Commit Graph

15999 Commits

Author SHA1 Message Date
Christoph M. Becker
6dec6a6dba
Add PHP_BUILD_DATE constant
This information can be occasionally useful, and would otherwise need
to be parsed from `phpinfo()` output.

However, maybe more importantly we unify the build date between what is
given by `php -v` and `php -i`, since these compilation units are not
necessarily preprocessed within the same second.

Closes GH-16747.
2024-11-18 20:53:28 +01:00
Christoph M. Becker
3815a773a1
Close GH-16659: Bump ICU requirement to ICU >= 57.1
This requirements bump should rarely affect anybody in practice.  All
major distros already ship more recent ICU versions, and even for
Solaris 11, ICU 57.1 is available via OpenCSW.  Note that ICU 57.1 has
been released on 2016-03-23[1].

[1] <https://icu.unicode.org/download/57>

Closes GH-16688.
2024-11-14 01:30:48 +01:00
David Carlier
33ba1a4ab9
ext/sockets: adding IPPROTO_ICMP* constants for socket creations.
Is to create socket for Internet Control Message Protocol context.
Due to their nature, they are meant to be used via
raw sockets rather than TCP/UDP.

close GH-16737
2024-11-12 18:52:22 +00:00
Niels Dossche
56bd057123
[ci skip] NEWS for ReflectionConstant additions 2024-11-09 11:09:36 +01:00
Niels Dossche
a3b27c083f
Add Dom\Element::insertAdjacentHTML() (#16614) 2024-11-09 10:52:06 +01:00
Arnaud Le Blanc
40997c2c62
[ci skip] NEWS for GH-16702 2024-11-07 15:56:45 +01:00
Christoph M. Becker
5c76ef78cb
Fix GH-10992: Improper long path support for relative paths
Relative paths are passed to the ioutils APIs, these are not properly
converted to long paths.  If the path length already exceeds a given
threshold (usually 259 characters, but only 247 for `mkdir()`), the
long path prefix is prepended, resulting in an invalid path, since long
paths have to be absolute.  If the path length does not exceed that
threshold, no conversion to a long path is done, although that may be
necessary.

Thus we take the path length of the current working directory into
account when checking the threshold, and prepend it to the filename if
necessary.

Since this is only relevant for NTS builds, and using the current
working directory of the process would be erroneous for ZTS builds, we
skip the new code for ZTS builds.

Closes GH-16687.
2024-11-07 13:34:41 +01:00
Niels Dossche
96d1cd00b7
Fix GH-16665: \array and \callable should not be usable
This list was initially introduced in 53a40386, but never included array or
callable. I suppose this is because int & friends are not actual tokens,
while array and callable are. This means it was never possible to do class
array, which is probably the reason this was overlooked.

Closes GH-16683.
2024-11-06 18:16:06 +01:00
David Carlier
ca5fd05536
ext/posix: adding POSIX_SC_OPEN_MAX constant.
returns the number of file descriptors that a process can handle.
e.g. useful after pcntl_fork() to close all the file descriptors up
to that boundary.

close GH-16681
2024-11-02 14:28:07 +00:00
Tim Düsterhus
cb6025cdac
curl: Add curl_multi_get_handles() (#16363)
see https://curl.se/libcurl/c/curl_multi_get_handles.html
2024-10-16 16:24:04 +02:00
David Carlier
323c9f4981
[skip ci] UPGRADING/NEWS changes 2024-10-14 12:42:01 +01:00
Christoph M. Becker
b14076a4e6
Fix property access of PHP objects wrapped in variant
First, we fix the long standing issue that property access throws a
`com_exception` ("0x80020003: member not found), because the `HRESULT`
was not properly set after accessing the property.

Next, we fix an issue introduced as of PHP 7.0.0, where the string
length for write access had been properly adapted, but the string
length for read access had been overlooked.

Then we fix an issue introduced as of PHP 8.0.0, where new `HashTable`s
no longer set `nNextFreeElement` to zero, but to `ZEND_LONG_MIN`.  This
doesn't work well with the `DISPID` lookup, which is a `LONG`.

Finally we fix a potential double-free due to erroneously destroying
the return value of `zend_read_property()`.

Closes GH-16331.
2024-10-11 16:50:35 +02:00
Christoph M. Becker
a1d4595d65
Fix calculation of aligned buffer size
As is, for requested size which are already aligned, we over-allocate,
so we fix this.  We also fix the allocation for chunk size 1.

This issue has been reported by @kkmuffme.

Thanks to @iluuu1994 for improving the fix!

Closes GH-16161.
2024-10-10 01:56:47 +02:00
Niels Dossche
39ae00fa0a
NEWS and UPGRADING for outerHTML
Closes GH-15887.
2024-10-05 23:29:12 +02:00
David Carlier
e609a21906
ext/pgsql: pgsql_copy_from to support iterable.
inspired from the Pdo\Pgsql new feature GH-15893.

close GH-16124
2024-10-01 19:53:20 +01:00
Niels Dossche
daa94cf279
Implement request #30622: make $namespace parameter functional
This parameter never actually did anything and was forgotten about.
We solve this by detecting when we have a $namespace argument
(that won't conflict with the name argument) and creating a Clark
notation name out of it.

Closes GH-16123.
2024-09-30 20:34:51 +02:00
Niels Dossche
f5e81fe182
Optimize in-memory XMLWriter
We're currently using a libxml buffer, which requires copying the buffer
to zend_strings every time we want to output the string. Furthermore,
its use of the system allocator instead of ZendMM makes it not count
towards the memory_limit and hinders performance.

This patch adds a custom writer such that the strings are written to a
smart_str instance, using ZendMM for improved performance, and giving
the ability to not copy the string in the common case where flush has
empty set to true.

Closes GH-16120.
2024-09-30 20:30:03 +02:00
Niels Dossche
63e0b9ccbf
Fix #49169: SoapServer calls wrong function, although "SOAP action" header is correct
Although the original reproducer no longer exists, I was able to cook up
something similar.
The problem is that there are two ways ext-soap currently looks up
functions:
1) By matching the exact function name; but this doesn't work if the
   function name is not in the body.
2) By matching the parameter names.

Neither of these work when we don't have the function name in the body,
and when the parameter names are not unique. That's where we can use the
"SOAPAction" header to distinguish between different actions. This header
should be checked first and be matched against the "soapAction"
attribute in the WSDL. We keep the existing fallbacks such that the
chance of a BC break is minimized.
Note that since #49169 a potential target namespace is ignored right
now.

Closes GH-15970.
2024-09-30 20:14:34 +02:00
David Carlier
1da352c367
ext/pgsql: adding pg_close_stmt.
up to postgresql 17, when done with a prepared statement, we could
release it with DEALLOCATE sql command which is fine ; until we want
to implement a cache solution based on statement ids.

Since PostgreSQL 17, PQclosePrepared uses internally the `close` protocol
allowing to reuse the statement name while still freeing it.
Since the close protocol implementation had been added on libpq within
this release, no way to reimplement it.

close GH-14584
2024-09-29 16:26:35 +01:00
Guillaume Outters
68537fd9f4
Fix / implement GH-15287: add a lazy fetch to Pdo\PgSql
Make Pdo\PgSql accept Pdo::setAttribute(PDO::ATTR_PREFETCH, 0) to enter libpq's single row mode.
This avoids storing the whole result set in memory before being able to call the first fetch().

close GH-15750
2024-09-29 08:33:14 +01:00
David Carlier
d00dd2b4b5
ext/random: haiku supports arc4random api too.
close GH-16095
2024-09-28 13:20:14 +01:00
武田 憲太郎
7f5e96d030
ext/pdo_pgsql: Expanding COPY input from an array to an iterable
close GH-15893
2024-09-28 11:09:34 +01:00
Saki Takamachi
7bd0bcadaa
Prepare for PHP 8.4 2024-09-25 00:03:39 +09:00
Saki Takamachi
c5b258fedc
Fix GH-15968: Avoid converting objects to strings in operator calculations. (#16021) 2024-09-24 22:33:36 +09:00
Bob Weinand
654b787ee1
Add API to exempt function from being traced in JIT (#15559)
Internally accessible via zend_jit_blacklist_function / externally via opcache_jit_blacklist.
The functionality currently only affects tracing JIT, but may be extended to other JIT modes in future.
2024-09-24 14:20:38 +02:00
David Carlier
f35ad560b4
GH-12940 ext/pdo_pgsql: using PQclosePrepared to free statement resources.
PQclosePrepared allows the statement's name to be reused thus allowing
cache solutions to work properly ; whereas, for now, the `DEALLOCATE
<statement>` query is used which free entirely the statement's resources.

close GH-13316
2024-09-24 12:09:56 +01:00
Christoph M. Becker
f44250c418
Merge branch 'PHP-8.3'
* PHP-8.3:
  Fix GH-15980: Signed integer overflow in main/streams/streams.c
2024-09-24 12:35:06 +02:00
Christoph M. Becker
acee803e6a
Merge branch 'PHP-8.2' into PHP-8.3
* PHP-8.2:
  Fix GH-15980: Signed integer overflow in main/streams/streams.c
2024-09-24 12:33:17 +02:00
Christoph M. Becker
81916758ec
Fix GH-15980: Signed integer overflow in main/streams/streams.c
We need to avoid signed integer overflows which are undefined behavior.
We catch that, and set `offset` to `ZEND_LONG_MAX` (which is also the
largest value of `zend_off_t` on all platforms).  Of course, that seek
may fail, but even if it succeeds, the stream is no longer readable,
but that matches the current behavior for offsets near `ZEND_LONG_MAX`.

Closes GH-15989.
2024-09-24 12:32:00 +02:00
Ayesh Karunaratne
ba748e7bb5
ext/curl: Add CURLOPT_DEBUGFUNCTION option (GH-15674)
This adds support for `CURLOPT_DEBUGFUNCTION`[^1] Curl option to set a
custom callback that gets called with debug information during the
lifetime of a Curl request.

The callback gets called with the `CurlHandle` object, an integer
containing the type of the debug message, and a string containing the
debug message. The callback may get called multiple times with the
same message type during a request.

PHP already uses `CURLOPT_DEBUGFUNCTION` functionality to internally
to expose a Curl option named `CURLINFO_HEADER_OUT`.

However,`CURLINFO_HEADER_OUT` is not a "real" Curl option supported
by libcurl. Back in 2006, `CURLINFO_HEADER_OUT` was added[^2] as
a Curl option by using the debug-callback feature. Git history does
not run that back to show why `CURLINFO_HEADER_OUT` was added as a
Curl option, and why the other debug types (such as
`CURLINFO_HEADER_IN` were not added as Curl options, but this seems
to be a historical artifact when we added features without trying
to be close to libcurl options.

This approach has a few issues:

1. `CURLINFO_HEADER_OUT` is not an actual Curl option supported by
  upstream libcurl.

2. All of the Curl options have `CURLOPT_` prefix, and `CURLINFO_HEADER_OUT`
  is the only Curl "option" that uses the `CURLINFO` prefix. This exception
  is, however, noted[^3] in docs.

3. When `CURLINFO_HEADER_OUT` is set, the `CURLOPT_VERBOSE` is also implicitly
  set. This was reported[^4] to bugs.php.net, but the bug is marked as wontfix.

This commit adds support for `CURLOPT_DEBUGFUNCTION`. It extends the existing
`curl_debug` callback to store the header-in information if it encounters
a debug message with `CURLINFO_HEADER_OUT`. In all cases, if a callable
is set, it gets called.

`CURLOPT_DEBUGFUNCTION` intends to replace `CURLINFO_HEADER_OUT` Curl
option as a versatile alternative that can also be used to extract
other debug information such as SSL data, text information messages,
incoming headers, as well as headers sent out (which `CURLINFO_HEADER_OUT`
makes available).

The callables are allowed to throw exceptions, but the return values are
ignored.

`CURLOPT_DEBUGFUNCTION` requires `CURLOPT_VERBOSE` enabled, and setting
`CURLOPT_DEBUGFUNCTION` does _not_ implicitly enable `CURLOPT_VERBOSE`.

If the `CURLOPT_DEBUGFUNCTION` option is set, setting `CURLINFO_HEADER_OUT`
throws a `ValueError` exception. Setting `CURLOPT_DEBUGFUNCTION` _after_
enabling `CURLINFO_HEADER_OUT` is allowed. Technically, it is possible
for both functionality (calling user-provided callback _and_ storing
header-out data) is possible, setting `CURLINFO_HEADER_OUT` is not
allowed to encourage the use of `CURLOPT_DEBUGFUNCTION` function.

This commit also adds the rest of the `CURLINFO_` constants used as
the `type` integer value in `CURLOPT_DEBUGFUNCTION` callback.

---

[^1]: [cur.se - CURLOPT_DEBUGFUNCTION](https://curl.se/libcurl/c/CURLOPT_DEBUGFUNCTION.html)
[^2]: [`5f25d80`](5f25d80d10)
[^3]: [curl_setopt doc mentioning `CURLINFO_` prefix is intentional](https://www.php.net/manual/en/function.curl-setopt.php#:~:text=prefix%20is%20intentional)
[^4]: [bugs.php.net - `CURLOPT_VERBOSE` does not work with `CURLINFO_HEADER_OUT`](https://bugs.php.net/bug.php?id=65348)
2024-09-24 10:56:56 +02:00
Christoph M. Becker
8a5ada4e10
Merge branch 'PHP-8.3'
* PHP-8.3:
  Revert "Fix GH-15980: Signed integer overflow in main/streams/streams.c"
2024-09-23 01:33:57 +02:00
Christoph M. Becker
a9fcf498e3
Merge branch 'PHP-8.2' into PHP-8.3
* PHP-8.2:
  Revert "Fix GH-15980: Signed integer overflow in main/streams/streams.c"
2024-09-23 01:32:45 +02:00
Christoph M. Becker
ee95ee7216
Revert "Fix GH-15980: Signed integer overflow in main/streams/streams.c"
This reverts commit 6a04c79e41, since the
new test case apparently fails on 64bit Linux, so this needs closer
investigation.
2024-09-23 01:31:05 +02:00
Christoph M. Becker
10008fb6e8
Merge branch 'PHP-8.3'
* PHP-8.3:
  Fix GH-15980: Signed integer overflow in main/streams/streams.c
2024-09-23 00:30:29 +02:00
Christoph M. Becker
c701508e6b
Merge branch 'PHP-8.2' into PHP-8.3
* PHP-8.2:
  Fix GH-15980: Signed integer overflow in main/streams/streams.c
2024-09-23 00:29:15 +02:00
Christoph M. Becker
6a04c79e41
Fix GH-15980: Signed integer overflow in main/streams/streams.c
We need to avoid signed integer overflows which are undefined behavior.
We catch that, and set `offset` to `ZEND_LONG_MAX` (which is also the
largest value of `zend_off_t` on all platforms).  Of course, after such
a seek a stream is no longer readable, but that matches the current
behavior for offsets near `ZEND_LONG_MAX`.

Closes GH-15989.
2024-09-23 00:28:09 +02:00
Saki Takamachi
f6db576c31
[RFC] ext/bcmath: Added bcdivmod (#15740)
RFC: https://wiki.php.net/rfc/add_bcdivmod_to_bcmath

Added bcdivmod() function and added divmod() method to BcMath\Number class.
2024-09-23 06:43:11 +09:00
Christoph M. Becker
2b90acb469
Fix GH-15986: Double-free due to Pdo\Pgsql::setNoticeCallback()
We need to release the fcall info cache instead of destroying it.

Closes GH-15987.
2024-09-22 23:35:05 +02:00
Christoph M. Becker
8c407fc3d0
Merge branch 'PHP-8.3'
* PHP-8.3:
  Fix minimal Windows version
2024-09-22 19:30:03 +02:00
Christoph M. Becker
5bcbe8a358
Fix minimal Windows version
As of PHP 8.3.0, Windows 8/Server 2012 are the minimum requirement.
However, PR #9104 only updated `_WIN32_WINNT`, but not `WINVER`[1],
`NTDDI_VERSION`[2] nor the manifest[3].

[1] <https://learn.microsoft.com/en-us/windows/win32/winprog/using-the-windows-headers>
[2] <https://learn.microsoft.com/en-us/windows/win32/winprog/using-the-windows-headers>
[3] <https://learn.microsoft.com/en-us/windows/win32/sbscs/application-manifests>

Closes GH-15975.
2024-09-22 19:28:43 +02:00
Christoph M. Becker
1d92796107
Merge branch 'PHP-8.3'
* PHP-8.3:
  Prevent closing of unrelated handles
2024-09-22 17:29:05 +02:00
Christoph M. Becker
ffc355c83f
Merge branch 'PHP-8.2' into PHP-8.3
* PHP-8.2:
  Prevent closing of unrelated handles
2024-09-22 17:26:34 +02:00
Christoph M. Becker
f303840a86
Prevent closing of unrelated handles
If our `shmget()` fails for certain reasons, the segment handle is
closed.  However, the handle might be reused by Windows, and as such we
must not close it again when shutting down the TSRM.

Closes GH-15984.
2024-09-22 17:24:01 +02:00
Niels Dossche
5bfd45cd44
Merge branch 'PHP-8.3'
* PHP-8.3:
  Fix GH-15908 and GH-15026: leak / assertion failure in streams.c
2024-09-22 16:09:21 +02:00
Niels Dossche
94c2ae616b
Merge branch 'PHP-8.2' into PHP-8.3
* PHP-8.2:
  Fix GH-15908 and GH-15026: leak / assertion failure in streams.c
2024-09-22 16:08:51 +02:00
Niels Dossche
018c0b3d14
Fix GH-15908 and GH-15026: leak / assertion failure in streams.c
This was first reported as a leak in GH-15026, but was mistakingly
believed to be a false positive. Then an assertion was added and it got
triggered in GH-15908. This fixes the leak. Upon merging into master the
assertion should be removed as well.

Closes GH-15924.
2024-09-22 16:07:12 +02:00
Niels Dossche
27b3131422
Fix GH-15982: Assertion failure with array_find when references are involved
Closes GH-15983.
2024-09-22 14:34:55 +02:00
Saki Takamachi
05cb27a8f9
ext/bcmath: Check for scale overflow (#15741) 2024-09-22 06:59:06 +09:00
Niels Dossche
1b171bb6b4
Merge branch 'PHP-8.3'
* PHP-8.3:
  Fix GH-15918: Assertion failure in ext/spl/spl_fixedarray.c
2024-09-20 17:34:54 +02:00
Niels Dossche
9774cedb01
Fix GH-15918: Assertion failure in ext/spl/spl_fixedarray.c
SplFixedArray should've never get supported in ArrayObject because it's
overloaded, and so that breaks assumptions. This regressed in c4ecd82f.

Closes GH-15947.
2024-09-20 17:34:23 +02:00