Use locale-independent alternatives to isalpha/isalnum/isctrl

- Avoid registering/detecting stream wrappers in locale-independent ways.
- Avoid this in libmagic for detecting magic file headers.

  I don't believe these should be locale dependent.
- Avoid locale dependence for http/ftp/network protocols.
- Avoid locale dependence for Windows drive letter names in zend_virtual_cwd
- Make parse_url stop depending on locale
  Related to https://bugs.php.net/bug.php?id=52923
  iscntrl is locale-dependent which seems to corrupt certain bytes.

Somewhat related to https://wiki.php.net/rfc/strtolower-ascii
but I don't think most of these should have been locale-dependent in the first
place - the code may not have considered locales

E.g. on Linux, `setlocale(LC_ALL, 'de_DE');`
(if the locale is installed and it succeeds)
will have some values for alpha/cntrl in the range 128-256 where the C locale
has no values.

To avoid this locale-dependence in older php versions,
applications can set `setlocale(LC_CTYPE, 'C')`.

Author: TysonAndre

Zend/zend_compile.c

@@ -1890,7 +1890,7 @@ ZEND_API size_t zend_dirname(char *path, size_t len)
 	/* Note that on Win32 CWD is per drive (heritage from CP/M).
 	 * This means dirname("c:foo") maps to "c:." or "c:" - which means CWD on C: drive.
 	 */
-	if ((2 <= len) && isalpha((int)((unsigned char *)path)[0]) && (':' == path[1])) {
+	if ((2 <= len) && zend_isalpha_ascii((int)((unsigned char *)path)[0]) && (':' == path[1])) {
 		/* Skip over the drive spec (if any) so as not to change */
 		path += 2;
 		len_adjust += 2;

Zend/zend_operators.c

@@ -118,9 +118,70 @@ ZEND_API const unsigned char zend_toupper_map[256] = {
 0xc0,0xc1,0xc2,0xc3,0xc4,0xc5,0xc6,0xc7,0xc8,0xc9,0xca,0xcb,0xcc,0xcd,0xce,0xcf,
 0xd0,0xd1,0xd2,0xd3,0xd4,0xd5,0xd6,0xd7,0xd8,0xd9,0xda,0xdb,0xdc,0xdd,0xde,0xdf,
 0xe0,0xe1,0xe2,0xe3,0xe4,0xe5,0xe6,0xe7,0xe8,0xe9,0xea,0xeb,0xec,0xed,0xee,0xef,
-0xf0,0xf1,0xf2,0xf3,0xf4,0xf5,0xf6,0xf7,0xf8,0xf9,0xfa,0xfb,0xfc,0xfd,0xfe,0xff	
+0xf0,0xf1,0xf2,0xf3,0xf4,0xf5,0xf6,0xf7,0xf8,0xf9,0xfa,0xfb,0xfc,0xfd,0xfe,0xff
+};
+
+/* ctype's isalpha varies based on locale, which is not what we want for many use cases.
+ * This is what it'd be in the "C" locale. */
+ZEND_API const bool zend_isalpha_map[256] = {
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,
+1,1,1,1,1,1,1,1,1,1,1,0,0,0,0,0,
+0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,
+1,1,1,1,1,1,1,1,1,1,1,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
 };
 
+/* ctype's isalnum is isalpha + isdigit(0-9) */
+ZEND_API const bool zend_isalnum_map[256] = {
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+1,1,1,1,1,1,1,1,1,1,0,0,0,0,0,0,
+0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,
+1,1,1,1,1,1,1,1,1,1,1,0,0,0,0,0,
+0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,
+1,1,1,1,1,1,1,1,1,1,1,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+};
+
+/* ctype's iscntrl varies based on locale, which is not what we want for many use cases.
+ * This is what it'd be in the "C" locale. */
+ZEND_API const bool zend_iscntrl_map[256] = {
+1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,
+1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+};
 
 /**
  * Functions using locale lowercase:

Zend/zend_operators.h

@@ -435,9 +435,15 @@ ZEND_API int ZEND_FASTCALL string_locale_compare_function(zval *op1, zval *op2);
 
 ZEND_API extern const unsigned char zend_tolower_map[256];
 ZEND_API extern const unsigned char zend_toupper_map[256];
+ZEND_API extern const bool zend_isalpha_map[256];
+ZEND_API extern const bool zend_isalnum_map[256];
+ZEND_API extern const bool zend_iscntrl_map[256];
 
 #define zend_tolower_ascii(c) (zend_tolower_map[(unsigned char)(c)])
 #define zend_toupper_ascii(c) (zend_toupper_map[(unsigned char)(c)])
+#define zend_isalpha_ascii(c) (zend_isalpha_map[(unsigned char)(c)])
+#define zend_isalnum_ascii(c) (zend_isalnum_map[(unsigned char)(c)])
+#define zend_iscntrl_ascii(c) (zend_iscntrl_map[(unsigned char)(c)])
 
 ZEND_API void         ZEND_FASTCALL zend_str_tolower(char *str, size_t length);
 ZEND_API void         ZEND_FASTCALL zend_str_toupper(char *str, size_t length);

Zend/zend_virtual_cwd.h

@@ -82,7 +82,7 @@ typedef unsigned short mode_t;
 #define IS_UNC_PATH(path, len) \
 	(len >= 2 && IS_SLASH(path[0]) && IS_SLASH(path[1]))
 #define IS_ABSOLUTE_PATH(path, len) \
-	(len >= 2 && (/* is local */isalpha(path[0]) && path[1] == ':' || /* is UNC */IS_SLASH(path[0]) && IS_SLASH(path[1])))
+	(len >= 2 && (/* is local */zend_isalpha_ascii(path[0]) && path[1] == ':' || /* is UNC */IS_SLASH(path[0]) && IS_SLASH(path[1])))
 
 #else
 #ifdef HAVE_DIRENT_H

ext/fileinfo/libmagic/apprentice.c

@@ -299,7 +299,7 @@ get_standard_integer_type(const char *l, const char **t)
 {
 	int type;
 
-	if (isalpha(CAST(unsigned char, l[1]))) {
+	if (zend_isalpha_ascii(CAST(unsigned char, l[1]))) {
 		switch (l[1]) {
 		case 'C':
 			/* "dC" and "uC" */
@@ -1187,7 +1187,7 @@ load_1(struct magic_set *ms, int action, const char *fn, int *errs,
 					continue;
 				}
 				if ((*bang[i].fun)(ms, &me,
-				    line + bang[i].len + 2, 
+				    line + bang[i].len + 2,
 				    len - bang[i].len - 2) != 0) {
 					(*errs)++;
 					continue;
@@ -1419,7 +1419,7 @@ apprentice_load(struct magic_set *ms, const char *fn, int action)
 		/* coalesce per file arrays into a single one, if needed */
 		if (mset[j].count == 0)
 			continue;
-		      
+
 		if (coalesce_entries(ms, mset[j].me, mset[j].count,
 		    &map->magic[j], &map->nmagic[j]) == -1) {
 			errs++;
@@ -2071,7 +2071,7 @@ parse(struct magic_set *ms, struct magic_entry *me, const char *line,
 			if (*l == 'd')
 				m->type = get_standard_integer_type(l, &l);
 			else if (*l == 's'
-			    && !isalpha(CAST(unsigned char, l[1]))) {
+			    && !zend_isalpha_ascii(CAST(unsigned char, l[1]))) {
 				m->type = FILE_STRING;
 				++l;
 			}
@@ -2287,7 +2287,7 @@ parse_strength(struct magic_set *ms, struct magic_entry *me, const char *line,
 private int
 goodchar(unsigned char x, const char *extra)
 {
-	return (isascii(x) && isalnum(x)) || strchr(extra, x);
+	return (zend_isalnum_ascii(x)) || strchr(extra, x);
 }
 
 private int

ext/fileinfo/libmagic/compress.c

@@ -237,7 +237,7 @@ format_decompression_error(struct magic_set *ms, size_t i, unsigned char *buf)
 		return file_printf(ms, "ERROR:[%s: %s]", methodname(i), buf);
 
 	for (p = buf; *p; p++)
-		if (!isalnum(*p))
+		if (!zend_isalnum_ascii(*p))
 			*p = '-';
 
 	return file_printf(ms, "application/x-decompression-error-%s-%s",

ext/fileinfo/libmagic/encoding.c

@@ -536,7 +536,7 @@ looks_ucs32(const unsigned char *bf, size_t nbytes, file_unichar_t *ubf,
 			    | (CAST(file_unichar_t, bf[i]) << 24);
 		else
 			ubf[(*ulen)++] = CAST(file_unichar_t, bf[i + 0])
-			    | (CAST(file_unichar_t, bf[i + 1]) << 8) 
+			    | (CAST(file_unichar_t, bf[i + 1]) << 8)
 			    | (CAST(file_unichar_t, bf[i + 2]) << 16)
 			    | (CAST(file_unichar_t, bf[i + 3]) << 24);
 

ext/fileinfo/libmagic/funcs.c

@@ -120,7 +120,7 @@ file_checkfmt(char *msg, size_t mlen, const char *fmt)
 				return -1;
 		}
 
-		if (!isalpha((unsigned char)*p)) {
+		if (!zend_isalpha_ascii((unsigned char)*p)) {
 			if (msg)
 				snprintf(msg, mlen, "bad format char: %c", *p);
 			return -1;

ext/filter/logical_filters.c

@@ -528,21 +528,21 @@ static int _php_filter_validate_domain(char * domain, int len, zend_long flags)
 	}
 
 	/* First char must be alphanumeric */
-	if(*s == '.' || (hostname && !isalnum((int)*(unsigned char *)s))) {
+	if(*s == '.' || (hostname && !zend_isalnum_ascii((int)*(unsigned char *)s))) {
 		return 0;
 	}
 
 	while (s < e) {
 		if (*s == '.') {
 			/* The first and the last character of a label must be alphanumeric */
-			if (*(s + 1) == '.' || (hostname && (!isalnum((int)*(unsigned char *)(s - 1)) || !isalnum((int)*(unsigned char *)(s + 1))))) {
+			if (*(s + 1) == '.' || (hostname && (!zend_isalnum_ascii((int)*(unsigned char *)(s - 1)) || !zend_isalnum_ascii((int)*(unsigned char *)(s + 1))))) {
 				return 0;
 			}
 
 			/* Reset label length counter */
 			i = 1;
 		} else {
-			if (i > 63 || (hostname && *s != '-' && !isalnum((int)*(unsigned char *)s))) {
+			if (i > 63 || (hostname && *s != '-' && !zend_isalnum_ascii((int)*(unsigned char *)s))) {
 				return 0;
 			}
 
@@ -569,7 +569,7 @@ static int is_userinfo_valid(zend_string *str)
 	const char *valid = "-._~!$&'()*+,;=:";
 	const char *p = ZSTR_VAL(str);
 	while (p - ZSTR_VAL(str) < ZSTR_LEN(str)) {
-		if (isalpha(*p) || isdigit(*p) || strchr(valid, *p)) {
+		if (zend_isalnum_ascii(*p) || strchr(valid, *p)) {
 			p++;
 		} else if (*p == '%' && p - ZSTR_VAL(str) <= ZSTR_LEN(str) - 3 && isdigit(*(p+1)) && isxdigit(*(p+2))) {
 			p += 3;

ext/gd/libgd/gd_xbm.c

@@ -190,8 +190,8 @@ void gdImageXbmCtx(gdImagePtr image, char* file_name, int fg, gdIOCtx * out)
 		name = estrdup("image");
 	} else {
 		for (i=0; i<l; i++) {
-			/* only in C-locale isalnum() would work */
-			if (!isupper(name[i]) && !islower(name[i]) && !isdigit(name[i])) {
+			/* Locale-independent check */
+			if (!zend_isalnum_ascii(name[i])) {
 				name[i] = '_';
 			}
 		}