Fixes GH-13970
Closes GH-14105
We cannot validate at compile-time for multiple reasons:
* Evaluating the argument naively with zend_get_attribute_value can lead to code
execution at compile time through the new expression, leading to possible
reentrance of the compiler.
* Even if the evaluation was possible, it would need to be restricted to the
current file, because constant values coming from other files can change
without affecting the current compilation unit. For this reason, validation
would need to be repeated at runtime anyway.
* Enums cannot be instantiated at compile-time (the actual bug report). This
could be allowed here, because the value is immediately destroyed. But given
the other issues, this won't be needed.
Instead, we just move it to runtime entirely. It's only needed for
ReflectionAttribute::newInstance(), which is not particularly a hot path. The
checks are also simple.
libxml doesn't do reference counting inside its node types. It's
possible to remove an entity declaration out of the document, but then
entity references will keep pointing to that stale declaration. This
will cause crashes.
One idea would be to check when a declaration is removed, to trigger a
hook that updates all references. However this means we have to keep
track of all references somehow, which would be a high-overhead
solution. The solution in this patch makes sure that the fields are
always updated before they are read.
Closes GH-14089.
This is addon to the GH-13727 bug fix. When configuring the build with:
./configure CFLAGS=-Werror=strict-prototypes
libtool check for parsing nm command would fail:
checking command to parse /usr/bin/nm -B output from cc object... failed
Upstream libtool has this specific check already fixed. Note that this
works only with Autoconf version 2.72 and later and is preparation for
future compilers that might have this error enabled by default.
This is a backport of commit 03f15534a1 to
PHP-8.2 due to GH-14002 and fixes the PHP_CXX_COMPILE_STDCXX check in
ext/intl whether the specified C++ standard is mandatory or optional.
The `dnl` (Discard to Next Line) M4 macro in this combination of `m4_if`
macros and arguments isn't properly replaced and a literal `dnl` string
is appended in the configure script. The `[]dnl` works ok.
When step_callback fails, agg_context->val is passed dtor, but agg_context->val
is also used in final_callback regardless of the success/failure of step_callback,
so should not call dtor.
closes#14004fixes#13998
In the test cases, the compiler bails out due to a fatal error.
The data structures used by the compiler will contain stale values.
In particular, for the test case CG(loop_var_stack) will contain data.
The next compilation will incorrectly use elements from the previous
stack.
To solve this, we reset part of the compiler data structures.
We don't do a full re-initialization via init_compiler() because that will
also reset streams and resources.
Closes GH-13938.
php_socket_errno() may return a stale value when recv returns a
value >= 0. As such, the liveness check is wrong.
This is the same bug as #70198 (fixed in GH-1456). So we fix it in the
same way.
Closes GH-13895.
MAPPHAR_FAIL will call the destructor of the manifest, mounted_dirs, and
virtual_dirs tables. When a new phar object is allocated using (p)ecalloc,
the bytes are zeroed, but the flag for an uninitialized table is
non-zero. So we have to manually set the flag in case that we have a
code path that can destroy the tables without first initializing them at
least once.
Closes GH-13847.
If the destination already exists, then the `add` function on the
manifest will return NULL, resulting in a NULL entry and therefore a
NULL deref. As `copy()` (not `Phar::copy`) chooses to succeed and
overwrite the destination if it already exists, we should do the same.
Therefore the fix is as simple as changing `add` to `update`.
Closes GH-13840.
This fixes the issue with unbounded waiting on SSL_peek which can happen
when only part of the record is fetched. It makes socket non blocking so
it is possible to verify if OpenSSL is expecting some more data or if
there is an error.
This also fixes bug #79501
Closes GH-13487
Inherited methods regardless of source must share the original runtime cache. Traits were missed.
This adds ZEND_ACC_TRAIT_CLONE to internal functions as well to allow easy distinction of these.
In commit 85e5635a, a feature test for the various libgd image formats
was added. That test however erroneously omits the GDLIB_CFLAGS (from
pkg-config) during compilation. This can lead to build failures and
therefore false negatives from the test.
Here, we add $GDLIB_CFLAGS to $CFLAGS for the duration of the test.
Closes GH-12019
autoconf/libtool generating code to test features missed `void` for
C calls prototypes w/o arguments.
Note that specific changes related to libtool have to be upstreamed.
Co-authored-by: Peter Kokot <petk@php.net>
close GH-13732
Regressed in 6fbf81c.
There is a missing error check on spl_filesystem_file_read_line(), which
means that if the line could not be read (e.g. because we're at the end
of the file), it will not set intern->u.file.current_line, which will
cause a NULL pointer deref later on.
Fix it by adding a check, and reintroducing the silent flag partially to
be able to throw an exception like it did in the past.
Closes GH-13692.
This is not just an issue due to missing initialization since moving the state
struct directly into the module globals. In earlier versions changing the mode
to `MT_RAND_PHP` within a single request would also affect the mode for
subsequent requests.
Original commit message follows:
This is a follow-up fix for GH-13579. The issue was detected in the nightly
MSAN build.
(cherry picked from commit bf0abd1629)
It's illegal to return from a bailout because that doesn't restore the
original bailout data. Return outside of it.
Test by YuanchengJiang
Closes GH-13689.
Inside `zend_object_std_dtor` the weakrefs are notified after the destruction
of properties already took place. In this test case, the destructor of an anon
class will be invoked due to the property destruction. That class has a
weak reference to its parent. This means that the destructor can access
parent properties that already have been destroyed, resulting in a UAF.
Fix this by notifying the weakrefs at the start of the object's
destruction.
Closes GH-13613.
the man page states `the locale facet is determined by the category argument, which should be
one of the LC_xxx constants defined in the <locale.h> header, excluding LC_ALL`,
since the 0.22.5 release, sanity checks had been strenghtened leading to
an abort with the Zend/tests/arginfo_zpp_mismatch.phpt test setting the
category to 0 which is LC_ALL on macOs.
close GH-13555
The character set ID included in the handshake data at the time of connection
actually only includes the lower 8 bits of the ID, so if try to use this to specify
a character set, the corresponding character set may not exist.
In case of an invalid character set, the default character set is now used
without an error.
Fixes#13452Closes#13470
There's a test that tries to make /etc world-writable, and asserts that
it fails. Although this test is guarded by a root user check, there are
situations where you don't need to be root to be able to do this.
This may thus have unwanted effects on your live filesystem.
The simple solution is to remove that part of the test. It doesn't
really add value anyway: we're trying to test the chmod error path, but
that exact same error path can be reached with any failure condition
that the kernel gives. For example, trying to chmod a non-existent file
will trigger the same code path.
While at it, also prefix the test path for the non-existent file such
that we don't accidentally modify the filesystem.
The chroot now has a better root-user check, that will not modify the
filesystem.
Other root-modifying mkdir tests were removed because they added no
value either.
Closes GH-13566.
PHP 8.1 and below interpreted unknown modes as `MT_RAND_MT19937`, but PHP 8.2+
interprets them as `MT_RAND_PHP`.
Align the behavior with PHP 8.1 and below, because folks should be steered
towards the standard mode.
When unserializing, the cached_resize field was not reset to -1
correctly, causing the setSize() method to think we were inside of a
resize operation.
Closes GH-13543.
The reflection failure is because the XML extension is used to check the
module dependency information, but that extension can be configured to
not depend on ext/libxml, resulting in a different output. The solution
is to check another extension instead.
The test failures in ext/xml/tests are because of different behaviour
between libxml2 and Expat error handling. These are expected differences
and the solution is to split the tests.
Closes GH-13522.
- Add tests
- NULL derefencing in read_dimension handler
- Fix isset()
- Fix empty() with column numbers as offsets
- Refactoring to use common functions
- Use gdFontCacheShutdown() to detect freetype
Currently we look for gdImageStringFT() to determine whether or not gd
has freetype support... but that function always exists. This leads
PHP to believe that gd has freetype support when it does not, and can
lead to build failures.
The gdFontCacheShutdown() function, on the other hand, is only present
when gd was built with freetype support. Let's use that instead.
- Fix GD image format detection
We currently check for, say, AVIF support by attempting to link a
program that calls libgd's gdImageCreateFromAvif() function. But
perversely, that function always exists in libgd; moreover when AVIF
support is missing it emits a warning and returns normally. Thus
our straightforward link test becomes not so straightforward.
This commit adds a new macro PHP_GD_CHECK_FORMAT that compiles, links,
and runs a test program instead. The test program overrides that "emit
a warning" handler so that the program actually fails if the format
we're looking for is not supported. This fixes detection of AVIF and
the other formats we check for in an external libgd.
- ext/gd/tests/bug77391.phpt: skip if gd lacks BMP support
I don't actually know how to remove BMP support from libgd, but PHP
has a ./configure test for it, so we should probably treat it as
optional.
Closes GH-12019
For master (8.4-dev) I merged GH-13381. But that PR changes public API
of TSRM, so cannot be used on lower branches.
This patch is a safe workaround for the issue, in combination with a
pre-existing fix using `ifdef ZTS + if (module_started)` inside pgsql
and odbc. The idea is to delay unloading modules until the persistent
resources are destroyed. This will keep the destructor code accessible
in memory.
This is not a proper fix on its own, because we still need the
workaround of not accessing globals after module destruction.
The proper fix is in master.
Closes GH-13388.
php_array_key_compare_string_case_unstable_i has a typo for the second
operand resulting in a wrong buffer size calculation.
Issue reported by @AlexRudyuk
Close GH-13315
libgd uses an incorrect absolute path check in gdft.c.
It checks if either the path starts with a '/' (only valid on Posix
btw), or whether it contains something of the form C:\ or C:/.
However, this overlooks the possibility of using UNC paths on Windows.
As we already do PHP-specific stuff with VCWD_ macros, use
IS_ABSOLUTE_PATH to check for an absolute path which will take into
account UNC paths as well.
Closes GH-13241.
The code currently assumes that the extra field length of the central
directory entry and the local entry are the same, but that's not the
case. For example, the "Extended Timestamp extra field" differs in size
for local vs central directory entries. This causes the file contents
offset to be incorrect because it is based on the central directory
length instead of the local entry length. Fix it by reading the local
entry and getting the size from there as well as checking consistency
for the file name length.
Closes GH-13045.
Commit 5cbe5a538c disabled chunking for all writes to streams. However,
user streams have a callback where code is executed on data that is
subject to the memory limit. Therefore, when using large writes or
stream_copy_to_stream/copy the memory limit can easily be hit with large
enough data.
To solve this, we reintroduce chunking for userspace streams.
Users have control over the chunk size, which is neat because
they can improve the performance by setting the chunk size if
that turns out to be a bottleneck.
In an ideal world, we add an option so we can "ask" the stream whether
it "prefers" chunked writes, similar to how we have
php_stream_mmap_supported & friends. However, that cannot be done on
stable branches.
Closes GH-13136.
Fixed an issue where pdo_firebird float and double type values were wrong.
Changed from using `%F` format with `zend_strpprintf` to using `%H` format with
`zend_strpprintf_unchecked`.
Fixes GH-13119
Closes GH-13125
Global --tag=CC defined in configure.ac is not correct in all cases. For example
linking objects that were compiled from C++ sources needs to be done with C++
compiler, however for link mode libtool will prefer compiler indicated with
--tag.
Fixes GH-12349
