diff options
author | Joe Watkins <krakjoe@php.net> | 2019-07-02 13:19:25 +0200 |
---|---|---|
committer | Joe Watkins <krakjoe@php.net> | 2019-07-02 13:19:25 +0200 |
commit | d41ab644567012846416ea9d5efdd4a065f40a03 (patch) | |
tree | 21440bc101787ee263d8ea30f8eecf9f9211bb02 | |
parent | 80fc31c88764b5e6a2b68b5996d6d3f004f74141 (diff) | |
parent | 0819e6dc9b4788e5d44b64f8e606a56c969a1588 (diff) | |
download | php-git-d41ab644567012846416ea9d5efdd4a065f40a03.tar.gz |
Merge branch 'PHP-7.4'
* PHP-7.4:
simple ignore arguments in exceptions implementation
-rw-r--r-- | Zend/tests/exception_ignore_args.phpt | 18 | ||||
-rw-r--r-- | Zend/zend.c | 1 | ||||
-rw-r--r-- | Zend/zend_exceptions.c | 4 | ||||
-rw-r--r-- | Zend/zend_globals.h | 2 | ||||
-rw-r--r-- | php.ini-development | 4 | ||||
-rw-r--r-- | php.ini-production | 6 |
6 files changed, 34 insertions, 1 deletions
diff --git a/Zend/tests/exception_ignore_args.phpt b/Zend/tests/exception_ignore_args.phpt new file mode 100644 index 0000000000..6dcb872254 --- /dev/null +++ b/Zend/tests/exception_ignore_args.phpt @@ -0,0 +1,18 @@ +--TEST-- +Exceptions ignoring arguments +--FILE-- +<?php +$function = function(string $user, string $pass) { + throw new Exception(); +}; + +ini_set("zend.exception_ignore_args", 1); + +$function("secrets", "arewrong"); +?> +--EXPECTF-- +Fatal error: Uncaught Exception in %sexception_ignore_args.php:3 +Stack trace: +#0 %sexception_ignore_args.php(8): {closure}() +#1 {main} + thrown in %sexception_ignore_args.php on line 3 diff --git a/Zend/zend.c b/Zend/zend.c index bde93a4abe..6b9179c2ec 100644 --- a/Zend/zend.c +++ b/Zend/zend.c @@ -174,6 +174,7 @@ ZEND_INI_BEGIN() #ifdef ZEND_SIGNALS STD_ZEND_INI_BOOLEAN("zend.signal_check", "0", ZEND_INI_SYSTEM, OnUpdateBool, check, zend_signal_globals_t, zend_signal_globals) #endif + STD_ZEND_INI_BOOLEAN("zend.exception_ignore_args", "0", ZEND_INI_ALL, OnUpdateBool, exception_ignore_args, zend_executor_globals, executor_globals) ZEND_INI_END() ZEND_API size_t zend_vspprintf(char **pbuf, size_t max_len, const char *format, va_list ap) /* {{{ */ diff --git a/Zend/zend_exceptions.c b/Zend/zend_exceptions.c index f758b96bf9..b9dd9a9257 100644 --- a/Zend/zend_exceptions.c +++ b/Zend/zend_exceptions.c @@ -212,7 +212,9 @@ static zend_object *zend_default_exception_new_ex(zend_class_entry *class_type, object_properties_init(object, class_type); if (EG(current_execute_data)) { - zend_fetch_debug_backtrace(&trace, skip_top_traces, 0, 0); + zend_fetch_debug_backtrace(&trace, + skip_top_traces, + EG(exception_ignore_args) ? DEBUG_BACKTRACE_IGNORE_ARGS : 0, 0); } else { array_init(&trace); } diff --git a/Zend/zend_globals.h b/Zend/zend_globals.h index 281450f3fe..cfaf3bd1dd 100644 --- a/Zend/zend_globals.h +++ b/Zend/zend_globals.h @@ -234,6 +234,8 @@ struct _zend_executor_globals { HashTable weakrefs; + zend_bool exception_ignore_args; + void *reserved[ZEND_MAX_RESERVED_RESOURCES]; }; diff --git a/php.ini-development b/php.ini-development index 5ff7128186..6965fe3b95 100644 --- a/php.ini-development +++ b/php.ini-development @@ -354,6 +354,10 @@ zend.enable_gc = On ; Default: "" ;zend.script_encoding = +; Allows to include or exclude arguments from stack traces generated for exceptions +; Default: Off +zend.exception_ignore_args = Off + ;;;;;;;;;;;;;;;;; ; Miscellaneous ; ;;;;;;;;;;;;;;;;; diff --git a/php.ini-production b/php.ini-production index 2e151f12d2..25f7bf066d 100644 --- a/php.ini-production +++ b/php.ini-production @@ -354,6 +354,12 @@ zend.enable_gc = On ; Default: "" ;zend.script_encoding = +; Allows to include or exclude arguments from stack traces generated for exceptions +; Default: Off +; In production, it is recommended to turn this setting on to prohibit the output +; of sensitive information in stack traces +zend.exception_ignore_args = On + ;;;;;;;;;;;;;;;;; ; Miscellaneous ; ;;;;;;;;;;;;;;;;; |