| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
To solve this, we properly calculate the required string length upfront
instead of allocating an oversized string (`len * 4 + 4`).
|
| |
|
|
| |
We make sure that negative values are properly compared.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Unfortunately, some Webservers (e.g. IIS) do not implement the (F)CGI
specifications correctly wrt. chunked uploads (i.e. Transfer-encoding:
chunked), but instead pass -1 as CONTENT_LENGTH to the CGI
application. However, our (F)CFI SAPIs (i.e. cgi and cgi-fcgi) do not
support this.
Therefore we try to retrieve the stream size in advance and pass it to
`curl_mime_data_cb()` to prevent libcurl from doing chunked uploads.
This is basically the same approach that `curl_mime_filedata()`
implements, except that we are keeping already opened streams open for
the `read_cb()`.
|
| |
|
|
| |
We implement that on top of Cryptography API: Next Generation (CNG).
|
| | |
|
| |\
| |
| |
| |
| | |
* PHP-7.3:
Update libmagic.patch
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Some commits missed to update the patch file, so we're catching up on
this.
To generally make this easier, we back-port generate_patch.sh from
PHP-7.4, where we now also generate magic.h from magic.h.in.
|
| |\ \
| |/
| |
| |
| | |
* PHP-7.3:
Fix #79333: com_print_typeinfo() leaks memory
|
| | |
| |
| |
| |
| |
| |
| |
| | |
We have to free the `ansiname`s, regardless of whether they have been
put into the hashtable or not.
Since bug79299.phpt already shows the leak when run with a leak
checker, there is no need for another regression test.
|
| |\ \
| |/
| |
| |
| | |
* PHP-7.3:
Fix #79332: php_istreams are never freed
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Releasing the `com_dotnet_istream_wrapper` in `istream_destructor()` is
pointless, since `istream_destructor()` is only called when the
resource is going to be released. This recursion is not a real issue,
though, since the resource is never exposed to userland, and has at
most refcount 1, so due to well defined unsigned integer underflow, it
never is released twice. However, returning early in this case causes
a memory leak which needs to be fixed.
|
| |\ \
| |/
| |
| |
| | |
* PHP-7.3:
Fixed bug #79062
|
| | |
| |
| |
| | |
Back up the doc comment when performing heredoc scanahead.
|
| |\ \
| |/
| |
| |
| | |
* PHP-7.3:
Fix #79311: enchant_dict_suggest() fails on big endian architecture
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
For obvious reasons, we must not assign a `size_t` value to an `int`
variable using memcpy(). However, there is actually no need for the
intermediate `n_sugg_st` here, if we use the proper types in the first
place.
A regression test is not necessary, because dict_suggest.phpt already
exhibits the erroneous behavior on big endian architectures.
|
| | | |
|
| | | |
|
| | | |
|
| |\ \
| |/
| |
| |
| | |
* PHP-7.3:
Fix #79315 ZipArchive::addFile doesn't honor start/length parameters
|
| | | |
|
| | | |
|
| |\ \
| |/
| |
| |
| | |
* PHP-7.3:
Fixed incorrect overflow detection
|
| | | |
|
| |\ \
| |/
| |
| |
| | |
* PHP-7.3:
Fix #64032: mysqli reports different client_version
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
While `mysqli_get_client_version()` calls `mysql_get_client_version()`
to retrieve the client version, `mysql::$client_version` is initialized
to `MYSQL_VERSION_ID`. Both should match though, and since the former
is the more useful information, we fix `mysql::$client_version`.
We do not add a regression test, because it would usually succeed
anyway, and we already have several tests with respective `assert()`s.
|
| | |
| |
| |
| |
| | |
If argon2i is provided by libargon, then argon2id may not be
available here.
|
| |\ \
| |/
| |
| |
| | |
* PHP-7.3:
Don't treat any WS as start of header
|
| | |
| |
| |
| |
| | |
Check that the header occurs after \n, not other whitespace
characters.
|
| |\ \
| |/
| |
| |
| | |
* PHP-7.3:
Reduce code duplication in HTTP header checks
|
| | | |
|
| |\ \
| |/
| |
| |
| | |
* PHP-7.3:
Fixes #79265: Improper injection of Host header when using fopen for http requests
|
| | |
| |
| |
| |
| |
| |
| | |
requests
Check all occurrences of the string "host:" (and other headers),
not just the first one.
|
| |\ \
| |/
| |
| |
| | |
* PHP-7.3:
Fix #79299: com_print_typeinfo prints duplicate variables
|
| | |
| |
| |
| |
| |
| |
| | |
`lastid` has to retain its value during the traversal, so we move it to
an outer scope.
Patch contributed by Litiano Moura.
|
| |\ \
| |/
| |
| |
| | |
* PHP-7.3:
Fix #79294: ::columnType() may fail after SQLite3Stmt::reset()
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The fix for feature request #53466 did not properly handle resetting of
the corresponding statement; the problem with this is that the
statement does not know about its result sets. But even if we could
fix this, the `complete` handling still appears to be brittle, since
the `sqlite3_column_type()`docs[1] state:
| If the SQL statement does not currently point to a valid row, or if
| the column index is out of range, the result is undefined.
Fortunately, we can use `sqlite3_data_count()` instead, since[2]:
| If prepared statement P does not have results ready to return (via
| calls to the sqlite3_column() family of interfaces) then
| sqlite3_data_count(P) returns 0.
Thus, we guard `SQLite3::columnType()` with `sqlite3_data_count()`, and
completely drop updating the `php_sqlite3_result_object.complete`
field, but keep it for ABI BC purposes.
[1] <https://www.sqlite.org/c3ref/column_blob.html>
[2] <https://www.sqlite.org/c3ref/data_count.html>
|
| |\ \
| |/
| |
| |
| | |
* PHP-7.3:
Add test for bug #78569
|
| | | |
|
| | |
| |
| |
| |
| | |
We use alloca instead of VLA. This should also allow building
this code on Windows.
|
| |\ \
| |/
| |
| |
| | |
* PHP-7.3:
Fix #79038: PDOStatement::nextRowset() leaks column values
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Firstly, we must not rely on `stmt->column_count` when freeing the
driver specific column values, but rather store the column count in
the driver data. Since the column count is a `short`, 16 bit are
sufficient, so we can store it in reserved bits of `pdo_odbc_stmt`.
Furthermore, we must not allocate new column value storage when the
statement is not executed, but rather when the column value storage has
not been allocated.
Finally, we have to introduce a driver specific `cursor_closer` to
avoid that `::closeCursor()` calls `odbc_stmt_next_rowset()` which then
frees the column value storage, because it may be still needed for
bound columns.
|
| | |
| |
| |
| | |
We must not access memory outside of the allocated buffer.
|
| | |
| |
| |
| | |
all-access permissions
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The primary motivation to have each test worker running its own console
is to allow the windows_mb_path tests to run in parallel. A nice side
effect is that this also prevents changing the code page of the
tester's console window (which can even cause its font to be changed).
To be able to do so, we introduce the `create_new_console` option for
`proc_open()`, which might occasionally be useful for other purposes
than testing.
|
| | | |
|
