Change zend_ast_attr from uint16_t to uint32_t

withinboredom · withinboredom · commit 062d1866b44c · 2025-11-15T13:20:50.000+01:00
The zend_ast_attr type was defined as uint16_t, limiting it to 16 bits,
but it's used to store ZEND_ACC_* flags which can use bits up to 31:

- ZEND_ACC_OVERRIDE = (1 &lt;&lt; 28)
- ZEND_ACC_ENUM = (1 &lt;&lt; 28)
- ZEND_ACC_STRICT_TYPES = (1U &lt;&lt; 31)

While current code doesn't appear to assign these high-bit flags to
ast-&gt;attr fields, the type mismatch creates a potential bug where any
future code attempting to store ZEND_ACC flags with bits 16-31 would
have those bits silently truncated to zero.

This change:
1. Changes zend_ast_attr typedef from uint16_t to uint32_t
2. Adds explicit uint16_t __pad field to all AST structures after the
   kind field to maintain the same memory layout (padding was already
   present implicitly due to alignment)

The structure sizes remain unchanged: we're making existing implicit
padding explicit and widening the attr field to properly accommodate
all ZEND_ACC_* flag values.
diff --git a/Zend/zend_ast.h b/Zend/zend_ast.h
@@ -183,10 +183,11 @@ enum _zend_ast_kind {
 };
 
 typedef uint16_t zend_ast_kind;
-typedef uint16_t zend_ast_attr;
+typedef uint32_t zend_ast_attr;
 
 struct _zend_ast {
 	zend_ast_kind kind; /* Type of the node (ZEND_AST_* enum constant) */
+	uint16_t __pad;     /* Padding for alignment */
 	zend_ast_attr attr; /* Additional attribute, use depending on node type */
 	uint32_t lineno;    /* Line number */
 	zend_ast *child[1]; /* Array of children (using struct hack) */
@@ -195,6 +196,7 @@ struct _zend_ast {
 /* Same as zend_ast, but with children count, which is updated dynamically */
 typedef struct _zend_ast_list {
 	zend_ast_kind kind;
+	uint16_t __pad;     /* Padding for alignment */
 	zend_ast_attr attr;
 	uint32_t lineno;
 	uint32_t children;
@@ -204,6 +206,7 @@ typedef struct _zend_ast_list {
 /* Lineno is stored in val.u2.lineno */
 typedef struct _zend_ast_zval {
 	zend_ast_kind kind;
+	uint16_t __pad;     /* Padding for alignment */
 	zend_ast_attr attr;
 	zval val;
 } zend_ast_zval;
@@ -212,6 +215,7 @@ typedef struct _zend_op_array zend_op_array;
 
 typedef struct _zend_ast_op_array {
 	zend_ast_kind kind;
+	uint16_t __pad;     /* Padding for alignment */
 	zend_ast_attr attr;
 	uint32_t lineno;
 	zend_op_array *op_array;
@@ -220,6 +224,7 @@ typedef struct _zend_ast_op_array {
 /* Separate structure for function and class declaration, as they need extra information. */
 typedef struct _zend_ast_decl {
 	zend_ast_kind kind;
+	uint16_t __pad;     /* Padding for alignment */
 	zend_ast_attr attr;
 	uint32_t start_lineno;
 	uint32_t end_lineno;
@@ -231,6 +236,7 @@ typedef struct _zend_ast_decl {
 
 typedef struct _zend_ast_fcc {
 	zend_ast_kind kind; /* Type of the node (ZEND_AST_* enum constant) */
+	uint16_t __pad;     /* Padding for alignment */
 	zend_ast_attr attr; /* Additional attribute, use depending on node type */
 	uint32_t lineno;    /* Line number */
 	ZEND_MAP_PTR_DEF(zend_function *, fptr);
