Fix GH-13309 and GH-13310: array hashes comparison, wrong buffer len calculation.

php_array_key_compare_string_case_unstable_i has a typo for the second
operand resulting in a wrong buff

Fix GH-13309 and GH-13310: array hashes comparison, wrong buffer len calculation.

php_array_key_compare_string_case_unstable_i has a typo for the second
operand resulting in a wrong buffer size calculation.

Issue reported by @AlexRudyuk

Close GH-13315

show more ...

ext/curl: Fix failing tests due to string changes in libcurl 8.6.0

Upstream libcurl 8.6.0 contains a change[^1] that caused a test failure.
This fixes it by updating the test's `EXPECTF`

ext/curl: Fix failing tests due to string changes in libcurl 8.6.0

Upstream libcurl 8.6.0 contains a change[^1] that caused a test failure.
This fixes it by updating the test's `EXPECTF` to use a regex to account for both string patterns.

[^1]: https://github.com/curl/curl/commit/45cf4755e71f#diff-a8a54563608f8155973318f4ddb61d7328dab512b8ff2b5cc48cc76979d4204cL1683

Closes GH-13293.

show more ...

Fix instable array during in-place modification in uksort

The array isn't just observable if the array has RCn, but also if it is inside a
reference that is RCn. By-ref parameters are al

Fix instable array during in-place modification in uksort

The array isn't just observable if the array has RCn, but also if it is inside a
reference that is RCn. By-ref parameters are always RCn and as such always
observable.

Fixes GH-13279
Closes GH-13285

show more ...

ext/curl: Bump minimum Curl version to >= 7.61.0 (#13259)

Bumps the minimum required libcurl version to 7.61.0.

Please also see #4917, which bumped minimum libcurl version to the cu

ext/curl: Bump minimum Curl version to >= 7.61.0 (#13259)

Bumps the minimum required libcurl version to 7.61.0.

Please also see #4917, which bumped minimum libcurl version to the current >= 7.29.0.
This bumps the minimum requirement to Curl 7.61.0 (released 2018 Sept).

Ubuntu, Debian, RHEL, and RHEL derivatives have major and LTS version bumps this year. Following are the
libcurl-dev/libcurl-devel versions available in the oldest supported (LTS or otherwise) in major OSs.

- Debian buster: [7.64](https://packages.debian.org/buster/libcurl4-openssl-dev)
- Ubuntu 20.04: [7.68](https://packages.ubuntu.com/focal/libcurl-dev)
- CentOS/RHEL 7: 7.29
- RHEL 8/Rocky 8/EL 8: 7.61
- Fedora 38: 7.87

RHEL/CentOS 7 reaches EOL mid 2024, so for PHP 8.4 scheduled towards the end of this year, we can safely
bump the minimum libcurl version.

7.61.0 was selected as the new minimum because RHEL and derivatives have libcurl-devel version 7.61. RHEL 8 is
a current and supported RHEL version.

show more ...

ext/sockets: enabling multicast group for ipv4 on freebsd. (#13240)

bug#75721 patch from jonathan@tangential.ca.

MCAST_JOIN_GROUP/MCAST_LEAVE_GROUP socket option for the RFC 3678

ext/sockets: enabling multicast group for ipv4 on freebsd. (#13240)

bug#75721 patch from jonathan@tangential.ca.

MCAST_JOIN_GROUP/MCAST_LEAVE_GROUP socket option for the RFC 3678
support does not work on freebsd, using IP_ADD_MEMBERSHIP instead.

show more ...

Fix GH-10614: imagerotate will turn the picture all black, when rotated 90

This is a backport of the upstream libgd PR that was recently committed
[1].

[1] https://github.com/li

Fix GH-10614: imagerotate will turn the picture all black, when rotated 90

This is a backport of the upstream libgd PR that was recently committed
[1].

[1] https://github.com/libgd/libgd/pull/862

Closes GH-13246.

show more ...

Fix GH-10344: imagettfbbox(): Could not find/open font UNC path

libgd uses an incorrect absolute path check in gdft.c.
It checks if either the path starts with a '/' (only valid on Posix

Fix GH-10344: imagettfbbox(): Could not find/open font UNC path

libgd uses an incorrect absolute path check in gdft.c.
It checks if either the path starts with a '/' (only valid on Posix
btw), or whether it contains something of the form C:\ or C:/.
However, this overlooks the possibility of using UNC paths on Windows.
As we already do PHP-specific stuff with VCWD_ macros, use
IS_ABSOLUTE_PATH to check for an absolute path which will take into
account UNC paths as well.

Closes GH-13241.

show more ...

Fix GH-13037: PharData incorrectly extracts zip file

The code currently assumes that the extra field length of the central
directory entry and the local entry are the same, but that's no

Fix GH-13037: PharData incorrectly extracts zip file

The code currently assumes that the extra field length of the central
directory entry and the local entry are the same, but that's not the
case. For example, the "Extended Timestamp extra field" differs in size
for local vs central directory entries. This causes the file contents
offset to be incorrect because it is based on the central directory
length instead of the local entry length. Fix it by reading the local
entry and getting the size from there as well as checking consistency
for the file name length.

Closes GH-13045.

show more ...

Fix GH-13232: Segmentation fault will be reported when JIT is off but JIT_debug is still on

Closes GH-13234.

Fix GH-12504: Corrupted session written when there's a fatal error in autoloader

For details and reasoning, see [1] and following.

[1] https://github.com/php/php-src/issues/12504#is

Fix GH-12504: Corrupted session written when there's a fatal error in autoloader

For details and reasoning, see [1] and following.

[1] https://github.com/php/php-src/issues/12504#issuecomment-1790870399

Closes GH-13207.

show more ...

NEWS

NEWS

Fix iterator position resetting

Previously, when an array was converted from packed to hashed, iterators would
not be correctly reset to 0. Similarly, removing the last element from an a

Fix iterator position resetting

Previously, when an array was converted from packed to hashed, iterators would
not be correctly reset to 0. Similarly, removing the last element from an array
would decrease nNumUsed but not actually fix the iterator position, causing the
element to be skipped in the next iteration.

Some code was also removed that skips over IS_UNDEF elements for
nInternalPointer and iterator positions. This is unnecessary, as this already
happens during iteration.

Closes GH-13178
Closes GH-13188

show more ...

Fix GH-13142: Undefined variable name is shortened when contains \0

Uses the new %S formatter and introduces the necessary changes and
helpers.

Fix GH-13177: PHP 8.3.2: final private constructor not allowed when used in trait

zend_compile has an exception to this rule for constructors using
`zend_is_constructor`, which compares

Fix GH-13177: PHP 8.3.2: final private constructor not allowed when used in trait

zend_compile has an exception to this rule for constructors using
`zend_is_constructor`, which compares the function name to
`__construct`. Sadly, `zend_is_constructor` is not a public API, but we
can just do the string compare ourselves.

Closes GH-13179.

show more ...

Fix GH-12107: When running a stored procedure (that returns a result set) twice, PHP crashes

Closes GH-12771.

ext/openssl: Add X509 purpose constants.

- X509_PURPOSE_OCSP_HELPER.
- X509_PURPOSE_TIMESTAMP_SIGN.
- Also X509_PURPOSE_ANY is ok since 1.0.1+

Close GH-13149

Fix argument type of simplexml_import_dom (#13170)

It needs to be "object".
This is because first- and third-party extension can register custom
node types using `php_libxml_register

Fix argument type of simplexml_import_dom (#13170)

It needs to be "object".
This is because first- and third-party extension can register custom
node types using `php_libxml_register_export`. So we don't know upfront
what types can be expected.

This also changes the error to a TypeError everywhere.

show more ...

ext/intl: Add NumberFormatter::ROUND_HALFODD

The NumberFormatter::ROUND_HALFEVEN constant exists in PHP already, but its counterpart ROUND_HALFODD was missing.
This adds it, using `UNUM_

ext/intl: Add NumberFormatter::ROUND_HALFODD

The NumberFormatter::ROUND_HALFEVEN constant exists in PHP already, but its counterpart ROUND_HALFODD was missing.
This adds it, using `UNUM_ROUND_HALF_ODD`

Close GH-13191

show more ...

Fix crashes with entity references and predefined entities

Closes GH-13004.

Fix range inference since "proper-range-semantics" RFC

* Arrays returned from range are never empty
* When step is a double value representable by a long, it is coerced implicitly.

Fix range inference since "proper-range-semantics" RFC

* Arrays returned from range are never empty
* When step is a double value representable by a long, it is coerced implicitly.
As such, passing a double step no longer guarantees that the result is a
non-int array.

Closes GH-13166

show more ...

Fix GH-13071: Copying large files using mmap-able source streams may exhaust available memory and fail

Commit 5cbe5a538c disabled chunking for all writes to streams. However,
user stream

Fix GH-13071: Copying large files using mmap-able source streams may exhaust available memory and fail

Commit 5cbe5a538c disabled chunking for all writes to streams. However,
user streams have a callback where code is executed on data that is
subject to the memory limit. Therefore, when using large writes or
stream_copy_to_stream/copy the memory limit can easily be hit with large
enough data.

To solve this, we reintroduce chunking for userspace streams.
Users have control over the chunk size, which is neat because
they can improve the performance by setting the chunk size if
that turns out to be a bottleneck.

In an ideal world, we add an option so we can "ask" the stream whether
it "prefers" chunked writes, similar to how we have
php_stream_mmap_supported & friends. However, that cannot be done on
stable branches.

Closes GH-13136.

show more ...

Fix GH-13097: Anonymous class reference in trigger_error / thrown Exception

Closes GH-13153.

Fix missing error check in curl_multi_init()

Closes GH-13157.

[skip ci] Fixed NEWS