Fixed GH-10218: DateTimeZone fails to parse time zones that contain the "+" character

Fix GH-10251: Assertion `(flag & (1<<3)) == 0' failed.

zend_get_property_guard previously assumed that at least "str" has a
pre-computed hash. This is not always the case, for example wh

Fix GH-10251: Assertion `(flag & (1<<3)) == 0' failed.

zend_get_property_guard previously assumed that at least "str" has a
pre-computed hash. This is not always the case, for example when a
string is created by bitwise operations, its hash is not set. Instead of
forcing a computation of the hashes, drop the hash comparison.

Closes GH-10254

Co-authored-by: Changochen <changochen1@gmail.com>

Signed-off-by: George Peter Banyard <girgias@php.net>

show more ...

Fix GH-9710: phpdbg memory leaks by option "-h"

Closes GH-10237

Signed-off-by: George Peter Banyard <girgias@php.net>

random: Fix check before closing `random_fd` (#10247)

If, for whatever reason, the random_fd has been assigned file descriptor `0` it
previously failed to close during module shutdown, t

random: Fix check before closing `random_fd` (#10247)

If, for whatever reason, the random_fd has been assigned file descriptor `0` it
previously failed to close during module shutdown, thus leaking the descriptor.

show more ...

posix adding posix_pathconf.

to get configuration variables from a directory/file.
Closes GH-10238.

Use different mblen_table for different SJIS variants

Close GH-10217: Use strlen() for determining the class_name length

Closes GH-10231.

Implement mb_detect_encoding using fast text conversion filters

Regarding the optional 3rd `strict` argument to mb_detect_encoding,
the documentation states:

Controls the beha

Implement mb_detect_encoding using fast text conversion filters

Regarding the optional 3rd `strict` argument to mb_detect_encoding,
the documentation states:

Controls the behaviour when string is not valid in any of the listed encodings.
If strict is set to false, the closest matching encoding will be returned;
if strict is set to true, false will be returned.

(Ref: https://www.php.net/manual/en/function.mb-detect-encoding.php)

Because of bugs in the implementation, mb_detect_encoding did not always
behave according to this description when `strict` was false.
For example:

<?php
echo var_export(mb_detect_encoding("\xc0\x00", "UTF-8", false));
// Before this commit, prints: false
// After this commit, prints: 'UTF-8'

Because `strict` is false in the above example, mb_detect_encoding
should return the 'closest matching encoding', which is UTF-8, since
that is the only candidate encoding. (Incidentally, this example shows
that using mb_detect_encoding with a single candidate encoding in
non-strict mode is useless.)

The new implementation fixes this bug. It also fixes another problem
with the old implementation as regards non-strict detection mode:

The old implementation would stop processing of the input string using
a particular candidate encoding as soon as it saw an error in that
encoding, even in non-strict mode. This means that it could not really
detect the 'closest matching encoding'; rather, what it would return
in non-strict mode was 'the encoding in which the first decoding error
is furthest from the beginning of the input string'.

In non-strict mode, the new implementation continues trying to process
the input string to its end even after seeing an error. This makes it
possible to determine in which candidate encoding the string has the
smallest number of errors, i.e. the 'closest matching encoding'.

Rejecting candidate encodings as soon as it saw an error gave the old
implementation a marked performance advantage in non-strict mode;
however, the new implementation still beats it in most cases. Here are
a few sample microbenchmark results:

UTF-8, ~100 codepoints, strict mode
Old: 0.080s (100,000 calls)
New: 0.026s (" " )

UTF-8, ~100 codepoints, non-strict mode
Old: 0.079s (100,000 calls)
New: 0.033s (" " )

UTF-8, ~10000 codepoints, strict mode
Old: 6.708s (60,000 calls)
New: 1.383s (" " )

UTF-8, ~10000 codepoints, non-strict mode
Old: 6.705s (60,000 calls)
New: 3.044s (" " )

Notice that the old implementation had almost identical performance
between strict and non-strict mode, while the new suffers a significant
performance penalty for non-strict detection. This is the cost of
implementing the behavior specified in the documentation.

A couple more sample results:

SJIS, ~10000 codepoints, strict mode
Old: 4.563s
New: 1.084s

SJIS, ~10000 codepoints, non-strict mode
Old: 4.569s
New: 2.863s

This is the only case I found where the new implementation loses:

UTF-16LE, ~10000 codepoints, non-strict mode
Old: 1.514s
New: 2.813s

The reason is because the test strings happened to be invalid right from
the first few bytes for all the candidate encodings except for UTF-16LE;
so the old implementation would immediately reject all those encodings
and only process the entire string in UTF-16LE.

I believe mb_detect_encoding could be made much faster if we identified
good criteria for when to reject candidate encodings before reaching
the end of the input string.

show more ...

Fix GH-10200: zif_get_object_vars: Assertion `!(((__ht)->u.flags & (1<<2)) != 0)' failed.

This occurs because the array of properties is a single element with an
integer key, not an asso

Fix GH-10200: zif_get_object_vars: Assertion `!(((__ht)->u.flags & (1<<2)) != 0)' failed.

This occurs because the array of properties is a single element with an
integer key, not an associative array. Therefore it is a packed array
and thus the assumption the iteration macro makes is invalid.

This restores the behaviour of PHP<8.2.

Closes GH-10209

Co-authored-by: Deltik <deltik@gmx.com>

Signed-off-by: George Peter Banyard <girgias@php.net>

show more ...

Fix GH-10187: Segfault in stripslashes() with arm64

Closes GH-10188

Co-authored-by: todeveni <toni.viemero@iki.fi>
Signed-off-by: George Peter Banyard <girgias@php.net>

Fix memory leak in posix_ttyname()

Closes GH-10190

Improve mb_detect_encoding's recognition of Turkish text

Add 4 codepoints commonly used to write Turkish text to our table
of 'commonly used' Unicode codepoints. These are:

• U+

Improve mb_detect_encoding's recognition of Turkish text

Add 4 codepoints commonly used to write Turkish text to our table
of 'commonly used' Unicode codepoints. These are:

• U+011F LATIN SMALL LETTER G WITH BREVE
• U+0130 LATIN CAPITAL LETTER I WITH DOT ABOVE
• U+0131 LATIN SMALL LETTER DOTLESS I
• U+015F LATIN SMALL LETTER S WITH CEDILLA

show more ...

Fix null pointer dereference of param

When the validation logic for param->type was added, the logic did not
account for the case where param could be NULL. The existing code did
tak

Fix null pointer dereference of param

When the validation logic for param->type was added, the logic did not
account for the case where param could be NULL. The existing code did
take that into account as can be seen in the `if (param)` check below.
Furthermore, phpdbg_set_breakpoint_expression even calls
phpdbg_create_conditional_break with param == NULL.

Fix it by placing the validation logic inside a NULL check.

show more ...

ext/opcache/jit/zend_jit_trace: add missing lock for EXIT_INVALIDATE

Commit 6c254131831 added the flag ZEND_JIT_EXIT_INVALIDATE which
resets the trace handlers in zend_jit_trace_exit(),

ext/opcache/jit/zend_jit_trace: add missing lock for EXIT_INVALIDATE

Commit 6c254131831 added the flag ZEND_JIT_EXIT_INVALIDATE which
resets the trace handlers in zend_jit_trace_exit(), but forgot to
lock the shared memory section.

This could cause another worker process who still saw the
ZEND_JIT_TRACE_JITED flag to schedule ZEND_JIT_TRACE_STOP_LINK, but
when it arrived at the ZEND_JIT_DEBUG_TRACE_STOP, the handler was
already reverted by the first worker process and thus
zend_jit_find_trace() fails.

This in turn generated a bogus jump offset in the JITed code, crashing
the PHP process.

show more ...

ext/opcache/jit: handle zend_jit_find_trace() failures

Commit 6c25413 added the flag ZEND_JIT_EXIT_INVALIDATE which resets
the trace handlers in zend_jit_trace_exit(), but forgot to cons

ext/opcache/jit: handle zend_jit_find_trace() failures

Commit 6c25413 added the flag ZEND_JIT_EXIT_INVALIDATE which resets
the trace handlers in zend_jit_trace_exit(), but forgot to consider
that on ZEND_JIT_TRACE_STOP_LINK, this changed handler gets passed to
zend_jit_find_trace(), causing it to fail, either by returning 0
(results in bogus data) or by aborting due to ZEND_UNREACHABLE(). In
either case, this crashes the PHP process.

I'm not quite sure how to fix this multi-threading problem properly;
my suggestion is to just fail the zend_jit_trace() call. After all,
the whole ZEND_JIT_EXIT_INVALIDATE fix was about reloading modified
scripts, so there's probably no point in this pending zend_jit_trace()
call.

show more ...

Fix bug #68591: Configuration test does not perform UID lookups

Addition check in fpm config test to verify existence of user, group,
listen.owner and listen.group.

Closes GH-10

Fix bug #68591: Configuration test does not perform UID lookups

Addition check in fpm config test to verify existence of user, group,
listen.owner and listen.group.

Closes GH-10165

show more ...

Fix GH-9981: FPM does not reset fastcgi.error_header

Fix undefined behaviour in phpdbg_load_module_or_extension

If zend_register_module_ex were to return NULL, then module_entry will
be set to NULL, and the if's body will load module_entry

Fix undefined behaviour in phpdbg_load_module_or_extension

If zend_register_module_ex were to return NULL, then module_entry will
be set to NULL, and the if's body will load module_entry->name. Since
module_entry is NULL, loading the name would cause a NULL pointer
dereference. However, since a NULL pointer dereference is undefined
behaviour, the compiler is free to remove the check.
Fix it by using *name instead of module_entry->name.

Closes GH-10157

Signed-off-by: George Peter Banyard <girgias@php.net>

show more ...

sockets adding TCP_QUICKACK constant.

having tigher control on ACK delays, difference is the setting
is `volatile` as it can be turned off by the kernel if not set
explicitally set

sockets adding TCP_QUICKACK constant.

having tigher control on ACK delays, difference is the setting
is `volatile` as it can be turned off by the kernel if not set
explicitally set otherwise on the socket.

Closes GH-10145.

show more ...

Initialize ping_auto_globals_mask to prevent undefined behaviour

Closes GH-10121

[ci skip] NEWS

[ci skip] NEWS

Fix bug #77106: Missing separator in FPM FastCGI errors

Fix GH-9891: DateTime modify with unixtimestamp (@) must work like setTimestamp

[ci skip] Remove duplicated NEWS entry