#
432bf196 |
| 27-Sep-2022 |
Christoph M. Becker |
Fix regression introduced by fixing bug 81726 When a tar phar is created, `phar_open_from_fp()` is also called, but since the file has just been created, none of the format checks can
Fix regression introduced by fixing bug 81726 When a tar phar is created, `phar_open_from_fp()` is also called, but since the file has just been created, none of the format checks can succeed, so we continue to loop, but must not check again for the format. Therefore, we bring back the old `test` variable. Closes GH-9620.
show more ...
|
#
404e8bdb |
| 25-Jul-2022 |
Christoph M. Becker |
Fix #81726: phar wrapper: DOS when using quine gzip file The phar wrapper needs to uncompress the file; the uncompressed file might be compressed, so the wrapper implementation loops. Th
Fix #81726: phar wrapper: DOS when using quine gzip file The phar wrapper needs to uncompress the file; the uncompressed file might be compressed, so the wrapper implementation loops. This raises potential DOS issues regarding too deep or even infinite recursion (the latter are called compressed file quines[1]). We avoid that by introducing a recursion limit; we choose the somewhat arbitrary limit `3`. This issue has been reported by real_as3617 and gPayl0ad. [1] <https://honno.dev/gzip-quine/>
show more ...
|
Revision tags: php-8.1.7RC1, php-8.1.4RC1, php-8.1.3, php-8.1.2RC1, php-8.1.0, php-7.3.33, php-7.3.32, php-7.3.31, php-7.3.30 |
|
#
c51af22f |
| 05-Aug-2021 |
Remi Collet |
implement openssl_256 and openssl_512 for phar singatures |
#
bca1ebf5 |
| 20-Jul-2021 |
Nikita Popov |
Merge branch 'PHP-8.0' * PHP-8.0: Create interned strings for internal union types Duplicate possibly persistent string in phar metadata clone
|
#
9726bc69 |
| 20-Jul-2021 |
Nikita Popov |
Duplicate possibly persistent string in phar metadata clone |
#
e7123ef5 |
| 03-Jul-2021 |
Anatol Belski |
phar: crc32: Extend and cleanup API for the new bulk crc32 functions As suggested on the patch discussion, adding init/end macros. Plus, prefixed the new functions with php_ to avoid pos
phar: crc32: Extend and cleanup API for the new bulk crc32 functions As suggested on the patch discussion, adding init/end macros. Plus, prefixed the new functions with php_ to avoid possible symbol conflicts. Signed-off-by: Anatol Belski <ab@php.net>
show more ...
|
Revision tags: php-7.3.29 |
|
#
28a1a6be |
| 19-Jun-2021 |
jianxind |
phar: use crc32 bulk method instead. (#6099) phar: use crc32 bulk method instead. Benefit from the hardware crc32 computing. Signed-off-by: Frank Du <frank.du@intel.com> |
#
01b3fc03 |
| 06-May-2021 |
KsaR |
Update http->https in license (#6945) 1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https. 2. Update few license 3.0 to 3.01 as
Update http->https in license (#6945) 1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https. 2. Update few license 3.0 to 3.01 as 3.0 states "php 5.1.1, 4.1.1, and earlier". 3. In some license comments is "at through the world-wide-web" while most is without "at", so deleted. 4. fixed indentation in some files before |
show more ...
|
Revision tags: php-7.3.28 |
|
#
09efad61 |
| 08-Apr-2021 |
George Peter Banyard |
Use zend_string_equals_(literal_)ci() API more often Also drive-by usage of zend_ini_parse_bool() Closes GH-6844 |
#
c732ab40 |
| 16-Mar-2021 |
Dmitry Stogov |
Change Zend Stream API to use zend_string* instead of char*. This allows to eliminate re-calculation of string lenght and hash value. See the detailed list of changes in UPGRADING.INTERN
Change Zend Stream API to use zend_string* instead of char*. This allows to eliminate re-calculation of string lenght and hash value. See the detailed list of changes in UPGRADING.INTERNALS.
show more ...
|
#
8b21e4e9 |
| 03-Feb-2021 |
Christoph M. Becker |
Merge branch 'PHP-8.0' * PHP-8.0: Fix #53467: Phar cannot compress large archives
|
#
f4332a36 |
| 03-Feb-2021 |
Christoph M. Becker |
Merge branch 'PHP-7.4' into PHP-8.0 * PHP-7.4: Fix #53467: Phar cannot compress large archives
|
Revision tags: php-7.3.27 |
|
#
1bb2a4f9 |
| 26-Jan-2021 |
Christoph M. Becker |
Fix #53467: Phar cannot compress large archives When Phars are flushed, a new temporary file is created for each entry which should be compressed, and the `compressed_filesize` is retrie
Fix #53467: Phar cannot compress large archives When Phars are flushed, a new temporary file is created for each entry which should be compressed, and the `compressed_filesize` is retrieved. Afterwards, the Phar manifest is written, and only after that the files are copied to the actual Phar. So for each such entry there is an open temp file, what easily exceeds the limit. Therefore, we use a single temporary file for all entries, and store the start offset in the otherwise unused `header_offset` member. We ensure that the `cfp` members are properly set to NULL even if flushing fails, to avoid use after free scenarios. This solution is based on a suggestion by @lserni[1]. Closes GH-6643. [1] <https://github.com/box-project/box2/issues/80#issuecomment-77147371>
show more ...
|
#
5a0e4067 |
| 25-Jan-2021 |
Christoph M. Becker |
Merge branch 'PHP-8.0' * PHP-8.0: Fix #75850: Unclear error message wrt. __halt_compiler() w/o semicolon
|
#
2e580da2 |
| 25-Jan-2021 |
Christoph M. Becker |
Merge branch 'PHP-7.4' into PHP-8.0 * PHP-7.4: Fix #75850: Unclear error message wrt. __halt_compiler() w/o semicolon
|
#
61ed904c |
| 25-Jan-2021 |
Christoph M. Becker |
Fix #75850: Unclear error message wrt. __halt_compiler() w/o semicolon We add the failure reason to the error message. Closes GH-6638. |
#
3e01f5af |
| 15-Jan-2021 |
Nikita Popov |
Replace zend_bool uses with bool We're starting to see a mix between uses of zend_bool and bool. Replace all usages with the standard bool type everywhere. Of course, zend_bool
Replace zend_bool uses with bool We're starting to see a mix between uses of zend_bool and bool. Replace all usages with the standard bool type everywhere. Of course, zend_bool is retained as an alias.
show more ...
|
Revision tags: php-7.3.26, php-7.3.26RC1 |
|
#
26fc4bea |
| 03-Dec-2020 |
Nikita Popov |
Remove some INDIRECT handling in standard library |
Revision tags: php-7.3.25, php-7.3.25RC1, php-7.3.24, php-7.3.24RC1, php-7.3.23, php-7.3.23RC1, php-7.3.22, php-7.3.22RC1, php-7.3.21, php-7.3.21RC1 |
|
#
0c238ede |
| 07-Jul-2020 |
Tyson Andre |
[RFC] Only unserialize Phar metadata when getMetadata() is called In other words, don't automatically unserialize when the magic phar:// stream wrappers are used. RFC: https://wiki.p
[RFC] Only unserialize Phar metadata when getMetadata() is called In other words, don't automatically unserialize when the magic phar:// stream wrappers are used. RFC: https://wiki.php.net/rfc/phar_stop_autoloading_metadata Also, change the signature from `getMetadata()` to `getMetadata(array $unserialize_options = [])`. Start throwing earlier if setMetadata() is called and serialization threw. See https://externals.io/message/110856 and https://bugs.php.net/bug.php?id=76774 This was refactored to add a phar_metadata_tracker for the following reasons: - The way to properly copy a zval was previously implicit and undocumented (e.g. is it a pointer to a raw string or an actual value) - Avoid unnecessary serialization and unserialization in the most common case - If a metadata value is serialized once while saving a new/modified phar file, this allows reusing the same serialized string. - Have as few ways to copy/clone/lazily parse metadata (etc.) as possible, so that code changes can be limited to only a few places in the future. - Performance is hopefully not a concern - copying a string should be faster than unserializing a value, and metadata should be rare in most cases. Remove unnecessary skip in a test(Compression's unused) Add additional assertions about usage of persistent phars Improve robustness of `Phar*->setMetadata()` - Add sanity checks for edge cases freeing metadata, when destructors or serializers modify the phar recursively. - Typical use cases of php have phar.readonly=1 and would not be affected. Closes GH-5855
show more ...
|
#
ec22e5aa |
| 01-Aug-2020 |
Máté Kocsis |
Get rid of empty function entries Closes GH-5917 |
Revision tags: php-7.3.20 |
|
#
2b5de6f8 |
| 01-Jul-2020 |
Max Semenik |
Remove proto comments from C files Closes GH-5758 |
Revision tags: php-7.3.20RC1, php-7.3.19, php-7.4.7RC1, php-7.3.19RC1, php-7.3.18RC1, php-7.2.30, php-7.3.17, php-7.3.17RC1, php-7.3.18, php-7.3.16, php-7.3.16RC1, php-7.3.15RC1, php-7.3.15, php-7.3.14, php-7.3.14RC1, php-7.3.13 |
|
#
92c23e1f |
| 09-Dec-2019 |
Dmitry Stogov |
Call zend_unregister_ini_entries() when unload extension loaded through dl() without MSHUTDOWN callback. Extensions with MSHUTDOWN should use UNREGISTER_INI_ENTRIES(). |
Revision tags: php-7.3.13RC1, php-7.2.26RC1, php-7.4.0, php-7.2.25, php-7.3.12, php-7.4.0RC6, php-7.3.12RC1, php-7.2.25RC1, php-7.4.0RC5, php-7.1.33, php-7.2.24, php-7.3.11, php-7.4.0RC4 |
|
#
e4aac082 |
| 10-Oct-2019 |
Nikita Popov |
Merge branch 'PHP-7.3' into PHP-7.4
|
#
74ac3dd6 |
| 10-Oct-2019 |
Nikita Popov |
Merge branch 'PHP-7.2' into PHP-7.3
|
#
46561dab |
| 10-Oct-2019 |
Nikita Popov |
Fix leak in phar open |