1 /*
2   +----------------------------------------------------------------------+
3   | PHP Version 7                                                        |
4   +----------------------------------------------------------------------+
5   | Copyright (c) The PHP Group                                          |
6   +----------------------------------------------------------------------+
7   | This source file is subject to version 3.01 of the PHP license,      |
8   | that is bundled with this package in the file LICENSE, and is        |
9   | available through the world-wide-web at the following url:           |
10   | http://www.php.net/license/3_01.txt                                  |
11   | If you did not receive a copy of the PHP license and are unable to   |
12   | obtain it through the world-wide-web, please send a note to          |
13   | license@php.net so we can mail you a copy immediately.               |
14   +----------------------------------------------------------------------+
15   | Author: Wez Furlong <wez@thebrainroom.com>                           |
16   +----------------------------------------------------------------------+
17 */
18 
19 #ifdef HAVE_CONFIG_H
20 #include "config.h"
21 #endif
22 
23 #include "php.h"
24 #include "php_globals.h"
25 #include "ext/standard/info.h"
26 #include "php_sysvmsg.h"
27 #include "ext/standard/php_var.h"
28 #include "zend_smart_str.h"
29 
30 #include <sys/types.h>
31 #include <sys/ipc.h>
32 #include <sys/msg.h>
33 
34 PHP_MINIT_FUNCTION(sysvmsg);
35 PHP_MINFO_FUNCTION(sysvmsg);
36 
37 PHP_FUNCTION(msg_get_queue);
38 PHP_FUNCTION(msg_remove_queue);
39 PHP_FUNCTION(msg_stat_queue);
40 PHP_FUNCTION(msg_set_queue);
41 PHP_FUNCTION(msg_send);
42 PHP_FUNCTION(msg_receive);
43 PHP_FUNCTION(msg_queue_exists);
44 
45 typedef struct {
46 	key_t key;
47 	zend_long id;
48 } sysvmsg_queue_t;
49 
50 struct php_msgbuf {
51 	zend_long mtype;
52 	char mtext[1];
53 };
54 
55 /* In order to detect MSG_EXCEPT use at run time; we have no way
56  * of knowing what the bit definitions are, so we can't just define
57  * out own MSG_EXCEPT value. */
58 #define PHP_MSG_IPC_NOWAIT	1
59 #define PHP_MSG_NOERROR		2
60 #define PHP_MSG_EXCEPT		4
61 
62 /* True global resources - no need for thread safety here */
63 static int le_sysvmsg;
64 
65 /* {{{ arginfo */
66 ZEND_BEGIN_ARG_INFO_EX(arginfo_msg_get_queue, 0, 0, 1)
67 	ZEND_ARG_INFO(0, key)
68 	ZEND_ARG_INFO(0, perms)
69 ZEND_END_ARG_INFO()
70 
71 ZEND_BEGIN_ARG_INFO_EX(arginfo_msg_send, 0, 0, 3)
72 	ZEND_ARG_INFO(0, queue)
73 	ZEND_ARG_INFO(0, msgtype)
74 	ZEND_ARG_INFO(0, message)
75 	ZEND_ARG_INFO(0, serialize)
76 	ZEND_ARG_INFO(0, blocking)
77 	ZEND_ARG_INFO(1, errorcode)
78 ZEND_END_ARG_INFO()
79 
80 ZEND_BEGIN_ARG_INFO_EX(arginfo_msg_receive, 0, 0, 5)
81 	ZEND_ARG_INFO(0, queue)
82 	ZEND_ARG_INFO(0, desiredmsgtype)
83 	ZEND_ARG_INFO(1, msgtype)
84 	ZEND_ARG_INFO(0, maxsize)
85 	ZEND_ARG_INFO(1, message)
86 	ZEND_ARG_INFO(0, unserialize)
87 	ZEND_ARG_INFO(0, flags)
88 	ZEND_ARG_INFO(1, errorcode)
89 ZEND_END_ARG_INFO()
90 
91 ZEND_BEGIN_ARG_INFO_EX(arginfo_msg_remove_queue, 0, 0, 1)
92 	ZEND_ARG_INFO(0, queue)
93 ZEND_END_ARG_INFO()
94 
95 ZEND_BEGIN_ARG_INFO_EX(arginfo_msg_stat_queue, 0, 0, 1)
96 	ZEND_ARG_INFO(0, queue)
97 ZEND_END_ARG_INFO()
98 
99 ZEND_BEGIN_ARG_INFO_EX(arginfo_msg_set_queue, 0, 0, 2)
100 	ZEND_ARG_INFO(0, queue)
101 	ZEND_ARG_INFO(0, data)
102 ZEND_END_ARG_INFO()
103 
104 ZEND_BEGIN_ARG_INFO_EX(arginfo_msg_queue_exists, 0, 0, 1)
105 	ZEND_ARG_INFO(0, key)
106 ZEND_END_ARG_INFO()
107 /* }}} */
108 
109 /* {{{ sysvmsg_functions[]
110  *
111  * Every user visible function must have an entry in sysvmsg_functions[].
112  */
113 static const zend_function_entry sysvmsg_functions[] = {
114 	PHP_FE(msg_get_queue,				arginfo_msg_get_queue)
115 	PHP_FE(msg_send,					arginfo_msg_send)
116 	PHP_FE(msg_receive,					arginfo_msg_receive)
117 	PHP_FE(msg_remove_queue,			arginfo_msg_remove_queue)
118 	PHP_FE(msg_stat_queue,				arginfo_msg_stat_queue)
119 	PHP_FE(msg_set_queue,				arginfo_msg_set_queue)
120 	PHP_FE(msg_queue_exists,			arginfo_msg_queue_exists)
121 	PHP_FE_END
122 };
123 /* }}} */
124 
125 /* {{{ sysvmsg_module_entry
126  */
127 zend_module_entry sysvmsg_module_entry = {
128 	STANDARD_MODULE_HEADER,
129 	"sysvmsg",
130 	sysvmsg_functions,
131 	PHP_MINIT(sysvmsg),
132 	NULL,
133 	NULL,
134 	NULL,
135 	PHP_MINFO(sysvmsg),
136 	PHP_SYSVMSG_VERSION,
137 	STANDARD_MODULE_PROPERTIES
138 };
139 /* }}} */
140 
141 #ifdef COMPILE_DL_SYSVMSG
142 ZEND_GET_MODULE(sysvmsg)
143 #endif
144 
sysvmsg_release(zend_resource *rsrc)145 static void sysvmsg_release(zend_resource *rsrc)
146 {
147 	sysvmsg_queue_t *mq = (sysvmsg_queue_t *) rsrc->ptr;
148 	efree(mq);
149 }
150 
151 /* {{{ PHP_MINIT_FUNCTION
152  */
PHP_MINIT_FUNCTIONnull153 PHP_MINIT_FUNCTION(sysvmsg)
154 {
155 	le_sysvmsg = zend_register_list_destructors_ex(sysvmsg_release, NULL, "sysvmsg queue", module_number);
156 	REGISTER_LONG_CONSTANT("MSG_IPC_NOWAIT", PHP_MSG_IPC_NOWAIT, CONST_PERSISTENT|CONST_CS);
157 	REGISTER_LONG_CONSTANT("MSG_EAGAIN",	 EAGAIN, 	     CONST_PERSISTENT|CONST_CS);
158 	REGISTER_LONG_CONSTANT("MSG_ENOMSG",	 ENOMSG, 	     CONST_PERSISTENT|CONST_CS);
159 	REGISTER_LONG_CONSTANT("MSG_NOERROR",    PHP_MSG_NOERROR,    CONST_PERSISTENT|CONST_CS);
160 	REGISTER_LONG_CONSTANT("MSG_EXCEPT",     PHP_MSG_EXCEPT,     CONST_PERSISTENT|CONST_CS);
161 	return SUCCESS;
162 }
163 /* }}} */
164 
165 /* {{{ PHP_MINFO_FUNCTION
166  */
PHP_MINFO_FUNCTIONnull167 PHP_MINFO_FUNCTION(sysvmsg)
168 {
169 	php_info_print_table_start();
170 	php_info_print_table_row(2, "sysvmsg support", "enabled");
171 	php_info_print_table_end();
172 }
173 /* }}} */
174 
175 /* {{{ proto bool msg_set_queue(resource queue, array data)
176    Set information for a message queue */
PHP_FUNCTIONnull177 PHP_FUNCTION(msg_set_queue)
178 {
179 	zval *queue, *data;
180 	sysvmsg_queue_t *mq = NULL;
181 	struct msqid_ds stat;
182 
183 	RETVAL_FALSE;
184 
185 	if (zend_parse_parameters(ZEND_NUM_ARGS(), "ra", &queue, &data) == FAILURE) {
186 		return;
187 	}
188 
189 	if ((mq = (sysvmsg_queue_t *)zend_fetch_resource(Z_RES_P(queue), "sysvmsg queue", le_sysvmsg)) == NULL) {
190 		RETURN_FALSE;
191 	}
192 
193 	if (msgctl(mq->id, IPC_STAT, &stat) == 0) {
194 		zval *item;
195 
196 		/* now pull out members of data and set them in the stat buffer */
197 		if ((item = zend_hash_str_find(Z_ARRVAL_P(data), "msg_perm.uid", sizeof("msg_perm.uid") - 1)) != NULL) {
198 			stat.msg_perm.uid = zval_get_long(item);
199 		}
200 		if ((item = zend_hash_str_find(Z_ARRVAL_P(data), "msg_perm.gid", sizeof("msg_perm.gid") - 1)) != NULL) {
201 			stat.msg_perm.gid = zval_get_long(item);
202 		}
203 		if ((item = zend_hash_str_find(Z_ARRVAL_P(data), "msg_perm.mode", sizeof("msg_perm.mode") - 1)) != NULL) {
204 			stat.msg_perm.mode = zval_get_long(item);
205 		}
206 		if ((item = zend_hash_str_find(Z_ARRVAL_P(data), "msg_qbytes", sizeof("msg_qbytes") - 1)) != NULL) {
207 			stat.msg_qbytes = zval_get_long(item);
208 		}
209 		if (msgctl(mq->id, IPC_SET, &stat) == 0) {
210 			RETVAL_TRUE;
211 		}
212 	}
213 }
214 /* }}} */
215 
216 /* {{{ proto array msg_stat_queue(resource queue)
217    Returns information about a message queue */
PHP_FUNCTIONnull218 PHP_FUNCTION(msg_stat_queue)
219 {
220 	zval *queue;
221 	sysvmsg_queue_t *mq = NULL;
222 	struct msqid_ds stat;
223 
224 	RETVAL_FALSE;
225 
226 	if (zend_parse_parameters(ZEND_NUM_ARGS(), "r", &queue) == FAILURE) {
227 		return;
228 	}
229 
230 	if ((mq = (sysvmsg_queue_t *)zend_fetch_resource(Z_RES_P(queue), "sysvmsg queue", le_sysvmsg)) == NULL) {
231 		RETURN_FALSE;
232 	}
233 
234 	if (msgctl(mq->id, IPC_STAT, &stat) == 0) {
235 		array_init(return_value);
236 
237 		add_assoc_long(return_value, "msg_perm.uid", stat.msg_perm.uid);
238 		add_assoc_long(return_value, "msg_perm.gid", stat.msg_perm.gid);
239 		add_assoc_long(return_value, "msg_perm.mode", stat.msg_perm.mode);
240 		add_assoc_long(return_value, "msg_stime",  stat.msg_stime);
241 		add_assoc_long(return_value, "msg_rtime",  stat.msg_rtime);
242 		add_assoc_long(return_value, "msg_ctime",  stat.msg_ctime);
243 		add_assoc_long(return_value, "msg_qnum",   stat.msg_qnum);
244 		add_assoc_long(return_value, "msg_qbytes", stat.msg_qbytes);
245 		add_assoc_long(return_value, "msg_lspid",  stat.msg_lspid);
246 		add_assoc_long(return_value, "msg_lrpid",  stat.msg_lrpid);
247 	}
248 }
249 /* }}} */
250 
251 /* {{{ proto bool msg_queue_exists(int key)
252    Check whether a message queue exists */
PHP_FUNCTIONnull253 PHP_FUNCTION(msg_queue_exists)
254 {
255 	zend_long key;
256 
257 	if (zend_parse_parameters(ZEND_NUM_ARGS(), "l", &key) == FAILURE)	{
258 		return;
259 	}
260 
261 	if (msgget(key, 0) < 0) {
262 		RETURN_FALSE;
263 	}
264 
265 	RETURN_TRUE;
266 }
267 /* }}} */
268 
269 /* {{{ proto resource msg_get_queue(int key [, int perms])
270    Attach to a message queue */
PHP_FUNCTIONnull271 PHP_FUNCTION(msg_get_queue)
272 {
273 	zend_long key;
274 	zend_long perms = 0666;
275 	sysvmsg_queue_t *mq;
276 
277 	if (zend_parse_parameters(ZEND_NUM_ARGS(), "l|l", &key, &perms) == FAILURE)	{
278 		return;
279 	}
280 
281 	mq = (sysvmsg_queue_t *) emalloc(sizeof(sysvmsg_queue_t));
282 
283 	mq->key = key;
284 	mq->id = msgget(key, 0);
285 	if (mq->id < 0)	{
286 		/* doesn't already exist; create it */
287 		mq->id = msgget(key, IPC_CREAT | IPC_EXCL | perms);
288 		if (mq->id < 0)	{
289 			php_error_docref(NULL, E_WARNING, "failed for key 0x" ZEND_XLONG_FMT ": %s", key, strerror(errno));
290 			efree(mq);
291 			RETURN_FALSE;
292 		}
293 	}
294 	ZVAL_COPY_VALUE(return_value, zend_list_insert(mq, le_sysvmsg));
295 }
296 /* }}} */
297 
298 /* {{{ proto bool msg_remove_queue(resource queue)
299    Destroy the queue */
PHP_FUNCTIONnull300 PHP_FUNCTION(msg_remove_queue)
301 {
302 	zval *queue;
303 	sysvmsg_queue_t *mq = NULL;
304 
305 	if (zend_parse_parameters(ZEND_NUM_ARGS(), "r", &queue) == FAILURE) {
306 		return;
307 	}
308 
309 	if ((mq = (sysvmsg_queue_t *)zend_fetch_resource(Z_RES_P(queue), "sysvmsg queue", le_sysvmsg)) == NULL) {
310 		RETURN_FALSE;
311 	}
312 
313 	if (msgctl(mq->id, IPC_RMID, NULL) == 0) {
314 		RETVAL_TRUE;
315 	} else {
316 		RETVAL_FALSE;
317 	}
318 }
319 /* }}} */
320 
321 /* {{{ proto mixed msg_receive(resource queue, int desiredmsgtype, int &msgtype, int maxsize, mixed &message [, bool unserialize=true [, int flags=0 [, int &errorcode]]])
322    Send a message of type msgtype (must be > 0) to a message queue */
PHP_FUNCTIONnull323 PHP_FUNCTION(msg_receive)
324 {
325 	zval *out_message, *queue, *out_msgtype, *zerrcode = NULL;
326 	zend_long desiredmsgtype, maxsize, flags = 0;
327 	zend_long realflags = 0;
328 	zend_bool do_unserialize = 1;
329 	sysvmsg_queue_t *mq = NULL;
330 	struct php_msgbuf *messagebuffer = NULL; /* buffer to transmit */
331 	int result;
332 
333 	RETVAL_FALSE;
334 
335 	if (zend_parse_parameters(ZEND_NUM_ARGS(), "rlzlz|blz",
336 				&queue, &desiredmsgtype, &out_msgtype, &maxsize,
337 				&out_message, &do_unserialize, &flags, &zerrcode) == FAILURE) {
338 		return;
339 	}
340 
341 	if (maxsize <= 0) {
342 		php_error_docref(NULL, E_WARNING, "maximum size of the message has to be greater than zero");
343 		return;
344 	}
345 
346 	if (flags != 0) {
347 		if (flags & PHP_MSG_EXCEPT) {
348 #ifndef MSG_EXCEPT
349 			php_error_docref(NULL, E_WARNING, "MSG_EXCEPT is not supported on your system");
350 			RETURN_FALSE;
351 #else
352 			realflags |= MSG_EXCEPT;
353 #endif
354 		}
355 		if (flags & PHP_MSG_NOERROR) {
356 			realflags |= MSG_NOERROR;
357 		}
358 		if (flags & PHP_MSG_IPC_NOWAIT) {
359 			realflags |= IPC_NOWAIT;
360 		}
361 	}
362 
363 	if ((mq = (sysvmsg_queue_t *)zend_fetch_resource(Z_RES_P(queue), "sysvmsg queue", le_sysvmsg)) == NULL) {
364 		RETURN_FALSE;
365 	}
366 
367 	messagebuffer = (struct php_msgbuf *) safe_emalloc(maxsize, 1, sizeof(struct php_msgbuf));
368 
369 	result = msgrcv(mq->id, messagebuffer, maxsize, desiredmsgtype, realflags);
370 
371 	if (result >= 0) {
372 		/* got it! */
373 		ZEND_TRY_ASSIGN_REF_LONG(out_msgtype, messagebuffer->mtype);
374 		if (zerrcode) {
375 			ZEND_TRY_ASSIGN_REF_LONG(zerrcode, 0);
376 		}
377 
378 		RETVAL_TRUE;
379 		if (do_unserialize)	{
380 			php_unserialize_data_t var_hash;
381 			zval tmp;
382 			const unsigned char *p = (const unsigned char *) messagebuffer->mtext;
383 
384 			PHP_VAR_UNSERIALIZE_INIT(var_hash);
385 			if (!php_var_unserialize(&tmp, &p, p + result, &var_hash)) {
386 				php_error_docref(NULL, E_WARNING, "message corrupted");
387 				ZEND_TRY_ASSIGN_REF_FALSE(out_message);
388 				RETVAL_FALSE;
389 			} else {
390 				ZEND_TRY_ASSIGN_REF_TMP(out_message, &tmp);
391 			}
392 			PHP_VAR_UNSERIALIZE_DESTROY(var_hash);
393 		} else {
394 			ZEND_TRY_ASSIGN_REF_STRINGL(out_message, messagebuffer->mtext, result);
395 		}
396 	} else {
397 		ZEND_TRY_ASSIGN_REF_LONG(out_msgtype, 0);
398 		ZEND_TRY_ASSIGN_REF_FALSE(out_message);
399 		if (zerrcode) {
400 			ZEND_TRY_ASSIGN_REF_LONG(zerrcode, errno);
401 		}
402 	}
403 	efree(messagebuffer);
404 }
405 /* }}} */
406 
407 /* {{{ proto bool msg_send(resource queue, int msgtype, mixed message [, bool serialize=true [, bool blocking=true [, int errorcode]]])
408    Send a message of type msgtype (must be > 0) to a message queue */
PHP_FUNCTIONnull409 PHP_FUNCTION(msg_send)
410 {
411 	zval *message, *queue, *zerror=NULL;
412 	zend_long msgtype;
413 	zend_bool do_serialize = 1, blocking = 1;
414 	sysvmsg_queue_t * mq = NULL;
415 	struct php_msgbuf * messagebuffer = NULL; /* buffer to transmit */
416 	int result;
417 	int message_len = 0;
418 
419 	RETVAL_FALSE;
420 
421 	if (zend_parse_parameters(ZEND_NUM_ARGS(), "rlz|bbz",
422 				&queue, &msgtype, &message, &do_serialize, &blocking, &zerror) == FAILURE) {
423 		return;
424 	}
425 
426 	if ((mq = (sysvmsg_queue_t *)zend_fetch_resource(Z_RES_P(queue), "sysvmsg queue", le_sysvmsg)) == NULL) {
427 		RETURN_FALSE;
428 	}
429 
430 	if (do_serialize) {
431 		smart_str msg_var = {0};
432 		php_serialize_data_t var_hash;
433 
434 		PHP_VAR_SERIALIZE_INIT(var_hash);
435 		php_var_serialize(&msg_var, message, &var_hash);
436 		PHP_VAR_SERIALIZE_DESTROY(var_hash);
437 
438 		/* NB: php_msgbuf is 1 char bigger than a long, so there is no need to
439 		 * allocate the extra byte. */
440 		messagebuffer = safe_emalloc(ZSTR_LEN(msg_var.s), 1, sizeof(struct php_msgbuf));
441 		memcpy(messagebuffer->mtext, ZSTR_VAL(msg_var.s), ZSTR_LEN(msg_var.s) + 1);
442 		message_len = ZSTR_LEN(msg_var.s);
443 		smart_str_free(&msg_var);
444 	} else {
445 		char *p;
446 		switch (Z_TYPE_P(message)) {
447 			case IS_STRING:
448 				p = Z_STRVAL_P(message);
449 				message_len = Z_STRLEN_P(message);
450 				break;
451 
452 			case IS_LONG:
453 				message_len = spprintf(&p, 0, ZEND_LONG_FMT, Z_LVAL_P(message));
454 				break;
455 			case IS_FALSE:
456 				message_len = spprintf(&p, 0, "0");
457 				break;
458 			case IS_TRUE:
459 				message_len = spprintf(&p, 0, "1");
460 				break;
461 			case IS_DOUBLE:
462 				message_len = spprintf(&p, 0, "%F", Z_DVAL_P(message));
463 				break;
464 			default:
465 				php_error_docref(NULL, E_WARNING, "Message parameter must be either a string or a number.");
466 				RETURN_FALSE;
467 		}
468 
469 		messagebuffer = safe_emalloc(message_len, 1, sizeof(struct php_msgbuf));
470 		memcpy(messagebuffer->mtext, p, message_len + 1);
471 
472 		if (Z_TYPE_P(message) != IS_STRING) {
473 			efree(p);
474 		}
475 	}
476 
477 	/* set the message type */
478 	messagebuffer->mtype = msgtype;
479 
480 	result = msgsnd(mq->id, messagebuffer, message_len, blocking ? 0 : IPC_NOWAIT);
481 
482 	efree(messagebuffer);
483 
484 	if (result == -1) {
485 		php_error_docref(NULL, E_WARNING, "msgsnd failed: %s", strerror(errno));
486 		if (zerror) {
487 			ZEND_TRY_ASSIGN_REF_LONG(zerror, errno);
488 		}
489 	} else {
490 		RETVAL_TRUE;
491 	}
492 }
493 /* }}} */
494