From 8a6ded3d504a3afdb8228dfba65cee17225f24d8 Mon Sep 17 00:00:00 2001 From: Arnaud Le Blanc Date: Wed, 12 Nov 2025 17:47:45 +0100 Subject: [PATCH] Prevent late calls to zend_add_system_entropy() --- Zend/zend_system_id.c | 16 ++++++++-------- ext/opcache/ZendAccelerator.c | 7 ++++++- ext/opcache/jit/zend_jit.c | 8 ++++++-- ext/opcache/jit/zend_jit.h | 3 ++- 4 files changed, 22 insertions(+), 12 deletions(-) diff --git a/Zend/zend_system_id.c b/Zend/zend_system_id.c index 2c3ebab0f4807..1fbcc72b4fb70 100644 --- a/Zend/zend_system_id.c +++ b/Zend/zend_system_id.c @@ -28,15 +28,15 @@ static int finalized = 0; ZEND_API zend_result zend_add_system_entropy(const char *module_name, const char *hook_name, const void *data, size_t size) { - if (finalized == 0) { - PHP_MD5Update(&context, module_name, strlen(module_name)); - PHP_MD5Update(&context, hook_name, strlen(hook_name)); - if (size) { - PHP_MD5Update(&context, data, size); - } - return SUCCESS; + ZEND_ASSERT(finalized == 0 && "zend_add_system_entropy() must not be called after zend_finalize_system_id()"); + + PHP_MD5Update(&context, module_name, strlen(module_name)); + PHP_MD5Update(&context, hook_name, strlen(hook_name)); + if (size) { + PHP_MD5Update(&context, data, size); } - return FAILURE; + + return SUCCESS; } #define ZEND_BIN_ID "BIN_" ZEND_TOSTR(SIZEOF_INT) ZEND_TOSTR(SIZEOF_LONG) ZEND_TOSTR(SIZEOF_SIZE_T) ZEND_TOSTR(SIZEOF_ZEND_LONG) ZEND_TOSTR(ZEND_MM_ALIGNMENT) diff --git a/ext/opcache/ZendAccelerator.c b/ext/opcache/ZendAccelerator.c index e6a2b90e8fffc..965b5c5f4b484 100644 --- a/ext/opcache/ZendAccelerator.c +++ b/ext/opcache/ZendAccelerator.c @@ -3221,6 +3221,11 @@ static int accel_startup(zend_extension *extension) orig_post_startup_cb = zend_post_startup_cb; zend_post_startup_cb = accel_post_startup; +#ifdef HAVE_JIT + if (JIT_G(enabled)) { + zend_jit_startup(); + } +#endif /* Prevent unloading */ extension->handle = 0; @@ -3327,7 +3332,7 @@ static zend_result accel_post_startup(void) } else if (!ZSMMG(reserved)) { zend_accel_error_noreturn(ACCEL_LOG_FATAL, "Could not enable JIT: could not use reserved buffer!"); } else { - zend_jit_startup(ZSMMG(reserved), jit_size, reattached); + zend_jit_post_startup(ZSMMG(reserved), jit_size, reattached); zend_jit_startup_ok = true; } } diff --git a/ext/opcache/jit/zend_jit.c b/ext/opcache/jit/zend_jit.c index 3ffb669e84742..ff14d2b15b375 100644 --- a/ext/opcache/jit/zend_jit.c +++ b/ext/opcache/jit/zend_jit.c @@ -3774,10 +3774,14 @@ int zend_jit_check_support(void) return SUCCESS; } -void zend_jit_startup(void *buf, size_t size, bool reattached) +void zend_jit_startup(void) { - zend_jit_halt_op = zend_get_halt_op(); zend_jit_profile_counter_rid = zend_get_op_array_extension_handle(ACCELERATOR_PRODUCT_NAME); +} + +void zend_jit_post_startup(void *buf, size_t size, bool reattached) +{ + zend_jit_halt_op = zend_get_halt_op(); #ifdef HAVE_PTHREAD_JIT_WRITE_PROTECT_NP zend_write_protect = pthread_jit_write_protect_supported_np(); diff --git a/ext/opcache/jit/zend_jit.h b/ext/opcache/jit/zend_jit.h index 9b8e054d2292f..f5ea534e99829 100644 --- a/ext/opcache/jit/zend_jit.h +++ b/ext/opcache/jit/zend_jit.h @@ -162,7 +162,8 @@ void zend_jit_init(void); int zend_jit_config(zend_string *jit_options, int stage); int zend_jit_debug_config(zend_long old_val, zend_long new_val, int stage); int zend_jit_check_support(void); -void zend_jit_startup(void *jit_buffer, size_t size, bool reattached); +void zend_jit_startup(void); +void zend_jit_post_startup(void *jit_buffer, size_t size, bool reattached); void zend_jit_shutdown(void); void zend_jit_activate(void); void zend_jit_deactivate(void);