> I also know people that print_r($an_object) and parse the output just to > extract the object handle from there... Crazy isn't it ? >
I plead guilty for doing this, but php let me no better choice for now ;) The attached patch removes the XOR hashing for the object handle (it's useless, the "secret" is trivially guessed after parsing the output of var_dump). It would be awesome if this patch could be applied for php 7.0! Cheers, Nicolas <http://marc.info/?l=php-internals&m=141811755908008&w=2>
diff --git a/ext/spl/php_spl.c b/ext/spl/php_spl.c index e89caa2..0d8be97 100644 --- a/ext/spl/php_spl.c +++ b/ext/spl/php_spl.c @@ -755,22 +755,20 @@ PHP_FUNCTION(spl_object_hash) PHPAPI zend_string *php_spl_object_hash(zval *obj) /* {{{*/ { - intptr_t hash_handle, hash_handlers; + intptr_t hash_handlers; if (!SPL_G(hash_mask_init)) { if (!BG(mt_rand_is_seeded)) { php_mt_srand((uint32_t)GENERATE_SEED()); } - SPL_G(hash_mask_handle) = (intptr_t)(php_mt_rand() >> 1); SPL_G(hash_mask_handlers) = (intptr_t)(php_mt_rand() >> 1); SPL_G(hash_mask_init) = 1; } - hash_handle = SPL_G(hash_mask_handle)^(intptr_t)Z_OBJ_HANDLE_P(obj); hash_handlers = SPL_G(hash_mask_handlers)^(intptr_t)Z_OBJ_HT_P(obj); - return strpprintf(32, "%016lx%016lx", hash_handle, hash_handlers); + return strpprintf(32, "%016lx%016lx", (intptr_t)Z_OBJ_HANDLE_P(obj), hash_handlers); } /* }}} */ diff --git a/ext/spl/php_spl.h b/ext/spl/php_spl.h index 015ada4..b2450ca 100644 --- a/ext/spl/php_spl.h +++ b/ext/spl/php_spl.h @@ -62,7 +62,6 @@ PHP_MINFO_FUNCTION(spl); ZEND_BEGIN_MODULE_GLOBALS(spl) zend_string *autoload_extensions; HashTable *autoload_functions; - intptr_t hash_mask_handle; intptr_t hash_mask_handlers; int hash_mask_init; int autoload_running; diff --git a/ext/spl/tests/spl_005.phpt b/ext/spl/tests/spl_005.phpt index 219c791..c1bffe7 100644 --- a/ext/spl/tests/spl_005.phpt +++ b/ext/spl/tests/spl_005.phpt @@ -11,7 +11,7 @@ var_dump(spl_object_hash()); ===DONE=== <?php exit(0); ?> --EXPECTF-- -string(32) "%s" +string(32) "000000000000000%r[1-9]%r00000000%s" Warning: spl_object_hash() expects parameter 1 to be object, integer given in %sspl_005.php on line %d NULL
-- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php