Fix mysqli_release_savepoint() on mysqlnd

mysqli_release_savepoint() was not actually releasing a savepoint...

Fix #80115: mysqlnd.debug doesn't recognize absolute paths with slashes

pdo_mysql/mysqli (native) libmysqlclient_r no-longer used

The mysqlclient_r library exists in mysql-5.6 for compatibility only.

Later versions have it removed.

mysql: native mysql-8.0 uses _Bool

MySQL-8.0 removes option MYSQLI_OPT_SSL_VERIFY_SERVER_CERT

mysqli: use native api

Tested with:
* mysql-5.6.49-linux-glibc2.12-x86_64
* mysql-5.7.31-linux-glibc2.12-x86_64
* mysql-8.0.21-linux-glibc2.17-x86_64
* mariadb-10.5.6

mysqli: use native api

Tested with:
* mysql-5.6.49-linux-glibc2.12-x86_64
* mysql-5.7.31-linux-glibc2.12-x86_64
* mysql-8.0.21-linux-glibc2.17-x86_64
* mariadb-10.5.6

configure --with-mysqli=/usr/local/$version/bin/mysql_config --with-pdo-mysql=/usr/local/$version

MySQL-8.0 removed my_bool
Some options where deprecated in mysql-8.0

MY_CHARSET_INFO used with exposed api mysql_get_character_set_info
rather than internal structures.

show more ...

ext/soap: Compare Set-Cookie header case-insensitively

Closes GH-6143.

Fixed bug #80083

Add db2_execute() to the list of functions accessing the local
scope. Ideally the API wouldn't do that, but it seems most
pragmatic to address this on the opcache si

Fixed bug #80083

Add db2_execute() to the list of functions accessing the local
scope. Ideally the API wouldn't do that, but it seems most
pragmatic to address this on the opcache side at this point.

show more ...

7.3.24 is next

Avoid segfault if module/extension version is not defined

Fix #80067: Omitting the port in bindto setting errors

A recent commit[1] which fixed a memory leak introduced a regression
regarding the formerly liberal handling of IP addresses to bin

Fix #80067: Omitting the port in bindto setting errors

A recent commit[1] which fixed a memory leak introduced a regression
regarding the formerly liberal handling of IP addresses to bind to. We
fix this by reverting that commit, and fix the memory leak where it
actually occurs. In other words, this fix is less intrusive than the
former fix.

[1] <http://git.php.net/?p=php-src.git;a=commit;h=0b8c83f5936581942715d14883cdebddc18bad30>

Closes GH-6104.

show more ...

Fix #79825: opcache.file_cache causes SIGSEGV with custom opcode handlers

Modules may have changed after restart which can cause dangling pointers from custom opcode handlers in the second-l

Fix #79825: opcache.file_cache causes SIGSEGV with custom opcode handlers

Modules may have changed after restart which can cause dangling pointers from custom opcode handlers in the second-level cache files. This fix includes the installed module names and versions in the accel_system_id hash as entropy. Closes GH-5836

show more ...

Fix #72941: Modifying bucket->data by-ref has no effect any longer

To match the PHP 5 behavior, we have to explicitly cater to `buffer` or
`data` being references.

Closes GH-609

Fix #72941: Modifying bucket->data by-ref has no effect any longer

To match the PHP 5 behavior, we have to explicitly cater to `buffer` or
`data` being references.

Closes GH-6096.

show more ...

Fixed bug #80077

Quoting from the bug report:

> The domain names passed to getmxrr() do not contain a trailing dot.
> DNS lookups which do not find records will (depending on th

Fixed bug #80077

Quoting from the bug report:

> The domain names passed to getmxrr() do not contain a trailing dot.
> DNS lookups which do not find records will (depending on the local
> resolver config) try again by adding the local domain to the end of
> the searched host/domain. In many environments there's an mx record
> for any subdomain of the local domain and the MX query will return
> a hit. But the test expects no hit. So the test fails when checking
> that "qa.php.net" does not have an MX record in DNS. In our local
> environment the resolver falls back to also check qa.php.net.kippdata.de
> which does have an MX record. Using "qa.php.net." instead of "qa.php.net"
> should fix this for everyone.

show more ...

Avoid duplicate octal warning during heredoc scan ahead

Fixed bug #80049

Type checking may convert to refcounted values, so force freeing
of extra args.

Fix #80048: Bug #69100 has not been fixed for Windows

We fix the erroneous length calculation on Windows, too.

Closes GH-6067.

Skip test if A: drive exists

Otherwise the test case will fail for a very different reason.

Handle memory limit error during string reallocation correctly

Do not decrement the refcount before allocating the new string,
as the allocation operation may bail out and cause a use-af

Handle memory limit error during string reallocation correctly

Do not decrement the refcount before allocating the new string,
as the allocation operation may bail out and cause a use-after-free
lateron. We can only decrement the refcount once the allocation
has succeeded.

Fixes oss-fuzz #25384.

show more ...

Fix binary-safety of parse_url

php_parse_url() is intended to support strings that are not zero
terminated. We can't use strcspn in the implementation.

As we have two uses of st

Fix binary-safety of parse_url

php_parse_url() is intended to support strings that are not zero
terminated. We can't use strcspn in the implementation.

As we have two uses of strcspn, add a helper.

show more ...

Fix throwing of yield from related exceptions into generator

Use the general zend_generator_throw_exception() helper for this.
Otherwise we don't handle the off-by-one opline correctly (

Fix throwing of yield from related exceptions into generator

Use the general zend_generator_throw_exception() helper for this.
Otherwise we don't handle the off-by-one opline correctly (should
we maybe just stop doing that?)

This is a followup to ad750c3bb6e7b48384c6265eb9d3bcf5b4000652,
which fixed a different yield from exception handling problem that
happened to show up in the same test case from oss-fuzz #25321.
Now both issues should be fixed.

show more ...

Fix infinite loop on string offset during by-ref list assign

There is a deeper underlying issue here, in that the opcodes violate
VM write-fetch safety, but let's fix the infinite loop f

Fix infinite loop on string offset during by-ref list assign

There is a deeper underlying issue here, in that the opcodes violate
VM write-fetch safety, but let's fix the infinite loop first.

This fixes oss-fuzz #25352.

show more ...

Fix leak on assign concat of array and empty string

Fixed test case

Update timelib to 2018.04

Fix #80027 Terrible performance using $query->fetch on queries with many bind parameters

Added new flags that allow skipping param_evt(s) that are not used by drivers,
in a backwards and

Fix #80027 Terrible performance using $query->fetch on queries with many bind parameters

Added new flags that allow skipping param_evt(s) that are not used by drivers,
in a backwards and forward compatible manner. Updated the pgsql, mysql, sqlite
and oci drivers to properly use the new flags. I've left out pdo_dblib, which
doesn't have a param_hook, and pdo_firebird, which seems to be using
PARAM_EVT_NORMALIZE in a wrong context (param type vs event type).

show more ...