Fix #72146: Integer overflow on substr_replace

Adding two `zend_long`s may overflow, and casting `size_t` to
`zend_long` may truncate; we can avoid this here by enforcing unsigned
ar

Fix #72146: Integer overflow on substr_replace

Adding two `zend_long`s may overflow, and casting `size_t` to
`zend_long` may truncate; we can avoid this here by enforcing unsigned
arithmetic.

Closes GH-7240.

show more ...

Fix #79986: str_ireplace bug with diacritics characters

`tolower()` returns an `int`, so we must not convert to `char` which
may be `signed` and as such may be subject to overflow (actua

Fix #79986: str_ireplace bug with diacritics characters

`tolower()` returns an `int`, so we must not convert to `char` which
may be `signed` and as such may be subject to overflow (actually,
implementation defined behavior).

Closes GH-6007

show more ...

Fixed bug #79951

One branch did not release tmp_replace_entry_str.

Also reduce the scope of some variables.

Fixed bug #79849

Closes GH-5853.

Fixed bug #79817

Use *_IND macros in a few places in string.c.

Yet another check for php_strip_tags_ex()

Yet another check for php_strip_tags_ex()

More checks for php_strip_tags_ex

Fix #79099: OOB read in php_strip_tags_ex

Fix #78814: strip_tags allows / in tag name => whitelist bypass

When normalizing tags to check whether they are contained in the set
of allowable tags, we must not strip slashes, unless

Fix #78814: strip_tags allows / in tag name => whitelist bypass

When normalizing tags to check whether they are contained in the set
of allowable tags, we must not strip slashes, unless they come
immediately after the opening `<`, or immediately before the closing
`>`.

show more ...

Fix #78840: imploding $GLOBALS crashes

We add support for IS_INDIRECT zvals to implode().

Fixed bug #78612

Fix #78346: strip_tags no longer handling nested php tags

When the strip tags state machine has been flattened, an if statement
has mistakenly been treated as else if. We fix this, and

Fix #78346: strip_tags no longer handling nested php tags

When the strip tags state machine has been flattened, an if statement
has mistakenly been treated as else if. We fix this, and also simplify
a bit right away.

show more ...

Deprecate implode() with swapped parameter order

vectorize string-escape with NEON

On this benchmark:
function simple_string_escape() {
$a = "test'asd'asd'' asd\'\"asdfasdf";
for($i=0; $i<512; $i++) {
$a .=

vectorize string-escape with NEON

On this benchmark:
function simple_string_escape() {
$a = "test'asd'asd'' asd\'\"asdfasdf";
for($i=0; $i<512; $i++) {
$a .= chr($i%256);
}
for ($i = 0; $i < 100000; $i++) {
if ($a === stripslashes(addslashes($a)))
$a .= chr($i%256);
else {
echo "error at i=".$i."\n";
return;
}
}
}
the execution time goes from 21.619s to 8.139s (165% speedup) on an A1 Graviton instance.

When removing the characters that need escaping, i.e., this benchmark:
function simple_string() {
$a = "testasdasd asdasdfasdf";
for ($i = 0; $i < 10000; $i++) {
if ($a === stripslashes(addslashes($a)))
$a .= "test dedeasdf";
else {
echo "error at i=".$i."\n";
return;
}
}
}
the execution time goes from 2.932s down to 0.516s (468% speedup) on an A1 Graviton instance.

show more ...

Mark ifunc resolver functions as unused

It looks like clang doesn't see that these are used through
__attribute__((ifunc)) and generates a warning.

Remove HAVE_STRCOLL check

The strcoll function is defined in the C89 standard and should be
on today's systems always available via the <string.h> header.

https://port70.net/~ns

Remove HAVE_STRCOLL check

The strcoll function is defined in the C89 standard and should be
on today's systems always available via the <string.h> header.

https://port70.net/~nsz/c/c89/c89-draft.html#4.11.4.3

- Remove also SKIPIF strcoll check in test

show more ...

In php_needle_char() use well-defined double->integer cast

...by going through zval_get_long(). Generally out of range double
casts are undefined.

Avoid address calculation overflow

Fix #77937: preg_match failed

On some recent Windows systems, ext\pcre\tests\locales.phpt fails,
because 'pt_PT' is accepted by `setlocale()`, but not properly
supported by the ctype

Fix #77937: preg_match failed

On some recent Windows systems, ext\pcre\tests\locales.phpt fails,
because 'pt_PT' is accepted by `setlocale()`, but not properly
supported by the ctype functions, which are used internally by PCRE2 to
build the localized character tables.

Since there appears to be no way to properly check whether a given
locale is fully supported, but we want to minimize BC impact, we filter
out typical Unix locale names, except for a few cases which have
already been properly supported on Windows. This way code like

setlocale(LC_ALL, 'de_DE.UTF-8', 'de_DE', 'German_Germany.1252');

should work like on older Windows systems.

It should be noted that the locale names causing trouble are not (yet)
documented as valid names anyway, see
<https://docs.microsoft.com/en-us/cpp/c-runtime-library/locale-names-languages-and-country-region-strings?view=vs-2019>.

show more ...

Cheaper checks for exceptions thrown from __toString()

Allow exceptions in __toString()

RFC: https://wiki.php.net/rfc/tostring_exceptions

And convert some object to string conversion related recoverable
fatal errors into Error excep

Allow exceptions in __toString()

RFC: https://wiki.php.net/rfc/tostring_exceptions

And convert some object to string conversion related recoverable
fatal errors into Error exceptions.

Improve exception safety of internal code performing string
conversions.

show more ...

Make chr ZPP failure message consistent with ext/standard

Fix #78003: strip_tags output change since PHP 7.3

A refactoring of the strip tags state machine[1] missed the special
treatment of `depth > 0` when a `>` is encountered in state 2 or 3.

Fix #78003: strip_tags output change since PHP 7.3

A refactoring of the strip tags state machine[1] missed the special
treatment of `depth > 0` when a `>` is encountered in state 2 or 3. We
re-add it for BC reasons.

[1] <http://git.php.net/?p=php-src.git;a=commit;h=5cf64742773ddbf9af69d962a4d12b567fcf0084>

show more ...

[AArch64] use rev64 to reverse strings

The execution time goes from 4.388s down to 0.563s on a Graviton A1
instance for the benchmark:

function reverse_strings() {
$a =

[AArch64] use rev64 to reverse strings

The execution time goes from 4.388s down to 0.563s on a Graviton A1
instance for the benchmark:

function reverse_strings() {
$a = "foo";
for ($i = 0; $i < 100000; $i++) {
strrev($a);
$a .= "o";
}
}

show more ...