From 04667a6acf98b20cda8e8529d78a3428e0544b9c Mon Sep 17 00:00:00 2001 From: Robert Landers Date: Sat, 15 Nov 2025 13:19:50 +0100 Subject: [PATCH] Change zend_ast_kind and zend_ast_attr from uint16_t to uint32_t The zend_ast_attr type was defined as uint16_t, limiting it to 16 bits, but it's used to store ZEND_ACC_* flags which can use bits up to 31: - ZEND_ACC_OVERRIDE = (1 << 28) - ZEND_ACC_ENUM = (1 << 28) - ZEND_ACC_STRICT_TYPES = (1U << 31) While current code doesn't appear to assign these high-bit flags to ast->attr fields, the type mismatch creates a potential bug where any future code attempting to store ZEND_ACC flags with bits 16-31 would have those bits silently truncated to zero. Additionally, several functions (zend_ast_create_va, zend_ast_create_ex_*, etc.) accept uint32_t or zend_ast_attr parameters before assigning to the attr field, creating a truncation point at line 821 in zend_language_parser.y where zend_modifier_list_to_flags() returns uint32_t. This change: 1. Changes zend_ast_kind typedef from uint16_t to uint32_t 2. Changes zend_ast_attr typedef from uint16_t to uint32_t Extending kind to uint32_t maintains natural alignment without requiring explicit padding fields. The structure sizes remain unchanged. Padding was already present implicitly due to alignment. --- Zend/zend_ast.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Zend/zend_ast.h b/Zend/zend_ast.h index fb48b187252b3..bb43237e325a2 100644 --- a/Zend/zend_ast.h +++ b/Zend/zend_ast.h @@ -182,8 +182,8 @@ enum _zend_ast_kind { ZEND_AST_PARAM = 6 << ZEND_AST_NUM_CHILDREN_SHIFT, }; -typedef uint16_t zend_ast_kind; -typedef uint16_t zend_ast_attr; +typedef uint32_t zend_ast_kind; +typedef uint32_t zend_ast_attr; struct _zend_ast { zend_ast_kind kind; /* Type of the node (ZEND_AST_* enum constant) */