According to the WBMP specification[1], the first field (type) of a
WBMP is a multi-byte integer, but only type `0` is supported. Thus
there is no need to read a multi-byte integer. The second field (fix
header) is a single byte; reading a multi-byte integer is not really
wrong, since the fix header field is laid out in a way which allows it
to be treated as such, but the check whether the MBI is greater than
or equal to zero is pretty useless, because negative values could only
be returned if overflow occurs (MBIs are unsigned).
So the only useful assumption we can make is that the first byte is
zero; we let `gdImageCreateFromWBMPCtx()` figure out the rest.
[1] <https://www.wapforum.org/what/technical/SPEC-WAESpec-19990524.pdf> section 6
Prior to libavif 1.1.0, `avifAlloc()` was infallible (it called
`abort()` on OOM conditions); thus, several API functions which used
`avifAlloc()` did not report failure. That changed as of libavif
1.0.0[1], so checking and handling failure conditions can now be done.
However, due to `avifAlloc()` being fallible as of libavif 1.1.0, this
error checking and handling is mandatory to avoid more serious issues.
[1] <eb02b2ec52/CHANGELOG.md (L273-L281)>
Closes GH-16434.
Note that this is not actually security related[1], but still a
reasonable sanity check.
"If a function be advertised to return an error code in the event of
difficulties, thou shalt check for that code, yea, even though the
checks triple the size of thy code and produce aches in thy typing
fingers, for if thou thinkest it cannot happen to me, the gods shall
surely punish thee for thy arrogance." – Henry Spencer
[1] <https://github.com/libgd/libgd/issues/697#issuecomment-2369613187>
For GD, libxpm is an optional dependency, and we should treat it as
such, i.e. if the library is not found, we build ext/gd without XPM
support.
This should also be done for other optional dependencies (like libjpeg),
but since we're close to PHP 8.4.0RC1, we postpone that. However, wrt
libxpm[1] we're taking action immediately, so that we can ship builds
without XPM support, or at least custom builds without XPM support are
possible without modifying the sources.
[1] <https://news-web.php.net/php.internals/125502>
- The libgd sanity check is there only to check whether all current
linked libraries for the bundled libgd work together, otherwise it is
probably even redundant a bit; this refactors it to a simpler
AC_LINK_IFELSE check with default empty C program by Autoconf
- The IBM DB2 sanity check is simplified with AC_CHECK_FUNC instead
The ext_srcdir variable is at time of writing set only after calling the
PHP_NEW_EXTENSION. Other extensions also use @ext_srcdir@ template
placeholder for these cases. This fixes wrongly set include flag even
though build also works without libgd include flag.
When functions' or class methods' availability is based on some preprocessor
condition, the generated arginfo header files wrap the declarations in the
preprocessor `#if` conditional blocks, one per declaration, even if they are in
the same conditional block based on comments in the stub file. Instead of
having multiple conditional blocks one after the other with the same condition,
combine them into a single conditional block.
When a class (or enum) has no methods, rather than using an array that only
contains `ZEND_FE_END`, use `NULL` for the functions. The implementation of
class registration for internal classes, `do_register_internal_class()` in
zend_API.c, already skips classes where the functions are `NULL`. By removing
these unneeded arrays, we can reduce the size of the header files, while also
removing an unneeded call to zend_register_functions() for each internal class
with no extra methods.
Currently, internal classes are registered with the following code:
INIT_CLASS_ENTRY(ce, "InternalClass", class_InternalClass_methods);
class_entry = zend_register_internal_class_ex(&ce, NULL);
class_entry->ce_flags |= ...;
This has worked well so far, except if InternalClass is readonly. It is because some inheritance checks are run by zend_register_internal_class_ex before ZEND_ACC_READONLY_CLASS is added to ce_flags.
The issue is fixed by adding a zend_register_internal_class_with_flags() zend API function that stubs can use from now on. This function makes sure to add the flags before running any checks. Since the new API is not available in lower PHP versions, gen_stub.php has to keep support for the existing API for PHP 8.3 and below.
- Obsolete PHP_* variables checks removed (there was once the 'pdf'
extension bundled in PHP that also had the same --with-*-dir configure
options (3be17e3f26). When combined with
the gd extension, options need to be executed conditionally; first one
won), this is no longer relevant neither recommended practice to
duplicate configure options inside the php-src context. Ideally,
all configure options should be prefixed with an extension namespace
--with-<extension-name>-<option> to be unique.
- AS_* macros used
When this function has been added to our bundled GD[1], it had been
overlooked to also declare it in gd.h, like it's done in libgd. While
MSVC doesn't have any issues with this, clang reports an error.
[1] <03bd4333f6>
When PHP gd extension uses the external system GD library, the
HAVE_LIBGD preprocessor macro gets defined in Autotools. On Windows it
was previously always defined when bundled library is used. This fixes
the usage and adds help texts.
This replaces the AC_MSG_ERROR with AC_MSG_FAILURE, where appropriate.
The AC_MSG_ERROR outputs given message and exits the configure step. The
AC_MSG_FAILURE does the same but also automatically outputs additional
message "See 'config.log' for more details." which might help directing
the user where to look further.
The AC_MSG_ERROR is used for errors where current test step isn't logged
in the config.log and wouldn't make sense, and AC_MSG_FAILURE is mostly
used in cases of library checks, compilation tests, headers checked with
AC_CHECK_HEADER* and similar tests that are also logged in the
config.log.
AC_MSG_ERROR([Sanity check failed.]) output:
```
configure: error: Sanity check failed.
```
AC_MSG_FAILURE([Sanity check failed.]) output:
```
configure: error: in '/path/to/php-src':
configure: error: Sanity check failed.
See 'config.log' for more details
```
We port this modification[1] from libgd into our bundled libgd, because
the change makes sense, and we want the code bases to stay in sync as
close as possible.
We also apply a quick fix to the respective test.
[1] <f0a059be6c>
The test failure is not particularly related to Travis, but rather is
caused by the GD font file to only be suitable for platforms where
`int` stores 32bit values in little endian byte order. This platform
dependence is documented in the source code[1]. Thus we fix the skip
condition and skip reason accordingly.
An alternative would be to dynamically create the font file just before
running the test, but that appears to be overkill.
[1] <d59691c02f/ext/gd/gd.c (L545-L556)>
Closes GH-14922.
