| #
ba80372a |
| 28-Dec-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-13037: PharData incorrectly extracts zip file
The code currently assumes that the extra field length of the central
directory entry and the local entry are the same, but that's no
Fix GH-13037: PharData incorrectly extracts zip file
The code currently assumes that the extra field length of the central
directory entry and the local entry are the same, but that's not the
case. For example, the "Extended Timestamp extra field" differs in size
for local vs central directory entries. This causes the file contents
offset to be incorrect because it is based on the central directory
length instead of the local entry length. Fix it by reading the local
entry and getting the size from there as well as checking consistency
for the file name length.
Closes GH-13045.
show more ...
|
| #
a470c4ae |
| 28-Oct-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-12532: PharData created from zip has incorrect timestamp
The datetime stored in the DOS time fields, which is what zip standard
uses, is local time without a timezone. There's an
Fix GH-12532: PharData created from zip has incorrect timestamp
The datetime stored in the DOS time fields, which is what zip standard
uses, is local time without a timezone. There's an extension to the zip
file format since '97 that allows storing a unix timestamp (in UTC) in
the header for both the central directory and the local entries.
This patch adds support for this.
Closes GH-12548.
show more ...
|
| #
e633be3e |
| 03-Mar-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-10766: PharData archive created with Phar::Zip format does not keep files metadata (datetime)
Due to an incorrect check, the datetime was never actually set.
To test this we need
Fix GH-10766: PharData archive created with Phar::Zip format does not keep files metadata (datetime)
Due to an incorrect check, the datetime was never actually set.
To test this we need to write the file using phar, but read the file
using a different method to not get a cached, or a value that's been
transformed twice and is therefore accidentally correct.
Closes GH-10769
show more ...
|
| #
fd6c2353 |
| 17-Jan-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Remove useless php_stream_tell() call
Closes GH-10365.
|
|
Revision tags: php-8.2.0RC1, php-8.1.10, php-8.0.23, php-8.0.23RC1, php-8.1.10RC1, php-8.2.0beta3, php-8.2.0beta2, php-8.1.9, php-8.0.22, php-8.1.9RC1, php-8.2.0beta1, php-8.0.22RC1, php-8.0.21, php-8.1.8, php-8.2.0alpha3, php-8.1.8RC1, php-8.2.0alpha2, php-8.0.21RC1, php-8.0.20, php-8.1.7, php-8.2.0alpha1, php-7.4.30, php-8.1.7RC1, php-8.0.20RC1, php-8.1.6, php-8.0.19, php-8.1.6RC1, php-8.0.19RC1, php-8.0.18, php-8.1.5, php-7.4.29, php-8.1.5RC1, php-8.0.18RC1, php-8.1.4, php-8.0.17, php-8.1.4RC1, php-8.0.17RC1, php-8.1.3, php-8.0.16, php-7.4.28, php-8.1.3RC1, php-8.0.16RC1, php-8.1.2, php-8.0.15, php-8.1.2RC1, php-8.0.15RC1 |
|
| #
2f529569 |
| 29-Dec-2021 |
Ilija Tovilo |
Optimize stripos/stristr
Closes GH-7847
Closes GH-7852
Previously stripos/stristr would lowercase both the haystack and the
needle to reuse strpos. The approach in this PR i
Optimize stripos/stristr
Closes GH-7847
Closes GH-7852
Previously stripos/stristr would lowercase both the haystack and the
needle to reuse strpos. The approach in this PR is similar to strpos.
memchr is highly optimized so we're using it to search for the first
character of the needle in the haystack. If we find it we compare the
remaining characters of the needle manually.
The new implementation seems to perform about half as well as strpos (as
two memchr calls are necessary to find the next candidate).
show more ...
|
|
Revision tags: php-8.0.14, php-8.1.1, php-7.4.27, php-8.1.1RC1, php-8.0.14RC1, php-7.4.27RC1, php-8.1.0, php-8.0.13, php-7.4.26, php-7.3.33, php-8.1.0RC6, php-7.4.26RC1, php-8.0.13RC1, php-8.1.0RC5, php-7.3.32, php-7.4.25, php-8.0.12, php-8.1.0RC4, php-8.0.12RC1, php-7.4.25RC1, php-8.1.0RC3, php-8.0.11, php-7.4.24, php-7.3.31, php-8.1.0RC2, php-7.4.24RC1, php-8.0.11RC1, php-8.1.0RC1, php-7.4.23, php-8.0.10, php-7.3.30, php-8.1.0beta3, php-8.0.10RC1, php-7.4.23RC1 |
|
| #
8bb0c74e |
| 05-Aug-2021 |
Remi Collet |
switch phar to use sha256 signature by default |
|
Revision tags: php-8.1.0beta2, php-8.0.9, php-7.4.22, php-8.1.0beta1, php-7.4.22RC1, php-8.0.9RC1, php-8.1.0alpha3 |
|
| #
e7123ef5 |
| 03-Jul-2021 |
Anatol Belski |
phar: crc32: Extend and cleanup API for the new bulk crc32 functions
As suggested on the patch discussion, adding init/end macros. Plus,
prefixed the new functions with php_ to avoid pos
phar: crc32: Extend and cleanup API for the new bulk crc32 functions
As suggested on the patch discussion, adding init/end macros. Plus,
prefixed the new functions with php_ to avoid possible symbol conflicts.
Signed-off-by: Anatol Belski <ab@php.net>
show more ...
|
|
Revision tags: php-7.4.21, php-7.3.29, php-8.0.8, php-8.1.0alpha2 |
|
| #
28a1a6be |
| 19-Jun-2021 |
jianxind |
phar: use crc32 bulk method instead. (#6099)
phar: use crc32 bulk method instead.
Benefit from the hardware crc32 computing.
Signed-off-by: Frank Du <frank.du@intel.com> |
|
Revision tags: php-7.4.21RC1, php-8.0.8RC1, php-8.1.0alpha1, php-8.0.7, php-7.4.20, php-8.0.7RC1, php-7.4.20RC1 |
|
| #
01b3fc03 |
| 06-May-2021 |
KsaR |
Update http->https in license (#6945)
1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https.
2. Update few license 3.0 to 3.01 as
Update http->https in license (#6945)
1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https.
2. Update few license 3.0 to 3.01 as 3.0 states "php 5.1.1, 4.1.1, and earlier".
3. In some license comments is "at through the world-wide-web" while most is without "at", so deleted.
4. fixed indentation in some files before |
show more ...
|
|
Revision tags: php-8.0.6, php-7.4.19, php-7.4.18, php-7.3.28, php-8.0.5, php-8.0.5RC1, php-7.4.18RC1, php-8.0.4RC1, php-7.4.17RC1, php-8.0.3, php-7.4.16, php-8.0.3RC1, php-7.4.16RC1, php-8.0.2, php-7.4.15, php-7.3.27 |
|
| #
f8be72a5 |
| 26-Jan-2021 |
Christoph M. Becker |
Merge branch 'PHP-8.0'
* PHP-8.0:
Fix #70091: Phar does not mark UTF-8 filenames in ZIP archives
|
| #
01a34861 |
| 26-Jan-2021 |
Christoph M. Becker |
Merge branch 'PHP-7.4' into PHP-8.0
* PHP-7.4:
Fix #70091: Phar does not mark UTF-8 filenames in ZIP archives
|
| #
6a0b889f |
| 26-Jan-2021 |
Christoph M. Becker |
Fix #70091: Phar does not mark UTF-8 filenames in ZIP archives
The default encoding of filenames in a ZIP archive is IBM Code Page
437. Phar, however, only supports UTF-8 filenames. Th
Fix #70091: Phar does not mark UTF-8 filenames in ZIP archives
The default encoding of filenames in a ZIP archive is IBM Code Page
437. Phar, however, only supports UTF-8 filenames. Therefore we have
to mark filenames as being stored in UTF-8 by setting the general
purpose bit 11 (the language encoding flag).
The effect of not setting this bit for non ASCII filenames can be seen
in popular tools like 7-Zip and UnZip, but not when extracting the
archives via ext/phar (which is agnostic to the filename encoding), or
via ext/zip (which guesses the encoding). Thus we add a somewhat
brittle low-level test case.
Closes GH-6630.
show more ...
|
|
Revision tags: php-8.0.2RC1, php-7.4.15RC2, php-7.4.15RC1 |
|
| #
3e01f5af |
| 15-Jan-2021 |
Nikita Popov |
Replace zend_bool uses with bool
We're starting to see a mix between uses of zend_bool and bool.
Replace all usages with the standard bool type everywhere.
Of course, zend_bool
Replace zend_bool uses with bool
We're starting to see a mix between uses of zend_bool and bool.
Replace all usages with the standard bool type everywhere.
Of course, zend_bool is retained as an alias.
show more ...
|
| #
66a74f2f |
| 05-Jan-2021 |
Christoph M. Becker |
Merge branch 'PHP-7.4' into PHP-8.0
* PHP-7.4:
Fix #77565: Incorrect locator detection in ZIP-based phars
|
| #
d1b1c043 |
| 05-Jan-2021 |
Christoph M. Becker |
Fix #77565: Incorrect locator detection in ZIP-based phars
We must not assume that the first end of central dir signature in a ZIP
archive actually designates the end of central director
Fix #77565: Incorrect locator detection in ZIP-based phars
We must not assume that the first end of central dir signature in a ZIP
archive actually designates the end of central directory record, since
the data in the archive may contain arbitrary byte patterns. Thus, we
better search from the end of the data, what is also slightly more
efficient.
There is, however, no way to detect the end of central directory
signature by searching from the end of the ZIP archive with absolute
certainty, since the signature could be part of the trailing comment.
To mitigate, we check that the comment length fits to the found
position, but that might still not be the correct position in rare
cases.
Closes GH-6507.
show more ...
|
|
Revision tags: php-8.0.1 |
|
| #
b7689db7 |
| 05-Jan-2021 |
Christoph M. Becker |
Prevent double-free of Phar ZIP stream
We must not alias the closed stream to `phar_archive_data.fp`, and use
PHAR_ZIP_FAIL() for consistency with the rest of this function.
Clo
Prevent double-free of Phar ZIP stream
We must not alias the closed stream to `phar_archive_data.fp`, and use
PHAR_ZIP_FAIL() for consistency with the rest of this function.
Closes GH-6578.
show more ...
|
|
Revision tags: php-7.4.14, php-7.3.26 |
|
| #
9f96b2bd |
| 16-Dec-2020 |
Christoph M. Becker |
Fix #76929: zip-based phar does not respect phar.require_hash
Based on the patch provided by david at bamsoftware.
Closes GH-6517. |
|
Revision tags: php-7.4.14RC1, php-8.0.1RC1, php-7.3.26RC1 |
|
| #
83cf4aa1 |
| 01-Dec-2020 |
Christoph M. Becker |
Merge branch 'PHP-7.4' into PHP-8.0
* PHP-7.4:
Fix #73809: Phar Zip parse crash - mmap fail
|
| #
c283f53b |
| 01-Dec-2020 |
Christoph M. Becker |
Fix #73809: Phar Zip parse crash - mmap fail
Phar signatures practically are of limited size; for the MD5 and SHA
hashes the size is fixed (at most 64 bytes for SHA512); for OpenSSL
Fix #73809: Phar Zip parse crash - mmap fail
Phar signatures practically are of limited size; for the MD5 and SHA
hashes the size is fixed (at most 64 bytes for SHA512); for OpenSSL
public keys there is no size limit in theory, but "64 KiB ought to be
good enough for anybody". So we check for that limit, to avoid fatal
errors due to out of memory conditions.
Since it is neither possible to have the signature compressed in the
ZIP archive, nor is it possible to manually add a signature via Phar,
we use ZipArchive to create a suitable archive for the test on the fly.
Closes GH-6474.
show more ...
|
|
Revision tags: php-8.0.0, php-7.3.25, php-7.4.13, php-8.0.0RC5, php-7.4.13RC1, php-8.0.0RC4, php-7.3.25RC1, php-7.4.12, php-8.0.0RC3, php-7.3.24, php-8.0.0RC2, php-7.4.12RC1, php-7.3.24RC1, php-7.2.34, php-8.0.0rc1, php-7.4.11, php-7.3.23, php-8.0.0beta4, php-7.4.11RC1, php-7.3.23RC1, php-8.0.0beta3, php-7.4.10, php-7.3.22, php-8.0.0beta2, php-7.3.22RC1, php-7.4.10RC1, php-8.0.0beta1, php-7.4.9, php-7.2.33, php-7.3.21, php-8.0.0alpha3, php-7.4.9RC1, php-7.3.21RC1, php-7.4.8 |
|
| #
0c238ede |
| 07-Jul-2020 |
Tyson Andre |
[RFC] Only unserialize Phar metadata when getMetadata() is called
In other words, don't automatically unserialize when the magic
phar:// stream wrappers are used.
RFC: https://wiki.p
[RFC] Only unserialize Phar metadata when getMetadata() is called
In other words, don't automatically unserialize when the magic
phar:// stream wrappers are used.
RFC: https://wiki.php.net/rfc/phar_stop_autoloading_metadata
Also, change the signature from `getMetadata()`
to `getMetadata(array $unserialize_options = [])`.
Start throwing earlier if setMetadata() is called and serialization threw.
See https://externals.io/message/110856 and
https://bugs.php.net/bug.php?id=76774
This was refactored to add a phar_metadata_tracker for the following reasons:
- The way to properly copy a zval was previously implicit and undocumented
(e.g. is it a pointer to a raw string or an actual value)
- Avoid unnecessary serialization and unserialization in the most common case
- If a metadata value is serialized once while saving a new/modified phar file,
this allows reusing the same serialized string.
- Have as few ways to copy/clone/lazily parse metadata (etc.) as possible,
so that code changes can be limited to only a few places in the future.
- Performance is hopefully not a concern - copying a string should be faster
than unserializing a value, and metadata should be rare in most cases.
Remove unnecessary skip in a test(Compression's unused)
Add additional assertions about usage of persistent phars
Improve robustness of `Phar*->setMetadata()`
- Add sanity checks for edge cases freeing metadata, when destructors
or serializers modify the phar recursively.
- Typical use cases of php have phar.readonly=1 and would not be affected.
Closes GH-5855
show more ...
|
| #
775385df |
| 14-Jul-2020 |
Christoph M. Becker |
Fix #79797: Use of freed hash key in the phar_parse_zipfile function
We must not use heap memory after we freed it. |
| #
9c3171f0 |
| 14-Jul-2020 |
Christoph M. Becker |
Fix #79797: Use of freed hash key in the phar_parse_zipfile function
We must not use heap memory after we freed it. |
|
Revision tags: php-7.2.32, php-8.0.0alpha2, php-7.3.20, php-8.0.0alpha1, php-7.4.8RC1, php-7.3.20RC1, php-7.4.7, php-7.3.19, php-7.4.7RC1, php-7.3.19RC1, php-7.4.6, php-7.2.31, php-7.4.6RC1, php-7.3.18RC1, php-7.2.30, php-7.4.5, php-7.3.17, php-7.4.5RC1, php-7.3.17RC1, php-7.3.18, php-7.4.4, php-7.2.29, php-7.3.16, php-7.4.4RC1, php-7.3.16RC1, php-7.4.3, php-7.2.28, php-7.3.15RC1, php-7.4.3RC1, php-7.3.15, php-7.2.27, php-7.4.2, php-7.3.14, php-7.3.14RC1, php-7.4.2RC1, php-7.4.1, php-7.2.26, php-7.3.13, php-7.4.1RC1, php-7.3.13RC1, php-7.2.26RC1, php-7.4.0, php-7.2.25, php-7.3.12, php-7.4.0RC6, php-7.3.12RC1, php-7.2.25RC1, php-7.4.0RC5, php-7.1.33, php-7.2.24, php-7.3.11, php-7.4.0RC4, php-7.3.11RC1, php-7.2.24RC1, php-7.4.0RC3, php-7.2.23, php-7.3.10, php-7.4.0RC2, php-7.2.23RC1, php-7.3.10RC1, php-7.4.0RC1, php-7.1.32, php-7.2.22, php-7.3.9, php-7.4.0beta4, php-7.2.22RC1, php-7.3.9RC1, php-7.4.0beta2, php-7.1.31, php-7.2.21, php-7.3.8 |
|
| #
946a1e43 |
| 24-Jul-2019 |
Remi Collet |
Fix build warnings
- switch from strncpy to memcpy for -Wstringop-truncation |
|
Revision tags: php-7.4.0beta1, php-7.2.21RC1, php-7.3.8RC1, php-7.4.0alpha3, php-7.3.7, php-7.2.20, php-7.4.0alpha2, php-7.3.7RC3 |
|
| #
b1196e21 |
| 19-Jun-2019 |
Nikita Popov |
Phar: Avoid negative zip dates
The zip date/time encoding format is incredibly stupid. |
|
Revision tags: php-7.3.7RC2, php-7.2.20RC2, php-7.4.0alpha1, php-7.3.7RC1, php-7.2.20RC1, php-7.2.19, php-7.3.6, php-7.1.30, php-7.2.19RC1, php-7.3.6RC1, php-7.1.29, php-7.2.18, php-7.3.5, php-7.2.18RC1, php-7.3.5RC1, php-7.2.17, php-7.3.4, php-7.1.28, php-7.3.4RC1, php-7.2.17RC1, php-7.1.27, php-7.3.3, php-7.2.16, php-7.3.3RC1, php-7.2.16RC1, php-7.2.15, php-7.3.2 |
|
| #
c245898b |
| 03-Feb-2019 |
Peter Kokot |
Update and fix remaining year ranges (2019)
This patch follows previous license year ranges updates. With new
approach source code files now have simplified headers with license
info
Update and fix remaining year ranges (2019)
This patch follows previous license year ranges updates. With new
approach source code files now have simplified headers with license
information without year ranges.
show more ...
|
