1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
|
From ee5e383c6bbca94d5f93134510468b3fe87a470c Mon Sep 17 00:00:00 2001
From: jvoisin <julien.voisin@dustri.org>
Date: Sun, 31 Aug 2025 16:05:44 +0200
Subject: [PATCH] Add support for PHP8.5
---
.github/workflows/builds.yml | 1 +
src/sp_cookie_encryption.c | 23 +++++++++++++++++--
...isabled_functions_shell_exec_backtick.phpt | 1 +
...led_functions_shell_exec_backtick_var.phpt | 1 +
...ctions_shell_exec_backtick_var_string.phpt | 1 +
5 files changed, 25 insertions(+), 2 deletions(-)
diff --git a/src/sp_cookie_encryption.c b/src/sp_cookie_encryption.c
index c833f943..ec5c7c2d 100644
--- a/src/sp_cookie_encryption.c
+++ b/src/sp_cookie_encryption.c
@@ -48,7 +48,11 @@ static zend_string *encrypt_data(zend_string *data) {
#if PHP_VERSION_ID >= 70300
static void php_head_parse_cookie_options_array(
zval *options, zend_long *expires, zend_string **path, zend_string **domain,
- zend_bool *secure, zend_bool *httponly, zend_string **samesite) {
+ zend_bool *secure, zend_bool *httponly, zend_string **samesite
+#if PHP_VERSION_ID >= 80500
+ ,bool *partitioned
+#endif
+ ) {
int found = 0;
zend_string *key;
zval *value;
@@ -73,6 +77,11 @@ static void php_head_parse_cookie_options_array(
} else if (zend_string_equals_literal_ci(key, "samesite")) {
*samesite = zval_get_string(value);
found++;
+#if PHP_VERSION_ID >= 80500
+ } else if (zend_string_equals_literal_ci(key, "partitioned")) {
+ *partitioned = zval_is_true(value);
+ found++;
+#endif
} else {
php_error_docref(NULL, E_WARNING,
"Unrecognized key '%s' found in the options array",
@@ -94,6 +103,9 @@ static void php_head_parse_cookie_options_array(
#endif
PHP_FUNCTION(sp_setcookie) {
+#if PHP_VERSION_ID >= 80500
+ zend_bool partitioned;
+#endif
zend_string *name = NULL, *value = NULL, *path = NULL, *domain = NULL,
*value_enc = NULL,
#if PHP_VERSION_ID < 70300
@@ -133,7 +145,11 @@ PHP_FUNCTION(sp_setcookie) {
}
php_head_parse_cookie_options_array(expires_or_options, &expires, &path,
&domain, &secure, &httponly,
+#if PHP_VERSION_ID < 80500
&samesite);
+#else
+ &samesite, &partitioned);
+#endif
} else {
expires = zval_get_long(expires_or_options);
}
@@ -194,9 +210,12 @@ PHP_FUNCTION(sp_setcookie) {
if (php_setcookie(name, (value_enc ? value_enc : value), expires,
(path_samesite ? path_samesite : path), domain, secure, 1,
httponly) == SUCCESS) {
-#else
+#elif PHP_VERSION_ID < 80500
if (php_setcookie(name, (value_enc ? value_enc : value), expires, path,
domain, secure, httponly, samesite, 1) == SUCCESS) {
+#else
+ if (php_setcookie(name, (value_enc ? value_enc : value), expires, path,
+ domain, secure, httponly, samesite, partitioned, false) == SUCCESS) {
#endif
RETVAL_TRUE;
} else {
diff --git a/src/tests/disable_function/disabled_functions_shell_exec_backtick.phpt b/src/tests/disable_function/disabled_functions_shell_exec_backtick.phpt
index aeb64c29..6f53ceae 100644
--- a/src/tests/disable_function/disabled_functions_shell_exec_backtick.phpt
+++ b/src/tests/disable_function/disabled_functions_shell_exec_backtick.phpt
@@ -4,6 +4,7 @@ Disable functions - shell_exec via backtick operator
<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
--INI--
sp.configuration_file={PWD}/config/disabled_functions_extra.ini
+error_reporting = E_ALL & ~E_DEPRECATED
--FILE--
<?php
echo `ls`;
diff --git a/src/tests/disable_function/disabled_functions_shell_exec_backtick_var.phpt b/src/tests/disable_function/disabled_functions_shell_exec_backtick_var.phpt
index a312acfb..6ea5865d 100644
--- a/src/tests/disable_function/disabled_functions_shell_exec_backtick_var.phpt
+++ b/src/tests/disable_function/disabled_functions_shell_exec_backtick_var.phpt
@@ -4,6 +4,7 @@ Disable functions - shell_exec via backtick operator in context of a var name
<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
--INI--
sp.configuration_file={PWD}/config/disabled_functions_extra.ini
+error_reporting = E_ALL & ~E_DEPRECATED
--FILE--
<?php
echo ${`ls`};
diff --git a/src/tests/disable_function/disabled_functions_shell_exec_backtick_var_string.phpt b/src/tests/disable_function/disabled_functions_shell_exec_backtick_var_string.phpt
index ea77a7dd..f1175680 100644
--- a/src/tests/disable_function/disabled_functions_shell_exec_backtick_var_string.phpt
+++ b/src/tests/disable_function/disabled_functions_shell_exec_backtick_var_string.phpt
@@ -4,6 +4,7 @@ Disable functions - shell_exec via backtick operator in context of a var name in
<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
--INI--
sp.configuration_file={PWD}/config/disabled_functions_extra.ini
+error_reporting = E_ALL & ~E_DEPRECATED
--FILE--
<?php
echo "{${`ls`}}";
From 9509733befcb4010bc77b06fcf41e77078976e80 Mon Sep 17 00:00:00 2001
From: jvoisin <julien.voisin@dustri.org>
Date: Wed, 1 Oct 2025 13:44:06 +0200
Subject: [PATCH] Fix a cookie-related warning for PHP8.5.0
```
========DIFF========
001- OK
001+ Fatal error: Uncaught ValueError: setcookie(): "partitioned" option cannot be used without "secure" option in /builddir/build/BUILD/snuffleupagus-1c7598c432551d0c49c2c57f249ccd5ccabce638/src/tests/samesite_cookies.php:2
002+ Stack trace:
003+ #0 /builddir/build/BUILD/snuffleupagus-1c7598c432551d0c49c2c57f249ccd5ccabce638/src/tests/samesite_cookies.php(2): setcookie('super_cookie', 'super_value')
004+ #1 {main}
005+ thrown in /builddir/build/BUILD/snuffleupagus-1c7598c432551d0c49c2c57f249ccd5ccabce638/src/tests/samesite_cookies.php on line 2
========DONE========
FAIL Cookie samesite [tests/samesite_cookies.phpt]
```
Even though the warning might be spurious, let's fix this properly, by
initialising `partitioned` to false, and by setting it only if `secure` is set
as well.
---
src/sp_cookie_encryption.c | 15 +++++++++------
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/src/sp_cookie_encryption.c b/src/sp_cookie_encryption.c
index ec5c7c2d..888d2178 100644
--- a/src/sp_cookie_encryption.c
+++ b/src/sp_cookie_encryption.c
@@ -104,7 +104,7 @@ static void php_head_parse_cookie_options_array(
PHP_FUNCTION(sp_setcookie) {
#if PHP_VERSION_ID >= 80500
- zend_bool partitioned;
+ zend_bool partitioned = false;
#endif
zend_string *name = NULL, *value = NULL, *path = NULL, *domain = NULL,
*value_enc = NULL,
@@ -144,12 +144,11 @@ PHP_FUNCTION(sp_setcookie) {
RETURN_FALSE;
}
php_head_parse_cookie_options_array(expires_or_options, &expires, &path,
- &domain, &secure, &httponly,
-#if PHP_VERSION_ID < 80500
- &samesite);
-#else
- &samesite, &partitioned);
+ &domain, &secure, &httponly, &samesite
+#if PHP_VERSION_ID >= 80500
+ , &partitioned
#endif
+ );
} else {
expires = zval_get_long(expires_or_options);
}
@@ -214,6 +213,10 @@ PHP_FUNCTION(sp_setcookie) {
if (php_setcookie(name, (value_enc ? value_enc : value), expires, path,
domain, secure, httponly, samesite, 1) == SUCCESS) {
#else
+ if (!secure) {
+ // Can't have partitioned cookies without the secure flag.
+ partitioned = false;
+ }
if (php_setcookie(name, (value_enc ? value_enc : value), expires, path,
domain, secure, httponly, samesite, partitioned, false) == SUCCESS) {
#endif
|
