Merge branch 'PHP-7.4' of git.php.net:php-src into PHP-7.4
* 'PHP-7.4' of git.php.net:php-src:
Remove DateTime class registration test
Fixed bug #78973
Fixed bug #78961 (erroneous optimization of re-assigned $GLOBALS)
* PHP-7.3:
Fixed bug #78910
Fix #78878: Buffer underflow in bc_shift_addsub
Fix test
Fix #78862: link() silently truncates after a null byte on Windows
Fix #78863: DirectoryIterator class silently truncates after a null byte
Fix #78943: mail() may release string with refcount==1 twice
* PHP-7.2:
Fixed bug #78910
Fix #78878: Buffer underflow in bc_shift_addsub
Fix test
Fix #78862: link() silently truncates after a null byte on Windows
Fix #78863: DirectoryIterator class silently truncates after a null byte
Fix #78863: DirectoryIterator class silently truncates after a null byte
Since the constructor of DirectoryIterator and friends is supposed to
accepts paths (i.e. strings without NUL bytes), we must not accept
arbitrary strings.
Fix #78943: mail() may release string with refcount==1 twice
Since we need `headers_lc` as well as `headers_trim` in the following,
we do not release the former even if they are the same string, to avoid
complicating the release logic even more.
A new test case is not necessary, since we already have
mail_basic_alt2-win32.phpt and others.
Nikita Popov [Wed, 11 Dec 2019 16:11:30 +0000 (17:11 +0100)]
Introduce extra counter to avoid RTD key collisions
Also generate a fatal error if a collision occurs in zend_compile.
This is not perfect, because collisions might still be introduced
via opcache, if one file is included multiple times during a request,
invalidate in the meantime and recompiled by different processes.
This still needs to be addressed, but this patch fixes the much
more common case of collisions occuring when opcache is not used.
Kachalin Alexey [Thu, 12 Dec 2019 10:49:06 +0000 (11:49 +0100)]
Fix #78929: plus signs in cookie values are converted to spaces
We switch the cookie value parsing function from `php_url_decode()` to
`php_raw_url_decode()`, so that cookie values are now parsed according
to RFC 6265, section 4.1.1. We also refactor to remove duplicate code
without changing the execution flow.
Nikita Popov [Thu, 12 Dec 2019 10:19:07 +0000 (11:19 +0100)]
Fixed bug #78950: Preloading trait method with static variables
We need to make sure that trait methods with static variables
allocate a separate MAP slot for the static variables pointer,
rather than working in-place.
Nikita Popov [Wed, 11 Dec 2019 12:06:10 +0000 (13:06 +0100)]
Fixed bug #78903: Conflict in RTD key for closures results in crash
I wasn't able to create a simple reproducer for this. General approach
is the same as for anonymous classes: If the key is already used, reuse
the old definition.
Nikita Popov [Tue, 10 Dec 2019 12:49:40 +0000 (13:49 +0100)]
Fix release build failure
GCC complained about potentially uninitialized __orig_bailout,
even though the variable has an initializer. This warning was
quite persistent, I was only able to avoid it by using a separate
function.
Nikita Popov [Mon, 9 Dec 2019 14:14:39 +0000 (15:14 +0100)]
Fixed bug #78935: Check that all linked classes can be preloaded
During preloading, check that all classes that have been included
as part of the preload script itself (rather than through opcache_compile_file)
can actually be preloaded, i.e. satisfy Windows restrictions, have
resolved initializers and resolved property types. When resolving
initializers and property types, also autoload additional classes.
Because of this, the resolution runs in a loop.
Dmitry Stogov [Mon, 9 Dec 2019 12:05:24 +0000 (15:05 +0300)]
Call zend_unregister_ini_entries() when unload extension loaded through dl() without MSHUTDOWN callback.
Extensions with MSHUTDOWN should use UNREGISTER_INI_ENTRIES().
Due to former restrictions of the libcurl API, curl multipart/formdata
file uploads supported only proper files. However, as of curl 7.56.0
the new `curl_mime_*()` API is available (and already supported by
PHP[1]), which allows us to support arbitrary *seekable* streams, which
is generally desirable, and particularly resolves issues with the
transparent Unicode and long part support on Windows (see bug #77711).
Note that older curl versions are still supported, but CURLFile is
still restricted to proper files in this case.
Nikita Popov [Mon, 9 Dec 2019 08:15:27 +0000 (09:15 +0100)]
Fixed bug #78926: Handle class table reallocation on failed link
When we change back the bucket key on a class linking failure,
make sure to reload the bucket pointer, as the class table may
have been reallocated in the meantime.
Also remove a bogus bucket key change in anon class registration:
We don't actually rename the class in this case anymore, the RTD
key is already the final name.
Nikita Popov [Mon, 28 Oct 2019 12:34:33 +0000 (13:34 +0100)]
Fixed bug #78904: Don't call any magic for uninitialized typed properties
We already changed the behavior for __set() in f1848a4. However, it
seems that this is also a problem for all the other property magic,
see bug #78904.
This commit makes the behavior of all the property magic consistent:
Magic will not be triggered for uninitialized typed properties, only
explicitly unset() ones. This brings behavior more in line how
non-typed properties behave and avoids WTF.
Nikita Popov [Fri, 6 Dec 2019 10:07:57 +0000 (11:07 +0100)]
Fix constant evaluation of && and ||
The "return" in the for loop should have been a break on the switch,
otherwise the result is just ignored... but because it prevents
evaluation of the other operand, it also violates the invariant that
everything has been constant evaluated, resulting in an assertion
failure.
The for loop isn't correct in any case though, because it's not legal
to determine the result based on just the second operand, as the
first one may have a side-effect that cannot be optimized away.
Nikita Popov [Thu, 5 Dec 2019 08:13:57 +0000 (09:13 +0100)]
Fix timeout tests
After taking a more detailed look at our commonly failing timeout
tests... turns out that most of them are useless as written and
don't test what they're supposed to.
This PR has a couple of changes:
* Tests for timeout in while/for/foreach should just have the loop
as an infinite loop. Calling into something like busy_wait means
that we just end up always testing whatever busy_wait does.
* Tests for timeouts in calls need to be based on something like
sleep, otherwise we'd have to introduce a loop, and we'd end up
testing timeout of the looping structure instead. Using sleep only
works on Windows, because that's the only system where sleep counts
towards the timeout. As such, many of those tests are now Windows only.
* Removed some tests where I don't see a good way to test what they're
supposed to test. E.g. how can we test a timeout in eval() specifically?
The shutdown function tests are marked as XFAIL, as we are currently
missing a timeout check in call_user_function. I believe that's a
legitimate issue.
Arjen de Korte [Mon, 25 Nov 2019 22:54:49 +0000 (23:54 +0100)]
Fix bug #78823: add zlib library to mysqlnd
The problem is newer binutils will no longer default to --copy-dt-needed-entries but use --no-copy-dt-needed-entries instead. So all libraries needed *must* be provided.
Workarounds (either one works)
1) Add "-Wl,--copy-dt-needed-entries" to LDFLAGS to bring back the old behavior of the linker
2) Add "-lz" to list of libraries to be added
In "ext/mysqlnd/mysqlnd_protocol_frame_codec.c" when the "zlib.h" header is included should also trigger adding '-lz' to the list of libraries.
We add the `is_seekable` member to `php_stdio_stream_data`, and prefer
that over `is_pipe`, since the latter is simply a misnomer. We keep
`is_pipe` for now for Windows only, though, because we need special
support for pipes there. We also fix the misaligned bitfield which
formerly took 33 bit.
Fix #78814: strip_tags allows / in tag name => whitelist bypass
When normalizing tags to check whether they are contained in the set
of allowable tags, we must not strip slashes, unless they come
immediately after the opening `<`, or immediately before the closing
`>`.
If we're constructing extended-length paths (i.e. paths prefixed with
`\\?\`), we have to replace all forward slashes with backward slashes,
because the former are not supported by Windows for extended-length
paths.
The more efficient and likely cleaner alternative solution would be to
cater to this in `php_win32_ioutil_normalize_path_w()` by always
replacing forward slashes, but that might break existing code. It
might be sensible to change that for `master`, though.
Partially revert "Adapt test cases for Oniguruma 6.9.4"
This partially reverts commit c55d09c2f547634b577aa5aeaa1438d772bc29d1,
because `MB_ONIGURUMA_VERSION` is only available as of PHP 7.4.0, so
that change made no sense for PHP-7.3; we keep it for PHP-7.4, though.
We also stick with the modification to bug78633.phpt.
Apparently, bug 78633 has now really been fixed; the former fix only
catered to the buffer overflow, but yielded a wrong result. Also,
the order of the named captures has been fixed.
Tyson Andre [Wed, 20 Nov 2019 00:12:56 +0000 (19:12 -0500)]
Handle reallocated root buffer during GC destroy phase (v2)
We no longer protect GC during the destroy phase, so we need to
deal with buffer reallocation.
Note that the implementation of spl_SplObjectStorage_free_storage
will call the destructor of SplObjectStorage, and free the instance properties,
which I think is what caused the root buffer to be reallocated.
(`current` is a pointer for an index within the root buffer?)
projects / php / log