Check if data would overlap and also add an assert. Previous
implementations didn't have this issue, as the direct assignment was
used.
Signed-off-by: Anatol Belski <ab@php.net>
When ArrayObject is round-tripped through serialize() and unserialize(),
it forgets any iterator class name which was set using ::setIteratorClass().
Fix that.
We actually implement `::__debugInfo()` and drop the `get_debug_info()`
handlers of all relevant SPL classes. This is cleaner and gives more
flexibility regarding overriding the functionality in descendant
classes.
Even though `SplStack::unserialize()` is not supposed to be called on
an already constructed instance, it is probably better if the method
clears the stack before actually unserializing.
`php_stream_write()` returns `-1` on failure now, which has to be
catered to by `SplFileObject::fputcsv()` which still is supposed to
return `false` on failure.
* PHP-7.3:
Fixed bug #78910Fix#78878: Buffer underflow in bc_shift_addsub
Fix test
Fix#78862: link() silently truncates after a null byte on Windows
Fix#78863: DirectoryIterator class silently truncates after a null byte
Fix#78943: mail() may release string with refcount==1 twice
* PHP-7.2:
Fixed bug #78910Fix#78878: Buffer underflow in bc_shift_addsub
Fix test
Fix#78862: link() silently truncates after a null byte on Windows
Fix#78863: DirectoryIterator class silently truncates after a null byte
Since the constructor of DirectoryIterator and friends is supposed to
accepts paths (i.e. strings without NUL bytes), we must not accept
arbitrary strings.
If count is ZEND_LONG_MIN the count-- loop underflows. This is
ultimately harmless, but results in a ubsan warning.
Fix this by adding a sanity check that the count isn't negative,
because that doesn't make sense...
This is a fix for symfony/symfony#32995.
The behavior is:
* Throwing exception when loading parent/interface is allowed
(and we will also throw one if the class is simply not found).
* If this happens, the bucket key for the class is reset, so
it's possibly to try registering the same class again.
* However, if the class has already been used due to a variance
obligation, the exception is upgraded to a fatal error, as we
cannot safely unregister the class stub anymore.
This allows us to drop the intermediate allocation for
spl_pqueue_elem.
This fixes GC for SplPriorityQueue, because we can now directly
return a well-formed GC child buffer.
This removes an incorrect optimization (I think this code used to be
necessary to properly handle references in the Serializable based
implementation, but now this code just avoids an array duplication
in a way that is not sound).
The php_stream_read() and php_stream_write() functions now return
an ssize_t value, with negative results indicating failure. Functions
like fread() and fwrite() will return false in that case.
As a special case, EWOULDBLOCK and EAGAIN on non-blocking streams
should not be regarded as error conditions, and be reported as
successful zero-length reads/writes instead. The handling of EINTR
remains unclear and is internally inconsistent (e.g. some code-paths
will automatically retry on EINTR, while some won't).
I'm landing this now to make sure the stream wrapper ops API changes
make it into 7.4 -- however, if the user-facing changes turn out to
be problematic we have the option of clamping negative returns to
zero in php_stream_read() and php_stream_write() to restore the
old behavior in a relatively non-intrusive manner.
No notice is thrown for list() accesses, because we did not come
to an agreement regarding patterns like
while ([$key, $value] = yield $it->next()) { ... }
where silent null access may be desirable.
No effort is made to suppress multiple notices in access chains
likes $x[0][0][0], because the technical complexity this causes
does not seem worthwhile.
RFC: https://wiki.php.net/rfc/notice-for-non-valid-array-container
