php
diff --git a/‎Zend/zend_API.c
Lines changed: 27 additions & 13 deletions b/‎Zend/zend_API.c
Lines changed: 27 additions & 13 deletions
diff --git a/‎Zend/zend_API.h
Lines changed: 2 additions & 2 deletions b/‎Zend/zend_API.h
Lines changed: 2 additions & 2 deletions
diff --git a/‎ext/curl/interface.c
Lines changed: 1 addition & 1 deletion b/‎ext/curl/interface.c
Lines changed: 1 addition & 1 deletion
diff --git a/‎ext/curl/tests/bug68089.phpt
Lines changed: 2 additions & 2 deletions b/‎ext/curl/tests/bug68089.phpt
Lines changed: 2 additions & 2 deletions
diff --git a/‎ext/exif/exif.c
Lines changed: 2 additions & 2 deletions b/‎ext/exif/exif.c
Lines changed: 2 additions & 2 deletions
diff --git a/‎ext/exif/tests/filename_empty.phpt
Lines changed: 4 additions & 4 deletions b/‎ext/exif/tests/filename_empty.phpt
Lines changed: 4 additions & 4 deletions
diff --git a/‎ext/fileinfo/tests/finfo_open_001.phpt
Lines changed: 2 additions & 2 deletions b/‎ext/fileinfo/tests/finfo_open_001.phpt
Lines changed: 2 additions & 2 deletions
diff --git a/‎ext/gd/tests/imagegd2_nullbyte_injection.phpt
Lines changed: 2 additions & 2 deletions b/‎ext/gd/tests/imagegd2_nullbyte_injection.phpt
Lines changed: 2 additions & 2 deletions
diff --git a/‎ext/gd/tests/imagegd_nullbyte_injection.phpt
Lines changed: 2 additions & 2 deletions b/‎ext/gd/tests/imagegd_nullbyte_injection.phpt
Lines changed: 2 additions & 2 deletions
diff --git a/‎ext/gd/tests/imagexbm_nullbyte_injection.phpt
Lines changed: 2 additions & 2 deletions b/‎ext/gd/tests/imagexbm_nullbyte_injection.phpt
Lines changed: 2 additions & 2 deletions
@@ -254,6 +254,12 @@ ZEND_API ZEND_COLD void ZEND_FASTCALL zend_wrong_parameter_type_error(uint32_t n
 		return;
 	}
 
+	if ((expected_type == Z_EXPECTED_PATH || expected_type == Z_EXPECTED_PATH_OR_NULL)
+			&& Z_TYPE_P(arg) == IS_STRING) {
+		zend_argument_value_error(num, "must not contain any null bytes");
+		return;
+	}
+
 	zend_argument_type_error(num, "must be %s, %s given", expected_error[expected_type], zend_zval_type_name(arg));
 }
 /* }}} */
@@ -668,10 +674,12 @@ static const char *zend_parse_arg_impl(zval *arg, va_list *va, const char **spec
 				char **p = va_arg(*va, char **);
 				size_t *pl = va_arg(*va, size_t *);
 				if (!zend_parse_arg_path(arg, p, pl, check_null)) {
-					zend_spprintf(error, 0, "a valid path%s, %s given",
-						check_null ? " or null" : "", zend_zval_type_name(arg)
-					);
-					return "";
+					if (Z_TYPE_P(arg) == IS_STRING) {
+						zend_spprintf(error, 0, "must not contain any null bytes");
+						return "";
+					} else {
+						return check_null ? "?string" : "string";
+					}
 				}
 			}
 			break;
@@ -680,10 +688,12 @@ static const char *zend_parse_arg_impl(zval *arg, va_list *va, const char **spec
 			{
 				zend_string **str = va_arg(*va, zend_string **);
 				if (!zend_parse_arg_path_str(arg, str, check_null)) {
-					zend_spprintf(error, 0, "a valid path%s, %s given",
-						check_null ? " or null" : "", zend_zval_type_name(arg)
-					);
-					return "";
+					if (Z_TYPE_P(arg) == IS_STRING) {
+						zend_spprintf(error, 0, "must not contain any null bytes");
+						return "";
+					} else {
+						return check_null ? "?string" : "string";
+					}
 				}
 			}
 			break;
@@ -762,7 +772,7 @@ static const char *zend_parse_arg_impl(zval *arg, va_list *va, const char **spec
 				if (!zend_parse_arg_object(arg, p, ce, check_null)) {
 					if (ce) {
 						if (check_null) {
-							zend_spprintf(error, 0, "of type ?%s, %s given", ZSTR_VAL(ce->name), zend_zval_type_name(arg));
+							zend_spprintf(error, 0, "must be of type ?%s, %s given", ZSTR_VAL(ce->name), zend_zval_type_name(arg));
 							return "";
 						} else {
 							return ZSTR_VAL(ce->name);
@@ -795,14 +805,14 @@ static const char *zend_parse_arg_impl(zval *arg, va_list *va, const char **spec
 				}
 				if (ce_base) {
 					if ((!*pce || !instanceof_function(*pce, ce_base))) {
-						zend_spprintf(error, 0, "a class name derived from %s%s, %s given",
+						zend_spprintf(error, 0, "must be a class name derived from %s%s, %s given",
 							ZSTR_VAL(ce_base->name), check_null ? " or null" : "", Z_STRVAL_P(arg));
 						*pce = NULL;
 						return "";
 					}
 				}
 				if (!*pce) {
-					zend_spprintf(error, 0, "a valid class name%s, %s given",
+					zend_spprintf(error, 0, "must be a valid class name%s, %s given",
 						check_null ? " or null" : "", Z_STRVAL_P(arg));
 					return "";
 				}
@@ -833,7 +843,7 @@ static const char *zend_parse_arg_impl(zval *arg, va_list *va, const char **spec
 				}
 
 				if (is_callable_error) {
-					zend_spprintf(error, 0, "a valid callback%s, %s", check_null ? " or null" : "", is_callable_error);
+					zend_spprintf(error, 0, "must be a valid callback%s, %s", check_null ? " or null" : "", is_callable_error);
 					efree(is_callable_error);
 					return "";
 				} else {
@@ -874,7 +884,11 @@ static zend_result zend_parse_arg(uint32_t arg_num, zval *arg, va_list *va, cons
 		}
 		if (!(flags & ZEND_PARSE_PARAMS_QUIET) && (*expected_type || error)) {
 			if (error) {
-				zend_argument_type_error(arg_num, "must be %s", error);
+				if (strcmp(error, "must not contain any null bytes") == 0) {
+					zend_argument_value_error(arg_num, "%s", error);
+				} else {
+					zend_argument_type_error(arg_num, "%s", error);
+				}
 				efree(error);
 			} else {
 				zend_argument_type_error(arg_num, "must be of type %s, %s given", expected_type, zend_zval_type_name(arg));
 
@@ -1215,8 +1215,8 @@ static zend_always_inline zval *zend_try_array_init(zval *zv)
 	_(Z_EXPECTED_FUNC_OR_NULL,		"a valid callback or null") \
 	_(Z_EXPECTED_RESOURCE,			"of type resource") \
 	_(Z_EXPECTED_RESOURCE_OR_NULL,	"of type resource or null") \
-	_(Z_EXPECTED_PATH,				"a valid path") \
-	_(Z_EXPECTED_PATH_OR_NULL,		"a valid path or null") \
+	_(Z_EXPECTED_PATH,				"of type string") \
+	_(Z_EXPECTED_PATH_OR_NULL,		"of type ?string") \
 	_(Z_EXPECTED_OBJECT,			"of type object") \
 	_(Z_EXPECTED_OBJECT_OR_NULL,	"of type ?object") \
 	_(Z_EXPECTED_DOUBLE,			"of type float") \
 
@@ -102,7 +102,7 @@ static int php_curl_option_str(php_curl *ch, zend_long option, const char *str,
 	CURLcode error = CURLE_OK;
 
 	if (strlen(str) != len) {
-		zend_type_error("%s(): cURL option cannot contain any null-bytes", get_active_function_name());
+		zend_value_error("%s(): cURL option must not contain any null bytes", get_active_function_name());
 		return FAILURE;
 	}
 
 
@@ -12,12 +12,12 @@ $ch = curl_init();
 
 try {
     curl_setopt($ch, CURLOPT_URL, $url);
-} catch (TypeError $exception) {
+} catch (ValueError $exception) {
     echo $exception->getMessage() . "\n";
 }
 
 ?>
 Done
 --EXPECT--
-curl_setopt(): cURL option cannot contain any null-bytes
+curl_setopt(): cURL option must not contain any null bytes
 Done
@@ -4541,7 +4541,7 @@ PHP_FUNCTION(exif_read_data)
 		}
 
 		if (CHECK_NULL_PATH(Z_STRVAL_P(stream), Z_STRLEN_P(stream))) {
-			zend_argument_type_error(1, "cannot contain any null-bytes");
+			zend_argument_value_error(1, "must not contain any null bytes");
 			RETURN_THROWS();
 		}
 
@@ -4718,7 +4718,7 @@ PHP_FUNCTION(exif_thumbnail)
 		}
 
 		if (CHECK_NULL_PATH(Z_STRVAL_P(stream), Z_STRLEN_P(stream))) {
-			zend_argument_type_error(1, "cannot contain any null-bytes");
+			zend_argument_value_error(1, "must not contain any null bytes");
 			RETURN_THROWS();
 		}
 
 
@@ -17,19 +17,19 @@ try {
 
 try {
     exif_read_data("foo\0bar");
-} catch (TypeError $e) {
+} catch (ValueError $e) {
     echo $e->getMessage(), "\n";
 }
 
 try {
     exif_thumbnail("foo\0bar");
-} catch (TypeError $e) {
+} catch (ValueError $e) {
     echo $e->getMessage(), "\n";
 }
 
 ?>
 --EXPECT--
 exif_read_data(): Argument #1 ($filename) cannot be empty
 exif_thumbnail(): Argument #1 ($filename) cannot be empty
-exif_read_data(): Argument #1 ($filename) cannot contain any null-bytes
-exif_thumbnail(): Argument #1 ($filename) cannot contain any null-bytes
+exif_read_data(): Argument #1 ($filename) must not contain any null bytes
+exif_thumbnail(): Argument #1 ($filename) must not contain any null bytes
@@ -7,7 +7,7 @@ finfo_open(): Testing magic_file names
 
 try {
     var_dump(finfo_open(FILEINFO_MIME, "\0"));
-} catch (TypeError $e) {
+} catch (ValueError $e) {
     echo $e->getMessage(), "\n";
 }
 
@@ -19,7 +19,7 @@ var_dump(finfo_open(FILEINFO_MIME, '/foo/bar/inexistent'));
 
 ?>
 --EXPECTF--
-finfo_open(): Argument #2 ($arg) must be a valid path, string given
+finfo_open(): Argument #2 ($arg) must not contain any null bytes
 resource(%d) of type (file_info)
 resource(%d) of type (file_info)
 
 
@@ -9,9 +9,9 @@ Testing null byte injection in imagegd2
 $image = imagecreate(1,1);// 1px image
 try {
     imagegd($image, "./foo\0bar");
-} catch (TypeError $e) {
+} catch (ValueError $e) {
     echo $e->getMessage(), "\n";
 }
 ?>
 --EXPECT--
-imagegd(): Argument #2 ($to) must be a valid path, string given
+imagegd(): Argument #2 ($to) must not contain any null bytes
@@ -9,9 +9,9 @@ Testing null byte injection in imagegd
 $image = imagecreate(1,1);// 1px image
 try {
     imagegd($image, "./foo\0bar");
-} catch (TypeError $e) {
+} catch (ValueError $e) {
     echo $e->getMessage(), "\n";
 }
 ?>
 --EXPECT--
-imagegd(): Argument #2 ($to) must be a valid path, string given
+imagegd(): Argument #2 ($to) must not contain any null bytes
@@ -9,9 +9,9 @@ if(!extension_loaded('gd')) die('skip gd extension not available');
 $image = imagecreate(1,1);// 1px image
 try {
     imagexbm($image, "./foo\0bar");
-} catch (TypeError $e) {
+} catch (ValueError $e) {
     echo $e->getMessage(), "\n";
 }
 ?>
 --EXPECT--
-imagexbm(): Argument #2 ($filename) must be a valid path or null, string given
+imagexbm(): Argument #2 ($filename) must not contain any null bytes
Original file line number	Diff line number	Diff line change
`@@ -102,7 +102,7 @@ static int php_curl_option_str(php_curl ch, zend_long option, const char str,`
`102`	`102`	`CURLcode error = CURLE_OK;`
`103`	`103`
`104`	`104`	`if (strlen(str) != len) {`
`105`		`- zend_type_error("%s(): cURL option cannot contain any null-bytes", get_active_function_name());`
	`105`	`+ zend_value_error("%s(): cURL option must not contain any null bytes", get_active_function_name());`
`106`	`106`	`return FAILURE;`
`107`	`107`	`}`
`108`	`108`
Original file line number	Diff line number	Diff line change
`@@ -4541,7 +4541,7 @@ PHP_FUNCTION(exif_read_data)`
`4541`	`4541`	`}`
`4542`	`4542`
`4543`	`4543`	`if (CHECK_NULL_PATH(Z_STRVAL_P(stream), Z_STRLEN_P(stream))) {`
`4544`		`- zend_argument_type_error(1, "cannot contain any null-bytes");`
	`4544`	`+ zend_argument_value_error(1, "must not contain any null bytes");`
`4545`	`4545`	`RETURN_THROWS();`
`4546`	`4546`	`}`
`4547`	`4547`
`@@ -4718,7 +4718,7 @@ PHP_FUNCTION(exif_thumbnail)`
`4718`	`4718`	`}`
`4719`	`4719`
`4720`	`4720`	`if (CHECK_NULL_PATH(Z_STRVAL_P(stream), Z_STRLEN_P(stream))) {`
`4721`		`- zend_argument_type_error(1, "cannot contain any null-bytes");`
	`4721`	`+ zend_argument_value_error(1, "must not contain any null bytes");`
`4722`	`4722`	`RETURN_THROWS();`
`4723`	`4723`	`}`
`4724`	`4724`