]>
granicus.if.org Git - php/log
Nikita Popov [Fri, 2 Aug 2019 08:37:44 +0000 (10:37 +0200)]
Add test for bug #78363
Nikita Popov [Fri, 2 Aug 2019 08:35:48 +0000 (10:35 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
Nikita Popov [Fri, 2 Aug 2019 08:35:24 +0000 (10:35 +0200)]
Fixed bug #78363
Christoph M. Becker [Thu, 1 Aug 2019 08:49:05 +0000 (10:49 +0200)]
Remove upgrade-pcre.php script
This script has not been updated for PCRE2, and it's mostly useless
anyway. Therefore we remove it altogether.
Christoph M. Becker [Wed, 31 Jul 2019 16:05:40 +0000 (18:05 +0200)]
Fix 78213: Empty row pocket
We have to ensure that we don't create an arena which is smaller than
its header, regardless of the configured alignment.
Christoph M. Becker [Tue, 30 Jul 2019 07:49:39 +0000 (09:49 +0200)]
Add security related NEWS entries [ci skip]
Remi Collet [Tue, 30 Jul 2019 07:27:06 +0000 (09:27 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
* PHP-7.2:
add security NEW entries + reorder [ci skip]
Remi Collet [Tue, 30 Jul 2019 07:26:50 +0000 (09:26 +0200)]
add security NEW entries + reorder [ci skip]
Christoph M. Becker [Mon, 29 Jul 2019 17:31:47 +0000 (19:31 +0200)]
Fix #78338: Array cross-border reading in PCRE
We backport r1092 from pcre2.
Stanislav Malyshev [Mon, 29 Jul 2019 20:20:44 +0000 (13:20 -0700)]
Merge branch 'PHP-7.2' into PHP-7.3
* PHP-7.2:
Fix #77919: Potential UAF in Phar RSHUTDOWN
Update NEWS
Fix bug #78256 (heap-buffer-overflow on exif_process_user_comment)
Fix bug #78222 (heap-buffer-overflow on exif_scan_thumbnail)
Stanislav Malyshev [Mon, 29 Jul 2019 20:19:16 +0000 (13:19 -0700)]
Merge branch 'PHP-7.1' into PHP-7.2
* PHP-7.1:
Fix #77919: Potential UAF in Phar RSHUTDOWN
Update NEWS
Fix bug #78256 (heap-buffer-overflow on exif_process_user_comment)
Fix bug #78222 (heap-buffer-overflow on exif_scan_thumbnail)
Christoph M. Becker [Mon, 29 Jul 2019 14:08:03 +0000 (16:08 +0200)]
Fix #77919: Potential UAF in Phar RSHUTDOWN
We have to properly clean up in case phar_flush() is failing.
We also make the expectation of the respective test case less liberal
to avoid missing such bugs in the future.
Stanislav Malyshev [Mon, 29 Jul 2019 07:55:18 +0000 (00:55 -0700)]
Update NEWS
Nikita Popov [Mon, 29 Jul 2019 15:34:08 +0000 (17:34 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
Albert Casademont [Tue, 23 Jul 2019 12:03:06 +0000 (14:03 +0200)]
Fix bug #78326
Similar to what fread() does, truncate the stream_get_contents()
result if the original buffer was way too large.
Nikita Popov [Mon, 29 Jul 2019 14:57:57 +0000 (16:57 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
Nikita Popov [Tue, 23 Jul 2019 08:38:23 +0000 (10:38 +0200)]
Fix Zend signals unblocking
There are a few parts here:
* opcache should not be blocking signals while invoking compile_file,
otherwise signals may remain blocked on a compile error. While at
it, also protect SHM memory during compile_file.
* We should deactivate Zend signals at the end of the request, to make
sure that we gracefully recover from a missing unblock and signals
don't remain blocked forever.
* We don't use a critical section in deactivation, because it should
not be necessary. Additionally we want to clean up the signal queue,
if it is non-empty.
* Enable SIGG(check) in debug builds so we notice issues in the future.
Christoph M. Becker [Mon, 29 Jul 2019 12:48:23 +0000 (14:48 +0200)]
Update NEWS [ci skip]
The fix has been cherry-picked into PHP-7.3.8, so the bug will be fixed
already there.
Nikita Popov [Mon, 29 Jul 2019 11:02:01 +0000 (13:02 +0200)]
Fixed bug #78341
The smart branch logic assumed b->start refers to the old offsets,
while b->start was already adjusted to the new offsets at this
point. Delay the change until later.
Nikita Popov [Mon, 29 Jul 2019 09:27:34 +0000 (11:27 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
Nikita Popov [Mon, 29 Jul 2019 09:23:26 +0000 (11:23 +0200)]
Fixed bug #78333
Don't dereference float/double values at unknown address, instead
memcpy it into an aligned stack slot and dereference that.
Nikita Popov [Mon, 29 Jul 2019 09:26:00 +0000 (11:26 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
Nikita Popov [Mon, 29 Jul 2019 09:23:26 +0000 (11:23 +0200)]
Fixed bug #78333
Don't dereference float/double values at unknown address, instead
memcpy it into an aligned stack slot and dereference that.
Stanislav Malyshev [Mon, 8 Jul 2019 00:39:59 +0000 (17:39 -0700)]
Fix bug #78256 (heap-buffer-overflow on exif_process_user_comment)
Stanislav Malyshev [Mon, 8 Jul 2019 00:01:01 +0000 (17:01 -0700)]
Fix bug #78222 (heap-buffer-overflow on exif_scan_thumbnail)
Christoph M. Becker [Mon, 29 Jul 2019 06:50:17 +0000 (08:50 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
* PHP-7.2:
Fix #78342: Bus error in configure test for iconv //IGNORE
Christoph M. Becker [Mon, 29 Jul 2019 06:48:13 +0000 (08:48 +0200)]
Fix #78342: Bus error in configure test for iconv //IGNORE
We have to check the return value of iconv_open() for error, to avoid
that and potentially other undesired behavior of iconv().
Levi Morrison [Thu, 25 Jul 2019 15:49:18 +0000 (09:49 -0600)]
Merge branch 'PHP-7.2' into PHP-7.3
* PHP-7.2:
Remove .post files only for passing tests
Levi Morrison [Thu, 25 Jul 2019 15:48:29 +0000 (09:48 -0600)]
Remove .post files only for passing tests
This allows the sh script for failing tests with --POST-- to work
Peter Kokot [Tue, 23 Jul 2019 00:13:36 +0000 (02:13 +0200)]
Update NEWS
Peter Kokot [Tue, 23 Jul 2019 00:13:12 +0000 (02:13 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
* PHP-7.2:
Update NEWS
Peter Kokot [Tue, 23 Jul 2019 00:13:00 +0000 (02:13 +0200)]
Update NEWS
Nikita Popov [Mon, 22 Jul 2019 10:40:26 +0000 (12:40 +0200)]
Remove test for bug #77185
Seems to be very unreliable in CI.
Nikita Popov [Mon, 22 Jul 2019 09:18:38 +0000 (11:18 +0200)]
Reduce number of workers in test
4 seems to be enough to reliably reproduce the issue. Let's see
if this works better in CI.
Maksim Nikulin [Wed, 23 Jan 2019 05:19:29 +0000 (12:19 +0700)]
Prevent use after free in fpm_event_epoll_wait
epoll event backend does not guarantee that child input/output events
are reported before SIGCHILD due to finished worker. While a bunch of
events received by epoll is being processed, child-related structures
may be removed before dispatching of an I/O event for the same child.
The result may be attempt to access to memory region allocated for
another purpose, segfault of the master process, and unavailable web
sites.
Postpone processing of SIGCHILD events till other events in the same
bunch are processed.
Fix Bug #62418 php-fpm master process crashes
Fix Bug #65398 Race condition between SIGCHLD and child stdout/stderr event leads to segfault
Fix Bug #75112 php-fpm crashing, hard to reproduce
Fix Bug #77114 php-fpm master segfaults in fpm_event_epoll_wait/fpm_event_fire
Fix Bug #77185 Use-after-free in FPM master event handling
George Wang [Sun, 21 Jul 2019 04:01:06 +0000 (00:01 -0400)]
Merge branch 'PHP-7.2' into PHP-7.3
George Wang [Sun, 21 Jul 2019 03:59:43 +0000 (23:59 -0400)]
Checked in LiteSpeed SAPI 7.5, addressed two main problems in "clean shutdown" introduced in 7.4.3,
1. falls in an infinite loop because PHP engine's inconsistent state, now override the ITIMER_PROF to 0.1 second, clean shutdown must finish before that.
2. generate too much error log, we completely disable "error_reporting" before calling php_request_shutdown().
Nikita Popov [Thu, 18 Jul 2019 12:41:22 +0000 (14:41 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
Abyr Valg [Wed, 17 Jul 2019 18:46:40 +0000 (21:46 +0300)]
Fixed bug #77946
Save multi_info_read() result into easy handle.
Nikita Popov [Wed, 17 Jul 2019 13:59:05 +0000 (15:59 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
Nikita Popov [Wed, 17 Jul 2019 13:58:29 +0000 (15:58 +0200)]
Fixed bug #69100
George Peter Banyard [Thu, 11 Jul 2019 14:06:41 +0000 (16:06 +0200)]
Convert short tag to standard tag in Zend test file
Closes GH-4389.
(cherry picked from commit
e6c2b288652cf9c8d0b92d2842d73b3eb2431860 )
Christoph M. Becker [Tue, 16 Jul 2019 11:44:13 +0000 (13:44 +0200)]
Update NEWS [ci skip]
Remi Collet [Tue, 16 Jul 2019 11:00:30 +0000 (13:00 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
* PHP-7.2:
move NEWS entry [ci skip]
Remi Collet [Tue, 16 Jul 2019 11:00:13 +0000 (13:00 +0200)]
move NEWS entry [ci skip]
Nikita Popov [Tue, 16 Jul 2019 09:10:02 +0000 (11:10 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
Nikita Popov [Tue, 16 Jul 2019 09:08:27 +0000 (11:08 +0200)]
Fixed bug #78297
Remi Collet [Tue, 16 Jul 2019 08:39:03 +0000 (10:39 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
* PHP-7.2:
next is 7.2.22
Remi Collet [Tue, 16 Jul 2019 08:38:20 +0000 (10:38 +0200)]
next is 7.2.22
Dmitry Stogov [Mon, 15 Jul 2019 22:52:11 +0000 (01:52 +0300)]
Merge branch 'PHP-7.2' into PHP-7.3
* PHP-7.2:
Fixed incorrect specialization (missed IS_INDIRECT handling)
Dmitry Stogov [Mon, 15 Jul 2019 22:50:10 +0000 (01:50 +0300)]
Fixed incorrect specialization (missed IS_INDIRECT handling)
Nikita Popov [Mon, 15 Jul 2019 13:19:43 +0000 (15:19 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
Nikita Popov [Tue, 25 Jun 2019 10:09:47 +0000 (12:09 +0200)]
Fix bug #77124
This is a backport of
6fcae63f614d1ed4aaeaff7b13a7a4627b1f1312
to PHP 7.2.
Remi Collet [Mon, 15 Jul 2019 12:17:13 +0000 (14:17 +0200)]
typo [ci skip]
Remi Collet [Mon, 15 Jul 2019 12:11:38 +0000 (14:11 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
* PHP-7.2:
Fix #78269 password_hash uses weak options for argon2
Remi Collet [Mon, 15 Jul 2019 12:11:30 +0000 (14:11 +0200)]
Fix #78269 password_hash uses weak options for argon2
Remi Collet [Mon, 15 Jul 2019 12:10:38 +0000 (14:10 +0200)]
Fix #78269 password_hash uses weak options for argon2
Nikita Popov [Mon, 15 Jul 2019 10:00:30 +0000 (12:00 +0200)]
Fixed bug #78010
Prevent the gc_info from becoming all zero for a registered root
by setting the top bit to one for compressed root addresses.
Nikita Popov [Mon, 15 Jul 2019 08:23:27 +0000 (10:23 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
Andrew Collington [Sun, 14 Jul 2019 13:49:38 +0000 (14:49 +0100)]
Fix bug #78291 Missing opcache directives
New opcache directives have been added recently which are returned
if using `ini_get_all('zend opcache')` but are not listed in the
directives if using `opcache_get_configuration()`. This fix adds
those missing directives as well as if `opcache.mmap_base` is used
instead of `opcache.lockfile_path`. Also adds a test to ensure the
directives match with both methods of fetching.
Nikita Popov [Fri, 12 Jul 2019 14:51:47 +0000 (16:51 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
Nikita Popov [Fri, 12 Jul 2019 14:50:43 +0000 (16:50 +0200)]
Use TRY_ADDREF/TRY_DELREF in soap
The DELREF part is a possible fix for bug #78278, the ADDREF part
is a drive-by fix.
Nikita Popov [Fri, 12 Jul 2019 14:29:55 +0000 (16:29 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
Nikita Popov [Fri, 12 Jul 2019 14:29:18 +0000 (16:29 +0200)]
Fixed bug #78279
Even if we don't initialize the callback on every request, we
should still reset our globals to default values...
Christoph M. Becker [Thu, 27 Jun 2019 09:34:51 +0000 (11:34 +0200)]
Fix #78212: Segfault in built-in webserver
Since syslog's ident and facility parameters have been added to
config[1], vsyslog() segfaults on Windows, if openlog() has not been
called before. We bring back the removed lines to fix this.
[1] <http://git.php.net/?p=php-src.git;a=commit;h=
2475337bd8a0fad0dac03db3f5e7e9d331d53653 >
Nikita Popov [Wed, 10 Jul 2019 15:25:04 +0000 (17:25 +0200)]
Fix bug #78271
When cleaning nops in the dfa pass, we were always keeping the
smart branch inhibiting nop that occurs directly before the jump
instruction. However, as we skip unreachable blocks entirely, it
may happen that we need to keep a nop that occurs further back,
prior to the unreachable blocks. Account for that case now.
We should really do something about the smart branch situation,
this is very fragile...
Nikita Popov [Wed, 10 Jul 2019 11:09:06 +0000 (13:09 +0200)]
Add CONFLICTS to recognized sections
It does nothing on 7.3, but this makes it easier to write tests in
3rd party extensions.
Nikita Popov [Tue, 9 Jul 2019 09:05:18 +0000 (11:05 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
Nikita Popov [Tue, 9 Jul 2019 09:04:05 +0000 (11:04 +0200)]
Revert "Fixed bug #76980"
This reverts commit
35353dc49a73a58c17c7896c4c4c3997ef2c007d .
This changes causes issues for Symfony, see
https://github.com/symfony/symfony/issues/32395. I'm reverting it
from PHP 7.2 and PHP 7.3 and only leaving it in PHP 7.4.
Christoph M. Becker [Tue, 9 Jul 2019 08:04:20 +0000 (10:04 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
* PHP-7.2:
Upgrade to SQLite 3.28.0
Christoph M. Becker [Tue, 9 Jul 2019 08:01:52 +0000 (10:01 +0200)]
Merge branch 'PHP-7.1' into PHP-7.2
* PHP-7.1:
Upgrade to SQLite 3.28.0
Christoph M. Becker [Fri, 21 Jun 2019 13:48:50 +0000 (15:48 +0200)]
Upgrade to SQLite 3.28.0
Over the years, multiple security vulnerabilities[1] have been found
and fixed in SQLite3, so it makes sense to update our bundled libsqlite
to the latest available version.
[1] <https://www.cvedetails.com/vulnerability-list/vendor_id-9237/Sqlite.html>
Peter Kokot [Mon, 8 Jul 2019 16:48:50 +0000 (18:48 +0200)]
Update NEWS [ci skip]
Peter Kokot [Mon, 8 Jul 2019 16:48:27 +0000 (18:48 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
* PHP-7.2:
Update NEWS [ci skip]
Peter Kokot [Mon, 8 Jul 2019 16:45:36 +0000 (18:45 +0200)]
Update NEWS [ci skip]
Nikita Popov [Fri, 5 Jul 2019 10:07:10 +0000 (12:07 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
Nikita Popov [Fri, 5 Jul 2019 10:06:52 +0000 (12:06 +0200)]
Backport fe_reset_rw case
Nikita Popov [Fri, 5 Jul 2019 09:40:45 +0000 (11:40 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
Nikita Popov [Fri, 5 Jul 2019 09:39:42 +0000 (11:39 +0200)]
Fix inference for compound object op on dim
George Wang [Thu, 4 Jul 2019 16:04:08 +0000 (12:04 -0400)]
Merge branch 'PHP-7.2' into PHP-7.3
George Wang [Thu, 4 Jul 2019 16:03:21 +0000 (12:03 -0400)]
Updated to LiteSpeed SAPI V7.4.3
Increased response header count limit from 100 to 1000.
Added crash handler to cleanly shutdown PHP request.
Added CloudLinux mod_lsapi mode
Fixed bug #76058
Christoph M. Becker [Thu, 4 Jul 2019 12:50:23 +0000 (14:50 +0200)]
[ci skip] Remove NEWS entry
This commit already was contained in PHP 7.3.7, but doesn't need a NEWS
entry, since the regression had only been introduced with PHP 7.3.7RC1.
Fabien Villepinte [Thu, 4 Jul 2019 12:09:22 +0000 (14:09 +0200)]
Fix typo in NEWS [skip ci]
Nikita Popov [Wed, 3 Jul 2019 10:36:33 +0000 (12:36 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
Nikita Popov [Wed, 3 Jul 2019 10:27:13 +0000 (12:27 +0200)]
Fixed bug #78231
Nikita Popov [Wed, 3 Jul 2019 08:19:31 +0000 (10:19 +0200)]
Fixed bug #78230
Christoph M. Becker [Wed, 3 Jul 2019 08:00:05 +0000 (10:00 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
* PHP-7.2:
Fix #78241: touch() does not handle dates after 2038 in PHP 64-bit
Christoph M. Becker [Wed, 3 Jul 2019 07:59:17 +0000 (09:59 +0200)]
Fix #78241: touch() does not handle dates after 2038 in PHP 64-bit
`time_t` defaults to `_time64` (which is 64bit signed) even on x86, but
`Int32x32To64()` truncates it to signed 32bit. We replace the macro
with the "manual" calculation.
Nikita Popov [Tue, 2 Jul 2019 14:12:24 +0000 (16:12 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
Nikita Popov [Tue, 2 Jul 2019 14:10:56 +0000 (16:10 +0200)]
Backport test fix
Closes GH-3816.
Christoph M. Becker [Tue, 2 Jul 2019 13:08:10 +0000 (15:08 +0200)]
Fix NEWS
Bug #78185 fixed a regression in PHP 7.3.7RC2, so should not be listed
here.
Nikita Popov [Tue, 2 Jul 2019 10:28:37 +0000 (12:28 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
Alex Scott [Tue, 11 Jun 2019 14:31:07 +0000 (18:31 +0400)]
Fix bug #78138: opcache.validate_permission incorrectly works with PHAR files
opcache incorrectly handles PHAR files when opcache.validate_permission
option enabled, because it calls
access("phar://path-to/file.phar/path/inside.php", R_OK);
rather than
access("path-to/file.phar", R_OK)
Christoph M. Becker [Mon, 1 Jul 2019 16:12:28 +0000 (18:12 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
* PHP-7.2:
Add missing SKIPIFs
Christoph M. Becker [Mon, 1 Jul 2019 16:11:13 +0000 (18:11 +0200)]
Add missing SKIPIFs
All these tests are meant to run with OPcache available, and some will
even fail inevitably without it, so we add OPcache as SKIPIF
requirement.
Christoph M. Becker [Mon, 1 Jul 2019 15:22:55 +0000 (17:22 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
* PHP-7.2:
Add missing SKIPIFs
Christoph M. Becker [Mon, 1 Jul 2019 13:01:24 +0000 (15:01 +0200)]
Add missing SKIPIFs
All these tests are meant to run with OPcache available, and some will
even fail inevitably without it, so we add OPcache as SKIPIF
requirement.
Christoph M. Becker [Mon, 1 Jul 2019 14:43:47 +0000 (16:43 +0200)]
Merge branch 'PHP-7.2' into PHP-7.3
* PHP-7.2:
Fix brittle test
Christoph M. Becker [Mon, 1 Jul 2019 14:41:20 +0000 (16:41 +0200)]
Fix brittle test
This test is easily tripped by former test runs with other PHP
versions. To avoid such false positives, we check that there is at
least one respective OPcache file, and that all found OPcache user ID
folders have exactly 32 hexadecimal digits.
Peter Kokot [Mon, 1 Jul 2019 00:54:42 +0000 (02:54 +0200)]
Update NEWS [ci skip]