| 6724d5d4 | 04-Aug-2021 |
Christoph M. Becker |
Fix #81327: Error build openssl extension on php 7.4.22
The recent fix for bug 52093 is not compatible with LibreSSL ≥ 2.7.0,
which we recognize as mostly OpenSSL 1.1.0 compatible, but t
Fix #81327: Error build openssl extension on php 7.4.22
The recent fix for bug 52093 is not compatible with LibreSSL ≥ 2.7.0,
which we recognize as mostly OpenSSL 1.1.0 compatible, but they still
do not support `ASN1_INTEGER_set_int64()`.
Closes GH-7339.
show more ...
|
| c565555f | 02-Aug-2021 |
Christoph M. Becker |
Fix #51498: imagefilledellipse does not work for large circles
We backport the respective upstream fix[1].
[1] <https://github.com/libgd/libgd/commit/ace7fd88dc7571b3aa182f6b2604292
Fix #51498: imagefilledellipse does not work for large circles
We backport the respective upstream fix[1].
[1] <https://github.com/libgd/libgd/commit/ace7fd88dc7571b3aa182f6b2604292f8461a819>
Closes GH-7329.
show more ...
|
| d1ccb5bd | 29-Jul-2021 |
Christoph M. Becker |
Fix #81305: Built-in Webserver Drops Requests With "Upgrade" Header
While our HTTP parser supports upgrade requests, the code using it does
not. Since upgrade requests are only valid fo
Fix #81305: Built-in Webserver Drops Requests With "Upgrade" Header
While our HTTP parser supports upgrade requests, the code using it does
not. Since upgrade requests are only valid for HTTP/1.1 and we neither
support any higher version, nor HTTPS yet, we do not exit early in case
of such requests, i.e. we ignore them, what is allowed by the specs.
We keep the supporting code in case we can meaningfully support upgrade
requests in the future.
Closes GH-7316.
show more ...
|
| 98049e8b | 21-Jul-2021 |
Christoph M. Becker |
Fix #81252: PDO_ODBC doesn't account for SQL_NO_TOTAL
If `P->len` is negative (not only when it is `SQL_NULL_DATA`), we must
not go on, because the following code can't deal with that.
Fix #81252: PDO_ODBC doesn't account for SQL_NO_TOTAL
If `P->len` is negative (not only when it is `SQL_NULL_DATA`), we must
not go on, because the following code can't deal with that. This means
that the output parameter will be set to `NULL` without any indication
what went wrong, but it's still better than crashing.
Closes GH-7295.
show more ...
|
| d26069a2 | 27-Jul-2021 |
Kamil Tekiela |
Prevent mysqli::next_result from reporting errors from previous calls (#7304) |
| 1fa26ecc | 26-Jul-2021 |
Christoph M. Becker |
Fix #81294: Segfault when removing a filter
We need to call the proper method.
Closes GH-7308. |
| 387c0de9 | 23-Jul-2021 |
Christoph M. Becker |
Fix #81283: shmop can't read beyond 2147483647 bytes
`start`, `count` and `shmop->size` are `zend_long`, so we must not
restrict to `INT_MAX`.
Closes GH-7301. |
| dfd05da9 | 23-Jul-2021 |
Nikita Popov |
Fix bug #66719
While parent:: should inherit the called scope, it should only do
so if it is compatible. If there is no called scope, or it is not
a subtype of the scope, we should f
Fix bug #66719
While parent:: should inherit the called scope, it should only do
so if it is compatible. If there is no called scope, or it is not
a subtype of the scope, we should fall back to the scope.
show more ...
|
| 760ff841 | 21-Jul-2021 |
Christoph M. Becker |
Fix #74960: Heap buffer overflow via str_repeat
Trying to allocate a `zend_string` with a length only slighty smaller
than `SIZE_MAX` causes an integer overflow, so callers may need to
Fix #74960: Heap buffer overflow via str_repeat
Trying to allocate a `zend_string` with a length only slighty smaller
than `SIZE_MAX` causes an integer overflow, so callers may need to
check that explicitly. To make that easy in a portable way, we
introduce `ZSTR_MAX_LEN`.
Closes GH-7294.
show more ...
|
| 2d2c001c | 19-Jul-2021 |
Christoph M. Becker |
Revert "Fix #79908: json_encode encodes negative zero as int"
This reverts commit 717f1ed5e4b4b2083907dd085e66b377edad24b7. |
| 26b1572d | 19-Jul-2021 |
Derick Rethans |
Move date timezone cache destruction to post deactivate
Some extensions try to use the date features in their own shutdown,
most notably some logging functions. Because of that, move the
Move date timezone cache destruction to post deactivate
Some extensions try to use the date features in their own shutdown,
most notably some logging functions. Because of that, move the
cache tear down until after these resources have been cleaned up.
show more ...
|
| bcb89c75 | 16-Jul-2021 |
Christoph M. Becker |
Fix #78238: BCMath returns "-0"
There is no negative zero in the decimal system, so we must suppress
the sign.
Closes GH-7250. |
| 8f97f82e | 16-Jul-2021 |
George Dietrich |
Fix bug #81265: getimagesize returns 0 for 256px ICO images
Set ICO height/width to 256 if 0. |
| a054ef2a | 15-Jul-2021 |
Christoph M. Becker |
Fix #80849: HTTP Status header truncation
While truncating the contents of a header is okay, we must never omit
the trailing CRLF.
Closes GH-7238. |
| a942cf5b | 14-Jul-2021 |
Christoph M. Becker |
Fix #72595: php_output_handler_append illegal write access
We must make sure that `handler->buffer.size + grow_max` does not
overflow, so we're using `safe_erealloc()` instead.
Fix #72595: php_output_handler_append illegal write access
We must make sure that `handler->buffer.size + grow_max` does not
overflow, so we're using `safe_erealloc()` instead.
Closes GH-7241.
show more ...
|
| 33f8dfb1 | 14-Jul-2021 |
Christoph M. Becker |
Fix #72146: Integer overflow on substr_replace
Adding two `zend_long`s may overflow, and casting `size_t` to
`zend_long` may truncate; we can avoid this here by enforcing unsigned
ar
Fix #72146: Integer overflow on substr_replace
Adding two `zend_long`s may overflow, and casting `size_t` to
`zend_long` may truncate; we can avoid this here by enforcing unsigned
arithmetic.
Closes GH-7240.
show more ...
|
| ebd3a210 | 15-Jul-2021 |
Nikita Popov |
Undef slot before destroying in unset_property
We need to make sure that destructors can't access the partially
destroyed property. Do the same we do in HTs.
Fixes oss-fuzz #362
Undef slot before destroying in unset_property
We need to make sure that destructors can't access the partially
destroyed property. Do the same we do in HTs.
Fixes oss-fuzz #36205.
show more ...
|
| ba8bcf39 | 14-Jul-2021 |
Nikita Popov |
Drop incorrect cache_slot optimization for typed properties
For a particular assignment, a non-coerced constant assignment
value will remain valid. However, opcache merges cache slots fo
Drop incorrect cache_slot optimization for typed properties
For a particular assignment, a non-coerced constant assignment
value will remain valid. However, opcache merges cache slots for
all identical property references, which means that this
optimization also disables property type checks for all other
operands on the property that occur in the same functions.
This could be addressed by blocking cache slot merging in opcache,
but I prefer dropping it entirely instead. It does not seem
important enough to warrant doing that.
show more ...
|
| f40dcedb | 13-Jul-2021 |
Derick Rethans |
Update NEWS for 7.4.22 |
| 717f1ed5 | 13-Jul-2021 |
Christoph M. Becker |
Fix #79908: json_encode encodes negative zero as int
Encoding a negative zero as `-0` is likely to loose the sign when
decoding (at least it does with `json_decode()`). Therefore, we en
Fix #79908: json_encode encodes negative zero as int
Encoding a negative zero as `-0` is likely to loose the sign when
decoding (at least it does with `json_decode()`). Therefore, we encode
it as if `JSON_PRESERVE_ZERO_FRACTION` was specified, i.e. as `-0.0`.
Closes GH-7234.
show more ...
|
| 9db3eda2 | 07-Jul-2021 |
Christoph M. Becker |
Fix #73226: --r[fcez] always return zero exit code
This makes the behavior consistent with `--ri`, and is likely useful
for scripting.
Closes GH-7221. |
| a6b43086 | 12-Jul-2021 |
Christoph M. Becker |
Fix #81243: Too much memory is allocated for preg_replace()
Trimming a potentially over-allocated string appears to be reasonable,
so we drop the condition altogether.
We also r
Fix #81243: Too much memory is allocated for preg_replace()
Trimming a potentially over-allocated string appears to be reasonable,
so we drop the condition altogether.
We also re-allocate twice the size needed in the first place, and not
roughly tripple the size.
Closes GH-7231.
show more ...
|
| bb43aa2e | 09-Jul-2021 |
Nikita Popov |
Test Laravel 8.x against PHP 7.4
Laravel master no longer supports PHP 7.4, so use an older branch. |
| 520c00a5 | 05-Jul-2021 |
Christoph M. Becker |
Fix #81223: flock() only locks first byte of file
`flock()` should lock the whole file, like on other systems which use
mandatory locking. We cannot use `0` like for `flck.l_len`, so we
Fix #81223: flock() only locks first byte of file
`flock()` should lock the whole file, like on other systems which use
mandatory locking. We cannot use `0` like for `flck.l_len`, so we use
the largest number, what is valid according to the documentation:
<https://docs.microsoft.com/en-us/windows/win32/api/fileapi/nf-fileapi-lockfileex#remarks>.
Closes GH-7216.
show more ...
|
| 28c93763 | 05-Jul-2021 |
Christoph M. Becker |
Fix #74264: grapheme_strrpos() broken for negative offsets
We must not assume that `usearch_last()` gives the proper result for
negative offsets. Instead we'd need to continue to search
Fix #74264: grapheme_strrpos() broken for negative offsets
We must not assume that `usearch_last()` gives the proper result for
negative offsets. Instead we'd need to continue to search backwards
(`usearch_previous`) until we find a proper match. However, apparently
searching backwards is broken, so we work around by searching forward
from the start of the string until we pass the `offset_pos`, and then
use the previous result.
Closes GH-7189.
show more ...
|
