Use a single version of strnlen (#12015)

* Zend: Make zend_strnlen available for use outside zend_compile

* exif: remove local php_strnlen, use zend_strnlen instead

* main

Use a single version of strnlen (#12015)

* Zend: Make zend_strnlen available for use outside zend_compile

* exif: remove local php_strnlen, use zend_strnlen instead

* main: remove local strnlen, use zend_strnlen instead

* phar: remove local strnlen, use zend_strnlen

show more ...

Fix undefined behaviour when writing 32-bit values in phar/tar.c

As shown on the CI runs on my fork (which runs with UBSAN),
the pointers can sometimes be unaligned when trying to write.

Fix undefined behaviour when writing 32-bit values in phar/tar.c

As shown on the CI runs on my fork (which runs with UBSAN),
the pointers can sometimes be unaligned when trying to write.
This is UB and on platforms like ARM this *can* result in a bus error.
Replace it with memcpy, which at least on x86 and powerpc
architectures does result in the same assembly code.

Closes GH-10940.

show more ...

Fix incorrect check in phar tar parsing

The entry.flags was used to check whether the entry has the directory
flag. The flags however were masked to only contain the permissions. We

Fix incorrect check in phar tar parsing

The entry.flags was used to check whether the entry has the directory
flag. The flags however were masked to only contain the permissions. We
need to check the mode, before the permission masking, instead of the
flags to check whether it is a directory.

Closes GH-10464

Signed-off-by: George Peter Banyard <girgias@php.net>

show more ...

Optimize stripos/stristr

Closes GH-7847
Closes GH-7852

Previously stripos/stristr would lowercase both the haystack and the
needle to reuse strpos. The approach in this PR i

Optimize stripos/stristr

Closes GH-7847
Closes GH-7852

Previously stripos/stristr would lowercase both the haystack and the
needle to reuse strpos. The approach in this PR is similar to strpos.
memchr is highly optimized so we're using it to search for the first
character of the needle in the haystack. If we find it we compare the
remaining characters of the needle manually.

The new implementation seems to perform about half as well as strpos (as
two memchr calls are necessary to find the next candidate).

show more ...

Fix 'can not' in test data and in code comments

Fixed some spaces used instead of tabs

Update http->https in license (#6945)

1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https.
2. Update few license 3.0 to 3.01 as

Update http->https in license (#6945)

1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https.
2. Update few license 3.0 to 3.01 as 3.0 states "php 5.1.1, 4.1.1, and earlier".
3. In some license comments is "at through the world-wide-web" while most is without "at", so deleted.
4. fixed indentation in some files before |

show more ...

Replace zend_bool uses with bool

We're starting to see a mix between uses of zend_bool and bool.
Replace all usages with the standard bool type everywhere.

Of course, zend_bool

Replace zend_bool uses with bool

We're starting to see a mix between uses of zend_bool and bool.
Replace all usages with the standard bool type everywhere.

Of course, zend_bool is retained as an alias.

show more ...

Merge branch 'PHP-7.4' into PHP-8.0

* PHP-7.4:
Fix #75102: `PharData` says invalid checksum for valid tar

Fix #75102: `PharData` says invalid checksum for valid tar

Apparently, there are broken tarballs out there which are actually in
ustar format, but did not write the `ustar` marker. Sinc

Fix #75102: `PharData` says invalid checksum for valid tar

Apparently, there are broken tarballs out there which are actually in
ustar format, but did not write the `ustar` marker. Since popular tar
tools like GNU tar and 7zip have no issues dealing with such tarballs,
Phar should also be more resilient.

Thus, when the first checksum check of a tarball in (presumed) in old-
style format fails, we check whether the checksum would be suitable for
ustar format; if so, we treat the tarball as being in ustar format.

Closes GH-6479.

show more ...

[RFC] Only unserialize Phar metadata when getMetadata() is called

In other words, don't automatically unserialize when the magic
phar:// stream wrappers are used.
RFC: https://wiki.p

[RFC] Only unserialize Phar metadata when getMetadata() is called

In other words, don't automatically unserialize when the magic
phar:// stream wrappers are used.
RFC: https://wiki.php.net/rfc/phar_stop_autoloading_metadata

Also, change the signature from `getMetadata()`
to `getMetadata(array $unserialize_options = [])`.
Start throwing earlier if setMetadata() is called and serialization threw.

See https://externals.io/message/110856 and
https://bugs.php.net/bug.php?id=76774

This was refactored to add a phar_metadata_tracker for the following reasons:
- The way to properly copy a zval was previously implicit and undocumented
(e.g. is it a pointer to a raw string or an actual value)
- Avoid unnecessary serialization and unserialization in the most common case
- If a metadata value is serialized once while saving a new/modified phar file,
this allows reusing the same serialized string.
- Have as few ways to copy/clone/lazily parse metadata (etc.) as possible,
so that code changes can be limited to only a few places in the future.
- Performance is hopefully not a concern - copying a string should be faster
than unserializing a value, and metadata should be rare in most cases.

Remove unnecessary skip in a test(Compression's unused)

Add additional assertions about usage of persistent phars

Improve robustness of `Phar*->setMetadata()`

- Add sanity checks for edge cases freeing metadata, when destructors
or serializers modify the phar recursively.
- Typical use cases of php have phar.readonly=1 and would not be affected.

Closes GH-5855

show more ...

Fix [-Wundef] warning in PHAR extension

Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
Fix #79503: Memory leak on duplicate metadata

Fix #79503: Memory leak on duplicate metadata

Duplicate metadata can only happen if someone tampers with the phar, so
we can and should treat that as error.

Fix build warnings

- switch from strncpy to memcpy for -Wstringop-truncation

Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
Fix bug #77586 - phar_tar_writeheaders_int() buffer overflow

Merge branch 'PHP-7.2' into PHP-7.3

* PHP-7.2:
Fix bug #77586 - phar_tar_writeheaders_int() buffer overflow

Merge branch 'PHP-7.1' into PHP-7.2

* PHP-7.1:
Fix bug #77586 - phar_tar_writeheaders_int() buffer overflow

Fix bug #77586 - phar_tar_writeheaders_int() buffer overflow

Update and fix remaining year ranges (2019)

This patch follows previous license year ranges updates. With new
approach source code files now have simplified headers with license
info

Update and fix remaining year ranges (2019)

This patch follows previous license year ranges updates. With new
approach source code files now have simplified headers with license
information without year ranges.

show more ...

Remove local variables

This patch removes the so called local variables defined per
file basis for certain editors to properly show tab width, and
similar settings. These are mainly

Remove local variables

This patch removes the so called local variables defined per
file basis for certain editors to properly show tab width, and
similar settings. These are mainly used by Vim and Emacs editors
yet with recent changes the once working definitions don't work
anymore in Vim without custom plugins or additional configuration.
Neither are these settings synced across the PHP code base.

A simpler and better approach is EditorConfig and fixing code
using some code style fixing tools in the future instead.

This patch also removes the so called modelines for Vim. Modelines
allow Vim editor specifically to set some editor configuration such as
syntax highlighting, indentation style and tab width to be set in the
first line or the last 5 lines per file basis. Since the php test
files have syntax highlighting already set in most editors properly and
EditorConfig takes care of the indentation settings, this patch removes
these as well for the Vim 6.0 and newer versions.

With the removal of local variables for certain editors such as
Emacs and Vim, the footer is also probably not needed anymore when
creating extensions using ext_skel.php script.

Additionally, Vim modelines for setting php syntax and some editor
settings has been removed from some *.phpt files. All these are
mostly not relevant for phpt files neither work properly in the
middle of the file.

show more ...

Fix some sign-related issues in comparisons

Future-proof email addresses

Future-proof email addresses...

Replace zval_dtor() with specialized destructors