Skip to content

fix: add minimum size guard and @security PHPDoc to ZVecDoc::deserialize()#150

Merged
s2x merged 3 commits into
mainfrom
feat/vector-fp64-support
May 30, 2026
Merged

fix: add minimum size guard and @security PHPDoc to ZVecDoc::deserialize()#150
s2x merged 3 commits into
mainfrom
feat/vector-fp64-support

Conversation

@s2x

@s2x s2x commented May 30, 2026

Copy link
Copy Markdown
Contributor

Summary

Add trust boundary protection to ZVecDoc::deserialize() to prevent crashes from trivially small payloads. The C++ layer crashes on malformed data, so the PHP layer now rejects inputs shorter than 8 bytes before they reach the FFI boundary.

Changes

  • Add minimum size check (8 bytes) to ZVecDoc::deserialize()
  • Add @security PHPDoc warning about untrusted data
  • Add 4 .phpt tests for deserialization edge cases:
    • test_deserialize_empty.phpt — rejects empty string
    • test_deserialize_too_short.phpt — rejects data shorter than 8 bytes
    • test_deserialize_valid.phpt — round-trip preserves all fields
    • test_deserialize_trust_boundary.phpt — malformed data handling

Test Results

All 144 tests pass (1 skipped, 2 expected failures). No regressions.

Fixes #81

s2x added 3 commits May 30, 2026 21:07
…ize()

Add trust boundary protection to ZVecDoc::deserialize() to prevent
crashes from trivially small payloads. The C++ layer crashes on
malformed data, so the PHP layer now rejects inputs shorter than
8 bytes before they reach the FFI boundary.

Changes:
- Add minimum size check (8 bytes) to ZVecDoc::deserialize()
- Add @security PHPDoc warning about untrusted data
- Add 4 .phpt tests for deserialization edge cases

Fixes #81
The native zvec extension does not have the minimum size guard added
to the FFI PHP layer. Skip these tests when the native extension is
loaded to avoid false failures in CI.
@s2x s2x merged commit a3b3c44 into main May 30, 2026
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

SEC-013: No Integrity Check on Serialized Document Data

1 participant