This fixes two issues:
* Negative the value in an unsigned type to avoid signed overflow.
* Treat -0 as 0 rather than an invalid number that gets converted
to ZEND_LONG_MIN.
This fixes two leaks related to duplicate tags, as well as a leak
of zero-length FMT_(S)BYTE with non-null value. This can show up
for MAKERNOTE values where the original length is non-zero, but
the first character is a null byte.
Fix #78579: mb_decode_numericentity: args number inconsistency
mb_decode_numericentity() accepts a fourth optional parameter, which is
unused, however. Since this parameter doesn't do any harm, and to avoid
the small BC break, we're keeping this parameter for PHP 7, but adjust
the arginfo.
This issue was recently introduced in c739023a50876e2a90588f915803b0140a95638e,
when the restriction that components>0 has been relaxed. We now need
to make sure that any tags that expect at least one component check
that this is the case.
Tyson Andre [Fri, 13 Sep 2019 18:09:15 +0000 (14:09 -0400)]
Fix opcache return type for get_headers in zend_func_info
https://www.php.net/manual/en/function.get-headers.php#refsect1-function.get-headers-examples
shows that it will return string keys when the second argument is
non-zero. I've verified that this is the case.
This bug was there since the initial commit in c88ffa9a567.
When calling free_result_buffers(), also free field metadata and
restore the mempool state to what it was before any allocations
have been made. Remove the mempool save/restore logic for the
inner result set as this is now handled on a higher level.
The state returned by `sodium_crypto_generichash_init()` has to be
regarded as opaque byte string; neither its size nor its exact
structure are fixed, and actually vary for diffent libsodium versions.
Therefore we drop the test altogether.
Fix #41997: SP call yields additional empty result set
When stored procedures are called, the "final result set is a status
result that includes no result set". Calling `::nextRowset()` on the
actual last result set should return FALSE, since there is actually no
further result set to be processed.
Sergei Turchanov [Wed, 28 Aug 2019 03:05:14 +0000 (13:05 +1000)]
Fixed bug #78469
fcgi_accept_request function is supposed to call a FastCGI implementation's
on_accept hook when entering an "accepting" stage (that is right before
calling "accept"). This hook implementation (fpm_request_accepting) updates
a worker state to an "accepting" state which is effectively an "Idle" state,
and updates counters on the scoreboard of the corresponding pool (idle++,
active--).
But this is not done when listening for client connections on a named pipe on
Windows platform. In that case a combination of
ConnectNamedPipe/WaitForSingleObject is used (to be able to catch in_shutdown
as far as I understand), but it is nonetheless functionally equivalent to
"accept" call. Also by not calling on_hook neither a worker's state is updated
to "accepting" state nor scoreboard counters are updated.
Nikita Popov [Mon, 26 Aug 2019 15:48:05 +0000 (17:48 +0200)]
Remove properties HT from nested GC data
The properties HT may be a GC root itself, so we need to remove it.
I'm not sure this issue actually applies to PHP 7.2, but committing
it there to be safe. As seen from the test case, the handling here
is rather buggy on 7.2.
Tyson Andre [Sun, 25 Aug 2019 14:48:52 +0000 (10:48 -0400)]
Fix opcache optimizer info for time_nanosleep
This can also return an array. See
https://www.php.net/manual/en/function.time-nanosleep.php#refsect1-function.time-nanosleep-returnvalues
> If the delay was interrupted by a signal, an associative array will be
returned with the components:
>
> - seconds - number of seconds remaining in the delay
> - nanoseconds - number of nanoseconds remaining in the delay
Sending a SIGUSR1 to the below program would trigger this behavior.
```
pcntl_signal(\SIGUSR1, function ($signo, $signinfo) {
echo "Handling a signal $signo\n";
});
echo "Sleeping for 100 seconds\n";
var_export(time_nanosleep(100, 0));
```
The incomplete signature existed since c88ffa9a5.
No phpt tests existed for time_nanosleep returning an array
Nikita Popov [Mon, 26 Aug 2019 08:23:23 +0000 (10:23 +0200)]
Fix overflow in memory limit checks
Due to overflows in the memory limit checks, we were missing cases
where the allocation size was close to the address space size, and
caused an OOM condition rather than a memory limit error.
projects / php / log