php-src/NEWS
2023-05-24 23:44:32 -04:00

879 lines
35 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

PHP NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
?? ??? ????, PHP 8.2.8
- Opcache:
. Fix allocation loop in zend_shared_alloc_startup(). (nielsdos)
- PCRE:
. Fix preg_replace_callback_array() pattern validation. (ilutov)
- Standard:
. Fix access on NULL pointer in array_merge_recursive(). (ilutov)
. Fix exception handling in array_multisort(). (ilutov)
08 Jun 2023, PHP 8.2.7
- Core:
. Fixed bug GH-11152 (Unable to alias namespaces containing reserved class
names). (ilutov)
. Fixed bug GH-9068 (Conditional jump or move depends on uninitialised
value(s)). (nielsdos)
. Fixed bug GH-11189 (Exceeding memory limit in zend_hash_do_resize leaves
the array in an invalid state). (Bob)
. Fixed bug GH-11063 (Compilation error on old GCC versions). (ingamedeo)
. Fixed bug GH-11222 (foreach by-ref may jump over keys during a rehash).
(Bob)
- Date:
. Fixed bug GH-11281 (DateTimeZone::getName() does not include seconds in
offset). (nielsdos)
- Exif:
. Fixed bug GH-10834 (exif_read_data() cannot read smaller stream wrapper
chunk sizes). (nielsdos)
- FPM:
. Fixed bug GH-10461 (PHP-FPM segfault due to after free usage of
child->ev_std(out|err)). (Jakub Zelenka)
. Fixed bug #64539 (FPM status page: query_string not properly JSON encoded).
(Jakub Zelenka)
. Fixed memory leak for invalid primary script file handle. (Jakub Zelenka)
- Hash:
. Fixed bug GH-11180 (hash_file() appears to be restricted to 3 arguments).
(nielsdos)
- LibXML:
. Fixed bug GH-11160 (Few tests failed building with new libxml 2.11.0).
(nielsdos)
- MBString:
. Fix bug GH-11217 (Segfault in mb_strrpos / mb_strripos when using negative
offset and ASCII encoding). (ilutov)
- Opcache:
. Fixed bug GH-11134 (Incorrect match default branch optimization). (ilutov)
. Fixed too wide OR and AND range inference. (nielsdos)
. Fixed missing class redeclaration error with OPcache enabled. (ilutov)
. Fixed bug GH-11245 (In some specific cases SWITCH with one default
statement will cause segfault). (nielsdos)
- PCNTL:
. Fixed maximum argument count of pcntl_forkx(). (nielsdos)
- PGSQL:
. Fixed parameter parsing of pg_lo_export(). (kocsismate)
- Phar:
. Fixed bug GH-11099 (Generating phar.php during cross-compile can't be
done). (peter279k)
- Soap:
. Fixed bug GH-8426 (make test fail while soap extension build). (nielsdos)
- SPL:
. Fixed bug GH-11178 (Segmentation fault in spl_array_it_get_current_data
(PHP 8.1.18)). (nielsdos)
- Standard:
. Fixed bug GH-11138 (move_uploaded_file() emits open_basedir warning for
source file). (ilutov)
. Fixed bug GH-11274 (POST/PATCH request switches to GET after a HTTP 308
redirect). (nielsdos)
- Streams:
. Fixed bug GH-10031 ([Stream] STREAM_NOTIFY_PROGRESS over HTTP emitted
irregularly for last chunk of data). (nielsdos)
. Fixed bug GH-11175 (Stream Socket Timeout). (nielsdos)
. Fixed bug GH-11177 (ASAN UndefinedBehaviorSanitizer when timeout = -1
passed to stream_socket_accept/stream_socket_client). (nielsdos)
11 May 2023, PHP 8.2.6
- Core:
. Fix inconsistent float negation in constant expressions. (ilutov)
. Fixed bug GH-8841 (php-cli core dump calling a badly formed function).
(nielsdos)
. Fixed bug GH-10737 (PHP 8.1.16 segfaults on line 597 of
sapi/apache2handler/sapi_apache2.c). (nielsdos, ElliotNB)
. Fixed bug GH-11028 (Heap Buffer Overflow in zval_undefined_cv.). (nielsdos)
. Fixed bug GH-11108 (Incorrect CG(memoize_mode) state after bailout in ??=).
(ilutov)
- Date:
. Fixed bug where the diff() method would not return the right result around
DST changeover for date/times associated with a timezone identifier. (Derick)
. Fixed out-of-range bug when converting to/from around the LONG_MIN unix
timestamp. (Derick)
- DOM:
. Fixed bug #80602 (Segfault when using DOMChildNode::before()).
(Nathan Freeman)
. Fixed incorrect error handling in dom_zvals_to_fragment(). (nielsdos)
- Exif:
. Fixed bug GH-9397 (exif read : warnings and errors : Potentially invalid
endianess, Illegal IFD size and Undefined index). (nielsdos)
- Intl:
. Fixed bug GH-11071 (TZData version not displayed anymore). (Remi)
- PCRE:
. Fixed bug GH-10968 (Segfault in preg_replace_callback_array()). (ilutov)
- Reflection:
. Fixed bug GH-10983 (State-dependant segfault in
ReflectionObject::getProperties). (nielsdos)
- SPL:
. Handle indirect zvals and use up-to-date properties in
SplFixedArray::__serialize. (nielsdos)
- Standard:
. Fixed bug GH-10990 (mail() throws TypeError after iterating over
$additional_headers array by reference). (nielsdos)
. Fixed bug GH-9775 (Duplicates returned by array_unique when using enums).
(ilutov)
- Streams:
. Fixed bug GH-10406 (feof() behavior change for UNIX based socket
resources). (Jakub Zelenka)
13 Apr 2023, PHP 8.2.5
- Core:
. Added optional support for max_execution_time in ZTS/Linux builds
(Kévin Dunglas)
. Fixed use-after-free in recursive AST evaluation. (ilutov)
. Fixed bug GH-8646 (Memory leak PHP FPM 8.1). (nielsdos)
. Re-add some CTE functions that were removed from being CTE by a mistake.
(mvorisek)
. Remove CTE flag from array_diff_ukey(), which was added by mistake.
(mvorisek)
. Fixed bug GH-10801 (Named arguments in CTE functions cause a segfault).
(nielsdos)
. Fixed bug GH-8789 (PHP 8.0.20 (ZTS) zend_signal_handler_defer crashes on
apache). (nielsdos)
. Fixed bug GH-10015 (zend_signal_handler_defer crashes on apache shutdown).
(nielsdos)
. Fixed bug GH-10810 (Fix NUL byte terminating Exception::__toString()).
(ilutov)
. Fix potential memory corruption when mixing __callStatic() and FFI. (ilutov)
- Date:
. Fixed bug GH-10747 (Private and protected properties in serialized Date*
objects throw). (Derick)
- FPM:
. Fixed bug GH-10611 (fpm_env_init_main leaks environ). (nielsdos)
. Destroy file_handle in fpm_main. (Jakub Zelenka, nielsdos)
. Fixed bug #74129 (Incorrect SCRIPT_NAME with apache ProxyPassMatch when
spaces are in path). (Jakub Zelenka)
- FTP:
. Propagate success status of ftp_close(). (nielsdos)
. Fixed bug GH-10521 (ftp_get/ftp_nb_get resumepos offset is maximum 10GB).
(nielsdos)
- IMAP:
. Fix build failure with Clang 16. (orlitzky)
- MySQLnd:
. Fixed bug GH-8979 (Possible Memory Leak with SSL-enabled MySQL
connections). (nielsdos)
- Opcache:
. Fixed build for macOS to cater with pkg-config settings. (David Carlier)
. Fixed bug GH-8065 (opcache.consistency_checks > 0 causes segfaults in
PHP >= 8.1.5 in fpm context). (nielsdos)
- OpenSSL:
. Add missing error checks on file writing functions. (nielsdos)
- PDO Firebird:
. Fixed bug GH-10908 (Bus error with PDO Firebird on RPI with 64 bit kernel
and 32 bit userland). (nielsdos)
- Phar:
. Fixed bug GH-10766 (PharData archive created with Phar::Zip format does
not keep files metadata (datetime)). (nielsdos)
. Add missing error checks on EVP_MD_CTX_create() and EVP_VerifyInit().
(nielsdos)
- PDO ODBC:
. Fixed missing and inconsistent error checks on SQLAllocHandle. (nielsdos)
- PGSQL:
. Fixed typo in the array returned from pg_meta_data (extended mode).
(David Carlier)
- SPL:
. Fixed bug GH-10519 (Array Data Address Reference Issue). (Nathan Freeman)
. Fixed bug GH-10907 (Unable to serialize processed SplFixedArrays in
PHP 8.2.4). (nielsdos)
. Fixed bug GH-10844 (ArrayIterator allows modification of readonly props).
(ilutov)
- Standard:
. Fixed bug GH-10885 (stream_socket_server context leaks). (ilutov)
. Fixed bug GH-10052 (Browscap crashes PHP 8.1.12 on request shutdown
(apache2)). (nielsdos)
. Fixed oss-fuzz #57392 (Buffer-overflow in php_fgetcsv() with \0 delimiter
and enclosure). (ilutov)
. Fixed undefined behaviour in unpack(). (nielsdos)
16 Mar 2023, PHP 8.2.4
- Core:
. Fixed incorrect check condition in ZEND_YIELD. (nielsdos)
. Fixed incorrect check condition in type inference. (nielsdos)
. Fix incorrect check in zend_internal_call_should_throw(). (nielsdos)
. Fixed overflow check in OnUpdateMemoryConsumption. (nielsdos)
. Fixed bug GH-9916 (Entering shutdown sequence with a fiber suspended in a
Generator emits an unavoidable fatal error or crashes). (Arnaud)
. Fixed bug GH-10437 (Segfault/assertion when using fibers in shutdown
function after bailout). (trowski)
. Fixed SSA object type update for compound assignment opcodes. (nielsdos)
. Fixed language scanner generation build. (Daniel Black)
. Fixed zend_update_static_property() calling zend_update_static_property_ex()
misleadingly with the wrong return type. (nielsdos)
. Fix bug GH-10570 (Fixed unknown string hash on property fetch with integer
constant name). (nielsdos)
. Fixed php_fopen_primary_script() call resulted on zend_destroy_file_handle()
freeing dangling pointers on the handle as it was uninitialized. (nielsdos)
- Curl:
. Fixed deprecation warning at compile time. (Max Kellermann)
. Fixed bug GH-10270 (Unable to return CURL_READFUNC_PAUSE in readfunc
callback). (Pierrick Charron)
- Date:
. Fix GH-10447 ('p' format specifier does not yield 'Z' for 00:00). (Derick)
. Fix GH-10152 (Custom properties of Date's child classes are not
serialised). (Derick)
- FFI:
. Fixed incorrect bitshifting and masking in ffi bitfield. (nielsdos)
- Fiber:
. Fixed assembly on alpine x86. (nielsdos)
. Fixed bug GH-10496 (segfault when garbage collector is invoked inside of
fiber). (Bob, Arnaud)
- FPM:
. Fixed bug GH-10315 (FPM unknown child alert not valid). (Jakub Zelenka)
. Fixed bug GH-10385 (FPM successful config test early exit). (nielsdos)
- GMP:
. Properly implement GMP::__construct(). (nielsdos)
- Intl:
. Fixed bug GH-10647 (Spoolchecker isSuspicious/areConfusable methods
error code's argument always returning NULL0. (Nathan Freeman)
- JSON:
. Fixed JSON scanner and parser generation build.
(Daniel Black, Jakub Zelenka)
- MBString:
. ext/mbstring: fix new_value length check. (Max Kellermann)
. Fix bug GH-10627 (mb_convert_encoding crashes PHP on Windows). (nielsdos)
- Opcache:
. Fix incorrect page_size check. (nielsdos)
. Fix readonly modification check when using inc/dec operators on readonly
property with JIT. (ilutov)
- OpenSSL:
. Fixed php_openssl_set_server_dh_param() DH params errors handling. (nielsdos)
- PDO OCI:
. Fixed bug #60994 (Reading a multibyte CLOB caps at 8192 chars).
(Michael Voříšek)
- PHPDBG:
. Fixed bug GH-10715 (heap buffer overflow on --run option misuse). (nielsdos)
- PGSQL:
. Fix GH-10672 (pg_lo_open segfaults in the strict_types mode). (girgias)
- Phar:
. Fix incorrect check in phar tar parsing. (nielsdos)
- Random:
. Fix GH-10390 (Do not trust arc4random_buf() on glibc). (timwolla)
. Fix GH-10292 (Made the default value of the first param of srand() and
mt_srand() unknown). (kocsismate)
- Reflection:
. Fixed bug GH-10623 (Reflection::getClosureUsedVariables opcode fix with
variadic arguments). (nielsdos)
. Fix Segfault when using ReflectionFiber suspended by an internal function.
(danog)
- Session:
. Fixed ps_files_cleanup_dir() on failure code paths with -1 instead of 0 as
the latter was considered success by callers. (nielsdos).
- Standard:
. Fixed bug GH-8086 (Introduce mail.mixed_lf_and_crlf INI). (Jakub Zelenka)
. Fixed bug GH-10292 (Made the default value of the first param of srand() and
mt_srand() unknown). (kocsismate)
. Fix incorrect check in cs_8559_5 in map_from_unicode(). (nielsdos)
. Fix bug GH-9697 for reset/end/next/prev() attempting to move pointer of
properties table for certain internal classes such as FFI classes
. Fix incorrect error check in browsecap for pcre2_match(). (nielsdos)
- Streams:
. Fixed bug GH-10370 (File corruption in _php_stream_copy_to_stream_ex when
using copy_file_range). (nielsdos)
. Fixed bug GH-10548 (copy() fails on cifs mounts because of incorrect
copy_file_range() len). (nielsdos)
- Tidy:
. Fix memory leaks when attempting to open a non-existing file or a file over
4GB. (Girgias)
. Add missing error check on tidyLoadConfig. (nielsdos)
- Zlib:
. Fixed output_handler directive value's length which counted the string
terminator. (nieldos)
14 Feb 2023, PHP 8.2.3
- Core:
. Fixed bug #81744 (Password_verify() always return true with some hash).
(CVE-2023-0567). (Tim Düsterhus)
. Fixed bug #81746 (1-byte array overrun in common path resolve code).
(CVE-2023-0568). (Niels Dossche)
- SAPI:
. Fixed bug GHSA-54hq-v5wp-fqgv (DOS vulnerability when parsing multipart
request body). (CVE-2023-0662) (Jakub Zelenka)
02 Feb 2023, PHP 8.2.2
- Core:
. Fixed bug GH-10200 (zif_get_object_vars:
Assertion `!(((__ht)->u.flags & (1<<2)) != 0)' failed). (nielsdos)
. Fix GH-10251 (Assertion `(flag & (1<<3)) == 0' failed). (nielsdos)
. Fix GH-10240 (Assertion failure when adding more than 2**30 elements to an
unpacked array). (Arnaud)
. Fix GH-9735 (Fiber stack variables do not participate in cycle collector).
(Arnaud)
. Fix GH-9675 (Broken run_time_cache init for internal enum methods).
(Petar Obradović, Bob)
. Fix GH-10248 (Assertion `!(zval_get_type(&(*(property))) == 10)' failed).
(nielsdos)
- FPM:
. Fixed bug #77106 (Missing separator in FPM FastCGI errors). (Jakub Zelenka)
. Fixed bug GH-9981 (FPM does not reset fastcgi.error_header).
(Jakub Zelenka)
. Fixed bug #68591 (Configuration test does not perform UID lookups).
(Jakub Zelenka)
. Fixed memory leak when running FPM config test. (Jakub Zelenka)
. Fixed bug #67244 (Wrong owner:group for listening unix socket).
(Jakub Zelenka)
- Hash:
. Handle exceptions from __toString in XXH3's initialization (nielsdos)
- LDAP:
. Fixed bug GH-10112 (LDAP\Connection::__construct() refers to ldap_create()).
(cmb)
- Opcache:
. Fix inverted bailout value in zend_runtime_jit() (Max Kellermann).
. Fix access to uninitialized variable in accel_preload(). (nielsdos)
. Fix zend_jit_find_trace() crashes. (Max Kellermann)
. Added missing lock for EXIT_INVALIDATE in zend_jit_trace_exit. (Max Kellermann)
- Phar:
. Fix wrong flags check for compression method in phar_object.c (nielsdos)
- PHPDBG:
. Fix undefined behaviour in phpdbg_load_module_or_extension(). (nielsdos)
. Fix NULL pointer dereference in phpdbg_create_conditional_breal(). (nielsdos)
. Fix GH-9710: phpdbg memory leaks by option "-h" (nielsdos)
. Fix phpdbg segmentation fault in case of malformed input (nielsdos)
- Posix:
. Fix memory leak in posix_ttyname() (girgias)
- Random:
. Fixed bug GH-10247 (Theoretical file descriptor leak for /dev/urandom). (timwolla)
- Standard:
. Fix GH-10187 (Segfault in stripslashes() with arm64). (nielsdos)
. Fixed bug GH-10214 (Incomplete validation of object syntax during
unserialize()). (timwolla)
. Fix substr_replace with slots in repl_ht being UNDEF. (nielsdos)
- XMLWriter
. Fix missing check for xmlTextWriterEndElement (nielsdos)
05 Jan 2023, PHP 8.2.1
- Core:
. Fixed bug GH-9905 (constant() behaves inconsistent when class is undefined).
(cmb)
. Fixed bug GH-9918 (License information for xxHash is not included in
README.REDIST.BINS file). (Akama Hitoshi)
. Fixed bug GH-9890 (OpenSSL legacy providers not available on Windows). (cmb)
. Fixed bug GH-9650 (Can't initialize heap: [0x000001e7]). (Michael Voříšek)
. Fixed potentially undefined behavior in Windows ftok(3) emulation. (cmb)
. Fixed GH-9769 (Misleading error message for unpacking of objects). (jhdxr)
- Apache:
. Fixed bug GH-9949 (Partial content on incomplete POST request). (cmb)
- FPM:
. Fixed bug GH-9959 (Solaris port event mechanism is still broken after bug
#66694). (Petr Sumbera)
. Fixed bug #68207 (Setting fastcgi.error_header can result in a WARNING).
(Jakub Zelenka)
. Fixed bug #80669 (FPM numeric user fails to set groups). (Jakub Zelenka)
. Fixed bug GH-8517 (Random crash of FPM master process in
fpm_stdio_child_said). (Jakub Zelenka)
- Imap:
. Fixed bug GH-10051 (IMAP: there's no way to check if a IMAP\Connection is
still open). (Girgias)
- MBString:
. Fixed bug GH-9535 (The behavior of mb_strcut in mbstring has been changed in
PHP8.1). (Nathan Freeman)
- Opcache:
. Fixed bug GH-9968 (Segmentation Fault during OPCache Preload).
(Arnaud, michdingpayc)
- OpenSSL:
. Fixed bug GH-9997 (OpenSSL engine clean up segfault). (Jakub Zelenka)
. Fixed bug GH-9064 (PHP fails to build if openssl was built with --no-ec).
(Jakub Zelenka)
. Fixed bug GH-10000 (OpenSSL test failures when OpenSSL compiled with
no-dsa). (Jakub Zelenka)
- Pcntl:
. Fixed bug GH-9298 (Signal handler called after rshutdown leads to crash).
(Erki Aring)
- PDO_Firebird:
. Fixed bug GH-9971 (Incorrect NUMERIC value returned from PDO_Firebird).
(cmb)
- PDO/SQLite:
. Fixed bug #81740 (PDO::quote() may return unquoted string). (CVE-2022-31631)
(cmb)
- Session:
. Fixed GH-9932 (session name silently fails with . and [). (David Carlier)
- SPL:
. Fixed GH-9883 (SplFileObject::__toString() reads next line). (Girgias)
. Fixed GH-10011 (Trampoline autoloader will get reregistered and cannot be
unregistered). (Girgias)
- SQLite3:
. Fixed bug #81742 (open_basedir bypass in SQLite3 by using file URI). (cmb)
- TSRM:
. Fixed Windows shmget() wrt. IPC_PRIVATE. (Tyson Andre)
08 Dec 2022, PHP 8.2.0
- CLI:
. Fixed bug #81496 (Server logs incorrect request method). (lauri)
. Updated the mime-type table for the builtin-server. (Ayesh Karunaratne)
. Fixed potential overflow for the builtin server via the
PHP_CLI_SERVER_WORKERS environment variable. (yiyuaner)
. Fixed GH-8575 by changing STDOUT, STDERR and STDIN to not close on resource
destruction. (Jakub Zelenka)
. Implement built-in web server responding without body to HEAD request on
a static resource. (Vedran Miletic, Marin Martuslovic)
. Implement built-in web server responding with HTTP status 405 to
DELETE/PUT/PATCH request on a static resource.
(Vedran Miletic, Marin Martuslovic)
. Fixed bug GH-9709 (Null pointer dereference with -w/-s options).
(Adam Saponara)
- COM:
. Fixed bug GH-8750 (Can not create VT_ERROR variant type). (cmb)
- Core:
. Fixed bug #81380 (Observer may not be initialized properly). (krakjoe)
. Fixed bug GH-7771 (Fix filename/lineno of constant expressions). (ilutov)
. Fixed bug GH-7792 (Improve class type in error messages). (ilutov)
. Support huge pages on MacOS. (David CARLIER)
. Fixed bug GH-8655 (Casting an object to array does not unwrap refcount=1
references). (Nicolas Grekas)
. Fixed bug GH-8661 (Nullsafe in coalesce triggers undefined variable
warning). (ilutov)
. Fixed bug GH-7821 and GH-8418 (Allow arbitrary const expressions in backed
enums). (ilutov)
. Fixed bug GH-8810 (Incorrect lineno in backtrace of multi-line function
calls). (ilutov)
. Optimised code path for newly created file with the stream plain wrapper. (Max Kellermann)
. Uses safe_perealloc instead of perealloc for the
ZEND_PTR_STACK_RESIZE_IF_NEEDED to avoid possible overflows. (David Carlier)
. Reduced the memory footprint of strings returned by var_export(),
json_encode(), serialize(), iconv_*(), mb_ereg*(), session_create_id(),
http_build_query(), strstr(), Reflection*::__toString(). (Arnaud)
. Fixed bug GH-8995 (WeakMap object reference offset causing TypeError).
(Tobias Bachert)
. Added error_log_mode ini setting. (Mikhail Galanin)
. Updated request startup messages. (Eric Norris)
. Fixed bug GH-7900 (Arrow function with never return type compile-time
errors). (ilutov)
. Fixed incorrect double to long casting in latest clang. (zeriyoshi)
. Added support for defining constants in traits. (sj-i)
. Stop incorrectly emitting false positive deprecation notice alongside
unsupported syntax fatal error for `"{$g{'h'}}"`. (TysonAndre)
. Fix unexpected deprecated dynamic property warning, which occurred when
exit() in finally block after an exception was thrown without catching.
(Twosee)
. Fixed bug GH-9323 (Crash in ZEND_RETURN/GC/zend_call_function)
(Tim Starling)
. Fixed bug GH-9227 (Trailing dots and spaces in filenames are ignored).
(cmb)
. Fixed bug GH-9285 (Traits cannot be used in readonly classes).
(kocsismate)
. Fixed bug GH-9186 (@strict-properties can be bypassed using
unserialization). (kocsismate)
. Fixed bug GH-9500 (Using dnf type with parentheses after readonly keyword
results in a parse error). (ilutov)
. Fixed bug GH-9516 ((A&B)|D as a param should allow AB or D. Not just A).
(Girgias)
. Fixed observer class notify with Opcache file_cache_only=1. (ilutov)
. Fixes segfault with Fiber on FreeBSD i386 architecture. (David Carlier)
. Fixed bug GH-9655 (Pure intersection types cannot be implicitly nullable)
(Girgias)
. Fixed bug GH-9589 (dl() segfaults when module is already loaded). (cmb,
Arnaud)
. Fixed bug GH-9752 (Generator crashes when interrupted during argument
evaluation with extra named params). (Arnaud)
. Fixed bug GH-9801 (Generator crashes when memory limit is exceeded during
initialization). (Arnaud)
. Fixed a bug with preloaded enums possibly segfaulting. (Bob)
. Fixed bug GH-9823 (Dont reset func in zend_closure_internal_handler).
(Florian Sowade)
. Fixed potential NULL pointer dereference Windows shm*() functions. (cmb)
. Fix target validation for internal attributes with constructor property
promotion. (kooldev)
. Fixed bug GH-9750 (Generator memory leak when interrupted during argument
evaluation. (Arnaud)
- Curl:
. Added support for CURLOPT_XFERINFOFUNCTION. (David Carlier)
. Added support for CURLOPT_MAXFILESIZE_LARGE. (David Carlier)
. Added new constants from cURL 7.62 to 7.80. (Pierrick)
. New function curl_upkeep(). (Pierrick)
- Date:
. Fixed GH-8458 (DateInterval::createFromDateString does not throw if
non-relative items are present). (Derick)
. Fixed bug #52015 (Allow including end date in DatePeriod iterations)
(Daniel Egeberg, Derick)
. idate() now accepts format specifiers "N" (ISO Day-of-Week) and "o" (ISO
Year). (Pavel Djundik)
. Fixed bug GH-8730 (DateTime::diff miscalculation is same time zone of
different type). (Derick)
. Fixed bug GH-8964 (DateTime object comparison after applying delta less
than 1 second). (Derick)
. Fixed bug GH-9106: (DateInterval 1.5s added to DateTimeInterface is rounded
down since PHP 8.1.0). (Derick)
. Fixed bug #75035 (Datetime fails to unserialize "extreme" dates).
(Derick)
. Fixed bug #80483 (DateTime Object with 5-digit year can't unserialized).
(Derick)
. Fixed bug #81263 (Wrong result from DateTimeImmutable::diff). (Derick)
. Fixed bug GH-9431 (DateTime::getLastErrors() not returning false when no
errors/warnings). (Derick)
. Fixed bug with parsing large negative numbers with the @ notation. (Derick)
- DBA:
. Fixed LMDB driver hanging when attempting to delete a non-existing key
(Girgias)
. Fixed LMDB driver memory leak on DB creation failure (Girgias)
. Fixed GH-8856 (dba: lmdb: allow to override the MDB_NOSUBDIR flag). (Girgias)
- FFI:
. Fixed bug GH-9090 (Support assigning function pointers in FFI). (Adam
Saponara)
- Fileinfo:
. Fixed bug GH-8805 (finfo returns wrong mime type for woff/woff2 files).
(Anatol)
- Filter:
. Added FILTER_FLAG_GLOBAL_RANGE to filter Global IPs. (vnsavage)
- FPM:
. Emit error for invalid port setting. (David Carlier)
. Added extra check for FPM proc dumpable on SELinux based systems.
(David Carlier)
. Added support for listening queue on macOS. (David Carlier)
. Changed default for listen.backlog on Linux to -1. (Cristian Rodríguez)
. Added listen.setfib pool option to set route FIB on FreeBSD. (David Carlier)
. Added access.suppress_path pool option to filter access log entries.
(Mark Gallagher)
. Fixed on fpm scoreboard occasional warning on acquisition failure.
(Felix Wiedemann)
. Fixed bug GH-9754 (SaltStack (using Python subprocess) hangs when running
php-fpm 8.1.11). (Jakub Zelenka)
- FTP:
. Fix datetime format string to follow POSIX spec in ftp_mdtm(). (Jihwan Kim)
- GD:
. Fixed bug #81739: OOB read due to insufficient input validation in
imageloadfont(). (CVE-2022-31630) (cmb)
- GMP:
. Fixed bug GH-9308 (GMP throws the wrong error when a GMP object is passed
to gmp_init()). (Girgias)
- Hash:
. Fixed bug #81738: buffer overflow in hash_update() on long parameter.
(CVE-2022-37454) (nicky at mouha dot be)
. Fixed bug GH-10077: Fix compilation on RHEL 7 ppc64le. (Mattias Ellert)
- Intl:
. Update all grandfathered language tags with preferred values
. Fixed GH-7939 (Cannot unserialize IntlTimeZone objects). (cmb)
. Fixed build for ICU 69.x and onwards. (David Carlier)
. Declared Transliterator::$id as readonly to unlock subclassing it. (Nicolas
Grekas)
. Fixed bug GH-9421 (Incorrect argument number for ValueError in NumberFormatter).
(Girgias)
- MBString:
. Fixed bug GH-9248 (Segmentation fault in mb_strimwidth()). (cmb)
- mysqli:
. Fixed bug GH-9841 (mysqli_query throws warning despite using
silenced error mode). (Kamil Tekiela)
- MySQLnd:
. Fixed potential heap corruption due to alignment mismatch. (cmb)
- OCI8:
. Added oci8.prefetch_lob_size directive to tune LOB query performance
. Support for building against Oracle Client libraries 10.1 and 10.2 has been
dropped. Oracle Client libraries 11.2 or newer are now required.
- ODBC:
. Fixed bug GH-8300 (User input not escaped when building connection string).
(Calvin Buckley)
. Fixed bug GH-9347 (Current ODBC liveness checks may be inadequate). (Calvin
Buckley)
- Opcache:
. Allocate JIT buffer close to PHP .text segemnt to allow using direct
IP-relative calls and jumps.
(Su Tao, Wang Xue, Chen Hu, Lizhen Lizhen, Dmitry)
. Added initial support for JIT performance profiling generation
for macOs Instrument. (David Carlier)
. Fixed bug GH-8030 (Segfault with JIT and large match/switch statements).
(Arnaud)
. Added JIT support improvement for macOs for segments and executable permission
bit handling. (David Carlier)
. Added JIT buffer allocation near the .text section on FreeNSD. (David Carlier)
. Fixed bug GH-9371 (Crash with JIT on mac arm64)
(jdp1024/David Carlier)
. Fixed bug GH-9259 (opcache.interned_strings_buffer setting integer
overflow). (Arnaud)
. Added indirect call reduction for jit on x86 architectures. (wxue1)
- OPcache:
. Fixed bug GH-9164 (Segfault in zend_accel_class_hash_copy).
(Arnaud, Sergei Turchanov)
- OpenSSL:
. Discard poll calls on socket when no timeout/non blocking/MSG_DONTWAIT. (Max Kellermann)
. Fixed bug GH-9310 (SSL local_cert and local_pk do not respect
open_basedir). (Jakub Zelenka)
. Implement FR #76935 ("chacha20-poly1305" is an AEAD but does not work like
AEAD). (Jakub Zelenka)
. Added openssl_cipher_key_length function. (Jakub Zelenka)
. Fixed bug GH-9517 (Compilation error openssl extension related to PR
GH-9366). (Jakub Zelenka)
. Fixed missing clean up of OpenSSL engine list - attempt to fix GH-8620.
(Jakub Zelenka)
. Fixed bug GH-8430 (OpenSSL compiled with no-md2, no-md4 or no-rmd160 does
not build). (Jakub Zelenka, fsbruva)
- PCNTL:
. Fixed pcntl_(get|set)priority error handling for MacOS. (Juan Morales)
- PCRE:
. Implemented FR #77726 (Allow null character in regex patterns). (tobil4sk)
. Updated bundled libpcre to 10.40. (cmb)
- PDO:
. Fixed bug GH-9818 (Initialize run time cache in PDO methods).
(Florian Sowade)
- PDO_Firebird:
. Fixed bug GH-8576 (Bad interpretation of length when char is UTF-8). (cmb)
- PDO_ODBC:
. Fixed bug #80909 (crash with persistent connections in PDO_ODBC). (Calvin
Buckley)
. Fixed bug GH-8300 (User input not escaped when building connection string).
(Calvin Buckley)
. Fixed bug GH-9347 (Current ODBC liveness checks may be inadequate). (Calvin
Buckley)
. Fixed bug GH-9372 (HY010 when binding overlong parameter). (cmb)
- PDO_PGSQL:
. Fixed bug GH-9411 (PgSQL large object resource is incorrectly closed).
(Yurunsoft)
- Random:
. Added new random extension. (Go Kudo)
. Fixed bug GH-9067 (random extension is not thread safe). (cmb)
. Fixed bug GH-9055 (segmentation fault if user engine throws). (timwolla)
. Fixed bug GH-9066 (signed integer overflow). (zeriyoshi)
. Fixed bug GH-9083 (undefined behavior during shifting). (timwolla)
. Fixed bug GH-9088, GH-9056 (incorrect expansion of bytes when
generating uniform integers within a given range). (timwolla)
. Fixed bug GH-9089 (Fix memory leak on Randomizer::__construct()
call twice). (zeriyoshi)
. Fixed bug GH-9212 (PcgOneseq128XslRr64::jump() should not allow negative
$advance). (Anton Smirnov)
. Changed Mt19937 to throw a ValueError instead of InvalidArgumentException
for invalid $mode. (timwolla)
. Splitted Random\Randomizer::getInt() (without arguments) to
Random\Randomizer::nextInt(). (zeriyoshi)
. Fixed bug GH-9235 (non-existant $sequence parameter in stub for
PcgOneseq128XslRr64::__construct()). (timwolla)
. Fixed bug GH-9190, GH-9191 (undefined behavior for MT_RAND_PHP when
handling large ranges). (timwolla)
. Fixed bug GH-9249 (Xoshiro256StarStar does not reject the invalid
all-zero state). (timwolla)
. Removed redundant RuntimeExceptions from Randomizer methods. The
exceptions thrown by the engines will be exposed directly. (timwolla)
. Added extension specific Exceptions/Errors (RandomException, RandomError,
BrokenRandomEngineError). (timwolla)
. Fixed bug GH-9415 (Randomizer::getInt(0, 2**32 - 1) with Mt19937
always returns 1). (timwolla)
. Fixed Randomizer::getInt() consistency for 32-bit engines. (timwolla)
. Fixed bug GH-9464 (build on older macOs releases). (David Bohman)
. Fixed bug GH-9839 (Pre-PHP 8.2 output compatibility for non-mt_rand()
functions for MT_RAND_PHP). (timwolla)
- Reflection:
. Added ReflectionFunction::isAnonymous(). (Nicolas Grekas)
. Added ReflectionMethod::hasPrototype(). (Ollie Read)
. Narrow ReflectionEnum::getBackingType() return type to ReflectionNamedType.
(SamMousa)
. Fixed bug GH-8932 (ReflectionFunction provides no way to get the called
class of a Closure). (cmb, Nicolas Grekas)
- Session:
. Fixed bug GH-7787 (Improve session write failure message for user error
handlers). (ilutov)
. Fixed GH-9200 (setcookie has an obsolete expires date format). (timwolla)
. Fixed GH-9584 (Avoid memory corruption when not unregistering custom session
handler). (ilutov)
. Fixed bug GH-9583 (session_create_id() fails with user defined save handler
that doesn't have a validateId() method). (Girgias)
- SOAP:
. Fixed bug GH-9720 (Null pointer dereference while serializing the response).
(cmb)
- Sockets:
. Added TCP_NOTSENT_LOWAT socket option. (David Carlier)
. Added SO_MEMINFO socket option. (David Carlier)
. Added SO_RTABLE socket option (OpenBSD), equivalent of SO_MARK (Linux).
(David Carlier)
. Added TCP_KEEPALIVE, TCP_KEEPIDLE, TCP_KEEPINTVL, TCP_KEEPCNT socket
options. (David Carlier)
. Added ancillary data support for FreeBSD. (David Carlier)
. Added ancillary data support for NetBSD. (David Carlier)
. Added SO_BPF_EXTENSIONS socket option. (David Carlier)
. Added SO_SETFIB socket option. (David Carlier)
. Added TCP_CONGESTION socket option. (David Carlier)
. Added SO_ZEROCOPY/MSG_ZEROCOPY options. (David Carlier)
. Added SOL_FILTER socket option for Solaris. (David Carlier)
. Fixed socket constants regression as of PHP 8.2.0beta3. (Bruce Dou)
- Sodium:
. Added sodium_crypto_stream_xchacha20_xor_ic(). (Scott)
- SPL:
. Uses safe_erealloc instead of erealloc to handle heap growth
for the SplHeap::insert method to avoid possible overflows. (David Carlier)
. Widen iterator_to_array() and iterator_count()'s $iterator parameter to
iterable. (timwolla)
. Fixed bug #69181 (READ_CSV|DROP_NEW_LINE drops newlines within fields).
(cmb)
. Fixed bug #65069 (GlobIterator incorrect handling of open_basedir check).
(Jakub Zelenka)
- SQLite3:
. Changed sqlite3.defensive from PHP_INI_SYSTEM to PHP_INI_USER. (bohwaz)
- Standard:
. net_get_interfaces() also reports wireless network interfaces on Windows.
(Yurun)
. Finished AVIF support in getimagesize(). (Yannis Guyon)
. Fixed bug GH-7847 (stripos with large haystack has bad performance).
(ilutov)
. New function memory_reset_peak_usage(). (Patrick Allaert)
. Fixed parse_url(): can not recognize port without scheme. (pandaLIU)
. Deprecated utf8_encode() and utf8_decode(). (Rowan Tommins)
. Fixed the crypt_sha256/512 api build with clang > 12. (David Carlier)
. Uses safe_erealloc instead of erealloc to handle options in getopt
to avoid possible overflows. (David Carlier)
. Implemented FR GH-8924 (str_split should return empty array for empty
string). (Michael Vorisek)
. Added ini_parse_quantity function to convert ini quantities shorthand
notation to int. (Dennis Snell)
. Enable arc4random_buf for Linux glibc 2.36 and onwards
for the random_bytes. (Cristian Rodriguez)
. Uses CCRandomGenerateBytes instead of arc4random_buf on macOs. (David Carlier).
. Fixed bug #65489 (glob() basedir check is inconsistent). (Jakub Zelenka)
. Fixed GH-9200 (setcookie has an obsolete expires date format). (Derick)
. Fixed GH-9244 (Segfault with array_multisort + array_shift). (cmb)
. Fixed bug GH-9296 (`ksort` behaves incorrectly on arrays with mixed keys).
(Denis Vaksman)
. Marked crypt()'s $string parameter as #[\SensitiveParameter]. (timwolla)
. Fixed bug GH-9464 (build on older macOs releases). (David Bohman)
. Fixed bug GH-9518 (Disabling IPv6 support disables unrelated constants).
(cmb)
. Revert "Fixed parse_url(): can not recognize port without scheme."
(andypost)
- Streams:
. Set IP_BIND_ADDRESS_NO_PORT if available when connecting to remote host.
(Cristian Rodríguez)
. Fixed bug GH-8548 (stream_wrapper_unregister() leaks memory). (ilutov)
. Discard poll calls on socket when no timeout/non blocking/MSG_DONTWAIT. (Max Kellermann)
. Fixed bug GH-9316 ($http_response_header is wrong for long status line).
(cmb, timwolla)
. Fixed bug GH-9590 (stream_select does not abort upon exception or empty
valid fd set). (Arnaud)
. Fixed bug GH-9653 (file copy between different filesystems). (David Carlier)
. Fixed bug GH-9779 (stream_copy_to_stream fails if dest in append mode).
(Jakub Zelenka)
- Windows:
. Added preliminary support for (cross-)building for ARM64. (Yun Dou)
- XML:
. Added libxml_get_external_entity_loader() function. (Tim Starling)
- Zip:
. add ZipArchive::clearError() method
. add ZipArchive::getStreamName() method
. add ZipArchive::getStreamIndex() method
. On Windows, the Zip extension is now built as shared library (DLL) by
default. (cmb)
. Implement fseek for zip stream when possible with libzip 1.9.1. (Remi)