#
eb8c3cb7 |
| 08-Jul-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-14741: Segmentation fault in Zend/zend_types.h The create_obj handler of InternalIterator is overwritten, but not the clone_obj handler. This is not allowed. In PHP 8.2 this d
Fix GH-14741: Segmentation fault in Zend/zend_types.h The create_obj handler of InternalIterator is overwritten, but not the clone_obj handler. This is not allowed. In PHP 8.2 this didn't cause a segfault because the standard object handler was used for the clone instead of the internal handler. So then it allocates and frees the object using the standard object handlers. In 8.3 however, the object is created using the standard object handler and freed using the custom handler, resulting in the buffer overflow. Even though bisect points to 1e1ea4f this only reveals the bug. Closes GH-14882.
show more ...
|
#
23a55bab |
| 18-Jun-2024 |
David Carlier |
ext/gd: checking imagescale/imagefilter invalid values. close GH-14598
|
#
c34def58 |
| 07-Jul-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix memory leak in tidy_repair_file() When dealing with a file, we must free the contents if the function fails. While here, also fix the error message because previously it sounded
Fix memory leak in tidy_repair_file() When dealing with a file, we must free the contents if the function fails. While here, also fix the error message because previously it sounded like the filename was too long while in fact the file itself is too large. Closes GH-14862.
show more ...
|
#
b44ad27a |
| 06-Jul-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-14550: No warning message when Zend DTrace is enabled that opcache.jit is implictly disabled Closes GH-14847.
|
#
c2fd071d |
| 20-Jun-2024 |
Vladimir Vrzić |
ext/pcntl: Added new function pcntl_waitid to obtain status information pertaining termination, stop, and/or continue events in one the caller's child processes. close GH-14617
|
#
0d4e0c01 |
| 06-Jul-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-14639: Member access within null pointer in ext/spl/spl_observer.c `spl_object_storage_attach_handle` creates an entry already, but only fills it in at the end with `spl_object_st
Fix GH-14639: Member access within null pointer in ext/spl/spl_observer.c `spl_object_storage_attach_handle` creates an entry already, but only fills it in at the end with `spl_object_storage_create_element` which allocates memory. In this case the allocation fails and we're left with a NULL slot. Doing the allocation first isn't an option because we want to check whether the slot is occupied before allocating memory. The simplest solution is to set the entry to NULL and check for a NULL pointer upon destruction. Closes GH-14849.
show more ...
|
#
23751876 |
| 03-Jul-2024 |
David Carlier |
Fix GH-14774 time_sleep_until overflow.
|
#
b41e90c6 |
| 06-Jul-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix bug #81481 (xml_get_current_byte_index limited to 32-bit numbers on 64-bit builds) (#14845) The return value is long in both expat and expat2 (with XML_LARGE_SIZE not set).
|
#
ec19abf1 |
| 06-Jul-2024 |
Arnaud Le Blanc |
[ci skip] NEWS for GH-14801
|
#
f0441e05 |
| 06-Jul-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Add LIBXML_NO_XXE constant (#14844) This constant is available as of libxml2 2.13, and is used together with LIBXML_NOENT to allow entity subsitution but disallow external entities.
|
#
67259e45 |
| 05-Jul-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-14834: Error installing PHP when --with-pear is used libxml2 2.13 makes changes to how the parsing state is set, update our code accordingly. In particular, it started reporting e
Fix GH-14834: Error installing PHP when --with-pear is used libxml2 2.13 makes changes to how the parsing state is set, update our code accordingly. In particular, it started reporting entities within attributes, while it should only report entities inside text nodes. Closes GH-14837.
show more ...
|
#
a66afbbe |
| 06-Jul-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
NEWS for compatibility in XML Closes GH-14836.
|
#
95889979 |
| 04-Jul-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-14553: Bug in phpdbg8.3 (also 8.1 and 8.2) echo output - trimmed at NULL byte (?) This broke in 6318040df2b6c6f4824b99fd27369179d29ee93b when phpdbg stopped using its custom print
Fix GH-14553: Bug in phpdbg8.3 (also 8.1 and 8.2) echo output - trimmed at NULL byte (?) This broke in 6318040df2b6c6f4824b99fd27369179d29ee93b when phpdbg stopped using its custom printing routines. By relying on standard printing routines, the embedded NUL bytes are causing the strings to be cut off, even when using %.*s. Solve this by going straight to the output routine, which is what the printf routine would've done anyway. Closes GH-14822.
show more ...
|
#
1006e102 |
| 04-Jul-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
NEWS for GH-14814 Closes GH-14814.
|
#
89c3e034 |
| 04-Jul-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-14808: Unexpected null pointer in Zend/zend_string.h with empty output buffer The output buffer can be NULL when the number of bytes is zero. Closes GH-14815.
|
#
a5a63f29 |
| 04-Jul-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
[ci skip] NEWS
|
#
ad7d1a7b |
| 04-Jul-2024 |
Peter Kokot |
Fix GH-14792: Compilation failure on pdo_* extensions (#14797) When building pdo_mysql, pdo_pgsql, or pdo_sqlite with phpize from the downloaded PHP 8.4 archive, also pdo_sql_parser.h an
Fix GH-14792: Compilation failure on pdo_* extensions (#14797) When building pdo_mysql, pdo_pgsql, or pdo_sqlite with phpize from the downloaded PHP 8.4 archive, also pdo_sql_parser.h and php_pdo_int.h need to be installed.
show more ...
|
#
15bea9ed |
| 03-Jul-2024 |
David Carlier |
Fix GH-14775: range overflow on negative step. overflow occurs since we only deal with positive steps. close GH-14778
|
#
b229f189 |
| 02-Jul-2024 |
Eric Mann |
Update NEWS for PHP 8.4.0alpha1
|
#
c08fe2df |
| 02-Jul-2024 |
Arnaud Le Blanc |
[ci skip] NEWS/UPGRADING for GH-13460
|
#
72c87469 |
| 02-Jul-2024 |
Benjamin Eberlei |
RFC: Add `#[\Deprecated]` Attribute (#11293) see https://wiki.php.net/rfc/deprecated_attribute Co-authored-by: Tim Düsterhus <tim@tideways-gmbh.com> Co-authored-by: Ilija Tovilo
RFC: Add `#[\Deprecated]` Attribute (#11293) see https://wiki.php.net/rfc/deprecated_attribute Co-authored-by: Tim Düsterhus <tim@tideways-gmbh.com> Co-authored-by: Ilija Tovilo <ilija.tovilo@me.com>
show more ...
|
#
2edf12e8 |
| 23-Jun-2024 |
David Carlier |
Fix GH-14638: null dereference after XML parsing failure. object document is null if the parsing had failed prior to cast to string.
|
#
1bcb57dc |
| 19-Jun-2024 |
David Carlier |
ext/sockets: socket_accept setting fcntl's FD_CLOEXEC on unixes. mainly for scenarios when pcntl_fork/pcntl_exec are involved so when the latter is executed, we avoid unwarranted effects
ext/sockets: socket_accept setting fcntl's FD_CLOEXEC on unixes. mainly for scenarios when pcntl_fork/pcntl_exec are involved so when the latter is executed, we avoid unwarranted effects with the file descriptors, instead the socket will be closed on success. close GH-14606
show more ...
|
#
d5683376 |
| 29-Jun-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix OSS-Fuzz #69765: Yield reference to nullsafe chain You cannot return or yield a reference to a nullsafe chain. This was checked already in zend_compile_return but not yet in zend
Fix OSS-Fuzz #69765: Yield reference to nullsafe chain You cannot return or yield a reference to a nullsafe chain. This was checked already in zend_compile_return but not yet in zend_compile_yield. Closes GH-14716.
show more ...
|
#
4cab7f90 |
| 27-Jun-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
[RFC] Implement XMLReader::fromUri() and XMLReader::fromString()
|