The `StrLen_or_IndPtr` parameter usually may be `SQL_NO_TOTAL`; we need
to cater to that possibility to avoid working with negative string
lengths and other issues. A noteable exemption are calls to
`SQLGetData()` which return `SQL_SUCCESS`; in that case `SQL_NO_TOTAL`
can not occur.
Closes GH-6809.
`php_stream_can_cast()` forwards to `_php_stream_cast()` with `ret` set
to `NULL`. `php_pgsql_fd_cast()` needs to cater to that, because
otherwise the stream would report that it is not castable.
This *might* fix https://bugs.php.net/73903.
Closes GH-6888.
Firstly, we must not forget to set appropriate error codes for "manual"
checks in `virtual_file_ex()`.
Secondly, we must not call `php_error_docref2()` for warnings regarding
unary functions; thus, we introduce `php_win32_docref1_from_error()`.
Closes GH-6872.
The function name should be kept if Closure was created from the function which is marked as ZEND_ACC_CALL_VIA_TRAMPOLINE, because it is not a one-time thing and it may be called multiple times.
Closes GH-6867.
`buf` may contain NUL bytes, so we must not use `strcspn()` but rather
a binary safe variant. However, we also must not detect a stray CR as
line ending, and since we only need to check line endings at the end
of the buffer, we can nicely optimize.
Co-authored-by: Nikita Popov <nikita.ppv@gmail.com>
Closes GH-6836.
Function info for curl_exec() incorrect specified that the
function cannot return true. This is already fixed in PHP 8,
as the func info entry was removed there.
We use the proper type, and make sure that no overflow can occur by
using `safe_emalloc()` (we can assume that neither string length is
`SIZE_MAX`).
Closes GH-6845.
When `SSL_read()` after `SSL_shutdown()` fails with `SSL_ERROR_SYSCALL`,
we should not warn about this, because it is likely caused by the peer
having closed the connection without having sent a close_notify
shutdown alert.
Signed-off-by: Christoph M. Becker <cmbecker69@gmx.de>
Closes GH-6803.
`xmlNewNs()` does not XML encode the passed `href`, so we need to do
that manually.
Closes GH-6804.
Signed-off-by: Christoph M. Becker <cmbecker69@gmx.de>
There is no need to require a (valid) save_handler to be set, when a
user handler is supposed to be set. We just have to make sure, that
no user handler is already set in this case.
Closes GH-6788.
It is not guaranteed, that the driver inserts only a single NUL byte at
the end of the buffer. Apparently, there is no way to find out the
actual data length in the buffer after calling `SQLGetData()`, so we
adjust after the next `SQLGetData()` call.
We also prevent PDO::ODBC_ATTR_ASSUME_UTF8 from fetching garbage, by
fetching all chunks with the same C type.
Closes GH-6716.
According to the DOM standard, elements may only contain element, text,
processing instruction and comment nodes[1]. It is also specified that
a HierarchyRequestError should be thrown if a document is to be
inserted[2]. We follow that standard, and prevent the use-after-free
this way.
[1] <https://dom.spec.whatwg.org/#node-trees>
[2] <https://dom.spec.whatwg.org/#mutation-algorithms>
Closes GH-6765.
The `encoding` attribute of the XML declaration is optional; it is good
practice to use external encoding information where available if it is
missing. Thus, we check for `charset` info of `Content-Type` headers,
and see whether the encoding is supported.
We cater to trailing parameters and quoted-strings, but not to escaped
backslashes and quotes in quoted-strings, since no known character
encoding contains these anyway.
Co-authored-by: Michael Wallner <mike@php.net>
Closes GH-6747.
When opening HTTP streams, and reading the headers, we currently
discard header lines longer than `HTTP_HEADER_BLOCK_SIZE` (1024 bytes).
While this is not generally forbidden by RFC 7230, section 3.2.5, it
is not generally allowed either, since that may change the "message
framing or response semantics".
We thus fix this by allowing arbitrarily long header lines.
Closes GH-6720.
First, the `bzip2.compress` filter has the same issue as `zlib.deflate`
so we port the respective fix[1] to ext/bz2.
Second, there is still an issue, if a stream with an attached
compression filter is flushed before it is closed, without any writes
in between. In that case, the compression is never finalized. We fix
this by enforcing a `_php_stream_flush()` with the `closing` flag set
in `_php_stream_free()`, whenever a write filter is attached. This
call is superfluous for most write filters, but does not hurt, even
when it is unnecessary.
[1] <http://git.php.net/?p=php-src.git;a=commit;h=20e75329f2adb11dd231852c061926d0e4080929>
Closes GH-6703.
zend_find_array_dim_slow() may throw, make sure to handle this.
This backports the code we already use for this on PHP-8.0,
and also backports an exception check that makes this easier to
catch.
Rather than segfaulting because sname is missing lateron, report
a FAIL here. As this indicates a server bug, the errors is reported
as an out of band warning, rather than a client error.
This fixes the PHP side of bug #80713.
The PAM service requires the terminating null to be part
of the communication.
Tested with MariaDB-10.4(pam) and Percona Server 5.7.32(auth_pam_compat).
Also changed MySQL Enterprise test to the server side plugin, authentication_pam
as opposed to the client plugin mysql_clear_password.
Add additional check for pamtest user and pam service file as
all are required for the test.
More importantly, test result should actually succeed.
Thanks Geoff Montee for bug report.
Closes GH-78680.
