Since we're going to read from the current stream position anyway, the
`max_len` should be the size of the file minus the current position
(still catering to potentially filtered streams). We must, however,
make sure to cater to the file position being beyond the actual file
size.
While we're at, we also fix the step size in the comment, which is 8K.
A further optimization could be done for unfiltered streams, thus
saving that step size, but 8K might not be worth it.
Closes GH-7693.
On x86_64 glibc memrchr() uses SSE/AVX CPU extensions and works much
faster then naive loop. On x86 32-bit we still use inlined version.
memrchr() is a GNU extension. Its prototype becomes available when
<string.h> is included with defined _GNU_SOURCE macro. Previously, we
defined it in "php_config.h", but some sources may include <string.h>
befire it. To avod mess we also pass -D_GNU_SOURCE to C compiler.
While testing the cPanel usage of PHP-FPM, we stumbled on this bug.
Without the fix, the zend_string is corrupted and getting odd filenames
When using FPM we kept getting "No input file specified".
I work for cPanel and we use PHP extensively.
- for packed arrays we store just an array of zvals without keys.
- the elements of packed array are accessible throuf as ht->arPacked[i]
instead of ht->arData[i]
- in addition to general ZEND_HASH_FOREACH_* macros, we introduced similar
familied for packed (ZEND_HASH_PACKED_FORECH_*) and real hashes
(ZEND_HASH_MAP_FOREACH_*)
- introduced an additional family of macros to access elements of array
(packed or real hashes) ZEND_ARRAY_ELEMET_SIZE, ZEND_ARRAY_ELEMET_EX,
ZEND_ARRAY_ELEMET, ZEND_ARRAY_NEXT_ELEMENT, ZEND_ARRAY_PREV_ELEMENT
- zend_hash_minmax() prototype was changed to compare only values
Because of smaller data set, this patch may show performance improvement
on some apps and benchmarks that use packed arrays. (~1% on PHP-Parser)
TODO:
- sapi/phpdbg needs special support for packed arrays (WATCH_ON_BUCKET).
- zend_hash_sort_ex() may require converting packed arrays to hash.
Use ASCII case conversion instead of locale-dependent case conversion in
the following places:
* grapheme_stripos() and grapheme_strripos() in the "fast" path
* ldap_get_entries()
* oci_pconnect() for case folding of parameters when constructing a key
into the connection or session pool
* SoapClient: case folding of function names
* get_meta_tags(): case conversion of property names
* http stream wrapper: header names
* phpinfo(): anchor names
* php_verror(): docref URLs
* rfc1867.c: Content-Type boundary parameter name
* streams.c: stream protocol names
Using locale-dependent case folding for these cases is either
unnecessary or actively incorrect. These functions could have
misbehaved when used with certain locales (e.g. Turkish).
Closes GH-7511.
In particular, this allows using the hook without server_context.
The apache2handler implementation now checks that server_context
is available itself, as that's the implementation that cares
about it.
We need to avoid storing it in the first place, as we don't
really have a good place to release it later. If headers haven't
been sent yet, send_headers will do this. sapi_deactive happens
too late in the shutdown sequence and will result in leak reports.
This API had rather peculiar behavior in case the provided function
is not callable. For some types of failures, it would silently
return FAILURE (e.g. a function does not exist), while for others
(e.g. a class does not exist) it would generate a warning. Depending
on what the calling code does, this can either result in silent
failure or duplicate errors.
This commit switches the contract such that zend_call_function()
always (*) succeeds, though that success might be in the form of
throwing an exception. Calling a non-callable will now consistently
throw an exception.
There are some rare callers that do want to ignore missing methods,
for legacy APIs that are specific with optional methods. For these
use cases a new zend_call_method_if_exists() API is provided.
Calling code generally does not need to explicitly check for and
report zend_call_function() failures -- it can rely on
zend_call_function() having already done so. However, existing
code that does check for failure should continue to work fine.
(*) The only exception to this is if EG(active) being false during
late engine shutdown. This is not relevant to most code, but code
running in destructors and similar may need to be aware of the
possibility.
I don't see how object can be UNDEF here -- and just passing
NULL in that case is not going to do anything reasonable either.
It would fall back to global functions with the same name.
The stream position is not related to the buffer, and needs to be
updated for non-seekable streams as well. The erroneous condition
around the position update is a relict of an old commit[1].
The unexpected test expectation is due to bug #81345.
[1] <088e2692c3>
Closes GH-7356.
When flushing the stream filters actually causes data to be written to
the stream, we need to update its position, because that is not done by
the streams' write methods.
Closes GH-7354.
This used to be necessary in the past because the NUM_BUF_SIZE
was set to 512, which is shorter than DOUBLE_MAX_LENGTH. Now the
value is either DOUBLE_MAX_LENGTH or larger (2048).
Suppress checking during the actual parsing, but make sure to
duplicate strings on activate. The parsing result may be shared
across requests, but activation should work on per-request strings.
tsrm_realpath() internally always allocates a string. If the out
parameter is provided it gets copied there and freed. What we
were doing here was to first copy the path from the allocated
string to a stack buffer, and then copy it from the stack buffer
to a zend_string. We might as well save one copy and one buffer.
When the time limit for a script is changed, when the script ends,
its INI value will be reset. This calls the event handler for the
timeout change, which will unset then reset the timeout. However,
this is done even if the script is done executing, and say, the CGI
or CLI web server process is idle.
This is probably incorrect, but isn't a problem on most platforms,
because PHP uses a timer that only ticks when the process is active
(that is, executing code). Since when it's idle, it's blocking on
listen/read, it won't tick because nothing executes. However, on
platforms where only the real-time timer is supported, (Cygwin/PASE)
it ticks regardless of if PHP is even executing. This means that the
idle processes are subject to timeouts from the INI reset on script
end.
This makes it so the timer is never set if the state is deactivating.
Testing with the CLI web server indicates the timer no longer
spuriously activates under PASE.
Closes GH-6683.
When mapping the file, we need to pass the proper `dwFileOffsetHigh`
instead of `0`.
Co-authored-by: Nikita Popov <nikita.ppv@gmail.com>
Closes GH-7158.
When the memory limit is restored during shutdown, we may still
be using a lot of memory. Ignore the failure at that point and
set it again after the MM is shut down, at which point memory
usage should be at its lowest point.
Move this code directly into the error handler, and check the
heap->overflow flag. Discarding output here allows us to print
the normal memory limit message to standard output. Otherwise
nothing would be printed unless a different log medium was used,
which makes for a suboptimal debugging experience.
When the memory limit is reduced using an `ini_set("memory_limit", ..)`
below the currently allocated memory, the out-of-memory check overflowed.
Instead of implementing additional checks during allocation,
`zend_set_memory_limit()` now validates the new memory limit. When
below the current memory usage the ini_set call will fail and throw
a warning.
This is part of GH-7040.
Newer MSVC versions support the `inline` keyword, so we do not need to explicitly define it. We also shouldn't define `inline` to `__forceinline`, as we already have `zend_always_inline` to indicate this requirement.
While resolving the path, the last step will reduce it down to ""
(an empty string) and realpath() will resolve this to getcwd().
If open_basedir contains the CWD, then that means open_basedir
will be bypassed for paths that don't have any components that
exist (if one of the components exists, then we abort the realpath
loop at that point).
Closes GH-7015.
To fix https://bugs.php.net/bug.php?id=77372 and improve support of `<input type="file" name="files" multiple webkitdirectory>` I introduced another item to the `$_FILES` array called `full_path`, containing the full filename, as supplied by the user-agent.
Co-authored-by: Björn Tantau <bjoern@bjoern-tantau.de>
This is a re-application of the original match against master.
The patch was originally applied to master, then reverted from
there, incorrectly applied to PHP-8.0, reverted from there due
to ABI break, and now lands on master again. We can only hope
that it does not get reverted again ;)
1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https.
2. Update few license 3.0 to 3.01 as 3.0 states "php 5.1.1, 4.1.1, and earlier".
3. In some license comments is "at through the world-wide-web" while most is without "at", so deleted.
4. fixed indentation in some files before |
If fdatasync is not available, use fsync instead.
For some reason, fdatasync is available when using clang from Xcode, even though no declaration is present in headers.
Firstly, we must not forget to set appropriate error codes for "manual"
checks in `virtual_file_ex()`.
Secondly, we must not call `php_error_docref2()` for warnings regarding
unary functions; thus, we introduce `php_win32_docref1_from_error()`.
Closes GH-6872.
fsync is a straightforward wrapper around the same C function
(implemented on Windows API as _commit() with identical signature).
From the man pages:
fsync() transfers ("flushes") all modified in-core data of (i.e.,
modified buffer cache pages for) the file referred to by the file
descriptor fd to the disk device (or other permanent storage
device) so that all changed information can be retrieved even if
the system crashes or is rebooted. This includes writing through
or flushing a disk cache if present. The call blocks until the
device reports that the transfer has completed.
RFC: https://wiki.php.net/rfc/fsync_function
Closes GH-6650.
This PR corrects misspellings identified by the check-spelling action.
The misspellings have been reported at jsoref@b6ba3e2#commitcomment-48946465
The action reports that the changes in this PR would make it happy: jsoref@602417c
Closes GH-6822.
This doesn't seem to serve a purpose anymore. Stats are expensive,
so doing an unnecessary stat just to short-circuit the zero size
case is rather dubious. It can also break with stream wrappers
that return inaccurate sizes (symfony/symfony#40574) and probably
can also break with stream filters.
Drop the special case and adjust code to make it more obvious that
it will still be handled correctly.
Closes GH-6807.
First, the `bzip2.compress` filter has the same issue as `zlib.deflate`
so we port the respective fix[1] to ext/bz2.
Second, there is still an issue, if a stream with an attached
compression filter is flushed before it is closed, without any writes
in between. In that case, the compression is never finalized. We fix
this by enforcing a `_php_stream_flush()` with the `closing` flag set
in `_php_stream_free()`, whenever a write filter is attached. This
call is superfluous for most write filters, but does not hurt, even
when it is unnecessary.
[1] <http://git.php.net/?p=php-src.git;a=commit;h=20e75329f2adb11dd231852c061926d0e4080929>
Closes GH-6703.
This is a new transparent technology that eliminates overhead of PHP class inheritance.
PHP classes are compiled and cached (by opcahce) separately, however their "linking" was done at run-time - on each request. The process of "linking" may involve a number of compatibility checks and borrowing methods/properties/constants form parent and traits. This takes significant time, but the result is the same on each request.
Inheritance Cache performs "linking" for unique set of all the depending classes (parent, interfaces, traits, property types, method types involved into compatibility checks) once and stores result in opcache shared memory. As a part of the this patch, I removed limitations for immutable classes (unresolved constants, typed properties and covariant type checks). So now all classes stored in opcache are "immutable". They may be lazily loaded into process memory, if necessary, but this usually occurs just once (on first linking).
The patch shows 8% improvement on Symphony "Hello World" app.
Check open_basedir after the fallback to the system's temporary
directory in tempnam().
In order to preserve the current behavior of upload_tmp_dir
(do not check explicitly specified dir, but check fallback),
new flags are added to check open_basedir for explicit dir
and for fallback.
Closes GH-6526.
We're starting to see a mix between uses of zend_bool and bool.
Replace all usages with the standard bool type everywhere.
Of course, zend_bool is retained as an alias.
Historically, the _ex variants separated the zval first, if a
conversion was necessary. This distinction no longer makes sense
since PHP 7.
The only difference that was still left is that _ex checked whether
the type is the same first, but the usage of these macros did not
actually distinguish on whether such an inlined check is valuable
or not in a given context.
Also drop the unused convert_to_explicit_type macros.
In the case of a stream with no filters, php_stream_fill_read_buffer
only reads stream->chunk_size into the read buffer. If the stream has
filters attached, it could unnecessarily buffer a large amount of data.
With this change, php_stream_fill_read_buffer only proceeds until either
the requested size or stream->chunk_size is available in the read buffer.
Co-authored-by: Christoph M. Becker <cmbecker69@gmx.de>
Closes GH-6444.
This allows reusing an existing zend_string inside a memory stream
without reallocating. For non-readonly streams, the string will
only get separated on write.
Reading from a stream may return greater than zero, but nonetheless the
stream's EOF flag may have been set. We have to cater to this
condition by setting the close flag for filters.
We also have to cater to that change in the zlib.inflate filter:
If `inflate()` is called with flush mode `Z_FINISH`, but the output
buffer is not large enough to inflate all available data, it fails with
`Z_BUF_ERROR`. However, `Z_BUF_ERROR` is not fatal; in fact, the zlib
manual states: "If deflate returns with Z_OK or Z_BUF_ERROR, this
function must be called again with Z_FINISH and more output space
(updated avail_out) but no more input data, until it returns with
Z_STREAM_END or an error." Hence, we do so.
Closes GH-6001.
mysqlnd currently sets error_reporting=0 to suppress errors while
writing to streams. Unfortunately these errors are still visible
to userland error handlers, which is a source of confusion.
See for example https://bugs.php.net/bug.php?id=80412.
Instead add a stream flag that suppresses the emission of
read/write errors in the first place, and set it in mysqlnd.
I think it might be useful to have this option for userland as
well in the future, but for now this is just an internal
mechanism.
Closes GH-6458.
PHP error messages should not contain line breaks, so we remove these
from the Windows specific error messages. We also remove trailing
periods for the same reason.
Closes GH-6423.
This macro is defined to zero as of PHP 5.0.0, and as the comment
indicates, is no longer relevant. Thus, we remove the definition and
all usages from the core and bundled extensions.
Closes GH-6351.
As filenames are no longer interned, we need to keep a reference
to the zend_string to make sure it isn't freed.
To avoid a nominal source compatibility break, create a new member
in the globals.
See GCC bug 69602: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=69602
which emits the warning for (errno == EWOULDBLOCK || errno == EAGAIN)
which is the correct way of handling errors as the value of EWOULDBLOCK
and EAGAIN is implementation defined.
Therefore introduce a new macro function PHP_IS_TRANSIENT_ERROR()
which handles the case when EWOULDBLOCK and EAGAIN are identical.
Thanks to @twose for the idea.
Disabling output compression for images has served to fix bug #16109,
where zlib compressed images apparently have caused issues with
Navigator 4. This shouldn't be an issue with somewhat contemporary
browsers. Other than that, this is an arbitrary restriction – why
don't we disable the compression for some other media types as well
(e.g. video/* and audio/*)? All in all, we should leave that decision
to userland.
Closes GH-6198.
We have to log errors in `stream_opener` callbacks to the wrapper's
error log, because otherwise we may pick up an unrelated `errno` or a
most generic message.
Closes GH-6187.
If restoring of any not registered built-in wrapper is requested, the
function is supposed to fail with a warning, so we have to check this
condition first.
Furthermore, to be able to detect whether a built-in wrapper has been
changed, it is not sufficient to check whether *any* userland wrapper
has been registered, but rather whether the specific wrapper has been
modified.
Closes GH-6183.
Passing `NULL` as `lpFileSizeHigh` to `GetFileSize()` gives wrong
results for files larger than 0xFFFFFFFF bytes. We fix this by using
`GetFileSizeEx()`, and let the mapping fail, if the file size is too
large for the architecture.
Closes GH-5319.
Checking the linker compatibility with extranous `ImageLoad()` calls is
possible, but unnecessary, since the modules are either already loaded
or loaded shortly afterwards, so that we can get the required
information directly from the module handles. And actually, doing
`ImageLoad()` as well as `LoadLibrary()` leaves a tiny room for a race
condition, because both functions will lookup the module in the search
path, so there is no *guarantee* that both are dealing with the same
module. Dropping the `ImageLoad()` calls also has the advantage to no
longer face the issue reported in bug #79557. A very minor additional
advantage is that we no longer have to link against Imagehlp.dll.
Furthermore, there is no need to check for CRT compatibility multiple
times, so we can simplify the signature of `php_win32_crt_compatible`,
and at the same time clean up main.c a bit.
These changes require to change the signature of the exported
`php_win32_image_compatible` and `php_win32_crt_compatible` functions,
which now expect a `HMODULE` and nothing, respectively, instead of the
module name.
Instead of attempting to map large files into memory at once, we map
chunks of at most `PHP_STREAM_MMAP_MAX` bytes, and repeat that until we
hit the point where `php_stream_seek()` fails (see bug 54902), and copy
the rest of the file by reading and writing small chunks.
We also fix the mapping behavior for zero bytes on Windows, which did
not error (as with `mmap()`), but would have mapped the remaining file.
The `zend_system_id` is a (true global) system ID that fingerprints a process state. When extensions add engine hooks during MINIT/startup, entropy is added the system ID for each hook. This allows extensions to identify that changes have been made to the engine since the last PHP process restart.
Closes GH-5871
A recent commit[1] which fixed a memory leak introduced a regression
regarding the formerly liberal handling of IP addresses to bind to. We
fix this by reverting that commit, and fix the memory leak where it
actually occurs. In other words, this fix is less intrusive than the
former fix.
[1] <http://git.php.net/?p=php-src.git;a=commit;h=0b8c83f5936581942715d14883cdebddc18bad30>
Closes GH-6104.
To perform fast shutdown without full table cleanup we need all
internal functions to be in one continuous chunk. This was
violated when functions were deleted via disable_functions.
This drops the zend_disable_function() API in favor of
zend_disable_functions(), which disables the given list of
functions and performs the necessary rehash afterwards.
Also drop PG(disabled_functions), which is no longer used.
Voidification of Zend API which always succeeded
Use bool argument types instead of int for boolean arguments
Use bool return type for functions which return true/false (1/0)
Use zend_result return type for functions which return SUCCESS/FAILURE as they don't follow normal boolean semantics
Closes GH-6002
We might just want to drop this completely, but at least don't
enable it by default. It already gets disabled by a number of
SAPIs, but we should make that the default state.
Unconditionally strip shebang lines when using the CLI SAPI,
independently of whether they occur in the primary or non-primary
script. It's unlikely that someone intentionally wants to print
that shebang line when including a script, and this regularly
causes issues when scripts are used in multiple contexts, e.g.
for direct invocation and as a phar bootstrap.
