#
432bf196 |
| 27-Sep-2022 |
Christoph M. Becker |
Fix regression introduced by fixing bug 81726 When a tar phar is created, `phar_open_from_fp()` is also called, but since the file has just been created, none of the format checks can
Fix regression introduced by fixing bug 81726 When a tar phar is created, `phar_open_from_fp()` is also called, but since the file has just been created, none of the format checks can succeed, so we continue to loop, but must not check again for the format. Therefore, we bring back the old `test` variable. Closes GH-9620.
show more ...
|
#
404e8bdb |
| 25-Jul-2022 |
Christoph M. Becker |
Fix #81726: phar wrapper: DOS when using quine gzip file The phar wrapper needs to uncompress the file; the uncompressed file might be compressed, so the wrapper implementation loops. Th
Fix #81726: phar wrapper: DOS when using quine gzip file The phar wrapper needs to uncompress the file; the uncompressed file might be compressed, so the wrapper implementation loops. This raises potential DOS issues regarding too deep or even infinite recursion (the latter are called compressed file quines[1]). We avoid that by introducing a recursion limit; we choose the somewhat arbitrary limit `3`. This issue has been reported by real_as3617 and gPayl0ad. [1] <https://honno.dev/gzip-quine/>
show more ...
|
#
9726bc69 |
| 20-Jul-2021 |
Nikita Popov |
Duplicate possibly persistent string in phar metadata clone
|
#
1bb2a4f9 |
| 26-Jan-2021 |
Christoph M. Becker |
Fix #53467: Phar cannot compress large archives When Phars are flushed, a new temporary file is created for each entry which should be compressed, and the `compressed_filesize` is retrie
Fix #53467: Phar cannot compress large archives When Phars are flushed, a new temporary file is created for each entry which should be compressed, and the `compressed_filesize` is retrieved. Afterwards, the Phar manifest is written, and only after that the files are copied to the actual Phar. So for each such entry there is an open temp file, what easily exceeds the limit. Therefore, we use a single temporary file for all entries, and store the start offset in the otherwise unused `header_offset` member. We ensure that the `cfp` members are properly set to NULL even if flushing fails, to avoid use after free scenarios. This solution is based on a suggestion by @lserni[1]. Closes GH-6643. [1] <https://github.com/box-project/box2/issues/80#issuecomment-77147371>
show more ...
|
#
61ed904c |
| 25-Jan-2021 |
Christoph M. Becker |
Fix #75850: Unclear error message wrt. __halt_compiler() w/o semicolon We add the failure reason to the error message. Closes GH-6638.
|
Revision tags: php-8.0.0, php-7.3.25, php-7.4.13, php-8.0.0RC5, php-7.4.13RC1, php-8.0.0RC4, php-7.3.25RC1, php-7.4.12, php-8.0.0RC3, php-7.3.24, php-8.0.0RC2, php-7.4.12RC1, php-7.3.24RC1, php-7.2.34, php-8.0.0rc1, php-7.4.11, php-7.3.23, php-8.0.0beta4, php-7.4.11RC1, php-7.3.23RC1, php-8.0.0beta3, php-7.4.10, php-7.3.22, php-8.0.0beta2, php-7.3.22RC1, php-7.4.10RC1, php-8.0.0beta1, php-7.4.9, php-7.2.33, php-7.3.21, php-8.0.0alpha3, php-7.4.9RC1, php-7.3.21RC1, php-7.4.8 |
|
#
0c238ede |
| 07-Jul-2020 |
Tyson Andre |
[RFC] Only unserialize Phar metadata when getMetadata() is called In other words, don't automatically unserialize when the magic phar:// stream wrappers are used. RFC: https://wiki.p
[RFC] Only unserialize Phar metadata when getMetadata() is called In other words, don't automatically unserialize when the magic phar:// stream wrappers are used. RFC: https://wiki.php.net/rfc/phar_stop_autoloading_metadata Also, change the signature from `getMetadata()` to `getMetadata(array $unserialize_options = [])`. Start throwing earlier if setMetadata() is called and serialization threw. See https://externals.io/message/110856 and https://bugs.php.net/bug.php?id=76774 This was refactored to add a phar_metadata_tracker for the following reasons: - The way to properly copy a zval was previously implicit and undocumented (e.g. is it a pointer to a raw string or an actual value) - Avoid unnecessary serialization and unserialization in the most common case - If a metadata value is serialized once while saving a new/modified phar file, this allows reusing the same serialized string. - Have as few ways to copy/clone/lazily parse metadata (etc.) as possible, so that code changes can be limited to only a few places in the future. - Performance is hopefully not a concern - copying a string should be faster than unserializing a value, and metadata should be rare in most cases. Remove unnecessary skip in a test(Compression's unused) Add additional assertions about usage of persistent phars Improve robustness of `Phar*->setMetadata()` - Add sanity checks for edge cases freeing metadata, when destructors or serializers modify the phar recursively. - Typical use cases of php have phar.readonly=1 and would not be affected. Closes GH-5855
show more ...
|
#
ec22e5aa |
| 01-Aug-2020 |
Máté Kocsis |
Get rid of empty function entries Closes GH-5917
|
Revision tags: php-7.2.32, php-8.0.0alpha2, php-7.3.20 |
|
#
2b5de6f8 |
| 01-Jul-2020 |
Max Semenik |
Remove proto comments from C files Closes GH-5758
|
Revision tags: php-8.0.0alpha1, php-7.4.8RC1, php-7.3.20RC1, php-7.4.7, php-7.3.19, php-7.4.7RC1, php-7.3.19RC1, php-7.4.6, php-7.2.31, php-7.4.6RC1, php-7.3.18RC1, php-7.2.30, php-7.4.5, php-7.3.17, php-7.4.5RC1, php-7.3.17RC1, php-7.3.18, php-7.4.4, php-7.2.29, php-7.3.16, php-7.4.4RC1, php-7.3.16RC1, php-7.4.3, php-7.2.28, php-7.3.15RC1, php-7.4.3RC1, php-7.3.15, php-7.2.27, php-7.4.2, php-7.3.14, php-7.3.14RC1, php-7.4.2RC1, php-7.4.1, php-7.2.26, php-7.3.13, php-7.4.1RC1 |
|
#
92c23e1f |
| 09-Dec-2019 |
Dmitry Stogov |
Call zend_unregister_ini_entries() when unload extension loaded through dl() without MSHUTDOWN callback. Extensions with MSHUTDOWN should use UNREGISTER_INI_ENTRIES().
|
Revision tags: php-7.3.13RC1, php-7.2.26RC1, php-7.4.0, php-7.2.25, php-7.3.12, php-7.4.0RC6, php-7.3.12RC1, php-7.2.25RC1, php-7.4.0RC5, php-7.1.33, php-7.2.24, php-7.3.11, php-7.4.0RC4 |
|
#
46561dab |
| 10-Oct-2019 |
Nikita Popov |
Fix leak in phar open
|
Revision tags: php-7.3.11RC1, php-7.2.24RC1, php-7.4.0RC3, php-7.2.23, php-7.3.10, php-7.4.0RC2, php-7.2.23RC1, php-7.3.10RC1, php-7.4.0RC1, php-7.1.32, php-7.2.22, php-7.3.9, php-7.4.0beta4, php-7.2.22RC1, php-7.3.9RC1, php-7.4.0beta2, php-7.1.31, php-7.2.21, php-7.3.8, php-7.4.0beta1 |
|
#
d9680272 |
| 24-Jul-2019 |
Nikita Popov |
Revert "Drop free_filename field from zend_file_handle" This reverts commit e0eca262852dba1a78afcde64a49126c81fead1a. free_filename is used by the wincache extension, restore this
Revert "Drop free_filename field from zend_file_handle" This reverts commit e0eca262852dba1a78afcde64a49126c81fead1a. free_filename is used by the wincache extension, restore this field for PHP 7.4.
show more ...
|
#
5664035f |
| 22-Jul-2019 |
Nikita Popov |
Also report errors from Zend stream reader operation
|
#
856c5d28 |
| 17-Jul-2019 |
Nikita Popov |
Revert "Avoid unused fstat() call" This reverts commit 5a90dc77b8f244f603082aea022fadc0ce2c009c. Let's try to go with the reverse direction here and actually trust the reported
Revert "Avoid unused fstat() call" This reverts commit 5a90dc77b8f244f603082aea022fadc0ce2c009c. Let's try to go with the reverse direction here and actually trust the reported size...
show more ...
|
#
5a90dc77 |
| 17-Jul-2019 |
Nikita Popov |
Avoid unused fstat() call If we're including a file via PHP streams, we're not going to trust the reported file size anyway and populate in a loop -- so don't bother determining the
Avoid unused fstat() call If we're including a file via PHP streams, we're not going to trust the reported file size anyway and populate in a loop -- so don't bother determining the file size in the first place. Only do this for non-tty HANDLE_FP now, which is the only case where this information was used.
show more ...
|
#
b317f0eb |
| 16-Jul-2019 |
Nikita Popov |
Remove ZEND_HANDLE_MAPPED The buf/len members are now simply used in addition to the main stream, without changing the handle kind.
|
#
e0eca262 |
| 16-Jul-2019 |
Nikita Popov |
Drop free_filename field from zend_file_handle free_filename was always zero.
|
#
290e520c |
| 16-Jul-2019 |
Nikita Popov |
Use ZEND_HASH_FOREACH APIs in a few more places
|
Revision tags: php-7.2.21RC1, php-7.3.8RC1, php-7.4.0alpha3, php-7.3.7, php-7.2.20 |
|
#
033cafac |
| 26-Jun-2019 |
Peter Kokot |
Sync HAVE_HASH, HAVE_HASH_EXT, PHAR_HASH_OK symbols The hash extension is always available since PHP-7.4. The symbol HAVE_HASH_EXT is kept for BC reasons and removed in PHP-8.0.
Sync HAVE_HASH, HAVE_HASH_EXT, PHAR_HASH_OK symbols The hash extension is always available since PHP-7.4. The symbol HAVE_HASH_EXT is kept for BC reasons and removed in PHP-8.0. This patch also removes the PHAR_HASH_OK since it is no longer relevant.
show more ...
|
Revision tags: php-7.4.0alpha2 |
|
#
c7962207 |
| 24-Jun-2019 |
Nikita Popov |
Fix stream leak in phar cache_list
|
#
43dd1ac5 |
| 24-Jun-2019 |
Nikita Popov |
Avoid confusing gotos in phar_split_cache_list
|
Revision tags: php-7.3.7RC3, php-7.3.7RC2, php-7.2.20RC2, php-7.4.0alpha1, php-7.3.7RC1, php-7.2.20RC1, php-7.2.19, php-7.3.6, php-7.1.30, php-7.2.19RC1, php-7.3.6RC1, php-7.1.29, php-7.2.18, php-7.3.5 |
|
#
be74a004 |
| 26-Apr-2019 |
Christoph M. Becker |
Fix VirtualProtect() related Phar issues We must not (try to) modify shared values, but rather have to use our own copies, if unixified filenames are required on Windows. To avoid e
Fix VirtualProtect() related Phar issues We must not (try to) modify shared values, but rather have to use our own copies, if unixified filenames are required on Windows. To avoid excessive string duplication, we add checks whether the filenames are already unixified (i.e. do not contain backslashes). To improve the performance if we need to copy strings, we use do_alloca() and friends. Besides generally being somewhat messy, the handling of unixified filenames is still suboptimal performance-wise, but we leave this for a future cleanup, and focus on fixing the issue at hand for now. We also enable opcache.protect_memory for the AppVeyor CI.
show more ...
|
Revision tags: php-7.2.18RC1, php-7.3.5RC1, php-7.2.17, php-7.3.4, php-7.1.28 |
|
#
e632537c |
| 20-Mar-2019 |
Kalle Sommer Nielsen |
Remove usage of HAVE_HASH_EXT and COMPILE_DL_HASH as ext/hash is always available (master only)
|
Revision tags: php-7.3.4RC1, php-7.2.17RC1, php-7.1.27, php-7.3.3, php-7.2.16 |
|
#
ad4f312d |
| 04-Mar-2019 |
Stanislav Malyshev |
Fix bug #77396 - Null Pointer Dereference in phar_create_or_parse_filename
|
#
7f0ab7c2 |
| 04-Mar-2019 |
Stanislav Malyshev |
Fix bug #77396 - Null Pointer Dereference in phar_create_or_parse_filename
|
Revision tags: php-7.3.3RC1, php-7.2.16RC1, php-7.2.15, php-7.3.2 |
|
#
c245898b |
| 03-Feb-2019 |
Peter Kokot |
Update and fix remaining year ranges (2019) This patch follows previous license year ranges updates. With new approach source code files now have simplified headers with license info
Update and fix remaining year ranges (2019) This patch follows previous license year ranges updates. With new approach source code files now have simplified headers with license information without year ranges.
show more ...
|