diff options
| -rw-r--r-- | NEWS | 142 | ||||
| -rw-r--r-- | Zend/zend_execute.c | 4 | ||||
| -rw-r--r-- | Zend/zend_hash.c | 2 | ||||
| -rw-r--r-- | Zend/zend_hash.h | 6 | ||||
| -rw-r--r-- | ext/soap/php_encoding.c | 30 | ||||
| -rw-r--r-- | ext/soap/php_http.c | 24 | ||||
| -rw-r--r-- | ext/soap/soap.c | 47 | ||||
| -rw-r--r-- | main/main.c | 17 | ||||
| -rw-r--r-- | sapi/cli/tests/bug67741.phpt | 17 | ||||
| -rw-r--r-- | sapi/cli/tests/bug67741_stub.inc | 3 |
10 files changed, 248 insertions, 44 deletions
@@ -2,10 +2,152 @@ ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? ??? 20??, PHP 7.0.0 +<<<<<<< HEAD - CLI server: . Refactor MIME type handling to use a hash table instead of linear search. (Adam) . Update the MIME type list from the one shipped by Apache HTTPD. (Adam) +======= +- Core: + . Fixed bug #69139 (Crash in gc_zval_possible_root on unserialize). + (Laruence) + . Fixed bug #69121 (Segfault in get_current_user when script owner is not + in passwd with ZTS build). (dan at syneto dot net) + . Fixed bug #65593 (Segfault when calling ob_start from output buffering + callback). (Mike) + . Fixed bug #68986 (pointer returned by php_stream_fopen_temporary_file + not validated in memory.c). (nayana at ddproperty dot com) + . Fixed bug #68166 (Exception with invalid character causes segv). (Rasmus) + . Fixed bug #69141 (Missing arguments in reflection info for some builtin + functions). (kostyantyn dot lysyy at oracle dot com) + +- cURL: + . Fixed bug #69088 (PHP_MINIT_FUNCTION does not fully initialize cURL on + Win32). (Grant Pannell) + . Add CURLPROXY_SOCKS4A and CURLPROXY_SOCKS5_HOSTNAME constants if supported + by libcurl. (Linus Unneback) + +- ODBC: + . Fixed bug #68964 (Allowed memory size exhausted with odbc_exec). (Anatol) + +- Opcache: + . Fixed bug #69125 (Array numeric string as key). (Laruence) + . Fixed bug #69038 (switch(SOMECONSTANT) misbehaves). (Laruence) + +- OpenSSL: + . Fixed bug #68912 (Segmentation fault at openssl_spki_new). (Laruence) + . Fixed bug #61285, #68329, #68046, #41631 (encrypted streams don't observe + socket timeouts). (Brad Broerman) + +- pgsql: + . Fixed bug #68638 (pg_update() fails to store infinite values). + (william dot welter at 4linux dot com dot br, Laruence) + +- Readline: + . Fixed bug #69054 (Null dereference in readline_(read|write)_history() without + parameters). (Laruence) + +- SOAP: + . Fixed bug #69085 (SoapClient's __call() type confusion through + unserialize()). (andrea dot palazzo at truel dot it, Laruence) + +- SPL: + . Fixed bug #69108 ("Segmentation fault" when (de)serializing + SplObjectStorage). (Laruence) + . Fixed bug #68557 (RecursiveDirectoryIterator::seek(0) broken after + calling getChildren()). (Julien) + +- CGI: + . Fixed bug #69015 (php-cgi's getopt does not see $argv). (Laruence) + +- CLI: + . Fixed bug #67741 (auto_prepend_file messes up __LINE__). (Reeze Xia) + +- FPM: + . Fixed bug #68822 (request time is reset too early). (honghu069 at 163 dot com) + +19 Feb 2015, PHP 5.6.6 + +- Core: + . Removed support for multi-line headers, as the are deprecated by RFC 7230. + (Stas) + . Fixed bug #67068 (getClosure returns somethings that's not a closure). + (Danack at basereality dot com) + . Fixed bug #68942 (Use after free vulnerability in unserialize() with + DateTimeZone). (CVE-2015-0273) (Stas) + . Fixed bug #68925 (Mitigation for CVE-2015-0235 – GHOST: glibc gethostbyname + buffer overflow). (Stas) + . Fixed Bug #67988 (htmlspecialchars() does not respect default_charset + specified by ini_set) (Yasuo) + . Added NULL byte protection to exec, system and passthru. (Yasuo) + +- Dba: + . Fixed bug #68711 (useless comparisons). (bugreports at internot dot info) + +- Enchant: + . Fixed bug #68552 (heap buffer overflow in enchant_broker_request_dict()). + (Antony) + +- Fileinfo: + . Fixed bug #68827 (Double free with disabled ZMM). (Joshua Rogers) + . Fixed bug #67647 (Bundled libmagic 5.17 does not detect quicktime files + correctly). (Anatol) + . Fixed bug #68731 (finfo_buffer doesn't extract the correct mime with some + gifs). (Anatol) + +- FPM: + . Fixed bug #66479 (Wrong response to FCGI_GET_VALUES). (Frank Stolle) + . Fixed bug #68571 (core dump when webserver close the socket). + (redfoxli069 at gmail dot com, Laruence) + +- JSON: + . Fixed bug #50224 (json_encode() does not always encode a float as a float) + by adding JSON_PRESERVE_ZERO_FRACTION. (Juan Basso) + +- LIBXML: + . Fixed bug #64938 (libxml_disable_entity_loader setting is shared + between threads). (Martin Jansen) + +- Mysqli: + . Fixed bug #68114 (linker error on some OS X machines with fixed + width decimal support) (Keyur Govande) + . Fixed bug #68657 (Reading 4 byte floats with Mysqli and libmysqlclient + has rounding errors) (Keyur Govande) + +- Opcache: + . Fixed bug with try blocks being removed when extended_info opcode + generation is turned on. (Laruence) + +- PDO_mysql: + . Fixed bug #68750 (PDOMysql with mysqlnd does not allow the usage of + named pipes). (steffenb198 at aol dot com) + +- Phar: + . Fixed bug #68901 (use after free). (bugreports at internot dot info) + +- Pgsql: + . Fixed Bug #65199 (pg_copy_from() modifies input array variable) (Yasuo) + +- Session: + . Fixed bug #68941 (mod_files.sh is a bash-script) (bugzilla at ii.nl, Yasuo) + . Fixed Bug #66623 (no EINTR check on flock) (Yasuo) + . Fixed bug #68063 (Empty session IDs do still start sessions) (Yasuo) + +- Sqlite3: + . Fixed bug #68260 (SQLite3Result::fetchArray declares wrong + required_num_args). (Julien) + +- Standard: + . Fixed bug #65272 (flock() out parameter not set correctly in windows). + (Daniel Lowrey) + . Fixed bug #69033 (Request may get env. variables from previous requests + if PHP works as FastCGI). (Anatol) + +- Streams: + . Fixed bug which caused call after final close on streams filter. (Bob) + +22 Jan 2015, PHP 5.6.5 +>>>>>>> PHP-5.6 - Core: . Fixed bug #68933 (Invalid read of size 8 in zend_std_read_property). diff --git a/Zend/zend_execute.c b/Zend/zend_execute.c index 6d679f0563..4dd8e2c6b2 100644 --- a/Zend/zend_execute.c +++ b/Zend/zend_execute.c @@ -1010,7 +1010,7 @@ fast_assign: } } -static zend_always_inline void zend_assign_to_object_dim(zval *retval, zval *object, zval *property_name, int value_type, znode_op value_op, const zend_execute_data *execute_data) +static zend_never_inline void zend_assign_to_object_dim(zval *retval, zval *object, zval *property_name, int value_type, znode_op value_op, const zend_execute_data *execute_data) { zend_free_op free_value; zval *value = get_zval_ptr_deref(value_type, value_op, execute_data, &free_value, BP_VAR_R); @@ -1044,7 +1044,7 @@ static zend_always_inline void zend_assign_to_object_dim(zval *retval, zval *obj } } -static void zend_binary_assign_op_obj_dim(zval *object, zval *property, zval *value, zval *retval, int (*binary_op)(zval *result, zval *op1, zval *op2)) +static zend_never_inline void zend_binary_assign_op_obj_dim(zval *object, zval *property, zval *value, zval *retval, int (*binary_op)(zval *result, zval *op1, zval *op2)) { zval *z; zval rv, res; diff --git a/Zend/zend_hash.c b/Zend/zend_hash.c index 77ac3c395e..e4df989e56 100644 --- a/Zend/zend_hash.c +++ b/Zend/zend_hash.c @@ -1139,7 +1139,7 @@ ZEND_API void zend_array_destroy(HashTable *ht) } else if (EXPECTED(!(ht->u.flags & HASH_FLAG_INITIALIZED))) { goto free_ht; } - pefree(ht->arData, ht->u.flags & HASH_FLAG_PERSISTENT); + efree(ht->arData); free_ht: FREE_HASHTABLE(ht); } diff --git a/Zend/zend_hash.h b/Zend/zend_hash.h index 30e0453f26..4583d34e99 100644 --- a/Zend/zend_hash.h +++ b/Zend/zend_hash.h @@ -645,9 +645,9 @@ static zend_always_inline void *zend_hash_get_current_data_ptr_ex(HashTable *ht, zend_hash_get_current_data_ptr_ex(ht, &(ht)->nInternalPointer) #define ZEND_HASH_FOREACH(_ht, indirect) do { \ - uint _idx; \ - for (_idx = 0; _idx < (_ht)->nNumUsed; _idx++) { \ - Bucket *_p = (_ht)->arData + _idx; \ + Bucket *_p = (_ht)->arData; \ + Bucket *_end = _p + (_ht)->nNumUsed; \ + for (; _p != _end; _p++) { \ zval *_z = &_p->val; \ if (indirect && Z_TYPE_P(_z) == IS_INDIRECT) { \ _z = Z_INDIRECT_P(_z); \ diff --git a/ext/soap/php_encoding.c b/ext/soap/php_encoding.c index 3ac5a7bad4..966d6d04ca 100644 --- a/ext/soap/php_encoding.c +++ b/ext/soap/php_encoding.c @@ -388,12 +388,15 @@ static xmlNodePtr master_to_xml_int(encodePtr encode, zval *data, int style, xml encodePtr enc = NULL; HashTable *ht = Z_OBJPROP_P(data); - if ((ztype = zend_hash_str_find(ht, "enc_type", sizeof("enc_type")-1)) == NULL) { + if ((ztype = zend_hash_str_find(ht, "enc_type", sizeof("enc_type")-1)) == NULL || + Z_TYPE_P(ztype) != IS_LONG) { soap_error0(E_ERROR, "Encoding: SoapVar has no 'enc_type' property"); } - if ((zstype = zend_hash_str_find(ht, "enc_stype", sizeof("enc_stype")-1)) != NULL) { - if ((zns = zend_hash_str_find(ht, "enc_ns", sizeof("enc_ns")-1)) != NULL) { + if ((zstype = zend_hash_str_find(ht, "enc_stype", sizeof("enc_stype")-1)) != NULL && + Z_TYPE_P(zstype) == IS_STRING) { + if ((zns = zend_hash_str_find(ht, "enc_ns", sizeof("enc_ns")-1)) != NULL && + Z_TYPE_P(zns) == IS_STRING) { enc = get_encoder(SOAP_GLOBAL(sdl), Z_STRVAL_P(zns), Z_STRVAL_P(zstype)); } else { zns = NULL; @@ -423,8 +426,10 @@ static xmlNodePtr master_to_xml_int(encodePtr encode, zval *data, int style, xml node = master_to_xml(enc, zdata, style, parent); if (style == SOAP_ENCODED || (SOAP_GLOBAL(sdl) && encode != enc)) { - if ((ztype = zend_hash_str_find(ht, "enc_stype", sizeof("enc_stype")-1)) != NULL) { - if ((zns = zend_hash_str_find(ht, "enc_ns", sizeof("enc_ns")-1)) != NULL) { + if ((zstype = zend_hash_str_find(ht, "enc_stype", sizeof("enc_stype")-1)) != NULL && + Z_TYPE_P(zstype) == IS_STRING) { + if ((zns = zend_hash_str_find(ht, "enc_ns", sizeof("enc_ns")-1)) != NULL && + Z_TYPE_P(zns) == IS_STRING) { set_ns_and_type_ex(node, Z_STRVAL_P(zns), Z_STRVAL_P(zstype)); } else { set_ns_and_type_ex(node, NULL, Z_STRVAL_P(zstype)); @@ -432,10 +437,12 @@ static xmlNodePtr master_to_xml_int(encodePtr encode, zval *data, int style, xml } } - if ((zname = zend_hash_str_find(ht, "enc_name", sizeof("enc_name")-1)) != NULL) { + if ((zname = zend_hash_str_find(ht, "enc_name", sizeof("enc_name")-1)) != NULL && + Z_TYPE_P(zname) == IS_STRING) { xmlNodeSetName(node, BAD_CAST(Z_STRVAL_P(zname))); } - if ((znamens = zend_hash_str_find(ht, "enc_namens", sizeof("enc_namens")-1)) != NULL) { + if ((znamens = zend_hash_str_find(ht, "enc_namens", sizeof("enc_namens")-1)) != NULL && + Z_TYPE_P(znamens) == IS_STRING) { xmlNsPtr nsp = encode_add_ns(node, Z_STRVAL_P(znamens)); xmlSetNs(node, nsp); } @@ -3514,18 +3521,21 @@ static encodePtr get_array_type(xmlNodePtr node, zval *array, smart_str *type) Z_OBJCE_P(tmp) == soap_var_class_entry) { zval *ztype; - if ((ztype = zend_hash_str_find(Z_OBJPROP_P(tmp), "enc_type", sizeof("enc_type")-1)) == NULL) { + if ((ztype = zend_hash_str_find(Z_OBJPROP_P(tmp), "enc_type", sizeof("enc_type")-1)) == NULL || + Z_TYPE_P(ztype) != IS_LONG) { soap_error0(E_ERROR, "Encoding: SoapVar has no 'enc_type' property"); } cur_type = Z_LVAL_P(ztype); - if ((ztype = zend_hash_str_find(Z_OBJPROP_P(tmp), "enc_stype", sizeof("enc_stype")-1)) != NULL) { + if ((ztype = zend_hash_str_find(Z_OBJPROP_P(tmp), "enc_stype", sizeof("enc_stype")-1)) != NULL && + Z_TYPE_P(ztype) == IS_STRING) { cur_stype = Z_STRVAL_P(ztype); } else { cur_stype = NULL; } - if ((ztype = zend_hash_str_find(Z_OBJPROP_P(tmp), "enc_ns", sizeof("enc_ns")-1)) != NULL) { + if ((ztype = zend_hash_str_find(Z_OBJPROP_P(tmp), "enc_ns", sizeof("enc_ns")-1)) != NULL && + Z_TYPE_P(ztype) == IS_STRING) { cur_ns = Z_STRVAL_P(ztype); } else { cur_ns = NULL; diff --git a/ext/soap/php_http.c b/ext/soap/php_http.c index db0e3c14ca..645d1f24ca 100644 --- a/ext/soap/php_http.c +++ b/ext/soap/php_http.c @@ -36,13 +36,15 @@ int proxy_authentication(zval* this_ptr, smart_str* soap_headers) { zval *login, *password; - if ((login = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "_proxy_login", sizeof("_proxy_login")-1)) != NULL) { + if ((login = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "_proxy_login", sizeof("_proxy_login")-1)) != NULL && + Z_TYPE_P(login) == IS_STRING) { zend_string *buf; smart_str auth = {0}; smart_str_appendl(&auth, Z_STRVAL_P(login), Z_STRLEN_P(login)); smart_str_appendc(&auth, ':'); - if ((password = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "_proxy_password", sizeof("_proxy_password")-1)) != NULL) { + if ((password = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "_proxy_password", sizeof("_proxy_password")-1)) != NULL && + Z_TYPE_P(password) == IS_STRING) { smart_str_appendl(&auth, Z_STRVAL_P(password), Z_STRLEN_P(password)); } smart_str_0(&auth); @@ -63,13 +65,15 @@ int basic_authentication(zval* this_ptr, smart_str* soap_headers) zval *login, *password; if ((login = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "_login", sizeof("_login")-1)) != NULL && - !zend_hash_str_exists(Z_OBJPROP_P(this_ptr), "_digest", sizeof("_digest")-1)) { + Z_TYPE_P(login) == IS_STRING && + !zend_hash_str_exists(Z_OBJPROP_P(this_ptr), "_digest", sizeof("_digest")-1)) { zend_string* buf; smart_str auth = {0}; smart_str_appendl(&auth, Z_STRVAL_P(login), Z_STRLEN_P(login)); smart_str_appendc(&auth, ':'); - if ((password = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "_password", sizeof("_password")-1)) != NULL) { + if ((password = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "_password", sizeof("_password")-1)) != NULL && + Z_TYPE_P(password) == IS_STRING) { smart_str_appendl(&auth, Z_STRVAL_P(password), Z_STRLEN_P(password)); } smart_str_0(&auth); @@ -565,7 +569,7 @@ try_again: } if (!http_1_1 || ((tmp = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "_keep_alive", sizeof("_keep_alive")-1)) != NULL && - Z_LVAL_P(tmp) == 0)) { + (Z_TYPE_P(tmp) == IS_FALSE || (Z_TYPE_P(tmp) == IS_LONG && Z_LVAL_P(tmp) == 0)))) { smart_str_append_const(&soap_headers, "\r\n" "Connection: close\r\n"); } else { @@ -797,7 +801,8 @@ try_again: } /* Send cookies along with request */ - if ((cookies = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "_cookies", sizeof("_cookies")-1)) != NULL) { + if ((cookies = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "_cookies", sizeof("_cookies")-1)) != NULL && + Z_TYPE_P(cookies) == IS_ARRAY) { zval *data; zend_string *key; int i, n; @@ -840,7 +845,7 @@ try_again: smart_str_append_const(&soap_headers, "\r\n"); smart_str_0(&soap_headers); if ((trace = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "trace", sizeof("trace")-1)) != NULL && - Z_LVAL_P(trace) > 0) { + (Z_TYPE_P(trace) == IS_TRUE || (Z_TYPE_P(trace) == IS_LONG && Z_LVAL_P(trace) != 0))) { add_property_stringl(this_ptr, "__last_request_headers", soap_headers.s->val, soap_headers.s->len); } smart_str_appendl(&soap_headers, request, request_size); @@ -885,7 +890,7 @@ try_again: } if ((trace = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "trace", sizeof("trace")-1)) != NULL && - Z_LVAL_P(trace) > 0) { + (Z_TYPE_P(trace) == IS_TRUE || (Z_TYPE_P(trace) == IS_LONG && Z_LVAL_P(trace) != 0))) { add_property_str(this_ptr, "__last_response_headers", zend_string_copy(http_headers)); } @@ -934,7 +939,8 @@ try_again: char *eqpos, *sempos; zval *cookies; - if ((cookies = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "_cookies", sizeof("_cookies")-1)) == NULL) { + if ((cookies = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "_cookies", sizeof("_cookies")-1)) == NULL || + Z_TYPE_P(cookies) != IS_ARRAY) { zval tmp_cookies; array_init(&tmp_cookies); cookies = zend_hash_str_update(Z_OBJPROP_P(this_ptr), "_cookies", sizeof("_cookies")-1, &tmp_cookies); diff --git a/ext/soap/soap.c b/ext/soap/soap.c index 3a27f7a7b4..400f89700d 100644 --- a/ext/soap/soap.c +++ b/ext/soap/soap.c @@ -2581,7 +2581,7 @@ static int do_request(zval *this_ptr, xmlDoc *request, char *location, char *act } if ((trace = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "trace", sizeof("trace")-1)) != NULL && - Z_TYPE_P(trace) == IS_LONG && Z_LVAL_P(trace) > 0) { + (Z_TYPE_P(trace) == IS_TRUE || (Z_TYPE_P(trace) == IS_LONG && Z_LVAL_P(trace) != 0))) { add_property_stringl(this_ptr, "__last_request", buf, buf_size); } @@ -2609,7 +2609,7 @@ static int do_request(zval *this_ptr, xmlDoc *request, char *location, char *act } ret = FALSE; } else if ((trace = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "trace", sizeof("trace")-1)) != NULL && - Z_TYPE_P(trace) == IS_LONG && Z_LVAL_P(trace) > 0) { + (Z_TYPE_P(trace) == IS_TRUE || (Z_TYPE_P(trace) == IS_LONG && Z_LVAL_P(trace) != 0))) { add_property_str(this_ptr, "__last_response", zend_string_copy(Z_STR_P(response))); } zval_ptr_dtor(&func); @@ -2655,13 +2655,13 @@ static void do_soap_call(zend_execute_data *execute_data, SOAP_CLIENT_BEGIN_CODE(); - if ((trace = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "trace", sizeof("trace")-1)) != NULL - && Z_LVAL_P(trace) > 0) { + if ((trace = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "trace", sizeof("trace")-1)) != NULL && + (Z_TYPE_P(trace) == IS_TRUE || (Z_TYPE_P(trace) == IS_LONG && Z_LVAL_P(trace) != 0))) { zend_hash_str_del(Z_OBJPROP_P(this_ptr), "__last_request", sizeof("__last_request")-1); zend_hash_str_del(Z_OBJPROP_P(this_ptr), "__last_response", sizeof("__last_response")-1); } - if ((tmp = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "_soap_version", sizeof("_soap_version")-1)) != NULL - && Z_LVAL_P(tmp) == SOAP_1_2) { + if ((tmp = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "_soap_version", sizeof("_soap_version")-1)) != NULL && + Z_TYPE_P(tmp) == IS_LONG && Z_LVAL_P(tmp) == SOAP_1_2) { soap_version = SOAP_1_2; } else { soap_version = SOAP_1_1; @@ -2758,7 +2758,7 @@ static void do_soap_call(zend_execute_data *execute_data, zval *uri; smart_str action = {0}; - if ((uri = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "uri", sizeof("uri")-1)) == NULL) { + if ((uri = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "uri", sizeof("uri")-1)) == NULL || Z_TYPE_P(uri) != IS_STRING) { add_soap_fault(this_ptr, "Client", "Error finding \"uri\" property", NULL, NULL); } else if (location == NULL) { add_soap_fault(this_ptr, "Client", "Error could not find \"location\" property", NULL, NULL); @@ -3018,7 +3018,8 @@ PHP_METHOD(SoapClient, __getLastRequest) return; } - if ((tmp = zend_hash_str_find(Z_OBJPROP_P(getThis()), "__last_request", sizeof("__last_request")-1)) != NULL) { + if ((tmp = zend_hash_str_find(Z_OBJPROP_P(getThis()), "__last_request", sizeof("__last_request")-1)) != NULL && + Z_TYPE_P(tmp) == IS_STRING) { RETURN_STR(zend_string_copy(Z_STR_P(tmp))); } RETURN_NULL(); @@ -3036,7 +3037,8 @@ PHP_METHOD(SoapClient, __getLastResponse) return; } - if ((tmp = zend_hash_str_find(Z_OBJPROP_P(getThis()), "__last_response", sizeof("__last_response")-1)) != NULL) { + if ((tmp = zend_hash_str_find(Z_OBJPROP_P(getThis()), "__last_response", sizeof("__last_response")-1)) != NULL && + Z_TYPE_P(tmp) == IS_STRING) { RETURN_STR(zend_string_copy(Z_STR_P(tmp))); } RETURN_NULL(); @@ -3054,7 +3056,8 @@ PHP_METHOD(SoapClient, __getLastRequestHeaders) return; } - if ((tmp = zend_hash_str_find(Z_OBJPROP_P(getThis()), "__last_request_headers", sizeof("__last_request_headers")-1)) != NULL) { + if ((tmp = zend_hash_str_find(Z_OBJPROP_P(getThis()), "__last_request_headers", sizeof("__last_request_headers")-1)) != NULL && + Z_TYPE_P(tmp) == IS_STRING) { RETURN_STR(zend_string_copy(Z_STR_P(tmp))); } RETURN_NULL(); @@ -3072,7 +3075,8 @@ PHP_METHOD(SoapClient, __getLastResponseHeaders) return; } - if ((tmp = zend_hash_str_find(Z_OBJPROP_P(getThis()), "__last_response_headers", sizeof("__last_response_headers")-1)) != NULL) { + if ((tmp = zend_hash_str_find(Z_OBJPROP_P(getThis()), "__last_response_headers", sizeof("__last_response_headers")-1)) != NULL && + Z_TYPE_P(tmp) == IS_STRING) { RETURN_STR(zend_string_copy(Z_STR_P(tmp))); } RETURN_NULL(); @@ -3129,13 +3133,15 @@ PHP_METHOD(SoapClient, __setCookie) } if (val == NULL) { - if ((cookies = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "_cookies", sizeof("_cookies")-1)) != NULL) { + if ((cookies = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "_cookies", sizeof("_cookies")-1)) != NULL && + Z_TYPE_P(cookies) == IS_ARRAY) { zend_hash_str_del(Z_ARRVAL_P(cookies), name, name_len); } } else { zval zcookie; - if ((cookies = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "_cookies", sizeof("_cookies")-1)) == NULL) { + if ((cookies = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "_cookies", sizeof("_cookies")-1)) == NULL || + Z_TYPE_P(cookies) != IS_ARRAY) { zval tmp_cookies; array_init(&tmp_cookies); @@ -3160,7 +3166,8 @@ PHP_METHOD(SoapClient, __getCookies) } - if ((cookies = zend_hash_str_find(Z_OBJPROP_P(getThis()), "_cookies", sizeof("_cookies")-1)) != NULL) { + if ((cookies = zend_hash_str_find(Z_OBJPROP_P(getThis()), "_cookies", sizeof("_cookies")-1)) != NULL && + Z_TYPE_P(cookies) == IS_ARRAY) { ZVAL_ARR(return_value, zend_array_dup(Z_ARRVAL_P(cookies))); } else { array_init(return_value); @@ -3978,7 +3985,8 @@ static xmlDocPtr serialize_response_call(sdlFunctionPtr function, char *function } if (version == SOAP_1_1) { - if ((tmp = zend_hash_str_find(prop, "faultcode", sizeof("faultcode")-1)) != NULL) { + if ((tmp = zend_hash_str_find(prop, "faultcode", sizeof("faultcode")-1)) != NULL && + Z_TYPE_P(tmp) == IS_STRING) { xmlNodePtr node = xmlNewNode(NULL, BAD_CAST("faultcode")); zend_string *str = php_escape_html_entities((unsigned char*)Z_STRVAL_P(tmp), Z_STRLEN_P(tmp), 0, 0, NULL); xmlAddChild(param, node); @@ -4002,7 +4010,8 @@ static xmlDocPtr serialize_response_call(sdlFunctionPtr function, char *function } detail_name = "detail"; } else { - if ((tmp = zend_hash_str_find(prop, "faultcode", sizeof("faultcode")-1)) != NULL) { + if ((tmp = zend_hash_str_find(prop, "faultcode", sizeof("faultcode")-1)) != NULL && + Z_TYPE_P(tmp) == IS_STRING) { xmlNodePtr node = xmlNewChild(param, ns, BAD_CAST("Code"), NULL); zend_string *str = php_escape_html_entities((unsigned char*)Z_STRVAL_P(tmp), Z_STRLEN_P(tmp), 0, 0, NULL); node = xmlNewChild(node, ns, BAD_CAST("Value"), NULL); @@ -4240,7 +4249,8 @@ static xmlDocPtr serialize_function_call(zval *this_ptr, sdlFunctionPtr function } } } else { - if ((zstyle = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "style", sizeof("style")-1)) != NULL) { + if ((zstyle = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "style", sizeof("style")-1)) != NULL && + Z_TYPE_P(zstyle) == IS_LONG) { style = Z_LVAL_P(zstyle); } else { style = SOAP_RPC; @@ -4263,7 +4273,7 @@ static xmlDocPtr serialize_function_call(zval *this_ptr, sdlFunctionPtr function } if ((zuse = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "use", sizeof("use")-1)) != NULL && - Z_LVAL_P(zuse) == SOAP_LITERAL) { + Z_TYPE_P(zuse) == IS_LONG && Z_LVAL_P(zuse) == SOAP_LITERAL) { use = SOAP_LITERAL; } else { use = SOAP_ENCODED; @@ -4391,6 +4401,7 @@ static xmlNodePtr serialize_parameter(sdlParamPtr param, zval *param_val, int in zval *param_data; if ((param_name = zend_hash_str_find(Z_OBJPROP_P(param_val), "param_name", sizeof("param_name")-1)) != NULL && + Z_TYPE_P(param_name) == IS_STRING && (param_data = zend_hash_str_find(Z_OBJPROP_P(param_val), "param_data", sizeof("param_data")-1)) != NULL) { param_val = param_data; name = Z_STRVAL_P(param_name); diff --git a/main/main.c b/main/main.c index f74190cf06..3dcba48779 100644 --- a/main/main.c +++ b/main/main.c @@ -2524,8 +2524,23 @@ PHPAPI int php_execute_script(zend_file_handle *primary_file) #endif zend_set_timeout(INI_INT("max_execution_time"), 0); } - retval = (zend_execute_scripts(ZEND_REQUIRE, NULL, 3, prepend_file_p, primary_file, append_file_p) == SUCCESS); + /* + If cli primary file has shabang line and there is a prepend file, + the `start_lineno` will be used by prepend file but not primary file, + save it and restore after prepend file been executed. + */ + if (CG(start_lineno) && prepend_file_p) { + int orig_start_lineno = CG(start_lineno); + + CG(start_lineno) = 0; + if (zend_execute_scripts(ZEND_REQUIRE, NULL, 1, prepend_file_p) == SUCCESS) { + CG(start_lineno) = orig_start_lineno; + retval = (zend_execute_scripts(ZEND_REQUIRE, NULL, 2, primary_file, append_file_p) == SUCCESS); + } + } else { + retval = (zend_execute_scripts(ZEND_REQUIRE, NULL, 3, prepend_file_p, primary_file, append_file_p) == SUCCESS); + } } zend_end_try(); #if HAVE_BROKEN_GETCWD diff --git a/sapi/cli/tests/bug67741.phpt b/sapi/cli/tests/bug67741.phpt new file mode 100644 index 0000000000..df0981443f --- /dev/null +++ b/sapi/cli/tests/bug67741.phpt @@ -0,0 +1,17 @@ +--TEST-- +Bug #67741 (auto_prepend_file messes up __LINE__) +--INI-- +include_path={PWD} +auto_prepend_file=bug67741_stub.inc +--SKIPIF-- +<?php +include "skipif.inc"; +?> +--FILE-- +#!/bin/env php +<?php +echo "primary lineno: ", __LINE__, "\n"; +?> +--EXPECT-- +prepend lineno: 2 +primary lineno: 3
\ No newline at end of file diff --git a/sapi/cli/tests/bug67741_stub.inc b/sapi/cli/tests/bug67741_stub.inc new file mode 100644 index 0000000000..4d7470ea29 --- /dev/null +++ b/sapi/cli/tests/bug67741_stub.inc @@ -0,0 +1,3 @@ +<?php +echo "prepend lineno: ", __LINE__, "\n"; +?> |