#
ddbb51d6 |
| 01-Nov-2021 |
Nikita Popov |
Merge branch 'PHP-8.1' * PHP-8.1: Fix finally exception chaining on recursion
|
#
e4f1083a |
| 01-Nov-2021 |
Nikita Popov |
Merge branch 'PHP-8.0' into PHP-8.1 * PHP-8.0: Fix finally exception chaining on recursion
|
#
1a2fb90b |
| 01-Nov-2021 |
Nikita Popov |
Fix finally exception chaining on recursion In this case zend_exception_set_previous() would destroy the fast_call exception and further accesses on ex would be invalid. We should on
Fix finally exception chaining on recursion In this case zend_exception_set_previous() would destroy the fast_call exception and further accesses on ex would be invalid. We should only update ex if we update EG(exception). Fixes oss-fuzz #40464.
show more ...
|
#
da0d246e |
| 19-Oct-2021 |
Nikita Popov |
Drop FREE_OP_VAR_PTR() distinction FREE_OP_VAR_PTR() is like FREE_OP(), but only frees VAR, rather than VARs and TMPs. I don't think this distinction makes sense anymore, as opcodes
Drop FREE_OP_VAR_PTR() distinction FREE_OP_VAR_PTR() is like FREE_OP(), but only frees VAR, rather than VARs and TMPs. I don't think this distinction makes sense anymore, as opcodes using FREE_OP_VAR_PTR() generally only accept VAR or CV. For the cases where other op types are accepted and only freeing VAR is desired we already have FREE_OP_IF_VAR(). This drops FREE_OP_VAR_PTR(), leaving only FREE_OP() and FREE_OP_IF_VAR().
show more ...
|
#
08cbb994 |
| 19-Oct-2021 |
Nikita Popov |
Merge branch 'PHP-8.1' * PHP-8.1: Fix inc/dec of undef var with error handler
|
#
22b6aac6 |
| 19-Oct-2021 |
Nikita Popov |
Fix inc/dec of undef var with error handler Set the variable to null after emitting the undef var notice rather than before. This avoids an assertion failure if the var is unset by t
Fix inc/dec of undef var with error handler Set the variable to null after emitting the undef var notice rather than before. This avoids an assertion failure if the var is unset by the error handler. The flip side is that this may cause a leak instead, but that's the more harmless outcome. Fixes oss-fuzz #36604.
show more ...
|
#
ebaed434 |
| 12-Oct-2021 |
Nikita Popov |
Merge branch 'PHP-8.1' * PHP-8.1: Don't free FETCH_W operand if GLOBAL_LOCK
|
#
7b071069 |
| 12-Oct-2021 |
Nikita Popov |
Merge branch 'PHP-8.0' into PHP-8.1 * PHP-8.0: Don't free FETCH_W operand if GLOBAL_LOCK
|
#
a2e3ca1f |
| 12-Oct-2021 |
Nikita Popov |
Don't free FETCH_W operand if GLOBAL_LOCK The error path performed the free unconditionally, while we should not do it for GLOBAL_LOCK. Fixes oss-fuzz #39868. |
Revision tags: php-8.0.12RC1, php-7.4.25RC1 |
|
#
be323b89 |
| 05-Oct-2021 |
Nikita Popov |
Merge branch 'PHP-8.1' * PHP-8.1: Fix duplicate undef warning in assign_dim_op
|
#
02c5f7f9 |
| 05-Oct-2021 |
Nikita Popov |
Merge branch 'PHP-8.0' into PHP-8.1 * PHP-8.0: Fix duplicate undef warning in assign_dim_op
|
#
11a9b036 |
| 05-Oct-2021 |
Nikita Popov |
Fix duplicate undef warning in assign_dim_op In case of auto-vivification we were fetching dim twice and as such also emitting the undef var warning twice. |
#
f4e06ea5 |
| 30-Sep-2021 |
Nikita Popov |
Merge branch 'PHP-8.1' * PHP-8.1: Create reference wrappers in SEND_UNPACK if necessary
|
#
02244d5e |
| 30-Sep-2021 |
Nikita Popov |
Merge branch 'PHP-8.0' into PHP-8.1 * PHP-8.0: Create reference wrappers in SEND_UNPACK if necessary
|
#
e11faad2 |
| 30-Sep-2021 |
Nikita Popov |
Create reference wrappers in SEND_UNPACK if necessary Even if we can't actually pass by reference, we still need to create the REFERENCE wrapper to satisfy the calling convention. Th
Create reference wrappers in SEND_UNPACK if necessary Even if we can't actually pass by reference, we still need to create the REFERENCE wrapper to satisfy the calling convention. The particular test case would crash with JIT, because the existence of the reference was assumed. Fixes oss-fuzz #39440.
show more ...
|
#
e1f98447 |
| 29-Sep-2021 |
Nikita Popov |
Merge branch 'PHP-8.1' * PHP-8.1: Handle throwing destructor in BIND_STATIC
|
#
9346da89 |
| 29-Sep-2021 |
Nikita Popov |
Merge branch 'PHP-8.0' into PHP-8.1 * PHP-8.0: Handle throwing destructor in BIND_STATIC
|
#
ec54ffad |
| 29-Sep-2021 |
Nikita Popov |
Handle throwing destructor in BIND_STATIC Fixes oss-fuzz #39406. |
Revision tags: php-8.1.0RC3, php-8.0.11, php-7.4.24, php-7.3.31 |
|
#
5ce32368 |
| 17-Sep-2021 |
Nikita Popov |
Merge branch 'PHP-8.1' * PHP-8.1: Fix SEND_USER with ref arg
|
#
92f808b8 |
| 17-Sep-2021 |
Nikita Popov |
Merge branch 'PHP-8.0' into PHP-8.1 * PHP-8.0: Fix SEND_USER with ref arg
|
#
01453a0a |
| 17-Sep-2021 |
Nikita Popov |
Fix SEND_USER with ref arg Even though the input is not a reference (or not treated as such), we still need to create a reference to satisfy the function signature. Various code reli
Fix SEND_USER with ref arg Even though the input is not a reference (or not treated as such), we still need to create a reference to satisfy the function signature. Various code relies on reference arguments actually being references. In this particular case, it would result in a JIT crash. The zend_call_function() implementation already handled this correctly.
show more ...
|
Revision tags: php-8.1.0RC2 |
|
#
6446eafb |
| 14-Sep-2021 |
Nikita Popov |
Merge branch 'PHP-8.1' * PHP-8.1: Fix memory leak in array unpack with refcounted numeric string key
|
#
260d2acd |
| 14-Sep-2021 |
Nikita Popov |
Fix memory leak in array unpack with refcounted numeric string key |
#
6381a16f |
| 09-Sep-2021 |
Nikita Popov |
Avoid use after free in internal prop type verification This issue only applies to debug builds: read_property can free the object, but we'd try to check the object handlers afterwards.
Avoid use after free in internal prop type verification This issue only applies to debug builds: read_property can free the object, but we'd try to check the object handlers afterwards. Rewrite the check in a way that only accessed the object before the read_property call. Fixes oss-fuzz #38297.
show more ...
|
Revision tags: php-7.4.24RC1, php-8.0.11RC1, php-8.1.0RC1, php-7.4.23, php-8.0.10 |
|
#
a40ccd75 |
| 24-Aug-2021 |
Nikita Popov |
Fixed bug #81377 BP_VAR_UNSET should not result in undefined warnings. |