[ci skip] NEWS

Fix GH-11630: proc_nice_basic.phpt only works at certain nice levels

Closes GH-11635.

Fix GH-11629: bug77020.phpt tries to send mail

Closes GH-11636.

Fix GH-11625: DOMElement::replaceWith() doesn't replace node with DOMDocumentFragment but just deletes node or causes wrapping <></> depending on libxml2 version

Depending on the libxml2 ver

Fix GH-11625: DOMElement::replaceWith() doesn't replace node with DOMDocumentFragment but just deletes node or causes wrapping <></> depending on libxml2 version

Depending on the libxml2 version, the behaviour is either to not
render the fragment correctly, or to wrap it inside <></>. Fix it by
unpacking fragments manually. This has the side effect that we need to
move the unlinking check in the replacement function to earlier because
the empty child list is now possible in non-error cases.
Also fixes a mistake in the linked list management.

Closes GH-11627.

show more ...

Add missing check on EVP_VerifyUpdate() in phar util

Closes GH-11640.

Fix return value of _php_server_push_callback in case of failure

It should return CURL_PUSH_DENY by default instead of CURL_PUSH_OK in
the branch I added, just like the check above.

Fix return value of _php_server_push_callback in case of failure

It should return CURL_PUSH_DENY by default instead of CURL_PUSH_OK in
the branch I added, just like the check above.
I forgot to change this after doing tests.

show more ...

Fix crash when an invalid callback function is passed to CURLMOPT_PUSHFUNCTION

Previously this caused a SIGABRT.

Closes GH-11639.

[ci skip] NEWS

The alphabet is hard...

Fix GH-9669: phpdbg -h options doesn't list the -z option

Adds `-z` flag in phpdbg output.

Closes GH-9713.

Fix GH-10562: Memory leak and invalid state with consecutive ftp_nb_fget

When the user does not fully consume the data stream, but instead opens
a new one, a memory leak occurs. Moreover

Fix GH-10562: Memory leak and invalid state with consecutive ftp_nb_fget

When the user does not fully consume the data stream, but instead opens
a new one, a memory leak occurs. Moreover, the state is invalid: when
more commands arrive they'll be handled out-of-sync because the state of
the client does not match what the server is doing.
This leads to all sorts of weirdness, for example:
Warning: ftp_nb_fget(): OK.

Fix it by gracefully closing the old data stream when a new data stream
is started.

Closes GH-11606.

show more ...

tests(ext-curl): fix HTTP/2 Server Push tests

Closes GH-10669

Fix replaced error handling in SQLite3Stmt::__construct

The error handling is replaced using zend_replace_error_handling(), but
when SQLITE3_CHECK_INITIALIZED() returns early, the old er

Fix replaced error handling in SQLite3Stmt::__construct

The error handling is replaced using zend_replace_error_handling(), but
when SQLITE3_CHECK_INITIALIZED() returns early, the old error handling
isn't restored.

In the past, SQLITE3_CHECK_INITIALIZED() threw a warning when the check
failed. This was replaced a few years ago with an error exception. So we
can fix the bug by just removing the replacing error handling as it
accomplishes nothing anymore.

Closes GH-11607.

show more ...

Fix most external GD 2.3.3 compatibility

* ext/gd/tests/bug45799.phpt: tweak to work with external gd.

The expected output from this test contains an extra newline with
gd-2.3.3

Fix most external GD 2.3.3 compatibility

* ext/gd/tests/bug45799.phpt: tweak to work with external gd.

The expected output from this test contains an extra newline with
gd-2.3.3 from the system (Gentoo). Adding a whitespace wildcard takes
care of it, and the test still passes with the bundled version of gd.

* ext/gd/tests: external gd-2.3.3 compatibility.

Support for the legacy "gd" image format was removed from gd-2.3.3
upstream:
https://github.com/libgd/libgd/blob/master/CHANGELOG.md#233---2021-09-12

Several tests for the gd extension utilize that format, and naturally
fail when gd-2.3.3 from the system is used. This commit skips those
tests when the version of gd is at least 2.3.3.

* ext/gd/tests/bug73159.phpt: skip with external gd >= 2.3.3

This test uses the imagegd2() function to check that
https://github.com/libgd/libgd/issues/289

is fixed. When an external gd without support for the "gd" format is
used, no error is thrown, but a nonsense result is printed: this is
normal. The corresponding upstream test is disabled in that situation;
it's not expected to work.

This commit skips the corresponding PHP test under the same
circumstances to fix a test failure with external gd >= 2.3.3.

* ext/gd/tests/bug73155.phpt: skip with external gd >= 2.3.3

This test uses the imagegd2() function to check that
https://github.com/libgd/libgd/issues/309

is fixed. When an external gd without support for the "gd" format is
used, no error is thrown, but a nonsense result is printed: this is
normal. The corresponding upstream test is disabled in that situation;
it's not expected to work.

This commit skips the corresponding PHP test under the same
circumstances to fix a test failure with external gd >= 2.3.3.

* ext/gd/tests/bug73157.phpt: skip with external gd >= 2.3.3

This test ensures that the third (chunk_size) parameter to imagegd2()
is respected when a fourth parameter is also given. However, when an
external gd without support for the "gd" format is used, the call to
imagegd2() does not really work at all. It doesn't fail, but it
produces an "image" with a nonsense chunk size.

To avoid failures when an external gd >= 2.3.3 is used, we skip the
test entirely in that case.

* ext/gd/tests/bug77973.phpt: accept lowercase "Invalid"

This test fails with an external gd because the test expects "Invalid"
where upstream gd says "invalid". This commit tweaks the expected
output to accept an arbitrary character in the i/I position.

* ext/gd/tests/bug39780_extern.phpt: update for external gd-2.3.3.

Since there are no CI runs with external gd, I can only assume that
this test has fallen out-of-date due to changes in PHP itself. I've
tweaked the expected output (only slightly) so that the test passes
with both gd-2.3.2 and gd-2.3.3.

* ext/gd/tests/bug66356.phpt: update expected output for external gd.

Newer (external) versions of GD start their error messages with
lowercase characters, whereas this test is expecting them in
uppercase. A single-character wildcard now supports both formats.

* ext/gd/tests/imagegd_truecolor.phpt: skip with external gd >= 2.3.3.

This test uses the imagegd() function, but the "gd" format has been
disabled by default in upstream gd-2.3.3. We still get some kind of
image data back from the call to imagegd(), but its "signature",
"truecolor", and "size" no longer match the expected values. This
commit skips the test when an external gd >= 2.3.3 is used.

* ext/gd/tests/createfromwbmp2_extern.phpt: update for external gd-2.3.3.
* ext/gd/tests/libgd00086_extern.phpt: update for external gd-2.3.3.

Since there are no CI runs with external gd, I can only assume that
this test has fallen out-of-date due to changes in PHP itself. I've
tweaked the expected output (only slightly) so that the test passes
with both gd-2.3.2 and gd-2.3.3.

* ext/gd/tests/bug77272.phpt: update expected output for external gd.

Newer (external) versions of GD start their error messages with
lowercase characters, whereas this test is expecting them in
uppercase. A single-character wildcard now supports both formats.

* ext/gd/tests/bug77479.phpt: update for newer external gd.

This test fails with gd-2.3.3 (at least) due to minor capitalization
and whitespace issues. We add some wildcards to account for the
difference.

Closes GH-11257.
Closes GH-11262.
Closes GH-11264.
Closes GH-11280.

show more ...

Implement flaky test section

This re-uses the already used for automatic retesting. That's certainly better
than XFAIL.

Closes GH-11325

Fix use-of-uninitialized-value with ??= on assert

Normally, PHP evaluates all expressions in offsets (property or array), as well
as the right hand side of assignments before actually fe

Fix use-of-uninitialized-value with ??= on assert

Normally, PHP evaluates all expressions in offsets (property or array), as well
as the right hand side of assignments before actually fetching the offsets. This
is well explained in this blog post.

https://www.npopov.com/2017/04/14/PHP-7-Virtual-machine.html#writes-and-memory-safety

For ??= we have a bit of a problem in that the rhs must only be evaluated if the
lhs is null or undefined. Thus, we have to first compile the lhs with BP_VAR_IS,
conditionally run the rhs and then re-fetch the lhs with BP_VAR_W to to make
sure the offsets are valid if they have been invalidated.

However, we don't want to just re-evaluate the entire lhs because it may contain
side-effects, as in $array[$x++] ??= 42;. In this case, we don't want to
re-evaluate $x++ because it would result in writing to a different offset than
was previously tested. The same goes for function calls, like
$array[foo()] ??= 42;, where the second call to foo() might result in a
different value. PHP behaves correctly in these cases. This is implemented by
memoizing sub-expressions in the lhs of ??= and reusing them when compiling the
lhs for the second time. This is done for any expression that isn't a variable,
i.e. anything that can (potentially) be written to.

Unfortunately, this also means that function calls are considered writable due
to their return-by-reference semantics, and will thus not be memoized. The
expression foo()['bar'] ??= 42; will invoke foo() twice. Even worse,
foo(bar()) ??= 42; will call both foo() and bar() twice, but
foo(bar() + 1) ??= 42; will only call foo() twice. This is likely not by design,
and was just overlooked in the implementation. The RFC does not specify how
function calls in the lhs of the coalesce assignment behaves. This should
probably be improved in the future.

Now, the problem this commit actually fixes is that ??= may memoize expressions
inside assert() function calls that may not actually execute. This is not only
an issue when using the VAR in the second expression (which would usually also
be skipped) but also when freeing the VAR. For this reason, it is not safe to
memoize assert() sub-expressions.

There are two possible solutions:

1. Don't memoize any sub-expressions of assert(), meaning they will execute
twice.
2. Throw a compile error.

Option 2 is not quite simple, because we can't disallow all memoization inside
assert(), as that would break assertions like assert($array[foo()] ??= 'bar');.
Code like this is highly unlikely (and dubious) but possible. In this case, we
would need to make sure that a memoized value could not be used across the
assert boundary it was created in. The complexity for this is not worthwhile. So
we opt for option 1 and disable memoization immediately inside assert().

Fixes GH-11580
Closes GH-11581

show more ...

Retire AppVeyor

Closes GH-11566

Attempt to improve setup-slapd.sh stability

Don't restart multiple times, restart at the end where we already have a retry
loop with a small delay.

Closes GH-11590

Use waitpid(-1) over WAIT_ANY

This macro is only available in glibc.

Closes GH-11588

Fix GH-11300: license issue: restricted unicode license headers

Closes GH-11572.

NEWS: Add note for #11298

[ci skip]

Signed-off-by: Anatol Belski <ab@php.net>

fileinfo: Backport xz detection fix

Upstream: https://github.com/file/file/commit/9b0459afab309a82aa4e46f73a4e50dd641f3d39

Fixes: #11298

Signed-off-by: Anatol Belski <ab@ph

fileinfo: Backport xz detection fix

Upstream: https://github.com/file/file/commit/9b0459afab309a82aa4e46f73a4e50dd641f3d39

Fixes: #11298

Signed-off-by: Anatol Belski <ab@php.net>

show more ...

Attempt to fix gh11498.phpt on MSAN

The issue might be that due to slow instrumentation the process might end before
we get to add it to the processes list. If the SIGCHLD handler execut

Attempt to fix gh11498.phpt on MSAN

The issue might be that due to slow instrumentation the process might end before
we get to add it to the processes list. If the SIGCHLD handler executes before
adding the process to the list it will never be removed again.

show more ...

Fix serialization of RC1 objects appearing in object graph twice

Previously, if an object had RC1 it would never be recorded in
php_serialize_data.ht because it was assumed that it could

Fix serialization of RC1 objects appearing in object graph twice

Previously, if an object had RC1 it would never be recorded in
php_serialize_data.ht because it was assumed that it could not be encountered
again. This assumption is incorrect though as the object itself may be saved
inside an array with RCn. This results in a new instance of the object, instead
of a second reference to the same object.

This is solved by tracking these objects in php_serialize_data.ht. To retain
performance, track if the current object resides in a potentially nested RCn
array. If not, and if the object is RC1 itself it may be omitted from
php_serialize_data.ht.

Additionally, we may treat the array root itself as RC1 because it may not
appear in the object graph again without recursion. Recursive arrays are still
somewhat broken even with this change, as the tracking of the array only happens
when the reference is encountered, thus resulting in a -> a' -> a' for a self
recursive array a -> a. Recursive arrays have limited support in serialize
anyway, so we ignore this case for now.

Co-authored-by: Dmitry Stogov <dmitry@zend.com>
Co-authored-by: Martin Hoch <martin@littlerobot.de>

Closes GH-11349
Closes GH-11305

show more ...

Fix mis-compilation of by-reference nullsafe operator

Fixes oss-fuzz #60011
Closes GH-11540

Co-authored-by: Dmitry Stogov <dmitry@zend.com>
Co-authored-by: Niels Dossche <77

Fix mis-compilation of by-reference nullsafe operator

Fixes oss-fuzz #60011
Closes GH-11540

Co-authored-by: Dmitry Stogov <dmitry@zend.com>
Co-authored-by: Niels Dossche <7771979+nielsdos@users.noreply.github.com>

show more ...

Fix GH-11522: PHP version check fails with '-' separator

Remove php version suffix from '-' separator.

Closes GH-11524.