Nikita Popov [Fri, 11 Dec 2020 11:04:44 +0000 (12:04 +0100)]
PDO MySQL: Fix libmysql option test
The fact that getAttribute() fails for various libmysqlclient-only
options is a known issue, and the test was taking that into account.
However, the change of the default error mode broke the handling.
We need to handle the exceptions now.
Nikita Popov [Fri, 11 Dec 2020 10:20:33 +0000 (11:20 +0100)]
Fixed bug #62889
Our minimum libmysqlclient version requirement is high enough
that we don't need to check for MYSQL_OPT_LOCAL_INFILE support.
However, the mysql_get_option() function seems to only be available
since 5.7 (though it's really hard to find any definitie information
on when MySQL introduced certain functions or changes...) so we
need to store the value of the flag locally to make it available
through getAttribute().
Nikita Popov [Thu, 10 Dec 2020 15:52:17 +0000 (16:52 +0100)]
Fixed bug #72368
Generate a param count mismatch error even if the query contains
no placeholders.
Additionally we shouldn't HANDLE errors from pdo_parse_params,
which are always reported via raise_impl_error. Doing so results
in duplicate error messages.
Nikita Popov [Thu, 10 Dec 2020 14:51:17 +0000 (15:51 +0100)]
Fixed bug #79131
When a driver reports an error during EVT_ALLOC (and some over EVTs),
make sure we handle it as usual, i.e. warn or throw.
This requires some adjustments in PDO PgSQL to stop manually doing
this through an impl error.
Unfortunately the PDO PgSQL error messages regress because of this,
as they now include a completely arbitrary error code. There doesn't
seem to be an ability to skip it right now.
Nikita Popov [Thu, 10 Dec 2020 10:46:29 +0000 (11:46 +0100)]
Fixed bug #79872 by improving error message
The actual behavior here is correct, but the previous error
message was misleading, as neither fetchAll() nor buffered queries
would help in this situation. Instead it is necessary to consume
all rowsets, which can be done by either unsetting the statement
or calling closeCursor().
Nikita Popov [Thu, 10 Dec 2020 10:21:06 +0000 (11:21 +0100)]
Fixed bug #76815
When we receive an error while reading a result set, we should
assume that no more result sets are available. libmysqlclient
implements the same behavior.
Nikita Popov [Wed, 9 Dec 2020 15:30:01 +0000 (16:30 +0100)]
Fixed bug #66878
Keep track of whether we have fully consumed all result sets,
either using nextRowset() calls or closeCursor() and skip the
attempt to consume remaining results sets during destruction in
that case.
Especiall if closeCursor() has been used, we really shouldn't
have this sort of cross-statement inference.
Nikita Popov [Wed, 9 Dec 2020 13:46:49 +0000 (14:46 +0100)]
PDO MySQL: Make sure nextRowset() works with partially consumed result
This was already working in all cases apart from native prepared
statements with unbuffered queries. In that case invoking
stmt_free_result() addresses the issue.
Nikita Popov [Wed, 9 Dec 2020 10:13:48 +0000 (11:13 +0100)]
Fix stmt_free_result implementation and usage
Two bugs both affecting the bug_pecl_7976.phpt test ("works with
mysqlnd" haha):
* We should not change the connection state in stmt_free_result.
This makes mysql_stmt_free_result usable under mysqlnd and
not just libmysqlclient.
* If we call mysql_stmt_free_result, we still need to consume
any outstanding result sets.
Nikita Popov [Tue, 8 Dec 2020 15:58:30 +0000 (16:58 +0100)]
Handle changing column count in mysqlnd result binding
If the count changes from prepare to execute and result_bind is
alreadly allocated, reallocate it there.
This is something of a hack. It would be cleaner to require that
result bindings are registered only after execute, when the final
result set fields are known. But mysqli at least directly exposes
this to the user, so we have no guarantee.
Nikita Popov [Tue, 8 Dec 2020 13:28:18 +0000 (14:28 +0100)]
PDO MySQL: Normalize handling of empty stored procedure result set
MySQL always returns a trailing empty result set for stored
procedure calls, which is used to convey status information.
The PDO MySQL implementation is presently confused about what to
do with it: If mysqlnd is used and native prepared statements are
used, this result set is skipped. In all other cases it is not
skipped. We also have quite a few XFAILed tests relating to this.
This patch normalizes (for PHP-8.0 only) the behavior towards
always retaining the empty result set. This is simply how MySQL
stored procedures work (some expletives omitted here) and we can't
distinguish this "useless" result set from an empty result of a
multi query. Multi queries are not a concern for native prepared
statements, as PDO does not allow them in that case, but they are
a concern for emulated prepared statements.
When `php_zlib_deflate_filter()` is called with `PSFS_FLAG_FLUSH_INC`
but without new buckets being available (e.g. because a user calls
`rewind()` after writing to the stream), we have to make sure that any
pending data are flushed. This could basically be done like in the
attached patch[1], but that could cause unnessary flushes, which can be
harmful for compression, and adds unnecessary flush markers to the
stream. Thus, we use the `php_zlib_filter_data.finished` field, which
has not been used for `zlib.deflate` filters, and properly keep track
of the need to flush.
Fix #77069: stream filter loses final block of data
Reading from a stream may return greater than zero, but nonetheless the
stream's EOF flag may have been set. We have to cater to this
condition by setting the close flag for filters.
We also have to cater to that change in the zlib.inflate filter:
If `inflate()` is called with flush mode `Z_FINISH`, but the output
buffer is not large enough to inflate all available data, it fails with
`Z_BUF_ERROR`. However, `Z_BUF_ERROR` is not fatal; in fact, the zlib
manual states: "If deflate returns with Z_OK or Z_BUF_ERROR, this
function must be called again with Z_FINISH and more output space
(updated avail_out) but no more input data, until it returns with
Z_STREAM_END or an error." Hence, we do so.
Nikita Popov [Mon, 7 Dec 2020 11:33:23 +0000 (12:33 +0100)]
Fix another typed resource issue in unserialization
We also need to discard old entries in the ref_props HT when values
are overwritten.
We should really forbid these kinds of overwrites. I believe they
can only occur in manually crafted serialization strings, and
cause so many problems...
Fix #75102: `PharData` says invalid checksum for valid tar
Apparently, there are broken tarballs out there which are actually in
ustar format, but did not write the `ustar` marker. Since popular tar
tools like GNU tar and 7zip have no issues dealing with such tarballs,
Phar should also be more resilient.
Thus, when the first checksum check of a tarball in (presumed) in old-
style format fails, we check whether the checksum would be suitable for
ustar format; if so, we treat the tarball as being in ustar format.
Daniel Black [Wed, 2 Dec 2020 21:39:08 +0000 (08:39 +1100)]
Fix mysqli_expire_password test for mariadb
In MariaDB-10.4.3 EXPIRE passwords where supported for
MariaDB. This only behaves like MySQL when the system
variable disconnect_on_expired_passwords=1.
MariaDB if there was no password it could not be considered
expired. So the test is adjusted to use actual passwords.
(MariaDB commit a94b20a8e0d9e64eeaabdaaa7a3e03fcdb8a686e)
The error codes produced my MariaDB are different
however still conforming to the SQL specification.
Make is_file() and friends return false when path contains 0-byte
These functions now return false silently:
is_writable, is_readable, is_executable, is_file, is_dir, is_link,
file_exists
These functions now throw a warning an return false (rather than
throwing a ValueError):
fileperms, fileinode, filesize, fileowner, filegroup, filetype,
fileatime, filemtime, filectime, lstat, stat
Nikita Popov [Wed, 2 Dec 2020 09:51:55 +0000 (10:51 +0100)]
Don't throw from imagecreatefromstring() with too short string
If the string is too short, we should treat this the same way as
an unrecognized image type. This function should be usable to
determine whether something is a valid image without doing any
checks beforehand.
Phar signatures practically are of limited size; for the MD5 and SHA
hashes the size is fixed (at most 64 bytes for SHA512); for OpenSSL
public keys there is no size limit in theory, but "64 KiB ought to be
good enough for anybody". So we check for that limit, to avoid fatal
errors due to out of memory conditions.
Since it is neither possible to have the signature compressed in the
ZIP archive, nor is it possible to manually add a signature via Phar,
we use ZipArchive to create a suitable archive for the test on the fly.
Nikita Popov [Tue, 1 Dec 2020 09:22:36 +0000 (10:22 +0100)]
Don't mark cpu_supports functions as always inline
The use of no-sanitize may result in an inlining failure, which
will be promoted into a compile error by always-inline. Use a
normal inlining hint without enforcing it.
Fix #62004: SplFileObject: fgets after seek returns wrong line
As it is, `::seek(0)` sets the file pointer to the beginning of the
file, but `::seek($n)` where `$n > 0` sets the file pointer to the
beginning of the following line, having line `$n` already read into the
line buffer. This is pretty inconsistent; we fix it by always seeking
to the beginning of the line.
We also add a test case for the duplicate bug #46569.
Nikita Popov [Mon, 30 Nov 2020 14:15:59 +0000 (15:15 +0100)]
Next attempt to fix bug #80368
Apparently treating LibreSSL as OpenSSL 1.1 is not just something
we did in our code, it's something that upstream LibreSSL claims,
despite not actually being compatible. Duh.
Check for EVP_CIPH_OCB_MODE instead, which should reliably
determine support...
Fix Bug #80438: imap_msgno() incorrectly warns and return false on valid UIDs in PHP 8.0.0
Checking for a valid Unique ID (UID) cannot use the convenience macro as they might
be larger than the message number which has for maximum value the total number of
current messages available in the mailbox.
Nikita Popov [Thu, 26 Nov 2020 11:30:17 +0000 (12:30 +0100)]
Suppress stream errors in mysqlnd
mysqlnd currently sets error_reporting=0 to suppress errors while
writing to streams. Unfortunately these errors are still visible
to userland error handlers, which is a source of confusion.
See for example https://bugs.php.net/bug.php?id=80412.
Instead add a stream flag that suppresses the emission of
read/write errors in the first place, and set it in mysqlnd.
I think it might be useful to have this option for userland as
well in the future, but for now this is just an internal
mechanism.
Nikita Popov [Mon, 30 Nov 2020 10:09:28 +0000 (11:09 +0100)]
Only replace IN_ARRAY result type for JMPZ/JMPNZ
Replacing the result type in the general case is dangerous,
because not all opcodes support both VAR and TMP. One common case
is the in_array() result being passed to SEND_VAR, which would
have to be changed to SEND_VAL.
Rather than complicating this logic, reduce the scope to only
doing the type replacement for JMPZ and JMPNZ. The only reason
we're doing this in the first place is to enable the smart branch
optimization, so we can limit it to the relevant opcodes. Replacing
the result type may be marginally useful in other cases as well
(as it may avoid reference checks), but not worth the bother.
projects / php / log