#
68f5289e |
| 18-Dec-2020 |
Christoph M. Becker |
Fix #69279: Compressed ZIP Phar extractTo() creates garbage files When extracting compressed files from an uncompressed Phar, we must not use the direct file pointer, but rather get an u
Fix #69279: Compressed ZIP Phar extractTo() creates garbage files When extracting compressed files from an uncompressed Phar, we must not use the direct file pointer, but rather get an uncompressed file pointer. We also add a test to show that deflated and stored entries are properly extracted. This also fixes #79912, which appears to be a duplicate of #69279. Co-authored-by: Anna Filina <afilina@gmail.com> Closes GH-6599.
show more ...
|
#
38ad37ad |
| 15-Jan-2021 |
Christoph M. Becker |
Fix #80595: Resetting POSTFIELDS to empty array breaks request This is mainly to work around https://github.com/curl/curl/issues/6455, but not building the mime structure for empty hasht
Fix #80595: Resetting POSTFIELDS to empty array breaks request This is mainly to work around https://github.com/curl/curl/issues/6455, but not building the mime structure for empty hashtables is a general performance optimization, so we do not restrict it to affected cURL versions (7.56.0 to 7.75.0). The minor change to bug79033.phpt is unexpected, but should not matter in practice. Closes GH-6606.
show more ...
|
#
25103c37 |
| 11-Jan-2021 |
Christoph M. Becker |
Revert "Fix #76813: Access violation near NULL on source operand" This reverts commit 5e15c9c41f8318a8392c2e2c78544f218736549c, since re2c default rules are only available as of re2c 0.1
Revert "Fix #76813: Access violation near NULL on source operand" This reverts commit 5e15c9c41f8318a8392c2e2c78544f218736549c, since re2c default rules are only available as of re2c 0.13.7.
show more ...
|
#
d1b1c043 |
| 05-Jan-2021 |
Christoph M. Becker |
Fix #77565: Incorrect locator detection in ZIP-based phars We must not assume that the first end of central dir signature in a ZIP archive actually designates the end of central director
Fix #77565: Incorrect locator detection in ZIP-based phars We must not assume that the first end of central dir signature in a ZIP archive actually designates the end of central directory record, since the data in the archive may contain arbitrary byte patterns. Thus, we better search from the end of the data, what is also slightly more efficient. There is, however, no way to detect the end of central directory signature by searching from the end of the ZIP archive with absolute certainty, since the signature could be part of the trailing comment. To mitigate, we check that the comment length fits to the found position, but that might still not be the correct position in rare cases. Closes GH-6507.
show more ...
|
#
e6593206 |
| 04-Jan-2021 |
Stanislav Malyshev |
[ci skip] Update NEWS
|
#
70dfbe00 |
| 01-Dec-2020 |
Adam Seitz |
Fix #80384: limit read buffer size In the case of a stream with no filters, php_stream_fill_read_buffer only reads stream->chunk_size into the read buffer. If the stream has filters
Fix #80384: limit read buffer size In the case of a stream with no filters, php_stream_fill_read_buffer only reads stream->chunk_size into the read buffer. If the stream has filters attached, it could unnecessarily buffer a large amount of data. With this change, php_stream_fill_read_buffer only proceeds until either the requested size or stream->chunk_size is available in the read buffer. Co-authored-by: Christoph M. Becker <cmbecker69@gmx.de> Closes GH-6444.
show more ...
|
#
b043759c |
| 21-Dec-2020 |
Derick Rethans |
Fixed bug #80376 (last day of the month causes runway cpu usage)
|
#
bc166844 |
| 16-Dec-2020 |
Nikita Popov |
MySQLnd: Support cursors in store/get result This fixes two related issues: 1. When a PS with cursor is used in store_result/get_result, perform a COM_FETCH with maximum numb
MySQLnd: Support cursors in store/get result This fixes two related issues: 1. When a PS with cursor is used in store_result/get_result, perform a COM_FETCH with maximum number of rows rather than silently switching to an unbuffered result set (in the case of store_result) or erroring (in the case of get_result). In the future, we might want to make get_result unbuffered for PS with cursors, as using cursors with buffered result sets doesn't really make sense. Unlike store_result, get_result isn't very explicit about what kind of result set is desired. 2. If the client did not request a cursor, but the server reports that a cursor exists, ignore this and treat the PS as if it has no cursor (i.e. to not use COM_FETCH). It appears to be a server side bug that a cursor used inside an SP will be reported to the client, even though the client cannot use the cursor. Fixes bug #64638, bug #72862, bug #77935. Closes GH-6518.
show more ...
|
#
315f3f8d |
| 16-Dec-2020 |
Nikita Popov |
Fixed bug #67983 We need to check the BIT case first, otherwise it will get skipped in INT_AND_FLOAT_NATIVE mode.
|
#
118ff033 |
| 16-Dec-2020 |
Nikita Popov |
Fix bug #80523 Don't truncate the file length to unsigned int... I have no idea whether that fully fixes the problem because the process gets OOM killed before finishing, but at
Fix bug #80523 Don't truncate the file length to unsigned int... I have no idea whether that fully fixes the problem because the process gets OOM killed before finishing, but at least the immediate parse error is gone now.
show more ...
|
#
078cdd8f |
| 15-Dec-2020 |
Derick Rethans |
Prepare for 7.4.15
|
#
a53d67ce |
| 11-Dec-2020 |
Christoph M. Becker |
Fix #77322: PharData::addEmptyDir('/') Possible integer overflow `phar_path_check()` already strips a leading slash, so we must not attempt to strip the trailing slash from an now empty
Fix #77322: PharData::addEmptyDir('/') Possible integer overflow `phar_path_check()` already strips a leading slash, so we must not attempt to strip the trailing slash from an now empty directory name. Closes GH-6508.
show more ...
|
#
a221e17b |
| 28-Nov-2020 |
Jakub Zelenka |
Fix bug #69625: FPM returns 200 status on request without SCRIPT_FILENAME
|
#
e450621f |
| 10-Dec-2020 |
Nikita Popov |
Fixed bug #76815 When we receive an error while reading a result set, we should assume that no more result sets are available. libmysqlclient implements the same behavior.
|
#
49220492 |
| 10-Dec-2020 |
Nikita Popov |
Fixed bug #71145 Consume any additional result sets when running INIT_COMMAND.
|
#
f3d58778 |
| 09-Dec-2020 |
Nikita Popov |
Backport fix for bug #70066 Given the number of duplicates this bug report had, it seems worthwhile to fix this on PHP-7.4 as well. Cherry-pick of 106e7e4bca7c0fd975eb219b18e3c3
Backport fix for bug #70066 Given the number of duplicates this bug report had, it seems worthwhile to fix this on PHP-7.4 as well. Cherry-pick of 106e7e4bca7c0fd975eb219b18e3c34957ba8657.
show more ...
|
#
44b234a9 |
| 09-Dec-2020 |
Nikita Popov |
Fixed bug #78154 Handle errors during next_result in exec.
|
#
20e75329 |
| 19-Aug-2020 |
Christoph M. Becker |
Fix #48725: Support for flushing in zlib stream When `php_zlib_deflate_filter()` is called with `PSFS_FLAG_FLUSH_INC` but without new buckets being available (e.g. because a user calls
Fix #48725: Support for flushing in zlib stream When `php_zlib_deflate_filter()` is called with `PSFS_FLAG_FLUSH_INC` but without new buckets being available (e.g. because a user calls `rewind()` after writing to the stream), we have to make sure that any pending data are flushed. This could basically be done like in the attached patch[1], but that could cause unnessary flushes, which can be harmful for compression, and adds unnecessary flush markers to the stream. Thus, we use the `php_zlib_filter_data.finished` field, which has not been used for `zlib.deflate` filters, and properly keep track of the need to flush. [1] <https://bugs.php.net/patch-display.php?bug_id=48725&patch=zlib-filter-flush-fix.patch&revision=latest> Closes GH-6019.
show more ...
|
#
65f5573b |
| 22-Sep-2020 |
Christoph M. Becker |
Fix #77069: stream filter loses final block of data Reading from a stream may return greater than zero, but nonetheless the stream's EOF flag may have been set. We have to cater to this
Fix #77069: stream filter loses final block of data Reading from a stream may return greater than zero, but nonetheless the stream's EOF flag may have been set. We have to cater to this condition by setting the close flag for filters. We also have to cater to that change in the zlib.inflate filter: If `inflate()` is called with flush mode `Z_FINISH`, but the output buffer is not large enough to inflate all available data, it fails with `Z_BUF_ERROR`. However, `Z_BUF_ERROR` is not fatal; in fact, the zlib manual states: "If deflate returns with Z_OK or Z_BUF_ERROR, this function must be called again with Z_FINISH and more output space (updated avail_out) but no more input data, until it returns with Z_STREAM_END or an error." Hence, we do so. Closes GH-6001.
show more ...
|
#
bd093ad8 |
| 08-Dec-2020 |
Nikita Popov |
Fixed bug #63185
|
#
a83cc03c |
| 02-Dec-2020 |
Dharman |
Fixed bug #80458 If there is no result set (e.g. for upsert queries), still allow fetching to occur without error, i.e. treat it the same way as an empty result set. This no
Fixed bug #80458 If there is no result set (e.g. for upsert queries), still allow fetching to occur without error, i.e. treat it the same way as an empty result set. This normalizes behavior between native and emulated prepared statements and addresses a regression in PHP 7.4.13.
show more ...
|
#
8588ae72 |
| 02-Dec-2020 |
Christoph M. Becker |
Fix #75102: `PharData` says invalid checksum for valid tar Apparently, there are broken tarballs out there which are actually in ustar format, but did not write the `ustar` marker. Sinc
Fix #75102: `PharData` says invalid checksum for valid tar Apparently, there are broken tarballs out there which are actually in ustar format, but did not write the `ustar` marker. Since popular tar tools like GNU tar and 7zip have no issues dealing with such tarballs, Phar should also be more resilient. Thus, when the first checksum check of a tarball in (presumed) in old- style format fails, we check whether the checksum would be suitable for ustar format; if so, we treat the tarball as being in ustar format. Closes GH-6479.
show more ...
|
#
d6fcaf5d |
| 02-Dec-2020 |
Nikita Popov |
Fixed bug #80457 On x32 sizeof(size_t) != sizeof(zend_long), so we need to be careful with sign extension here. Patch by bruno dot premont at restena dot lu.
|
#
c283f53b |
| 01-Dec-2020 |
Christoph M. Becker |
Fix #73809: Phar Zip parse crash - mmap fail Phar signatures practically are of limited size; for the MD5 and SHA hashes the size is fixed (at most 64 bytes for SHA512); for OpenSSL
Fix #73809: Phar Zip parse crash - mmap fail Phar signatures practically are of limited size; for the MD5 and SHA hashes the size is fixed (at most 64 bytes for SHA512); for OpenSSL public keys there is no size limit in theory, but "64 KiB ought to be good enough for anybody". So we check for that limit, to avoid fatal errors due to out of memory conditions. Since it is neither possible to have the signature compressed in the ZIP archive, nor is it possible to manually add a signature via Phar, we use ZipArchive to create a suitable archive for the test on the fly. Closes GH-6474.
show more ...
|
#
5e15c9c4 |
| 28-Nov-2020 |
Christoph M. Becker |
Fix #76813: Access violation near NULL on source operand We avoid `YYCURSOR` becoming `NULL` by initializing `YYMARKER`, and add a default rule for `<NORMAL>` where we catch unexpected i
Fix #76813: Access violation near NULL on source operand We avoid `YYCURSOR` becoming `NULL` by initializing `YYMARKER`, and add a default rule for `<NORMAL>` where we catch unexpected input. We also fix the only superficially related issue regarding empty input followed by `T_SEPARATOR` and command, which caused another segfault. Closes GH-6464.
show more ...
|