| c69fdef7 | 13-Nov-2024 |
Christoph M. Becker |
Merge branch 'PHP-8.1' into PHP-8.2
* PHP-8.1:
Need to define BREW_OPT
|
| d6249b6e | 13-Nov-2024 |
Christoph M. Becker |
Need to define BREW_OPT
This is only defined as of PHP-8.4; alternatively we could also inline
the `brew --prefix` call, but that makes it harder for upward merges.
Closes GH-16
Need to define BREW_OPT
This is only defined as of PHP-8.4; alternatively we could also inline
the `brew --prefix` call, but that makes it harder for upward merges.
Closes GH-16785.
show more ...
|
| 45487c6e | 13-Nov-2024 |
Christoph M. Becker |
Merge branch 'PHP-8.1' into PHP-8.2
* PHP-8.1:
Patch libcurl.pc for macOS builds
|
| 9196a72e | 13-Nov-2024 |
Christoph M. Becker |
Patch libcurl.pc for macOS builds
cURL 8.11.0 added a couple of packages to `Requires.private`, but these
packages are irrelevant when building against a shared libcurl. For
some re
Patch libcurl.pc for macOS builds
cURL 8.11.0 added a couple of packages to `Requires.private`, but these
packages are irrelevant when building against a shared libcurl. For
some reason, these private requirements are checked when we're doing
`pkg-config --cflags` (that happens with the preinstalled pkg-config
0.29.2, as well as with pkgconf 2.3.0). To avoid further messing with
these packages, we just drop the `Requires.private` line from
libcurl.pc.
See GH-16741 for more details.
Closes GH-16783.
show more ...
|
| 4124b04e | 13-Nov-2024 |
David Carlier |
Fix GH-16771: imagecreatefromstring overflow on invalid format.
close GH-16776 |
| 19809a52 | 13-Nov-2024 |
Dmitry Stogov |
Fix incorrect handling of ZEND_ACC_FINAL flag in JIT (#16778) |
| 02ee521e | 10-Nov-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-16727: Opcache bad signal 139 crash in ZTS bookworm (frankenphp)
Reproducer: https://github.com/php/php-src/issues/16727#issuecomment-2466256317
The root cause is a data race
Fix GH-16727: Opcache bad signal 139 crash in ZTS bookworm (frankenphp)
Reproducer: https://github.com/php/php-src/issues/16727#issuecomment-2466256317
The root cause is a data race between two different threads:
1) We allocate a lower cased name for an anonymous class here:
https://github.com/php/php-src/blob/f97353f228e21dcc2db24d7edf08c1cb3678b0fd/Zend/zend_compile.c#L8109
2) This gets looked up as an interned string here:
https://github.com/php/php-src/blob/f97353f228e21dcc2db24d7edf08c1cb3678b0fd/Zend/zend_compile.c#L8112
Assuming that there are uppercase symbols in the string and therefore
`lcname != name` and that `lcname` is not yet in the interned string table,
the pointer value of `lcname` won't change.
3) Here we add the string into the interned string table:
https://github.com/php/php-src/blob/f97353f228e21dcc2db24d7edf08c1cb3678b0fd/Zend/zend_compile.c#L8223
However, in the meantime another thread could've added the string into the interned string table.
This means that the following code will run, indirectly called via the `LITERAL_STR` macro,
freeing `lcname`: https://github.com/php/php-src/blob/62e53e6f4965f37d379a3fd21f65a4210c5c86b5/ext/opcache/ZendAccelerator.c#L572-L575
4) In the reproducer we then access the freed `lcname` string here:
https://github.com/php/php-src/blob/f97353f228e21dcc2db24d7edf08c1cb3678b0fd/Zend/zend_compile.c#L8229
This is solved in my patch by retrieving the interned string pointer
and putting it in `lcname`.
Closes GH-16748.
show more ...
|
| 1b379f5e | 06-Nov-2024 |
Gina Peter Banyard |
ext/hash: Fix GH-16711: Segfault in mhash()
Closes GH-16713 |
| fc8f30d3 | 06-Nov-2024 |
Gina Peter Banyard |
ext/hash: Add failing tests for GH-16711 |
| d87f3ff6 | 09-Nov-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
[ci skip] Add credit for test |
| 72c02229 | 04-Nov-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-16695: phar:// tar parser and zero-length file header blocks
There are two issues:
1) There's an off-by-one in the check for the minimum file size for a
tar (i.e. `>` inste
Fix GH-16695: phar:// tar parser and zero-length file header blocks
There are two issues:
1) There's an off-by-one in the check for the minimum file size for a
tar (i.e. `>` instead of `>=`).
2) The loop in the tar parsing parses a header, and then unconditionally
reads the next one. However, that doesn't necessarily exist.
Instead, we remove the loop condition and check for the end of the
file before reading the next header. Note that we can't use
php_stream_eof as the flag may not be set yet when we're already at
the end.
Closes GH-16700.
show more ...
|
| c0755463 | 07-Nov-2024 |
Hans Krentel (hakre) |
Fail early in *nix configuration build script
Adding two exit early safeguards in the *nix configuration build script:
1) Given the initial cd into the build tree fails (the project
Fail early in *nix configuration build script
Adding two exit early safeguards in the *nix configuration build script:
1) Given the initial cd into the build tree fails (the project root),
the `buildconf` script exits with non-zero status (failure).
2) Given the grep command does not exist or `configure.ac` AC_INIT [1]
expectations are unmet, the buildconf script exits non-zero.
Additionally quoting the pathname to cd into and the empty CD_PATH
parameter for portability, also for systems that are using a
non-portable pathname [2] for the build tree.
The initial CD safeguard has been applied to the `buildconf` and
four more scripts:
- build/genif.sh
- scripts/dev/credits
- scripts/dev/genfiles
- scripts/dev/makedist
Rationale:
Cd-ing into the project root should always prematurely exit w/ FAILURE
as a required precondition for its invocation has not been met. This
should never go unnoticed as it always requires user intervention.
Similar and more specifically to the PHP build on *nix systems, the
grep command is required early to obtain the `php_extra_version` from
configure.ac. Previously, if the grep command is missing (or failing
due to not matching the line with the AC_INIT macro [1]), the internal
dev parameter would always be zero (0) which can easily result in the
situation that the configure script is not being rebuilt. This is
cumbersome as the rebuild of a configure script is more likely required
with checked-out dev versions under change rather than an already
properly set-up build environment on a dedicated build or release
system. Missing the fact that either the grep utility is missing or
the expectation of having the AC_INIT macro in configure.ac is unmet
should never go unnoticed as it always requires user intervention.
[1]: https://www.gnu.org/software/autoconf/manual/autoconf-2.67/html_node/Initializing-configure.html
[2]: https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html#tag_03_271
Closes GH-16717.
show more ...
|
| 994e866c | 03-Nov-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix memory leak in php_openssl_pkey_from_zval()
Closes GH-16691. |
| 2f4f09f7 | 03-Nov-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix various memory leaks related to openssl exports
Closes GH-16692. |
| ac8d0e57 | 03-Nov-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Prevent unexpected array entry conversion when reading key
When passing an array, the key entry can get converted to a string if it
is an object, but this actually modifies the original
Prevent unexpected array entry conversion when reading key
When passing an array, the key entry can get converted to a string if it
is an object, but this actually modifies the original array entry.
The test originally outputted:
```
array(2) {
[0]=>
string(...) => ...
[1]=>
string(0) ""
}
```
This is unexpected. Use zval_try_get_string() to prevent this behaviour.
Closes GH-16693.
show more ...
|
| 065bde1e | 23-Oct-2024 |
Jakub Zelenka |
Fix GH-16432: PHP-FPM 8.2 SIGSEGV in fpm_get_status |
| 875a9dc4 | 08-Nov-2024 |
David Carlier |
Fix introduced leaks from GH-15715.
Choosing here to shrink the requested allocation to its max value. |
| 03eeec16 | 21-Aug-2024 |
Christoph M. Becker |
Fix rename_variation12*.phpt parallel test conflicts
For rename_variation12.phpt this is actually not necessary, since there
is no rename_variation11.phpt, but we still fix it to be in s
Fix rename_variation12*.phpt parallel test conflicts
For rename_variation12.phpt this is actually not necessary, since there
is no rename_variation11.phpt, but we still fix it to be in sync with
rename_variation12-win32.phpt which actually is prone to parallel
conflicts.
(cherry picked from commit d4263ddc40358f5267d5e621c66f4ed74c70b5b9)
show more ...
|
| e74e66e3 | 16-Sep-2024 |
David Carlier |
Fix oss-fuzz report triggered by GH-15712 commit.
It triggered allocation overflow which, even fixed, in turn gives memory
leak on 32 bits but the allocator relies on signed integers.
Fix oss-fuzz report triggered by GH-15712 commit.
It triggered allocation overflow which, even fixed, in turn gives memory
leak on 32 bits but the allocator relies on signed integers.
close GH-15915
show more ...
|
| d276ea54 | 06-Nov-2024 |
Christoph M. Becker |
Skip tests if ldap_set_rebind_proc() is not available
This is already done by ldap_set_rebind_proc_error.phpt, but not by the
other two affected tests.
Closes GH-16708. |
| fde053bb | 05-Oct-2024 |
David Carlier |
Fix GH-16235 jdtogregorian overflow
close GH-16242 |
| 4d14325b | 05-Nov-2024 |
Saki Takamachi |
Added gc_handler to properly handle circular references. (#16703)
closes #16703
Co-authored-by: Christoph M. Becker <cmbecker69@gmx.de> |
| 3f1ea1b6 | 05-Nov-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix test with shared zend_test (#16705) |
| f5895792 | 05-Nov-2024 |
Pierrick Charron |
PHP-8.2 is now for PHP 8.2.27-dev |
| 5ddb7566 | 03-Nov-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix various memory leaks on error conditions in openssl_x509_parse()
Closes GH-16690. |
