If the `VT_ARRAY` is empty, i.e. its upperbound is less than its lower
bound, we must not call `php_com_safearray_get_elem()`, because that
function throws in this case.
variant objects have no (declared) properties, so the `get_properties`
handlers returns a pointer to constant storage for efficiency reasons.
This pointer must not be returned from the `get_gc` handler, though;
instead we set up an own `get_gc` handler and return NULL from it, to
signal that there are no properties to collect.
Fix #79242: COM error constants don't match com_exception codes
Because a `HRESULT` is a `LONG`[1], no special treatment is required on
x86 platforms to get appropriate values. On x64 platforms we prefer
positive values, what we could accomplish by casting the `HRESULT`
value to `ULONG` and then to `zend_long`, but since the current
behavior is correct and the performance improvement is negligible, we
defer that to master.
Nikita Popov [Fri, 7 Feb 2020 16:01:39 +0000 (17:01 +0100)]
PCRE: Only remember valid UTF-8 if start offset zero
PCRE only validates the string starting from the start offset
(minus maximum look-behind, but let's ignore that), so we can
only remember that the string is fully valid UTF-8 is the original
start offset is zero.
Nikita Popov [Fri, 7 Feb 2020 15:39:06 +0000 (16:39 +0100)]
PCRE: Check whether start offset is on char boundary
We need not just the whole string to be UTF-8, but the start
position to be on a character boundary as well. Check this by
looking for a continuation byte.
To cater to `curl_copy_handle()` of cURL handles with attached
`CURLFile`s, we must not attach the opened stream, because the stream
may not be seekable, so that we could rewind, when the same stream is
going to be uploaded multiple times. Instead, we're opening the stream
lazily in the read callback.
Since `curl_multi_perfom()` processes easy handles asynchronously, we
have no control of the operation sequence. Since duplicated cURL
handles may be used with multi handles, we cannot use a single arg
structure, but actually have to rebuild the whole mime structure on
handle duplication and attach this to the new handle.
In order to better test this behavior, we extend the test responder to
print the size of the upload, and patch the existing tests accordingly.
Not all systems support the discard protocol (TCP port 9), and since
there is no particular reason to use it, we switch to using actual
server testing.
Fix #79191: Error in SoapClient ctor disables DOMDocument::save()
The culprit is the too restrictive fix for bug #71536, which prevents
`php_libxml_streams_IO_write()` from properly executing when unclean
shutdown is flagged. A *more* suitable solution is to move the
`xmlwriter_free_resource_ptr()` call from the `free_obj` handler to an
added `dtor_obj` handler, to avoid to write to a closed stream in case
of late object freeing. This makes the `EG(active)` guard superfluous.
We also fix bug79029.phpt which has to use different variables for the
three parts to actually check the original shutdown issue.
Thanks to bwoebi and daverandom for helping to investigate this issue.
Since we're dealing with floating point numbers, precision issues may
hit us, and actually it's not necessary to check for the exact number
anyway, because it is not exact in the first place. Therefore, we
relax the test expectations.
Fix #79212: NumberFormatter::format() may detect wrong type
We have to convert to number *before* detecting the type, to cater to
internal objects implementing `cast_object`.
We also get rid of the fallback behavior of using `FORMAT_TYPE_INT32`,
because that can no longer happen; after `convert_scalar_to_number_ex`
the type is either `IS_LONG` or `IS_DOUBLE`. We cater explicitly to
the `IS_ARRAY` case what also avoids triggering a type confusion when
`::TYPE_INT64` is passed as `$type`.
Nikita Popov [Fri, 31 Jan 2020 09:21:37 +0000 (10:21 +0100)]
Fix bug #76047
Unlink the current stack frame before freeing CVs or extra args.
This means it will no longer show up in back traces that are
generated during CV destruction.
We already did this prior to destructing the object/closure,
presumably for the same reason.
Fix #70078: XSL callbacks with nodes as parameter leak memory
The fix for bug #49634 solved a double-free by copying the node with
`xmlDocCopyNodeList()`, but the copied node is later freed by calling
`xmlFreeNode()` instead of `xmlFreeNodeList()`, thus leaking memory.
However, there is no need to treat the node as node list, i.e. to copy
also the node's siblings; just creating a recursive copy of the node
with `xmlDocCopyNode()` is sufficient, while that also avoids the leak.
Nikita Popov [Wed, 29 Jan 2020 15:40:13 +0000 (16:40 +0100)]
Restore digit check in mb_decode_numericentity()
I replaced it with a multiplication overflow check in 18599f9c52959b2e8cbfac57e278644499a3547d. However, we need both,
because the code for restoring the number can't handle numbers
with many leading zeros right now and I don't feel like teaching it.
Akim Demaille [Tue, 28 Jan 2020 19:41:56 +0000 (20:41 +0100)]
Use "%define parse.error verbose"
The YYERROR_VERBOSE macro will no longer be supported in Bison 3.6.
It was superseded by the "%error-verbose" directive in Bison 1.875
(2003-01-01). Bison 2.6 (2012-07-19) clearly announced that support
for YYERROR_VERBOSE would be removed. Note that since Bison 3.0
(2013-07-25), "%error-verbose" is deprecated in favor of "%define
parse.error verbose".
Nikita Popov [Tue, 28 Jan 2020 16:12:45 +0000 (17:12 +0100)]
Fix mysqli_get_warnings() with multi queries
In this case warning_count may be non-zero, but php_get_warnings()
may still return no warnings. In this case we should return false
rather than returning a corrupted mysqli_warning object.
Fix #79174: cookie values with spaces fail to round-trip
The fix for bug #78929 disabled the conversion of spaces in cookie
values to plus signs, but failed to adapt `php_setcookie()`
accordingly, so that it uses raw URL encoding as well.
This is already supported by non Windows builds for libzip >= 1.3.1,
and since we're using at least libzip 1.4.0 on Windows, we should
support it there as well.
Nikita Popov [Fri, 24 Jan 2020 15:18:28 +0000 (16:18 +0100)]
Fixed bug #79128
We need to extend the hash table before performing raw append
operations.
This doesn't matter if preloading happens in the same process,
as the tables will be large enough to hold all entries as a
side-effect of the preloading process. However, if preloading
happens in a different process, we need to reserve space here.
Nikita Popov [Fri, 24 Jan 2020 13:52:28 +0000 (14:52 +0100)]
Fixed bug #79011
auth_plugin_data_len here is 21, including the trailing null byte.
Directly use SCRAMBLE_LENGTH instead. Also add a sanity check that
the provided scramble is long enough.
The test still needs to access <http://www.w3.org/2009/01/xml.xsd>, but
at least we no longer depend on <http://x-road.eu/xsd/x-road.xsd>,
which may be moved again.
projects / php / log