#
49864198 |
| 07-Jul-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
[ci skip] NEWS and UPGRADING Closes GH-11577.
|
#
c962a96c |
| 06-Jul-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-10562: Memory leak and invalid state with consecutive ftp_nb_fget When the user does not fully consume the data stream, but instead opens a new one, a memory leak occurs. Moreover
Fix GH-10562: Memory leak and invalid state with consecutive ftp_nb_fget When the user does not fully consume the data stream, but instead opens a new one, a memory leak occurs. Moreover, the state is invalid: when more commands arrive they'll be handled out-of-sync because the state of the client does not match what the server is doing. This leads to all sorts of weirdness, for example: Warning: ftp_nb_fget(): OK. Fix it by gracefully closing the old data stream when a new data stream is started. Closes GH-11606.
show more ...
|
#
18067c8c |
| 07-Jul-2023 |
Tim Düsterhus |
[ci skip] Add missing colons in NEWS
|
#
61251093 |
| 07-Jul-2023 |
Tim Düsterhus |
Deprecate MT_RAND_PHP (#11560) see https://wiki.php.net/rfc/deprecations_php_8_3#mt_rand_php
|
#
824d1f95 |
| 06-Jul-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix replaced error handling in SQLite3Stmt::__construct The error handling is replaced using zend_replace_error_handling(), but when SQLITE3_CHECK_INITIALIZED() returns early, the old er
Fix replaced error handling in SQLite3Stmt::__construct The error handling is replaced using zend_replace_error_handling(), but when SQLITE3_CHECK_INITIALIZED() returns early, the old error handling isn't restored. In the past, SQLITE3_CHECK_INITIALIZED() threw a warning when the check failed. This was replaced a few years ago with an error exception. So we can fix the bug by just removing the replacing error handling as it accomplishes nothing anymore. Closes GH-11607.
show more ...
|
#
11aee735 |
| 06-Jul-2023 |
Ilija Tovilo |
Fix incorrect handling of unwind and graceful exit exceptions These exceptions should not invoke the user error handler, and not cause bailing of the request. Fixes GH-11601
Fix incorrect handling of unwind and graceful exit exceptions These exceptions should not invoke the user error handler, and not cause bailing of the request. Fixes GH-11601 Closes GH-11608
show more ...
|
#
0aaad46c |
| 17-May-2023 |
Michael Orlitzky |
Fix most external GD 2.3.3 compatibility * ext/gd/tests/bug45799.phpt: tweak to work with external gd. The expected output from this test contains an extra newline with gd-2.3.3
Fix most external GD 2.3.3 compatibility * ext/gd/tests/bug45799.phpt: tweak to work with external gd. The expected output from this test contains an extra newline with gd-2.3.3 from the system (Gentoo). Adding a whitespace wildcard takes care of it, and the test still passes with the bundled version of gd. * ext/gd/tests: external gd-2.3.3 compatibility. Support for the legacy "gd" image format was removed from gd-2.3.3 upstream: https://github.com/libgd/libgd/blob/master/CHANGELOG.md#233---2021-09-12 Several tests for the gd extension utilize that format, and naturally fail when gd-2.3.3 from the system is used. This commit skips those tests when the version of gd is at least 2.3.3. * ext/gd/tests/bug73159.phpt: skip with external gd >= 2.3.3 This test uses the imagegd2() function to check that https://github.com/libgd/libgd/issues/289 is fixed. When an external gd without support for the "gd" format is used, no error is thrown, but a nonsense result is printed: this is normal. The corresponding upstream test is disabled in that situation; it's not expected to work. This commit skips the corresponding PHP test under the same circumstances to fix a test failure with external gd >= 2.3.3. * ext/gd/tests/bug73155.phpt: skip with external gd >= 2.3.3 This test uses the imagegd2() function to check that https://github.com/libgd/libgd/issues/309 is fixed. When an external gd without support for the "gd" format is used, no error is thrown, but a nonsense result is printed: this is normal. The corresponding upstream test is disabled in that situation; it's not expected to work. This commit skips the corresponding PHP test under the same circumstances to fix a test failure with external gd >= 2.3.3. * ext/gd/tests/bug73157.phpt: skip with external gd >= 2.3.3 This test ensures that the third (chunk_size) parameter to imagegd2() is respected when a fourth parameter is also given. However, when an external gd without support for the "gd" format is used, the call to imagegd2() does not really work at all. It doesn't fail, but it produces an "image" with a nonsense chunk size. To avoid failures when an external gd >= 2.3.3 is used, we skip the test entirely in that case. * ext/gd/tests/bug77973.phpt: accept lowercase "Invalid" This test fails with an external gd because the test expects "Invalid" where upstream gd says "invalid". This commit tweaks the expected output to accept an arbitrary character in the i/I position. * ext/gd/tests/bug39780_extern.phpt: update for external gd-2.3.3. Since there are no CI runs with external gd, I can only assume that this test has fallen out-of-date due to changes in PHP itself. I've tweaked the expected output (only slightly) so that the test passes with both gd-2.3.2 and gd-2.3.3. * ext/gd/tests/bug66356.phpt: update expected output for external gd. Newer (external) versions of GD start their error messages with lowercase characters, whereas this test is expecting them in uppercase. A single-character wildcard now supports both formats. * ext/gd/tests/imagegd_truecolor.phpt: skip with external gd >= 2.3.3. This test uses the imagegd() function, but the "gd" format has been disabled by default in upstream gd-2.3.3. We still get some kind of image data back from the call to imagegd(), but its "signature", "truecolor", and "size" no longer match the expected values. This commit skips the test when an external gd >= 2.3.3 is used. * ext/gd/tests/createfromwbmp2_extern.phpt: update for external gd-2.3.3. * ext/gd/tests/libgd00086_extern.phpt: update for external gd-2.3.3. Since there are no CI runs with external gd, I can only assume that this test has fallen out-of-date due to changes in PHP itself. I've tweaked the expected output (only slightly) so that the test passes with both gd-2.3.2 and gd-2.3.3. * ext/gd/tests/bug77272.phpt: update expected output for external gd. Newer (external) versions of GD start their error messages with lowercase characters, whereas this test is expecting them in uppercase. A single-character wildcard now supports both formats. * ext/gd/tests/bug77479.phpt: update for newer external gd. This test fails with gd-2.3.3 (at least) due to minor capitalization and whitespace issues. We add some wildcards to account for the difference. Closes GH-11257. Closes GH-11262. Closes GH-11264. Closes GH-11280.
show more ...
|
#
0dadd661 |
| 12-May-2023 |
Eno <895183594@qq.com> |
Improve openssl ext to generate EC keys with custom EC parameters This change extends supported parameter when generating EC keys. Specifically following parameters are now supporte
Improve openssl ext to generate EC keys with custom EC parameters This change extends supported parameter when generating EC keys. Specifically following parameters are now supported: p, a, b, order, generator, seed, cofactory, g_x, g_y, x, y and d. Those parameters can be passed to ec field in openssl_pkey_new options. It also fixes some issues openssl_pkey_get_details related to SM2 support. Closes GH-9991
show more ...
|
#
84a2e480 |
| 03-Jul-2023 |
Ilija Tovilo |
Fix use-of-uninitialized-value with ??= on assert Normally, PHP evaluates all expressions in offsets (property or array), as well as the right hand side of assignments before actually fe
Fix use-of-uninitialized-value with ??= on assert Normally, PHP evaluates all expressions in offsets (property or array), as well as the right hand side of assignments before actually fetching the offsets. This is well explained in this blog post. https://www.npopov.com/2017/04/14/PHP-7-Virtual-machine.html#writes-and-memory-safety For ??= we have a bit of a problem in that the rhs must only be evaluated if the lhs is null or undefined. Thus, we have to first compile the lhs with BP_VAR_IS, conditionally run the rhs and then re-fetch the lhs with BP_VAR_W to to make sure the offsets are valid if they have been invalidated. However, we don't want to just re-evaluate the entire lhs because it may contain side-effects, as in $array[$x++] ??= 42;. In this case, we don't want to re-evaluate $x++ because it would result in writing to a different offset than was previously tested. The same goes for function calls, like $array[foo()] ??= 42;, where the second call to foo() might result in a different value. PHP behaves correctly in these cases. This is implemented by memoizing sub-expressions in the lhs of ??= and reusing them when compiling the lhs for the second time. This is done for any expression that isn't a variable, i.e. anything that can (potentially) be written to. Unfortunately, this also means that function calls are considered writable due to their return-by-reference semantics, and will thus not be memoized. The expression foo()['bar'] ??= 42; will invoke foo() twice. Even worse, foo(bar()) ??= 42; will call both foo() and bar() twice, but foo(bar() + 1) ??= 42; will only call foo() twice. This is likely not by design, and was just overlooked in the implementation. The RFC does not specify how function calls in the lhs of the coalesce assignment behaves. This should probably be improved in the future. Now, the problem this commit actually fixes is that ??= may memoize expressions inside assert() function calls that may not actually execute. This is not only an issue when using the VAR in the second expression (which would usually also be skipped) but also when freeing the VAR. For this reason, it is not safe to memoize assert() sub-expressions. There are two possible solutions: 1. Don't memoize any sub-expressions of assert(), meaning they will execute twice. 2. Throw a compile error. Option 2 is not quite simple, because we can't disallow all memoization inside assert(), as that would break assertions like assert($array[foo()] ??= 'bar');. Code like this is highly unlikely (and dubious) but possible. In this case, we would need to make sure that a memoized value could not be used across the assert boundary it was created in. The complexity for this is not worthwhile. So we opt for option 1 and disable memoization immediately inside assert(). Fixes GH-11580 Closes GH-11581
show more ...
|
#
a5e89c56 |
| 05-Jul-2023 |
Ilija Tovilo |
Fix trailing if element JMP lineno Having this lineno on the same last compiled element can lead to an incorrectly covered line number. if (true) { if (false) {
Fix trailing if element JMP lineno Having this lineno on the same last compiled element can lead to an incorrectly covered line number. if (true) { if (false) { echo 'Never executed'; } } else { } The echo will be reported as covered because the JMP from the if (true) branch to the end of the else branch has the same lineno as the echo. This is lacking a test because zend_dump.c does not have access to ctx->debug_level and I don't think it's worth adjusting all the cases. Closes GH-11598
show more ...
|
#
c7e9d804 |
| 05-Jul-2023 |
Jakub Zelenka |
[skip ci] Change next version in NEWS to 8.3.0beta1
|
#
f16b34f1 |
| 26-Feb-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Implement GH-10024: support linting multiple files at once using php -l This is supported in both the CLI and CGI modes. For CLI this required little changes. For CGI, the trick
Implement GH-10024: support linting multiple files at once using php -l This is supported in both the CLI and CGI modes. For CLI this required little changes. For CGI, the tricky part was that the options parsing happens inside the loop. This means that options passed after the -l flag were previously simply ignored. As we now re-enter the loop we would parse the options again, and if they are handled but don't set the script name, then CGI will think you want to read from standard in. To keep the same "don't parse options" behaviour I simply wrapped the options handling inside an if. Closes GH-10024. Closes GH-10710.
show more ...
|
#
6091603b |
| 05-Jul-2023 |
Jakub Zelenka |
Update NEWS for PHP 8.3.0alpha3
|
#
c585c0c0 |
| 03-Jul-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
[ci skip] NEWS and UPGRADING
|
#
ee42621f |
| 01-Jul-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-11300: license issue: restricted unicode license headers Closes GH-11572.
|
#
4e8b1ddc |
| 01-Jul-2023 |
Anatol Belski |
NEWS: Add note for #11298 [ci skip] Signed-off-by: Anatol Belski <ab@php.net>
|
#
928fc68c |
| 01-Jul-2023 |
Anatol Belski |
NEWS: Add note for #11298 [ci skip] Signed-off-by: Anatol Belski <ab@php.net>
|
#
cad47be8 |
| 30-Jun-2023 |
Bob Weinand |
Fix GH-11548 (Argument corruption when calling XMLReader::open or XMLReader::XML non-statically with observer active)
|
#
49ef6e20 |
| 29-Jun-2023 |
Tim Düsterhus |
RFC: Add #[Override] attribute (#9836) * Add #[Override] attribute * Move #[\Override] tests into Zend/tests/attributes/override/ * Check `check_only` before removing `ZEND
RFC: Add #[Override] attribute (#9836) * Add #[Override] attribute * Move #[\Override] tests into Zend/tests/attributes/override/ * Check `check_only` before removing `ZEND_ACC_OVERRIDE` * NEWS/UPGRADING for #[\Override]
show more ...
|
#
d7d36692 |
| 23-May-2023 |
Ilija Tovilo |
Fix serialization of RC1 objects appearing in object graph twice Previously, if an object had RC1 it would never be recorded in php_serialize_data.ht because it was assumed that it could
Fix serialization of RC1 objects appearing in object graph twice Previously, if an object had RC1 it would never be recorded in php_serialize_data.ht because it was assumed that it could not be encountered again. This assumption is incorrect though as the object itself may be saved inside an array with RCn. This results in a new instance of the object, instead of a second reference to the same object. This is solved by tracking these objects in php_serialize_data.ht. To retain performance, track if the current object resides in a potentially nested RCn array. If not, and if the object is RC1 itself it may be omitted from php_serialize_data.ht. Additionally, we may treat the array root itself as RC1 because it may not appear in the object graph again without recursion. Recursive arrays are still somewhat broken even with this change, as the tracking of the array only happens when the reference is encountered, thus resulting in a -> a' -> a' for a self recursive array a -> a. Recursive arrays have limited support in serialize anyway, so we ignore this case for now. Co-authored-by: Dmitry Stogov <dmitry@zend.com> Co-authored-by: Martin Hoch <martin@littlerobot.de> Closes GH-11349 Closes GH-11305
show more ...
|
#
68ef3938 |
| 21-Jun-2023 |
Ilija Tovilo |
Fix missing "Optional parameter before required" deprecation on union null type The check would only work for the ?type syntax, but not type|null. Switch to a check during type compilat
Fix missing "Optional parameter before required" deprecation on union null type The check would only work for the ?type syntax, but not type|null. Switch to a check during type compilation instead. Fixes GH-11488 Closes GH-11497
show more ...
|
#
dc73b73f |
| 26-Jun-2023 |
Ilija Tovilo |
Fix mis-compilation of by-reference nullsafe operator Fixes oss-fuzz #60011 Closes GH-11540 Co-authored-by: Dmitry Stogov <dmitry@zend.com> Co-authored-by: Niels Dossche <77
Fix mis-compilation of by-reference nullsafe operator Fixes oss-fuzz #60011 Closes GH-11540 Co-authored-by: Dmitry Stogov <dmitry@zend.com> Co-authored-by: Niels Dossche <7771979+nielsdos@users.noreply.github.com>
show more ...
|
#
34832291 |
| 24-Jun-2023 |
SVGAnimate |
Fix GH-11522: PHP version check fails with '-' separator Remove php version suffix from '-' separator. Closes GH-11524.
|
#
ed6df1f0 |
| 25-Jun-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Implement DOMDocument::adoptNode() For the past 20 years this threw a "not yet implemented" exception. But the function was actually there (albeit not documented) and could be called...
Implement DOMDocument::adoptNode() For the past 20 years this threw a "not yet implemented" exception. But the function was actually there (albeit not documented) and could be called... Closes GH-11333.
show more ...
|
#
1d369a87 |
| 28-May-2023 |
Jonas <40121984+JonasQuinten@users.noreply.github.com> |
Fix context option check for "overwrite" in FTP Use zend_is_true() to read value of FTP context option "overwrite". Closes GH-11332.
|