#
abc6fe8f |
| 03-Mar-2023 |
nielsdos <7771979+nielsdos@users.noreply.github.com> |
Propagate success status of ftp_close() to userland The docs say that this function returns true on success, and false on error. This function always returns true in the current implemen
Propagate success status of ftp_close() to userland The docs say that this function returns true on success, and false on error. This function always returns true in the current implementation because the success return value from ftp_close() is never propagated to userland. This affects one test: since the test server exits after an invalid login, the ftp close correctly fails (because the server has gone away).
show more ...
|
#
ffc2a53a |
| 28-Feb-2023 |
David Carlier |
Fix GH-10728: opcache capstone header's inclusion. Remove capstone include folder. For most of the supported systems it worked fine somehow despite the pkg-config --cflags, but is a
Fix GH-10728: opcache capstone header's inclusion. Remove capstone include folder. For most of the supported systems it worked fine somehow despite the pkg-config --cflags, but is always include it even on Linux. Closes GH-10732.
show more ...
|
#
8f92a078 |
| 03-Mar-2023 |
Arnaud Le Blanc |
[ci skip] NEWS
|
#
df93146a |
| 02-Mar-2023 |
Ilija Tovilo |
Fix missing readonly modification error with inc/dec in JIT Closes GH-10746
|
#
729f006d |
| 28-Feb-2023 |
Patrick Allaert |
PHP-8.1 is now for PHP 8.1.18-dev
|
#
0f21cbc5 |
| 27-Feb-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-10715: phpdbg heap buffer overflow -- by misuse of the option "--run" Fixes GH-10715 When a string starting with a NUL character is passed to phpdbg_vprint(), the vasprin
Fix GH-10715: phpdbg heap buffer overflow -- by misuse of the option "--run" Fixes GH-10715 When a string starting with a NUL character is passed to phpdbg_vprint(), the vasprintf() will return that 0 characters have been printed. This causes msglen == 0. When phpdbg_process_print() is called with a message of length 0, the -1 to check for '\n' will perform an out of bounds read. Since nothing is printed anyway for msglen == 0, it seems best to just skip the printing routine for this case. Closes GH-10720.
show more ...
|
#
b09be29a |
| 25-Feb-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix incorrect error checking in php_openssl_set_server_dh_param() SSL_CTX_set_tmp_dh() and SSL_CTX_set0_tmp_dh_pkey() return 1 on success and 0 on error. But only < 0 was checked which m
Fix incorrect error checking in php_openssl_set_server_dh_param() SSL_CTX_set_tmp_dh() and SSL_CTX_set0_tmp_dh_pkey() return 1 on success and 0 on error. But only < 0 was checked which means that errors were never caught. Closes GH-10705.
show more ...
|
#
df579ada |
| 25-Feb-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-10692: PHP crashes on Windows when an inexistent filename is executed Fixes GH-10692 php_fopen_primary_script() does not initialize all fields of zend_file_handle. So whe
Fix GH-10692: PHP crashes on Windows when an inexistent filename is executed Fixes GH-10692 php_fopen_primary_script() does not initialize all fields of zend_file_handle. So when it fails and when fastcgi is true, the zend_destroy_file_handle() function will try to free uninitialized pointers, causing a segmentation fault. Fix it by zero-initializing file handles just like the zend_stream_init_fp() counterpart does. Closes GH-10697.
show more ...
|
#
7d2b01ee |
| 24-Feb-2023 |
Ilija Tovilo |
[skip ci] Add github reference to bug fix in NEWS
|
#
b9a5bfc3 |
| 12-Feb-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-10570: Assertion `(key)->h != 0 && "Hash must be known"' failed. Fixes GH-10570, see GH-10570 for analysis. Closes GH-10572
|
#
8959ff39 |
| 24-Feb-2023 |
nielsdos <7771979+nielsdos@users.noreply.github.com> |
Fix incorrect type for return value of zend_update_static_property_ex() zend_update_static_property_ex() returns a zend_result, but the return value is stored here in a bool. A bool is u
Fix incorrect type for return value of zend_update_static_property_ex() zend_update_static_property_ex() returns a zend_result, but the return value is stored here in a bool. A bool is unsigned on my system, so in case zend_update_static_property_ex() returns FAILURE (== -1) this gets converted to 1 instead. This is not a valid zend_result value. This means that (transitive) callers could mistakingly think the function succeeded while it did in fact not succeed. Fix it by changing the type to zend_result. Closes GH-10691.
show more ...
|
#
91db3a1b |
| 17-Feb-2023 |
Pierrick Charron |
Fixed bug GH-10270 Unable to return CURL_READFUNC_PAUSE in readfunc callback Closes GH-10607 Signed-off-by: George Peter Banyard <girgias@php.net>
|
#
5f357f34 |
| 23-Feb-2023 |
George Peter Banyard |
Fix GH-10672 (pg_lo_open segfaults in the strict_types mode) We need to use the proper ZPP qualifier for zend_string Closes GH-10677
|
#
8d1c0a14 |
| 22-Feb-2023 |
Daniil Gentili |
Fix segfault when using ReflectionFiber (fixes #10439) Closes GH-10478
|
#
c510083c |
| 22-Feb-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix incorrect string length for output_handler in zlib ini code The length of "output_handler" is supposed to be passed, but as sizeof is used, the resulting number includes the NUL char
Fix incorrect string length for output_handler in zlib ini code The length of "output_handler" is supposed to be passed, but as sizeof is used, the resulting number includes the NUL character, so the length is off-by-one. Subtract one to pass the correct length. Closes GH-10667.
show more ...
|
#
0a466e7a |
| 21-Feb-2023 |
NathanFreeman <1056159381@qq.com> |
Fix GH-10647: Spoofchecker isSuspicious/areConfusable methods error code's argument. Closes GH-10653.
|
#
da3ce601 |
| 21-Feb-2023 |
nielsdos <7771979+nielsdos@users.noreply.github.com> |
Propagate errors correctly in ps_files_cleanup_dir() In SessionHandler::gc, we use a virtual call to PS(default_mod)->s_gc to call the gc implementation. That return value is checked aga
Propagate errors correctly in ps_files_cleanup_dir() In SessionHandler::gc, we use a virtual call to PS(default_mod)->s_gc to call the gc implementation. That return value is checked against FAILURE (-1). One of the call targets of PS(default_mod)->s_gc is ps_gc_files(). ps_gc_files() calls to ps_files_cleanup_dir(). The latter function has some error checks and outputs a notice if something goes wrong. In cases of errors, the function returns 0. This means that the check in SessionHandler::gc will misinterpret this as a success and report that 0 files have been *successfully* cleaned up. Fix it by returning -1 to indicate something *did* go wrong. Closes GH-10644.
show more ...
|
#
8cac8306 |
| 20-Feb-2023 |
ndossche |
Fix incorrect error check in browsecap for pcre2_match() pcre2_match() returns error codes < 0, but only the "no match" error code was handled. Fix it by changing the check to >= 0.
Fix incorrect error check in browsecap for pcre2_match() pcre2_match() returns error codes < 0, but only the "no match" error code was handled. Fix it by changing the check to >= 0. Closes GH-10632 Signed-off-by: George Peter Banyard <girgias@php.net>
show more ...
|
#
f592f75e |
| 20-Feb-2023 |
ndossche |
Add missing error check on tidyLoadConfig Parse errors were not reported for the default config, they were only reported when explicitly another config was loaded. This means that us
Add missing error check on tidyLoadConfig Parse errors were not reported for the default config, they were only reported when explicitly another config was loaded. This means that users may not be aware of errors in their configuration and therefore the behaviour of Tidy might not be what they intended. This patch fixes that issue by using a common function. In fact, the check for -1 might be enough for the current implementation of Tidy, but the Tidy docs say that any value other than 0 indicates an error. So future errors might not be caught when just using an error code of -1. Therefore, this also changes the error code checks of == -1 to < 0 and == 1 to > 0. Closes GH-10636 Signed-off-by: George Peter Banyard <girgias@php.net>
show more ...
|
#
ed0c0df3 |
| 19-Feb-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-10627: mb_convert_encoding crashes PHP on Windows Fixes GH-10627 The php_mb_convert_encoding() function can return NULL on error, but this case was not handled, which led
Fix GH-10627: mb_convert_encoding crashes PHP on Windows Fixes GH-10627 The php_mb_convert_encoding() function can return NULL on error, but this case was not handled, which led to a NULL pointer dereference and hence a crash. Closes GH-10628 Signed-off-by: George Peter Banyard <girgias@php.net>
show more ...
|
#
243865ae |
| 07-Feb-2023 |
Max Kellermann |
ext/mbstring: fix new_value length check Commit 8bbd0952e5bba88 added a check rejecting empty strings; in the merge commiot 379d9a1cfc6462 however it was changed to a NULL check, one
ext/mbstring: fix new_value length check Commit 8bbd0952e5bba88 added a check rejecting empty strings; in the merge commiot 379d9a1cfc6462 however it was changed to a NULL check, one that did not make sense because ZSTR_VAL() is guaranteed to never be NULL; the length check was accidently removed by that merge commit. This bug was found by GCC's -Waddress warning: ext/mbstring/mbstring.c:748:27: warning: the comparison will always evaluate as ‘true’ for the address of ‘val’ will never be NULL [-Waddress] 748 | if (!new_value || !ZSTR_VAL(new_value)) { | ^ Closes GH-10532 Signed-off-by: George Peter Banyard <girgias@php.net>
show more ...
|
#
ae164716 |
| 19-Feb-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-10623: ReflectionFunction::getClosureUsedVariables() returns empty array in presence of variadic arguments The code was missing the handling for the RECV_VARIADIC instruction. Add
Fix GH-10623: ReflectionFunction::getClosureUsedVariables() returns empty array in presence of variadic arguments The code was missing the handling for the RECV_VARIADIC instruction. Additional regression test for GH-10623 Co-authored-by: Fabio Ivona <fabio.ivona@defstudio.it>
show more ...
|
#
a9e4f518 |
| 17-Feb-2023 |
Jakub Zelenka |
Update NEWS with scanner and parser build fixes
|
#
7b68ff46 |
| 16-Feb-2023 |
Ilija Tovilo |
Revert "Fix GH-10168: heap-buffer-overflow at zval_undefined_cv" This reverts commit 71ddede5655fe654002ae18af6a18e033f717287.
|
#
e35e6dc3 |
| 14-Feb-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
[ci skip] NEWS (#10586)
|