]> granicus.if.org Git - php/log
php
5 years agoOptimize creation of empty arrays in json_decode
Tyson Andre [Fri, 25 Oct 2019 23:57:39 +0000 (19:57 -0400)]
Optimize creation of empty arrays in json_decode

Use the shared empty array from ZVAL_EMPTY_ARRAY

For code that created an 10 arrays of 100000 empty arrays
(has the same result with `$assoc=true` and `{}`)

- This is the worst-case comparison, but I'd expect 0-length arrays to be fairly
  common in regular data for json_decode
- The parser implementation was using function pointers so that third party
  extension developers could reuse the json parser for their own
  data structures, etc. (I think).

  This PR is meant to let those third party extensions continue working
  without changes.

Before this patch: In 0.126 seconds: added 97.99 MiB
After this patch:  In 0.096 seconds: added 41.99 MiB

```php
<?php
$json = '[' . str_repeat('[],', 100000) . "null]";
$start_memory = memory_get_usage();
$start_time = microtime(true);
$result = [];
for ($i = 0; $i < 10; $i++) {
    $result[] = json_decode($json);
}
$end_memory = memory_get_usage();
$end_time = microtime(true);
// Before this patch: In 0.126 seconds: added 97.99 MiB
// After this patch:  In 0.096 seconds: added 41.99 MiB
printf("In %.3f seconds: added %.2f MiB\n", $end_time - $start_time, ($end_memory - $start_memory)/1000000);

// For objects
$json = '[' . str_repeat('{},', 100000) . "null]";
$start_memory = memory_get_usage();
$start_time = microtime(true);
for ($i = 0; $i < 10; $i++) {
    $result[] = json_decode($json, true);
}
$end_memory = memory_get_usage();
$end_time = microtime(true);
// Before this patch: In 0.126 seconds: added 97.99 MiB
// After this patch:  In 0.096 seconds: added 41.99 MiB
printf("In %.3f seconds: added %.2f MiB (objects decoded as arrays) \n", $end_time - $start_time, ($end_memory - $start_memory)/1000000);
```

Closes GH-4861.

5 years agoMerge branch 'PHP-7.3' into PHP-7.4
Nikita Popov [Wed, 30 Oct 2019 08:23:06 +0000 (09:23 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Add missing refcount increment

5 years agoMerge branch 'PHP-7.2' into PHP-7.3
Nikita Popov [Wed, 30 Oct 2019 08:22:37 +0000 (09:22 +0100)]
Merge branch 'PHP-7.2' into PHP-7.3

* PHP-7.2:
  Add missing refcount increment

5 years agoAdd missing refcount increment
Nikita Popov [Wed, 30 Oct 2019 08:22:20 +0000 (09:22 +0100)]
Add missing refcount increment

5 years agoMerge branch 'PHP-7.3' into PHP-7.4
Nikita Popov [Tue, 29 Oct 2019 14:07:28 +0000 (15:07 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fixed bug #78689

5 years agoMerge branch 'PHP-7.2' into PHP-7.3
Nikita Popov [Tue, 29 Oct 2019 14:06:28 +0000 (15:06 +0100)]
Merge branch 'PHP-7.2' into PHP-7.3

* PHP-7.2:
  Fixed bug #78689

5 years agoFixed bug #78689
Nikita Popov [Tue, 29 Oct 2019 14:05:59 +0000 (15:05 +0100)]
Fixed bug #78689

5 years agoSkip test case on non Windows platforms
Christoph M. Becker [Tue, 29 Oct 2019 09:05:31 +0000 (10:05 +0100)]
Skip test case on non Windows platforms

5 years agoUpdate NEWS for 7.4.0RC6
Derick Rethans [Tue, 29 Oct 2019 08:50:32 +0000 (08:50 +0000)]
Update NEWS for 7.4.0RC6

5 years agoUpdate NEWS for PHP 7.4.0RC5
Derick Rethans [Tue, 29 Oct 2019 08:49:13 +0000 (08:49 +0000)]
Update NEWS for PHP 7.4.0RC5

5 years agoImplement #78270: Support __vectorcall convention with FFI
Christoph M. Becker [Mon, 14 Oct 2019 12:56:37 +0000 (14:56 +0200)]
Implement #78270: Support __vectorcall convention with FFI

To work around the limitation of the current rudimentary vectorcall
support in our patched libffi, we forbid yet unsupported declarations,
i.e. float/double parameters at certain positions (SIMD vector types
and HVA types are not supported anyway).

5 years agoMerge branch 'PHP-7.3' into PHP-7.4
Stanislav Malyshev [Tue, 29 Oct 2019 03:47:50 +0000 (20:47 -0700)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix libmagic buffer overflow issue (CVE-2019-18218)
  bump version
  set versions for release

5 years agoMerge branch 'PHP-7.2' into PHP-7.3
Stanislav Malyshev [Tue, 29 Oct 2019 03:47:44 +0000 (20:47 -0700)]
Merge branch 'PHP-7.2' into PHP-7.3

* PHP-7.2:
  Fix libmagic buffer overflow issue (CVE-2019-18218)
  bump version
  set versions for release

5 years agoMerge branch 'PHP-7.1' into PHP-7.2
Stanislav Malyshev [Tue, 29 Oct 2019 03:47:30 +0000 (20:47 -0700)]
Merge branch 'PHP-7.1' into PHP-7.2

* PHP-7.1:
  Fix libmagic buffer overflow issue (CVE-2019-18218)
  bump version
  set versions for release

5 years agoAdd support for Interbase 1 dialect
Simonov Denis [Fri, 25 Oct 2019 16:38:01 +0000 (18:38 +0200)]
Add support for Interbase 1 dialect

5 years agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Mon, 28 Oct 2019 12:09:11 +0000 (13:09 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix #78751: Serialising DatePeriod converts DateTimeImmutable

5 years agoMerge branch 'PHP-7.2' into PHP-7.3
Christoph M. Becker [Mon, 28 Oct 2019 12:08:06 +0000 (13:08 +0100)]
Merge branch 'PHP-7.2' into PHP-7.3

* PHP-7.2:
  Fix #78751: Serialising DatePeriod converts DateTimeImmutable

5 years agoFix #78751: Serialising DatePeriod converts DateTimeImmutable
Christoph M. Becker [Fri, 25 Oct 2019 13:43:38 +0000 (15:43 +0200)]
Fix #78751: Serialising DatePeriod converts DateTimeImmutable

When getting the properties of a DatePeriod instance we have to retain
the proper classes, and when restoring a DatePeriod instance we have to
cater to DateTimeImmutable instances as well.

5 years agoRemove redundant variable rv and optimize code
ZiMuyang [Sun, 27 Oct 2019 15:21:31 +0000 (23:21 +0800)]
Remove redundant variable rv and optimize code

Closes GH-4864.

5 years agoMerge branch 'PHP-7.3' into PHP-7.4
Nikita Popov [Mon, 28 Oct 2019 09:28:14 +0000 (10:28 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix bug #78752

5 years agoMerge branch 'PHP-7.2' into PHP-7.3
Nikita Popov [Mon, 28 Oct 2019 09:27:46 +0000 (10:27 +0100)]
Merge branch 'PHP-7.2' into PHP-7.3

* PHP-7.2:
  Fix bug #78752

5 years agoFix bug #78752
Nikita Popov [Mon, 28 Oct 2019 09:23:20 +0000 (10:23 +0100)]
Fix bug #78752

NULL out the execute_data before destroying it, otherwise GC may
trigger while the execute_data is partially destroyed, resulting
in double-frees.

The handling of call stack unfreezing is a bit awkward because it's
a ZEND_API function, so we can't change the signature.

5 years agoFix libmagic buffer overflow issue (CVE-2019-18218)
Stanislav Malyshev [Sun, 27 Oct 2019 23:30:38 +0000 (16:30 -0700)]
Fix libmagic buffer overflow issue (CVE-2019-18218)

Ported from https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84

5 years agoTry one more FD in ext/standard/tests/file/php_fd_wrapper_04.phpt
Nikita Popov [Sun, 27 Oct 2019 08:33:46 +0000 (09:33 +0100)]
Try one more FD in ext/standard/tests/file/php_fd_wrapper_04.phpt

For some reason FD 120 seems to exist on macos quite often, while
FD 12 did not... Let's try an even larger number, otherwise we
should just drop this test.

5 years agoReplace EXPECTF by EXPECT
Fabien Villepinte [Sat, 26 Oct 2019 14:05:02 +0000 (16:05 +0200)]
Replace EXPECTF by EXPECT

In ext/dom all the tests with a EXPECTF section
starting by "Fatal error: Uncaught" have been updated
to use the faster EXPECT

5 years agoAdd ARM64 CI to Travis
Nikita Popov [Wed, 23 Oct 2019 10:58:21 +0000 (12:58 +0200)]
Add ARM64 CI to Travis

We need to install a number of additional packages that are installed
by default on the AMD64 workers.

We also have to manually set up the MySQL user.

For now we don't set up Postgres -- if anyone wants to figure that
out, it would be great ;)

Log redirections in compile.sh are removed, because /dev/stdout is
not accessible. We don't see to use this anyway.

5 years agoFix bug #78226: Don't call __set() on uninitialized typed properties
Nikita Popov [Thu, 24 Oct 2019 14:36:25 +0000 (16:36 +0200)]
Fix bug #78226: Don't call __set() on uninitialized typed properties

Assigning to an uninitialized typed property will no longer trigger
a call to __set(). However, calls to __set() are still triggered if
the property is explicitly unset().

This gives us both the behavior people generally expect, and still
allows ORMs to do lazy initialization by unsetting properties.

For PHP 8, we should fine a way to forbid unsetting of declared
properties entirely, and provide a different way to achieve lazy
initialization.

5 years agoMerge branch 'PHP-7.3' into PHP-7.4
Nikita Popov [Fri, 25 Oct 2019 10:50:26 +0000 (12:50 +0200)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fixed bug #78747

5 years agoMerge branch 'PHP-7.2' into PHP-7.3
Nikita Popov [Fri, 25 Oct 2019 10:50:12 +0000 (12:50 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3

* PHP-7.2:
  Fixed bug #78747

5 years agoFixed bug #78747
Nikita Popov [Fri, 25 Oct 2019 10:47:18 +0000 (12:47 +0200)]
Fixed bug #78747

5 years agoOptimize VERIFY_RETURN_TYPE for TMP operands as well
Nikita Popov [Fri, 25 Oct 2019 09:37:19 +0000 (11:37 +0200)]
Optimize VERIFY_RETURN_TYPE for TMP operands as well

Only exclude CONST operands, which use a different instruction
format (they have a return operand).

5 years agoCheck class linking in VERIFY_RETURN_TYPE optimization
Nikita Popov [Fri, 25 Oct 2019 09:24:32 +0000 (11:24 +0200)]
Check class linking in VERIFY_RETURN_TYPE optimization

instanceof_function() requires linked classes. I'm not reusing
unlinked_instanceof() here, because it performs class loading,
which wouldn't be right here, I think.

5 years agoSimplify travis setup scripts
Nikita Popov [Fri, 25 Oct 2019 09:14:56 +0000 (11:14 +0200)]
Simplify travis setup scripts

Reduce duplication.

5 years agoRemove recursive check from instanceof_interface
Nikita Popov [Thu, 24 Oct 2019 16:11:41 +0000 (18:11 +0200)]
Remove recursive check from instanceof_interface

Parent interfaces are copied into the interface list during
inheritance, so there's no need to perform a recursive check.

Only exception are instanceof checks performed during inheritance
itself. However, we already have unlinked_instanceof for this
purpose, it just needs to be taught to handle this case.

Closes GH-4857.

5 years agoOptimize instanceof_class/interface
Nikita Popov [Thu, 24 Oct 2019 15:47:35 +0000 (17:47 +0200)]
Optimize instanceof_class/interface

instanceof_class does not need to check for a NULL pointer in the
first iteration -- passing NULL to this function is illegal.

instanceof_interface does not need to use instanceof_class(), it
only has to check whether the CEs match exactly. There is no way
for an interface to appear inside "parent", it will always be in
"interfaces" only.

5 years agoClean up and clarify instanceof_function_ex()
Nikita Popov [Thu, 24 Oct 2019 15:40:25 +0000 (17:40 +0200)]
Clean up and clarify instanceof_function_ex()

The instanceof_interface_only() function was dead code (always
returned zero).

Clarify that the last parameter indicates whether the passed CE
is interface or class and rewrite the code in terms of assertions.

5 years agoSkip IntlTimeZone::getOffset() error tests on non-x86
Nikita Popov [Thu, 24 Oct 2019 12:41:05 +0000 (14:41 +0200)]
Skip IntlTimeZone::getOffset() error tests on non-x86

I'm not totally sure, but I have a strong suspicion that the fact
that this produces an error is an artifact of undefined cast behavior
(which will yield INDVAL on x86 but saturate on ARM). INF seems to
be the only value that results in an error even on x86 (variations
like -INF or NAN succeed).

It might make sense to just remove this test entirely, but for now
let's skip it on non-x86.

5 years agoSkip large ftruncate test if large files not supported
Nikita Popov [Thu, 24 Oct 2019 12:32:11 +0000 (14:32 +0200)]
Skip large ftruncate test if large files not supported

5 years agoDon't test "blocks" in lstat_stat_variation7.phpt
Nikita Popov [Thu, 24 Oct 2019 12:26:17 +0000 (14:26 +0200)]
Don't test "blocks" in lstat_stat_variation7.phpt

This stat property seems to be somewhat unreliable depending on the
filesystem. On Travis ARM64 CI a much larger payload is required
to get this value to increase.

5 years agoIncrease FD used in php://fd test
Nikita Popov [Thu, 24 Oct 2019 10:28:43 +0000 (12:28 +0200)]
Increase FD used in php://fd test

5 years agoUse posix_getuid() to check for root in pcntl_setpriority() test
Nikita Popov [Thu, 24 Oct 2019 10:19:24 +0000 (12:19 +0200)]
Use posix_getuid() to check for root in pcntl_setpriority() test

Using SUDO_USER doesn't seem to work on Travis ARM CI -- I guess
that sudo might be in use without the target being root.

5 years agotypo and better wording
Remi Collet [Thu, 24 Oct 2019 05:43:49 +0000 (07:43 +0200)]
typo and better wording

5 years agoAdded suppot for glob() wildcard matching in ffi.preload directive
Dmitry Stogov [Wed, 23 Oct 2019 14:18:11 +0000 (17:18 +0300)]
Added suppot for glob() wildcard matching in ffi.preload directive

5 years agoReverting push to wrong repo
Rasmus Lerdorf [Wed, 23 Oct 2019 21:34:12 +0000 (14:34 -0700)]
Reverting push to wrong repo

5 years agoUpdate alloc patch
Rasmus Lerdorf [Wed, 23 Oct 2019 21:31:27 +0000 (14:31 -0700)]
Update alloc patch

5 years agoIgnore ZEND_FFI_TYPE_OWNED flag
Dmitry Stogov [Wed, 23 Oct 2019 16:50:58 +0000 (19:50 +0300)]
Ignore ZEND_FFI_TYPE_OWNED flag

5 years agoFix aarch64 crc32 implementation
Nikita Popov [Wed, 23 Oct 2019 14:58:47 +0000 (16:58 +0200)]
Fix aarch64 crc32 implementation

RETVAL vs RETURN mixup resulted in the fallback implementation
running as well.

5 years agoDon't autoload when checking property types
Nikita Popov [Wed, 23 Oct 2019 10:19:33 +0000 (12:19 +0200)]
Don't autoload when checking property types

Noticed while working on union types: We do not load argument and
return types during type checks, but we do load property types.

I'm normalizing the behavior towards the existing status quo (not
loading), though we may consider loading everywhere (all types,
and instanceof) in order to properly support class aliases.

5 years agoMerge branch 'PHP-7.3' into PHP-7.4
Nikita Popov [Wed, 23 Oct 2019 09:18:01 +0000 (11:18 +0200)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Use ICU's CXXFLAGS when using pkg-config

5 years agoMerge branch 'PHP-7.2' into PHP-7.3
Nikita Popov [Wed, 23 Oct 2019 09:17:46 +0000 (11:17 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3

* PHP-7.2:
  Use ICU's CXXFLAGS when using pkg-config

5 years agoUse ICU's CXXFLAGS when using pkg-config
Ryan Schmidt [Tue, 22 Oct 2019 21:19:35 +0000 (16:19 -0500)]
Use ICU's CXXFLAGS when using pkg-config

This mirrors how ICU's CXXFLAGS are already used when using icu-config.

5 years agoMerge branch 'PHP-7.3' into PHP-7.4
Nikita Popov [Wed, 23 Oct 2019 09:07:41 +0000 (11:07 +0200)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Add "-pthread" to EXTRA_LDFLAGS_PROGRAM as well

5 years agoMerge branch 'PHP-7.2' into PHP-7.3
Nikita Popov [Wed, 23 Oct 2019 09:07:16 +0000 (11:07 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3

* PHP-7.2:
  Add "-pthread" to EXTRA_LDFLAGS_PROGRAM as well

5 years agoAdd "-pthread" to EXTRA_LDFLAGS_PROGRAM as well
Nikita Popov [Wed, 23 Oct 2019 09:06:51 +0000 (11:06 +0200)]
Add "-pthread" to EXTRA_LDFLAGS_PROGRAM as well

This is a backport of c518932c0326a938f0fd0254f2adb03b1cddfbca
from the PHP 7.4 branch.

5 years agoAdded missing call to ZipArchive::close()
Florian Engelhardt [Wed, 23 Oct 2019 08:16:07 +0000 (10:16 +0200)]
Added missing call to ZipArchive::close()

5 years agoadd new ffi.preload option in php.ini and display ini entries in MINFO
Remi Collet [Wed, 23 Oct 2019 05:49:13 +0000 (07:49 +0200)]
add new ffi.preload  option in php.ini and display ini entries in MINFO

5 years agobump version
Joe Watkins [Tue, 22 Oct 2019 16:58:39 +0000 (18:58 +0200)]
bump version

5 years agoset versions for release php-7.1.33
Joe Watkins [Tue, 22 Oct 2019 16:56:55 +0000 (18:56 +0200)]
set versions for release

5 years agoFix typo
Christoph M. Becker [Tue, 22 Oct 2019 15:53:34 +0000 (17:53 +0200)]
Fix typo

5 years agoAllow loading FFI bindings through ffi.preload directive
Dmitry Stogov [Tue, 22 Oct 2019 14:52:56 +0000 (17:52 +0300)]
Allow loading FFI bindings through ffi.preload directive

5 years agoFix #78716: Function name mangling is wrong for some parameter types
Christoph M. Becker [Tue, 22 Oct 2019 09:33:00 +0000 (11:33 +0200)]
Fix #78716: Function name mangling is wrong for some parameter types

We have to cater to function parameter alignment when calculating the
parameter size.

5 years agoAdd a run with opcache to the coverage job
Fabien Villepinte [Mon, 21 Oct 2019 19:48:33 +0000 (21:48 +0200)]
Add a run with opcache to the coverage job

Some tests are not run when OPcache is not available.
This should make the results more accurate.

5 years agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Tue, 22 Oct 2019 07:51:44 +0000 (09:51 +0200)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Update NEWS

5 years agoUpdate NEWS
Christoph M. Becker [Tue, 22 Oct 2019 07:50:11 +0000 (09:50 +0200)]
Update NEWS

5 years agoMerge branch 'PHP-7.3' into PHP-7.4
Remi Collet [Tue, 22 Oct 2019 07:38:05 +0000 (09:38 +0200)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  add NEWS entry

5 years agoMerge branch 'PHP-7.2' into PHP-7.3
Remi Collet [Tue, 22 Oct 2019 07:37:51 +0000 (09:37 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3

* PHP-7.2:
  add NEWS entry

5 years agoadd NEWS entry
Remi Collet [Tue, 22 Oct 2019 07:37:35 +0000 (09:37 +0200)]
add NEWS entry

5 years agoMerge branch 'PHP-7.3' into PHP-7.4
Stanislav Malyshev [Mon, 21 Oct 2019 20:17:27 +0000 (13:17 -0700)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix bug #78599 (env_path_info underflow can lead to RCE) (CVE-2019-11043)
  bump versions after release
  set versions for release

5 years agoMerge branch 'PHP-7.2' into PHP-7.3
Stanislav Malyshev [Mon, 21 Oct 2019 20:17:19 +0000 (13:17 -0700)]
Merge branch 'PHP-7.2' into PHP-7.3

* PHP-7.2:
  Fix bug #78599 (env_path_info underflow can lead to RCE) (CVE-2019-11043)
  bump versions after release
  set versions for release

5 years agoMerge branch 'PHP-7.1' into PHP-7.2
Stanislav Malyshev [Mon, 21 Oct 2019 20:17:09 +0000 (13:17 -0700)]
Merge branch 'PHP-7.1' into PHP-7.2

* PHP-7.1:
  Fix bug #78599 (env_path_info underflow can lead to RCE) (CVE-2019-11043)
  bump versions after release
  set versions for release

5 years agoRevert "Add tests for ReflectionZendExtension"
Fabien Villepinte [Mon, 21 Oct 2019 19:31:36 +0000 (21:31 +0200)]
Revert "Add tests for ReflectionZendExtension"

This reverts commit 4194e0415b02827b0d5eeff13771eb6642955b0f.

There were already tests for this class.

5 years agoAdd tests for ReflectionZendExtension
Fabien Villepinte [Mon, 21 Oct 2019 19:17:16 +0000 (21:17 +0200)]
Add tests for ReflectionZendExtension

5 years agoFixed bug #78512 (Cannot make preload work)
Dmitry Stogov [Mon, 21 Oct 2019 11:52:26 +0000 (14:52 +0300)]
Fixed bug #78512 (Cannot make preload work)

5 years agoFix static prop cleanup for dl'ed internal classes
Nikita Popov [Mon, 21 Oct 2019 09:30:00 +0000 (11:30 +0200)]
Fix static prop cleanup for dl'ed internal classes

5 years agoFix leak with cycle in static prop of internal class
Nikita Popov [Mon, 21 Oct 2019 08:26:10 +0000 (10:26 +0200)]
Fix leak with cycle in static prop of internal class

More the cleanup of interned classes before the final GC run,
just like it is done for user classes.

5 years agoMerge branch 'PHP-7.3' into PHP-7.4
Joe Watkins [Mon, 21 Oct 2019 07:23:44 +0000 (09:23 +0200)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix bug #78697: inaccurate error message

5 years agoMerge branch 'PHP-7.2' into PHP-7.3
Joe Watkins [Mon, 21 Oct 2019 07:22:32 +0000 (09:22 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3

* PHP-7.2:
  Fix bug #78697: inaccurate error message

5 years agoFix bug #78697: inaccurate error message
Fabien Villepinte [Sat, 19 Oct 2019 19:27:37 +0000 (21:27 +0200)]
Fix bug #78697: inaccurate error message

5 years agoMerge branch 'PHP-7.3' into PHP-7.4
Stanislav Malyshev [Mon, 21 Oct 2019 06:20:16 +0000 (23:20 -0700)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix #78633: Heap buffer overflow (read) in mb_eregi

5 years agoFix bug #78599 (env_path_info underflow can lead to RCE) (CVE-2019-11043)
Jakub Zelenka [Sat, 12 Oct 2019 14:56:16 +0000 (15:56 +0100)]
Fix bug #78599 (env_path_info underflow can lead to RCE) (CVE-2019-11043)

5 years agoFix #78633: Heap buffer overflow (read) in mb_eregi
Christoph M. Becker [Fri, 4 Oct 2019 17:02:37 +0000 (19:02 +0200)]
Fix #78633: Heap buffer overflow (read) in mb_eregi

We backport kkos/oniguruma@15c4228aa2ffa02140a99912dd3177df0b1841c6.

5 years agoAdd NEWS for the fixed bug #74083
Jakub Zelenka [Sun, 20 Oct 2019 15:58:13 +0000 (16:58 +0100)]
Add NEWS for the fixed bug #74083

5 years agoSkip fpm bug #74083 test on Windows
Maksim Nikulin [Thu, 25 Jul 2019 06:15:35 +0000 (13:15 +0700)]
Skip fpm bug #74083 test on Windows

Have not expected side effects of `include`.

5 years agoAdd (slow) test for fpm concurrent reloads #74083
Maksim Nikulin [Thu, 25 Jul 2019 04:41:36 +0000 (11:41 +0700)]
Add (slow) test for fpm concurrent reloads #74083

5 years agoBlock signals during fpm master initialization
Maksim Nikulin [Wed, 24 Jul 2019 09:50:57 +0000 (16:50 +0700)]
Block signals during fpm master initialization

Fix PHP-FPM failure in the case of concurrent reload attempts.

Postpone signal delivery to the fpm master process till proper signal
handlers are set. Prevent the following case:

- Running master process receives `SIGUSR2` and performs `execvp()`.
- Another `SIGUSR2` is arrived before signal handlers are set.
- Master process dies.
- Requests to the HTTP server handled by PHP-fpm can not be served
  any more.

Block some signals using `sigprocmask()` before `execvp()` and early
in the `main()` function. Unblock signals as soon as proper
handlers are set.

Fixes bug #74083

5 years agoImprove the error message in timeout tests
Fabien Villepinte [Sun, 20 Oct 2019 08:55:27 +0000 (10:55 +0200)]
Improve the error message in timeout tests

Closes GH-4818.

5 years agoFix proto of enchant_broker_list_dicts()
Fabien Villepinte [Sat, 19 Oct 2019 20:11:34 +0000 (22:11 +0200)]
Fix proto of enchant_broker_list_dicts()

5 years agoFix miscellaneous typos in docs
Tyson Andre [Sat, 19 Oct 2019 16:42:57 +0000 (12:42 -0400)]
Fix miscellaneous typos in docs

5 years agoAdd tests for DOMEntityReference
Fabien Villepinte [Sat, 19 Oct 2019 13:42:16 +0000 (15:42 +0200)]
Add tests for DOMEntityReference

5 years agoFix #78684: PCRE bug72463_2 test is sending emails on Linux
Christoph M. Becker [Sat, 19 Oct 2019 10:53:29 +0000 (12:53 +0200)]
Fix #78684: PCRE bug72463_2 test is sending emails on Linux

This test is not supposed to run on non Windows systems; otherwise it
would try to send an email.

5 years agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Sat, 19 Oct 2019 09:50:41 +0000 (11:50 +0200)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix #78694: Appending to a variant array causes segfault

5 years agoMerge branch 'PHP-7.2' into PHP-7.3
Christoph M. Becker [Sat, 19 Oct 2019 09:48:40 +0000 (11:48 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3

* PHP-7.2:
  Fix #78694: Appending to a variant array causes segfault

5 years agoFix #78694: Appending to a variant array causes segfault
Christoph M. Becker [Sat, 19 Oct 2019 09:41:28 +0000 (11:41 +0200)]
Fix #78694: Appending to a variant array causes segfault

`write_dimension` object handlers have to be able to handle `NULL`
`offset`s; for now we simply throw an exception instead of following
the `NULL` pointer.

5 years agoImprove exif tag name fetching
Nikita Popov [Wed, 9 Oct 2019 13:55:48 +0000 (15:55 +0200)]
Improve exif tag name fetching

5 years agoImplement a cache for exif tag name lookups
Nikita Popov [Wed, 9 Oct 2019 13:39:03 +0000 (15:39 +0200)]
Implement a cache for exif tag name lookups

5 years agoLimit the amount of errors generated during exif parsing
Nikita Popov [Wed, 9 Oct 2019 13:07:51 +0000 (15:07 +0200)]
Limit the amount of errors generated during exif parsing

Emitting errors is fairly expensive, to the point that parsing
a file with a huge number of invalid tags can take seconds.
Generating ten thousand errors is unlikely to help anybody, but
constitutes a potential DOS vector.

5 years agoFix test case
Christoph M. Becker [Fri, 18 Oct 2019 14:23:56 +0000 (16:23 +0200)]
Fix test case

Cf. <https://github.com/php/php-src/pull/4687>.

5 years agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Fri, 18 Oct 2019 13:32:58 +0000 (15:32 +0200)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix #70153 \DateInterval incorrectly unserialized

5 years agoMerge branch 'PHP-7.2' into PHP-7.3
Christoph M. Becker [Fri, 18 Oct 2019 13:31:48 +0000 (15:31 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3

* PHP-7.2:
  Fix #70153 \DateInterval incorrectly unserialized

5 years agoFix #70153 \DateInterval incorrectly unserialized
m.yakunin [Mon, 16 Sep 2019 16:50:55 +0000 (18:50 +0200)]
Fix #70153 \DateInterval incorrectly unserialized

Added a separate macro for reading 'days' property, so that bool(false)
is correctly converted to the proper internal representation.