Throw a ValueError when the parameter includes NUL bytes in putenv and getenv#21817
Merged
Girgias merged 7 commits intophp:masterfrom Apr 21, 2026
Merged
Throw a ValueError when the parameter includes NUL bytes in putenv and getenv#21817Girgias merged 7 commits intophp:masterfrom
putenv and getenv#21817Girgias merged 7 commits intophp:masterfrom
Conversation
LamentXU123
changed the title
putenvputenv and getenv
mvorisek
reviewed
Apr 21, 2026
devnexen
reviewed
Apr 21, 2026
| argument value is passed. (Girgias) | ||
| . linkinfo() now raises a ValueError when the argument is an empty string. | ||
| (Weilin Du) | ||
| . getenv() now raises a ValueError when the $name argument contains null |
Member
There was a problem hiding this comment.
nit: I think getenv()/putenv() entries can be crammed into one wdyt ?
Member
There was a problem hiding this comment.
Yeah indeed, a single entry is probably easier.
Girgias
approved these changes
Apr 21, 2026
Member
Girgias
left a comment
Girgias
left a comment
There was a problem hiding this comment.
Thank you! Minor nit about the NEWS/UPGRADING entry but lgtm otherwise :)
| argument value is passed. (Girgias) | ||
| . linkinfo() now raises a ValueError when the argument is an empty string. | ||
| (Weilin Du) | ||
| . getenv() now raises a ValueError when the $name argument contains null |
Member
There was a problem hiding this comment.
Yeah indeed, a single entry is probably easier.
Contributor
Author
|
Fixed :) Not that much sure if the wording here is proper. I use |
devnexen
approved these changes
Apr 21, 2026
jordikroon
added a commit
to jordikroon/php-src
that referenced
this pull request
Apr 21, 2026
* master: (26 commits) Fix usage of optimize attribute on unsupported compilers (phpGH-21819) PHP 8.4 is now for PHP 8.4.22-dev ext/phar: remove `phar_archive_data->alias == phar_archive_data->fname` checks (php#21820) [skip ci] Mark curl/bug71523.phpt as online test [skip ci] Sort paths-ignore and remove cirrus [skip ci] Tweak paths-ignore ext/standard: Throw a ValueError when the parameter includes NUL bytes in `putenv` and `getenv` (php#21817) ext/session: fix missing zval_ptr_dtor for retval in PS_GC_FUNC(user) [skip ci] Backport CI changes ext/gmp: reject values larger than unsigned long in gmp_pow/binomial/root/rootrem and shift/pow operators. Update NEWS for recent bug fixes ext/phar: Fix memory leak in phar_verify_signature() when md_ctx is invalid phar: propagate phar_stream_flush return value from phar_stream_close phar: call phar_entry_delref before goto finish in phar_add_file error paths phar: free is_temp_dir entry before rejecting .phar/* paths in offsetGet phar: fix NULL dereference in Phar::webPhar() when SCRIPT_NAME is absent phar: restore is_link handler in phar_intercept_functions_shutdown ext/session: improve parsing of session.cookie_lifetime (php#21704) /ext/standard: Check for empty string in linkinfo() (php#21793) [Windows] Improve clang-cl support (php#21618) ...
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Currently string in
putenvandgetenvcan be truncated by NUL:output:
Reproduce in https://3v4l.org/ngSWJ
According to the newest policy these cases are supposed to resulted in a ValueError.