summaryrefslogtreecommitdiff
path: root/sapi
Commit message (Collapse)AuthorAgeFilesLines
* Fix CLI server worker supportNikita Popov2021-02-041-59/+47
| | | | | | | | | | | | | If we create separate listening sockets in each worker using SO_REUSEADDR, then an incoming connection may be load-balanced to a process that is already busy, either due to a long-running request, or because it is a recursive request (in which case we would deadlock). Instead, only create one listening socket, and only create worker forks afterwards. This way the incoming request will be served by one of the workers that is currently listening for an incoming connection.
* Merge branch 'PHP-7.4' into PHP-8.0Nikita Popov2021-02-023-3/+3
|\ | | | | | | | | * PHP-7.4: Update year to 2021
| * Update year to 2021Peter Kokot2021-02-023-3/+3
| | | | | | | | Closes GH-6636.
| * Revert "Fix #76813: Access violation near NULL on source operand"Christoph M. Becker2021-01-113-21/+3
| | | | | | | | | | This reverts commit 5e15c9c41f8318a8392c2e2c78544f218736549c, since re2c default rules are only available as of re2c 0.13.7.
* | Revert fix for bug 76813 and re2c version bumpChristoph M. Becker2021-01-113-21/+3
| | | | | | | | | | | | | | | | | | | | | | CentOS 7 ships with re2c 0.13.5 by default, so we should not have bumped the required re2c version to 0.13.7. However, 0.13.5 does not support default rules, so we cannot use them to fix bug 76813. This reverts commit 420184ad529443182c9a348a55b1c9216005c613 and 5e15c9c41f8318a8392c2e2c78544f218736549c. Closes GH-6593.
* | Merge branch 'PHP-7.4' into PHP-8.0Jakub Zelenka2020-12-134-6/+80
|\ \ | |/
| * Fix bug #69625: FPM returns 200 status on request without SCRIPT_FILENAMEJakub Zelenka2020-12-134-6/+80
| |
* | Drop all JIT related XFAILS from phpdbg test suiteChristoph M. Becker2020-11-3019-93/+0
| | | | | | | | phpdbg now disables JIT, so these cause XFAIL warnings.
* | Add additional entries to unserialize corpusNikita Popov2020-11-303-0/+3
| | | | | | | | These are useful to seed typed property fuzzing.
* | Merge branch 'PHP-7.4' into PHP-8.0Christoph M. Becker2020-11-303-3/+21
|\ \ | |/ | | | | | | * PHP-7.4: Fix #76813: Access violation near NULL on source operand
| * Fix #76813: Access violation near NULL on source operandChristoph M. Becker2020-11-303-3/+21
| | | | | | | | | | | | | | | | | | | | We avoid `YYCURSOR` becoming `NULL` by initializing `YYMARKER`, and add a default rule for `<NORMAL>` where we catch unexpected input. We also fix the only superficially related issue regarding empty input followed by `T_SEPARATOR` and command, which caused another segfault. Closes GH-6464.
* | Require stubs to declare return types for magic methods when possibleMáté Kocsis2020-10-231-1/+2
| | | | | | | | Closes GH-6376
* | Add test for zend_extension loadingNikita Popov2020-10-211-0/+65
| | | | | | | | Closes GH-6363.
* | Revert "Fix bug #64865: Use CONTEXT_DOCUMENT_ROOT for scanning dir tree"Nikita Popov2020-10-192-9/+3
| | | | | | | | | | | | | | This reverts commit 98bfad738ad2734dfba5733323f7ba733daf3ec3. This doesn't work well in some setups, see bug #80113 and GH-5051. Reverting this for now.
* | Update to mime-db 1.45Nikita Popov2020-10-092-3/+10
| |
* | Review parameter names in ext/pcreMáté Kocsis2020-10-021-10/+10
| | | | | | | | Closes GH-6259
* | Update ext/standard parameter namesNikita Popov2020-09-291-2/+2
| | | | | | | | Closes GH-6214.
* | Improve default value handling of Exception constructorsMáté Kocsis2020-09-211-2/+2
| | | | | | | | Closes GH-6166
* | Consolidate the usage of "either" and "one of" in error messagesMáté Kocsis2020-09-201-1/+1
| | | | | | | | Closes GH-6173
* | Fix UNKNOWN default value of apache_note()Máté Kocsis2020-09-193-4/+4
| | | | | | | | Closes GH-6167
* | Run tidyNikita Popov2020-09-1825-40/+40
| | | | | | | | | | This should fix most of the remaining issues with tabs and spaces being mixed in tests.
* | Remove support for EXT_NOPNikita Popov2020-09-181-1/+2
| | | | | | | | | | | | This is an annoying edge case that regularly gets broken. As we're not aware of significant users of this API, and there are other ways to hook this, remove support for EXT_NOP.
* | Support ephemeral ports in debug serverSara Golemon2020-09-171-35/+65
| |
* | Add missing param type to pcre reflection testMáté Kocsis2020-09-151-1/+1
| |
* | Fix mbstring fuzzerNikita Popov2020-09-111-1/+3
| | | | | | | | | | mb_ereg can throw now, so we need a dummy frame and need to free the exception afterwards.
* | Simplify error type filtertwosee2020-09-102-37/+24
| | | | | | | | Closes GH-6049.
* | Adjust assignment line number for matchIlija Tovilo2020-09-084-0/+128
| | | | | | | | | | | | | | | | Otherwise the assignment will have the same number as the default arm which will 1. mis-trigger a breakpoint and 2. mark the line as covered even when it isn't. Closes GH-6083
* | Reduce input size limit in execute fuzzerNikita Popov2020-09-072-2/+2
| | | | | | | | | | We only have 4 Zend test cases > 8k. Large inputs tend to just make things slower.
* | Avoid large eval inputs in fuzzerNikita Popov2020-09-071-2/+17
| | | | | | | | | | | | While we limit the size of the main compilation input, the size of eval inputs was not limited. This could result in stack overflows, e.g. oss-fuzz #25464.
* | Accept zend_string instead of zval in zend_compile_stringNikita Popov2020-09-074-22/+11
| |
* | Disable InfiniteIterator class while fuzzingNikita Popov2020-09-041-0/+2
| | | | | | | | | | The combination of LimitIterator and InfiniteIterator can cause effectively infinite loops that bypass the executor step limit.
* | Extend function blacklist in execute fuzzerNikita Popov2020-09-021-1/+3
| | | | | | | | Add pfsockopen and stream_socket_server.
* | Support cli_server.color on WindowsChristoph M. Becker2020-08-281-2/+10
| | | | | | | | | | | | | | On Windows, we have to check whether stdout is attached to a console, and whether that console supports VT100 control codes. Closes GH-5996
* | Fix execute fuzzer on i386Nikita Popov2020-08-281-1/+5
| | | | | | | | Opcode handlers use the FASTCALL calling convention...
* | Rehash function table after disabling functionsNikita Popov2020-08-281-3/+1
| | | | | | | | | | | | | | | | | | | | | | | | To perform fast shutdown without full table cleanup we need all internal functions to be in one continuous chunk. This was violated when functions were deleted via disable_functions. This drops the zend_disable_function() API in favor of zend_disable_functions(), which disables the given list of functions and performs the necessary rehash afterwards. Also drop PG(disabled_functions), which is no longer used.
* | Fix typoNikita Popov2020-08-271-1/+1
| | | | | | | | This was supposed to include the header, not the C file...
* | Generate execute corpus in generate_all.phpNikita Popov2020-08-273-1/+5
| | | | | | | | And add crypt() to the function blacklist, it can be very slow.
* | Add experimental "execute" fuzzerNikita Popov2020-08-277-58/+160
| | | | | | | | | | | | | | This is an end-to-end fuzzer that executes arbitrary PHP code. We replace the executor with a finite-step executor to avoid getting stuck in loops or recursion.
* | sapi/fpm/config.m4: check for libapparmor's aa_change_profile()Kees Cook2020-08-241-1/+1
| | | | | | | | | | | | | | | | The fpm code actually uses aa_change_profile(), not change_hat(). Test for the correct function. (libapparmor always has both, so this is just a correctness fix.) Closes GH-6037.
* | ensure installed ini don't interfereRemi Collet2020-08-211-1/+1
| |
* | Switch to mime-db as source of extension => MIME mapNikita Popov2020-08-132-28/+210
| | | | | | | | | | | | | | | | | | | | | | | | The Apache MIME type map is not actively maintained anymore, so this switches to jshttp/mime-db, which seems to be the de-facto standard in this area now. This avoid the need to patch in our own MIME types over time. The preference algorithm is based on: https://github.com/jshttp/mime-types/blob/47b62ac45e9b176a2af35532d0eea4968bb9eb6d/index.js#L154 Closes GH-5764.
* | Small CS fixNyholm2020-08-121-6/+12
| | | | | | | | | | | | | | The comments were incorrectly aligned. Fix this by dropping the alignment and moving the comments before the declarations. Closes GH-5975.
* | Disable report_zend_debug by defaultNikita Popov2020-08-123-14/+1
| | | | | | | | | | | | We might just want to drop this completely, but at least don't enable it by default. It already gets disabled by a number of SAPIs, but we should make that the default state.
* | Merge branch 'PHP-7.4'George Wang2020-08-101-1/+2
|\ \ | |/
| * Merge branch 'PHP-7.3' into PHP-7.4George Wang2020-08-101-1/+2
| |\
| | * Make sure string is NUL byte terminated.George Wang2020-08-101-1/+2
| | |
* | | Fixed bug #62294Nikita Popov2020-08-103-1/+17
| | | | | | | | | | | | | | | | | | | | | The primary issue was already resolved in 7c3e487289ec41e560cf7a77e36eb43da2234f33, but the particular example used in this bug report ran into an additional issue on PHP 8, because I forgot to drop a number of zend_bailout calls when switch require failure to throw.
* | | Fixed bug #65275Nikita Popov2020-08-103-25/+35
| | | | | | | | | | | | | | | | | | Make EG(exit_status) the single source of truth for the exit status, instead of having two variables that we cannot really keep synchronized.
* | | Fixed bug #79948Nikita Popov2020-08-101-6/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make sure we don't execute further scripts if one of them encountered an exit exception. Also make sure that we free file handles that end up unused due to an early abort in php_execute_scripts(), which turned up as an issue in the added test case. Finally, make use of EG(exit_status) in the places where we zend_eval_string_ex, instead of unconditionally assigning exit code 254. If an error occurs, the error handler will already set exit status 255.
* | | Fixed bug #77561Nikita Popov2020-08-102-0/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | Unconditionally strip shebang lines when using the CLI SAPI, independently of whether they occur in the primary or non-primary script. It's unlikely that someone intentionally wants to print that shebang line when including a script, and this regularly causes issues when scripts are used in multiple contexts, e.g. for direct invocation and as a phar bootstrap.
View Lorry Controller Status