-
-
Notifications
You must be signed in to change notification settings - Fork 4.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ensure that the hash method does not return null #46218
Conversation
/backport to stable29 |
/backport to stable28 |
/backport to stable27 |
4896b63
to
4269166
Compare
public function hash($type, $path, $raw = false) { | ||
return hash_file($type, $this->getSourcePath($path), $raw); | ||
public function hash($type, $path, $raw = false): string|false { | ||
return hash_file($type, $this->getSourcePath($path), $raw) ?? false; |
Check failure
Code scanning / Psalm
TypeDoesNotContainNull Error
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
https://www.php.net/manual/en/function.hash-file.php says that the method never returns null, is that wrong?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lib/private/Files/Storage/Wrapper/Availability.php
may return null from hash()
.
lib/private/Security/Bruteforce/Backend/MemoryCacheBackend.php
also but I am not sure it’s the same hash
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lib/private/Files/Storage/Wrapper/Availability.php may return null from hash().
Where do you see that?
server/lib/private/Files/Storage/Wrapper/Availability.php
Lines 331 to 339 in 8dcf933
public function hash($type, $path, $raw = false) { | |
$this->checkAvailability(); | |
try { | |
return parent::hash($type, $path, $raw); | |
} catch (StorageNotAvailableException $e) { | |
$this->setUnavailable($e); | |
} | |
} | |
I am also surprised that hash_file
returns null
even though the doc says otherwise.
lib/private/Security/Bruteforce/Backend/MemoryCacheBackend.php also but I am not sure it’s the same hash.
Indeed, I don't think this is the same hash
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In the catch branch there is no return
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do you have evidence that hash_file returns null apart from this stacktrace? If this is true it should be reported to the PHP project.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In the catch branch there is no return
Right, missed that 🙈. I pushed a fixed to add a proper return value.
I will also investigate where does the null value come from.
4269166
to
ae8c728
Compare
Should this be backported to (eol) 27? |
ae8c728
to
3a61867
Compare
lib/private/Files/Storage/Local.php
Outdated
if ($hash === null) { | ||
return false; | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I read the C code of the PHP function and I really see no possibility for hash_file to return null.
https://github.com/php/php-src/blob/master/ext/hash/hash.c#L460
points to
https://github.com/php/php-src/blob/master/ext/hash/hash.c#L358
It returns false, string or throws.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would suggest to remove this null check, only keep the fix in lib/private/Files/Storage/Wrapper/Availability.php and the strong return type here, and merge that.
Co-authored-by: Ferdinand Thiessen <[email protected]> Signed-off-by: John Molakvoæ <[email protected]>
b392f5d
to
9acaf07
Compare
/backport to stable30 |
\OC\Files\View::hash()
: Return value must be of typestring|bool
,null
returned #44110To match:
server/lib/private/Files/View.php
Line 1050 in beececf