Even if the length of a maker note does not match our expectations
(either because the maker note is corrupted, or because our
expectations do not quite match reality), there is no need to let
parsing fail; we can still go on parsing the other meta information.
The `timercmp()` manpage[1] points out that some systems have a broken
implementation which does not support `>=`. This is definitely the
case for the Windows SDK, which only supports `<` and `>`.
Fix #74267: segfault with streams and invalid data
If the current character is a line break character, it cannot be a tab
or space character, so we would always fail with an invalid sequence
error. Obviously, these `scan_stat == 4` conditions are meant to be
exclusive.
Furthermore, if `in_pp == NULL || in_left_p == NULL` is true, we hit a
segfault if we are not returning right away. Obviously, the additional
constraints don't make sense, so we remove them.
Fix #79664: PDOStatement::getColumnMeta fails on empty result set
As its name suggests, `sqlite3_data_count` returns the number of
columns in the current row of the result set; we are interested in the
number of columns regardless of the current row, so we have to use
`sqlite3_column_count` instead.
As of PHP 7.3.0, `sapi_cli_single_write()` is supposed to return `< 0`
on failure, but `fwrite()` returns a `size_t`, and signals error by
setting the stream's error indicator. We have to cater to that.
Fix #79615: Wrong GIF header written in GD GIFEncode
The color resolution is expected in bits 4-6 of the packed fields byte
of the logical screen descriptor (byte 10 of the GIF data stream),
according to the specification[1], section 18.
Since the member is not used in `OnUpdateEol()` that's not really an
issue, but still it's confusing to apparently have two INI settings
targeting the same member.
* PHP-7.2:
Fix #78876: Long variables cause OOM and temp files are not cleaned
Fix #78875: Long filenames cause OOM and temp files are not cleaned
Update NEWS for 7.2.31
Update CREDITS for PHP 7.2.30
Update NEWS for PHP 7.2.30
Fix #78875: Long filenames cause OOM and temp files are not cleaned
We must not cast `size_t` to `int` (unless the `size_t` value is
guaranteed to be less than or equal to `INT_MAX`). In this case we can
declare `array_len` as `size_t` in the first place.
We map the POSIX semantics of `IPC_PRIVATE` by creating unnamed file
mapping objects on Windows. While that is not particularly useful for
ext/shmop, which is the only bundled extension which uses `shmget()`,
it may be useful for external extensions.
Fix #79491: Search for .user.ini extends up to root dir
The `start` parameter of `php_cgi_ini_activate_user_config` is supposed
to hold the byte offset of the doc root in the given `path`. However,
the current expression which fixes a potential type incompatibility
will ever only evaluate to zero or one, because it uses the *logical*
and operator (`&&`). Furthermore we notice that subtracting one from
`doc_root_len` is not necessary, so there is even no need for the
`start` parameter at all.
This is the change from GH-5417 but for FPM. This was stripping the
last character from the doc_root. Given how it is used, this should
be harmless, but let's make it less confusing...
Joe Cai [Sun, 19 Apr 2020 23:03:11 +0000 (09:03 +1000)]
Fix #79497: Fix php_openssl_subtract_timeval()
I stumbled upon this while debugging a strange issue with
stream_socket_client() where it randomly throws out errors when
the connection timeout is set to below 1s. The logic to calculate
time difference in php_openssl_subtract_timeval() is wrong when
a.tv_usec < b.tv_usec, causing connection errors before the timeout
is reached.
We have to free the retrieved text content; to keep the code readable,
we extract a helper function to check for empty nodes. Unfortunately,
we cannot use xmlIsBlankNode(), because that also recognizes whitespace
only text content.
We also make sure to properly handle NULL returns from
xmlNodeGetContent().
Qianqian Bu [Fri, 3 Apr 2020 07:44:41 +0000 (15:44 +0800)]
Fix incorrect free for last_message
In commit a7305eb539596e175bd6c3ae9a20953358c5d677 the last_message
field of the connection object was changed to be always non-persistent.
But there is a place on change_user path that still treats it
depending on conn->persistent flag. This will cause PHP crash after
com_change_user success when there is last_message set
Fix #79413: session_create_id() fails for active sessions
The comment on `PS_VALIDATE_SID_FUNC(files)` is very clear that the
function is supposed to return `SUCCESS` if the session already exists.
So to detect a collision, we have to check for `SUCCESS`, not
`FAILURE`.
We also fix the wrong condition in session_regenerate_id() as well.
Lukas Berger [Thu, 26 Mar 2020 17:39:39 +0000 (10:39 -0700)]
Add missing 'skip' to bug79332.phpt skip message
The skip message must start with the word 'skip', otherwise the test will not be skipped.
*Before:*
Running selected tests.
TEST 1/1 [ext/com_dotnet/tests/bug79332.phpt]
========DIFF========
001+ Fatal error: Uncaught Error: Class 'COMPersistHelper' not found in /srv/php/ext/com_dotnet/tests/bug79332.php:2
001- A com_exception has been thrown
002+ Stack trace:
003+ #0 {main}
004+ thrown in /srv/php/ext/com_dotnet/tests/bug79332.php on line 2
========DONE========
FAIL Bug #79332 (php_istreams are never freed) [ext/com_dotnet/tests/bug79332.phpt]
*After:*
Running selected tests.
SKIP Bug #79332 (php_istreams are never freed) [ext/com_dotnet/tests/bug79332.phpt] reason: com_dotnet extension not available
To cater to potentially state-dependent encodings, we have to reset the
conversion descriptor into its initial shift state to properly finish
the conversion. Furthermore, state-dependent encodings may not show
progress when comparing `in_left` before and after the conversion; we
rather have to see whether `out_left` has decreased. Also we have to
cater to the fact that the final potentially state resetting call does
not signal failure, but we still have to break respective loops
afterwards.
projects / php / log