From abd372b454986afbea0a53ee1eb8393ff1145216 Mon Sep 17 00:00:00 2001 From: William Van Hevelingen Date: Wed, 15 May 2024 18:31:36 -0700 Subject: [PATCH 01/10] CI: Add PHP 8.3 to the required matrix, add PHP 8.4 to experimental (#557) --- .github/workflows/build-and-test.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index 2dcb6673..14733ec1 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -7,13 +7,13 @@ jobs: strategy: fail-fast: false matrix: - php: ['7.0', '7.1', '7.2', '7.3', '7.4', '8.0', '8.1', '8.2'] + php: ['7.0', '7.1', '7.2', '7.3', '7.4', '8.0', '8.1', '8.2', '8.3'] experimental: [false] include: - php: '8.2' awesome: true experimental: true - - php: '8.3' + - php: '8.4' experimental: true steps: - name: Checkout @@ -35,7 +35,7 @@ jobs: - if: ${{ matrix.awesome }} name: Install libmemcached-awesome (from source) run: | - curl -sL -o libmemcached.tgz https://github.com/awesomized/libmemcached/archive/refs/tags/1.1.3.tar.gz + curl -sL -o libmemcached.tgz https://github.com/awesomized/libmemcached/archive/refs/tags/1.1.4.tar.gz mkdir libmemcached tar --strip-components=1 -xf libmemcached.tgz -C libmemcached mkdir build-libmemcached @@ -83,7 +83,7 @@ jobs: define ("MEMC_SASL_SERVER_HOST", "127.0.0.1"); define ("MEMC_SASL_SERVER_PORT", 11212); - + define ('MEMC_SASL_USER', 'memcached'); define ('MEMC_SASL_PASS', 'test'); EOF From d8d99f07846d201836fe2308263dd0fac087c7be Mon Sep 17 00:00:00 2001 From: William Van Hevelingen Date: Wed, 15 May 2024 22:39:48 -0700 Subject: [PATCH 02/10] docs: fix build status on README.md (#558) --- README.markdown | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.markdown b/README.markdown index b17b7e55..38dbd5bc 100644 --- a/README.markdown +++ b/README.markdown @@ -1,6 +1,6 @@ Build Status ------------ -[![Build Status](https://travis-ci.org/php-memcached-dev/php-memcached.png)](https://travis-ci.org/php-memcached-dev/php-memcached) +![Build Status](https://github.com/php-memcached-dev/php-memcached/actions/workflows/build-and-test.yml/badge.svg?branch=master) Description ----------- @@ -23,7 +23,7 @@ Dependencies ------------ php-memcached 3.x: -* Supports PHP 7.0 - 8.2 or higher. +* Supports PHP 7.0 - 8.3 or higher. * Requires libmemcached 1.x or higher. * Optionally supports igbinary 2.0 or higher. * Optionally supports msgpack 2.0 or higher. From 93c1bc449ff32e2a26b5f922fdd6dfa43edaeeb9 Mon Sep 17 00:00:00 2001 From: Michael Wallner Date: Wed, 25 Sep 2024 23:54:00 +0200 Subject: [PATCH 03/10] ci: attempt to fix windows build --- .github/workflows/build-windows.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-windows.yml b/.github/workflows/build-windows.yml index a7aa8577..fefd7deb 100644 --- a/.github/workflows/build-windows.yml +++ b/.github/workflows/build-windows.yml @@ -7,7 +7,7 @@ jobs: shell: cmd strategy: matrix: - version: ['7.4', '8.0', '8.1'] + version: ['8.3'] arch: [x64, x86] ts: [nts, zts] runs-on: windows-latest @@ -16,7 +16,7 @@ jobs: uses: actions/checkout@v4 - name: Setup PHP id: setup-php - uses: cmb69/setup-php-sdk@v0.7 + uses: php/setup-php-sdk@v0.9 with: version: ${{matrix.version}} arch: ${{matrix.arch}} From 8a6b0c78014dfb0d133595f06fc4c5bb29ba9a83 Mon Sep 17 00:00:00 2001 From: Michael Wallner Date: Wed, 25 Sep 2024 23:54:27 +0200 Subject: [PATCH 04/10] ci: ubuntu already ships with awesomized/libmemcached --- .github/workflows/build-and-test.yml | 17 +---------------- 1 file changed, 1 insertion(+), 16 deletions(-) diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index 14733ec1..a142e10b 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -10,9 +10,6 @@ jobs: php: ['7.0', '7.1', '7.2', '7.3', '7.4', '8.0', '8.1', '8.2', '8.3'] experimental: [false] include: - - php: '8.2' - awesome: true - experimental: true - php: '8.4' experimental: true steps: @@ -29,20 +26,8 @@ jobs: run: | sudo apt-get update sudo apt-get install cmake memcached libsasl2-dev sasl2-bin zlib1g-dev - - if: ${{ ! matrix.awesome }} - name: Install libmemcached-dev (from distro) + - name: Install libmemcached-dev run: sudo apt-get install libmemcached-dev - - if: ${{ matrix.awesome }} - name: Install libmemcached-awesome (from source) - run: | - curl -sL -o libmemcached.tgz https://github.com/awesomized/libmemcached/archive/refs/tags/1.1.4.tar.gz - mkdir libmemcached - tar --strip-components=1 -xf libmemcached.tgz -C libmemcached - mkdir build-libmemcached - cd build-libmemcached - cmake -D ENABLE_HASH_HSIEH=ON -D ENABLE_SASL=ON ../libmemcached - make - sudo make install - name: Start memcached daemons run: | export SASL_CONF_PATH="/tmp/sasl2" From 899f0d52425b3efe2f67ed73eca115a0b5dc6c34 Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Tue, 30 Jan 2024 09:44:48 +0100 Subject: [PATCH 05/10] Fix incompatible pointer types --- php_memcached.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/php_memcached.c b/php_memcached.c index 00d5e3d4..c3ef16e8 100644 --- a/php_memcached.c +++ b/php_memcached.c @@ -933,7 +933,7 @@ zend_bool s_compress_value (php_memc_compression_type compression_type, zend_lon case COMPRESSION_TYPE_ZLIB: { - compressed_size = buffer_size; + unsigned long cs = compressed_size = buffer_size; if (compression_level < 0) { compression_level = 0; @@ -941,9 +941,10 @@ zend_bool s_compress_value (php_memc_compression_type compression_type, zend_lon compression_level = 9; } - int status = compress2((Bytef *) buffer, &compressed_size, (Bytef *) ZSTR_VAL(payload), ZSTR_LEN(payload), compression_level); + int status = compress2((Bytef *) buffer, &cs, (Bytef *) ZSTR_VAL(payload), ZSTR_LEN(payload), compression_level); if (status == Z_OK) { + compressed_size = cs; compress_status = 1; compression_type_flag = MEMC_VAL_COMPRESSION_ZLIB; } @@ -3751,7 +3752,10 @@ zend_string *s_decompress_value (const char *payload, size_t payload_len, uint32 decompress_status = ((length = fastlz_decompress(payload, payload_len, &buffer->val, buffer->len)) > 0); } else if (is_zlib) { - decompress_status = (uncompress((Bytef *) buffer->val, &buffer->len, (Bytef *)payload, payload_len) == Z_OK); + unsigned long ds = buffer->len; + + decompress_status = (uncompress((Bytef *) buffer->val, &ds, (Bytef *)payload, payload_len) == Z_OK); + buffer->len = ds; } ZSTR_VAL(buffer)[stored_length] = '\0'; From 7227982467bb16786817b6c1aec85f99ce1e3a2e Mon Sep 17 00:00:00 2001 From: James Titcumb Date: Thu, 19 Sep 2024 07:52:19 +0100 Subject: [PATCH 06/10] Added a composer.json to enable support for PIE --- composer.json | 68 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 68 insertions(+) create mode 100644 composer.json diff --git a/composer.json b/composer.json new file mode 100644 index 00000000..3356c89d --- /dev/null +++ b/composer.json @@ -0,0 +1,68 @@ +{ + "name": "php-memcached/php-memcached", + "type": "php-ext", + "license": "PHP-3.01", + "description": "memcached extension based on libmemcached library ", + "require": { + "php": ">= 7.0.0" + }, + "suggest": { + "ext-igbinary": "igbinary is a faster and more compact binary serializer for PHP data structures.", + "ext-msgpack": "msgpack is a faster and more compact data structure representation that is interoperable with msgpack implementations for other languages." + }, + "php-ext": { + "extension-name": "memcached", + "configure-options": [ + { + "name": "enable-memcached", + "description": "Enable memcached support" + }, + { + "name": "with-libmemcached-dir", + "description": "Set the path to libmemcached install prefix.", + "needs-value": true + }, + { + "name": "enable-memcached-session", + "description": "Enable memcached session handler support" + }, + { + "name": "enable-memcached-igbinary", + "description": "Enable memcached igbinary serializer support" + }, + { + "name": "enable-memcached-json", + "description": "Enable memcached json serializer support" + }, + { + "name": "enable-memcached-msgpack", + "description": "Enable memcached msgpack serializer support" + }, + { + "name": "enable-memcached-sasl", + "description": "Enable memcached sasl support" + }, + { + "name": "enable-memcached-protocol", + "description": "Enable memcached protocol support" + }, + { + "name": "with-system-fastlz", + "description": "Use system FastLZ library" + }, + { + "name": "with-zstd", + "description": "Use system zstd library" + }, + { + "name": "with-zlib-dir", + "description": "Set the path to ZLIB install prefix.", + "needs-value": true + }, + { + "name": "enable-debug", + "description": "Compile with debugging symbols" + } + ] + } +} From 0987380a558c4dadb9e0fa909132c5adea1f44ad Mon Sep 17 00:00:00 2001 From: Rasmus Lerdorf Date: Thu, 19 Oct 2023 18:07:48 -0700 Subject: [PATCH 07/10] If client-side verify_key is not enabled, don't check it automatically --- php_memcached.c | 1 + 1 file changed, 1 insertion(+) diff --git a/php_memcached.c b/php_memcached.c index c3ef16e8..71725bb9 100644 --- a/php_memcached.c +++ b/php_memcached.c @@ -246,6 +246,7 @@ zend_bool s_memc_valid_key_ascii(zend_string *key) #define MEMC_CHECK_KEY(intern, key) \ if (UNEXPECTED(ZSTR_LEN(key) == 0 || \ ZSTR_LEN(key) > MEMC_OBJECT_KEY_MAX_LENGTH || \ + memcached_behavior_get(intern->memc, MEMCACHED_BEHAVIOR_VERIFY_KEY) && \ (memcached_behavior_get(intern->memc, MEMCACHED_BEHAVIOR_BINARY_PROTOCOL) \ ? !s_memc_valid_key_binary(key) \ : !s_memc_valid_key_ascii(key) \ From 198e9b3681bb0a401385271e5a25b0d863b89d8f Mon Sep 17 00:00:00 2001 From: Rasmus Lerdorf Date: Thu, 19 Oct 2023 19:06:12 -0700 Subject: [PATCH 08/10] fix tests --- tests/cas_invalid_key.phpt | 5 ++++- tests/delete_bykey.phpt | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/tests/cas_invalid_key.phpt b/tests/cas_invalid_key.phpt index b8a815dc..9cb7293c 100644 --- a/tests/cas_invalid_key.phpt +++ b/tests/cas_invalid_key.phpt @@ -5,7 +5,10 @@ Memcached::cas() with strange key --FILE-- false, + Memcached::OPT_VERIFY_KEY => true +)); error_reporting(0); var_dump($m->cas(0, '', true, 10)); diff --git a/tests/delete_bykey.phpt b/tests/delete_bykey.phpt index 929ffbc1..6aa589c5 100644 --- a/tests/delete_bykey.phpt +++ b/tests/delete_bykey.phpt @@ -5,7 +5,10 @@ Memcached::deleteByKey() --FILE-- false, + Memcached::OPT_VERIFY_KEY => true +)); $m->setByKey('keffe', 'eisaleeoo', "foo"); var_dump($m->getByKey('keffe', 'eisaleeoo')); From da71ae036237130b9e879f02326690e8ca73358a Mon Sep 17 00:00:00 2001 From: Rasmus Lerdorf Date: Thu, 19 Oct 2023 21:42:43 -0700 Subject: [PATCH 09/10] Fix more tests with a slight refactor --- php_memcached.c | 3 +-- tests/get.phpt | 5 ++++- tests/keys_ascii.phpt | 5 +---- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/php_memcached.c b/php_memcached.c index 71725bb9..55c20089 100644 --- a/php_memcached.c +++ b/php_memcached.c @@ -246,10 +246,9 @@ zend_bool s_memc_valid_key_ascii(zend_string *key) #define MEMC_CHECK_KEY(intern, key) \ if (UNEXPECTED(ZSTR_LEN(key) == 0 || \ ZSTR_LEN(key) > MEMC_OBJECT_KEY_MAX_LENGTH || \ - memcached_behavior_get(intern->memc, MEMCACHED_BEHAVIOR_VERIFY_KEY) && \ (memcached_behavior_get(intern->memc, MEMCACHED_BEHAVIOR_BINARY_PROTOCOL) \ ? !s_memc_valid_key_binary(key) \ - : !s_memc_valid_key_ascii(key) \ + : (memcached_behavior_get(intern->memc, MEMCACHED_BEHAVIOR_VERIFY_KEY) && !s_memc_valid_key_ascii(key)) \ ))) { \ intern->rescode = MEMCACHED_BAD_KEY_PROVIDED; \ RETURN_FALSE; \ diff --git a/tests/get.phpt b/tests/get.phpt index 71889064..722308f0 100644 --- a/tests/get.phpt +++ b/tests/get.phpt @@ -5,7 +5,10 @@ Memcached::get() --FILE-- false, + Memcached::OPT_VERIFY_KEY => true +)); $m->delete('foo'); diff --git a/tests/keys_ascii.phpt b/tests/keys_ascii.phpt index f7e98894..e7846e99 100644 --- a/tests/keys_ascii.phpt +++ b/tests/keys_ascii.phpt @@ -8,11 +8,8 @@ Test valid and invalid keys - ascii include dirname (__FILE__) . '/config.inc'; $ascii = memc_get_instance (array ( Memcached::OPT_BINARY_PROTOCOL => false, - Memcached::OPT_VERIFY_KEY => false + Memcached::OPT_VERIFY_KEY => true )); -// libmemcached can verify keys, but these are tests are for our own -// function s_memc_valid_key_ascii, so explicitly disable the checks -// that libmemcached can perform. echo 'ASCII: SPACES' . PHP_EOL; var_dump ($ascii->set ('ascii key with spaces', 'this is a test')); From d15c2e2fdf3791a0fc7b711a8b02cfce1e78b76f Mon Sep 17 00:00:00 2001 From: Rasmus Lerdorf Date: Fri, 20 Oct 2023 08:00:37 -0700 Subject: [PATCH 10/10] Check for spaces in keys when using the non-binary protocol even if key verification is disabled to avoid injection issues --- php_memcached.c | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/php_memcached.c b/php_memcached.c index 55c20089..e77e99b0 100644 --- a/php_memcached.c +++ b/php_memcached.c @@ -231,14 +231,21 @@ zend_bool s_memc_valid_key_binary(zend_string *key) } static -zend_bool s_memc_valid_key_ascii(zend_string *key) +zend_bool s_memc_valid_key_ascii(zend_string *key, uint64_t verify_key) { const char *str = ZSTR_VAL(key); size_t i, len = ZSTR_LEN(key); - for (i = 0; i < len; i++) { - if (!isgraph(str[i]) || isspace(str[i])) - return 0; + if (verify_key) { + for (i = 0; i < len; i++) { + if (!isgraph(str[i]) || isspace(str[i])) + return 0; + } + } else { /* if key verification is disabled, only check for spaces to avoid injection issues */ + for (i = 0; i < len; i++) { + if (isspace(str[i])) + return 0; + } } return 1; } @@ -248,7 +255,7 @@ zend_bool s_memc_valid_key_ascii(zend_string *key) ZSTR_LEN(key) > MEMC_OBJECT_KEY_MAX_LENGTH || \ (memcached_behavior_get(intern->memc, MEMCACHED_BEHAVIOR_BINARY_PROTOCOL) \ ? !s_memc_valid_key_binary(key) \ - : (memcached_behavior_get(intern->memc, MEMCACHED_BEHAVIOR_VERIFY_KEY) && !s_memc_valid_key_ascii(key)) \ + : !s_memc_valid_key_ascii(key, memcached_behavior_get(intern->memc, MEMCACHED_BEHAVIOR_VERIFY_KEY)) \ ))) { \ intern->rescode = MEMCACHED_BAD_KEY_PROVIDED; \ RETURN_FALSE; \ @@ -342,7 +349,7 @@ PHP_INI_MH(OnUpdateSessionPrefixString) php_error_docref(NULL, E_WARNING, "memcached.sess_prefix too long (max: %d)", MEMCACHED_MAX_KEY - 1); return FAILURE; } - if (!s_memc_valid_key_ascii(new_value)) { + if (!s_memc_valid_key_ascii(new_value, 1)) { php_error_docref(NULL, E_WARNING, "memcached.sess_prefix cannot contain whitespace or control characters"); return FAILURE; }