`SQLite3::readOnly()` uses `sqlite3_stmt_readonly()` which is only
available as of libsqlite 3.7.4. For older SQLite3 versions we return
always `false`, which can be confusing. Instead of sticking with this
behavior, or even undefining the method for old SQLite3 versions, we
lift the requirements to SQLite 3.7.4 (released on 2010-12-08),
according to a respective discussion[1].
Since pdo_sqlite doesn't use `sqlite3_stmt_readonly()`, we stick with
the minimum requirement of SQLite 3.5.0.
Since bug 77051 has been fixed, it is unlikely that any of the
`sqlite3_bind_*` calls will ever fail, but we add respective checks
nonetheless, and call `php_sqlite3_error()` in case of bind failures.
Deny (un)serialization of SQLite3, SQLite3Stmt and SQLite3Result
Serializing `SQLite3`, `SQLite3Stmt` and `SQLite3Result` instances is
possible but pointless, since unserializing results in uninitialized
instances, which will bail out of any method call. Therefore, we deny
serialization and unserialization in the first place.
* PHP-7.3:
Add DISPLAY_INI_ENTRIES for imap
Disable rsh/ssh functionality in imap by default (bug #77153)
Disable rsh/ssh functionality in imap by default (bug #77153)
* PHP-7.2:
Add DISPLAY_INI_ENTRIES for imap
Disable rsh/ssh functionality in imap by default (bug #77153)
Disable rsh/ssh functionality in imap by default (bug #77153)
* PHP-7.1:
Add DISPLAY_INI_ENTRIES for imap
Disable rsh/ssh functionality in imap by default (bug #77153)
Disable rsh/ssh functionality in imap by default (bug #77153)
* PHP-7.0:
Add DISPLAY_INI_ENTRIES for imap
Disable rsh/ssh functionality in imap by default (bug #77153)
Disable rsh/ssh functionality in imap by default (bug #77153)
Nikita Popov [Wed, 28 Nov 2018 19:08:39 +0000 (20:08 +0100)]
Fixed bug #77215
Remove invalid assertion: A block can have multiple switch frees,
so if we don't do live range block splitting, it is not necessarily
true that the free is located at the start of a block.
Nikita Popov [Mon, 26 Nov 2018 13:00:42 +0000 (14:00 +0100)]
Remove redundant __clone() methods from Reflection
Reflection classes already use NULLed clone_obj to signal that they
cannot be cloned, so it's not necessary to additionally declare a
throwing __clone() method.
Nikita Popov [Mon, 26 Nov 2018 12:53:48 +0000 (13:53 +0100)]
Remove redundant Exception::__clone() method
Exceptions already prohibit cloning by setting clone_obj to NULL
(which is integrated with reflection). No need to additionally
define a dummy __clone() method.
Peter Kokot [Thu, 22 Nov 2018 23:40:34 +0000 (00:40 +0100)]
Add re2c checking with error exit code
To make installation experience better instead of only outputting
warning when re2c is not present this patch also exits if the PHP lexer
file(s) were not generated yet and re2c is not present on the system.
Fix #77198: auto cropping has insufficient precision
We apply the upstream patch[1], and also fix the erroneous bailout at
the end of `gdImageAutoCrop()`, since `crop.x` and `crop.y` may very
well be zero.
Fix #77195: Incorrect error handling of imagecreatefromjpeg()
The broken JPEG image triggers a notice, two warnings and outputs a
message to stderr directly. The additional notice is pretty useless,
and the direct output to stderr is bad. Therefore, we port the
relevant differences from upstream to our bundled libgd. This leaves
us with two warnings; the first one is triggered by libjpeg and shows
the actual problem, the second one is triggered by our libgd wrapper
whenever an image can't be read, what may not have necessarily
triggered a warning before.
Fix #77177: Serializing or unserializing COM objects crashes
Firstly, we avoid returning NULL from the get_property handler, but
instead return an empty HashTable, which already prevents the crashes.
Secondly, since (de-)serialization obviously makes no sense for COM,
DOTNET and VARIANT objects (at least with the current implementation),
we prohibit it right away.
sapi/tests/ has been introduced as a generic means to test different
SAPIs[1]. run-tests2.php has later be renamed to server-tests.php and
recently been dropped[2]. However, the sapi/tests/test00?.php test
cases remained, even though they make no sense for run-tests.php,
since they use an unsupported format for the `--ENV--` section and the
completely unsupported `--HEADERS--` section, respectively. While
these tests ran successfully under run-tests.php, that was only by
accident, and they did not really test something useful. Therefore, we
remove these tests altogether.
sapi/tests/bug69487.phpt is actually a CGI test (CGI is enforced due to
the `--POST--` section), so we move it to sapi/cgi/tests, which leaves
sapi/tests/ empty. Thus, we also remove the sapi/ directory from
run-tests.php.
Finally, we remove the `--HEADERS--` and `--REQUEST--` sections from
the list of allowed run-tests.php sections.
Nikita Popov [Tue, 20 Nov 2018 19:54:24 +0000 (20:54 +0100)]
Re-commit MySQL 8 cached SHA auth support
With changes to (hopefully) correctly fall back if OpenSSL support
is missing. Furthermore the hard-coded dependency on ext/hash is
no longer an issue, as this extension is required in master.
If the library is built with ZEND_SIGNALS defined, it's unusable with an
external SAPI module because the zend_signal_startup() call is mandatory
in this case.
This bug is similar to #74149, but related to dynamic loading of PHP library.