);
1702
3.40k
  func->scope = fbc->common.scope;
1703
  /* reserve space for arguments, local and temporary variables */
1704
  /* EG(trampoline) is reused from other places, like FFI (e.g. zend_ffi_cdata_get_closure()) where
1705
   * it is used as an internal function. It may set fields that don't belong to common, thus
1706
   * modifying zend_op_array specific data, most significantly last_var. We need to reset this
1707
   * value so that it doesn't contain garbage when the engine allocates space for the next stack
1708
   * frame. This didn't cause any issues until now due to "lucky" structure layout. */
1709
3.40k
  func->last_var = 0;
1710
3.40k
  uint32_t min_T = 2 + ZEND_OBSERVER_ENABLED;
1711
3.40k
  func->T = (fbc->type == ZEND_USER_FUNCTION)? MAX(fbc->op_array.last_var + fbc->op_array.T, min_T) : min_T;
1712
3.40k
  func->filename = (fbc->type == ZEND_USER_FUNCTION)? fbc->op_array.filename : ZSTR_EMPTY_ALLOC();
1713
3.40k
  func->line_start = (fbc->type == ZEND_USER_FUNCTION)? fbc->op_array.line_start : 0;
1714
3.40k
  func->line_end = (fbc->type == ZEND_USER_FUNCTION)? fbc->op_array.line_end : 0;
1715
1716
  //??? keep compatibility for "\0" characters
1717
  //??? see: Zend/tests/bug46238.phpt
1718
3.40k
  if (UNEXPECTED((mname_len = strlen(ZSTR_VAL(method_name))) != ZSTR_LEN(method_name))) {
1719
37
    func->function_name = zend_string_init(ZSTR_VAL(method_name), mname_len, 0);
1720
3.37k
  } else {
1721
3.37k
    func->function_name = zend_string_copy(method_name);
1722
3.37k
  }
1723
1724
3.40k
  func->prototype = NULL;
1725
3.40k
  func->prop_info = NULL;
1726
3.40k
  func->num_args = 0;
1727
3.40k
  func->required_num_args = 0;
1728
3.40k
  func->arg_info = (zend_arg_info *) arg_info;
1729
1730
3.40k
  return (zend_function*)func;
1731
3.40k
}
1732
/* }}} */
1733
1734
static ZEND_FUNCTION(zend_parent_hook_get_trampoline)
1735
224
{
1736
224
  zend_object *obj = Z_PTR_P(ZEND_THIS);
1737
224
  zend_string *prop_name = EX(func)->internal_function.reserved[0];
1738
1739
224
  if (UNEXPECTED(ZEND_NUM_ARGS() != 0)) {
1740
10
    zend_wrong_parameters_none_error();
1741
10
    goto clean;
1742
10
  }
1743
1744
214
  zval rv;
1745
214
  zval *retval = obj->handlers->read_property(obj, prop_name, BP_VAR_R, NULL, &rv);
1746
214
  if (retval == &rv) {
1747
0
    RETVAL_COPY_VALUE(retval);
1748
214
  } else {
1749
214
    RETVAL_COPY(retval);
1750
214
  }
1751
1752
224
clean:
1753
224
  zend_string_release(EX(func)->common.function_name);
1754
224
  zend_free_trampoline(EX(func));
1755
224
  EX(func) = NULL;
1756
224
}
1757
1758
static ZEND_FUNCTION(zend_parent_hook_set_trampoline)
1759
46
{
1760
46
  zend_object *obj = Z_PTR_P(ZEND_THIS);
1761
46
  zend_string *prop_name = EX(func)->internal_function.reserved[0];
1762
1763
46
  zval *value;
1764
1765
128
  ZEND_PARSE_PARAMETERS_START(1, 1)
1766
144
    Z_PARAM_ZVAL(value)
1767
144
  ZEND_PARSE_PARAMETERS_END_EX(goto clean);
1768
1769
36
  RETVAL_COPY(obj->handlers->write_property(obj, prop_name, value, NULL));
1770
1771
46
clean:
1772
46
  zend_string_release(EX(func)->common.function_name);
1773
46
  zend_free_trampoline(EX(func));
1774
46
  EX(func) = NULL;
1775
46
}
1776
1777
ZEND_API zend_function *zend_get_property_hook_trampoline(
1778
  const zend_property_info *prop_info,
1779
  zend_property_hook_kind kind, zend_string *prop_name)
1780
270
{
1781
270
  static const zend_arg_info arg_info[1] = {{0}};
1782
270
  zend_function *func;
1783
270
  if (EXPECTED(EG(trampoline).common.function_name == NULL)) {
1784
270
    func = &EG(trampoline);
1785
270
  } else {
1786
0
    func = (zend_function *)(uintptr_t)ecalloc(1, sizeof(zend_internal_function));
1787
0
  }
1788
270
  func->type = ZEND_INTERNAL_FUNCTION;
1789
  /* This trampoline does not use the call_trampoline_op, so it won't reuse the call frame,
1790
   * which means we don't even need to reserve a temporary for observers. */
1791
270
  func->common.T = 0;
1792
270
  func->common.arg_flags[0] = 0;
1793
270
  func->common.arg_flags[1] = 0;
1794
270
  func->common.arg_flags[2] = 0;
1795
270
  func->common.fn_flags = ZEND_ACC_CALL_VIA_TRAMPOLINE;
1796
270
  func->common.function_name = zend_string_concat3(
1797
270
    "$", 1, ZSTR_VAL(prop_name), ZSTR_LEN(prop_name),
1798
270
    kind == ZEND_PROPERTY_HOOK_GET ? "::get" : "::set", 5);
1799
  /* set to 0 to avoid arg_info[] allocation, because all values are passed by value anyway */
1800
270
  uint32_t args = kind == ZEND_PROPERTY_HOOK_GET ? 0 : 1;
1801
270
  func->common.num_args = args;
1802
270
  func->common.required_num_args = args;
1803
270
  func->common.scope = prop_info->ce;
1804
270
  func->common.prototype = NULL;
1805
270
  func->common.prop_info = prop_info;
1806
270
  func->common.arg_info = (zend_arg_info *) arg_info;
1807
270
  func->internal_function.handler = kind == ZEND_PROPERTY_HOOK_GET
1808
270
    ? ZEND_FN(zend_parent_hook_get_trampoline)
1809
270
    : ZEND_FN(zend_parent_hook_set_trampoline);
1810
270
  func->internal_function.module = NULL;
1811
1812
270
  func->internal_function.reserved[0] = prop_name;
1813
270
  func->internal_function.reserved[1] = NULL;
1814
1815
270
  return func;
1816
270
}
1817
1818
static zend_always_inline zend_function *zend_get_user_call_function(zend_class_entry *ce, zend_string *method_name) /* {{{ */
1819
2.90k
{
1820
2.90k
  return zend_get_call_trampoline_func(ce, method_name, 0);
1821
2.90k
}
1822
/* }}} */
1823
1824
ZEND_API ZEND_COLD zend_never_inline void zend_bad_method_call(zend_function *fbc, zend_string *method_name, zend_class_entry *scope) /* {{{ */
1825
78
{
1826
78
  zend_throw_error(NULL, "Call to %s method %s::%s() from %s%s",
1827
78
    zend_visibility_string(fbc->common.fn_flags), ZEND_FN_SCOPE_NAME(fbc), ZSTR_VAL(method_name),
1828
78
    scope ? "scope " : "global scope",
1829
78
    scope ? ZSTR_VAL(scope->name) : ""
1830
78
  );
1831
78
}
1832
/* }}} */
1833
1834
ZEND_API ZEND_COLD zend_never_inline void zend_abstract_method_call(zend_function *fbc) /* {{{ */
1835
30
{
1836
30
  zend_throw_error(NULL, "Cannot call abstract method %s::%s()",
1837
30
    ZSTR_VAL(fbc->common.scope->name), ZSTR_VAL(fbc->common.function_name));
1838
30
}
1839
/* }}} */
1840
1841
ZEND_API zend_function *zend_std_get_method(zend_object **obj_ptr, zend_string *method_name, const zval *key) /* {{{ */
1842
109k
{
1843
109k
  zend_object *zobj = *obj_ptr;
1844
109k
  zval *func;
1845
109k
  zend_function *fbc;
1846
109k
  zend_string *lc_method_name;
1847
109k
  zend_class_entry *scope;
1848
109k
  ALLOCA_FLAG(use_heap);
1849
1850
109k
  if (EXPECTED(key != NULL)) {
1851
107k
    lc_method_name = Z_STR_P(key);
1852
#ifdef ZEND_ALLOCA_MAX_SIZE
1853
    use_heap = 0;
1854
#endif
1855
107k
  } else {
1856
2.21k
    ZSTR_ALLOCA_ALLOC(lc_method_name, ZSTR_LEN(method_name), use_heap);
1857
2.21k
    zend_str_tolower_copy(ZSTR_VAL(lc_method_name), ZSTR_VAL(method_name), ZSTR_LEN(method_name));
1858
2.21k
  }
1859
1860
109k
  if (UNEXPECTED((func = zend_hash_find(&zobj->ce->function_table, lc_method_name)) == NULL)) {
1861
3.04k
    if (UNEXPECTED(!key)) {
1862
1.69k
      ZSTR_ALLOCA_FREE(lc_method_name, use_heap);
1863
1.69k
    }
1864
3.04k
    if (zobj->ce->__call) {
1865
2.53k
      return zend_get_user_call_function(zobj->ce, method_name);
1866
2.53k
    } else {
1867
510
      return NULL;
1868
510
    }
1869
3.04k
  }
1870
1871
106k
  fbc = Z_FUNC_P(func);
1872
1873
  /* Check access level */
1874
106k
  if (fbc->op_array.fn_flags & (ZEND_ACC_CHANGED|ZEND_ACC_PRIVATE|ZEND_ACC_PROTECTED)) {
1875
459
    scope = zend_get_executed_scope();
1876
1877
459
    if (fbc->common.scope != scope) {
1878
208
      if (fbc->op_array.fn_flags & ZEND_ACC_CHANGED) {
1879
63
        zend_function *updated_fbc = zend_get_parent_private_method(scope, zobj->ce, lc_method_name);
1880
1881
63
        if (EXPECTED(updated_fbc != NULL)) {
1882
38
          fbc = updated_fbc;
1883
38
          goto exit;
1884
38
        } else if (fbc->op_array.fn_flags & ZEND_ACC_PUBLIC) {
1885
20
          goto exit;
1886
20
        }
1887
63
      }
1888
150
      if (UNEXPECTED(fbc->op_array.fn_flags & ZEND_ACC_PRIVATE)
1889
150
       || UNEXPECTED(!zend_check_protected(zend_get_function_root_class(fbc), scope))) {
1890
76
        if (zobj->ce->__call) {
1891
46
          fbc = zend_get_user_call_function(zobj->ce, method_name);
1892
46
        } else {
1893
30
          zend_bad_method_call(fbc, method_name, scope);
1894
30
          fbc = NULL;
1895
30
        }
1896
76
      }
1897
150
    }
1898
459
  }
1899
1900
106k
exit:
1901
106k
  if (fbc && UNEXPECTED(fbc->common.fn_flags & ZEND_ACC_ABSTRACT)) {
1902
0
    zend_abstract_method_call(fbc);
1903
0
    fbc = NULL;
1904
0
  }
1905
106k
  if (UNEXPECTED(!key)) {
1906
517
    ZSTR_ALLOCA_FREE(lc_method_name, use_heap);
1907
517
  }
1908
106k
  return fbc;
1909
106k
}
1910
/* }}} */
1911
1912
static zend_always_inline zend_function *zend_get_user_callstatic_function(zend_class_entry *ce, zend_string *method_name) /* {{{ */
1913
490
{
1914
490
  return zend_get_call_trampoline_func(ce, method_name, 1);
1915
490
}
1916
/* }}} */
1917
1918
static zend_always_inline zend_function *get_static_method_fallback(
1919
    zend_class_entry *ce, zend_string *function_name)
1920
1.04k
{
1921
1.04k
  zend_object *object;
1922
1.04k
  if (ce->__call &&
1923
1.04k
    (object = zend_get_this_object(EG(current_execute_data))) != NULL &&
1924
1.04k
    instanceof_function(object->ce, ce)) {
1925
    /* Call the top-level defined __call().
1926
     * see: tests/classes/__call_004.phpt  */
1927
1928
321
    ZEND_ASSERT(object->ce->__call);
1929
321
    return zend_get_user_call_function(object->ce, function_name);
1930
722
  } else if (ce->__callstatic) {
1931
490
    return zend_get_user_callstatic_function(ce, function_name);
1932
490
  } else {
1933
232
    return NULL;
1934
232
  }
1935
1.04k
}
1936
1937
ZEND_API zend_function *zend_std_get_static_method(zend_class_entry *ce, zend_string *function_name, const zval *key) /* {{{ */
1938
5.15k
{
1939
5.15k
  zend_string *lc_function_name;
1940
5.15k
  if (EXPECTED(key != NULL)) {
1941
4.61k
    lc_function_name = Z_STR_P(key);
1942
4.61k
  } else {
1943
539
    lc_function_name = zend_string_tolower(function_name);
1944
539
  }
1945
1946
5.15k
  zend_function *fbc;
1947
5.15k
  zval *func = zend_hash_find(&ce->function_table, lc_function_name);
1948
5.15k
  if (EXPECTED(func)) {
1949
4.17k
    fbc = Z_FUNC_P(func);
1950
4.17k
    if (!(fbc->op_array.fn_flags & ZEND_ACC_PUBLIC)) {
1951
183
      zend_class_entry *scope = zend_get_executed_scope();
1952
183
      if (UNEXPECTED(fbc->common.scope != scope)) {
1953
127
        if (UNEXPECTED(fbc->op_array.fn_flags & ZEND_ACC_PRIVATE)
1954
127
         || UNEXPECTED(!zend_check_protected(zend_get_function_root_class(fbc), scope))) {
1955
67
          zend_function *fallback_fbc = get_static_method_fallback(ce, function_name);
1956
67
          if (!fallback_fbc) {
1957
38
            zend_bad_method_call(fbc, function_name, scope);
1958
38
          }
1959
67
          fbc = fallback_fbc;
1960
67
        }
1961
127
      }
1962
183
    }
1963
4.17k
  } else {
1964
976
    fbc = get_static_method_fallback(ce, function_name);
1965
976
  }
1966
1967
5.15k
  if (UNEXPECTED(!key)) {
1968
539
    zend_string_release_ex(lc_function_name, 0);
1969
539
  }
1970
1971
5.15k
  if (EXPECTED(fbc)) {
1972
4.92k
    if (UNEXPECTED(fbc->common.fn_flags & ZEND_ACC_ABSTRACT)) {
1973
25
      zend_abstract_method_call(fbc);
1974
25
      goto fail;
1975
4.89k
    } else if (UNEXPECTED(fbc->common.scope->ce_flags & ZEND_ACC_TRAIT)) {
1976
25
      zend_error(E_DEPRECATED,
1977
25
        "Calling static trait method %s::%s is deprecated, "
1978
25
        "it should only be called on a class using the trait",
1979
25
        ZSTR_VAL(fbc->common.scope->name), ZSTR_VAL(fbc->common.function_name));
1980
25
      if (EG(exception)) {
1981
5
        goto fail;
1982
5
      }
1983
25
    }
1984
4.92k
  }
1985
1986
5.12k
  return fbc;
1987
1988
30
 fail:
1989
30
  if (UNEXPECTED(fbc->common.fn_flags & ZEND_ACC_CALL_VIA_TRAMPOLINE)) {
1990
10
    zend_string_release_ex(fbc->common.function_name, 0);
1991
10
    zend_free_trampoline(fbc);
1992
10
  }
1993
1994
30
  return NULL;
1995
5.15k
}
1996
/* }}} */
1997
1998
ZEND_API void zend_class_init_statics(zend_class_entry *class_type) /* {{{ */
1999
1.26k
{
2000
1.26k
  int i;
2001
1.26k
  zval *p;
2002
2003
1.26k
  if (class_type->default_static_members_count && !CE_STATIC_MEMBERS(class_type)) {
2004
1.18k
    if (class_type->parent) {
2005
122
      zend_class_init_statics(class_type->parent);
2006
122
    }
2007
2008
1.18k
    ZEND_MAP_PTR_SET(class_type->static_members_table, emalloc(sizeof(zval) * class_type->default_static_members_count));
2009
3.84k
    for (i = 0; i < class_type->default_static_members_count; i++) {
2010
2.65k
      p = &class_type->default_static_members_table[i];
2011
2.65k
      if (Z_TYPE_P(p) == IS_INDIRECT) {
2012
137
        zval *q = &CE_STATIC_MEMBERS(class_type->parent)[i];
2013
137
        ZVAL_DEINDIRECT(q);
2014
137
        ZVAL_INDIRECT(&CE_STATIC_MEMBERS(class_type)[i], q);
2015
2.52k
      } else {
2016
2.52k
        ZVAL_COPY_OR_DUP(&CE_STATIC_MEMBERS(class_type)[i], p);
2017
2.52k
      }
2018
2.65k
    }
2019
1.18k
  }
2020
1.26k
} /* }}} */
2021
2022
ZEND_API zval *zend_std_get_static_property_with_info(zend_class_entry *ce, zend_string *property_name, int type, zend_property_info **property_info_ptr) /* {{{ */
2023
3.27k
{
2024
3.27k
  zval *ret;
2025
3.27k
  zend_property_info *property_info = zend_hash_find_ptr(&ce->properties_info, property_name);
2026
3.27k
  *property_info_ptr = property_info;
2027
2028
3.27k
  if (UNEXPECTED(property_info == NULL)) {
2029
169
    goto undeclared_property;
2030
169
  }
2031
2032
3.11k
  if (!(property_info->flags & ZEND_ACC_PUBLIC)) {
2033
861
    zend_class_entry *scope = get_fake_or_executed_scope();
2034
861
    if (property_info->ce != scope) {
2035
184
      if (UNEXPECTED(property_info->flags & ZEND_ACC_PRIVATE)
2036
184
       || UNEXPECTED(!is_protected_compatible_scope(property_info->ce, scope))) {
2037
137
        if (type != BP_VAR_IS) {
2038
15
          zend_bad_property_access(property_info, ce, property_name);
2039
15
        }
2040
137
        return NULL;
2041
137
      }
2042
184
    }
2043
861
  }
2044
2045
2.97k
  if (UNEXPECTED((property_info->flags & ZEND_ACC_STATIC) == 0)) {
2046
173
undeclared_property:
2047
173
    if (type != BP_VAR_IS) {
2048
137
      zend_throw_error(NULL, "Access to undeclared static property %s::$%s", ZSTR_VAL(ce->name), ZSTR_VAL(property_name));
2049
137
    }
2050
173
    return NULL;
2051
4
  }
2052
2053
2.96k
  if (UNEXPECTED(!(ce->ce_flags & ZEND_ACC_CONSTANTS_UPDATED))) {
2054
334
    if (UNEXPECTED(zend_update_class_constants(ce) != SUCCESS)) {
2055
29
      return NULL;
2056
29
    }
2057
334
  }
2058
2059
  /* Ensure static properties are initialized. */
2060
2.94k
  if (UNEXPECTED(CE_STATIC_MEMBERS(ce) == NULL)) {
2061
1.01k
    zend_class_init_statics(ce);
2062
1.01k
  }
2063
2064
2.94k
  ret = CE_STATIC_MEMBERS(ce) + property_info->offset;
2065
2.94k
  ZVAL_DEINDIRECT(ret);
2066
2067
2.94k
  if (UNEXPECTED((type == BP_VAR_R || type == BP_VAR_RW)
2068
2.94k
        && Z_TYPE_P(ret) == IS_UNDEF && ZEND_TYPE_IS_SET(property_info->type))) {
2069
18
    zend_throw_error(NULL, "Typed static property %s::$%s must not be accessed before initialization",
2070
18
      ZSTR_VAL(property_info->ce->name), ZSTR_VAL(property_name));
2071
18
    return NULL;
2072
18
  }
2073
2074
2.92k
  if (UNEXPECTED(ce->ce_flags & ZEND_ACC_TRAIT)) {
2075
70
    zend_error(E_DEPRECATED,
2076
70
      "Accessing static trait property %s::$%s is deprecated, "
2077
70
      "it should only be accessed on a class using the trait",
2078
70
      ZSTR_VAL(property_info->ce->name), ZSTR_VAL(property_name));
2079
70
  }
2080
2081
2.92k
  return ret;
2082
2.94k
}
2083
/* }}} */
2084
2085
ZEND_API zval *zend_std_get_static_property(zend_class_entry *ce, zend_string *property_name, int type) /* {{{ */
2086
18
{
2087
18
  zend_property_info *prop_info;
2088
18
  return zend_std_get_static_property_with_info(ce, property_name, type, &prop_info);
2089
18
}
2090
2091
ZEND_API ZEND_COLD bool zend_std_unset_static_property(zend_class_entry *ce, zend_string *property_name) /* {{{ */
2092
5
{
2093
5
  zend_throw_error(NULL, "Attempt to unset static property %s::$%s", ZSTR_VAL(ce->name), ZSTR_VAL(property_name));
2094
5
  return 0;
2095
5
}
2096
/* }}} */
2097
2098
static ZEND_COLD zend_never_inline void zend_bad_constructor_call(zend_function *constructor, zend_class_entry *scope) /* {{{ */
2099
40
{
2100
40
  if (scope) {
2101
10
    zend_throw_error(NULL, "Call to %s %s::%s() from scope %s",
2102
10
      zend_visibility_string(constructor->common.fn_flags), ZSTR_VAL(constructor->common.scope->name),
2103
10
      ZSTR_VAL(constructor->common.function_name), ZSTR_VAL(scope->name)
2104
10
    );
2105
30
  } else {
2106
30
    zend_throw_error(NULL, "Call to %s %s::%s() from global scope", zend_visibility_string(constructor->common.fn_flags), ZSTR_VAL(constructor->common.scope->name), ZSTR_VAL(constructor->common.function_name));
2107
30
  }
2108
40
}
2109
/* }}} */
2110
2111
ZEND_API zend_function *zend_std_get_constructor(zend_object *zobj) /* {{{ */
2112
1.03M
{
2113
1.03M
  zend_function *constructor = zobj->ce->constructor;
2114
2115
1.03M
  if (constructor) {
2116
715k
    if (UNEXPECTED(!(constructor->op_array.fn_flags & ZEND_ACC_PUBLIC))) {
2117
72
      zend_class_entry *scope = get_fake_or_executed_scope();
2118
72
      if (UNEXPECTED(constructor->common.scope != scope)) {
2119
40
        if (UNEXPECTED(constructor->op_array.fn_flags & ZEND_ACC_PRIVATE)
2120
40
         || UNEXPECTED(!zend_check_protected(zend_get_function_root_class(constructor), scope))) {
2121
40
          zend_bad_constructor_call(constructor, scope);
2122
40
          zend_object_store_ctor_failed(zobj);
2123
40
          constructor = NULL;
2124
40
        }
2125
40
      }
2126
72
    }
2127
715k
  }
2128
2129
1.03M
  return constructor;
2130
1.03M
}
2131
/* }}} */
2132
2133
ZEND_API int zend_std_compare_objects(zval *o1, zval *o2) /* {{{ */
2134
802
{
2135
802
  zend_object *zobj1, *zobj2;
2136
2137
802
  if (zend_objects_check_stack_limit()) {
2138
0
    zend_throw_error(NULL, "Maximum call stack size reached during object comparison");
2139
0
    return ZEND_UNCOMPARABLE;
2140
0
  }
2141
2142
802
  if (Z_TYPE_P(o1) != Z_TYPE_P(o2)) {
2143
    /* Object and non-object */
2144
671
    zval *object;
2145
671
    zval *value;
2146
671
    zval casted;
2147
671
    bool object_lhs;
2148
671
    if (Z_TYPE_P(o1) == IS_OBJECT) {
2149
579
      object = o1;
2150
579
      value = o2;
2151
579
      object_lhs = true;
2152
579
    } else {
2153
92
      object = o2;
2154
92
      value = o1;
2155
92
      object_lhs = false;
2156
92
    }
2157
671
    ZEND_ASSERT(Z_TYPE_P(value) != IS_OBJECT);
2158
671
    uint8_t target_type = Z_TYPE_P(value);
2159
    /* Should be handled in zend_compare(). */
2160
671
    ZEND_ASSERT(target_type != IS_FALSE && target_type != IS_TRUE);
2161
671
    if (Z_OBJ_HT_P(object)->cast_object(Z_OBJ_P(object), &casted, target_type) == FAILURE) {
2162
      // TODO: Less crazy.
2163
654
      if (target_type == IS_LONG || target_type == IS_DOUBLE) {
2164
401
        zend_error(E_NOTICE, "Object of class %s could not be converted to %s",
2165
401
               ZSTR_VAL(Z_OBJCE_P(object)->name), zend_get_type_by_const(target_type));
2166
401
        if (target_type == IS_LONG) {
2167
336
          ZVAL_LONG(&casted, 1);
2168
336
        } else {
2169
65
          ZVAL_DOUBLE(&casted, 1.0);
2170
65
        }
2171
401
      } else {
2172
253
        return object_lhs ? 1 : -1;
2173
253
      }
2174
654
    }
2175
418
    int ret = object_lhs ? zend_compare(&casted, value) : zend_compare(value, &casted);
2176
418
    zval_ptr_dtor(&casted);
2177
418
    return ret;
2178
671
  }
2179
2180
131
  zobj1 = Z_OBJ_P(o1);
2181
131
  zobj2 = Z_OBJ_P(o2);
2182
2183
131
  if (zobj1 == zobj2) {
2184
0
    return 0; /* the same object */
2185
0
  }
2186
131
  if (zobj1->ce != zobj2->ce) {
2187
7
    return ZEND_UNCOMPARABLE; /* different classes */
2188
7
  }
2189
124
  if (!zobj1->properties && !zobj2->properties
2190
124
      && !zend_object_is_lazy(zobj1) && !zend_object_is_lazy(zobj2)) {
2191
84
    zend_property_info *info;
2192
84
    int i;
2193
2194
84
    if (!zobj1->ce->default_properties_count) {
2195
58
      return 0;
2196
58
    }
2197
2198
    /* It's enough to protect only one of the objects.
2199
     * The second one may be referenced from the first and this may cause
2200
     * false recursion detection.
2201
     */
2202
    /* use bitwise OR to make only one conditional jump */
2203
26
    if (UNEXPECTED(Z_IS_RECURSIVE_P(o1))) {
2204
5
      zend_throw_error(NULL, "Nesting level too deep - recursive dependency?");
2205
5
      return ZEND_UNCOMPARABLE;
2206
5
    }
2207
21
    Z_PROTECT_RECURSION_P(o1);
2208
2209
46
    for (i = 0; i < zobj1->ce->default_properties_count; i++) {
2210
43
      zval *p1, *p2;
2211
2212
43
      info = zobj1->ce->properties_info_table[i];
2213
2214
43
      if (!info) {
2215
11
        continue;
2216
11
      }
2217
2218
32
      p1 = OBJ_PROP(zobj1, info->offset);
2219
32
      p2 = OBJ_PROP(zobj2, info->offset);
2220
2221
32
      if (Z_TYPE_P(p1) != IS_UNDEF) {
2222
32
        if (Z_TYPE_P(p2) != IS_UNDEF) {
2223
32
          int ret;
2224
2225
32
          ret = zend_compare(p1, p2);
2226
32
          if (ret != 0) {
2227
18
            Z_UNPROTECT_RECURSION_P(o1);
2228
18
            return ret;
2229
18
          }
2230
32
        } else {
2231
0
          Z_UNPROTECT_RECURSION_P(o1);
2232
0
          return 1;
2233
0
        }
2234
32
      } else {
2235
0
        if (Z_TYPE_P(p2) != IS_UNDEF) {
2236
0
          Z_UNPROTECT_RECURSION_P(o1);
2237
0
          return 1;
2238
0
        }
2239
0
      }
2240
32
    }
2241
2242
3
    Z_UNPROTECT_RECURSION_P(o1);
2243
3
    return 0;
2244
40
  } else {
2245
40
    return zend_compare_symbol_tables(
2246
40
        zend_std_get_properties_ex(zobj1),
2247
40
        zend_std_get_properties_ex(zobj2));
2248
40
  }
2249
124
}
2250
/* }}} */
2251
2252
ZEND_API int zend_objects_not_comparable(zval *o1, zval *o2)
2253
545
{
2254
545
  return ZEND_UNCOMPARABLE;
2255
545
}
2256
2257
// todo: make zend_std_has_property return bool as well
2258
ZEND_API int zend_std_has_property(zend_object *zobj, zend_string *name, int has_set_exists, void **cache_slot) /* {{{ */
2259
560
{
2260
560
  bool result;
2261
560
  zval *value = NULL;
2262
560
  uintptr_t property_offset;
2263
560
  const zend_property_info *prop_info = NULL;
2264
2265
560
  property_offset = zend_get_property_offset(zobj->ce, name, 1, cache_slot, &prop_info);
2266
2267
560
  if (EXPECTED(IS_VALID_PROPERTY_OFFSET(property_offset))) {
2268
173
try_again:
2269
173
    value = OBJ_PROP(zobj, property_offset);
2270
173
    if (Z_TYPE_P(value) != IS_UNDEF) {
2271
79
      goto found;
2272
79
    }
2273
94
    if (UNEXPECTED(Z_PROP_FLAG_P(value) & IS_PROP_UNINIT)) {
2274
      /* Skip __isset() for uninitialized typed properties */
2275
63
      goto lazy_init;
2276
63
    }
2277
392
  } else if (EXPECTED(IS_DYNAMIC_PROPERTY_OFFSET(property_offset))) {
2278
294
    if (EXPECTED(zobj->properties != NULL)) {
2279
80
      if (!IS_UNKNOWN_DYNAMIC_PROPERTY_OFFSET(property_offset)) {
2280
0
        uintptr_t idx = ZEND_DECODE_DYN_PROP_OFFSET(property_offset);
2281
2282
0
        if (EXPECTED(idx < zobj->properties->nNumUsed * sizeof(Bucket))) {
2283
0
          Bucket *p = (Bucket*)((char*)zobj->properties->arData + idx);
2284
2285
0
          if (EXPECTED(p->key == name) ||
2286
0
                (EXPECTED(p->h == ZSTR_H(name)) &&
2287
0
                 EXPECTED(p->key != NULL) &&
2288
0
                 EXPECTED(zend_string_equal_content(p->key, name)))) {
2289
0
            value = &p->val;
2290
0
            goto found;
2291
0
          }
2292
0
        }
2293
0
        CACHE_PTR_EX(cache_slot + 1, (void*)ZEND_DYNAMIC_PROPERTY_OFFSET);
2294
0
      }
2295
80
      value = zend_hash_find(zobj->properties, name);
2296
80
      if (value) {
2297
69
        if (cache_slot) {
2298
14
          uintptr_t idx = (char*)value - (char*)zobj->properties->arData;
2299
14
          CACHE_PTR_EX(cache_slot + 1, (void*)ZEND_ENCODE_DYN_PROP_OFFSET(idx));
2300
14
        }
2301
148
found:
2302
148
        if (has_set_exists == ZEND_PROPERTY_NOT_EMPTY) {
2303
8
          result = zend_is_true(value);
2304
140
        } else if (has_set_exists < ZEND_PROPERTY_NOT_EMPTY) {
2305
135
          ZEND_ASSERT(has_set_exists == ZEND_PROPERTY_ISSET);
2306
135
          ZVAL_DEREF(value);
2307
135
          result = (Z_TYPE_P(value) != IS_NULL);
2308
135
        } else {
2309
5
          ZEND_ASSERT(has_set_exists == ZEND_PROPERTY_EXISTS);
2310
5
          result = true;
2311
5
        }
2312
148
        goto exit;
2313
148
      }
2314
80
    }
2315
294
  } else if (IS_HOOKED_PROPERTY_OFFSET(property_offset)) {
2316
72
    zend_function *get = prop_info->hooks[ZEND_PROPERTY_HOOK_GET];
2317
2318
72
    if (has_set_exists == ZEND_PROPERTY_EXISTS) {
2319
0
      if (prop_info->flags & ZEND_ACC_VIRTUAL) {
2320
0
        return true;
2321
0
      }
2322
0
      property_offset = prop_info->offset;
2323
0
      goto try_again;
2324
0
    }
2325
2326
72
    if (!get) {
2327
5
      if (prop_info->flags & ZEND_ACC_VIRTUAL) {
2328
5
        zend_throw_error(NULL, "Property %s::$%s is write-only",
2329
5
          ZSTR_VAL(zobj->ce->name), ZSTR_VAL(name));
2330
5
        return 0;
2331
5
      } else {
2332
0
        property_offset = prop_info->offset;
2333
0
        goto try_again;
2334
0
      }
2335
5
    }
2336
2337
67
    zval rv;
2338
67
    if (!zend_call_get_hook(prop_info, name, get, zobj, &rv)) {
2339
5
      if (EG(exception)) {
2340
0
        return 0;
2341
0
      }
2342
5
      property_offset = prop_info->offset;
2343
5
      goto try_again;
2344
5
    }
2345
2346
62
    if (has_set_exists == ZEND_PROPERTY_NOT_EMPTY) {
2347
18
      result = zend_is_true(&rv);
2348
44
    } else {
2349
44
      ZEND_ASSERT(has_set_exists == ZEND_PROPERTY_ISSET);
2350
44
      result = Z_TYPE(rv) != IS_NULL
2351
44
        && (Z_TYPE(rv) != IS_REFERENCE || Z_TYPE_P(Z_REFVAL(rv)) != IS_NULL);
2352
44
    }
2353
62
    zval_ptr_dtor(&rv);
2354
62
    return result;
2355
62
  } else if (UNEXPECTED(EG(exception))) {
2356
0
    result = false;
2357
0
    goto exit;
2358
0
  }
2359
2360
282
  if (!zobj->ce->__isset) {
2361
81
    goto lazy_init;
2362
81
  }
2363
2364
201
  result = false;
2365
201
  if (has_set_exists != ZEND_PROPERTY_EXISTS) {
2366
199
    uint32_t *guard = zend_get_property_guard(zobj, name);
2367
2368
199
    if (!((*guard) & IN_ISSET)) {
2369
146
      zval rv;
2370
2371
      /* have issetter - try with it! */
2372
146
      GC_ADDREF(zobj);
2373
146
      (*guard) |= IN_ISSET; /* prevent circular getting */
2374
146
      zend_std_call_issetter(zobj, name, &rv);
2375
146
      result = zend_is_true(&rv);
2376
146
      zval_ptr_dtor(&rv);
2377
146
      if (has_set_exists == ZEND_PROPERTY_NOT_EMPTY && result) {
2378
30
        if (EXPECTED(!EG(exception)) && zobj->ce->__get && !((*guard) & IN_GET)) {
2379
22
          (*guard) |= IN_GET;
2380
22
          zend_std_call_getter(zobj, name, &rv);
2381
22
          (*guard) &= ~IN_GET;
2382
22
          result = i_zend_is_true(&rv);
2383
22
          zval_ptr_dtor(&rv);
2384
22
        } else {
2385
8
          result = false;
2386
8
        }
2387
30
      }
2388
146
      (*guard) &= ~IN_ISSET;
2389
146
      OBJ_RELEASE(zobj);
2390
146
    } else {
2391
53
      goto lazy_init;
2392
53
    }
2393
199
  }
2394
2395
470
exit:
2396
470
  return result;
2397
2398
197
lazy_init:
2399
197
  if (UNEXPECTED(zend_lazy_object_must_init(zobj))) {
2400
28
    if (!value || (Z_PROP_FLAG_P(value) & IS_PROP_LAZY)) {
2401
28
      zobj = zend_lazy_object_init(zobj);
2402
28
      if (!zobj) {
2403
5
        result = 0;
2404
5
        goto exit;
2405
5
      }
2406
2407
23
      if (UNEXPECTED(zobj->ce->__isset)) {
2408
10
        uint32_t *guard = zend_get_property_guard(zobj, name);
2409
10
        if (!((*guard) & IN_ISSET)) {
2410
5
          (*guard) |= IN_ISSET;
2411
5
          result = zend_std_has_property(zobj, name, has_set_exists, cache_slot);
2412
5
          (*guard) &= ~IN_ISSET;
2413
5
          return result;
2414
5
        }
2415
10
      }
2416
2417
18
      return zend_std_has_property(zobj, name, has_set_exists, cache_slot);
2418
23
    }
2419
28
  }
2420
2421
169
  result = 0;
2422
169
  goto exit;
2423
197
}
2424
/* }}} */
2425
2426
ZEND_API zend_string *zend_std_get_class_name(const zend_object *zobj) /* {{{ */
2427
10.7k
{
2428
10.7k
  return zend_string_copy(zobj->ce->name);
2429
10.7k
}
2430
/* }}} */
2431
2432
ZEND_API zend_result zend_std_cast_object_tostring(zend_object *readobj, zval *writeobj, int type) /* {{{ */
2433
9.09k
{
2434
9.09k
  switch (type) {
2435
7.32k
    case IS_STRING: {
2436
7.32k
      zend_class_entry *ce = readobj->ce;
2437
7.32k
      if (ce->__tostring) {
2438
6.41k
        zval retval;
2439
6.41k
        GC_ADDREF(readobj);
2440
6.41k
        zend_call_known_instance_method_with_0_params(ce->__tostring, readobj, &retval);
2441
6.41k
        zend_object_release(readobj);
2442
6.41k
        if (EXPECTED(Z_TYPE(retval) == IS_STRING)) {
2443
6.06k
is_string:
2444
6.06k
          ZVAL_COPY_VALUE(writeobj, &retval);
2445
6.06k
          return SUCCESS;
2446
6.06k
        } else if (Z_ISREF(retval)) {
2447
5
          zend_unwrap_reference(&retval);
2448
5
          goto is_string;
2449
5
        }
2450
347
        zval_ptr_dtor(&retval);
2451
347
        if (!EG(exception)) {
2452
0
          zend_throw_error(NULL, "Method %s::__toString() must return a string value", ZSTR_VAL(ce->name));
2453
0
        }
2454
347
      }
2455
1.25k
      return FAILURE;
2456
7.32k
    }
2457
168
    case _IS_BOOL:
2458
168
      ZVAL_TRUE(writeobj);
2459
168
      return SUCCESS;
2460
1.60k
    default:
2461
1.60k
      return FAILURE;
2462
9.09k
  }
2463
9.09k
}
2464
/* }}} */
2465
2466
ZEND_API zend_result zend_std_get_closure(zend_object *obj, zend_class_entry **ce_ptr, zend_function **fptr_ptr, zend_object **obj_ptr, bool check_only) /* {{{ */
2467
308
{
2468
308
  zend_class_entry *ce = obj->ce;
2469
308
  zval *func = zend_hash_find_known_hash(&ce->function_table, ZSTR_KNOWN(ZEND_STR_MAGIC_INVOKE));
2470
2471
308
  if (func == NULL) {
2472
18
    return FAILURE;
2473
18
  }
2474
290
  *fptr_ptr = Z_FUNC_P(func);
2475
290
  *ce_ptr = ce;
2476
290
  *obj_ptr = obj;
2477
2478
290
  return SUCCESS;
2479
308
}
2480
/* }}} */
2481
2482
10.3k
ZEND_API HashTable *zend_std_get_properties_for(zend_object *obj, zend_prop_purpose purpose) {
2483
10.3k
  HashTable *ht;
2484
10.3k
  switch (purpose) {
2485
8.92k
    case ZEND_PROP_PURPOSE_DEBUG:
2486
8.92k
      if (obj->handlers->get_debug_info) {
2487
8.92k
        int is_temp;
2488
8.92k
        ht = obj->handlers->get_debug_info(obj, &is_temp);
2489
8.92k
        if (ht && !is_temp) {
2490
7.32k
          GC_TRY_ADDREF(ht);
2491
7.32k
        }
2492
8.92k
        return ht;
2493
8.92k
      }
2494
0
      ZEND_FALLTHROUGH;
2495
822
    case ZEND_PROP_PURPOSE_JSON:
2496
1.01k
    case ZEND_PROP_PURPOSE_GET_OBJECT_VARS:
2497
1.13k
    case ZEND_PROP_PURPOSE_VAR_EXPORT:
2498
1.13k
      if (obj->ce->num_hooked_props) {
2499
268
        return zend_hooked_object_build_properties(obj);
2500
268
      }
2501
870
      ht = obj->handlers->get_properties(obj);
2502
870
      if (ht) {
2503
870
        GC_TRY_ADDREF(ht);
2504
870
      }
2505
870
      return ht;
2506
124
    case ZEND_PROP_PURPOSE_ARRAY_CAST:
2507
124
      ht = zend_get_properties_no_lazy_init(obj);
2508
124
      if (ht) {
2509
124
        GC_TRY_ADDREF(ht);
2510
124
      }
2511
124
      return ht;
2512
154
    case ZEND_PROP_PURPOSE_SERIALIZE: {
2513
154
      if (zend_object_is_lazy(obj)
2514
154
          && !zend_lazy_object_initialize_on_serialize(obj)) {
2515
35
        ht = zend_get_properties_no_lazy_init(obj);
2516
119
      } else {
2517
119
        ht = obj->handlers->get_properties(obj);
2518
119
      }
2519
154
      if (ht) {
2520
154
        GC_TRY_ADDREF(ht);
2521
154
      }
2522
154
      return ht;
2523
1.13k
    }
2524
0
    default:
2525
0
      ZEND_UNREACHABLE();
2526
0
      return NULL;
2527
10.3k
  }
2528
10.3k
}
2529
2530
10.8k
ZEND_API HashTable *zend_get_properties_for(zval *obj, zend_prop_purpose purpose) {
2531
10.8k
  zend_object *zobj = Z_OBJ_P(obj);
2532
2533
10.8k
  if (zobj->handlers->get_properties_for) {
2534
575
    return zobj->handlers->get_properties_for(zobj, purpose);
2535
575
  }
2536
2537
10.2k
  return zend_std_get_properties_for(zobj, purpose);
2538
10.8k
}
2539
2540
ZEND_API const zend_object_handlers std_object_handlers = {
2541
  0,                    /* offset */
2542
2543
  zend_object_std_dtor,         /* free_obj */
2544
  zend_objects_destroy_object,      /* dtor_obj */
2545
  zend_objects_clone_obj,         /* clone_obj */
2546
2547
  zend_std_read_property,         /* read_property */
2548
  zend_std_write_property,        /* write_property */
2549
  zend_std_read_dimension,        /* read_dimension */
2550
  zend_std_write_dimension,       /* write_dimension */
2551
  zend_std_get_property_ptr_ptr,      /* get_property_ptr_ptr */
2552
  zend_std_has_property,          /* has_property */
2553
  zend_std_unset_property,        /* unset_property */
2554
  zend_std_has_dimension,         /* has_dimension */
2555
  zend_std_unset_dimension,       /* unset_dimension */
2556
  zend_std_get_properties,        /* get_properties */
2557
  zend_std_get_method,          /* get_method */
2558
  zend_std_get_constructor,       /* get_constructor */
2559
  zend_std_get_class_name,        /* get_class_name */
2560
  zend_std_cast_object_tostring,      /* cast_object */
2561
  NULL,                 /* count_elements */
2562
  zend_std_get_debug_info,        /* get_debug_info */
2563
  zend_std_get_closure,         /* get_closure */
2564
  zend_std_get_gc,            /* get_gc */
2565
  NULL,                 /* do_operation */
2566
  zend_std_compare_objects,       /* compare */
2567
  NULL,                 /* get_properties_for */
2568
};