-
-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Validate memory_limit
option
#56
base: 2.4.x
Are you sure you want to change the base?
Conversation
…ormalizing memoy value; Added tests for setMemoryOptions()
I am not really concerned about this change. This introduces handling for invalid
I would instead enhance the documentation to outline that in case that a string value, passed as Do we have other opinions here? I mean, there was already quite some discussion. |
I'm with you at this. Why would someone expect a format to work which is no standard anywhere? |
But that is what you are trying to support with this PR, no? |
No, this is a misunderstanding. The only thing I wanted to fix is the usage of I just added the test to "show" that it is currently wrong because it does return 256 (bytes). M256 and G1024 would go out of the test when we found a solution. Sorry, this was confusing from my side to put the two values into the data set. |
Okay, let me rephrase what we want to achieve with this PR:
Did I forgot something? Let me know! Could you probably refactor this PR to have only those changes in place? Happy to merge that once thats done (maybe not today but definitely in the next days). That would be perfect. Thanks in advance for contributing this!
Ah I see, well that escalated quickly 😂 However, lets try to focus on the initial problem. I'd just add a proper failing test for the invalid values. That should outline that the memory limit is not validated as it should be. Then we can have the fix in place and are good to go. |
Yes, that's correctly summarized. Point 1: Already done. |
…i's memory limit as default value Signed-off-by: Alex Schloegl <alex@try2catch.com>
Signed-off-by: Alex Schloegl <alex@try2catch.com>
I adapted the things we discussed. Please have a look if that suits you. Maybe you can double check the regex which I had to adapt to disallow M128, G1024, etc. The code formatting makes me crazy. I have to check how to apply phpcs.xml in PHPStorm 😂 |
🤚🏼 |
src/MemoryOptions.php
Outdated
*/ | ||
protected function normalizeMemoryLimit($value) | ||
{ | ||
if (is_numeric($value)) { | ||
return (int) $value; | ||
} | ||
|
||
if (! preg_match('/(\-?\d+)\s*(\w*)/', ini_get('memory_limit'), $matches)) { | ||
throw new Exception\InvalidArgumentException("Invalid memory limit '{$value}'"); | ||
if (! preg_match('/^(\-?\d+)\s*(\w*)$/', $value, $matches)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think I'm fine with this one. I would say lets remove the $
for now.
I still wonder why a negative numeric value would be okay here but who am I to judge this ancient code.
Most probably only @weierophinney or @marc-mabe are aware of that and thus lets keep it for now. Could be removed in next major.
I most probably keep that in mind until then.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
negative numeric is for -1 = no limit
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yup, but thats how it worked before as well.
If s1 wants to set unlimited memory, thats fine in the current major as thats how it works since like forever.
I am open to discuss this in an RFC for the next major version, would you agree on that?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think after dropping the $
in the regex, this PR is ready to get merged.
Signed-off-by: Alex Schloegl <alex@try2catch.com>
Done :) |
Why |
memory_limit
option
Because it was introduced in this patch. Passing something like I think in next major, we should do something like: if (is_numeric($value)) {
return (int) $value;
}
if (! preg_match('/^(?<value>\-?\d+)\s+?(?<unit>[GMK])?$/i', trim($value), $matches)) {
throw new Exception\InvalidArgumentException(sprintf(
'Invalid memory limit "%s" passed. Must be compatible with PHP shorthand bytes notation',
$value,
));
}
$value (int) $matches['value'];
$unit = strtoupper($matches['unit']);
if ($value < -1) {
throw new Exception\InvalidArgumentException('Provided memory limit must represent a value greater than or equal to `-1`');
}
return match ($unit) {
'G' => $value * 1024 * 1024 * 1024,
'M' => $value * 1024 * 1024,
'K' => $value * 1024,
default => $value,
}; Fine for every1? |
Signed-off-by: Alex Schloegl <alex@try2catch.com>
Sounds good to me. I will add "-1" and -1 to the valid data set. |
Signed-off-by: Alex Schloegl <alex@try2catch.com>
Description
Passing invalid options via
MemoryOptions#setMemoryLimit
or viaMemoryOptions#__construct
, the actualmemory_limit
option is not properly validated.