This is actually about three distinct issues:
* If an empty string is passed as $address to `stream_socket_sendto()`,
the `sa` is not initialized, so we must not pass it as `addr` to
`php_stream_xport_sendto()`.
* On POSIX, `recvfrom()` truncates messages which are too long to fit
into the specified buffer (unless `MSG_PEEK` is given), discards the
excessive bytes, and returns the buffer length. On Windows, the same
happens, but `recvfrom()` returns `SOCKET_ERROR` with the error code
`WSAEMSGSIZE`. We have to catch this for best POSIX compatibility.
* In `php_network_parse_network_address_with_port()`, we have to zero
`in6` (not only its alias `sa`) to properly support IPv6.
Co-Authored-By: Nikita Popov <nikita.ppv@googlemail.com>
Don't report EAGAIN/EWOULDBLOCK as errors for fwrite on
non-blocking socket streams. This matches behavior for fread,
as well as behavior for plain file streams.
Closes GH-5026.
We add the `is_seekable` member to `php_stdio_stream_data`, and prefer
that over `is_pipe`, since the latter is simply a misnomer. We keep
`is_pipe` for now for Windows only, though, because we need special
support for pipes there. We also fix the misaligned bitfield which
formerly took 33 bit.
First, the limitation already doesn't trigger if you copy the whole
file (i.e. use copy() or stream_copy_to_stream() and don't specify
a length). This happens because length will be 0 at the time of the
check and only later calculated based on the file size. This means
that we're already completely blowing the length limit for what is
likely the most common case, and it doesn't seem like anyone complained
about that.
Second, the premise of the code comment ("to avoid runaway swapping")
seems incorrect to me. Because this performs a file-backed non-private
mmap, no swap backing is needed for the mapping. Concerns over "memory
usage" are also misplaced, as this is a virtual mapping.
This makes the stream opening actually fail, and avoids assertion
failures when we tokenize with EG(exception) set.
Also avoid throwing an additional warning after an exception has
already been thrown.
stream_get-line repeatedly calls php_stream_fill_read_buffer until
enough data is accumulated in buffer. However, when stream contains
filters attached to it, then each call to fill buffer essentially
resets buffer read/write pointers and new data is written over old.
This causes stream_get_line to skip parts of data from stream
This patch fixes such behavior, so fill buffer call will append.
There are two related changes here:
1. Also check for S_ISCHR/FILE_TYPE_CHAR when checking for pipes, so
that we detect ttys as well, which are also not seekable.
2. Always set position=-1 (i.e. ftell will return false) when a pipe
is detected. Previously position=0 was sometimes used, depending on
whether we're on Windows/Linux and whether the FD or FILE codepath
was used.
The php_stream_read() and php_stream_write() functions now return
an ssize_t value, with negative results indicating failure. Functions
like fread() and fwrite() will return false in that case.
As a special case, EWOULDBLOCK and EAGAIN on non-blocking streams
should not be regarded as error conditions, and be reported as
successful zero-length reads/writes instead. The handling of EINTR
remains unclear and is internally inconsistent (e.g. some code-paths
will automatically retry on EINTR, while some won't).
I'm landing this now to make sure the stream wrapper ops API changes
make it into 7.4 -- however, if the user-facing changes turn out to
be problematic we have the option of clamping negative returns to
zero in php_stream_read() and php_stream_write() to restore the
old behavior in a relatively non-intrusive manner.
By adding a flag to avoid forced fstat for includes. The two fstats
will happen back to back and we don't care about a possible
invalidation.
I was hoping to move this higher up in the stack and make the
ISREG check somewhere in fsizer of fixup, but this doesn't really
seem to be possible. E.g. an FP stdin handle will not be a regular
file but of course needs to be allowed. Additionally custom stream
wrappers may not implement this functionality.
Streams will be freed in an unpredictable order during shutdown.
Ignore explicit calls to php_stream_close() entirely to avoid
use-after-free -- instead let the stream resource destructor
deal with it. We have to account for a few special cases:
* Enclosed streams should be freed, as the resource destructor
will forward to the enclosing stream.
* Stream cookies also directly free streams, because we delegate
to the cookie destruction if one exists.
* Mysqlnd also directly frees streams, because it explicitly
removes stream resources (because mysqlnd!)
RFC: https://wiki.php.net/rfc/tostring_exceptions
And convert some object to string conversion related recoverable
fatal errors into Error exceptions.
Improve exception safety of internal code performing string
conversions.
readdir_r() is deprecated in modern glibc versions. readdir() is
thread safe in practice, as long as there are no concurrent accesses
on the *same* directory stream.
In order to rename safer, we do the following:
- set umask to 077 (unfortunately, not TS, so excluding ZTS)
- chown() first, to set proper group before allowing group access
- chmod() after, even if chown() fails
