diff --git a/package.xml b/package.xml
index 3c14c48..832729f 100644
--- a/package.xml
+++ b/package.xml
@@ -10,10 +10,10 @@
tom@ctors.net
yes
- 2018-10-13
+ 2022-10-07
- 2.0.2
- 2.0.2
+ 2.0.3
+ 2.0.3
stable
@@ -21,7 +21,7 @@
ISC License
-- correct reflection information
+- handle EFAULT errors
@@ -58,6 +58,21 @@
pledge
+
+ 2018-10-13
+
+ 2.0.2
+ 2.0.2
+
+
+ stable
+ stable
+
+ ISC License
+
+- correct reflection information
+
+
2016-10-12
diff --git a/php_pledge.h b/php_pledge.h
index 8975f71..91d4c90 100644
--- a/php_pledge.h
+++ b/php_pledge.h
@@ -1,7 +1,7 @@
/* php_pledge.h */
#define PHP_PLEDGE_EXTNAME "pledge"
-#define PHP_PLEDGE_VERSION "2.0.2"
+#define PHP_PLEDGE_VERSION "2.0.3"
extern zend_module_entry pledge_module_entry;
#define phpext_pledge_ptr &check_pledge_entry
diff --git a/pledge.c b/pledge.c
index b5769fb..57829b7 100644
--- a/pledge.c
+++ b/pledge.c
@@ -66,7 +66,7 @@ zend_module_entry pledge_module_entry = {
/* Install module */
ZEND_GET_MODULE(pledge)
-/* function pledge(string $promises = null, string $execpromises = null): bool */
+/* function pledge(?string $promises = null, ?string $execpromises = null): bool */
PHP_FUNCTION(pledge) {
char *promises = NULL;
size_t promises_len = 0;
@@ -84,20 +84,39 @@ PHP_FUNCTION(pledge) {
}
switch (errno) {
+ case EFAULT:
+ zend_throw_exception(
+ pledge_exception_ce,
+ "promises or execpromises points outside the process's allocated address space",
+ errno
+ );
+ break;
case EINVAL:
- zend_throw_exception(pledge_exception_ce, "Invalid promise in promises string", errno);
+ zend_throw_exception(
+ pledge_exception_ce,
+ "promises is malformed or contains invalid keywords",
+ errno
+ );
break;
case EPERM:
- zend_throw_exception(pledge_exception_ce, "Attempt to increase permissions", errno);
+ zend_throw_exception(
+ pledge_exception_ce,
+ "This process is attempting to increase permissions",
+ errno
+ );
break;
default:
- zend_throw_exception(pledge_exception_ce, "Pledge error", errno);
+ zend_throw_exception(
+ pledge_exception_ce,
+ "Pledge error",
+ errno
+ );
}
RETURN_FALSE;
}
-/* function unveil(string $path = null, string $permissions = null): bool */
+/* function unveil(?string $path = null, ?string $permissions = null): bool */
PHP_FUNCTION(unveil) {
char *path = NULL;
size_t path_len = 0;
@@ -115,20 +134,47 @@ PHP_FUNCTION(unveil) {
}
switch (errno) {
- case EINVAL:
- zend_throw_exception(unveil_exception_ce, "Invalid permission value", errno);
- break;
- case EPERM:
- zend_throw_exception(unveil_exception_ce, "Attempt to increase permissions", errno);
- break;
case E2BIG:
- zend_throw_exception(unveil_exception_ce, "Too many unveiled paths", errno);
+ zend_throw_exception(
+ unveil_exception_ce,
+ "The addition of path would exceed the per-process limit for unveiled paths",
+ errno
+ );
+ break;
+ case EFAULT:
+ zend_throw_exception(
+ unveil_exception_ce,
+ "path or permissions points outside the process's allocated address space",
+ errno
+ );
break;
case ENOENT:
- zend_throw_exception(unveil_exception_ce, "No such directory", errno);
+ zend_throw_exception(
+ unveil_exception_ce,
+ "A directory in path did not exist",
+ errno
+ );
+ break;
+ case EINVAL:
+ zend_throw_exception(
+ unveil_exception_ce,
+ "An invalid value of permissions was used",
+ errno
+ );
+ break;
+ case EPERM:
+ zend_throw_exception(
+ unveil_exception_ce,
+ "An attempt to increase permissions was made, or the path was not accessible, or unveil() was called after locking",
+ errno
+ );
break;
default:
- zend_throw_exception(unveil_exception_ce, "Unveil error", errno);
+ zend_throw_exception(
+ unveil_exception_ce,
+ "Unveil error",
+ errno
+ );
}
RETURN_FALSE;
diff --git a/tests/pledge_increase_permissions.phpt b/tests/pledge_increase_permissions.phpt
index d5f0e83..1f5fcda 100644
--- a/tests/pledge_increase_permissions.phpt
+++ b/tests/pledge_increase_permissions.phpt
@@ -11,5 +11,5 @@ try {
}
?>
--EXPECT--
-string(31) "Attempt to increase permissions"
+string(50) "This process is attempting to increase permissions"
int(1)
diff --git a/tests/pledge_invalid_promise.phpt b/tests/pledge_invalid_promise.phpt
index 9ef1d5c..6a46b4d 100644
--- a/tests/pledge_invalid_promise.phpt
+++ b/tests/pledge_invalid_promise.phpt
@@ -10,5 +10,5 @@ try {
}
?>
--EXPECT--
-string(34) "Invalid promise in promises string"
+string(50) "promises is malformed or contains invalid keywords"
int(22)
diff --git a/tests/reflection.phpt b/tests/reflection.phpt
index 0f36752..0aeca6c 100644
--- a/tests/reflection.phpt
+++ b/tests/reflection.phpt
@@ -34,8 +34,8 @@ array(2) {
string(12) "execpromises"
}
}
-string(6) "string"
-string(6) "string"
+string(7) "?string"
+string(7) "?string"
string(4) "bool"
array(2) {
[0]=>
@@ -49,5 +49,5 @@ array(2) {
string(11) "permissions"
}
}
-string(6) "string"
-string(6) "string"
+string(7) "?string"
+string(7) "?string"
diff --git a/tests/unveil_increase_attempt.phpt b/tests/unveil_increase_attempt.phpt
index 153fb79..13965a5 100644
--- a/tests/unveil_increase_attempt.phpt
+++ b/tests/unveil_increase_attempt.phpt
@@ -7,7 +7,7 @@ unveil();
unveil('/etc/', 'r');
?>
--EXPECTF--
-Fatal error: Uncaught Exception: Attempt to increase permissions in %s:%d
+Fatal error: Uncaught Exception: An attempt to increase permissions was made, or the path was not accessible, or unveil() was called after locking in %s:%d
Stack trace:
#0 %s(%d): unveil('/etc/', 'r')
#1 {main}
diff --git a/tests/unveil_readonly.phpt b/tests/unveil_readonly.phpt
index afd9a6f..a92b515 100644
--- a/tests/unveil_readonly.phpt
+++ b/tests/unveil_readonly.phpt
@@ -9,4 +9,4 @@ file_put_contents('test', 'test');
--EXPECTF--
bool(true)
-Warning: file_put_contents(test): failed to open stream: No such file or directory in %s on line %d
+Warning: file_put_contents(test): Failed to open stream: No such file or directory in %s on line %d