Nikita Popov [Thu, 4 Feb 2021 14:18:45 +0000 (15:18 +0100)]
Fix CLI server worker support
If we create separate listening sockets in each worker using
SO_REUSEADDR, then an incoming connection may be load-balanced
to a process that is already busy, either due to a long-running
request, or because it is a recursive request (in which case we
would deadlock).
Instead, only create one listening socket, and only create worker
forks afterwards. This way the incoming request will be served
by one of the workers that is currently listening for an incoming
connection.
When Phars are flushed, a new temporary file is created for each entry
which should be compressed, and the `compressed_filesize` is retrieved.
Afterwards, the Phar manifest is written, and only after that the files
are copied to the actual Phar. So for each such entry there is an open
temp file, what easily exceeds the limit.
Therefore, we use a single temporary file for all entries, and store
the start offset in the otherwise unused `header_offset` member. We
ensure that the `cfp` members are properly set to NULL even if flushing
fails, to avoid use after free scenarios.
This solution is based on a suggestion by @lserni[1].
Nikita Popov [Tue, 2 Feb 2021 09:05:35 +0000 (10:05 +0100)]
Fix persistent leak on load_wsdl_ex failure
Move the load_wsdl_ex call into the zend_try that destroys the
docs hash table. The wsdl will be inserted into docs early on,
and will thus be released on subsequent bailout.
We remove the arbitrary restriction to `INT_MAX`; it is superfluous on
32bit systems where `ZEND_LONG_MAX == INT_MAX` anyway, and not useful
on 64bit systems, where larger files should be readable, if the
`memory_limit` is large enough.
That bug report originally was about `parse_url()` misbehaving, but the
security aspect was actually only regarding `FILTER_VALIDATE_URL`.
Since the changes to `parse_url_ex()` apparently affect userland code
which is relying on the sloppy URL parsing[1], this alternative
restores the old parsing behavior, but ensures that the userinfo is
checked for correctness for `FILTER_VALIDATE_URL`.
Fix #70091: Phar does not mark UTF-8 filenames in ZIP archives
The default encoding of filenames in a ZIP archive is IBM Code Page
437. Phar, however, only supports UTF-8 filenames. Therefore we have
to mark filenames as being stored in UTF-8 by setting the general
purpose bit 11 (the language encoding flag).
The effect of not setting this bit for non ASCII filenames can be seen
in popular tools like 7-Zip and UnZip, but not when extracting the
archives via ext/phar (which is agnostic to the filename encoding), or
via ext/zip (which guesses the encoding). Thus we add a somewhat
brittle low-level test case.
Nikita Popov [Tue, 26 Jan 2021 14:15:18 +0000 (15:15 +0100)]
Fix VAR return type verification
We should also set retval_ref when de-indirecting. Otherwise the
retval_ref != retval_ptr comparison below may incorrect assume
that we're returning a reference.
I don't have a reliable reproducer for this issue, but it sometimes
appears in certain configurations in arrow_functions/007.phpt in
conjunction with other changes.
Fix #53251: bindtextdomain with null dir doesn't return old value
Apparently, users expect `bindtextdomain` and `bind_textdomain_codeset`
with `null` as second argument to work like their C counterparts,
namely to return the previously set value. Thus, we support that.
sj-i [Sun, 20 Dec 2020 06:57:54 +0000 (15:57 +0900)]
Fixed bug #42560
Check open_basedir after the fallback to the system's temporary
directory in tempnam().
In order to preserve the current behavior of upload_tmp_dir
(do not check explicitly specified dir, but check fallback),
new flags are added to check open_basedir for explicit dir
and for fallback.
Dylan K. Taylor [Mon, 11 Jan 2021 22:39:14 +0000 (22:39 +0000)]
Keep JIT region executable under ZTS
When one thread tries to compile a script, another thread may
already be executing JITed code. In this case we can't make the
memory non-executable.
This violates the W^X principle, but doesn't seem to be avoidable
for ZTS builds for now. The same problem does not exist for NTS,
as it's a different process executing there, which has it's own
memory protection mapping.
Nikita Popov [Tue, 19 Jan 2021 08:59:26 +0000 (09:59 +0100)]
Disable opcache optimizations during some observer tests
Opcache inlines functions that only return a constant. Disable
optimizations to prevent differences in tests where such functions
are used (or rewrite the test to not depend on it).
Nikita Popov [Mon, 18 Jan 2021 13:35:44 +0000 (14:35 +0100)]
Sync intlcal_create_instance() and IntlCalendar::createInstance()
Remove the explicit mention of IntlGregorianCalendar in the latter.
It is a subclass of IntlCalendar, and as such covered if only
IntlCalendar is used as the return type.
Dylan K. Taylor [Tue, 12 Jan 2021 01:49:38 +0000 (01:49 +0000)]
Fix stub for Phar::setStub()
This fixes multiple issues:
* The first parameter may be resource|string.
* It's an overloaded signature. The second parameter cannot be
passed if the first one is a string. Use UNKNOWN default
value for that reason.
* Make parameter names in PharData::setStub() match those in
Phar.
Fix #80595: Resetting POSTFIELDS to empty array breaks request
This is mainly to work around https://github.com/curl/curl/issues/6455,
but not building the mime structure for empty hashtables is a general
performance optimization, so we do not restrict it to affected cURL
versions (7.56.0 to 7.75.0).
The minor change to bug79033.phpt is unexpected, but should not matter
in practice.