Merge branch 'master' into check_key_fix

Author: m6w6

.github/workflows/build-and-test.yml

@@ -7,13 +7,10 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        php: ['7.0', '7.1', '7.2', '7.3', '7.4', '8.0', '8.1', '8.2']
+        php: ['7.0', '7.1', '7.2', '7.3', '7.4', '8.0', '8.1', '8.2', '8.3']
         experimental: [false]
         include:
-          - php: '8.2'
-            awesome: true
-            experimental: true
-          - php: '8.3'
+          - php: '8.4'
             experimental: true
     steps:
       - name: Checkout
@@ -29,20 +26,8 @@ jobs:
         run: |
           sudo apt-get update
           sudo apt-get install cmake memcached libsasl2-dev sasl2-bin zlib1g-dev
-      - if: ${{ ! matrix.awesome }}
-        name: Install libmemcached-dev (from distro)
+      - name: Install libmemcached-dev
         run: sudo apt-get install libmemcached-dev
-      - if: ${{ matrix.awesome }}
-        name: Install libmemcached-awesome (from source)
-        run: |
-          curl -sL -o libmemcached.tgz https://github.com/awesomized/libmemcached/archive/refs/tags/1.1.3.tar.gz
-          mkdir libmemcached
-          tar --strip-components=1 -xf libmemcached.tgz -C libmemcached
-          mkdir build-libmemcached
-          cd build-libmemcached
-          cmake -D ENABLE_HASH_HSIEH=ON -D ENABLE_SASL=ON ../libmemcached
-          make
-          sudo make install
       - name: Start memcached daemons
         run: |
           export SASL_CONF_PATH="/tmp/sasl2"
@@ -83,7 +68,7 @@ jobs:
 
             define ("MEMC_SASL_SERVER_HOST", "127.0.0.1");
             define ("MEMC_SASL_SERVER_PORT", 11212);
-              
+
             define ('MEMC_SASL_USER', 'memcached');
             define ('MEMC_SASL_PASS', 'test');
           EOF

.github/workflows/build-windows.yml

@@ -7,7 +7,7 @@ jobs:
         shell: cmd
     strategy:
       matrix:
-          version: ['7.4', '8.0', '8.1']
+          version: ['8.3']
           arch: [x64, x86]
           ts: [nts, zts]
     runs-on: windows-latest
@@ -16,7 +16,7 @@ jobs:
         uses: actions/checkout@v4
       - name: Setup PHP
         id: setup-php
-        uses: cmb69/setup-php-sdk@v0.7
+        uses: php/setup-php-sdk@v0.9
         with:
           version: ${{matrix.version}}
           arch: ${{matrix.arch}}

README.markdown

@@ -1,6 +1,6 @@
 Build Status
 ------------
-[![Build Status](https://travis-ci.org/php-memcached-dev/php-memcached.png)](https://travis-ci.org/php-memcached-dev/php-memcached)
+![Build Status](https://github.com/php-memcached-dev/php-memcached/actions/workflows/build-and-test.yml/badge.svg?branch=master)
 
 Description
 -----------
@@ -23,7 +23,7 @@ Dependencies
 ------------
 
 php-memcached 3.x:
-* Supports PHP 7.0 - 8.2 or higher.
+* Supports PHP 7.0 - 8.3 or higher.
 * Requires libmemcached 1.x or higher.
 * Optionally supports igbinary 2.0 or higher.
 * Optionally supports msgpack 2.0 or higher.

composer.json

@@ -0,0 +1,68 @@
+{
+    "name": "php-memcached/php-memcached",
+    "type": "php-ext",
+    "license": "PHP-3.01",
+    "description": "memcached extension based on libmemcached library ",
+    "require": {
+        "php": ">= 7.0.0"
+    },
+    "suggest": {
+        "ext-igbinary": "igbinary is a faster and more compact binary serializer for PHP data structures.",
+        "ext-msgpack": "msgpack is a faster and more compact data structure representation that is interoperable with msgpack implementations for other languages."
+    },
+    "php-ext": {
+        "extension-name": "memcached",
+        "configure-options": [
+            {
+                "name": "enable-memcached",
+                "description": "Enable memcached support"
+            },
+            {
+                "name": "with-libmemcached-dir",
+                "description": "Set the path to libmemcached install prefix.",
+                "needs-value": true
+            },
+            {
+                "name": "enable-memcached-session",
+                "description": "Enable memcached session handler support"
+            },
+            {
+                "name": "enable-memcached-igbinary",
+                "description": "Enable memcached igbinary serializer support"
+            },
+            {
+                "name": "enable-memcached-json",
+                "description": "Enable memcached json serializer support"
+            },
+            {
+                "name": "enable-memcached-msgpack",
+                "description": "Enable memcached msgpack serializer support"
+            },
+            {
+                "name": "enable-memcached-sasl",
+                "description": "Enable memcached sasl support"
+            },
+            {
+                "name": "enable-memcached-protocol",
+                "description": "Enable memcached protocol support"
+            },
+            {
+                "name": "with-system-fastlz",
+                "description": "Use system FastLZ library"
+            },
+            {
+                "name": "with-zstd",
+                "description": "Use system zstd library"
+            },
+            {
+                "name": "with-zlib-dir",
+                "description": "Set the path to ZLIB install prefix.",
+                "needs-value": true
+            },
+            {
+                "name": "enable-debug",
+                "description": "Compile with debugging symbols"
+            }
+        ]
+    }
+}

php_memcached.c

@@ -243,15 +243,21 @@ uint32_t s_memc_object_key_max_length(php_memc_object_t *intern) {
 	}
 }
 
-static
-zend_bool s_memc_valid_key_ascii(zend_string *key)
+zend_bool s_memc_valid_key_ascii(zend_string *key, uint64_t verify_key)
 {
 	const char *str = ZSTR_VAL(key);
 	size_t i, len = ZSTR_LEN(key);
 
-	for (i = 0; i < len; i++) {
-		if (!isgraph(str[i]) || isspace(str[i]))
-			return 0;
+	if (verify_key) {
+		for (i = 0; i < len; i++) {
+			if (!isgraph(str[i]) || isspace(str[i]))
+				return 0;
+		}
+	} else { /* if key verification is disabled, only check for spaces to avoid injection issues */
+		for (i = 0; i < len; i++) {
+			if (isspace(str[i]))
+				return 0;
+		}
 	}
 	return 1;
 }
@@ -261,7 +267,7 @@ zend_bool s_memc_valid_key_ascii(zend_string *key)
 		ZSTR_LEN(key) > s_memc_object_key_max_length(intern) ||                   \
 		(memcached_behavior_get(intern->memc, MEMCACHED_BEHAVIOR_BINARY_PROTOCOL) \
 				? !s_memc_valid_key_binary(key)                                   \
-				: !s_memc_valid_key_ascii(key)                                    \
+				: !s_memc_valid_key_ascii(key, memcached_behavior_get(intern->memc, MEMCACHED_BEHAVIOR_VERIFY_KEY)) \
 		))) {                                                                     \
 		intern->rescode = MEMCACHED_BAD_KEY_PROVIDED;                             \
 		RETURN_FALSE;                                                             \
@@ -355,7 +361,7 @@ PHP_INI_MH(OnUpdateSessionPrefixString)
 			php_error_docref(NULL, E_WARNING, "memcached.sess_prefix too long (max: %d)", MEMCACHED_MAX_KEY - 1);
 			return FAILURE;
 		}
-		if (!s_memc_valid_key_ascii(new_value)) {
+		if (!s_memc_valid_key_ascii(new_value, 1)) {
 			php_error_docref(NULL, E_WARNING, "memcached.sess_prefix cannot contain whitespace or control characters");
 			return FAILURE;
 		}
@@ -946,17 +952,18 @@ zend_bool s_compress_value (php_memc_compression_type compression_type, zend_lon
 
 		case COMPRESSION_TYPE_ZLIB:
 		{
-			compressed_size = buffer_size;
+			unsigned long cs = compressed_size = buffer_size;
 
 			if (compression_level < 0) {
 				compression_level = 0;
 			} else if (compression_level > 9) {
 				compression_level = 9;
 			}
 
-			int status = compress2((Bytef *) buffer, &compressed_size, (Bytef *) ZSTR_VAL(payload), ZSTR_LEN(payload), compression_level);
+			int status = compress2((Bytef *) buffer, &cs, (Bytef *) ZSTR_VAL(payload), ZSTR_LEN(payload), compression_level);
 
 			if (status == Z_OK) {
+				compressed_size = cs;
 				compress_status = 1;
 				compression_type_flag = MEMC_VAL_COMPRESSION_ZLIB;
 			}
@@ -3764,7 +3771,10 @@ zend_string *s_decompress_value (const char *payload, size_t payload_len, uint32
 		decompress_status = ((length = fastlz_decompress(payload, payload_len, &buffer->val, buffer->len)) > 0);
 	}
 	else if (is_zlib) {
-		decompress_status = (uncompress((Bytef *) buffer->val, &buffer->len, (Bytef *)payload, payload_len) == Z_OK);
+		unsigned long ds = buffer->len;
+
+		decompress_status = (uncompress((Bytef *) buffer->val, &ds, (Bytef *)payload, payload_len) == Z_OK);
+		buffer->len = ds;
 	}
 
 	ZSTR_VAL(buffer)[stored_length] = '\0';

tests/cas_invalid_key.phpt

@@ -5,7 +5,10 @@ Memcached::cas() with strange key
 --FILE--
 <?php
 include dirname(__FILE__) . '/config.inc';
-$m = memc_get_instance ();
+$m = memc_get_instance (array (
+    Memcached::OPT_BINARY_PROTOCOL => false,
+    Memcached::OPT_VERIFY_KEY => true
+));
 
 error_reporting(0);
 var_dump($m->cas(0, '', true, 10));

tests/delete_bykey.phpt

@@ -5,7 +5,10 @@ Memcached::deleteByKey()
 --FILE--
 <?php
 include dirname(__FILE__) . '/config.inc';
-$m = memc_get_instance ();
+$m = memc_get_instance (array (
+    Memcached::OPT_BINARY_PROTOCOL => false,
+    Memcached::OPT_VERIFY_KEY => true
+));
 
 $m->setByKey('keffe', 'eisaleeoo', "foo");
 var_dump($m->getByKey('keffe', 'eisaleeoo'));

tests/get.phpt

@@ -5,7 +5,10 @@ Memcached::get()
 --FILE--
 <?php
 include dirname(__FILE__) . '/config.inc';
-$m = memc_get_instance ();
+$m = memc_get_instance (array (
+    Memcached::OPT_BINARY_PROTOCOL => false,
+    Memcached::OPT_VERIFY_KEY => true
+));
 
 $m->delete('foo');
 

tests/keys_ascii.phpt

@@ -8,11 +8,8 @@ Test valid and invalid keys - ascii
 include dirname (__FILE__) . '/config.inc';
 $ascii = memc_get_instance (array (
 				Memcached::OPT_BINARY_PROTOCOL => false,
-				Memcached::OPT_VERIFY_KEY => false
+				Memcached::OPT_VERIFY_KEY => true
 		));
-// libmemcached can verify keys, but these are tests are for our own
-// function s_memc_valid_key_ascii, so explicitly disable the checks
-// that libmemcached can perform.
 
 echo 'ASCII: SPACES' . PHP_EOL;
 var_dump ($ascii->set ('ascii key with spaces', 'this is a test'));