php · TimWolla · Jun 13, 2022 · Jan 27, 2022 · Jan 27, 2022 · Apr 12, 2022
@@ -75,6 +75,7 @@ function ftp_connect(string $hostname, int $port = 21, int $timeout = 90): FTP\C
     function ftp_ssl_connect(string $hostname, int $port = 21, int $timeout = 90): FTP\Connection|false {}
     #endif
 
+    /** @sensitive-param $password */
     function ftp_login(FTP\Connection $ftp, string $username, string $password): bool {}
     function ftp_pwd(FTP\Connection $ftp): string|false {}
     function ftp_cdup(FTP\Connection $ftp): bool {}

diff --git a/ext/ftp/ftp_arginfo.h b/ext/ftp/ftp_arginfo.h
diff --git a/ext/ftp/php_ftp.c b/ext/ftp/php_ftp.c
@@ -29,6 +29,7 @@
 
 #include "ext/standard/info.h"
 #include "ext/standard/file.h"
+#include "Zend/zend_attributes.h"
 #include "Zend/zend_exceptions.h"
 
 #include "php_ftp.h"

diff --git a/ext/hash/hash.c b/ext/hash/hash.c
@@ -26,8 +26,9 @@
 #include "ext/standard/php_var.h"
 #include "ext/spl/spl_exceptions.h"
 
-#include "zend_interfaces.h"
+#include "zend_attributes.h"
 #include "zend_exceptions.h"
+#include "zend_interfaces.h"
 #include "zend_smart_str.h"
 
 #include "hash_arginfo.h"

@@ -14,13 +14,22 @@ function hash(string $algo, string $data, bool $binary = false, array $options =
 /** @refcount 1 */
 function hash_file(string $algo, string $filename, bool $binary = false, array $options = []): string|false {}
 
-/** @refcount 1 */
+/**
+ * @sensitive-param $key
+ * @refcount 1
+ */
 function hash_hmac(string $algo, string $data, string $key, bool $binary = false): string {}
 
-/** @refcount 1 */
+/**
+ * @sensitive-param $key
+ * @refcount 1
+ */
 function hash_hmac_file(string $algo, string $filename, string $key, bool $binary = false): string|false {}
 
-/** @refcount 1 */
+/**
+ * @sensitive-param $key
+ * @refcount 1
+ */
 function hash_init(string $algo, int $flags = 0, string $key = "", array $options = []): HashContext {}
 
 function hash_update(HashContext $context, string $data): bool {}
@@ -49,12 +58,22 @@ function hash_algos(): array {}
  */
 function hash_hmac_algos(): array {}
 
-/** @refcount 1 */
+/**
+ * @sensitive-param $password
+ * @refcount 1
+ */
 function hash_pbkdf2(string $algo, string $password, string $salt, int $iterations, int $length = 0, bool $binary = false): string {}
 
+/**
+ * @sensitive-param $known_string
+ * @sensitive-param $user_string
+ */
 function hash_equals(string $known_string, string $user_string): bool {}
 
-/** @refcount 1 */
+/**
+ * @sensitive-param $key
+ * @refcount 1
+ */
 function hash_hkdf(string $algo, string $key, int $length = 0, string $info = "", string $salt = ""): string {}
 
 #ifdef PHP_MHASH_BC

diff --git a/ext/hash/hash_arginfo.h b/ext/hash/hash_arginfo.h
diff --git a/ext/hash/tests/sensitive_parameter.phpt b/ext/hash/tests/sensitive_parameter.phpt
@@ -0,0 +1,24 @@
+--TEST--
+Test that sensitive parameters are marked sensitive.
+--FILE--
+<?php
+try {
+    var_dump(hash_equals('foo', null));
+} catch (\Throwable $e) {
+    echo $e, PHP_EOL;
+}
+try {
+    var_dump(hash_hmac('foo', 'bar', 'baz'));
+} catch (\Throwable $e) {
+    echo $e, PHP_EOL;
+}
+?>
+--EXPECTF--
+TypeError: hash_equals(): Argument #2 ($user_string) must be of type string, null given in %s:%d
+Stack trace:
+#0 %s(%d): hash_equals(Object(SensitiveParameterValue), Object(SensitiveParameterValue))
+#1 {main}
+ValueError: hash_hmac(): Argument #1 ($algo) must be a valid cryptographic hashing algorithm in %s:%d
+Stack trace:
+#0 %s(%d): hash_hmac('foo', 'bar', Object(SensitiveParameterValue))
+#1 {main}
diff --git a/ext/imap/php_imap.c b/ext/imap/php_imap.c
@@ -34,6 +34,7 @@
 #include "php.h"
 #include "php_ini.h"
 #include "php_streams.h"
+#include "Zend/zend_attributes.h"
 #include "Zend/zend_exceptions.h"
 #include "ext/standard/php_string.h"
 #include "ext/standard/info.h"

@@ -405,6 +405,7 @@
      */
     const IMAP_GC_TEXTS = UNKNOWN;
 
+    /** @sensitive-param $password */
     function imap_open(string $mailbox, string $user, string $password, int $flags = 0, int $retries = 0, array $options = []): IMAP\Connection|false {}
 
     function imap_reopen(IMAP\Connection $imap, string $mailbox, int $flags = 0, int $retries = 0): bool {}

diff --git a/ext/imap/php_imap_arginfo.h b/ext/imap/php_imap_arginfo.h
diff --git a/ext/ldap/ldap.c b/ext/ldap/ldap.c
@@ -28,6 +28,7 @@
 
 #include "php.h"
 #include "php_ini.h"
+#include "Zend/zend_attributes.h"
 
 #include <stddef.h>
 

@@ -610,6 +610,9 @@
 #endif
 
     #ifdef HAVE_ORALDAP
+    /**
+     * @sensitive-param $password
+     */
     function ldap_connect(?string $uri = null, int $port = 389, string $wallet = UNKNOWN, string $password = UNKNOWN, int $auth_mode = GSLC_SSL_NO_AUTH): LDAP\Connection|false {}
     #else
     function ldap_connect(?string $uri = null, int $port = 389): LDAP\Connection|false {}
@@ -620,11 +623,20 @@ function ldap_unbind(LDAP\Connection $ldap): bool {}
     /** @alias ldap_unbind */
     function ldap_close(LDAP\Connection $ldap): bool {}
 
+    /**
+     * @sensitive-param $password
+     */
     function ldap_bind(LDAP\Connection $ldap, ?string $dn = null, ?string $password = null): bool {}
 
+    /**
+     * @sensitive-param $password
+     */
     function ldap_bind_ext(LDAP\Connection $ldap, ?string $dn = null, ?string $password = null, ?array $controls = null): LDAP\Result|false {}
 
     #ifdef HAVE_LDAP_SASL
+    /**
+     * @sensitive-param $password
+     */
     function ldap_sasl_bind(LDAP\Connection $ldap, ?string $dn = null, ?string $password = null, ?string $mech = null, ?string $realm = null, ?string $authc_id = null, ?string $authz_id = null, ?string $props = null): bool {}
     #endif
 
@@ -779,6 +791,8 @@ function ldap_exop(LDAP\Connection $ldap, string $request_oid, ?string $request_
     #ifdef HAVE_LDAP_PASSWD
     /**
      * @param array $controls
+     * @sensitive-param $old_password
+     * @sensitive-param $new_password
      */
     function ldap_exop_passwd(LDAP\Connection $ldap, string $user = "", string $old_password = "", string $new_password = "", &$controls = null): string|bool {}
     #endif

diff --git a/ext/ldap/ldap_arginfo.h b/ext/ldap/ldap_arginfo.h
@@ -29,6 +29,7 @@
 #include "php_mysqli.h"
 #include "php_mysqli_structs.h"
 #include "mysqli_priv.h"
+#include "zend_attributes.h"
 #include "zend_exceptions.h"
 #include "ext/spl/spl_exceptions.h"
 #include "zend_interfaces.h"

@@ -149,6 +149,7 @@ public function autocommit(bool $enable): bool {}
     public function begin_transaction(int $flags = 0, ?string $name = null): bool {}
 
     /**
+     * @sensitive-param $password
      * @tentative-return-type
      * @alias mysqli_change_user
      */
@@ -174,6 +175,7 @@ public function close() {} // TODO make return type void
     public function commit(int $flags = 0, ?string $name = null): bool {}
 
     /**
+     * @sensitive-param $password
      * @tentative-return-type
      * @alias mysqli_connect
      * @no-verify
@@ -287,6 +289,7 @@ public function prepare(string $query): mysqli_stmt|false {}
     public function query(string $query, int $result_mode = MYSQLI_STORE_RESULT): mysqli_result|bool {}
 
     /**
+     * @sensitive-param $password
      * @tentative-return-type
      * @alias mysqli_real_connect
      */
@@ -740,6 +743,7 @@ function mysqli_autocommit(mysqli $mysql, bool $enable): bool {}
 
 function mysqli_begin_transaction(mysqli $mysql, int $flags = 0, ?string $name = null): bool {}
 
+/** @sensitive-param $password */
 function mysqli_change_user(mysqli $mysql, string $username, string $password, ?string $database): bool {}
 
 /** @refcount 1 */
@@ -750,7 +754,10 @@ function mysqli_close(mysqli $mysql): bool {} // TODO make return type void
 
 function mysqli_commit(mysqli $mysql, int $flags = 0, ?string $name = null): bool {}
 
-/** @refcount 1 */
+/**
+ * @refcount 1
+ * @sensitive-param $password
+ */
 function mysqli_connect(
     ?string $hostname = null,
     ?string $username = null,
@@ -925,6 +932,7 @@ function mysqli_report(int $flags): bool {}
 /** @refcount 1 */
 function mysqli_query(mysqli $mysql, string $query, int $result_mode = MYSQLI_STORE_RESULT): mysqli_result|bool {}
 
+/** @sensitive-param $password */
 function mysqli_real_connect(
     mysqli $mysql,
     ?string $hostname = null,

diff --git a/ext/oci8/oci8.c b/ext/oci8/oci8.c
@@ -31,6 +31,7 @@
 #include "php.h"
 #include "ext/standard/info.h"
 #include "php_ini.h"
+#include "zend_attributes.h"
 #include "zend_smart_str.h"
 
 #ifdef HAVE_OCI8
@@ -385,6 +386,8 @@ PHP_MINIT_FUNCTION(oci)
 
 	REGISTER_LONG_CONSTANT("OCI_FO_RETRY", OCI_FO_RETRY, CONST_CS | CONST_PERSISTENT);
 
+	register_oci8_symbols(module_number);
+
 	return SUCCESS;
 }
 

@@ -294,32 +294,42 @@ function oci_close($connection): ?bool {}
  */
 function ocilogoff($connection): ?bool {}
 
-/** @return resource|false */
+/**
+ * @sensitive-param $password
+ * @return resource|false
+ */
 function oci_new_connect(string $username, string $password, ?string $connection_string = null, string $encoding = "", int $session_mode = OCI_DEFAULT) {}
 
 /**
+ * @sensitive-param $password
  * @return resource|false
  * @alias oci_new_connect
  * @deprecated
  */
 function ocinlogon(string $username, string $password, ?string $connection_string = null, string $encoding = "", int $session_mode = OCI_DEFAULT) {}
 
 /**
+ * @sensitive-param $password
  * @return resource|false
  */
 function oci_connect(string $username, string $password, ?string $connection_string = null, string $encoding = "", int $session_mode = OCI_DEFAULT) {}
 
 /**
+ * @sensitive-param $password
  * @return resource|false
  * @alias oci_connect
  * @deprecated
  */
 function ocilogon(string $username, string $password, ?string $connection_string = null, string $encoding = "", int $session_mode = OCI_DEFAULT) {}
 
-/** @return resource|false */
+/**
+ * @sensitive-param $password
+ * @return resource|false
+ */
 function oci_pconnect(string $username, string $password, ?string $connection_string = null, string $encoding = "", int $session_mode = OCI_DEFAULT) {}
 
 /**
+ * @sensitive-param $password
  * @return resource|false
  * @alias oci_pconnect
  * @deprecated