Skip to content

Instantly share code, notes, and snippets.

@heiglandreas

heiglandreas/CallInPHP74.php

Last active January 24, 2021 13:27
Show Gist options
  • Save heiglandreas/d2cfc3d24df916d673a20f1bcb3fb811 to your computer and use it in GitHub Desktop.
Save heiglandreas/d2cfc3d24df916d673a20f1bcb3fb811 to your computer and use it in GitHub Desktop.
Download ZIP
Functions that take faulty parameters without notice in PHP7.4 but raise a type-error in PHP8
Raw
CallInPHP74.php
<?php
/**
* This file reads the previously created file and executes the listed function calls via eval.
* As eval throws up when something goes south I needed to exclude some calls, where pass-by-reference is used
* This script will then check whether a warning is raised or not and if not, add the function call to the file
* "problematicFunctionCalls" and the function itself to the "problematicFunctions" file.
*/
$wasError = false;
function myErrorHandler(int $errno , string $errstr , ?string $errfile = null , ?int $errline = null , ?array $errcontext = [] ): bool
{
global $wasError;
echo $errstr . '::';
$wasError = true;
}
set_error_handler('myErrorHandler');
error_reporting(E_ALL);
$coolCalls = [
"openssl_pkcs12_read(null, 'This is a string', 2)",
"openssl_pkcs12_read(null, 'This is a string', 2.3)",
"openssl_pkcs12_read(null, 'This is a string', null)",
"openssl_pkcs12_read(null, 'This is a string', true)",
"openssl_pkcs12_read(null, 'This is a string', 'This is a string')",
"openssl_pkcs7_read(null, 2)",
"openssl_pkcs7_read(null, 2.3)",
"openssl_pkcs7_read(null, null)",
"openssl_pkcs7_read(null, true)",
"openssl_pkcs7_read(null, 'This is a string')",
"openssl_private_encrypt(null, null, 2, 2)",
"openssl_private_encrypt(null, null, 2, 2.3)",
"openssl_private_encrypt(null, null, 2, null)",
"openssl_private_encrypt(null, null, 2, true)",
"openssl_private_encrypt(null, null, 2, 'This is a string')",
"openssl_private_decrypt(null, null, 2, 2)",
"openssl_private_decrypt(null, null, 2, 2.3)",
"openssl_private_decrypt(null, null, 2, null)",
"openssl_private_decrypt(null, null, 2, true)",
"openssl_private_decrypt(null, null, 2, 'This is a string')",
"openssl_public_encrypt(null, null, 2, 2)",
"openssl_public_encrypt(null, null, 2, 2.3)",
"openssl_public_encrypt(null, null, 2, null)",
"openssl_public_encrypt(null, null, 2, true)",
"openssl_public_encrypt(null, null, 2, 'This is a string')",
"openssl_public_decrypt(null, null, 2, 2)",
"openssl_public_decrypt(null, null, 2, 2.3)",
"openssl_public_decrypt(null, null, 2, null)",
"openssl_public_decrypt(null, null, 2, true)",
"openssl_public_decrypt(null, null, 2, 'This is a string')",
];
$coolModules = [
'openssl_pkcs12_read',
'openssl_pkcs7_read',
'openssl_private_',
'openssl_public_',
'openssl_sign',
'openssl_seal',
'openssl_open',
'openssl_encrypt',
'openssl_decrypt',
'openssl_random_pseudo_bytes',
'preg_match',
'pcntl_waitpid',
'pcntl_sigprocmask',
'getopt',
'dns_get_record',
'dns_get_mx',
'getmxrr',
'similar_text',
'parse_str(null',
'sscanf(\'This is a string\', null, ',
'exec(null, null,',
'system(null,',
'passthru(null,',
'fsockopen(2, null, null, 2.3,',
'fsockopen(\'This is a string\', null, null, 2.3, ',
'pfsockopen(2, null, null, 2.3, ',
'pfsockopen(\'This is a string\', null, null, 2.3, ',
'getimagesize(null, ',
'getimagesizefromstring(null,',
'stream_socket_client(null, null, 2.3, 2, null,',
'stream_socket_client(null, null, null, 2, null,',
'stream_socket_server(null, null, 2, null, ',
'stream_socket_server(null, null, null, null, ',
'grapheme_extract(2, 2, 2, null, ',
'grapheme_extract(\'This is a string\', 2, 2, null, ',
'idn_to_ascii(2, 2, null, ',
'idn_to_ascii(\'This is a string\', 2, null, ',
'idn_to_utf8(2, 2, null,',
'idn_to_utf8(\'This is a string\', 2, null,',
'intltz_get_canonical_id(null, ',
'mb_parse_str(null,',
'mb_convert_variables(null, null, null, ',
'mb_ereg(\'This is a string\', null, ',
'mb_eregi(\'This is a string\', null, ',
'socket_create_pair(2, 2, null,',
];
$fh = fopen(__DIR__ . '/problematicFunctions.txt', 'w+');
$fh2 = fopen( __DIR__ . '/problematicFUnctioncalls.txt', 'w+');
foreach (file(__DIR__ . '/toBeCalledInPHP7.4') as $line) {
$line = trim($line);
if (strpos($line, 'Value') === 0) {
continue;
}
if (in_array($line, $coolCalls)) {
continue;
}
foreach ($coolModules as $coolModule) {
if (strpos($line, $coolModule) === 0) {
continue 2;
}
}
$wasError = false;
try {
$line = preg_replace('/\/\/.*$/','', $line);
echo $line . ' //';
eval($line . ';');
echo error_get_last();
} catch (Throwable $e) {
$wasError = true;
echo $e->getMessage() . '==';
}
echo ($wasError?"true":'false') . PHP_EOL;
if (! $wasError) {
fwrite($fh2,sprintf('%s does not cause 7.4 to raise an issue but results in a TypeException in 8!', $line) . PHP_EOL);
fwrite($fh, substr($line, 0, strpos($line, '(')) . PHP_EOL);
}
}
fclose($fh);
fclose($fh2);
Raw
callInPHP8.php
<?php
/**
* This script creates a file that contains calls for functions that result in a TypeError when run in PHP8.
*/
$writeStuff = [];
$dotlen = 0;
$trivialParameters = [
'string',
'int',
'float',
'double',
'null',
'bool',
'?string',
'?int',
'?float',
'?double',
'?bool',
];
$omitFunctions = [
'func_get_arg',
'error_reporting',
'set_time_limit',
'output_add_rewrite_var',
'sleep',
'time_nanosleep',
'readline',
];
$omitModules = [
'sodium',
'ob',
'posix',
'pg',
'readline'
];
foreach (get_defined_functions()['internal'] as $function) {
if (in_array($function, $omitFunctions)) {
continue;
}
foreach ($omitModules as $module) {
if (strpos($function, $module . '_') === 0) {
continue 2;
}
}
//echo '__' . $function . '::';
$funcReflection = new ReflectionFunction($function);
$params = [];
$parameters = $funcReflection->getParameters();
if (count($parameters) < 1) {
continue;
}
$executeParams = [];
foreach ($parameters as $key => $parameter) {
if (! in_array((string) $parameter->getType(), $trivialParameters)) {
//write('error', 'function %s requires a non-trivial parameter', $function);
continue(2);
}
$callParameters = [];
foreach ($parameters as $defaultKey => $defaultParameter) {
if ($key === $defaultKey) {
continue;
}
$callParameters[$defaultKey] = getTypeValue((string) $defaultParameter->getType())[0];
}
foreach ($trivialParameters as $trivialParameter) {
if ($trivialParameter === (string) $parameter->getType()) {
continue;
}
foreach (getTypeValue($trivialParameter) as $callParam) {
$callParameters[$key] = $callParam;
try {
@$function(...$callParameters);
writeDot();
} catch (TypeError $e) {
writeDot('F');
write ('notice', '%s(%s) //%s', $function, implodeToString(', ', $callParameters), $e->getMessage());
} catch (ValueError $e) {
writeDot('V');
write ('notice', 'Value Error: function "%s" with parameters "%s" threw up', $function, implodeToString(', ', $callParameters));
} catch (Throwable $e) {
//
}
}
}
}
//write('notice', "function %s uses these tpyes as parameters: %s", $function, implode(', ', $params));
}
file_put_contents(__DIR__ . '/toBeCalledInPHP7.4', implode(PHP_EOL, $writeStuff));
function implodeToString(string $separator, array $values): string
{
foreach ($values as $key => $value) {
if ($value === true || $value === false) {
$values[$key] = $value ? 'true' : 'false';
continue;
}
switch ($value) {
case null:
$values[$key] = 'null';
break;
case 'This is a string':
$values[$key] = "'This is a string'";
break;
default:
$values[$key] = $value;
}
}
return implode($separator, $values);
}
function writeDot(string $letter = '.'): void
{
global $dotlen;
echo $letter;
$dotlen++;
if ($dotlen > 64) {
$dotlen = 0;
echo PHP_EOL;
}
}
function getTypeValue(string $type) : array
{
switch ($type) {
case 'string':
return ['This is a string'];
case 'int':
return [2];
case 'float':
case 'double':
return [2.3];
case 'null':
return [null];
case 'bool':
return [true];
case'?string':
return ['This is a string', null];
case '?int':
return [2, null];
case '?float':
case '?double':
return [2.3, null];
case '?bool':
return [true, null];
default:
return [null];
}
}
function write(string $level, string $string, ...$replacements): void
{
global $writeStuff;
if ($level === 'error') {
return;
}
$writeStuff[] = sprintf($string, ...$replacements);
}
Raw
problematicFunctionCalls
get_class_vars(2) does not cause 7.4 to raise an issue but results in a TypeException in 8!
get_class_vars(2.3) does not cause 7.4 to raise an issue but results in a TypeException in 8!
get_class_vars(2.3) does not cause 7.4 to raise an issue but results in a TypeException in 8!
get_class_vars(null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
get_class_vars(true) does not cause 7.4 to raise an issue but results in a TypeException in 8!
get_class_vars('This is a string') does not cause 7.4 to raise an issue but results in a TypeException in 8!
get_class_vars(null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
get_class_vars(2) does not cause 7.4 to raise an issue but results in a TypeException in 8!
get_class_vars(null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
get_class_vars(2.3) does not cause 7.4 to raise an issue but results in a TypeException in 8!
get_class_vars(null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
get_class_vars(2.3) does not cause 7.4 to raise an issue but results in a TypeException in 8!
get_class_vars(null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
get_class_vars(true) does not cause 7.4 to raise an issue but results in a TypeException in 8!
get_class_vars(null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
filter_input(2, 2, null, 'This is a string') does not cause 7.4 to raise an issue but results in a TypeException in 8!
filter_input(2, 'This is a string', null, 'This is a string') does not cause 7.4 to raise an issue but results in a TypeException in 8!
filter_input(2, 'This is a string', null, 'This is a string') does not cause 7.4 to raise an issue but results in a TypeException in 8!
strtr(null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
strtr(null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
strtr(null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
strtr(null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
strtr(null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
strtr(null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vprintf(null, 2) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vprintf(null, 2.3) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vprintf(null, 2.3) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vprintf(null, null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vprintf(null, true) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vprintf(null, 'This is a string') does not cause 7.4 to raise an issue but results in a TypeException in 8!
vprintf(null, null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vprintf(null, 2) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vprintf(null, null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vprintf(null, 2.3) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vprintf(null, null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vprintf(null, 2.3) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vprintf(null, null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vprintf(null, true) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vprintf(null, null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vsprintf(null, 2) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vsprintf(null, 2.3) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vsprintf(null, 2.3) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vsprintf(null, null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vsprintf(null, true) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vsprintf(null, 'This is a string') does not cause 7.4 to raise an issue but results in a TypeException in 8!
vsprintf(null, null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vsprintf(null, 2) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vsprintf(null, null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vsprintf(null, 2.3) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vsprintf(null, null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vsprintf(null, 2.3) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vsprintf(null, null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vsprintf(null, true) does not cause 7.4 to raise an issue but results in a TypeException in 8!
vsprintf(null, null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
decbin('This is a string') does not cause 7.4 to raise an issue but results in a TypeException in 8!
decbin('This is a string') does not cause 7.4 to raise an issue but results in a TypeException in 8!
decoct('This is a string') does not cause 7.4 to raise an issue but results in a TypeException in 8!
decoct('This is a string') does not cause 7.4 to raise an issue but results in a TypeException in 8!
dechex('This is a string') does not cause 7.4 to raise an issue but results in a TypeException in 8!
dechex('This is a string') does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create(2, 2, null, null, 'This is a string', 'This is a string') does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create(2, 2, null, null, 'This is a string', 2) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create(2, 2, null, null, 'This is a string', 2.3) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create(2, 2, null, null, 'This is a string', 2.3) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create(2, 2, null, null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create(2, 2, null, null, 'This is a string', true) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create(2, 2, null, null, 'This is a string', 2) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create(2, 2, null, null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create(2, 2, null, null, 'This is a string', 2.3) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create(2, 2, null, null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create(2, 2, null, null, 'This is a string', 2.3) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create(2, 2, null, null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create(2, 2, null, null, 'This is a string', true) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create(2, 2, null, null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', 'This is a string') does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', 2.3) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', 2.3) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', true) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', 'This is a string') does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', 2) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', 2.3) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', 2.3) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', true) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', 'This is a string') does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', 2.3) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', 2.3) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', true) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', 'This is a string') does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', 2) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', 2.3) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', 2.3) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', true) does not cause 7.4 to raise an issue but results in a TypeException in 8!
datefmt_create('This is a string', 2, null, null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
mb_decode_numericentity(null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
mb_decode_numericentity(null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
mb_decode_numericentity(null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
mb_decode_numericentity(null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
mb_decode_numericentity(null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
mb_decode_numericentity(null, 'This is a string', null) does not cause 7.4 to raise an issue but results in a TypeException in 8!
xdebug_stop_code_coverage('This is a string') does not cause 7.4 to raise an issue but results in a TypeException in 8!
xdebug_stop_code_coverage('This is a string') does not cause 7.4 to raise an issue but results in a TypeException in 8!
Raw
problematicFunctions
datefmt_create
decbin
dechex
decoct
filter_input
get_class_vars
mb_decode_numericentity
strtr
vprintf
vsprintf
xdebug_stop_code_coverage
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment