]> granicus.if.org Git - php/log
php
4 years agoBackport fix for bug #78750
Peter Kokot [Sun, 7 Jun 2020 19:53:39 +0000 (21:53 +0200)]
Backport fix for bug #78750

Cherry-picks
fe2afef36fc78c267133ddd403f48e0ee799efbc
and
86e2b7bb70131b48636cded57e5bc62b81b79865.

4 years agoMerge branch 'PHP-7.3' into PHP-7.4
Nikita Popov [Wed, 2 Dec 2020 10:29:06 +0000 (11:29 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fixed bug #80457

4 years agoFixed bug #80457
Nikita Popov [Wed, 2 Dec 2020 10:26:10 +0000 (11:26 +0100)]
Fixed bug #80457

On x32 sizeof(size_t) != sizeof(zend_long), so we need to be
careful with sign extension here.

Patch by bruno dot premont at restena dot lu.

4 years agoFix #73809: Phar Zip parse crash - mmap fail
Christoph M. Becker [Tue, 1 Dec 2020 13:20:39 +0000 (14:20 +0100)]
Fix #73809: Phar Zip parse crash - mmap fail

Phar signatures practically are of limited size; for the MD5 and SHA
hashes the size is fixed (at most 64 bytes for SHA512); for OpenSSL
public keys there is no size limit in theory, but "64 KiB ought to be
good enough for anybody".  So we check for that limit, to avoid fatal
errors due to out of memory conditions.

Since it is neither possible to have the signature compressed in the
ZIP archive, nor is it possible to manually add a signature via Phar,
we use ZipArchive to create a suitable archive for the test on the fly.

Closes GH-6474.

4 years agoNext attempt to fix bug #80368
Nikita Popov [Mon, 30 Nov 2020 14:15:59 +0000 (15:15 +0100)]
Next attempt to fix bug #80368

Apparently treating LibreSSL as OpenSSL 1.1 is not just something
we did in our code, it's something that upstream LibreSSL claims,
despite not actually being compatible. Duh.

Check for EVP_CIPH_OCB_MODE instead, which should reliably
determine support...

4 years agoFix #76813: Access violation near NULL on source operand
Christoph M. Becker [Sat, 28 Nov 2020 12:47:37 +0000 (13:47 +0100)]
Fix #76813: Access violation near NULL on source operand

We avoid `YYCURSOR` becoming `NULL` by initializing `YYMARKER`, and add
a default rule for `<NORMAL>` where we catch unexpected input.

We also fix the only superficially related issue regarding empty input
followed by `T_SEPARATOR` and command, which caused another segfault.

Closes GH-6464.

4 years agoMerge branch 'PHP-7.3' into PHP-7.4
Jakub Zelenka [Fri, 27 Nov 2020 16:33:47 +0000 (16:33 +0000)]
Merge branch 'PHP-7.3' into PHP-7.4

4 years agoFix test for bug62890 to not depend on system cert store
Jakub Zelenka [Fri, 27 Nov 2020 16:32:43 +0000 (16:32 +0000)]
Fix test for bug62890 to not depend on system cert store

4 years agoFix build for non-x86
Nikita Popov [Fri, 27 Nov 2020 16:04:17 +0000 (17:04 +0100)]
Fix build for non-x86

4 years agoFix AVX detection
Nikita Popov [Fri, 27 Nov 2020 10:54:39 +0000 (11:54 +0100)]
Fix AVX detection

Our CPU detection code currently only checks whether hardware
support for AVX exists. However, we also need to check for operating
system support for XSAVE, as well as whether XCR0 has the SSE and
AVX bits set.

If this is not the case, unset the AVX and AVX2 bits in the cpuinfo
structure.

Hopefully this resolves our issues with CPU support detection.

Closes GH-6460.

4 years agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Fri, 27 Nov 2020 10:50:59 +0000 (11:50 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix mysqli_get_client_stats test

4 years agoFix mysqli_get_client_stats test
Daniel Black [Fri, 27 Nov 2020 05:43:20 +0000 (16:43 +1100)]
Fix mysqli_get_client_stats test

MySQL removed RENAME DATABASE in 18300001c1dbbfddf9a0adcbaeea68956102bdd0
(Sept 2007, 5.1.23). As this briefest existance is very insignificant lets remove it.

It also breaks when testing against MariaDB.

As the alternate path in this test covers all supported MySQL and MariaDB
versions and a signifant portion of unsupported versions lets keep it simple.

Closes GH-6459.

4 years agoFixed bug #80368
Nikita Popov [Fri, 27 Nov 2020 09:57:19 +0000 (10:57 +0100)]
Fixed bug #80368

We assume that usually LibreSSL supports everything OpenSSL 1.1 does.
In this instance, this is not the case.

4 years agoFixed bug #80425
Nikita Popov [Fri, 27 Nov 2020 09:02:00 +0000 (10:02 +0100)]
Fixed bug #80425

Rename the methods in MessageFormatAdapter to make sure they don't
clash with anything defined by icu itself, which may be a problem
if icu is linked statically.

4 years agoFix bug #80402: Don't strip -lpthread
Nikita Popov [Tue, 24 Nov 2020 11:23:03 +0000 (12:23 +0100)]
Fix bug #80402: Don't strip -lpthread

The current behavior has been introduced 20 years ago in
f9e375f493a1aeacbbcc8f2f00880d05b4ba7aaf as part of a larger change.
It's not clear to me why special treatement of -lpthread is necessary
here.

4 years agoFixed bug #80411
Nikita Popov [Wed, 25 Nov 2020 16:23:42 +0000 (17:23 +0100)]
Fixed bug #80411

References to null-serializations are stored as null, and as such
are part of the reference count.

Reminds me that we really need to deprecate the mess that is
Serializable.

4 years agoFixed error reporting in mysqli_stmt::__construct
Dharman [Tue, 24 Nov 2020 23:02:04 +0000 (23:02 +0000)]
Fixed error reporting in mysqli_stmt::__construct

For the sake of simplicity, I've synchronized the implementation
with PHP 8, which means null values are also accepted.

Closes GH-6454.

4 years agoReindent more mysqli tests
Nikita Popov [Wed, 25 Nov 2020 15:07:16 +0000 (16:07 +0100)]
Reindent more mysqli tests

Due to a bug in the tidy script, most tests did not actually get
reindented...

4 years agoReindent ext/mysqli tests
Nikita Popov [Wed, 25 Nov 2020 14:57:11 +0000 (15:57 +0100)]
Reindent ext/mysqli tests

Reindent ext/mysqli tests on PHP-7.4, so they match with the
indentation on PHP-8.0. Otherwise merging test changes across
branches is very unpleasant.

4 years agoFix usage of casted string in ReflectionParameter ctor
Nikita Popov [Tue, 24 Nov 2020 15:41:18 +0000 (16:41 +0100)]
Fix usage of casted string in ReflectionParameter ctor

Fixes oss-fuzz #27755.

4 years agoFixed bug #80393
Nikita Popov [Tue, 24 Nov 2020 14:26:40 +0000 (15:26 +0100)]
Fixed bug #80393

Handle macos versions that don't start with 10.* in libtool.

Patch by kir dot morozov at gmail dot com.

4 years agoFix #77961: finfo_open crafted magic parsing SIGABRT
Christoph M. Becker [Mon, 23 Nov 2020 16:12:46 +0000 (17:12 +0100)]
Fix #77961: finfo_open crafted magic parsing SIGABRT

libmagic may abort the running process, which is not desirable for PHP;
we raise a fatal error instead.

Closes GH-6437.

4 years agoFix #80366: Return Value of zend_fstat() not Checked
Christoph M. Becker [Tue, 17 Nov 2020 13:42:22 +0000 (14:42 +0100)]
Fix #80366: Return Value of zend_fstat() not Checked

In the somewhat unlikely case that `zend_fstat()` fails, we must not
proceed executing the function, but return `false` instead.

Patch based on the patch contributed by sagpant at microsoft dot com.

Closes GH-6432.

4 years agoFixed bug #80362: Running dtrace scripts can cause php to crash
Nikita Popov [Tue, 24 Nov 2020 12:00:53 +0000 (13:00 +0100)]
Fixed bug #80362: Running dtrace scripts can cause php to crash

Patch by al at coralnet dot name.

4 years agoFix #77594: ob_tidyhandler is never reset
Christoph M. Becker [Sat, 14 Nov 2020 14:03:58 +0000 (15:03 +0100)]
Fix #77594: ob_tidyhandler is never reset

We reset to original INI value on request shutdown.

Closes GH-6425.

4 years agoFix typos in php.ini files
Benjamin Morel [Fri, 20 Nov 2020 13:45:35 +0000 (14:45 +0100)]
Fix typos in php.ini files

Closes GH-6441.

[ci skip]

4 years agoFix #72964: White space not unfolded for CC/Bcc headers
Christoph M. Becker [Tue, 10 Nov 2020 15:13:54 +0000 (16:13 +0100)]
Fix #72964: White space not unfolded for CC/Bcc headers

`\r\n` does only terminate a header, if not followed by `\t` or ` `.
We have to cater to that when determining the end position of the
respective headers.

Closes GH-6420.

4 years agoFix #80345: PHPIZE configuration has outdated PHP_RELEASE_VERSION
Christoph M. Becker [Tue, 10 Nov 2020 12:51:40 +0000 (13:51 +0100)]
Fix #80345: PHPIZE configuration has outdated PHP_RELEASE_VERSION

We must not redefine the version "constants" for phpize builds, because
these have already generated in phpize.js, from where we pass these
variables forward to configure.js.

We also add `PHP_EXTRA_VERSION` and `PHP_VERSION_STRING` to the files
for completeness.

Closes GH-6419.

4 years agoShort-circuit get_gc for currently running generator
Nikita Popov [Wed, 18 Nov 2020 11:44:31 +0000 (12:44 +0100)]
Short-circuit get_gc for currently running generator

4 years agoFix #80312: change default engine from MyISAM to InnoDB in tests
Darek Slusarczyk [Fri, 6 Nov 2020 14:41:15 +0000 (15:41 +0100)]
Fix #80312: change default engine from MyISAM to InnoDB in tests

Change mysqli and pdo_mysql tests configuration to use by default
InnoDB instead of MyISAM.

Closes GH-6405.

4 years agoFix incorrectly optimized out live range
Nikita Popov [Tue, 17 Nov 2020 09:18:37 +0000 (10:18 +0100)]
Fix incorrectly optimized out live range

For x ? y : z style structures, the live range starts at z, but
may also hold the value of y. Make sure that the refcounting check
takes this into account, by checking the type of a potential phi
user.

4 years agoFix #74558: Can't rebind closure returned by Closure::fromCallable()
Christoph M. Becker [Thu, 12 Nov 2020 14:37:51 +0000 (15:37 +0100)]
Fix #74558: Can't rebind closure returned by Closure::fromCallable()

Failure to rebind such closures is not necessarily related to them
being created by `ReflectionFunctionAbstract::getClosure()`, so we fix
the error message.

Closes GH-6424.

4 years agoHandle errors during next_result()
Nikita Popov [Wed, 11 Nov 2020 14:56:05 +0000 (15:56 +0100)]
Handle errors during next_result()

4 years agoPHP-7.4 is now for 7.4.14
Derick Rethans [Tue, 10 Nov 2020 17:58:21 +0000 (17:58 +0000)]
PHP-7.4 is now for 7.4.14

4 years agoAdd integration test for symfony preloading
Nikita Popov [Mon, 9 Nov 2020 14:13:33 +0000 (15:13 +0100)]
Add integration test for symfony preloading

To help catch regressions like the one that occurred in PHP 7.4.12.

Closes GH-6414.

4 years agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Tue, 10 Nov 2020 10:09:40 +0000 (11:09 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  7.3.26 is next

4 years ago7.3.26 is next
Christoph M. Becker [Tue, 10 Nov 2020 10:08:16 +0000 (11:08 +0100)]
7.3.26 is next

4 years agoFix phi use chain management when renaming variable
Nikita Popov [Mon, 9 Nov 2020 16:06:41 +0000 (17:06 +0100)]
Fix phi use chain management when renaming variable

If there is a previous use of the new variable in the phi, we need
to NULL out the use chain of the new source we're adding.

Test case is reduced from an assertion failure in the Symfony Demo.

4 years agoMerge branch 'PHP-7.3' into PHP-7.4
Nikita Popov [Mon, 9 Nov 2020 13:34:24 +0000 (14:34 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fixed bug #80310: Support for icu4c 68.1.

4 years agoFixed bug #80310: Support for icu4c 68.1.
Alexander M. Turek [Tue, 3 Nov 2020 18:14:41 +0000 (19:14 +0100)]
Fixed bug #80310: Support for icu4c 68.1.

On stable versions, bring back the TRUE/FALSE defines by defining
_U_DEFINE_TRUE_AND_FALSE.

Closes GH-6397.

4 years agoUpdate version in 7.4 branch
Derick Rethans [Sat, 7 Nov 2020 18:48:13 +0000 (18:48 +0000)]
Update version in 7.4 branch

4 years agoSplit tests for compatibility with ICU 68.1
Christoph M. Becker [Fri, 6 Nov 2020 16:11:26 +0000 (17:11 +0100)]
Split tests for compatibility with ICU 68.1

4 years agoBackport preloading trait fixup fixes
Nikita Popov [Thu, 5 Nov 2020 10:58:31 +0000 (11:58 +0100)]
Backport preloading trait fixup fixes

This cherry-picks 33969c2252b2c33a72c9039072af8862fd347a5f and
2effbfd8713936742ef46e6e85ce193b320ac005 from PHP-8.0.

The issues these commits fix could also manifest in PHP 7.4, and
a commenter on bug #80307 reports this this might indeed be
happening.

4 years agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Wed, 4 Nov 2020 13:54:14 +0000 (14:54 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix #80266: parse_url silently drops port number 0

4 years agoFix #80266: parse_url silently drops port number 0
Christoph M. Becker [Wed, 4 Nov 2020 10:34:10 +0000 (11:34 +0100)]
Fix #80266: parse_url silently drops port number 0

As of commit 81b2f3e[1], `parse_url()` accepts URLs with a zero port,
but does not report that port, what is wrong in hindsight.

Since the port number is stored as `unsigned short` there is no way to
distinguish between port zero and no port.  For BC reasons, we thus
introduce `parse_url_ex2()` which accepts an output parameter that
allows that distinction, and use the new function to fix the behavior.

The introduction of `parse_url_ex2()` has been suggested by Nikita.

[1] <http://git.php.net/?p=php-src.git;a=commit;h=81b2f3e5d9fcdffd87a4fcd12bd8c708a97091e1>

Closes GH-6399.

4 years agoFix dynamic function definition in preload script
Nikita Popov [Wed, 4 Nov 2020 09:54:08 +0000 (10:54 +0100)]
Fix dynamic function definition in preload script

We should use normal function renaming if the function is declared
during preloading itself, rather than afterwards.

This fixes a regression introduced by
68f80be9d1380de731930187250a7ed6b55ae196.

4 years agoMerge branch 'PHP-7.3' into PHP-7.4
Nikita Popov [Tue, 3 Nov 2020 09:39:13 +0000 (10:39 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix another implicit function declaration in configure

4 years agoFix another implicit function declaration in configure
Nikita Popov [Tue, 3 Nov 2020 09:38:16 +0000 (10:38 +0100)]
Fix another implicit function declaration in configure

As mentioned on bug #80171. This one is in libtool.m4, might get
lost on libtool updates.

4 years agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Mon, 2 Nov 2020 10:39:16 +0000 (11:39 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix #70461: disable md5 code when it is not supported in net-snmp

4 years agoFix #70461: disable md5 code when it is not supported in net-snmp
Christoph M. Becker [Wed, 28 Oct 2020 14:30:49 +0000 (15:30 +0100)]
Fix #70461: disable md5 code when it is not supported in net-snmp

Patch contributed by Alexander Bergmann.

Closes GH-6389.

4 years agoFix SSA integrity violation for type inference in dead code
Nikita Popov [Fri, 30 Oct 2020 14:48:03 +0000 (15:48 +0100)]
Fix SSA integrity violation for type inference in dead code

The foreach body can never be executed and thus may contain empty
types. We should still uphold our SSA integrity invariants in that
case.

4 years agoFix bug79177.phpt wrt. JIT
Christoph M. Becker [Fri, 30 Oct 2020 11:44:37 +0000 (12:44 +0100)]
Fix bug79177.phpt wrt. JIT

JIT ignores that the `zend_write` callback is overwritten, so we define
our own callback and caller.

We also fix the "inconsistent DLL binding" warnings on Windows, by
introducing `PHP_ZEND_TEST_API`.

Closes GH-6391.

4 years agoFix bug #72413: Segfault with get_result and PS cursors
Dharman [Thu, 17 Sep 2020 11:35:26 +0000 (12:35 +0100)]
Fix bug #72413: Segfault with get_result and PS cursors

We cannot simply switch to use_result here, because the fetch_row
methods in get_result mode and in use_result/store_result mode
are different: In one case it accepts a statement, in the other
a return value zval. Thus, doing a switch to use_result results
in a segfault when trying to fetch a row.

Actually supporting get_result with cursors would require adding
cursor support in mysqlnd_result, not just mysqlnd_ps. That would
be a significant amount of effort and, given the age of the issue,
does not appear to be particularly likely to happen soon.

As such, we simply generate an error when using get_result()
with cursors, which is much better than causing a segfault.
Instead, parameter binding needs to be used.

4 years agoHandle errors during PDO row fetch
Nikita Popov [Thu, 29 Oct 2020 13:07:08 +0000 (14:07 +0100)]
Handle errors during PDO row fetch

The EOF flag also gets set on error, so we always end up ignoring
errors here.

However, we should only check errors for unbuffered results. For
buffered results, this function is guaranteed not to error, and
querying the errno may return an unrelated error.

4 years agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Thu, 29 Oct 2020 12:09:19 +0000 (13:09 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix format specifier

4 years agoFix format specifier
Christoph M. Becker [Thu, 29 Oct 2020 11:58:45 +0000 (12:58 +0100)]
Fix format specifier

In this function, `i` is of type `size_t`.

4 years agoReport gone away error in one more place
Nikita Popov [Thu, 29 Oct 2020 10:43:17 +0000 (11:43 +0100)]
Report gone away error in one more place

4 years ago[ci skip] Fix NEWS order
Christoph M. Becker [Thu, 29 Oct 2020 11:15:31 +0000 (12:15 +0100)]
[ci skip] Fix NEWS order

4 years agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Thu, 29 Oct 2020 11:00:07 +0000 (12:00 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix #44618: Fetching may rely on uninitialized data

4 years agoFix #44618: Fetching may rely on uninitialized data
Christoph M. Becker [Thu, 29 Oct 2020 10:52:10 +0000 (11:52 +0100)]
Fix #44618: Fetching may rely on uninitialized data

Unless `SQLGetData()` returns `SQL_SUCCESS` or `SQL_SUCCESS_WITH_INFO`,
the `StrLen_or_IndPtr` output argument is not guaranteed to be properly
set.  Thus we handle retrieval failure other than `SQL_ERROR` by
yielding `false` for those column values and raising a warning.

Closes GH-6281.

4 years agoRetain QUIT_SEND connection state
Nikita Popov [Thu, 29 Oct 2020 09:17:35 +0000 (10:17 +0100)]
Retain QUIT_SEND connection state

If the server goes away while reading a packet, don't go back into
the READY state. This will just cause broken pipe errors down the
line.

4 years agoFixed bug #65825
Nikita Popov [Wed, 28 Oct 2020 16:12:35 +0000 (17:12 +0100)]
Fixed bug #65825

Set error_info when we fail to read a packet, instead of throwing
a warning. Additionally we also need to populate the right
error_info in rowp_read -- we'll later take the error from the
packet, not the connection.

No test case, as this is hard to reliably test. I'm using the
test case from:
https://github.com/php/php-src/pull/2131#issuecomment-538374838

4 years agoFix #79177: FFI doesn't handle well PHP exceptions within callback
Christoph M. Becker [Wed, 28 Oct 2020 11:01:28 +0000 (12:01 +0100)]
Fix #79177: FFI doesn't handle well PHP exceptions within callback

We have to error on unhandled exceptions in FFI callbacks, to avoid
passing back undefined values.

This has been discussed and agreed upon in a previous PR[1].

[1] <https://github.com/php/php-src/pull/5120>

Closes GH-6366.

4 years agoFixed bug #66528
Nikita Popov [Wed, 28 Oct 2020 10:58:07 +0000 (11:58 +0100)]
Fixed bug #66528

Report errors in commit, rollback and autocommit handlers.

4 years agoFixed run-time binding of preloaded dynamically declared function
Dmitry Stogov [Wed, 28 Oct 2020 10:50:14 +0000 (13:50 +0300)]
Fixed run-time binding of preloaded dynamically declared function

4 years agoHandle mysqli errors in more cases
Dharman [Thu, 17 Sep 2020 22:45:17 +0000 (23:45 +0100)]
Handle mysqli errors in more cases

Report errors autocommit, commit, rollback and mysqli_stmt_attr_set.

Additionally, copy the error from conn to stmt when preparing fails,
so these errors are also handled by mysqli_stmt_prepare.

Closes GH-6157.

4 years agoSync test with master
Nikita Popov [Wed, 28 Oct 2020 10:30:22 +0000 (11:30 +0100)]
Sync test with master

Sync ext/mysqli/tests/mysqli_report.phpt with PHP-8.0/master, as
the current difference in indentation makes it hard to merge.

4 years agoFix bug #79375
Dharman [Sun, 20 Sep 2020 15:32:47 +0000 (16:32 +0100)]
Fix bug #79375

Make sure deadlock errors are properly propagated and reports in
a number of places in mysqli and PDO MySQL.

This also fixes a memory and a segfault that can occur under these
conditions.

4 years agoMerge branch 'PHP-7.3' into PHP-7.4
Nikita Popov [Mon, 26 Oct 2020 15:50:48 +0000 (16:50 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Deny cloning of fileinfo objects

4 years agoDeny cloning of fileinfo objects
Nikita Popov [Mon, 26 Oct 2020 15:50:20 +0000 (16:50 +0100)]
Deny cloning of fileinfo objects

Using a cloned finfo object will crash.

4 years agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Mon, 26 Oct 2020 14:40:55 +0000 (15:40 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Revert "Fix out-of-bounds write"

4 years agoRevert "Fix out-of-bounds write"
Christoph M. Becker [Tue, 20 Oct 2020 15:09:20 +0000 (17:09 +0200)]
Revert "Fix out-of-bounds write"

This reverts commit bf6873a18e3b6b00f82a645c0893a281ae8eadb8.

CVE-2020-26159 is bogus; the "bug" was apparently a false positive
reported by Coverity, and the "fix" apparently wrong, see
<https://github.com/kkos/oniguruma/issues/221>.

Closes GH-6357.

4 years agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Mon, 26 Oct 2020 12:08:47 +0000 (13:08 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix #80268: loadHTML() truncates at NUL bytes

4 years agoFix #80268: loadHTML() truncates at NUL bytes
Christoph M. Becker [Fri, 23 Oct 2020 09:06:30 +0000 (11:06 +0200)]
Fix #80268: loadHTML() truncates at NUL bytes

libxml2 has no particular issues parsing HTML strings with NUL bytes;
these just cause truncation of the current text content, but parsing
continues generally.  Since `::loadHTMLFile()` already supports NUL
bytes, `::loadHTML()` should as well.

Note that this is different from XML, which does not allow any NUL
bytes.

Closes GH-6368.

4 years agoMerge branch 'PHP-7.3' into PHP-7.4
Nikita Popov [Mon, 26 Oct 2020 11:40:56 +0000 (12:40 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Declare may_retry_reparse_point on windows only

4 years agoDeclare may_retry_reparse_point on windows only
Nikita Popov [Mon, 26 Oct 2020 11:40:27 +0000 (12:40 +0100)]
Declare may_retry_reparse_point on windows only

4 years agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Mon, 26 Oct 2020 10:54:33 +0000 (11:54 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix #62474: com_event_sink crashes on certain arguments

4 years agoFix #62474: com_event_sink crashes on certain arguments
Christoph M. Becker [Thu, 22 Oct 2020 15:50:22 +0000 (17:50 +0200)]
Fix #62474: com_event_sink crashes on certain arguments

We have to make sure that the variant is of type `VT_DISPATCH` before
we access it as such.

Closes GH-6372.

4 years agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Mon, 26 Oct 2020 10:21:35 +0000 (11:21 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix #80258: Windows Deduplication Enabled, randon permission errors

4 years agoFix #80258: Windows Deduplication Enabled, randon permission errors
Christoph M. Becker [Mon, 19 Oct 2020 15:41:58 +0000 (17:41 +0200)]
Fix #80258: Windows Deduplication Enabled, randon permission errors

A recent bug fix regarding symlinks claimed:

> After resolving reparse points, the path still may be a reparse
> point; in that case we have to resolve that reparse point as well.

While that is basically correct, some reparse points may point to
inaccessible system folders (e.g. `IO_REPARSE_TAG_DEDUP` points to
"\System Volume Information").  Since we don't know details about
arbitrary reparse points, and are mainly interested in nested symlinks,
we take a step back, and only resolve `IO_REPARSE_TAG_SYMLINK` for now.

Close GH-6354.

4 years agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Mon, 26 Oct 2020 10:04:57 +0000 (11:04 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix #80280: ADD_EXTENSION_DEP() fails for ext/standard and ext/date

4 years agoFix #80280: ADD_EXTENSION_DEP() fails for ext/standard and ext/date
Christoph M. Becker [Sat, 24 Oct 2020 14:08:02 +0000 (16:08 +0200)]
Fix #80280: ADD_EXTENSION_DEP() fails for ext/standard and ext/date

`ADD_EXTENSION_DEP()` relies on the `PHP_<extname>` config variables to
be set to `"yes"`, and since the standard and date extension are always
enabled, we define the respective variables uncoditionally.

Closes GH-6383.

4 years agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Mon, 26 Oct 2020 09:58:26 +0000 (10:58 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix bug 76618

4 years agoFix bug 76618
George Peter Banyard [Thu, 22 Oct 2020 16:01:48 +0000 (17:01 +0100)]
Fix bug 76618

Apply patch which was attached to the bug in July 2018

4 years agoFix bug 76618
George Peter Banyard [Thu, 22 Oct 2020 16:01:48 +0000 (17:01 +0100)]
Fix bug 76618

Apply patch which was attached to the bug in July 2018

4 years agoMerge branch 'PHP-7.3' into PHP-7.4
Nikita Popov [Thu, 22 Oct 2020 14:05:34 +0000 (16:05 +0200)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Don't crash on uninitialized tidy object

4 years agoDon't crash on uninitialized tidy object
Nikita Popov [Thu, 22 Oct 2020 14:04:22 +0000 (16:04 +0200)]
Don't crash on uninitialized tidy object

"Uninitialized" here means that the object was created ordinarily
-- no constructor skipping involved. Most tidy methods seem to
handle this fine, but these three need to be guarded.

4 years agoUpdated to version 2020.4 (2020d)
Derick Rethans [Thu, 22 Oct 2020 09:12:26 +0000 (10:12 +0100)]
Updated to version 2020.4 (2020d)

4 years agoEmpty merge
Derick Rethans [Thu, 22 Oct 2020 09:12:25 +0000 (10:12 +0100)]
Empty merge

4 years agoUpdated to version 2020.4 (2020d)
Derick Rethans [Thu, 22 Oct 2020 09:12:24 +0000 (10:12 +0100)]
Updated to version 2020.4 (2020d)

4 years agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Tue, 20 Oct 2020 17:00:04 +0000 (19:00 +0200)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix #80242: imap_mail_compose() segfaults for multipart with rfc822

4 years agoFix #80242: imap_mail_compose() segfaults for multipart with rfc822
Christoph M. Becker [Tue, 20 Oct 2020 14:38:16 +0000 (16:38 +0200)]
Fix #80242: imap_mail_compose() segfaults for multipart with rfc822

libc-client expects `TYPEMESSAGE` with an explicit subtype of `RFC822`
to have a `nested.msg` (otherwise there will be a segfault during
free), but not to have any `contents.text.data` (this will leak
otherwise).

Closes GH-6345.

4 years agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Tue, 20 Oct 2020 14:31:25 +0000 (16:31 +0200)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Add char* cast to avoid compiler warnings

4 years agoAdd char* cast to avoid compiler warnings
Christoph M. Becker [Tue, 20 Oct 2020 14:25:00 +0000 (16:25 +0200)]
Add char* cast to avoid compiler warnings

In libc-client 2007f `data` is declared as `unsigned char *`; there may
be variants which declare it as `void *`, but in any case picky
compilers may warn about a pointer type mismatch in the conditional
(and error with `-W-error`), so we're adding a `char *` cast for good
measure.

4 years agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Tue, 20 Oct 2020 11:34:27 +0000 (13:34 +0200)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Properly fix #80220

4 years agoProperly fix #80220
Christoph M. Becker [Fri, 16 Oct 2020 09:58:50 +0000 (11:58 +0200)]
Properly fix #80220

The original fix for that bug[1] broke the formerly working composition
of message/rfc822 messages, which results in a segfault when freeing
the message body now.  While `imap_mail_compose()` does not really
support composition of meaningful message/rfc822 messages (although
libc-client appears to support that), some code may still use this to
compose partial messages, and using string manipulation to create the
final message.

The point is that libc-client expects `TYPEMESSAGE` with an explicit
subtype of `RFC822` to have a `nested.msg` (otherwise there will be a
segfault during free), but not to have any `contents.text.data` (this
will leak otherwise).

[1] <http://git.php.net/?p=php-src.git;a=commit;h=0d022ddf03c5fabaaa22e486d1e4a367ed9170a7>

Closes GH-6343.

4 years agoFix bug #79643: Invalid memory read when opcache.interned_strings_buffer is 0
twosee [Tue, 9 Jun 2020 06:55:36 +0000 (14:55 +0800)]
Fix bug #79643: Invalid memory read when opcache.interned_strings_buffer is 0

4 years agoFix CCM tag length setting for old OpenSSL versions
Nikita Popov [Tue, 20 Oct 2020 08:50:50 +0000 (10:50 +0200)]
Fix CCM tag length setting for old OpenSSL versions

While OpenSSL 1.1 allows unconditionally setting the CCM tag length
even for decryption, some older versions apparently do not. As such,
we do need to treat CCM and OCB separately after all.

4 years agoFix bug #79983: Add support for OCB mode
Nikita Popov [Wed, 14 Oct 2020 11:03:03 +0000 (13:03 +0200)]
Fix bug #79983: Add support for OCB mode

OCB mode ciphers were already exposed to openssl_encrypt/decrypt,
but misbehaved, because they were not treated as AEAD ciphers.
From that perspective, OCB should be treated the same way as GCM.
In OpenSSL 1.1 the necessary controls were unified under
EVP_CTRL_AEAD_* (and OCB is only supported since OpenSSL 1.1).

Closes GH-6337.

4 years agoUpdated to version 2020.3 (2020c)
Derick Rethans [Mon, 19 Oct 2020 08:31:03 +0000 (09:31 +0100)]
Updated to version 2020.3 (2020c)