Mark parameter in ext/zip as sensitive

TimWolla · TimWolla · commit 7e09d1cce089 · 2022-04-13T09:25:10.000+02:00
- ZipArchive::setPassword: $password
- ZipArchive::setEncryptionName: $password
- ZipArchive::setEncryptionIndex: $password
diff --git a/ext/zip/php_zip.c b/ext/zip/php_zip.c
@@ -26,6 +26,7 @@
 #include "ext/standard/php_string.h"
 #include "ext/pcre/php_pcre.h"
 #include "ext/standard/php_filestat.h"
+#include "zend_attributes.h"
 #include "zend_interfaces.h"
 #include "php_zip.h"
 #include "php_zip_arginfo.h"
@@ -3255,6 +3256,12 @@ static PHP_MINIT_FUNCTION(zip)
 	le_zip_dir   = zend_register_list_destructors_ex(php_zip_free_dir,   NULL, le_zip_dir_name,   module_number);
 	le_zip_entry = zend_register_list_destructors_ex(php_zip_free_entry, NULL, le_zip_entry_name, module_number);
 
+	zend_mark_function_parameter_as_sensitive(&zip_class_entry->function_table, "setpassword", 0 /* $password */);
+#ifdef HAVE_ENCRYPTION
+	zend_mark_function_parameter_as_sensitive(&zip_class_entry->function_table, "setencryptionname", 2 /* $password */);
+	zend_mark_function_parameter_as_sensitive(&zip_class_entry->function_table, "setencryptionindex", 2 /* $password */);
+#endif
+
 	return SUCCESS;
 }
 /* }}} */
