When performing an RW modification of an array offset, the undefined
offset warning may call an error handler / OB callback, which may
destroy the array we're supposed to change. Detect this by temporarily
incrementing the reference count. If we find that the array has been
modified/destroyed in the meantime, we do nothing -- the execution
model here would be that the modification has happened on the destroyed
version of the array.
I haven't tracked down in detail where the interaction with
increment_function comes from, but the root problem here is failure
to handle the illegal offset type exception.
In the interest of avoiding side-effects during dumping, I'm
replacing the value with a <constant ast> string instead of
performing an update constant operation.
A `BSTR` is similar to a `zend_string`; it stores the length of the
string just before the actual string, and thus the string may contain
NUL bytes. However, `php_com_olestring_to_string()` is supposed to
deal with arbitrary `OLECHAR*`s which may not be `BSTR`s, so we
introduce `php_com_bstr_to_string()` and use it for the only case where
we actually have to deal with `BSTR`s which may contain NUL bytes.
Contrary to `php_com_olestring_to_string()` we return a `zend_string`,
so we can save the re-allocation when converting to a `zval`.
We also cater to `php_com_string_to_olestring()` not being binary safe,
with basically the same fix we did for `php_com_olestring_to_string()`.
Casting objects to bool is supposed to yield `true`. Since the
`cast_object` handler is required now, we have to implement the
`_IS_BOOL` conversion there.
`ReflectionClass` allows reading of the values of private and protected
constants, and also to get private and protected static methods.
Therefore getting the values of private and protected static properties
is also permissible, especially since `::getStaticProperties()` already
allows to do so.
We also allow ::setStaticPropertyValue() to modify private and
protected properties, because otherwise this method is useless, as
modifying public properties can be done directly.
`atol()` returns a `long` which is not the same as `zend_long` on
LLP64; we use `ZEND_ATOL()` instead.
There is no need for a new test case, since filesize_large.phpt already
tests for that behavior; unfortunately, the FTP test suite relies on
`pcntl_fork()` and therefore cannot be run on Windows.
The `$prefix` parameter of `xmlwriter_write_element_ns()` and
`xmlwriter_start_element_ns()` is nullable, what allows these functions
to be used instead of their non NS variants. Consequently, we make the
`$prefix` parameter of `xmlwriter_write_attribute_ns()` and
`xmlwriter_start_attribute_ns()` nullable as well.
Even if the length of a maker note does not match our expectations
(either because the maker note is corrupted, or because our
expectations do not quite match reality), there is no need to let
parsing fail; we can still go on parsing the other meta information.
The `php_serialize` decode function has to return `FAILURE`, if the
unserialization failed on anything but an empty string.
The `php` decode function has also to return `FAILURE`, if there is
trailing garbage in the string.
The "callable name" may be the same for multiple distinct callables.
The code already worked around this for the case of instance methods,
but there are other cases in which callable names clash, such as
the use of self:: reported in the referenced bug.
Rather than trying to generate a unique name for callables, compare
the content of the alfi structures. This is less efficient if there
are many autoload functions, but autoload *registration* does not
need to be particularly efficient.
As a side-effect, this no longer permits unregistering non-callables.
Replace EG(autoload_func) with a C level zend_autoload hook.
This avoids having to do one indirection through PHP function
calls. The need for EG(autoload_func) was a leftover from the
__autoload() implementation.
Additionally, drop special-casing of spl_autoload(), and instead
register it just like any other autoloading function. This fixes
bug #71236 as a side-effect.
Finally, change spl_autoload_functions() to always return an array.
The distinction between false and an empty array no longer makes
sense here.
Closes GH-5696.
In module startup stage, we should not initiliaze
EG(modified_ini_directives) as it use zend MM, the zend MM will be
restart at the end of modules startup stage,
by say "partial", because this issue still exists if altering ZEND_USER
inis, we should add a zend_ini_deactive at the end of modules startup
stage, but it brings some new cost, and I think no one would do things
like that
The `timercmp()` manpage[1] points out that some systems have a broken
implementation which does not support `>=`. This is definitely the
case for the Windows SDK, which only supports `<` and `>`.
[1] <https://linux.die.net/man/3/timercmp>
If the current character is a line break character, it cannot be a tab
or space character, so we would always fail with an invalid sequence
error. Obviously, these `scan_stat == 4` conditions are meant to be
exclusive.
Furthermore, if `in_pp == NULL || in_left_p == NULL` is true, we hit a
segfault if we are not returning right away. Obviously, the additional
constraints don't make sense, so we remove them.
This is a bit tricky: In this cases we have "namespace as", which
means that we will only recognize "namespace" as an identifier when
the lookahead token is already at the "as". This means that
zend_lex_tstring picks up the wrong identifier.
We solve this by actually assigning the identifier as the semantic
value on the parser stack -- as in almost all cases we will not
actually need the identifier, this is just an (offset, size)
reference, not a copy of the string.
Additionally, we need to teach the lexer feedback mechanism used
by tokenizer TOKEN_PARSE mode to apply feedback to something
other than the very last token. To that purpose we pass through
the token text and check the tokens in reverse order to find the
right one.
Closes GH-5668.
This solves [#79628](https://bugs.php.net/79628).
Similar to `ReflectionClass::getMethods()` and `ReflectionClass::getProperties()`,
this new `$filter` argument allows the filtering of constants defined in a class by
their visibility.
For that, we create three new constants for `ReflectionClassConstant`:
* `IS_PUBLIC`
* `IS_PROTECTED`
* `IS_PRIVATE`
Closes GH-5649.
It should be noted that we still throw the usual fopen warnings,
but the final fatal error becomes an Error exception. Combine
with @ to suppress FS warnings.
Closes GH-5641.
Overriding the given INI values in modifier callbacks is not possible,
so instead of enforcing "normalized" internal values, we just reject
the attempted changes.
As its name suggests, `sqlite3_data_count` returns the number of
columns in the current row of the result set; we are interested in the
number of columns regardless of the current row, so we have to use
`sqlite3_column_count` instead.
As of PHP 7.3.0, `sapi_cli_single_write()` is supposed to return `< 0`
on failure, but `fwrite()` returns a `size_t`, and signals error by
setting the stream's error indicator. We have to cater to that.
Currently, it's possible to disable the json extension with
`./configure --disable-json` (for historical reasons that no longer apply).
However, JSON is widely used in many use cases - web sites, logging output,
and as a data format that can be used to share data with many applications
and programming languages,
so I'd personally find it useful if it was always enabled.
Examples of where this would be useful:
- For internal classes to be able to implement `JsonSerializable`
which currently requires a hard dependency on the JSON extension.
- For PHP users to publish single-file scripts that use json_encode and
json_decode and don't require polyfills or less readable var_export output.
(polyfills are less efficient and may have issues with recursive data
structures)
- So that php-src's own modules, tools and test cases can start using JSON
if it's a good choice for encoding a value. (same for PECLs)
https://wiki.php.net/rfc/jsond mentions that in PHP 5,
> The current Json Parser in the json extension does not have a free license
> which is a problem for many Linux distros.
> This has been referenced at Bug #63520.
> That results in not packaging json extension in the many Linux distributions.
Starting in php 7.0 with the switch to jsond,
It looks like licensing is no longer an issue.
Changes:
- Remove all flags related to JSON such as `configure --disable-json`
- Require that JSON be compiled statically instead of as a shared library
Examples of uses of JSON in various distros
(backwards incompatible changes such as changing packaging are typically
reserved for major versions, and 8.0 is a major version)
- JSON is required by `php-cli` or `php` in ubuntu:
https://packages.ubuntu.com/focal/php/
- The php-json package has to be installed separately
from the PHP binary in Fedora repos.
Closes GH-5495
* Properly initialize PHPDBG_G(watch_tmp)
Otherwise that may cause segfaults in ZTS builds.
* Deactivate potentially remaining watchpoints after REPL
Otherwise the memory could still be protected, resulting in segfaults
during shutdown.
* NULL zend_handlers_table after freeing
As of commit 4130fe4[1], the `zend_handlers_table` is explicitly
freed in the `zend_vm_dtor()`. Since phpdbg (and maybe some other
SAPIs) may restart the engine afterwards, we have to make sure that
the table is also NULLed.
* Only set context option if there is a context
In other words, we must not follow the null pointer.
* Cater to file handles without attached console
File handles do not necessarily have an attached console (for
instance, pipes do not), in which case `GetConsoleScreenBufferInfo()`
fails. In this case we set a default value (`40`) for lines like on
other systems.
[1] <http://git.php.net/?p=php-src.git;a=commit;h=4130fe437a5db7ead1444d3748bd0fbad9829cb2>
On startup, PHP deliberately changes the floating point control word to
enforce binary64 format for the calculations for best consistency
across platforms. However, this is unnessary for x86_64 architectures,
because in this case SSE instructions are used by default, and there is
no good reason to pass `-mfpmath=i387` or such.
Therefore, we can skip the modification, which has the benefit that
system libraries are free to work in the mode of their liking.
Even if that header file is available, we better consider it private,
and don't include it. The information about whether SSL support is
enabled is now missing (`USE_(OPEN)SSL`), and it seems there is no
alternative way to get it (`PQinitSSL()` is always defined), so we
remove it from the PHP info. Furthermore, the `PG_VERSION` and
`PG_VERSION_STR` macros are no longer available, but as of libpq 9.1
there is `PQlibVersion()` which allows us to construct `PG_VERSION` in
a most likely backwards compatible manner. The additional information
available through `PG_VERSION_STR` is lost, though, so we define
`PGSQL_LIBPQ_VERSION_STR` basically as alias of `PGSQL_LIBPQ_VERSION`,
and deprecate it right away.
Since we are now requiring at least libpq 9.1, we can remove some
further compatibility code and additional checks.
Regarding the raised requirements: official support for PostGreSQL 9.0
ended on 2015-10-08, and even CentOS 7 already has PostGreSQL 9.2, so
this is not supposed to be too much of an issue.
We can safely assume that users have at the very least libpq 7.4, for
which official support ended on 2010-10-01; even CentOS 6 has 8.4 now.
It is also noteworthy that PDO_PGSQL already requires libpq 7.4 or
later.
On startup, PHP deliberately changes the floating point control word to
enforce binary64 format for the calculations for best consistency
across platforms. However, this is unnessary when compiling under
`__SSE__`, because in this case the x87 instructions are not used.
Therefore, we can skip the modification, which has the benefit that
system libraries are free to work in the mode of their liking.
The color resolution is expected in bits 4-6 of the packed fields byte
of the logical screen descriptor (byte 10 of the GIF data stream),
according to the specification[1], section 18.
[1] <https://www.w3.org/Graphics/GIF/spec-gif89a.txt>
If opcache.record_warnings is enabled, opcache will record
compilation warnings and replay them when the file is included
again. The primary use case I have in mind for this is automated
testing of the opcache file cache.
This resolves bug #76535.
We must not attempt to access arbitrary union members when retrieving
debug info, because that may not be valid. Therefore we do no longer
dereference pointer types inside of unions, but report their address as
string in `%p` format instead.
We map the POSIX semantics of `IPC_PRIVATE` by creating unnamed file
mapping objects on Windows. While that is not particularly useful for
ext/shmop, which is the only bundled extension which uses `shmget()`,
it may be useful for external extensions.
Partially reverts 846b647953: instead of
throwing, this skips uninitialized typed properties when serializing objects.
This makes serialize with __sleep() behave the same as serialize()
without __sleep().
As in the non-__sleep() case, unserialize(serialize($x)) identity
may not be preserved due to replacement of uninitialized/unset
properties with default values. Fixing this will require changes to
the serialization format.
Closes GH-5396.
When ArrayObject is round-tripped through serialize() and unserialize(),
it forgets any iterator class name which was set using ::setIteratorClass().
Fix that.
The `start` parameter of `php_cgi_ini_activate_user_config` is supposed
to hold the byte offset of the doc root in the given `path`. However,
the current expression which fixes a potential type incompatibility
will ever only evaluate to zero or one, because it uses the *logical*
and operator (`&&`). Furthermore we notice that subtracting one from
`doc_root_len` is not necessary, so there is even no need for the
`start` parameter at all.
I stumbled upon this while debugging a strange issue with
stream_socket_client() where it randomly throws out errors when
the connection timeout is set to below 1s. The logic to calculate
time difference in php_openssl_subtract_timeval() is wrong when
a.tv_usec < b.tv_usec, causing connection errors before the timeout
is reached.
Aside from a few very specific syntax errors for which detailed exceptions are
thrown, generally PHP just emits the default error messages generated by bison on syntax
error. These messages are very uninformative; they just say "Unexpected ... at line ...".
This is most problematic with constructs which can span an arbitrary number of lines, such
as blocks of code delimited by { }, 'if' conditions delimited by ( ), and so on. If a closing
delimiter is missed, the block will run for the entire remainder of the source file (which
could be thousands of lines), and then at the end, a parse error will be thrown with the
dreaded words: "Unexpected end of file".
Therefore, track the positions of opening and closing delimiters and ensure that they match
up correctly. If any mismatch or missing delimiter is detected, immediately throw a parse
error which points the user to the offending line. This is best done in the *lexer* and not
in the parser.
Thanks to Nikita Popov and George Peter Banyard for suggesting improvements.
Fixes bug #79368.
Closes GH-5364.