This macro is a footgun because it creates an uninitialized array
(only an allocation). This macro is no longer used in php-src,
and we have better alternatives like array_init() or
ZVAL_ARR(arr, zend_new_array(size_hint)).
* Prevents some unnecessary strlen() computation
* Use interned "NULL"
* Certain PGSQL_API functions now accept zend_string* instead of char*
Closes GH-6792
Instead of requiring the type to be determined in advance by the
describer function and then requiring get_col to return a buffer
of appropriate type, allow get_col to return an arbitrary zval.
See UPGRADING.INTERNALS for a more detailed description of the
change.
This makes the result fetching simpler, more efficient and more
flexible. The general possibility already existed via the special
PDO_PARAM_ZVAL type, but the usage was very inconvenient and/or
inefficient. Now it's possible to easily implement behavior like
"return int if it fits, otherwise string" and to avoid any kind
of complex management of temporary buffers.
This also fixes bug #40913 (our second highest voted bug of all
time, for some reason). PARAM_LOB result bindings will now
consistently return a stream resource, independently of the used
database driver.
I've tried my best to update all PDO drivers for this change, but
some of the changes may be broken, as I cannot test or even build
some of these drivers (in particular PDO dblib and PDO oci).
Fixes are appreciated -- a working CI setup would be even more
appreciated ;)
Currently compiler flags passed by extensions using the standard
``PHP_NEW_EXTENSION`` and ``PHP_ADD_SOURCES`` m4 macros are prepended
before the ones defined by ``Zend/Zend.m4``.
This was not really an issue before as ``Zend.m4`` only included
``-Wall`` but since the addition of ``-Wextra`` various issue about
disabling flags have been brought up.
A preliminary attempt was done in commit 5c1cf7669b
but this turns out to be more or less irrelevant.
The root issue is that ``PHP_NEW_EXTENSION`` and ``PHP_ADD_SOURCES`` call the
``PHP_ADD_SOURCES_X`` macro and pass their flags as the 3rd argument which prepends
the flags. There exists a 6th argument for this macro which appends them but from a
cursory look at https://heap.space/search?full=PHP_ADD_SOURCES_X&project=php-src
this is not used. Moreover, the comment describing this macro explicitly informs
that this macro should not be used directly.
As such we drop the 6th argument of ``PHP_ADD_SOURCES_X`` and move the `special-flags`
argument to be appended instead of prepended.
Closes GH-6204
Checking the linker compatibility with extranous `ImageLoad()` calls is
possible, but unnecessary, since the modules are either already loaded
or loaded shortly afterwards, so that we can get the required
information directly from the module handles. And actually, doing
`ImageLoad()` as well as `LoadLibrary()` leaves a tiny room for a race
condition, because both functions will lookup the module in the search
path, so there is no *guarantee* that both are dealing with the same
module. Dropping the `ImageLoad()` calls also has the advantage to no
longer face the issue reported in bug #79557. A very minor additional
advantage is that we no longer have to link against Imagehlp.dll.
Furthermore, there is no need to check for CRT compatibility multiple
times, so we can simplify the signature of `php_win32_crt_compatible`,
and at the same time clean up main.c a bit.
These changes require to change the signature of the exported
`php_win32_image_compatible` and `php_win32_crt_compatible` functions,
which now expect a `HMODULE` and nothing, respectively, instead of the
module name.
The `zend_system_id` is a (true global) system ID that fingerprints a process state. When extensions add engine hooks during MINIT/startup, entropy is added the system ID for each hook. This allows extensions to identify that changes have been made to the engine since the last PHP process restart.
Closes GH-5871
This is an annoying edge case that regularly gets broken. As we're
not aware of significant users of this API, and there are other
ways to hook this, remove support for EXT_NOP.
Voidification of Zend API which always succeeded
Use bool argument types instead of int for boolean arguments
Use bool return type for functions which return true/false (1/0)
Use zend_result return type for functions which return SUCCESS/FAILURE as they don't follow normal boolean semantics
Closes GH-6002
Userland classes that implement Traversable must do so either
through Iterator or IteratorAggregate. The same requirement does
not exist for internal classes: They can implement the internal
get_iterator mechanism, without exposing either the Iterator or
IteratorAggregate APIs. This makes them usable in get_iterator(),
but incompatible with any Iterator based APIs.
A lot of internal classes do this, because exposing the userland
APIs is simply a lot of work. This patch alleviates this issue by
providing a generic InternalIterator class, which acts as an
adapater between get_iterator and Iterator, and can be easily
used by many internal classes. At the same time, we extend the
requirement that Traversable implies Iterator or IteratorAggregate
to internal classes as well.
Closes GH-5216.
Formerly, this had to be enabled by passing the configuration flag
`--enable-crt-debug`; now it can be enabled by setting the environment
variable `PHP_WIN32_DEBUG_HEAP`. The advantage is that it is no longer
necessary to do separate builds, at the cost of a very minor
performance penalty during process startup.
Avoid subtle differences in behavior depending on whether the
handler is absent or returns FAILURE.
If you previously set cast_object to NULL, create a handler that
always returns FAILURE instead.
This helps to avoid unnecessary IS_REFERENCE checks.
This changes some notices "Only variables should be passed by reference" to exception "Cannot pass parameter %d by reference".
Also, for consistency, compile-time fatal error "Only variables can be passed by reference" was converted to exception "Cannot pass parameter %d by reference"
This mimicks the changes made to the custom snprintf implementation
by removing the custom 'v' format and custom 'I' length modifier
from the spprintf implementation.
Closes GH-5108
To avoid duplicate type checks. In debug builds arginfo is still
checked and will generate an assertions if the function doesn't
subsequently throw an exception.
Some test results change due to differences in zpp and arginfo
error messages.
Now that set() is gone, there is little point in keeping get(), as
it is essentially just a different way of writing cast_object()
now.
Closes GH-4202.
RFC: https://wiki.php.net/rfc/typed_properties_v2
This is a squash of PR #3734, which is a squash of PR #3313.
Co-authored-by: Bob Weinand <bobwei9@hotmail.com>
Co-authored-by: Joe Watkins <krakjoe@php.net>
Co-authored-by: Dmitry Stogov <dmitry@zend.com>
Albeit CSV is still a widespread data exchange format, it has never been
officially standardized. There exists, however, the “informational” RFC
4180[1] which has no notion of escape characters, but rather defines
`escaped` as strings enclosed in double-quotes where contained
double-quotes have to be doubled. While this concept is supported by
PHP's implementation (`$enclosure`), the `$escape` sometimes interferes,
so that `fgetcsv()` is unable to correctly parse externally generated
CSV, and `fputcsv()` is sometimes generating non-compliant CSV. Since
PHP's `$escape` concept is availble for many years, we cannot drop it
for BC reasons (even though many consider it as bug). Instead we allow
to pass an empty string as `$escape` parameter to the respective
functions, which results in ignoring/omitting any escaping, and as such
is more inline with RFC 4180. It is noteworthy that this is almost no
userland BC break, since formerly most functions did not accept an empty
string, and failed in this case. The only exception was `str_getcsv()`
which did accept an empty string, and used a backslash as escape
character then (which appears to be unintended behavior, anyway).
The changed functions are `fputcsv()`, `fgetcsv()` and `str_getcsv()`,
and also the `::setCsvControl()`, `::getCsvControl()`, `::fputcsv()`,
and `::fgetcsv()` methods of `SplFileObject`.
The implementation also changes the type of the escape parameter of the
PHP_APIs `php_fgetcsv()` and `php_fputcsv()` from `char` to `int`, where
`PHP_CSV_NO_ESCAPE` means to ignore/omit escaping. The parameter
accepts the same values as `isalpha()` and friends, i.e. “the value of
which shall be representable as an `unsigned char` or shall equal the
value of the macro `EOF`. If the argument has any other value, the
behavior is undefined.” This is a subtle BC break, since the character
`chr(128)` has the value `-1` if `char` is signed, and so likely would
be confused with `EOF` when converted to `int`. We consider this BC
break to be acceptable, since it's rather unlikely that anybody uses
`chr(128)` as escape character, and it easily can be fixed by casting
all `escape` arguments to `unsigned char`.
This patch implements the feature requests 38301[2] and 51496[3].
[1] <https://tools.ietf.org/html/rfc4180>
[2] <https://bugs.php.net/bug.php?id=38301>
[3] <https://bugs.php.net/bug.php?id=51496>
Autoconf 2.59d (released in 2006) [1] started promoting several macros
as not relevant for newer systems, including the AC_FUNC_UTIME_NULL.
This macro checks if `utime(file, NULL)` sets file's timestamp to the
current time and defines the `HAVE_UTIME_NULL` symbol. This check was
relevant on very old systems (for example, 4.3BSD released in 1986) and
today can be omitted for systems with utime since it should be well
supported by now. [2]
Refs:
[1] http://git.savannah.gnu.org/cgit/autoconf.git/tree/NEWS
[2] https://www.gnu.org/software/autoconf/manual/autoconf-2.69/autoconf.html
Autoconf 2.59d (released in 2006) 1 started promoting several macros
as not relevant for newer systems anymore, including the AC_FUNC_VPRINTF.
This macro checks for presence of the vprint function otherwise checks
for presence of the _doprnt function. This check was relevant on very
old systems and today can be omitted since it should be well supported
by now. [2]
Also PHP doesn't use the HAVE_VPRINTF or HAVE_DOPRNT symbols.
Refs:
[1] http://git.savannah.gnu.org/cgit/autoconf.git/tree/NEWS
[2] https://www.gnu.org/software/autoconf/manual/autoconf-2.69/autoconf.html
The AC_ARG_PROGRAM Autoconf macro provides program name transformations
when installing. This patch implements #64517 and prepares the
implementation for the request #60518.
In ./configure --help it additionally outputs --program-prefix=PREFIX,
--program-suffix=SUFFIX and the upcoming --program-transform-name=PROGRAM
option.
Macro AC_ARG_PROGRAM is available since Autoconf 2.0 and needs to be
called after the AC_CANONICAL_TARGET macro.
Refs:
- https://www.gnu.org/software/autoconf/manual/autoconf-2.69/html_node/Transforming-Names.html
These macros are supposed to behave like POSIX's symlink() and link(),
respectively, on POSIX compliant systems and on Windows.
Future scope: merge link.c and link_win32.c
convert_scalar_to_number() will now call cast_object() with an
_IS_NUMBER argument, in which case the cast handler should return
either an integer or floating point number, whichever is more
appropriate.
Previously convert_scalar_to_number() unconditionally converted
objects to integers instead.
Fixes bug #53033.
Fixes bug #54973.
Fixes bug #73108.
The behavior of RANGE_RANGE() is 7.1 changed completely, from
rescaling an already generated number to generating a number
itself. Because of this str_shuffle() ended up generating two
random numbers on every iteration.
To avoid further misuse the function is dropped entirely. Extensions
for PHP >= 7.1 should directly call php_mt_rand_range().
zend_get_parameters_ex() has been marked as deprecated for a long
time already. What zend_get_paramers() does is even more
questionable under PHP7. Both functions are obsoleted by the ZPP
mechanism, so I'm dropping them.
Primarily related to the path handling datatypes, to avoid unnecessary
casts, where possible. Also some rework to avoid code dup. Probably
more places are to go, even not path related, primarily to have less
casts and unsigned integers where possible. That way, we've not only
less warnings and casts, but are also safer with regard to the
integer overflows. OFC it's not a panacea, but still significantly
reduces the vulnerability potential.
The core implementation details are described in win32/nice.c for values sent to proc_nice(), these can however be discussed to maybe comply with those of wmic, Anatol, thoughts?
The test supplied uses wmic for testing the functionality, it could potentially fail on systems where either wmic is not available or the system language is not english (as Microsoft tends to translate even CLI programs).
We add a respective note to UPGRADING. Furthermore, as renaming of zend_qsort()
and the new zend_insert_sort() are irrelevant for user-land, we move this
info to UPGRADING.INTERNALS.
Previous some places passed return_value_ptr only if the function
returned by reference. Now return_value_ptr is always set, even
for functions returning by-value.
This allows you to return zvals without copying their contents. For
this purpose two new macros RETVAL_ZVAL_FAST and RETURN_ZVAL_FAST
are added:
RETVAL_ZVAL_FAST(zv); /* Analog to RETVAL_ZVAL(zv, 1, 0) */
RETURN_ZVAL_FAST(zv); /* Analog to RETURN_ZVAL(zv, 1, 0) */
These macros behave similarly to the non-FAST versions with
copy=1 and dtor=0, with the difference that the FAST versions
will try return the zval without copying by utilizing return_value_ptr.
- Added mechanism to force outer streams to be closed before their inner ones.
- Fixed temp:// streams only handling correctly (through an ad hoc mechanism) reverse closing order
when the inner stream is of type memory.
- Added to UPGRADING information about the new class Transliteral, the new
parameter in dns_get_record and the fact that call_user_func_array no longer
allows call-time pass-by-reference.
. zend_function.pass_rest_by_reference is replaced by
ZEND_ACC_PASS_REST_BY_REFERENCE in zend_function.fn_flags
. zend_function.return_reference is replaced by ZEND_ACC_RETURN_REFERENCE
in zend_function.fn_flags
. zend_arg_info.required_num_args removed. it was needed only for internal
functions. Now the first arg_info for internal function (which has special
meaning) is represented by zend_internal_function_info structure.
. zend_op_array.size, size_var, size_literal, current_brk_cont,
backpatch_count moved into CG(context), because they are used only during
compilation.
. zend_op_array.start_op is moved into EG(start_op), because it's used
only for 'interactive' execution of single top-level op-array.
. zend_op_array.done_pass_two is replaced by ZEND_ACC_DONE_PASS_TWO in
zend_op_array.fn_flags.
. op_array.vars array is trimmed (reallocated) during pass_two.
. zend_class_entry.constants_updated is replaced by
ZEND_ACC_CONSTANTS_UPDATED in zend_class_entry.ce_flags
. the size of zend_class_entry is reduced by sharing the same memory space
by different information for internal and user classes.
See zend_class_inttry.info union.
