Implement the "Redacting parameters in back traces" RFC

https://wiki.php.net/rfc/redact_parameters_in_back_traces

Author: TimWolla

UPGRADING

@@ -31,6 +31,11 @@ PHP 8.2 UPGRADE NOTES
 2. New Features
 ========================================
 
+- Core:
+  . Added the #\[\SensitiveParameter] attribute to redact sensitive data in
+    backtraces.
+    RFC: https://wiki.php.net/rfc/redact_parameters_in_back_traces
+
 - Curl:
   . Added CURLINFO_EFFECTIVE_METHOD option and returning the effective
     HTTP method in curl_getinfo() return value.

Zend/tests/function_arguments/sensitive_parameter.phpt

@@ -0,0 +1,51 @@
+--TEST--
+The SensitiveParameter attribute suppresses the single sensitive argument.
+--FILE--
+<?php
+
+function test(#[SensitiveParameter] $sensitive)
+{
+    debug_print_backtrace();
+    var_dump(debug_backtrace());
+    var_dump((new Exception)->getTrace());
+}
+
+test('sensitive');
+
+?>
+--EXPECTF--
+#0 %ssensitive_parameter.php(10): test(Object(SensitiveParameterValue))
+array(1) {
+  [0]=>
+  array(4) {
+    ["file"]=>
+    string(%d) "%ssensitive_parameter.php"
+    ["line"]=>
+    int(10)
+    ["function"]=>
+    string(4) "test"
+    ["args"]=>
+    array(1) {
+      [0]=>
+      object(SensitiveParameterValue)#%d (0) {
+      }
+    }
+  }
+}
+array(1) {
+  [0]=>
+  array(4) {
+    ["file"]=>
+    string(%d) "%ssensitive_parameter.php"
+    ["line"]=>
+    int(10)
+    ["function"]=>
+    string(4) "test"
+    ["args"]=>
+    array(1) {
+      [0]=>
+      object(SensitiveParameterValue)#%d (0) {
+      }
+    }
+  }
+}

Zend/tests/function_arguments/sensitive_parameter_arrow_function.phpt

@@ -0,0 +1,28 @@
+--TEST--
+The SensitiveParameter attribute suppresses the single sensitive argument for arrow functions.
+--FILE--
+<?php
+
+$test = fn (#[SensitiveParameter] $sensitive) => (new Exception)->getTrace();
+
+var_dump($test('sensitive'));
+
+?>
+--EXPECTF--
+array(1) {
+  [0]=>
+  array(4) {
+    ["file"]=>
+    string(%d) "%ssensitive_parameter_arrow_function.php"
+    ["line"]=>
+    int(5)
+    ["function"]=>
+    string(9) "{closure}"
+    ["args"]=>
+    array(1) {
+      [0]=>
+      object(SensitiveParameterValue)#%d (0) {
+      }
+    }
+  }
+}

Zend/tests/function_arguments/sensitive_parameter_closure.phpt

@@ -0,0 +1,51 @@
+--TEST--
+The SensitiveParameter attribute suppresses the single sensitive argument for closures.
+--FILE--
+<?php
+
+$test = function (#[SensitiveParameter] $sensitive)
+{
+    debug_print_backtrace();
+    var_dump(debug_backtrace());
+    var_dump((new Exception)->getTrace());
+};
+
+$test('sensitive');
+
+?>
+--EXPECTF--
+#0 %ssensitive_parameter_closure.php(10): {closure}(Object(SensitiveParameterValue))
+array(1) {
+  [0]=>
+  array(4) {
+    ["file"]=>
+    string(%d) "%ssensitive_parameter_closure.php"
+    ["line"]=>
+    int(10)
+    ["function"]=>
+    string(9) "{closure}"
+    ["args"]=>
+    array(1) {
+      [0]=>
+      object(SensitiveParameterValue)#%d (0) {
+      }
+    }
+  }
+}
+array(1) {
+  [0]=>
+  array(4) {
+    ["file"]=>
+    string(%d) "%ssensitive_parameter_closure.php"
+    ["line"]=>
+    int(10)
+    ["function"]=>
+    string(9) "{closure}"
+    ["args"]=>
+    array(1) {
+      [0]=>
+      object(SensitiveParameterValue)#%d (0) {
+      }
+    }
+  }
+}

Zend/tests/function_arguments/sensitive_parameter_correctly_captures_original.phpt

@@ -0,0 +1,70 @@
+--TEST--
+The SensitiveParameterValue replacement value correctly captures the original value.
+--FILE--
+<?php
+
+function test(
+    $foo,
+    #[SensitiveParameter] $bar,
+    $baz
+) {
+    throw new Exception('Error');
+}
+
+try {
+    test('foo', 'bar', 'baz');
+    echo 'Not reached';
+} catch (Exception $e) {
+    echo $e->getMessage(), PHP_EOL;
+    $testFrame = $e->getTrace()[0];
+    var_dump($testFrame['function']);
+    var_dump(count($testFrame['args']));
+    var_dump($testFrame['args'][0]);
+    assert($testFrame['args'][1] instanceof SensitiveParameterValue);
+    var_dump($testFrame['args'][1]->getValue());
+    var_dump($testFrame['args'][2]);
+    echo "Success", PHP_EOL;
+}
+
+function test2(
+    $foo,
+    #[SensitiveParameter] ...$variadic,
+) {
+    throw new Exception('Error 2');
+}
+
+try {
+    test2('foo', 'variadic1', 'variadic2', 'variadic3');
+    echo 'Not reached';
+} catch (Exception $e) {
+    echo $e->getMessage(), PHP_EOL;
+    $testFrame = $e->getTrace()[0];
+    var_dump($testFrame['function']);
+    var_dump(count($testFrame['args']));
+    var_dump($testFrame['args'][0]);
+    assert($testFrame['args'][1] instanceof SensitiveParameterValue);
+    var_dump($testFrame['args'][1]->getValue());
+    assert($testFrame['args'][2] instanceof SensitiveParameterValue);
+    var_dump($testFrame['args'][2]->getValue());
+    assert($testFrame['args'][3] instanceof SensitiveParameterValue);
+    var_dump($testFrame['args'][3]->getValue());
+    echo "Success", PHP_EOL;
+}
+
+?>
+--EXPECTF--
+Error
+string(4) "test"
+int(3)
+string(3) "foo"
+string(3) "bar"
+string(3) "baz"
+Success
+Error 2
+string(5) "test2"
+int(4)
+string(3) "foo"
+string(9) "variadic1"
+string(9) "variadic2"
+string(9) "variadic3"
+Success

Zend/tests/function_arguments/sensitive_parameter_eval_call.phpt

@@ -0,0 +1,72 @@
+--TEST--
+The SensitiveParameter attribute suppresses the single sensitive argument in a function called in eval().
+--FILE--
+<?php
+
+function test(#[SensitiveParameter] $sensitive)
+{
+    debug_print_backtrace();
+    var_dump(debug_backtrace());
+    var_dump((new Exception)->getTrace());
+}
+
+eval(<<<'EOT'
+test('sensitive');
+EOT);
+
+?>
+--EXPECTF--
+#0 %ssensitive_parameter_eval_call.php(11) : eval()'d code(1): test(Object(SensitiveParameterValue))
+#1 %ssensitive_parameter_eval_call.php(11): eval()
+array(2) {
+  [0]=>
+  array(4) {
+    ["file"]=>
+    string(%d) "%ssensitive_parameter_eval_call.php(11) : eval()'d code"
+    ["line"]=>
+    int(1)
+    ["function"]=>
+    string(4) "test"
+    ["args"]=>
+    array(1) {
+      [0]=>
+      object(SensitiveParameterValue)#%d (0) {
+      }
+    }
+  }
+  [1]=>
+  array(3) {
+    ["file"]=>
+    string(%d) "%ssensitive_parameter_eval_call.php"
+    ["line"]=>
+    int(11)
+    ["function"]=>
+    string(4) "eval"
+  }
+}
+array(2) {
+  [0]=>
+  array(4) {
+    ["file"]=>
+    string(%d) "%ssensitive_parameter_eval_call.php(11) : eval()'d code"
+    ["line"]=>
+    int(1)
+    ["function"]=>
+    string(4) "test"
+    ["args"]=>
+    array(1) {
+      [0]=>
+      object(SensitiveParameterValue)#%d (0) {
+      }
+    }
+  }
+  [1]=>
+  array(3) {
+    ["file"]=>
+    string(%d) "%ssensitive_parameter_eval_call.php"
+    ["line"]=>
+    int(11)
+    ["function"]=>
+    string(4) "eval"
+  }
+}

Zend/tests/function_arguments/sensitive_parameter_eval_define.phpt

@@ -0,0 +1,53 @@
+--TEST--
+The SensitiveParameter attribute suppresses the single sensitive argument in a function created in eval().
+--FILE--
+<?php
+
+eval(<<<'EOT'
+function test(#[SensitiveParameter] $sensitive)
+{
+    debug_print_backtrace();
+    var_dump(debug_backtrace());
+    var_dump((new Exception)->getTrace());
+}
+EOT);
+
+test('sensitive');
+
+?>
+--EXPECTF--
+#0 %ssensitive_parameter_eval_define.php(12): test(Object(SensitiveParameterValue))
+array(1) {
+  [0]=>
+  array(4) {
+    ["file"]=>
+    string(%d) "%ssensitive_parameter_eval_define.php"
+    ["line"]=>
+    int(12)
+    ["function"]=>
+    string(4) "test"
+    ["args"]=>
+    array(1) {
+      [0]=>
+      object(SensitiveParameterValue)#%d (0) {
+      }
+    }
+  }
+}
+array(1) {
+  [0]=>
+  array(4) {
+    ["file"]=>
+    string(%d) "%ssensitive_parameter_eval_define.php"
+    ["line"]=>
+    int(12)
+    ["function"]=>
+    string(4) "test"
+    ["args"]=>
+    array(1) {
+      [0]=>
+      object(SensitiveParameterValue)#%d (0) {
+      }
+    }
+  }
+}