#
ba80372a |
| 28-Dec-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-13037: PharData incorrectly extracts zip file The code currently assumes that the extra field length of the central directory entry and the local entry are the same, but that's no
Fix GH-13037: PharData incorrectly extracts zip file The code currently assumes that the extra field length of the central directory entry and the local entry are the same, but that's not the case. For example, the "Extended Timestamp extra field" differs in size for local vs central directory entries. This causes the file contents offset to be incorrect because it is based on the central directory length instead of the local entry length. Fix it by reading the local entry and getting the size from there as well as checking consistency for the file name length. Closes GH-13045.
show more ...
|
#
a470c4ae |
| 28-Oct-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-12532: PharData created from zip has incorrect timestamp The datetime stored in the DOS time fields, which is what zip standard uses, is local time without a timezone. There's an
Fix GH-12532: PharData created from zip has incorrect timestamp The datetime stored in the DOS time fields, which is what zip standard uses, is local time without a timezone. There's an extension to the zip file format since '97 that allows storing a unix timestamp (in UTC) in the header for both the central directory and the local entries. This patch adds support for this. Closes GH-12548.
show more ...
|
#
e633be3e |
| 03-Mar-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-10766: PharData archive created with Phar::Zip format does not keep files metadata (datetime) Due to an incorrect check, the datetime was never actually set. To test this we need
Fix GH-10766: PharData archive created with Phar::Zip format does not keep files metadata (datetime) Due to an incorrect check, the datetime was never actually set. To test this we need to write the file using phar, but read the file using a different method to not get a cached, or a value that's been transformed twice and is therefore accidentally correct. Closes GH-10769
show more ...
|
#
fd6c2353 |
| 17-Jan-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Remove useless php_stream_tell() call Closes GH-10365.
|
Revision tags: php-8.2.0RC1, php-8.1.10, php-8.0.23, php-8.0.23RC1, php-8.1.10RC1, php-8.2.0beta3, php-8.2.0beta2, php-8.1.9, php-8.0.22, php-8.1.9RC1, php-8.2.0beta1, php-8.0.22RC1, php-8.0.21, php-8.1.8, php-8.2.0alpha3, php-8.1.8RC1, php-8.2.0alpha2, php-8.0.21RC1, php-8.0.20, php-8.1.7, php-8.2.0alpha1, php-7.4.30, php-8.1.7RC1, php-8.0.20RC1, php-8.1.6, php-8.0.19, php-8.1.6RC1, php-8.0.19RC1, php-8.0.18, php-8.1.5, php-7.4.29, php-8.1.5RC1, php-8.0.18RC1, php-8.1.4, php-8.0.17, php-8.1.4RC1, php-8.0.17RC1, php-8.1.3, php-8.0.16, php-7.4.28, php-8.1.3RC1, php-8.0.16RC1, php-8.1.2, php-8.0.15, php-8.1.2RC1, php-8.0.15RC1 |
|
#
2f529569 |
| 29-Dec-2021 |
Ilija Tovilo |
Optimize stripos/stristr Closes GH-7847 Closes GH-7852 Previously stripos/stristr would lowercase both the haystack and the needle to reuse strpos. The approach in this PR i
Optimize stripos/stristr Closes GH-7847 Closes GH-7852 Previously stripos/stristr would lowercase both the haystack and the needle to reuse strpos. The approach in this PR is similar to strpos. memchr is highly optimized so we're using it to search for the first character of the needle in the haystack. If we find it we compare the remaining characters of the needle manually. The new implementation seems to perform about half as well as strpos (as two memchr calls are necessary to find the next candidate).
show more ...
|
Revision tags: php-8.0.14, php-8.1.1, php-7.4.27, php-8.1.1RC1, php-8.0.14RC1, php-7.4.27RC1, php-8.1.0, php-8.0.13, php-7.4.26, php-7.3.33, php-8.1.0RC6, php-7.4.26RC1, php-8.0.13RC1, php-8.1.0RC5, php-7.3.32, php-7.4.25, php-8.0.12, php-8.1.0RC4, php-8.0.12RC1, php-7.4.25RC1, php-8.1.0RC3, php-8.0.11, php-7.4.24, php-7.3.31, php-8.1.0RC2, php-7.4.24RC1, php-8.0.11RC1, php-8.1.0RC1, php-7.4.23, php-8.0.10, php-7.3.30, php-8.1.0beta3, php-8.0.10RC1, php-7.4.23RC1 |
|
#
8bb0c74e |
| 05-Aug-2021 |
Remi Collet |
switch phar to use sha256 signature by default |
Revision tags: php-8.1.0beta2, php-8.0.9, php-7.4.22, php-8.1.0beta1, php-7.4.22RC1, php-8.0.9RC1, php-8.1.0alpha3 |
|
#
e7123ef5 |
| 03-Jul-2021 |
Anatol Belski |
phar: crc32: Extend and cleanup API for the new bulk crc32 functions As suggested on the patch discussion, adding init/end macros. Plus, prefixed the new functions with php_ to avoid pos
phar: crc32: Extend and cleanup API for the new bulk crc32 functions As suggested on the patch discussion, adding init/end macros. Plus, prefixed the new functions with php_ to avoid possible symbol conflicts. Signed-off-by: Anatol Belski <ab@php.net>
show more ...
|
Revision tags: php-7.4.21, php-7.3.29, php-8.0.8, php-8.1.0alpha2 |
|
#
28a1a6be |
| 19-Jun-2021 |
jianxind |
phar: use crc32 bulk method instead. (#6099) phar: use crc32 bulk method instead. Benefit from the hardware crc32 computing. Signed-off-by: Frank Du <frank.du@intel.com> |
Revision tags: php-7.4.21RC1, php-8.0.8RC1, php-8.1.0alpha1, php-8.0.7, php-7.4.20, php-8.0.7RC1, php-7.4.20RC1 |
|
#
01b3fc03 |
| 06-May-2021 |
KsaR |
Update http->https in license (#6945) 1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https. 2. Update few license 3.0 to 3.01 as
Update http->https in license (#6945) 1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https. 2. Update few license 3.0 to 3.01 as 3.0 states "php 5.1.1, 4.1.1, and earlier". 3. In some license comments is "at through the world-wide-web" while most is without "at", so deleted. 4. fixed indentation in some files before |
show more ...
|
Revision tags: php-8.0.6, php-7.4.19, php-7.4.18, php-7.3.28, php-8.0.5, php-8.0.5RC1, php-7.4.18RC1, php-8.0.4RC1, php-7.4.17RC1, php-8.0.3, php-7.4.16, php-8.0.3RC1, php-7.4.16RC1, php-8.0.2, php-7.4.15, php-7.3.27 |
|
#
f8be72a5 |
| 26-Jan-2021 |
Christoph M. Becker |
Merge branch 'PHP-8.0' * PHP-8.0: Fix #70091: Phar does not mark UTF-8 filenames in ZIP archives
|
#
01a34861 |
| 26-Jan-2021 |
Christoph M. Becker |
Merge branch 'PHP-7.4' into PHP-8.0 * PHP-7.4: Fix #70091: Phar does not mark UTF-8 filenames in ZIP archives
|
#
6a0b889f |
| 26-Jan-2021 |
Christoph M. Becker |
Fix #70091: Phar does not mark UTF-8 filenames in ZIP archives The default encoding of filenames in a ZIP archive is IBM Code Page 437. Phar, however, only supports UTF-8 filenames. Th
Fix #70091: Phar does not mark UTF-8 filenames in ZIP archives The default encoding of filenames in a ZIP archive is IBM Code Page 437. Phar, however, only supports UTF-8 filenames. Therefore we have to mark filenames as being stored in UTF-8 by setting the general purpose bit 11 (the language encoding flag). The effect of not setting this bit for non ASCII filenames can be seen in popular tools like 7-Zip and UnZip, but not when extracting the archives via ext/phar (which is agnostic to the filename encoding), or via ext/zip (which guesses the encoding). Thus we add a somewhat brittle low-level test case. Closes GH-6630.
show more ...
|
Revision tags: php-8.0.2RC1, php-7.4.15RC2, php-7.4.15RC1 |
|
#
3e01f5af |
| 15-Jan-2021 |
Nikita Popov |
Replace zend_bool uses with bool We're starting to see a mix between uses of zend_bool and bool. Replace all usages with the standard bool type everywhere. Of course, zend_bool
Replace zend_bool uses with bool We're starting to see a mix between uses of zend_bool and bool. Replace all usages with the standard bool type everywhere. Of course, zend_bool is retained as an alias.
show more ...
|
#
66a74f2f |
| 05-Jan-2021 |
Christoph M. Becker |
Merge branch 'PHP-7.4' into PHP-8.0 * PHP-7.4: Fix #77565: Incorrect locator detection in ZIP-based phars
|
#
d1b1c043 |
| 05-Jan-2021 |
Christoph M. Becker |
Fix #77565: Incorrect locator detection in ZIP-based phars We must not assume that the first end of central dir signature in a ZIP archive actually designates the end of central director
Fix #77565: Incorrect locator detection in ZIP-based phars We must not assume that the first end of central dir signature in a ZIP archive actually designates the end of central directory record, since the data in the archive may contain arbitrary byte patterns. Thus, we better search from the end of the data, what is also slightly more efficient. There is, however, no way to detect the end of central directory signature by searching from the end of the ZIP archive with absolute certainty, since the signature could be part of the trailing comment. To mitigate, we check that the comment length fits to the found position, but that might still not be the correct position in rare cases. Closes GH-6507.
show more ...
|
Revision tags: php-8.0.1 |
|
#
b7689db7 |
| 05-Jan-2021 |
Christoph M. Becker |
Prevent double-free of Phar ZIP stream We must not alias the closed stream to `phar_archive_data.fp`, and use PHAR_ZIP_FAIL() for consistency with the rest of this function. Clo
Prevent double-free of Phar ZIP stream We must not alias the closed stream to `phar_archive_data.fp`, and use PHAR_ZIP_FAIL() for consistency with the rest of this function. Closes GH-6578.
show more ...
|
Revision tags: php-7.4.14, php-7.3.26 |
|
#
9f96b2bd |
| 16-Dec-2020 |
Christoph M. Becker |
Fix #76929: zip-based phar does not respect phar.require_hash Based on the patch provided by david at bamsoftware. Closes GH-6517. |
Revision tags: php-7.4.14RC1, php-8.0.1RC1, php-7.3.26RC1 |
|
#
83cf4aa1 |
| 01-Dec-2020 |
Christoph M. Becker |
Merge branch 'PHP-7.4' into PHP-8.0 * PHP-7.4: Fix #73809: Phar Zip parse crash - mmap fail
|
#
c283f53b |
| 01-Dec-2020 |
Christoph M. Becker |
Fix #73809: Phar Zip parse crash - mmap fail Phar signatures practically are of limited size; for the MD5 and SHA hashes the size is fixed (at most 64 bytes for SHA512); for OpenSSL
Fix #73809: Phar Zip parse crash - mmap fail Phar signatures practically are of limited size; for the MD5 and SHA hashes the size is fixed (at most 64 bytes for SHA512); for OpenSSL public keys there is no size limit in theory, but "64 KiB ought to be good enough for anybody". So we check for that limit, to avoid fatal errors due to out of memory conditions. Since it is neither possible to have the signature compressed in the ZIP archive, nor is it possible to manually add a signature via Phar, we use ZipArchive to create a suitable archive for the test on the fly. Closes GH-6474.
show more ...
|
Revision tags: php-8.0.0, php-7.3.25, php-7.4.13, php-8.0.0RC5, php-7.4.13RC1, php-8.0.0RC4, php-7.3.25RC1, php-7.4.12, php-8.0.0RC3, php-7.3.24, php-8.0.0RC2, php-7.4.12RC1, php-7.3.24RC1, php-7.2.34, php-8.0.0rc1, php-7.4.11, php-7.3.23, php-8.0.0beta4, php-7.4.11RC1, php-7.3.23RC1, php-8.0.0beta3, php-7.4.10, php-7.3.22, php-8.0.0beta2, php-7.3.22RC1, php-7.4.10RC1, php-8.0.0beta1, php-7.4.9, php-7.2.33, php-7.3.21, php-8.0.0alpha3, php-7.4.9RC1, php-7.3.21RC1, php-7.4.8 |
|
#
0c238ede |
| 07-Jul-2020 |
Tyson Andre |
[RFC] Only unserialize Phar metadata when getMetadata() is called In other words, don't automatically unserialize when the magic phar:// stream wrappers are used. RFC: https://wiki.p
[RFC] Only unserialize Phar metadata when getMetadata() is called In other words, don't automatically unserialize when the magic phar:// stream wrappers are used. RFC: https://wiki.php.net/rfc/phar_stop_autoloading_metadata Also, change the signature from `getMetadata()` to `getMetadata(array $unserialize_options = [])`. Start throwing earlier if setMetadata() is called and serialization threw. See https://externals.io/message/110856 and https://bugs.php.net/bug.php?id=76774 This was refactored to add a phar_metadata_tracker for the following reasons: - The way to properly copy a zval was previously implicit and undocumented (e.g. is it a pointer to a raw string or an actual value) - Avoid unnecessary serialization and unserialization in the most common case - If a metadata value is serialized once while saving a new/modified phar file, this allows reusing the same serialized string. - Have as few ways to copy/clone/lazily parse metadata (etc.) as possible, so that code changes can be limited to only a few places in the future. - Performance is hopefully not a concern - copying a string should be faster than unserializing a value, and metadata should be rare in most cases. Remove unnecessary skip in a test(Compression's unused) Add additional assertions about usage of persistent phars Improve robustness of `Phar*->setMetadata()` - Add sanity checks for edge cases freeing metadata, when destructors or serializers modify the phar recursively. - Typical use cases of php have phar.readonly=1 and would not be affected. Closes GH-5855
show more ...
|
#
775385df |
| 14-Jul-2020 |
Christoph M. Becker |
Fix #79797: Use of freed hash key in the phar_parse_zipfile function We must not use heap memory after we freed it. |
#
9c3171f0 |
| 14-Jul-2020 |
Christoph M. Becker |
Fix #79797: Use of freed hash key in the phar_parse_zipfile function We must not use heap memory after we freed it. |
Revision tags: php-7.2.32, php-8.0.0alpha2, php-7.3.20, php-8.0.0alpha1, php-7.4.8RC1, php-7.3.20RC1, php-7.4.7, php-7.3.19, php-7.4.7RC1, php-7.3.19RC1, php-7.4.6, php-7.2.31, php-7.4.6RC1, php-7.3.18RC1, php-7.2.30, php-7.4.5, php-7.3.17, php-7.4.5RC1, php-7.3.17RC1, php-7.3.18, php-7.4.4, php-7.2.29, php-7.3.16, php-7.4.4RC1, php-7.3.16RC1, php-7.4.3, php-7.2.28, php-7.3.15RC1, php-7.4.3RC1, php-7.3.15, php-7.2.27, php-7.4.2, php-7.3.14, php-7.3.14RC1, php-7.4.2RC1, php-7.4.1, php-7.2.26, php-7.3.13, php-7.4.1RC1, php-7.3.13RC1, php-7.2.26RC1, php-7.4.0, php-7.2.25, php-7.3.12, php-7.4.0RC6, php-7.3.12RC1, php-7.2.25RC1, php-7.4.0RC5, php-7.1.33, php-7.2.24, php-7.3.11, php-7.4.0RC4, php-7.3.11RC1, php-7.2.24RC1, php-7.4.0RC3, php-7.2.23, php-7.3.10, php-7.4.0RC2, php-7.2.23RC1, php-7.3.10RC1, php-7.4.0RC1, php-7.1.32, php-7.2.22, php-7.3.9, php-7.4.0beta4, php-7.2.22RC1, php-7.3.9RC1, php-7.4.0beta2, php-7.1.31, php-7.2.21, php-7.3.8 |
|
#
946a1e43 |
| 24-Jul-2019 |
Remi Collet |
Fix build warnings - switch from strncpy to memcpy for -Wstringop-truncation |
Revision tags: php-7.4.0beta1, php-7.2.21RC1, php-7.3.8RC1, php-7.4.0alpha3, php-7.3.7, php-7.2.20, php-7.4.0alpha2, php-7.3.7RC3 |
|
#
b1196e21 |
| 19-Jun-2019 |
Nikita Popov |
Phar: Avoid negative zip dates The zip date/time encoding format is incredibly stupid. |
Revision tags: php-7.3.7RC2, php-7.2.20RC2, php-7.4.0alpha1, php-7.3.7RC1, php-7.2.20RC1, php-7.2.19, php-7.3.6, php-7.1.30, php-7.2.19RC1, php-7.3.6RC1, php-7.1.29, php-7.2.18, php-7.3.5, php-7.2.18RC1, php-7.3.5RC1, php-7.2.17, php-7.3.4, php-7.1.28, php-7.3.4RC1, php-7.2.17RC1, php-7.1.27, php-7.3.3, php-7.2.16, php-7.3.3RC1, php-7.2.16RC1, php-7.2.15, php-7.3.2 |
|
#
c245898b |
| 03-Feb-2019 |
Peter Kokot |
Update and fix remaining year ranges (2019) This patch follows previous license year ranges updates. With new approach source code files now have simplified headers with license info
Update and fix remaining year ranges (2019) This patch follows previous license year ranges updates. With new approach source code files now have simplified headers with license information without year ranges.
show more ...
|