Revert "Fix #73122: Integer Overflow when concatenating strings"

This reverts commit f1ce8d5f5839cb2069ea37ff424fb96b8cd6932d, which has
been accidentially pushed.

Fix #73122: Integer Overflow when concatenating strings

We must avoid integer overflows in memory allocations, so we introduce
an additional check in the VM, and bail out in the rare cas

Fix #73122: Integer Overflow when concatenating strings

We must avoid integer overflows in memory allocations, so we introduce
an additional check in the VM, and bail out in the rare case of an
overflow. Since the recent fix for bug #74960 still doesn't catch all
possible overflows, we fix that right away.

show more ...

Fix #74960: Heap buffer overflow via str_repeat

Trying to allocate a `zend_string` with a length only slighty smaller
than `SIZE_MAX` causes an integer overflow, so callers may need to

Fix #74960: Heap buffer overflow via str_repeat

Trying to allocate a `zend_string` with a length only slighty smaller
than `SIZE_MAX` causes an integer overflow, so callers may need to
check that explicitly. To make that easy in a portable way, we
introduce `ZSTR_MAX_LEN`.

Closes GH-7294.

show more ...

Detect self-addition of array more accurately

While the zvals may be different, they may still point to the
same array.

Fixes oss-fuzz #26245.

Fix leak on assign concat of array and empty string

Remove recursive check from instanceof_interface

Parent interfaces are copied into the interface list during
inheritance, so there's no need to perform a recursive check.

Only e

Remove recursive check from instanceof_interface

Parent interfaces are copied into the interface list during
inheritance, so there's no need to perform a recursive check.

Only exception are instanceof checks performed during inheritance
itself. However, we already have unlinked_instanceof for this
purpose, it just needs to be taught to handle this case.

Closes GH-4857.

show more ...

Optimize instanceof_class/interface

instanceof_class does not need to check for a NULL pointer in the
first iteration -- passing NULL to this function is illegal.

instanceof_int

Optimize instanceof_class/interface

instanceof_class does not need to check for a NULL pointer in the
first iteration -- passing NULL to this function is illegal.

instanceof_interface does not need to use instanceof_class(), it
only has to check whether the CEs match exactly. There is no way
for an interface to appear inside "parent", it will always be in
"interfaces" only.

show more ...

Clean up and clarify instanceof_function_ex()

The instanceof_interface_only() function was dead code (always
returned zero).

Clarify that the last parameter indicates whether th

Clean up and clarify instanceof_function_ex()

The instanceof_interface_only() function was dead code (always
returned zero).

Clarify that the last parameter indicates whether the passed CE
is interface or class and rewrite the code in terms of assertions.

show more ...

Handle "non well formed" exception during ZPP

Previously if the "non well formed" notice was converted into an
exception we'd still end up executing the function.

Also drop the

Handle "non well formed" exception during ZPP

Previously if the "non well formed" notice was converted into an
exception we'd still end up executing the function.

Also drop the now unnecessary EG(exception) checks in the engine.

Additionally remote a bogus exception in zend_is_callable: It
should only be writing to error, but not directly throwing.

show more ...

Fix memory leak with ** on array operands

Remove HAVE_STRCOLL check

The strcoll function is defined in the C89 standard and should be
on today's systems always available via the <string.h> header.

https://port70.net/~ns

Remove HAVE_STRCOLL check

The strcoll function is defined in the C89 standard and should be
on today's systems always available via the <string.h> header.

https://port70.net/~nsz/c/c89/c89-draft.html#4.11.4.3

- Remove also SKIPIF strcoll check in test

show more ...

Disable float division by zero sanitizer for div_function

We intentionally divide by zero here and want to get IEEE-754
semantics.

Fix signed shift UB

Avoid overflow UB in is_numeric_string

We intentionally overflow the signed space here, so make this an
unsigned variable and only cast to signed at the end.

Support full variance if autoloading is used

Keep track of delayed variance obligations and check them after
linking a class is otherwise finished. Obligations may either be
unresolv

Support full variance if autoloading is used

Keep track of delayed variance obligations and check them after
linking a class is otherwise finished. Obligations may either be
unresolved method compatibility (because the necessecary classes
aren't available yet) or open parent/interface dependencies. The
latter occur because we allow the use of not fully linked classes
as parents/interfaces now.

An important aspect of the implementation is we do not require
classes involved in variance checks to be fully linked in order for
the class to be fully linked. Because the involved types do have to
exist in the class table (as partially linked classes) and we do
check these for correct variance, we have the guarantee that either
those classes will successfully link lateron or generate an error,
but there is no way to actually use them until that point and as
such no possibility of violating the variance contract. This is
important because it ensures that a class declaration always either
errors or will produce an immediately usable class afterwards --
there are no cases where the finalization of the class declaration
has to be delayed until a later time, as earlier variants of this
patch did.

Because variance checks deal with classes in various stages of
linking, we need to use a special instanceof implementation that
supports this, and also introduce finer-grained flags that tell us
which parts have been linked already and which haven't.

Class autoloading for variance checks is delayed into a separate
stage after the class is otherwise linked and before delayed
variance obligations are processed. This separation is needed to
handle cases like A extends B extends C, where B is the autoload
root, but C is required to check variance. This could end up
loading C while the class structure of B is in an inconsistent
state.

show more ...

Support for exceptions thrown during "Array to string conversion" error processing

Cheaper checks for exceptions thrown from __toString()

Allow exceptions in __toString()

RFC: https://wiki.php.net/rfc/tostring_exceptions

And convert some object to string conversion related recoverable
fatal errors into Error excep

Allow exceptions in __toString()

RFC: https://wiki.php.net/rfc/tostring_exceptions

And convert some object to string conversion related recoverable
fatal errors into Error exceptions.

Improve exception safety of internal code performing string
conversions.

show more ...

Implement basic variance support

This is a minimal variance implementation: It does not support any
cyclic type dependencies. Additionally the preloading requirements
are much more r

Implement basic variance support

This is a minimal variance implementation: It does not support any
cyclic type dependencies. Additionally the preloading requirements
are much more restrictive than necessary. Hopefully we can relax
these in the future.

show more ...

Make is_identical() functions return zend_bool (instead of int)

Remove local variables

This patch removes the so called local variables defined per
file basis for certain editors to properly show tab width, and
similar settings. These are mainly

Remove local variables

This patch removes the so called local variables defined per
file basis for certain editors to properly show tab width, and
similar settings. These are mainly used by Vim and Emacs editors
yet with recent changes the once working definitions don't work
anymore in Vim without custom plugins or additional configuration.
Neither are these settings synced across the PHP code base.

A simpler and better approach is EditorConfig and fixing code
using some code style fixing tools in the future instead.

This patch also removes the so called modelines for Vim. Modelines
allow Vim editor specifically to set some editor configuration such as
syntax highlighting, indentation style and tab width to be set in the
first line or the last 5 lines per file basis. Since the php test
files have syntax highlighting already set in most editors properly and
EditorConfig takes care of the indentation settings, this patch removes
these as well for the Vim 6.0 and newer versions.

With the removal of local variables for certain editors such as
Emacs and Vim, the footer is also probably not needed anymore when
creating extensions using ext_skel.php script.

Additionally, Vim modelines for setting php syntax and some editor
settings has been removed from some *.phpt files. All these are
mostly not relevant for phpt files neither work properly in the
middle of the file.

show more ...

Adios, yearly copyright ranges

Future-proof email addresses

Update email addresses. We're still @Zend, but future proofing it...

Trim trailing whitespace in source code files