mirror of
https://github.com/php/php-src.git
synced 2024-11-24 02:15:04 +08:00
879 lines
35 KiB
Plaintext
879 lines
35 KiB
Plaintext
PHP NEWS
|
||
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||
?? ??? ????, PHP 8.2.8
|
||
|
||
- Opcache:
|
||
. Fix allocation loop in zend_shared_alloc_startup(). (nielsdos)
|
||
|
||
- PCRE:
|
||
. Fix preg_replace_callback_array() pattern validation. (ilutov)
|
||
|
||
- Standard:
|
||
. Fix access on NULL pointer in array_merge_recursive(). (ilutov)
|
||
. Fix exception handling in array_multisort(). (ilutov)
|
||
|
||
08 Jun 2023, PHP 8.2.7
|
||
|
||
- Core:
|
||
. Fixed bug GH-11152 (Unable to alias namespaces containing reserved class
|
||
names). (ilutov)
|
||
. Fixed bug GH-9068 (Conditional jump or move depends on uninitialised
|
||
value(s)). (nielsdos)
|
||
. Fixed bug GH-11189 (Exceeding memory limit in zend_hash_do_resize leaves
|
||
the array in an invalid state). (Bob)
|
||
. Fixed bug GH-11063 (Compilation error on old GCC versions). (ingamedeo)
|
||
. Fixed bug GH-11222 (foreach by-ref may jump over keys during a rehash).
|
||
(Bob)
|
||
|
||
- Date:
|
||
. Fixed bug GH-11281 (DateTimeZone::getName() does not include seconds in
|
||
offset). (nielsdos)
|
||
|
||
- Exif:
|
||
. Fixed bug GH-10834 (exif_read_data() cannot read smaller stream wrapper
|
||
chunk sizes). (nielsdos)
|
||
|
||
- FPM:
|
||
. Fixed bug GH-10461 (PHP-FPM segfault due to after free usage of
|
||
child->ev_std(out|err)). (Jakub Zelenka)
|
||
. Fixed bug #64539 (FPM status page: query_string not properly JSON encoded).
|
||
(Jakub Zelenka)
|
||
. Fixed memory leak for invalid primary script file handle. (Jakub Zelenka)
|
||
|
||
- Hash:
|
||
. Fixed bug GH-11180 (hash_file() appears to be restricted to 3 arguments).
|
||
(nielsdos)
|
||
|
||
- LibXML:
|
||
. Fixed bug GH-11160 (Few tests failed building with new libxml 2.11.0).
|
||
(nielsdos)
|
||
|
||
- MBString:
|
||
. Fix bug GH-11217 (Segfault in mb_strrpos / mb_strripos when using negative
|
||
offset and ASCII encoding). (ilutov)
|
||
|
||
- Opcache:
|
||
. Fixed bug GH-11134 (Incorrect match default branch optimization). (ilutov)
|
||
. Fixed too wide OR and AND range inference. (nielsdos)
|
||
. Fixed missing class redeclaration error with OPcache enabled. (ilutov)
|
||
. Fixed bug GH-11245 (In some specific cases SWITCH with one default
|
||
statement will cause segfault). (nielsdos)
|
||
|
||
- PCNTL:
|
||
. Fixed maximum argument count of pcntl_forkx(). (nielsdos)
|
||
|
||
- PGSQL:
|
||
. Fixed parameter parsing of pg_lo_export(). (kocsismate)
|
||
|
||
- Phar:
|
||
. Fixed bug GH-11099 (Generating phar.php during cross-compile can't be
|
||
done). (peter279k)
|
||
|
||
- Soap:
|
||
. Fixed bug GH-8426 (make test fail while soap extension build). (nielsdos)
|
||
|
||
- SPL:
|
||
. Fixed bug GH-11178 (Segmentation fault in spl_array_it_get_current_data
|
||
(PHP 8.1.18)). (nielsdos)
|
||
|
||
- Standard:
|
||
. Fixed bug GH-11138 (move_uploaded_file() emits open_basedir warning for
|
||
source file). (ilutov)
|
||
. Fixed bug GH-11274 (POST/PATCH request switches to GET after a HTTP 308
|
||
redirect). (nielsdos)
|
||
|
||
- Streams:
|
||
. Fixed bug GH-10031 ([Stream] STREAM_NOTIFY_PROGRESS over HTTP emitted
|
||
irregularly for last chunk of data). (nielsdos)
|
||
. Fixed bug GH-11175 (Stream Socket Timeout). (nielsdos)
|
||
. Fixed bug GH-11177 (ASAN UndefinedBehaviorSanitizer when timeout = -1
|
||
passed to stream_socket_accept/stream_socket_client). (nielsdos)
|
||
|
||
11 May 2023, PHP 8.2.6
|
||
|
||
- Core:
|
||
. Fix inconsistent float negation in constant expressions. (ilutov)
|
||
. Fixed bug GH-8841 (php-cli core dump calling a badly formed function).
|
||
(nielsdos)
|
||
. Fixed bug GH-10737 (PHP 8.1.16 segfaults on line 597 of
|
||
sapi/apache2handler/sapi_apache2.c). (nielsdos, ElliotNB)
|
||
. Fixed bug GH-11028 (Heap Buffer Overflow in zval_undefined_cv.). (nielsdos)
|
||
. Fixed bug GH-11108 (Incorrect CG(memoize_mode) state after bailout in ??=).
|
||
(ilutov)
|
||
|
||
- Date:
|
||
. Fixed bug where the diff() method would not return the right result around
|
||
DST changeover for date/times associated with a timezone identifier. (Derick)
|
||
. Fixed out-of-range bug when converting to/from around the LONG_MIN unix
|
||
timestamp. (Derick)
|
||
|
||
- DOM:
|
||
. Fixed bug #80602 (Segfault when using DOMChildNode::before()).
|
||
(Nathan Freeman)
|
||
. Fixed incorrect error handling in dom_zvals_to_fragment(). (nielsdos)
|
||
|
||
- Exif:
|
||
. Fixed bug GH-9397 (exif read : warnings and errors : Potentially invalid
|
||
endianess, Illegal IFD size and Undefined index). (nielsdos)
|
||
|
||
- Intl:
|
||
. Fixed bug GH-11071 (TZData version not displayed anymore). (Remi)
|
||
|
||
- PCRE:
|
||
. Fixed bug GH-10968 (Segfault in preg_replace_callback_array()). (ilutov)
|
||
|
||
- Reflection:
|
||
. Fixed bug GH-10983 (State-dependant segfault in
|
||
ReflectionObject::getProperties). (nielsdos)
|
||
|
||
- SPL:
|
||
. Handle indirect zvals and use up-to-date properties in
|
||
SplFixedArray::__serialize. (nielsdos)
|
||
|
||
- Standard:
|
||
. Fixed bug GH-10990 (mail() throws TypeError after iterating over
|
||
$additional_headers array by reference). (nielsdos)
|
||
. Fixed bug GH-9775 (Duplicates returned by array_unique when using enums).
|
||
(ilutov)
|
||
|
||
- Streams:
|
||
. Fixed bug GH-10406 (feof() behavior change for UNIX based socket
|
||
resources). (Jakub Zelenka)
|
||
|
||
13 Apr 2023, PHP 8.2.5
|
||
|
||
- Core:
|
||
. Added optional support for max_execution_time in ZTS/Linux builds
|
||
(Kévin Dunglas)
|
||
. Fixed use-after-free in recursive AST evaluation. (ilutov)
|
||
. Fixed bug GH-8646 (Memory leak PHP FPM 8.1). (nielsdos)
|
||
. Re-add some CTE functions that were removed from being CTE by a mistake.
|
||
(mvorisek)
|
||
. Remove CTE flag from array_diff_ukey(), which was added by mistake.
|
||
(mvorisek)
|
||
. Fixed bug GH-10801 (Named arguments in CTE functions cause a segfault).
|
||
(nielsdos)
|
||
. Fixed bug GH-8789 (PHP 8.0.20 (ZTS) zend_signal_handler_defer crashes on
|
||
apache). (nielsdos)
|
||
. Fixed bug GH-10015 (zend_signal_handler_defer crashes on apache shutdown).
|
||
(nielsdos)
|
||
. Fixed bug GH-10810 (Fix NUL byte terminating Exception::__toString()).
|
||
(ilutov)
|
||
. Fix potential memory corruption when mixing __callStatic() and FFI. (ilutov)
|
||
|
||
- Date:
|
||
. Fixed bug GH-10747 (Private and protected properties in serialized Date*
|
||
objects throw). (Derick)
|
||
|
||
- FPM:
|
||
. Fixed bug GH-10611 (fpm_env_init_main leaks environ). (nielsdos)
|
||
. Destroy file_handle in fpm_main. (Jakub Zelenka, nielsdos)
|
||
. Fixed bug #74129 (Incorrect SCRIPT_NAME with apache ProxyPassMatch when
|
||
spaces are in path). (Jakub Zelenka)
|
||
|
||
- FTP:
|
||
. Propagate success status of ftp_close(). (nielsdos)
|
||
. Fixed bug GH-10521 (ftp_get/ftp_nb_get resumepos offset is maximum 10GB).
|
||
(nielsdos)
|
||
|
||
- IMAP:
|
||
. Fix build failure with Clang 16. (orlitzky)
|
||
|
||
- MySQLnd:
|
||
. Fixed bug GH-8979 (Possible Memory Leak with SSL-enabled MySQL
|
||
connections). (nielsdos)
|
||
|
||
- Opcache:
|
||
. Fixed build for macOS to cater with pkg-config settings. (David Carlier)
|
||
. Fixed bug GH-8065 (opcache.consistency_checks > 0 causes segfaults in
|
||
PHP >= 8.1.5 in fpm context). (nielsdos)
|
||
|
||
- OpenSSL:
|
||
. Add missing error checks on file writing functions. (nielsdos)
|
||
|
||
- PDO Firebird:
|
||
. Fixed bug GH-10908 (Bus error with PDO Firebird on RPI with 64 bit kernel
|
||
and 32 bit userland). (nielsdos)
|
||
|
||
- Phar:
|
||
. Fixed bug GH-10766 (PharData archive created with Phar::Zip format does
|
||
not keep files metadata (datetime)). (nielsdos)
|
||
. Add missing error checks on EVP_MD_CTX_create() and EVP_VerifyInit().
|
||
(nielsdos)
|
||
|
||
- PDO ODBC:
|
||
. Fixed missing and inconsistent error checks on SQLAllocHandle. (nielsdos)
|
||
|
||
- PGSQL:
|
||
. Fixed typo in the array returned from pg_meta_data (extended mode).
|
||
(David Carlier)
|
||
|
||
- SPL:
|
||
. Fixed bug GH-10519 (Array Data Address Reference Issue). (Nathan Freeman)
|
||
. Fixed bug GH-10907 (Unable to serialize processed SplFixedArrays in
|
||
PHP 8.2.4). (nielsdos)
|
||
. Fixed bug GH-10844 (ArrayIterator allows modification of readonly props).
|
||
(ilutov)
|
||
|
||
- Standard:
|
||
. Fixed bug GH-10885 (stream_socket_server context leaks). (ilutov)
|
||
. Fixed bug GH-10052 (Browscap crashes PHP 8.1.12 on request shutdown
|
||
(apache2)). (nielsdos)
|
||
. Fixed oss-fuzz #57392 (Buffer-overflow in php_fgetcsv() with \0 delimiter
|
||
and enclosure). (ilutov)
|
||
. Fixed undefined behaviour in unpack(). (nielsdos)
|
||
|
||
16 Mar 2023, PHP 8.2.4
|
||
|
||
- Core:
|
||
. Fixed incorrect check condition in ZEND_YIELD. (nielsdos)
|
||
. Fixed incorrect check condition in type inference. (nielsdos)
|
||
. Fix incorrect check in zend_internal_call_should_throw(). (nielsdos)
|
||
. Fixed overflow check in OnUpdateMemoryConsumption. (nielsdos)
|
||
. Fixed bug GH-9916 (Entering shutdown sequence with a fiber suspended in a
|
||
Generator emits an unavoidable fatal error or crashes). (Arnaud)
|
||
. Fixed bug GH-10437 (Segfault/assertion when using fibers in shutdown
|
||
function after bailout). (trowski)
|
||
. Fixed SSA object type update for compound assignment opcodes. (nielsdos)
|
||
. Fixed language scanner generation build. (Daniel Black)
|
||
. Fixed zend_update_static_property() calling zend_update_static_property_ex()
|
||
misleadingly with the wrong return type. (nielsdos)
|
||
. Fix bug GH-10570 (Fixed unknown string hash on property fetch with integer
|
||
constant name). (nielsdos)
|
||
. Fixed php_fopen_primary_script() call resulted on zend_destroy_file_handle()
|
||
freeing dangling pointers on the handle as it was uninitialized. (nielsdos)
|
||
|
||
- Curl:
|
||
. Fixed deprecation warning at compile time. (Max Kellermann)
|
||
. Fixed bug GH-10270 (Unable to return CURL_READFUNC_PAUSE in readfunc
|
||
callback). (Pierrick Charron)
|
||
|
||
- Date:
|
||
. Fix GH-10447 ('p' format specifier does not yield 'Z' for 00:00). (Derick)
|
||
. Fix GH-10152 (Custom properties of Date's child classes are not
|
||
serialised). (Derick)
|
||
|
||
- FFI:
|
||
. Fixed incorrect bitshifting and masking in ffi bitfield. (nielsdos)
|
||
|
||
- Fiber:
|
||
. Fixed assembly on alpine x86. (nielsdos)
|
||
. Fixed bug GH-10496 (segfault when garbage collector is invoked inside of
|
||
fiber). (Bob, Arnaud)
|
||
|
||
- FPM:
|
||
. Fixed bug GH-10315 (FPM unknown child alert not valid). (Jakub Zelenka)
|
||
. Fixed bug GH-10385 (FPM successful config test early exit). (nielsdos)
|
||
|
||
- GMP:
|
||
. Properly implement GMP::__construct(). (nielsdos)
|
||
|
||
- Intl:
|
||
. Fixed bug GH-10647 (Spoolchecker isSuspicious/areConfusable methods
|
||
error code's argument always returning NULL0. (Nathan Freeman)
|
||
|
||
- JSON:
|
||
. Fixed JSON scanner and parser generation build.
|
||
(Daniel Black, Jakub Zelenka)
|
||
|
||
- MBString:
|
||
. ext/mbstring: fix new_value length check. (Max Kellermann)
|
||
. Fix bug GH-10627 (mb_convert_encoding crashes PHP on Windows). (nielsdos)
|
||
|
||
- Opcache:
|
||
. Fix incorrect page_size check. (nielsdos)
|
||
. Fix readonly modification check when using inc/dec operators on readonly
|
||
property with JIT. (ilutov)
|
||
|
||
- OpenSSL:
|
||
. Fixed php_openssl_set_server_dh_param() DH params errors handling. (nielsdos)
|
||
|
||
- PDO OCI:
|
||
. Fixed bug #60994 (Reading a multibyte CLOB caps at 8192 chars).
|
||
(Michael Voříšek)
|
||
|
||
- PHPDBG:
|
||
. Fixed bug GH-10715 (heap buffer overflow on --run option misuse). (nielsdos)
|
||
|
||
- PGSQL:
|
||
. Fix GH-10672 (pg_lo_open segfaults in the strict_types mode). (girgias)
|
||
|
||
- Phar:
|
||
. Fix incorrect check in phar tar parsing. (nielsdos)
|
||
|
||
- Random:
|
||
. Fix GH-10390 (Do not trust arc4random_buf() on glibc). (timwolla)
|
||
. Fix GH-10292 (Made the default value of the first param of srand() and
|
||
mt_srand() unknown). (kocsismate)
|
||
|
||
- Reflection:
|
||
. Fixed bug GH-10623 (Reflection::getClosureUsedVariables opcode fix with
|
||
variadic arguments). (nielsdos)
|
||
. Fix Segfault when using ReflectionFiber suspended by an internal function.
|
||
(danog)
|
||
|
||
- Session:
|
||
. Fixed ps_files_cleanup_dir() on failure code paths with -1 instead of 0 as
|
||
the latter was considered success by callers. (nielsdos).
|
||
|
||
- Standard:
|
||
. Fixed bug GH-8086 (Introduce mail.mixed_lf_and_crlf INI). (Jakub Zelenka)
|
||
. Fixed bug GH-10292 (Made the default value of the first param of srand() and
|
||
mt_srand() unknown). (kocsismate)
|
||
. Fix incorrect check in cs_8559_5 in map_from_unicode(). (nielsdos)
|
||
. Fix bug GH-9697 for reset/end/next/prev() attempting to move pointer of
|
||
properties table for certain internal classes such as FFI classes
|
||
. Fix incorrect error check in browsecap for pcre2_match(). (nielsdos)
|
||
|
||
- Streams:
|
||
. Fixed bug GH-10370 (File corruption in _php_stream_copy_to_stream_ex when
|
||
using copy_file_range). (nielsdos)
|
||
. Fixed bug GH-10548 (copy() fails on cifs mounts because of incorrect
|
||
copy_file_range() len). (nielsdos)
|
||
|
||
- Tidy:
|
||
. Fix memory leaks when attempting to open a non-existing file or a file over
|
||
4GB. (Girgias)
|
||
. Add missing error check on tidyLoadConfig. (nielsdos)
|
||
|
||
- Zlib:
|
||
. Fixed output_handler directive value's length which counted the string
|
||
terminator. (nieldos)
|
||
|
||
14 Feb 2023, PHP 8.2.3
|
||
|
||
- Core:
|
||
. Fixed bug #81744 (Password_verify() always return true with some hash).
|
||
(CVE-2023-0567). (Tim Düsterhus)
|
||
. Fixed bug #81746 (1-byte array overrun in common path resolve code).
|
||
(CVE-2023-0568). (Niels Dossche)
|
||
|
||
- SAPI:
|
||
. Fixed bug GHSA-54hq-v5wp-fqgv (DOS vulnerability when parsing multipart
|
||
request body). (CVE-2023-0662) (Jakub Zelenka)
|
||
|
||
02 Feb 2023, PHP 8.2.2
|
||
|
||
- Core:
|
||
. Fixed bug GH-10200 (zif_get_object_vars:
|
||
Assertion `!(((__ht)->u.flags & (1<<2)) != 0)' failed). (nielsdos)
|
||
. Fix GH-10251 (Assertion `(flag & (1<<3)) == 0' failed). (nielsdos)
|
||
. Fix GH-10240 (Assertion failure when adding more than 2**30 elements to an
|
||
unpacked array). (Arnaud)
|
||
. Fix GH-9735 (Fiber stack variables do not participate in cycle collector).
|
||
(Arnaud)
|
||
. Fix GH-9675 (Broken run_time_cache init for internal enum methods).
|
||
(Petar Obradović, Bob)
|
||
. Fix GH-10248 (Assertion `!(zval_get_type(&(*(property))) == 10)' failed).
|
||
(nielsdos)
|
||
|
||
- FPM:
|
||
. Fixed bug #77106 (Missing separator in FPM FastCGI errors). (Jakub Zelenka)
|
||
. Fixed bug GH-9981 (FPM does not reset fastcgi.error_header).
|
||
(Jakub Zelenka)
|
||
. Fixed bug #68591 (Configuration test does not perform UID lookups).
|
||
(Jakub Zelenka)
|
||
. Fixed memory leak when running FPM config test. (Jakub Zelenka)
|
||
. Fixed bug #67244 (Wrong owner:group for listening unix socket).
|
||
(Jakub Zelenka)
|
||
|
||
- Hash:
|
||
. Handle exceptions from __toString in XXH3's initialization (nielsdos)
|
||
|
||
- LDAP:
|
||
. Fixed bug GH-10112 (LDAP\Connection::__construct() refers to ldap_create()).
|
||
(cmb)
|
||
|
||
- Opcache:
|
||
. Fix inverted bailout value in zend_runtime_jit() (Max Kellermann).
|
||
. Fix access to uninitialized variable in accel_preload(). (nielsdos)
|
||
. Fix zend_jit_find_trace() crashes. (Max Kellermann)
|
||
. Added missing lock for EXIT_INVALIDATE in zend_jit_trace_exit. (Max Kellermann)
|
||
|
||
- Phar:
|
||
. Fix wrong flags check for compression method in phar_object.c (nielsdos)
|
||
|
||
- PHPDBG:
|
||
. Fix undefined behaviour in phpdbg_load_module_or_extension(). (nielsdos)
|
||
. Fix NULL pointer dereference in phpdbg_create_conditional_breal(). (nielsdos)
|
||
. Fix GH-9710: phpdbg memory leaks by option "-h" (nielsdos)
|
||
. Fix phpdbg segmentation fault in case of malformed input (nielsdos)
|
||
|
||
- Posix:
|
||
. Fix memory leak in posix_ttyname() (girgias)
|
||
|
||
- Random:
|
||
. Fixed bug GH-10247 (Theoretical file descriptor leak for /dev/urandom). (timwolla)
|
||
|
||
- Standard:
|
||
. Fix GH-10187 (Segfault in stripslashes() with arm64). (nielsdos)
|
||
. Fixed bug GH-10214 (Incomplete validation of object syntax during
|
||
unserialize()). (timwolla)
|
||
. Fix substr_replace with slots in repl_ht being UNDEF. (nielsdos)
|
||
|
||
- XMLWriter
|
||
. Fix missing check for xmlTextWriterEndElement (nielsdos)
|
||
|
||
05 Jan 2023, PHP 8.2.1
|
||
|
||
- Core:
|
||
. Fixed bug GH-9905 (constant() behaves inconsistent when class is undefined).
|
||
(cmb)
|
||
. Fixed bug GH-9918 (License information for xxHash is not included in
|
||
README.REDIST.BINS file). (Akama Hitoshi)
|
||
. Fixed bug GH-9890 (OpenSSL legacy providers not available on Windows). (cmb)
|
||
. Fixed bug GH-9650 (Can't initialize heap: [0x000001e7]). (Michael Voříšek)
|
||
. Fixed potentially undefined behavior in Windows ftok(3) emulation. (cmb)
|
||
. Fixed GH-9769 (Misleading error message for unpacking of objects). (jhdxr)
|
||
|
||
- Apache:
|
||
. Fixed bug GH-9949 (Partial content on incomplete POST request). (cmb)
|
||
|
||
- FPM:
|
||
. Fixed bug GH-9959 (Solaris port event mechanism is still broken after bug
|
||
#66694). (Petr Sumbera)
|
||
. Fixed bug #68207 (Setting fastcgi.error_header can result in a WARNING).
|
||
(Jakub Zelenka)
|
||
. Fixed bug #80669 (FPM numeric user fails to set groups). (Jakub Zelenka)
|
||
. Fixed bug GH-8517 (Random crash of FPM master process in
|
||
fpm_stdio_child_said). (Jakub Zelenka)
|
||
|
||
- Imap:
|
||
. Fixed bug GH-10051 (IMAP: there's no way to check if a IMAP\Connection is
|
||
still open). (Girgias)
|
||
|
||
- MBString:
|
||
. Fixed bug GH-9535 (The behavior of mb_strcut in mbstring has been changed in
|
||
PHP8.1). (Nathan Freeman)
|
||
|
||
- Opcache:
|
||
. Fixed bug GH-9968 (Segmentation Fault during OPCache Preload).
|
||
(Arnaud, michdingpayc)
|
||
|
||
- OpenSSL:
|
||
. Fixed bug GH-9997 (OpenSSL engine clean up segfault). (Jakub Zelenka)
|
||
. Fixed bug GH-9064 (PHP fails to build if openssl was built with --no-ec).
|
||
(Jakub Zelenka)
|
||
. Fixed bug GH-10000 (OpenSSL test failures when OpenSSL compiled with
|
||
no-dsa). (Jakub Zelenka)
|
||
|
||
- Pcntl:
|
||
. Fixed bug GH-9298 (Signal handler called after rshutdown leads to crash).
|
||
(Erki Aring)
|
||
|
||
- PDO_Firebird:
|
||
. Fixed bug GH-9971 (Incorrect NUMERIC value returned from PDO_Firebird).
|
||
(cmb)
|
||
|
||
- PDO/SQLite:
|
||
. Fixed bug #81740 (PDO::quote() may return unquoted string). (CVE-2022-31631)
|
||
(cmb)
|
||
|
||
- Session:
|
||
. Fixed GH-9932 (session name silently fails with . and [). (David Carlier)
|
||
|
||
- SPL:
|
||
. Fixed GH-9883 (SplFileObject::__toString() reads next line). (Girgias)
|
||
. Fixed GH-10011 (Trampoline autoloader will get reregistered and cannot be
|
||
unregistered). (Girgias)
|
||
|
||
- SQLite3:
|
||
. Fixed bug #81742 (open_basedir bypass in SQLite3 by using file URI). (cmb)
|
||
|
||
- TSRM:
|
||
. Fixed Windows shmget() wrt. IPC_PRIVATE. (Tyson Andre)
|
||
|
||
08 Dec 2022, PHP 8.2.0
|
||
|
||
- CLI:
|
||
. Fixed bug #81496 (Server logs incorrect request method). (lauri)
|
||
. Updated the mime-type table for the builtin-server. (Ayesh Karunaratne)
|
||
. Fixed potential overflow for the builtin server via the
|
||
PHP_CLI_SERVER_WORKERS environment variable. (yiyuaner)
|
||
. Fixed GH-8575 by changing STDOUT, STDERR and STDIN to not close on resource
|
||
destruction. (Jakub Zelenka)
|
||
. Implement built-in web server responding without body to HEAD request on
|
||
a static resource. (Vedran Miletic, Marin Martuslovic)
|
||
. Implement built-in web server responding with HTTP status 405 to
|
||
DELETE/PUT/PATCH request on a static resource.
|
||
(Vedran Miletic, Marin Martuslovic)
|
||
. Fixed bug GH-9709 (Null pointer dereference with -w/-s options).
|
||
(Adam Saponara)
|
||
|
||
- COM:
|
||
. Fixed bug GH-8750 (Can not create VT_ERROR variant type). (cmb)
|
||
|
||
- Core:
|
||
. Fixed bug #81380 (Observer may not be initialized properly). (krakjoe)
|
||
. Fixed bug GH-7771 (Fix filename/lineno of constant expressions). (ilutov)
|
||
. Fixed bug GH-7792 (Improve class type in error messages). (ilutov)
|
||
. Support huge pages on MacOS. (David CARLIER)
|
||
. Fixed bug GH-8655 (Casting an object to array does not unwrap refcount=1
|
||
references). (Nicolas Grekas)
|
||
. Fixed bug GH-8661 (Nullsafe in coalesce triggers undefined variable
|
||
warning). (ilutov)
|
||
. Fixed bug GH-7821 and GH-8418 (Allow arbitrary const expressions in backed
|
||
enums). (ilutov)
|
||
. Fixed bug GH-8810 (Incorrect lineno in backtrace of multi-line function
|
||
calls). (ilutov)
|
||
. Optimised code path for newly created file with the stream plain wrapper. (Max Kellermann)
|
||
. Uses safe_perealloc instead of perealloc for the
|
||
ZEND_PTR_STACK_RESIZE_IF_NEEDED to avoid possible overflows. (David Carlier)
|
||
. Reduced the memory footprint of strings returned by var_export(),
|
||
json_encode(), serialize(), iconv_*(), mb_ereg*(), session_create_id(),
|
||
http_build_query(), strstr(), Reflection*::__toString(). (Arnaud)
|
||
. Fixed bug GH-8995 (WeakMap object reference offset causing TypeError).
|
||
(Tobias Bachert)
|
||
. Added error_log_mode ini setting. (Mikhail Galanin)
|
||
. Updated request startup messages. (Eric Norris)
|
||
. Fixed bug GH-7900 (Arrow function with never return type compile-time
|
||
errors). (ilutov)
|
||
. Fixed incorrect double to long casting in latest clang. (zeriyoshi)
|
||
. Added support for defining constants in traits. (sj-i)
|
||
. Stop incorrectly emitting false positive deprecation notice alongside
|
||
unsupported syntax fatal error for `"{$g{'h'}}"`. (TysonAndre)
|
||
. Fix unexpected deprecated dynamic property warning, which occurred when
|
||
exit() in finally block after an exception was thrown without catching.
|
||
(Twosee)
|
||
. Fixed bug GH-9323 (Crash in ZEND_RETURN/GC/zend_call_function)
|
||
(Tim Starling)
|
||
. Fixed bug GH-9227 (Trailing dots and spaces in filenames are ignored).
|
||
(cmb)
|
||
. Fixed bug GH-9285 (Traits cannot be used in readonly classes).
|
||
(kocsismate)
|
||
. Fixed bug GH-9186 (@strict-properties can be bypassed using
|
||
unserialization). (kocsismate)
|
||
. Fixed bug GH-9500 (Using dnf type with parentheses after readonly keyword
|
||
results in a parse error). (ilutov)
|
||
. Fixed bug GH-9516 ((A&B)|D as a param should allow AB or D. Not just A).
|
||
(Girgias)
|
||
. Fixed observer class notify with Opcache file_cache_only=1. (ilutov)
|
||
. Fixes segfault with Fiber on FreeBSD i386 architecture. (David Carlier)
|
||
. Fixed bug GH-9655 (Pure intersection types cannot be implicitly nullable)
|
||
(Girgias)
|
||
. Fixed bug GH-9589 (dl() segfaults when module is already loaded). (cmb,
|
||
Arnaud)
|
||
. Fixed bug GH-9752 (Generator crashes when interrupted during argument
|
||
evaluation with extra named params). (Arnaud)
|
||
. Fixed bug GH-9801 (Generator crashes when memory limit is exceeded during
|
||
initialization). (Arnaud)
|
||
. Fixed a bug with preloaded enums possibly segfaulting. (Bob)
|
||
. Fixed bug GH-9823 (Don’t reset func in zend_closure_internal_handler).
|
||
(Florian Sowade)
|
||
. Fixed potential NULL pointer dereference Windows shm*() functions. (cmb)
|
||
. Fix target validation for internal attributes with constructor property
|
||
promotion. (kooldev)
|
||
. Fixed bug GH-9750 (Generator memory leak when interrupted during argument
|
||
evaluation. (Arnaud)
|
||
|
||
- Curl:
|
||
. Added support for CURLOPT_XFERINFOFUNCTION. (David Carlier)
|
||
. Added support for CURLOPT_MAXFILESIZE_LARGE. (David Carlier)
|
||
. Added new constants from cURL 7.62 to 7.80. (Pierrick)
|
||
. New function curl_upkeep(). (Pierrick)
|
||
|
||
- Date:
|
||
. Fixed GH-8458 (DateInterval::createFromDateString does not throw if
|
||
non-relative items are present). (Derick)
|
||
. Fixed bug #52015 (Allow including end date in DatePeriod iterations)
|
||
(Daniel Egeberg, Derick)
|
||
. idate() now accepts format specifiers "N" (ISO Day-of-Week) and "o" (ISO
|
||
Year). (Pavel Djundik)
|
||
. Fixed bug GH-8730 (DateTime::diff miscalculation is same time zone of
|
||
different type). (Derick)
|
||
. Fixed bug GH-8964 (DateTime object comparison after applying delta less
|
||
than 1 second). (Derick)
|
||
. Fixed bug GH-9106: (DateInterval 1.5s added to DateTimeInterface is rounded
|
||
down since PHP 8.1.0). (Derick)
|
||
. Fixed bug #75035 (Datetime fails to unserialize "extreme" dates).
|
||
(Derick)
|
||
. Fixed bug #80483 (DateTime Object with 5-digit year can't unserialized).
|
||
(Derick)
|
||
. Fixed bug #81263 (Wrong result from DateTimeImmutable::diff). (Derick)
|
||
. Fixed bug GH-9431 (DateTime::getLastErrors() not returning false when no
|
||
errors/warnings). (Derick)
|
||
. Fixed bug with parsing large negative numbers with the @ notation. (Derick)
|
||
|
||
- DBA:
|
||
. Fixed LMDB driver hanging when attempting to delete a non-existing key
|
||
(Girgias)
|
||
. Fixed LMDB driver memory leak on DB creation failure (Girgias)
|
||
. Fixed GH-8856 (dba: lmdb: allow to override the MDB_NOSUBDIR flag). (Girgias)
|
||
|
||
- FFI:
|
||
. Fixed bug GH-9090 (Support assigning function pointers in FFI). (Adam
|
||
Saponara)
|
||
|
||
- Fileinfo:
|
||
. Fixed bug GH-8805 (finfo returns wrong mime type for woff/woff2 files).
|
||
(Anatol)
|
||
|
||
- Filter:
|
||
. Added FILTER_FLAG_GLOBAL_RANGE to filter Global IPs. (vnsavage)
|
||
|
||
- FPM:
|
||
. Emit error for invalid port setting. (David Carlier)
|
||
. Added extra check for FPM proc dumpable on SELinux based systems.
|
||
(David Carlier)
|
||
. Added support for listening queue on macOS. (David Carlier)
|
||
. Changed default for listen.backlog on Linux to -1. (Cristian Rodríguez)
|
||
. Added listen.setfib pool option to set route FIB on FreeBSD. (David Carlier)
|
||
. Added access.suppress_path pool option to filter access log entries.
|
||
(Mark Gallagher)
|
||
. Fixed on fpm scoreboard occasional warning on acquisition failure.
|
||
(Felix Wiedemann)
|
||
. Fixed bug GH-9754 (SaltStack (using Python subprocess) hangs when running
|
||
php-fpm 8.1.11). (Jakub Zelenka)
|
||
|
||
- FTP:
|
||
. Fix datetime format string to follow POSIX spec in ftp_mdtm(). (Jihwan Kim)
|
||
|
||
- GD:
|
||
. Fixed bug #81739: OOB read due to insufficient input validation in
|
||
imageloadfont(). (CVE-2022-31630) (cmb)
|
||
|
||
- GMP:
|
||
. Fixed bug GH-9308 (GMP throws the wrong error when a GMP object is passed
|
||
to gmp_init()). (Girgias)
|
||
|
||
- Hash:
|
||
. Fixed bug #81738: buffer overflow in hash_update() on long parameter.
|
||
(CVE-2022-37454) (nicky at mouha dot be)
|
||
. Fixed bug GH-10077: Fix compilation on RHEL 7 ppc64le. (Mattias Ellert)
|
||
|
||
- Intl:
|
||
. Update all grandfathered language tags with preferred values
|
||
. Fixed GH-7939 (Cannot unserialize IntlTimeZone objects). (cmb)
|
||
. Fixed build for ICU 69.x and onwards. (David Carlier)
|
||
. Declared Transliterator::$id as readonly to unlock subclassing it. (Nicolas
|
||
Grekas)
|
||
. Fixed bug GH-9421 (Incorrect argument number for ValueError in NumberFormatter).
|
||
(Girgias)
|
||
|
||
- MBString:
|
||
. Fixed bug GH-9248 (Segmentation fault in mb_strimwidth()). (cmb)
|
||
|
||
- mysqli:
|
||
. Fixed bug GH-9841 (mysqli_query throws warning despite using
|
||
silenced error mode). (Kamil Tekiela)
|
||
|
||
- MySQLnd:
|
||
. Fixed potential heap corruption due to alignment mismatch. (cmb)
|
||
|
||
- OCI8:
|
||
. Added oci8.prefetch_lob_size directive to tune LOB query performance
|
||
. Support for building against Oracle Client libraries 10.1 and 10.2 has been
|
||
dropped. Oracle Client libraries 11.2 or newer are now required.
|
||
|
||
- ODBC:
|
||
. Fixed bug GH-8300 (User input not escaped when building connection string).
|
||
(Calvin Buckley)
|
||
. Fixed bug GH-9347 (Current ODBC liveness checks may be inadequate). (Calvin
|
||
Buckley)
|
||
|
||
- Opcache:
|
||
. Allocate JIT buffer close to PHP .text segemnt to allow using direct
|
||
IP-relative calls and jumps.
|
||
(Su Tao, Wang Xue, Chen Hu, Lizhen Lizhen, Dmitry)
|
||
. Added initial support for JIT performance profiling generation
|
||
for macOs Instrument. (David Carlier)
|
||
. Fixed bug GH-8030 (Segfault with JIT and large match/switch statements).
|
||
(Arnaud)
|
||
. Added JIT support improvement for macOs for segments and executable permission
|
||
bit handling. (David Carlier)
|
||
. Added JIT buffer allocation near the .text section on FreeNSD. (David Carlier)
|
||
. Fixed bug GH-9371 (Crash with JIT on mac arm64)
|
||
(jdp1024/David Carlier)
|
||
. Fixed bug GH-9259 (opcache.interned_strings_buffer setting integer
|
||
overflow). (Arnaud)
|
||
. Added indirect call reduction for jit on x86 architectures. (wxue1)
|
||
|
||
- OPcache:
|
||
. Fixed bug GH-9164 (Segfault in zend_accel_class_hash_copy).
|
||
(Arnaud, Sergei Turchanov)
|
||
|
||
- OpenSSL:
|
||
. Discard poll calls on socket when no timeout/non blocking/MSG_DONTWAIT. (Max Kellermann)
|
||
. Fixed bug GH-9310 (SSL local_cert and local_pk do not respect
|
||
open_basedir). (Jakub Zelenka)
|
||
. Implement FR #76935 ("chacha20-poly1305" is an AEAD but does not work like
|
||
AEAD). (Jakub Zelenka)
|
||
. Added openssl_cipher_key_length function. (Jakub Zelenka)
|
||
. Fixed bug GH-9517 (Compilation error openssl extension related to PR
|
||
GH-9366). (Jakub Zelenka)
|
||
. Fixed missing clean up of OpenSSL engine list - attempt to fix GH-8620.
|
||
(Jakub Zelenka)
|
||
. Fixed bug GH-8430 (OpenSSL compiled with no-md2, no-md4 or no-rmd160 does
|
||
not build). (Jakub Zelenka, fsbruva)
|
||
|
||
- PCNTL:
|
||
. Fixed pcntl_(get|set)priority error handling for MacOS. (Juan Morales)
|
||
|
||
- PCRE:
|
||
. Implemented FR #77726 (Allow null character in regex patterns). (tobil4sk)
|
||
. Updated bundled libpcre to 10.40. (cmb)
|
||
|
||
- PDO:
|
||
. Fixed bug GH-9818 (Initialize run time cache in PDO methods).
|
||
(Florian Sowade)
|
||
|
||
- PDO_Firebird:
|
||
. Fixed bug GH-8576 (Bad interpretation of length when char is UTF-8). (cmb)
|
||
|
||
- PDO_ODBC:
|
||
. Fixed bug #80909 (crash with persistent connections in PDO_ODBC). (Calvin
|
||
Buckley)
|
||
. Fixed bug GH-8300 (User input not escaped when building connection string).
|
||
(Calvin Buckley)
|
||
. Fixed bug GH-9347 (Current ODBC liveness checks may be inadequate). (Calvin
|
||
Buckley)
|
||
. Fixed bug GH-9372 (HY010 when binding overlong parameter). (cmb)
|
||
|
||
- PDO_PGSQL:
|
||
. Fixed bug GH-9411 (PgSQL large object resource is incorrectly closed).
|
||
(Yurunsoft)
|
||
|
||
- Random:
|
||
. Added new random extension. (Go Kudo)
|
||
. Fixed bug GH-9067 (random extension is not thread safe). (cmb)
|
||
. Fixed bug GH-9055 (segmentation fault if user engine throws). (timwolla)
|
||
. Fixed bug GH-9066 (signed integer overflow). (zeriyoshi)
|
||
. Fixed bug GH-9083 (undefined behavior during shifting). (timwolla)
|
||
. Fixed bug GH-9088, GH-9056 (incorrect expansion of bytes when
|
||
generating uniform integers within a given range). (timwolla)
|
||
. Fixed bug GH-9089 (Fix memory leak on Randomizer::__construct()
|
||
call twice). (zeriyoshi)
|
||
. Fixed bug GH-9212 (PcgOneseq128XslRr64::jump() should not allow negative
|
||
$advance). (Anton Smirnov)
|
||
. Changed Mt19937 to throw a ValueError instead of InvalidArgumentException
|
||
for invalid $mode. (timwolla)
|
||
. Splitted Random\Randomizer::getInt() (without arguments) to
|
||
Random\Randomizer::nextInt(). (zeriyoshi)
|
||
. Fixed bug GH-9235 (non-existant $sequence parameter in stub for
|
||
PcgOneseq128XslRr64::__construct()). (timwolla)
|
||
. Fixed bug GH-9190, GH-9191 (undefined behavior for MT_RAND_PHP when
|
||
handling large ranges). (timwolla)
|
||
. Fixed bug GH-9249 (Xoshiro256StarStar does not reject the invalid
|
||
all-zero state). (timwolla)
|
||
. Removed redundant RuntimeExceptions from Randomizer methods. The
|
||
exceptions thrown by the engines will be exposed directly. (timwolla)
|
||
. Added extension specific Exceptions/Errors (RandomException, RandomError,
|
||
BrokenRandomEngineError). (timwolla)
|
||
. Fixed bug GH-9415 (Randomizer::getInt(0, 2**32 - 1) with Mt19937
|
||
always returns 1). (timwolla)
|
||
. Fixed Randomizer::getInt() consistency for 32-bit engines. (timwolla)
|
||
. Fixed bug GH-9464 (build on older macOs releases). (David Bohman)
|
||
. Fixed bug GH-9839 (Pre-PHP 8.2 output compatibility for non-mt_rand()
|
||
functions for MT_RAND_PHP). (timwolla)
|
||
|
||
- Reflection:
|
||
. Added ReflectionFunction::isAnonymous(). (Nicolas Grekas)
|
||
. Added ReflectionMethod::hasPrototype(). (Ollie Read)
|
||
. Narrow ReflectionEnum::getBackingType() return type to ReflectionNamedType.
|
||
(SamMousa)
|
||
. Fixed bug GH-8932 (ReflectionFunction provides no way to get the called
|
||
class of a Closure). (cmb, Nicolas Grekas)
|
||
|
||
- Session:
|
||
. Fixed bug GH-7787 (Improve session write failure message for user error
|
||
handlers). (ilutov)
|
||
. Fixed GH-9200 (setcookie has an obsolete expires date format). (timwolla)
|
||
. Fixed GH-9584 (Avoid memory corruption when not unregistering custom session
|
||
handler). (ilutov)
|
||
. Fixed bug GH-9583 (session_create_id() fails with user defined save handler
|
||
that doesn't have a validateId() method). (Girgias)
|
||
|
||
- SOAP:
|
||
. Fixed bug GH-9720 (Null pointer dereference while serializing the response).
|
||
(cmb)
|
||
|
||
- Sockets:
|
||
. Added TCP_NOTSENT_LOWAT socket option. (David Carlier)
|
||
. Added SO_MEMINFO socket option. (David Carlier)
|
||
. Added SO_RTABLE socket option (OpenBSD), equivalent of SO_MARK (Linux).
|
||
(David Carlier)
|
||
. Added TCP_KEEPALIVE, TCP_KEEPIDLE, TCP_KEEPINTVL, TCP_KEEPCNT socket
|
||
options. (David Carlier)
|
||
. Added ancillary data support for FreeBSD. (David Carlier)
|
||
. Added ancillary data support for NetBSD. (David Carlier)
|
||
. Added SO_BPF_EXTENSIONS socket option. (David Carlier)
|
||
. Added SO_SETFIB socket option. (David Carlier)
|
||
. Added TCP_CONGESTION socket option. (David Carlier)
|
||
. Added SO_ZEROCOPY/MSG_ZEROCOPY options. (David Carlier)
|
||
. Added SOL_FILTER socket option for Solaris. (David Carlier)
|
||
. Fixed socket constants regression as of PHP 8.2.0beta3. (Bruce Dou)
|
||
|
||
- Sodium:
|
||
. Added sodium_crypto_stream_xchacha20_xor_ic(). (Scott)
|
||
|
||
- SPL:
|
||
. Uses safe_erealloc instead of erealloc to handle heap growth
|
||
for the SplHeap::insert method to avoid possible overflows. (David Carlier)
|
||
. Widen iterator_to_array() and iterator_count()'s $iterator parameter to
|
||
iterable. (timwolla)
|
||
. Fixed bug #69181 (READ_CSV|DROP_NEW_LINE drops newlines within fields).
|
||
(cmb)
|
||
. Fixed bug #65069 (GlobIterator incorrect handling of open_basedir check).
|
||
(Jakub Zelenka)
|
||
|
||
- SQLite3:
|
||
. Changed sqlite3.defensive from PHP_INI_SYSTEM to PHP_INI_USER. (bohwaz)
|
||
|
||
- Standard:
|
||
. net_get_interfaces() also reports wireless network interfaces on Windows.
|
||
(Yurun)
|
||
. Finished AVIF support in getimagesize(). (Yannis Guyon)
|
||
. Fixed bug GH-7847 (stripos with large haystack has bad performance).
|
||
(ilutov)
|
||
. New function memory_reset_peak_usage(). (Patrick Allaert)
|
||
. Fixed parse_url(): can not recognize port without scheme. (pandaLIU)
|
||
. Deprecated utf8_encode() and utf8_decode(). (Rowan Tommins)
|
||
. Fixed the crypt_sha256/512 api build with clang > 12. (David Carlier)
|
||
. Uses safe_erealloc instead of erealloc to handle options in getopt
|
||
to avoid possible overflows. (David Carlier)
|
||
. Implemented FR GH-8924 (str_split should return empty array for empty
|
||
string). (Michael Vorisek)
|
||
. Added ini_parse_quantity function to convert ini quantities shorthand
|
||
notation to int. (Dennis Snell)
|
||
. Enable arc4random_buf for Linux glibc 2.36 and onwards
|
||
for the random_bytes. (Cristian Rodriguez)
|
||
. Uses CCRandomGenerateBytes instead of arc4random_buf on macOs. (David Carlier).
|
||
. Fixed bug #65489 (glob() basedir check is inconsistent). (Jakub Zelenka)
|
||
. Fixed GH-9200 (setcookie has an obsolete expires date format). (Derick)
|
||
. Fixed GH-9244 (Segfault with array_multisort + array_shift). (cmb)
|
||
. Fixed bug GH-9296 (`ksort` behaves incorrectly on arrays with mixed keys).
|
||
(Denis Vaksman)
|
||
. Marked crypt()'s $string parameter as #[\SensitiveParameter]. (timwolla)
|
||
. Fixed bug GH-9464 (build on older macOs releases). (David Bohman)
|
||
. Fixed bug GH-9518 (Disabling IPv6 support disables unrelated constants).
|
||
(cmb)
|
||
. Revert "Fixed parse_url(): can not recognize port without scheme."
|
||
(andypost)
|
||
|
||
- Streams:
|
||
. Set IP_BIND_ADDRESS_NO_PORT if available when connecting to remote host.
|
||
(Cristian Rodríguez)
|
||
. Fixed bug GH-8548 (stream_wrapper_unregister() leaks memory). (ilutov)
|
||
. Discard poll calls on socket when no timeout/non blocking/MSG_DONTWAIT. (Max Kellermann)
|
||
. Fixed bug GH-9316 ($http_response_header is wrong for long status line).
|
||
(cmb, timwolla)
|
||
. Fixed bug GH-9590 (stream_select does not abort upon exception or empty
|
||
valid fd set). (Arnaud)
|
||
. Fixed bug GH-9653 (file copy between different filesystems). (David Carlier)
|
||
. Fixed bug GH-9779 (stream_copy_to_stream fails if dest in append mode).
|
||
(Jakub Zelenka)
|
||
|
||
- Windows:
|
||
. Added preliminary support for (cross-)building for ARM64. (Yun Dou)
|
||
|
||
- XML:
|
||
. Added libxml_get_external_entity_loader() function. (Tim Starling)
|
||
|
||
- Zip:
|
||
. add ZipArchive::clearError() method
|
||
. add ZipArchive::getStreamName() method
|
||
. add ZipArchive::getStreamIndex() method
|
||
. On Windows, the Zip extension is now built as shared library (DLL) by
|
||
default. (cmb)
|
||
. Implement fseek for zip stream when possible with libzip 1.9.1. (Remi)
|