#
f203edd3 |
| 30-Nov-2023 |
Ilija Tovilo |
Fix leak of call->extra_named_params on internal __call Fixes GH-12835 Closes GH-12836
|
#
8d2df86b |
| 24-Nov-2023 |
Florian Engelhardt |
Fix invalid opline in OOM handlers within ZEND_FUNC_GET_ARGS and ZEND_BIND_STATIC (#12768) * fix segfault in `ZEND_BIND_STATIC` In case a `ZEND_BIND_STATIC` is being executed, while
Fix invalid opline in OOM handlers within ZEND_FUNC_GET_ARGS and ZEND_BIND_STATIC (#12768) * fix segfault in `ZEND_BIND_STATIC` In case a `ZEND_BIND_STATIC` is being executed, while the current chunk is full, the `zend_array_dup()` call will trigger a OOM in ZendMM which will crash, as the opline might be a dangling pointer. * add missing test * `assert()`ing seems easier than trying to make the compiler to not optimize * moved from function call to INI setting, so we can use this in other places as well * make `assert()` work no NDEBUG builds * document magic number * fix segfault in `ZEND_FUNC_GET_ARGS` In case a `ZEND_FUNC_GET_ARGS` is being executed, while the current chunk is full, the `zend_new_array()` call will trigger a OOM in ZendMM which will crash, as the opline might be a dangling pointer. --------- Co-authored-by: Florian Engelhardt <florian@engelhardt.tc>
show more ...
|
#
ea52706a |
| 20-Nov-2023 |
Ilija Tovilo |
Fix use-after-free of name in var-var with malicious error handler Fixes oss-fuzz #54325 Closes GH-12732
|
#
cb1e8429 |
| 06-Nov-2023 |
Ilija Tovilo |
Fix inference of COPY_TMP Since GH-11592 COPY_TMP may receive and thus define references. Unfortunately, the name COPY_TMP is no longer accurate. Closes GH-12619
|
#
ddabe89a |
| 02-Nov-2023 |
Ilija Tovilo |
Fix OP1 leak in error path of post inc/dec Fixes oss-fuzz #63802 Closes GH-12599
|
#
f1f608bf |
| 05-Sep-2023 |
Dmitry Stogov |
Fixed uninitialized EX(opline) access (possible Zend/tests/gh12073.phpt crash)
|
#
73c5f36f |
| 03-Aug-2023 |
Ilija Tovilo |
Assert ptr_ptr value of TMP|CONST isn't used (#11865) We require valid code for compilation to succeed, but these paths should always be guarded by OPx_TYPE checks and never execute. Add
Assert ptr_ptr value of TMP|CONST isn't used (#11865) We require valid code for compilation to succeed, but these paths should always be guarded by OPx_TYPE checks and never execute. Add an assertion to verify.
show more ...
|
#
120ae171 |
| 03-Aug-2023 |
Ilija Tovilo |
Add typed specialization for ZEND_COUNT (#11825)
|
#
fc3df283 |
| 02-Aug-2023 |
George Peter Banyard |
Zend: Fix memory leak in ++/-- when overloading fetch access Closes GH-11859
|
#
2fbec097 |
| 24-Jul-2023 |
George Peter Banyard |
Fix OSS Fuzz #60734: use-after-free visible in ASAN build
|
#
11262320 |
| 09-Jul-2023 |
Máté Kocsis |
Deprecate calling get_class() and get_parent_class() without arguments
|
#
1a0ef2c1 |
| 06-Jul-2023 |
Ilija Tovilo |
Revert "Remove name field from the zend_constant struct (#10954)" This reverts commit f42992f580343931434dff2e4b2042ff945b48a1. Closes GH-11604
|
#
d8696f92 |
| 17-Jul-2023 |
George Peter Banyard |
[RFC] Path to Saner Increment/Decrement operators (#10358) * Add behavioural tests for incdec operators * Add support to ++/-- for objects castable to _IS_NUMBER * Add str_
[RFC] Path to Saner Increment/Decrement operators (#10358) * Add behavioural tests for incdec operators * Add support to ++/-- for objects castable to _IS_NUMBER * Add str_increment() function * Add str_decrement() function RFC: https://wiki.php.net/rfc/saner-inc-dec-operators Co-authored-by: Ilija Tovilo <ilija.tovilo@me.com> Co-authored-by: Arnaud Le Blanc <arnaud.lb@gmail.com>
show more ...
|
#
3e2dbbf9 |
| 07-Jul-2023 |
George Peter Banyard |
Add support for deprecating class constants
|
#
ad1b70d6 |
| 04-Jul-2023 |
Ilija Tovilo |
Revert "Revert "Remove name field from the zend_constant struct (#10954)"" This reverts commit 9f4bd3040d2809f209d73f696b21302f311665b7.
|
#
9f4bd304 |
| 03-Jul-2023 |
Máté Kocsis |
Revert "Remove name field from the zend_constant struct (#10954)" This reverts commit f42992f580343931434dff2e4b2042ff945b48a1. Fix GH-11423
|
#
06d68738 |
| 08-Jun-2023 |
Dmitry Stogov |
Keep consistent EG(current_execute_data) after return from generator (#11380)
|
#
99fa740a |
| 06-Jun-2023 |
George Peter Banyard |
Use common function for TypeError on illegal offset access (#10544) This merges all usages of emitting an offset TypeError into a new ZEND_API function zend_illegal_container_offset(cons
Use common function for TypeError on illegal offset access (#10544) This merges all usages of emitting an offset TypeError into a new ZEND_API function zend_illegal_container_offset(const zend_string* container, const zval *offset, int type); Where the container should represent the type on which the access is attempted (e.g. string, array) The offset zval that is used, where the error message will display its type The type of access, which should be a BP_VAR_* constant, to get special message for isset/empty/unset
show more ...
|
Revision tags: php-8.2.0RC1, php-8.1.10, php-8.0.23, php-8.0.23RC1, php-8.1.10RC1, php-8.2.0beta3 |
|
#
0b1d750d |
| 11-Aug-2022 |
Ilija Tovilo |
Allow arbitrary expressions in static variable initializer Closes GH-9301
|
#
414f71a9 |
| 16-Apr-2023 |
Máté Kocsis |
Typed class constants (#10444) RFC: https://wiki.php.net/rfc/typed_class_constants Co-Authored-By: Ben <7127204+moliata@users.noreply.github.com> Co-Authored-By: Bob Weinand <31
Typed class constants (#10444) RFC: https://wiki.php.net/rfc/typed_class_constants Co-Authored-By: Ben <7127204+moliata@users.noreply.github.com> Co-Authored-By: Bob Weinand <3154871+bwoebi@users.noreply.github.com> Co-Authored-By: Ilija Tovilo <ilija.tovilo@me.com>
show more ...
|
#
0c65b396 |
| 10-Apr-2023 |
Dmitry Stogov |
Allow FETCH_OBJ_W and FETCH_STATIC_PROP_W to return INDIRECT/UNDEF zval for uninitialized typed properties (#11048)
|
#
ede8adb2 |
| 06-Apr-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-11016: Heap buffer overflow in ZEND_ADD_ARRAY_UNPACK_SPEC_HANDLER (#11021) Not enough space was reserved for the packed resulting array because of some confusion in the meaning of
Fix GH-11016: Heap buffer overflow in ZEND_ADD_ARRAY_UNPACK_SPEC_HANDLER (#11021) Not enough space was reserved for the packed resulting array because of some confusion in the meaning of nr of used slots vs nr of elements. Co-authored-by: Ilija Tovilo <ilija.tovilo@me.com>
show more ...
|
#
fdbea4f3 |
| 03-Mar-2023 |
Ilija Tovilo |
Add GC_DTOR/GC_DTOR_NO_REF macros
|
#
24acb4f1 |
| 02-Mar-2023 |
Dmitry Stogov |
Delay destructor for zend_std_write_property
|
#
915b2837 |
| 16-Feb-2023 |
Dmitry Stogov |
Delay freeing of overwritten values in assignments Fixes GH-10168
|