Conversation
src/HttpClient/HttpClient.php
Outdated
| curl_share_setopt($this->shareHandle, \CURLOPT_SHARE, \CURL_LOCK_DATA_DNS); | ||
| if (\defined('CURL_LOCK_DATA_CONNECT')) { | ||
| curl_share_setopt($this->shareHandle, \CURLOPT_SHARE, \CURL_LOCK_DATA_CONNECT); | ||
| } | ||
| if (\defined('CURL_LOCK_DATA_SSL_SESSION')) { | ||
| curl_share_setopt($this->shareHandle, \CURLOPT_SHARE, \CURL_LOCK_DATA_SSL_SESSION); |
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
src/HttpClient/HttpClient.php
Outdated
| if ($this->shareHandle !== null) { | ||
| curl_setopt($curlHandle, \CURLOPT_SHARE, $this->shareHandle); | ||
| } |
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
There was a problem hiding this comment.
The documentation doesn't mention that curl_share_init can return false, in contrast to curl_init.
src/HttpClient/HttpClient.php
Outdated
| $this->sdkIdentifier = $sdkIdentifier; | ||
| $this->sdkVersion = $sdkVersion; | ||
| if (\function_exists('curl_share_init_persistent')) { | ||
| $shareOptions = [\CURL_LOCK_DATA_DNS, \CURL_LOCK_DATA_CONNECT]; |
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
src/HttpClient/HttpClient.php
Outdated
| // If the persistent share handle cannot be created or doesn't exist | ||
| if ($this->shareHandle === null) { | ||
| try { | ||
| $this->shareHandle = curl_share_init(); |
There was a problem hiding this comment.
Missing check for false return from curl_share_init
Medium Severity
When curl_share_init() returns false (possible in PHP 7.x on failure), $this->shareHandle is set to false. The check if ($this->shareHandle !== null) passes since false !== null is true, causing curl_setopt() to be called with false as the share handle. The PR discussion explicitly noted this concern ("an extra check doesn't hurt") but the check wasn't added. This could cause warnings and prevent proper fallback behavior when share handle initialization fails.
Additional Locations (1)
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.
Adds either a regular share handle or a persistent one to our curl handle, so it can share connect, DNS and SSL between each request without having to reestablish it.
When available, it will use the persistent share handle which should improve request performance between PHP executions. It falls back to the regular share handle which can improve performance within the same PHP execution if multiple requests are performed.