Commit Graph

308 Commits

Author SHA1 Message Date
Tim Starling
c96be7b8f2 Use ASCII lower case for misc case folding
Use ASCII case conversion instead of locale-dependent case conversion in
the following places:

* grapheme_stripos() and grapheme_strripos() in the "fast" path
* ldap_get_entries()
* oci_pconnect() for case folding of parameters when constructing a key
  into the connection or session pool
* SoapClient: case folding of function names
* get_meta_tags(): case conversion of property names
* http stream wrapper: header names
* phpinfo(): anchor names
* php_verror(): docref URLs
* rfc1867.c: Content-Type boundary parameter name
* streams.c: stream protocol names

Using locale-dependent case folding for these cases is either
unnecessary or actively incorrect. These functions could have
misbehaved when used with certain locales (e.g. Turkish).

Closes GH-7511.
2021-09-24 09:20:08 +02:00
Björn Tantau
d764f1dc12
Fix #77372: Retain full path of files for directory uploads (#6917)
To fix https://bugs.php.net/bug.php?id=77372 and improve support of `<input type="file" name="files" multiple webkitdirectory>` I introduced another item to the `$_FILES` array called `full_path`, containing the full filename, as supplied by the user-agent.

Co-authored-by: Björn Tantau <bjoern@bjoern-tantau.de>
2021-05-14 11:43:55 +02:00
KsaR
01b3fc03c3
Update http->https in license (#6945)
1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https.
2. Update few license 3.0 to 3.01 as 3.0 states "php 5.1.1, 4.1.1, and earlier".
3. In some license comments is "at through the world-wide-web" while most is without "at", so deleted.
4. fixed indentation in some files before |
2021-05-06 12:16:35 +02:00
Nikita Popov
61ba79df17 Remove variable registration code from rfc1867
This now longer does anything -- registering a variable for a NULL
array is a no-op.
2021-04-27 12:30:46 +02:00
Josh Soref
462da6e09c Fix spelling and grammar mistakes
This PR corrects misspellings identified by the check-spelling action.

The misspellings have been reported at jsoref@b6ba3e2#commitcomment-48946465

The action reports that the changes in this PR would make it happy: jsoref@602417c

Closes GH-6822.
2021-04-13 12:09:37 +02:00
Nikita Popov
9be0ee4309 Merge branch 'PHP-8.0'
* PHP-8.0:
  Fixed bug #42560
2021-01-19 11:44:49 +01:00
Nikita Popov
1bdd8f7ae4 Merge branch 'PHP-7.4' into PHP-8.0
* PHP-7.4:
  Fixed bug #42560
2021-01-19 11:44:22 +01:00
sj-i
5d31ee302d Fixed bug #42560
Check open_basedir after the fallback to the system's temporary
directory in tempnam().

In order to preserve the current behavior of upload_tmp_dir
(do not check explicitly specified dir, but check fallback),
new flags are added to check open_basedir for explicit dir
and for fallback.

Closes GH-6526.
2021-01-19 11:41:58 +01:00
Nikita Popov
3e01f5afb1 Replace zend_bool uses with bool
We're starting to see a mix between uses of zend_bool and bool.
Replace all usages with the standard bool type everywhere.

Of course, zend_bool is retained as an alias.
2021-01-15 12:33:06 +01:00
Nikita Popov
2965c8f868 Prefer strtoll over atoll
Both are specified by C99, but strtoll has specified overflow
behavior while atoll does not, so prefer using it.
2020-08-05 18:40:23 +02:00
Stanislav Malyshev
c317c420b0 Merge branch 'PHP-7.4'
* PHP-7.4:
  Fix #78876: Long variables cause OOM and temp files are not cleaned
  Fix #78875: Long filenames cause OOM and temp files are not cleaned
  Update NEWS for 7.2.31
  Update CREDITS for PHP 7.2.30
  Update NEWS for PHP 7.2.30
2020-05-11 14:21:25 -07:00
Stanislav Malyshev
355e36e4f6 Merge branch 'PHP-7.3' into PHP-7.4
* PHP-7.3:
  Fix #78876: Long variables cause OOM and temp files are not cleaned
  Fix #78875: Long filenames cause OOM and temp files are not cleaned
  Update NEWS for 7.2.31
  Update CREDITS for PHP 7.2.30
  Update NEWS for PHP 7.2.30
2020-05-11 14:20:47 -07:00
Stanislav Malyshev
f43041250f Merge branch 'PHP-7.2' into PHP-7.3
* PHP-7.2:
  Fix #78876: Long variables cause OOM and temp files are not cleaned
  Fix #78875: Long filenames cause OOM and temp files are not cleaned
  Update NEWS for 7.2.31
  Update CREDITS for PHP 7.2.30
  Update NEWS for PHP 7.2.30
2020-05-11 14:20:41 -07:00
Christoph M. Becker
3c8582ca4b Fix #78876: Long variables cause OOM and temp files are not cleaned
We use the proper type for size calculations, which is `size_t`.
2020-05-11 13:48:40 -07:00
Christoph M. Becker
1c9bd513ac Fix #78875: Long filenames cause OOM and temp files are not cleaned
We must not cast `size_t` to `int` (unless the `size_t` value is
guaranteed to be less than or equal to `INT_MAX`).  In this case we can
declare `array_len` as `size_t` in the first place.
2020-05-11 13:47:38 -07:00
Bishop Bettini
fb57ae9084 Improve comment on RFC 1867 filename handling
It was pointed out on the internals ML[1] that the basename comment
around RFC 1867 file handling was confusing. The comment seemed to
say that the basename handling was only necessary because of some
esoteric bug in Windows IE. In fact that comment applied to earlier
versions of the code and was, therefore, misleading. The comment
needs to clear that basename is required per RFC 7578[2].

[1]:https://externals.io/message/108624
[2]:https://tools.ietf.org/html/rfc7578
2020-02-19 11:30:32 -05:00
Máté Kocsis
0b4778c377
Fix #78880: Another bunch of spelling errors 2020-01-16 09:46:47 +01:00
Gabriel Caruso
5d6e923d46
Remove mention of PHP major version in Copyright headers
Closes GH-4732.
2019-09-25 14:51:43 +02:00
Peter Kokot
92ac598aab Remove local variables
This patch removes the so called local variables defined per
file basis for certain editors to properly show tab width, and
similar settings. These are mainly used by Vim and Emacs editors
yet with recent changes the once working definitions don't work
anymore in Vim without custom plugins or additional configuration.
Neither are these settings synced across the PHP code base.

A simpler and better approach is EditorConfig and fixing code
using some code style fixing tools in the future instead.

This patch also removes the so called modelines for Vim. Modelines
allow Vim editor specifically to set some editor configuration such as
syntax highlighting, indentation style and tab width to be set in the
first line or the last 5 lines per file basis. Since the php test
files have syntax highlighting already set in most editors properly and
EditorConfig takes care of the indentation settings, this patch removes
these as well for the Vim 6.0 and newer versions.

With the removal of local variables for certain editors such as
Emacs and Vim, the footer is also probably not needed anymore when
creating extensions using ext_skel.php script.

Additionally, Vim modelines for setting php syntax and some editor
settings has been removed from some *.phpt files.  All these are
mostly not relevant for phpt files neither work properly in the
middle of the file.
2019-02-03 21:03:00 +01:00
Zeev Suraski
0cf7de1c70 Remove yearly range from copyright notice 2019-01-30 11:03:12 +02:00
Dmitry Stogov
cec091176c Replace zend_hash_apply... with ZEND_HASH_FOREACH... 2018-12-19 02:49:56 +03:00
Gabriel Caruso
cdd8368d6f Clean up unnecessary ternary expressions and simplify some returns
- Simplify conditions
- Use ZEND_HASH_APPLY_* instead of hard-coded booleans
- Use ZEND_NORMALIZE_BOOL
- Drop sign in favor of ZEND_NORMALIZE_BOOL
2018-12-03 01:22:14 +01:00
Peter Kokot
a5e80b22e1 Fix typos in code comments 2018-07-25 11:57:11 +02:00
Peter Kokot
8d3f8ca12a Remove unused Git attributes ident
The $Id$ keywords were used in Subversion where they can be substituted
with filename, last revision number change, last changed date, and last
user who changed it.

In Git this functionality is different and can be done with Git attribute
ident. These need to be defined manually for each file in the
.gitattributes file and are afterwards replaced with 40-character
hexadecimal blob object name which is based only on the particular file
contents.

This patch simplifies handling of $Id$ keywords by removing them since
they are not used anymore.
2018-07-25 00:53:25 +02:00
Dmitry Stogov
5eb1f92f31 Use zend_string_release_ex() instread of zend_string_release() in places, where we sure about string persistence. 2018-05-28 16:27:12 +03:00
Xinchen Hui
a6519d0514 year++ 2018-01-02 12:57:58 +08:00
Xinchen Hui
7a7ec01a49 year++ 2018-01-02 12:55:14 +08:00
Sammy Kaye Powers
9e29f841ce Update copyright headers to 2017 2017-01-02 09:30:12 -06:00
Nikita Popov
abb91ee9ea Move smart_string to Zend
smart_str is already in Zend.
2017-01-01 21:28:20 +01:00
Nikita Popov
37b0dcc8e0 Decouple DEBUG_FILE_UPLOAD from ZEND_DEBUG
Enabling ZEND_DEBUG should not result in intrusive program
behavior changes.
2016-08-19 00:34:13 +02:00
Nikita Popov
41e93041f8 Merge branch 'PHP-7.0' into PHP-7.1 2016-08-03 00:35:00 +02:00
Nikita Popov
1bcd439cad Fix bug #72724 2016-08-03 00:34:36 +02:00
Dmitry Stogov
1433162083 Fixed compilation warnings 2016-06-21 20:12:29 +03:00
Dmitry Stogov
1616038698 Added ZEND_ATTRIBUTE_FORMAT to some middind functions.
"%p" replaced by ZEND_LONG_FMT to avoid compilation warnings.
Fixed most incorrect use cases of format specifiers.
2016-06-21 16:00:37 +03:00
Lior Kaplan
ed35de784f Merge branch 'PHP-5.6' into PHP-7.0
* PHP-5.6:
  Happy new year (Update copyright to 2016)
2016-01-01 19:48:25 +02:00
Lior Kaplan
49493a2dcf Happy new year (Update copyright to 2016) 2016-01-01 19:21:47 +02:00
Dmitry Stogov
7aa7627172 Use ZSTR_ API to access zend_string elements (this is just renaming without semantick changes). 2015-06-30 13:59:27 +03:00
Xinchen Hui
249d4c7fdb code standard 2015-05-16 00:19:43 +08:00
Stanislav Malyshev
5a1bef8eef Merge branch 'PHP-5.6'
* PHP-5.6:
  fix format
  update NEWS
  Add test for bug #69522
  Update tests
  Fix bug #69522 - do not allow int overflow
  Forgot test file
  Fix bug #69403 and other int overflows
  Fixed bug #69418 - more s->p fixes for filenames
  Fixed bug #69364 - use smart_str to assemble strings
  Fix bug #69453 - don't try to cut empty string
  Fix bug #69545 - avoid overflow when reading list

Conflicts:
	Zend/zend_alloc.c
	Zend/zend_operators.c
	ext/ftp/ftp.c
	ext/pcntl/pcntl.c
	ext/standard/basic_functions.c
	ext/standard/dir.c
	ext/standard/file.c
	ext/standard/pack.c
	ext/standard/string.c
	main/rfc1867.c
2015-05-12 15:00:24 -07:00
Stanislav Malyshev
587ddf6ddc Merge branch 'PHP-5.5' into PHP-5.6
* PHP-5.5:
  fix format
  update NEWS
  Add test for bug #69522
  Update tests
  Fix bug #69522 - do not allow int overflow
  Forgot test file
  Fix bug #69403 and other int overflows
  Fixed bug #69418 - more s->p fixes for filenames
  Fixed bug #69364 - use smart_str to assemble strings
  Fix bug #69453 - don't try to cut empty string
  Fix bug #69545 - avoid overflow when reading list

Conflicts:
	ext/standard/pack.c
2015-05-12 14:26:06 -07:00
Stanislav Malyshev
c08f9c2c78 Merge branch 'PHP-5.4' into PHP-5.5
* PHP-5.4:
  fix format
  update NEWS
  Add test for bug #69522
  Update tests
  Fix bug #69522 - do not allow int overflow
  Forgot test file
  Fix bug #69403 and other int overflows
  Fixed bug #69418 - more s->p fixes for filenames
  Fixed bug #69364 - use smart_str to assemble strings
  Fix bug #69453 - don't try to cut empty string
  Fix bug #69545 - avoid overflow when reading list

Conflicts:
	ext/pcntl/pcntl.c
	ext/standard/basic_functions.c
	ext/standard/pack.c
	ext/standard/tests/dir/opendir_variation1-win32.phpt
2015-05-12 14:24:15 -07:00
Stanislav Malyshev
4605d536d2 Fixed bug #69364 - use smart_str to assemble strings 2015-05-09 23:04:25 -07:00
Remi Collet
2fe6acd8f5 expose destroy_uploaded_files_hash in the API (used by apfd extension) 2015-03-25 14:33:47 +01:00
Dmitry Stogov
2fa8d67a5c Use zend_string* instead of char* for opened_patch handling. Avoid reallocations and improve string reuse. 2015-03-04 02:05:28 +03:00
Michael Wallner
570ed1a1a4 fix warnings 2015-01-30 22:32:00 +01:00
Michael Wallner
86aab0aedb avoid duplicate array_init
custom request body handling firing the rfc1867 handler after the
environment has been hashed might create a memory leak by calling
array_init() twice on PG(http_globals)[TRACK_VARS_FILES]
2015-01-22 10:16:38 +01:00
Xinchen Hui
fc33f52d8c bump year 2015-01-15 23:27:30 +08:00
Xinchen Hui
0579e8278d bump year 2015-01-15 23:26:37 +08:00
Xinchen Hui
73c1be2653 Bump year 2015-01-15 23:26:03 +08:00
Stanislav Malyshev
b7a7b1a624 trailing whitespace removal 2015-01-10 15:07:38 -08:00