summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Update NEWS for PHP 7.4.17RC1PHP-7.4.17Derick Rethans2021-03-161-1/+1
|
* Prepare for 7.4.17RC1Derick Rethans2021-03-161-1/+1
|
* Fix #80817: dba_popen() may cause segfault during RSHUTDOWNChristoph M. Becker2021-03-152-2/+5
| | | | We need to close persistent streams with the proper flag.
* Fix bug #80866Dharman2021-03-153-0/+20
| | | | Closes GH-6774.
* Fix bug #80837Dharman2021-03-153-1/+41
| | | | The error needs to be reported on the statement, not the connection.
* Update ubuntu on i386 jobNikita Popov2021-03-151-1/+1
| | | | | | There is a failure with apt on PHP-7.4 that's not present on PHP-8.0/master. Switching to a newer ubuntu version on PHP-7.4 avoids the issue.
* Downgrade security level in tests using TLS < 1.2Nikita Popov2021-03-155-4/+14
| | | | | | | A few additional tests have been added on master that require lower security level. (cherry picked from commit c2a6395dcbab20549702e56006f7cd389cefebcd)
* Fix #51903: simplexml_load_file() doesn't use HTTP headersChristoph M. Becker2021-03-083-0/+89
| | | | | | | | | | | | | | | The `encoding` attribute of the XML declaration is optional; it is good practice to use external encoding information where available if it is missing. Thus, we check for `charset` info of `Content-Type` headers, and see whether the encoding is supported. We cater to trailing parameters and quoted-strings, but not to escaped backslashes and quotes in quoted-strings, since no known character encoding contains these anyway. Co-authored-by: Michael Wallner <mike@php.net> Closes GH-6747.
* Fix #80838: HTTP wrapper waits for HTTP 1 response after HTTP 101manuel2021-03-083-1/+44
| | | | | | Don't wait for further responses after a HTTP 101 (Switching Protocols) response Closes GH-6730.
* Merge branch 'PHP-7.4' of git.php.net:php-src into PHP-7.4George Wang2021-03-051-1/+1
|\
| * Print error code if CreateMutex() failsChristoph M. Becker2021-03-051-1/+1
| | | | | | | | | | | | | | | | | | This issue came up recently in a bug report[1]; without the error code, users can barely guess why the function failed. [1] <https://bugs.php.net/80812> Closes GH-6745.
* | LiteSpeed SAPI v7.9: Process manager keeps forked child process alive for ↵George Wang2021-03-052-38/+55
|/ | | | longer time based on load. Reduces PM overhead for busy setup.
* Fix #78719: http wrapper silently ignores long Location headersChristoph M. Becker2021-03-033-13/+33
| | | | | | | | | | | | When opening HTTP streams, and reading the headers, we currently discard header lines longer than `HTTP_HEADER_BLOCK_SIZE` (1024 bytes). While this is not generally forbidden by RFC 7230, section 3.2.5, it is not generally allowed either, since that may change the "message framing or response semantics". We thus fix this by allowing arbitrarily long header lines. Closes GH-6720.
* Fix #80751: Comma in recipient name breaks email deliveryChristoph M. Becker2021-03-012-16/+179
| | | | | | | | | | | | | | | | | So far, `SendText()` simply separates potential email address lists at any comma, disregarding that commas inside a quoted-string do not delimit addresses. We fix that by introducing an own variant of `strtok_r()` which caters to quoted-strings. We also make `FormatEmailAddress()` aware of quoted strings. We do not cater to email address comments, and potentially other quirks of RFC 5322 email addresses, but catering to quoted-strings is supposed to solve almost all practical use cases. Co-authored-by: Nikita Popov <nikita.ppv@gmail.com> Closes GH-6735.
* Always remove HT iterators, even for uninit HTNikita Popov2021-03-012-1/+16
| | | | Fixes oss-fuzz #31423.
* Fixed bug #80805Nikita Popov2021-03-013-4/+36
| | | | | | Handle missing result_var in binary_op_result_type. (cherry picked from commit 8446e2827585c37d0739f8d44fa8d359cbbb6551)
* Fix memleak on ReflectionFunction and ReflectionGenerator classes when ↵Felipe Pena2021-02-251-0/+9
| | | | calling __construct after instantiation
* skip test with openssl < 1.1.0Remi Collet2021-02-251-1/+2
| | | | | The test fails, but without any crash (this test is designed to catch a crash)
* Capture Microsoft-defined HRESULT exit codes exit codesDylan K. Taylor2021-02-251-0/+3
| | | | | | | | The lack of such a check leads to false-passes of tests on Windows which expect no output, but produce a segfault or similar issue. I discovered this a while ago due to bad tests in an extension I maintain. Closes GH-6722.
* mysqlnd pam fix test error messageDaniel Black2021-02-251-2/+2
| | | | Closes GH-6727.
* Fix potential file collision in dom testsNikita Popov2021-02-242-2/+2
|
* Fix bug #80757 (Exit code is 0 when could not open file)Felipe Pena2021-02-241-0/+1
|
* Update NEWSFelipe Pena2021-02-241-0/+3
|
* Merge branch 'PHP-7.3' into PHP-7.4Christoph M. Becker2021-02-231-1/+1
|\ | | | | | | | | * PHP-7.3: run-tests: fixed exit code not being set on BORKED tests
| * run-tests: fixed exit code not being set on BORKED testsPHP-7.3Dylan K. Taylor2021-02-231-1/+1
| | | | | | | | | | | | When no test paths are specified this shows up when 'make test' is used on a PECL extension without specifying tests to run (or in php-src too, I guess...) Closes GH-6717.
* | Update php_version.h to proper version numberChristoph M. Becker2021-02-231-3/+3
| |
* | Fix #75776: Flushing streams with compression filter is brokenChristoph M. Becker2021-02-225-4/+68
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | First, the `bzip2.compress` filter has the same issue as `zlib.deflate` so we port the respective fix[1] to ext/bz2. Second, there is still an issue, if a stream with an attached compression filter is flushed before it is closed, without any writes in between. In that case, the compression is never finalized. We fix this by enforcing a `_php_stream_flush()` with the `closing` flag set in `_php_stream_free()`, whenever a write filter is attached. This call is superfluous for most write filters, but does not hurt, even when it is unnecessary. [1] <http://git.php.net/?p=php-src.git;a=commit;h=20e75329f2adb11dd231852c061926d0e4080929> Closes GH-6703.
* | Fix #80771: phpinfo(INFO_CREDITS) displays nothing in CLIChristoph M. Becker2021-02-224-2/+21
| | | | | | | | | | | | | | There is no good reason not to show the credits in text based SAPIs, except for brevity. Thus, we suppress the credits from `php -i`. Closes GH-6710.
* | Fix #80774: session_name() problem with backslashChristoph M. Becker2021-02-224-9/+33
| | | | | | | | | | | | | | | | | | | | Since we do no longer URL decode cookie names[1], we must not URL encode the session name. We need to prevent broken Set-Cookie headers, by rejecting names which contain invalid characters. [1] <http://git.php.net/?p=php-src.git;a=commit;h=6559fe912661ca5ce5f0eeeb591d928451428ed0> Closes GH-6711.
* | Fixed bug #80781Nikita Popov2021-02-225-0/+77
| | | | | | | | | | | | | | zend_find_array_dim_slow() may throw, make sure to handle this. This backports the code we already use for this on PHP-8.0, and also backports an exception check that makes this easier to catch.
* | Fix #80763: msgfmt_format() does not accept DateTime referencesChristoph M. Becker2021-02-173-0/+24
| | | | | | | | | | | | `intl_zval_to_millis()` needs to cater to references. Closes GH-6707.
* | Handle incomplete result set metadata more gracefullyNikita Popov2021-02-162-2/+6
| | | | | | | | | | | | | | | | Rather than segfaulting because sname is missing lateron, report a FAIL here. As this indicates a server bug, the errors is reported as an out of band warning, rather than a client error. This fixes the PHP side of bug #80713.
* | Fixed datesDerick Rethans2021-02-161-2/+2
| |
* | PHP-7.4 is now 7.4.17-devDerick Rethans2021-02-162-2/+5
| |
* | Suppress OpenSSL error on missing optional configNikita Popov2021-02-162-27/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | openssl_pkey_new() fetches various options from the config file -- most of these are optional, and not specifying them is not an error condition from the perspective of the user. Unfortunately, the CONF_get_string() API pushes an error when accessing a key that doesn't exist (_CONF_get_string does not, but that is presumably a private API). This commit adds a helper php_openssl_conf_get_string() that automatically clears the error in this case. I've found that OpenSSL occasionally does the same thing internally: https://github.com/openssl/openssl/blob/22040fb790c854cefb04bed98ed38ea6357daf83/apps/req.c#L515-L517 Closes GH-6699.
* | Fixed bug #80747Nikita Popov2021-02-153-0/+25
| | | | | | | | If RSA key generation fails, actually report that failure.
* | Fix symtable cache being used while cleaning symtableNikita Popov2021-02-152-3/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | We need to first clean the symtable and then check whether a cache slot is available for it. Otherwise, it may happen that a destructor runs while cleaning the table and uses up all the remaining slots in the cache. This is particularly insidious because once we overflow the cache, the first pointer we modify is symtable_cache_ptr, making it hard to understand what happened after the fact. Fixes oss-fuzz #30815.
* | Fix #78680: mysqlnd pam plugin missing terminating nullDaniel Black2021-02-153-7/+55
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The PAM service requires the terminating null to be part of the communication. Tested with MariaDB-10.4(pam) and Percona Server 5.7.32(auth_pam_compat). Also changed MySQL Enterprise test to the server side plugin, authentication_pam as opposed to the client plugin mysql_clear_password. Add additional check for pamtest user and pam service file as all are required for the test. More importantly, test result should actually succeed. Thanks Geoff Montee for bug report. Closes GH-78680.
* | Fix leak when breaking out of FilesystemIteratorNikita Popov2021-02-152-19/+15
| | | | | | | | | | | | | | | | We need to always destroy current, not just when iter.data is not set. Take this opportunity to clean up the iterator destructor code a bit, to remove redundant checks and incorrect comments.
* | Fixed bug #80719Nikita Popov2021-02-115-8/+27
| |
* | Avoid C4090 level 1 warningChristoph M. Becker2021-02-081-1/+1
| | | | | | | | This breaks the build for PHP 8 by default.
* | Fix locale dependent parsing of PostgreSQL version numberChristoph M. Becker2021-02-081-6/+9
| | | | | | | | | | | | | | | | | | Version numbers are not supposed to be localized, so we must not apply locale dependent parsing with `atof()`. Using `php_version_compare()` might even be better. Closes GH-6668.
* | Fix #80706: mail(): Headers after Bcc headers may be ignoredChristoph M. Becker2021-02-083-1/+80
| | | | | | | | | | | | | | | | We need to handle the case where a CRLF after a Bcc header is not the beginning of a folding marker, because in that case the Bcc header was not the last "thing". Closes GH-6666.
* | Use ST_Y() instead of the deprecated/removed Y() in testChristoph M. Becker2021-02-051-2/+2
| |
* | Fix #74779: x() and y() truncating floats to integersChristoph M. Becker2021-02-053-1/+46
| | | | | | | | | | | | | | | | We must not use the locale dependent `atof()`, but instead use the (hopefully) locale independent `zend_strtod()`, when converting string representations of floating point numbers which are sent by the server. Closes GH-6665.
* | Try SIGTERM before SIGKILL in opcache restartNikita Popov2021-02-041-2/+5
| | | | | | | | | | | | | | SIGTERM is subject to HANDLE_BLOCK_INTERRUPTIONS(), which will allow code to exit critical sections before it gets terminated. Closes GH-6493.
* | [ci skip] Merge branch 'PHP-7.3' into PHP-7.4Christoph M. Becker2021-02-030-0/+0
|\ \ | |/ | | | | | | * PHP-7.3: Fix newly introduced compiler warning
| * Fix newly introduced compiler warningNikita Popov2021-02-031-1/+1
| | | | | | | | (cherry picked from commit ab8177de2c89672e63a7a1ccef4df8f7bf34fbd2)
* | Fix #53467: Phar cannot compress large archivesChristoph M. Becker2021-02-032-17/+42
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When Phars are flushed, a new temporary file is created for each entry which should be compressed, and the `compressed_filesize` is retrieved. Afterwards, the Phar manifest is written, and only after that the files are copied to the actual Phar. So for each such entry there is an open temp file, what easily exceeds the limit. Therefore, we use a single temporary file for all entries, and store the start offset in the otherwise unused `header_offset` member. We ensure that the `cfp` members are properly set to NULL even if flushing fails, to avoid use after free scenarios. This solution is based on a suggestion by @lserni[1]. Closes GH-6643. [1] <https://github.com/box-project/box2/issues/80#issuecomment-77147371>
* | [ci skip] Merge branch 'PHP-7.3' into PHP-7.4Christoph M. Becker2021-02-020-0/+0
|\ \ | |/ | | | | | | * PHP-7.3: 7.3.28 is next
View Lorry Controller Status