From 83567ebad2411a1f17819c174492c255e401c96b Mon Sep 17 00:00:00 2001
From: Thomas Gelf <thomas@gelf.net>
Date: Wed, 19 Jan 2022 12:08:28 +0100
Subject: [PATCH] Avoid passing `null` to non-nullable arguments

---
 .../Cli/Documentation/CommentParser.php       |  8 +++++++-
 library/Icinga/Cli/Loader.php                 |  4 ++++
 library/Icinga/Data/Db/DbQuery.php            |  4 ++--
 .../Icinga/Data/Filter/FilterExpression.php   |  7 +++++--
 library/Icinga/Data/SimpleQuery.php           |  2 +-
 library/Icinga/Date/DateFormatter.php         |  6 +++---
 library/vendor/Zend/Db/Statement.php          | 19 +++++++++++++------
 7 files changed, 35 insertions(+), 15 deletions(-)

diff --git a/library/Icinga/Cli/Documentation/CommentParser.php b/library/Icinga/Cli/Documentation/CommentParser.php
index 2455f9d1d..3d56e17d6 100644
--- a/library/Icinga/Cli/Documentation/CommentParser.php
+++ b/library/Icinga/Cli/Documentation/CommentParser.php
@@ -68,10 +68,16 @@ class CommentParser
 
     public function dump()
     {
-        $res = $this->title . "\n" . str_repeat('=', strlen($this->title)) . "\n\n";
+        if ($this->title) {
+            $res = $this->title . "\n" . str_repeat('=', strlen($this->title)) . "\n\n";
+        } else {
+            $res = '';
+        }
+
         foreach ($this->paragraphs as $p) {
             $res .= wordwrap($p, 72) . "\n\n";
         }
+
         return $res;
     }
 }
diff --git a/library/Icinga/Cli/Loader.php b/library/Icinga/Cli/Loader.php
index ef2782bb0..732c3bca0 100644
--- a/library/Icinga/Cli/Loader.php
+++ b/library/Icinga/Cli/Loader.php
@@ -276,6 +276,10 @@ class Loader
 
     protected function searchMatch($needle, $haystack)
     {
+        if ($needle === null) {
+            $needle = '';
+        }
+
         $this->lastSuggestions = preg_grep(sprintf('/^%s.*$/', preg_quote($needle, '/')), $haystack);
         $match = array_search($needle, $haystack, true);
         if (false !== $match) {
diff --git a/library/Icinga/Data/Db/DbQuery.php b/library/Icinga/Data/Db/DbQuery.php
index 457308093..29dcefeb2 100644
--- a/library/Icinga/Data/Db/DbQuery.php
+++ b/library/Icinga/Data/Db/DbQuery.php
@@ -356,13 +356,13 @@ class DbQuery extends SimpleQuery
             }
 
             return '(' . implode(" $operator ", $sql) . ')';
-        } elseif ($sign === '=' && strpos($expression, '*') !== false) {
+        } elseif ($sign === '=' && $expression !== null && strpos($expression, '*') !== false) {
             if ($expression === '*') {
                 return $col . ' IS NOT NULL';
             }
 
             return $col . ' LIKE ' . $this->escapeForSql($this->escapeWildcards($expression));
-        } elseif ($sign === '!=' && strpos($expression, '*') !== false) {
+        } elseif ($sign === '!=' && $expression !== null && strpos($expression, '*') !== false) {
             if ($expression === '*') {
                 return $col . ' IS NULL';
             }
diff --git a/library/Icinga/Data/Filter/FilterExpression.php b/library/Icinga/Data/Filter/FilterExpression.php
index 743c8cb4b..73fb62536 100644
--- a/library/Icinga/Data/Filter/FilterExpression.php
+++ b/library/Icinga/Data/Filter/FilterExpression.php
@@ -152,7 +152,10 @@ class FilterExpression extends Filter
      */
     protected function strtolowerRecursive($var)
     {
-        if ($var === null || is_scalar($var)) {
+        if ($var === null) {
+            return '';
+        }
+        if (is_scalar($var)) {
             return strtolower($var);
         }
         if (is_array($var)) {
@@ -206,7 +209,7 @@ class FilterExpression extends Filter
             return false;
         }
 
-        return (bool) preg_match($pattern, $rowValue);
+        return $rowValue !== null && preg_match($pattern, $rowValue);
     }
 
     public function andFilter(Filter $filter)
diff --git a/library/Icinga/Data/SimpleQuery.php b/library/Icinga/Data/SimpleQuery.php
index 7e854eb64..e342d8ac8 100644
--- a/library/Icinga/Data/SimpleQuery.php
+++ b/library/Icinga/Data/SimpleQuery.php
@@ -378,7 +378,7 @@ class SimpleQuery implements QueryInterface, Queryable, Iterator
             $column = $this->flippedColumns[$column];
         }
 
-        $result = strcmp(strtolower($a->$column), strtolower($b->$column));
+        $result = strcmp(strtolower($a->$column ?: ''), strtolower($b->$column ?: ''));
         if ($result === 0) {
             return $this->compare($a, $b, ++$orderIndex);
         }
diff --git a/library/Icinga/Date/DateFormatter.php b/library/Icinga/Date/DateFormatter.php
index a186b0ce1..341bb4d22 100644
--- a/library/Icinga/Date/DateFormatter.php
+++ b/library/Icinga/Date/DateFormatter.php
@@ -48,7 +48,7 @@ class DateFormatter
     {
         $invert = false;
         $now = time();
-        $time = (float) $time;
+        $time = (int) $time;
         $diff = $time - $now;
         if ($diff < 0) {
             $diff = abs($diff);
@@ -94,7 +94,7 @@ class DateFormatter
      */
     public static function formatDate($date)
     {
-        return date('Y-m-d', (float) $date);
+        return date('Y-m-d', (int) $date);
     }
 
     /**
@@ -141,7 +141,7 @@ class DateFormatter
      */
     public static function formatTime($time)
     {
-        return date('H:i:s', (float) $time);
+        return date('H:i:s', (int) $time);
     }
 
     /**
diff --git a/library/vendor/Zend/Db/Statement.php b/library/vendor/Zend/Db/Statement.php
index e1c46333b..4eb761cba 100644
--- a/library/vendor/Zend/Db/Statement.php
+++ b/library/vendor/Zend/Db/Statement.php
@@ -135,7 +135,7 @@ abstract class Zend_Db_Statement implements Zend_Db_Statement_Interface
         $sql = $this->_stripQuoted($sql);
 
         // split into text and params
-        $this->_sqlSplit = preg_split('/(\?|\:[a-zA-Z0-9_]+)/',
+        $this->_sqlSplit = empty($sql) ? [] : preg_split('/(\?|\:[a-zA-Z0-9_]+)/',
             $sql, -1, PREG_SPLIT_DELIM_CAPTURE|PREG_SPLIT_NO_EMPTY);
 
         // map params
@@ -186,14 +186,18 @@ abstract class Zend_Db_Statement implements Zend_Db_Statement_Interface
         // remove 'foo\'bar'
         if (!empty($q)) {
             $escapeChar = preg_quote($escapeChar);
-            // this segfaults only after 65,000 characters instead of 9,000
-            $sql = preg_replace("/$q([^$q{$escapeChar}]*|($qe)*)*$q/s", '', $sql);
+            if ($sql !== null) {
+                // this segfaults only after 65,000 characters instead of 9,000
+                $sql = preg_replace("/$q([^$q{$escapeChar}]*|($qe)*)*$q/s", '', $sql);
+            }
         }
-        
+
         // get a version of the SQL statement with all quoted
         // values and delimited identifiers stripped out
         // remove "foo\"bar"
-        $sql = preg_replace("/\"(\\\\\"|[^\"])*\"/Us", '', $sql);
+        if ($sql !== null) {
+            $sql = preg_replace("/\"(\\\\\"|[^\"])*\"/Us", '', $sql);
+        }
 
         // get the character for delimited id quotes,
         // this is usually " but in MySQL is `
@@ -205,7 +209,10 @@ abstract class Zend_Db_Statement implements Zend_Db_Statement_Interface
         $de = substr($de, 1, 2);
         $de = preg_quote($de);
         // Note: $de and $d where never used..., now they are:
-        $sql = preg_replace("/$d($de|\\\\{2}|[^$d])*$d/Us", '', $sql);
+        if ($sql !== null) {
+            $sql = preg_replace("/$d($de|\\\\{2}|[^$d])*$d/Us", '', $sql);
+        }
+
         return $sql;
     }