| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
| |
One of the weirdest pieces of PHP code I've ever seen. In terms
of tokens, this gets internally translated to
use x as y; echo as my_echo;
On master it crashes because this "echo" does not have attached
identifier metadata. Make sure it is added and then reject the
use of "<?=" as an identifier inside zend_lex_tstring.
Fixes oss-fuzz #23547.
|
| |
|
|
|
|
| |
Closes GH-5736.
|
|\ |
|
| |
| |
| |
| |
| | |
We use sizeof() on ini defaults, so this isn't safe. I can't reproduce
the failures locally, but I expect this to fix the asan jobs.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In 1999, inline optimization was turned off by default. The commit log indicates this was
done because GCC was running out of memory on some hosts when building the Zend executor.
In 2003, inline optimization was re-enabled by default, but a build option was added to
turn it off if one runs out of memory when building.
Computing hardware has come a long way since 2003 and I doubt that anyone is running out
of memory when building PHP now.
Interestingly, this code set an unused variable called `INLINE_CFLAGS`. It actually
disabled inline optimization by adding -O0 to the build command, not using `INLINE_CFLAGS`.
Just to see how much memory GCC/Make are using when building PHP, I tried building with
successively higher values of `ulimit -v` until it succeeded. Interestingly, while most
of the codebase can be built with about 400MB of memory, ext/fileinfo/libmagic/apprentice.c
requires 1.2GB, doubtless because it includes ext/fileinfo/data_file.c, which is more
than 350,000 lines long. That is with GCC 7.5.0.
Most users get PHP as a binary package anyways, so the question is, are *packagers*
of PHP trying to build on machines with just 1GB RAM? And would they want to package
a PHP interpreter built with *no optimizations*? I can't imagine either being true.
|
|\ \
| |/ |
|
| |
| |
| |
| |
| | |
Installing a callback handler may cause libedit to register new
signals during the request.
|
| | |
|
| |
| |
| |
| |
| | |
For the common ZVAL_OBJ + GC_ADDREF pattern.
This mirrors the existing ZVAL_STR_COPY API.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Instead of marking unreachable code with `ZEND_ASSERT(0)`, we introduce
`ZEND_UNREACHABLE()`, so that MSVC which does not consider `assert(0)`
to mark unreachable code does no longer trigger C4715[1] warnings in
debug builds. This may be useful for other compilers as well.
[1] <https://docs.microsoft.com/de-de/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4715?view=vs-2019>
|
| |
| |
| |
| | |
check
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We should be doing this anyway to prevent stack overflow, but on
master this is important for an additional reason: The temporary
GC buffer provided for get_gc handlers may get reused if the scan
is performed recursively instead of indirected via the GC stack.
This fixes oss-fuzz #23350.
|
| |
| |
| |
| |
| | |
This avoids reading a trap representation from _Bool,
but shouldn't matter as far as behavior is concerned.
|
| | |
|
| |
| |
| |
| |
| | |
This is just plain stupid: In C, it is not permitted to add zero
to a null pointer. In C++, it is permitted.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The (void)_dummy is apparently considered a read of an uninitialized
variable. As it is a _Bool now, which has trap representations, this
is no longer considered legal and results in somewhat odd ubsan
warnings of the form:
runtime error: load of value 0, which is not a valid value for type 'zend_bool' (aka 'bool')
|
| |
| |
| |
| |
| | |
Use a bitset of valid characters instead of strspn. This is both
more efficient and more compact.
|
| |
| |
| |
| |
| |
| |
| | |
Similar to 097043db2a0d113f89bd26c6f1d7a976d83951a8, but for the
zend_call_method() API. I don't think we ever use this for
static methods, but this logic shouldn't be there. If you want
to inherit the active LSB scope for some reason, do so explicitly.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Replace EG(autoload_func) with a C level zend_autoload hook.
This avoids having to do one indirection through PHP function
calls. The need for EG(autoload_func) was a leftover from the
__autoload() implementation.
Additionally, drop special-casing of spl_autoload(), and instead
register it just like any other autoloading function. This fixes
bug #71236 as a side-effect.
Finally, change spl_autoload_functions() to always return an array.
The distinction between false and an empty array no longer makes
sense here.
Closes GH-5696.
|
| |
| |
| |
| |
| |
| |
| |
| | |
Formerly, this had to be enabled by passing the configuration flag
`--enable-crt-debug`; now it can be enabled by setting the environment
variable `PHP_WIN32_DEBUG_HEAP`. The advantage is that it is no longer
necessary to do separate builds, at the cost of a very minor
performance penalty during process startup.
|
|\ \
| |/
| |
| |
| | |
* PHP-7.4:
Partial fixed bug #79649 (Altering disable_functions from module init corrupts memory)
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
corrupts memory)
In module startup stage, we should not initiliaze
EG(modified_ini_directives) as it use zend MM, the zend MM will be
restart at the end of modules startup stage,
by say "partial", because this issue still exists if altering ZEND_USER
inis, we should add a zend_ini_deactive at the end of modules startup
stage, but it brings some new cost, and I think no one would do things
like that
|
| | |
|
| |
| |
| |
| |
| |
| | |
We regularly find new places where we forgot to reset fake_scope.
Instead of having to handle this for each caller of zend_call_function()
and similar APIs, handle it directly in zend_call_function().
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This adds the following APIs:
void zend_call_known_function(
zend_function *fn, zend_object *object, zend_class_entry *called_scope,
zval *retval_ptr, int param_count, zval *params);
void zend_call_known_instance_method(
zend_function *fn, zend_object *object, zval *retval_ptr, int param_count, zval *params);
void zend_call_known_instance_method_with_0_params(
zend_function *fn, zend_object *object, zval *retval_ptr);
void zend_call_known_instance_method_with_1_params(
zend_function *fn, zend_object *object, zval *retval_ptr, zval *param);
void zend_call_known_instance_method_with_2_params(
zend_function *fn, zend_object *object, zval *retval_ptr, zval *param1, zval *param2);
These are used to perform a call if you already have the
zend_function you want to call. zend_call_known_function()
is the base API, the rest are just really thin wrappers around
it for the common case of instance method calls.
Closes GH-5692.
|
|\ \
| |/
| |
| |
| | |
* PHP-7.4:
Fixed bug #79683
|
| |
| |
| |
| |
| |
| |
| | |
Reset fake_scope during __toString() call.
I'll check if we can solve this more globally in master, by
resetting fake_scope in zend_call_function.
|
| |
| |
| |
| | |
Closes GH-5624
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
Don't treat the !fn_proxy && !obj_ce case differently. There doesn't
seem to be any need for it, and it will result in subtly different
behavior (e.g. it will accept "Foo::bar" syntax, but break as soon
as you pass in an fn_proxy cache).
|
| |
| |
| |
| | |
Closes GH-5688
|
| |
| |
| |
| | |
Closes GH-5687
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add ZVAL_CHAR/RETVAL_CHAR/RETURN_CHAR as a shortcut for using
ZVAL_INTERNED_STRING and ZSTR_CHAR.
Add zend_string_init_fast() as a helper for the empty string /
one char interned string / zend_string_init() pattern.
Also add corresponding ZVAL_STRINGL_FAST etc macros.
Closes GH-5684.
|
| |
| |
| |
| |
| |
| | |
Attributes require a static class name...
This fixes https://oss-fuzz.com/testcase-detail/6267052359942144.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is a bit tricky: In this cases we have "namespace as", which
means that we will only recognize "namespace" as an identifier when
the lookahead token is already at the "as". This means that
zend_lex_tstring picks up the wrong identifier.
We solve this by actually assigning the identifier as the semantic
value on the parser stack -- as in almost all cases we will not
actually need the identifier, this is just an (offset, size)
reference, not a copy of the string.
Additionally, we need to teach the lexer feedback mechanism used
by tokenizer TOKEN_PARSE mode to apply feedback to something
other than the very last token. To that purpose we pass through
the token text and check the tokens in reverse order to find the
right one.
Closes GH-5668.
|
|\ \
| |/
| |
| |
| | |
* PHP-7.4:
Fixed bug #79657
|
| |
| |
| |
| |
| | |
Throwing an exception should count as an initialization for this
purpose.
|
| |
| |
| |
| | |
Closes GH-5676.
|
| |
| |
| |
| | |
Close GH-5675.
|
| |
| |
| |
| | |
Closes GH-5673.
|
| |
| |
| |
| | |
Fixes OSS-Fuzz #23140.
|
| |
| |
| |
| |
| |
| | |
This also fixes a SegFault
Closes GH-5670
|
| |
| |
| |
| | |
Closes GH-5666
|
| |
| |
| |
| |
| |
| | |
RFC: https://wiki.php.net/rfc/constructor_promotion
Closes GH-5291.
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We fix (hopefully) all instances of:
* <https://docs.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4005>
* <https://docs.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4024>
* <https://docs.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4028>
* <https://docs.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4047>
* <https://docs.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4087>
* <https://docs.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4090>
* <https://docs.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4273>
* <https://docs.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4312>
`zend_llist_add_element()` and `zend_llist_prepend_element()` now
explicitly expect a *const* pointer.
We use the macro `ZEND_VOIDP()` instead of a `(void*)` cast to suppress
C4090; this should prevent accidential removal of the cast by
clarifying the intention, and makes it easier to remove the casts if
the issue[1] will be resolved sometime.
[1] <https://developercommunity.visualstudio.com/content/problem/390711/c-compiler-incorrect-propagation-of-const-qualifie.html>
|
| | |
|
| |
| |
| |
| |
| | |
Also add zend_hash_release() API to complement zend_array_release(),
because the latter is specific to non-persistent zval arrays.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This makes the zend_error_cb API simpler, and avoid formatting
the same message in multiple places.
It should be noted that the passed zend_string is always
non-persistent, so if you want to store it persistently somewhere,
you may still need to duplicate it.
The last_error_message is cleared a bit more aggressive, to make
sure it doesn't hang around across allocator life-cycles.
Closes GH-5639.
|