Fix #79200: Some iconv functions cut Windows-1258

To cater to potentially state-dependent encodings, we have to reset the
conversion descriptor into its initial shift state to properly f

Fix #79200: Some iconv functions cut Windows-1258

To cater to potentially state-dependent encodings, we have to reset the
conversion descriptor into its initial shift state to properly finish
the conversion. Furthermore, state-dependent encodings may not show
progress when comparing `in_left` before and after the conversion; we
rather have to see whether `out_left` has decreased. Also we have to
cater to the fact that the final potentially state resetting call does
not signal failure, but we still have to break respective loops
afterwards.

show more ...

Fix #79393: Null coalescing operator failing with SplFixedArray

We favor the KISS principle over optimization[1] – SPL is already
special enough.

[1] <https://github.com/php/php

Fix #79393: Null coalescing operator failing with SplFixedArray

We favor the KISS principle over optimization[1] – SPL is already
special enough.

[1] <https://github.com/php/php-src/pull/2489/commits/352f3d4476a79bb86136b431719df7394e5a8d4e#r112498098>ff

show more ...

NEWS

Fix #79396: DateTime hour incorrect during DST jump forward

When you attempt to set the time to a non-existent time occuring during
a DST jump forward, the hour does not move forward cor

Fix #79396: DateTime hour incorrect during DST jump forward

When you attempt to set the time to a non-existent time occuring during
a DST jump forward, the hour does not move forward correctly.

show more ...

Fix NEWS

[ci skip] Update NEWS

[ci skip] Update NEWS

Fix #79199: curl_copy_handle() memory leak

`curl_copy_handle()` already registers a new resource, so we must not
increase the refcount of the original resource.

Fix #61597: SXE properties may lack attributes and content

We must not treat a node as string if it has attributes, unless it is
an entity declaration which is always treated as string b

Fix #61597: SXE properties may lack attributes and content

We must not treat a node as string if it has attributes, unless it is
an entity declaration which is always treated as string by simplexml.

show more ...

Fix #78210: Invalid pointer address

This is actually about three distinct issues:

* If an empty string is passed as $address to `stream_socket_sendto()`,
the `sa` is not initi

Fix #78210: Invalid pointer address

This is actually about three distinct issues:

* If an empty string is passed as $address to `stream_socket_sendto()`,
the `sa` is not initialized, so we must not pass it as `addr` to
`php_stream_xport_sendto()`.

* On POSIX, `recvfrom()` truncates messages which are too long to fit
into the specified buffer (unless `MSG_PEEK` is given), discards the
excessive bytes, and returns the buffer length. On Windows, the same
happens, but `recvfrom()` returns `SOCKET_ERROR` with the error code
`WSAEMSGSIZE`. We have to catch this for best POSIX compatibility.

* In `php_network_parse_network_address_with_port()`, we have to zero
`in6` (not only its alias `sa`) to properly support IPv6.

Co-Authored-By: Nikita Popov <nikita.ppv@googlemail.com>

show more ...

Fix #79364: When copy empty array, next key is unspecified

We must not forget to keep the `nNextFreeElement` when duplicating
empty arrays.

Fix #75673: SplStack::unserialize() behavior

Even though `SplStack::unserialize()` is not supposed to be called on
an already constructed instance, it is probably better if the method

Fix #75673: SplStack::unserialize() behavior

Even though `SplStack::unserialize()` is not supposed to be called on
an already constructed instance, it is probably better if the method
clears the stack before actually unserializing.

show more ...

Next is 7.3.17

Fix #79333: com_print_typeinfo() leaks memory

We have to free the `ansiname`s, regardless of whether they have been
put into the hashtable or not.

Since bug79299.phpt already sh

Fix #79333: com_print_typeinfo() leaks memory

We have to free the `ansiname`s, regardless of whether they have been
put into the hashtable or not.

Since bug79299.phpt already shows the leak when run with a leak
checker, there is no need for another regression test.

show more ...

Fix #79332: php_istreams are never freed

Releasing the `com_dotnet_istream_wrapper` in `istream_destructor()` is
pointless, since `istream_destructor()` is only called when the
resou

Fix #79332: php_istreams are never freed

Releasing the `com_dotnet_istream_wrapper` in `istream_destructor()` is
pointless, since `istream_destructor()` is only called when the
resource is going to be released. This recursion is not a real issue,
though, since the resource is never exposed to userland, and has at
most refcount 1, so due to well defined unsigned integer underflow, it
never is released twice. However, returning early in this case causes
a memory leak which needs to be fixed.

show more ...

Fixed bug #79062

Back up the doc comment when performing heredoc scanahead.

Fix #79311: enchant_dict_suggest() fails on big endian architecture

For obvious reasons, we must not assign a `size_t` value to an `int`
variable using memcpy(). However, there is actua

Fix #79311: enchant_dict_suggest() fails on big endian architecture

For obvious reasons, we must not assign a `size_t` value to an `int`
variable using memcpy(). However, there is actually no need for the
intermediate `n_sugg_st` here, if we use the proper types in the first
place.

A regression test is not necessary, because dict_suggest.phpt already
exhibits the erroneous behavior on big endian architectures.

show more ...

Fix #64032: mysqli reports different client_version

While `mysqli_get_client_version()` calls `mysql_get_client_version()`
to retrieve the client version, `mysql::$client_version` is ini

Fix #64032: mysqli reports different client_version

While `mysqli_get_client_version()` calls `mysql_get_client_version()`
to retrieve the client version, `mysql::$client_version` is initialized
to `MYSQL_VERSION_ID`. Both should match though, and since the former
is the more useful information, we fix `mysql::$client_version`.

We do not add a regression test, because it would usually succeed
anyway, and we already have several tests with respective `assert()`s.

show more ...

Fix #63206: Fully support error/exception_handler stacking, even with null or inside the handler

Always push the current user_error/exception_handler to the stack,
even when it is empty,

Fix #63206: Fully support error/exception_handler stacking, even with null or inside the handler

Always push the current user_error/exception_handler to the stack,
even when it is empty, so restore_error_handler() always works as
expected.

The user_error_handler is especially temporarily empty when we are inside
the error handler, which caused inconsistent behaviour before.

show more ...

Fixes #79265: Improper injection of Host header when using fopen for http requests

Check all occurrences of the string "host:" (and other headers),
not just the first one.

Fix #79299: com_print_typeinfo prints duplicate variables

`lastid` has to retain its value during the traversal, so we move it to
an outer scope.

Patch contributed by Litiano Mo

Fix #79299: com_print_typeinfo prints duplicate variables

`lastid` has to retain its value during the traversal, so we move it to
an outer scope.

Patch contributed by Litiano Moura.

show more ...

Fix #79294: ::columnType() may fail after SQLite3Stmt::reset()

The fix for feature request #53466 did not properly handle resetting of
the corresponding statement; the problem with this

Fix #79294: ::columnType() may fail after SQLite3Stmt::reset()

The fix for feature request #53466 did not properly handle resetting of
the corresponding statement; the problem with this is that the
statement does not know about its result sets. But even if we could
fix this, the `complete` handling still appears to be brittle, since
the `sqlite3_column_type()`docs[1] state:

| If the SQL statement does not currently point to a valid row, or if
| the column index is out of range, the result is undefined.

Fortunately, we can use `sqlite3_data_count()` instead, since[2]:

| If prepared statement P does not have results ready to return (via
| calls to the sqlite3_column() family of interfaces) then
| sqlite3_data_count(P) returns 0.

Thus, we guard `SQLite3::columnType()` with `sqlite3_data_count()`, and
completely drop updating the `php_sqlite3_result_object.complete`
field, but keep it for ABI BC purposes.

[1] <https://www.sqlite.org/c3ref/column_blob.html>
[2] <https://www.sqlite.org/c3ref/data_count.html>

show more ...

Fix NEWS [ci skip]

Cosmetics.

Remove extra tab in NEWS [ci skip]

Fix #79038: PDOStatement::nextRowset() leaks column values

Firstly, we must not rely on `stmt->column_count` when freeing the
driver specific column values, but rather store the column c

Fix #79038: PDOStatement::nextRowset() leaks column values

Firstly, we must not rely on `stmt->column_count` when freeing the
driver specific column values, but rather store the column count in
the driver data. Since the column count is a `short`, 16 bit are
sufficient, so we can store it in reserved bits of `pdo_odbc_stmt`.

Furthermore, we must not allocate new column value storage when the
statement is not executed, but rather when the column value storage has
not been allocated.

Finally, we have to introduce a driver specific `cursor_closer` to
avoid that `::closeCursor()` calls `odbc_stmt_next_rowset()` which then
frees the column value storage, because it may be still needed for
bound columns.

show more ...