php-src/NEWS
2023-12-21 16:43:16 +00:00

473 lines
20 KiB
Plaintext

PHP NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
?? ??? ????, PHP 8.3.2
- Core:
. Fixed bug GH-12953 (false positive SSA integrity verification failed when
loading composer classmaps with more than 11k elements). (nielsdos)
- Cli:
. Fix incorrect timeout in built-in web server when using router script and
max_input_time. (ilutov)
- Core:
. Fixed bug GH-12854 (8.3 - as final trait-used method does not correctly
report visibility in Reflection). (nielsdos)
- DOM:
. Fixed bug GH-12870 (Creating an xmlns attribute results in a DOMException).
(nielsdos)
- FFI:
. Fixed bug GH-9698 (stream_wrapper_register crashes with FFI\CData).
(Jakub Zelenka)
. Fixed bug GH-12905 (FFI::new interacts badly with observers). (nielsdos)
- Hash:
. Fixed bug GH-12936 (hash() function hangs endlessly if using sha512 on
strings >= 4GiB). (nielsdos)
- Opcache:
. Fixed oss-fuzz #64727 (JIT undefined array key warning may overwrite DIM
with NULL when DIM is the same var as result). (ilutov)
. Added workaround for SELinux mprotect execheap issue.
See https://bugzilla.kernel.org/show_bug.cgi?id=218258. (ilutov)
- OpenSSL:
. Fixed bug GH-12987 (openssl_csr_sign might leak new cert on error).
(Jakub Zelenka)
- PDO_ODBC:
. Fixed bug GH-12767 (Unable to turn on autocommit mode with setAttribute()).
(SakiTakamachi)
- PHPDBG:
. Fixed bug GH-12962 (Double free of init_file in phpdbg_prompt.c). (nielsdos)
- SimpleXML:
. Fix getting the address of an uninitialized property of a SimpleXMLElement
resulting in a crash. (nielsdos)
. Fixed bug GH-12929 (SimpleXMLElement with stream_wrapper_register can
segfault). (nielsdos)
07 Dec 2023, PHP 8.3.1RC1
- Core:
. Fixed bug GH-12758 / GH-12768 (Invalid opline in OOM handlers within
ZEND_FUNC_GET_ARGS and ZEND_BIND_STATIC). (Florian Engelhardt)
. Fix various missing NULL checks. (nielsdos, dstogov)
. Fixed bug GH-12835 (Leak of call->extra_named_params on internal __call).
(ilutov)
. Fixed bug GH-12826 (Weird pointers issue in nested loops). (nielsdos)
- FPM:
. Fixed bug GH-12705 (Segmentation fault in fpm_status_export_to_zval).
(Patrick Prasse)
- FTP:
. Fixed bug GH-9348 (FTP & SSL session reuse). (nielsdos)
- LibXML:
. Fixed test failures for libxml2 2.12.0. (nielsdos)
- MySQLnd:
. Avoid using uninitialised struct. (mikhainin)
. Fixed bug GH-12791 (Possible dereference of NULL in MySQLnd debug code).
(nielsdos)
- Opcache:
. Fixed JIT bug (Function JIT emits "Uninitialized string offset" warning
at the same time as invalid offset Error). (Girgias)
. Fixed JIT bug (JIT emits "Attempt to assign property of non-object"
warning at the same time as Error is being thrown). (Girgias)
- PDO PGSQL:
. Fixed the default value of $fetchMode in PDO::pgsqlGetNotify() (kocsismate)
- SOAP:
. Fixed bug GH-12838 ([SOAP] Temporary WSDL cache files not being deleted).
(nielsdos)
- Standard
. Fixed GH-12745 (http_build_query() default null argument for $arg_separator
is implicitly coerced to string). (Girgias)
23 Nov 2023, PHP 8.3.0
- Bcmath
. Fixed GH-11761 (removing trailing zeros from numbers) (jorgsowa)
- CLI:
. Added pdeathsig to builtin server to terminate workers when the master
process is killed. (ilutov)
. Fixed bug GH-11104 (STDIN/STDOUT/STDERR is not available for CLI without
a script). (nielsdos)
. Implement GH-10024 (support linting multiple files at once using php -l).
(nielsdos)
- Core:
. Fix GH-11388 (Allow "final" modifier when importing a method from a trait).
(nielsdos)
. Fixed bug GH-11406 (segfault with unpacking and magic method closure).
(nielsdos)
. Fixed bug GH-9388 (Improve unset property and __get type incompatibility
error message). (ilutov)
. SA_ONSTACK is now set for signal handlers to be friendlier to other
in-process code such as Go's cgo. (Kévin Dunglas)
. SA_ONSTACK is now set when signals are disabled. (Kévin Dunglas)
. Fix GH-9649: Signal handlers now do a no-op instead of crashing when
executed on threads not managed by TSRM. (Kévin Dunglas)
. Added shadow stack support for fibers. (Chen Hu)
. Fix bug GH-9965 (Fix accidental caching of default arguments with side
effects). (ilutov)
. Implement GH-10217 (Use strlen() for determining the class_name length).
(Dennis Buteyn)
. Fix bug GH-8821 (Improve line numbers for errors in constant expressions).
(ilutov)
. Fix bug GH-10083 (Allow comments between & and parameter). (ilutov)
. Zend Max Execution Timers is now enabled by default for ZTS builds on
Linux. (Kévin Dunglas)
. Fix bug GH-10469 (Disallow .. in open_basedir paths set at runtime).
(ilutov)
. Fix bug GH-10168, GH-10582 (Various segfaults with destructors and VM return
values). (dstogov, nielsdos, ilutov)
. Fix bug GH-10935 (Use of trait doesn't redeclare static property if class
has inherited it from its parent). (ilutov)
. Fix bug GH-11154 (Negative indices on empty array don't affect next chosen
index). (ColinHDev)
. Fix bug GH-8846 (Implement delayed early binding for classes without
parents). (ilutov)
. Fix bug #79836 (Segfault in concat_function). (nielsdos)
. Fix bug #81705 (type confusion/UAF on set_error_handler with concat
operation). (nielsdos)
. Fix GH-11348 (Closure created from magic method does not accept named
arguments). (nielsdos)
. Fix GH-11388 (Allow "final" modifier when importing a method from a trait).
(nielsdos)
. Fixed bug GH-11406 (segfault with unpacking and magic method closure).
(nielsdos)
. Fixed bug GH-11507 (String concatenation performance regression in 8.3).
(nielsdos)
. Fixed GH-11488 (Missing "Optional parameter before required" deprecation on
union null type). (ilutov)
. Implement the #[\Override] attribute RFC. (timwolla)
. Fixed bug GH-11601 (Incorrect handling of unwind and graceful exit
exceptions). (ilutov)
. Added zend_call_stack_get implementation for OpenBSD. (David Carlier)
. Add stack limit check in zend_eval_const_expr(). (Arnaud)
. Expose time spent collecting cycles in gc_status(). (Arnaud)
. Remove WeakMap entries whose key is only reachable through the entry value.
(Arnaud)
. Resolve open_basedir paths on INI update. (ilutov)
. Fixed oss-fuzz #60741 (Leak in open_basedir). (ilutov)
. Fixed segfault during freeing of some incompletely initialized objects due
to OOM error (PDO, SPL, XSL). (ilutov)
. Introduced Zend guard recursion protection to fix __debugInfo issue.
(Jakub Zelenka)
. Fixed oss-fuzz #61712 (assertion failure with error handler during binary
op). (nielsdos)
. Fixed GH-11847 (DTrace enabled build is broken). (Filip Zrůst)
. Fixed OSS Fuzz #61865 (Undef variable in ++/-- for declared property
that is unset in error handler). (Girgias)
. Fixed warning emitted when checking if a user stream is castable. (Girgias)
. Fixed bug GH-12123 (Compile error on MacOS with C++ extension when using
ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX). (kocsismate)
. Fixed bug GH-12189 (#[Override] attribute in trait does not check for
parent class implementations). (timwolla)
. Fixed OSS Fuzz #62294 (Unsetting variable after ++/-- on string variable
warning). (Girgias)
. Fixed buffer underflow when compiling memoized expression. (ilutov)
. Fixed oss-fuzz #63802 (OP1 leak in error path of post inc/dec). (ilutov)
- Curl:
. Added Curl options and constants up to (including) version 7.87.
(nielsdos, adoy)
- Date:
. Implement More Appropriate Date/Time Exceptions RFC. (Derick)
- DOM:
. Fix bug GH-8388 (DOMAttr unescapes character reference). (Tim Starling)
. Fix bug GH-11308 (getElementsByTagName() is O(N^2)). (nielsdos)
. Fix #79700 (wrong use of libxml oldNs leads to performance problem).
(nielsdos)
. Fix #77894 (DOMNode::C14N() very slow on generated DOMDocuments even after
normalisation). (nielsdos)
. Revert changes to DOMAttr::$value and DOMAttr::$nodeValue expansion.
(nielsdos)
. Fixed bug GH-11500 (Namespace reuse in createElementNS() generates wrong
output). (nielsdos)
. Implemented DOMDocument::adoptNode(). Previously this always threw a
"not yet implemented" exception. (nielsdos)
. Fixed bug GH-9628 (Implicitly removing nodes from \DOMDocument breaks
existing references). (nielsdos)
. Added DOMNode::contains() and DOMNameSpaceNode::contains(). (nielsdos)
. Added DOMElement::getAttributeNames(). (nielsdos)
. Added DOMNode::getRootNode(). (nielsdos)
. Added DOMElement::className and DOMElement::id. (nielsdos)
. Added DOMParentNode::replaceChildren(). (nielsdos)
. Added DOMNode::isConnected and DOMNameSpaceNode::isConnected. (nielsdos)
. Added DOMNode::parentElement and DOMNameSpaceNode::parentElement.
(nielsdos)
. Added DOMNode::isEqualNode(). (nielsdos)
. Added DOMElement::insertAdjacentElement() and
DOMElement::insertAdjacentText(). (nielsdos)
. Added DOMElement::toggleAttribute(). (nielsdos)
. Fixed bug GH-11792 (LIBXML_NOXMLDECL is not implemented or broken).
(nielsdos)
. adoptNode now respects the strict error checking property. (nielsdos)
. Align DOMChildNode parent checks with spec. (nielsdos)
. Fixed bug #80927 (Removing documentElement after creating attribute node:
possible use-after-free). (nielsdos)
. Fix various namespace prefix conflict resolution bugs. (nielsdos)
. Fix calling createAttributeNS() without prefix causing the default
namespace of the element to change. (nielsdos)
. Fixed GH-11952 (Confusing warning when blocking entity loading via
libxml_set_external_entity_loader). (nielsdos)
. Fix broken cache invalidation with deallocated and reallocated document
node. (nielsdos)
. Fix compile error when php_libxml.h header is included in C++.
(Remi, nielsdos)
. Fixed bug #47531 (No way of removing redundant xmlns: declarations).
(nielsdos)
- Exif:
. Removed unneeded codepaths in exif_process_TIFF_in_JPEG(). (nielsdos)
- FFI:
. Implement GH-11934 (Allow to pass CData into struct and/or union fields).
(nielsdos, KapitanOczywisty)
- Fileinfo:
. Upgrade bundled libmagic to 5.43. (Anatol)
. Fix GH-11408 (Unable to build PHP 8.3.0 alpha 1 / fileinfo extension).
(nielsdos)
- FPM:
. The status.listen shared pool now uses the same php_values (including
expose_php) and php_admin_value as the pool it is shared with. (dwxh)
. Added warning to log when fpm socket was not registered on the expected
path. (Joshua Behrens, Jakub Zelenka)
. Fixed bug #76067 (system() function call leaks php-fpm listening sockets).
(Mikhail Galanin, Jakub Zelenka)
. Fixed GH-12077 (PHP 8.3.0RC1 borked socket-close-on-exec.phpt).
(Jakub Zelenka)
- GD:
. Removed imagerotate "ignore_transparent" argument since it has no effect.
(David Carlier)
- Intl:
. Added pattern format error infos for numfmt_set_pattern. (David Carlier)
. Added MIXED_NUMBERS and HIDDEN_OVERLAY constants for
the Spoofchecker's class. (David Carlier)
. Updated datefmt_set_timezone/IntlDateformatter::setTimezone returns type.
(David Carlier).
. Updated IntlBreakInterator::setText return type. (David Carlier)
. Updated IntlChar::enumCharNames return type. (David Carlier)
. Removed the BC break on IntlDateFormatter::construct which threw an
exception with an invalid locale. (David Carlier)
- JSON:
. Added json_validate(). (Juan Morales)
- LDAP:
. Deprecate calling ldap_connect() with separate hostname and port.
(heiglandreas)
- LibXML:
. Fix compile error with -Werror=incompatible-function-pointer-types and
old libxml2. (nielsdos)
- MBString:
. mb_detect_encoding is better able to identify the correct encoding for
Turkish text. (Alex Dowad)
. mb_detect_encoding's "non-strict" mode now behaves as described in the
documentation. Previously, it would return false if the same byte
(for example, the first byte) of the input string was invalid in all
candidate encodings. More generally, it would eliminate candidate
encodings from consideration when an invalid byte was seen, and if the
same input byte eliminated all remaining encodings still under
consideration, it would return false. On the other hand, if all candidate
encodings but one were eliminated from consideration, it would return the
last remaining one without regard for how many encoding errors might be
encountered later in the string. This is different from the behavior
described in the documentation, which says: "If strict is set to false,
the closest matching encoding will be returned." (Alex Dowad)
. mb_strtolower, mb_strtotitle, and mb_convert_case implement conditional
casing rules for the Greek letter sigma. For mb_convert_case, conditional
casing only applies to MB_CASE_LOWER and MB_CASE_TITLE modes, not to
MB_CASE_LOWER_SIMPLE and MB_CASE_TITLE_SIMPLE. (Alex Dowad)
. mb_detect_encoding is better able to identify UTF-8 and UTF-16 strings
with a byte-order mark. (Alex Dowad)
. mb_decode_mimeheader interprets underscores in QPrint-encoded MIME
encoded words as required by RFC 2047; they are converted to spaces.
Underscores must be encoded as "=5F" in such MIME encoded words.
(Alex Dowad)
. mb_encode_mimeheader no longer drops NUL (zero) bytes when
QPrint-encoding the input string. This previously caused strings in
certain text encodings, especially UTF-16 and UTF-32, to be
corrupted by mb_encode_mimeheader. (Alex Dowad)
. Implement mb_str_pad() RFC. (nielsdos)
. Fixed bug GH-11514 (PHP 8.3 build fails with --enable-mbstring enabled).
(nielsdos)
. Fix use-after-free of mb_list_encodings() return value. (ilutov)
. Fixed bug GH-11992 (utf_encodings.phpt fails on Windows 32-bit). (nielsdos)
- mysqli:
. mysqli_fetch_object raises a ValueError instead of an Exception.
(David Carlier)
- Opcache:
. Added start, restart and force restart time to opcache's
phpinfo section. (Mikhail Galanin)
. Fix GH-9139: Allow FFI in opcache.preload when opcache.preload_user=root.
(Arnaud, Kapitan Oczywisty)
. Made opcache.preload_user always optional in the cli and phpdbg SAPIs.
(Arnaud)
. Allows W/X bits on page creation on FreeBSD despite system settings.
(David Carlier)
. Added memfd api usage, on Linux, for zend_shared_alloc_create_lock()
to create an abstract anonymous file for the opcache's lock. (Max Kellermann)
. Avoid resetting JIT counter handlers from multiple processes/threads.
(ilutov)
. Fixed COPY_TMP type inference for references. (ilutov)
- OpenSSL:
. Added OPENSSL_CMS_OLDMIMETYPE and PKCS7_NOOLDMIMETYPE contants to switch
between mime content types. (Daniel Kesselberg)
. Fixed GH-11054: Reset OpenSSL errors when using a PEM public key.
(Florian Moser)
. Added support for additional EC parameters in openssl_pkey_new. (Eno-CN)
- PCNTL:
. SA_ONSTACK is now set for pcntl_signal. (Kévin Dunglas)
. Added SIGINFO constant. (David Carlier)
- PCRE:
. Update bundled libpcre2 to 10.42. (nielsdos)
- PGSQL:
. pg_fetch_object raises a ValueError instead of an Exception.
(David Carlier)
. pg_cancel use thread safe PQcancel api instead. (David Carlier)
. pg_trace new PGSQL_TRACE_SUPPRESS_TIMESTAMPS/PGSQL_TRACE_REGRESS_MODE
contants support. (David Carlier)
. pg_set_error_verbosity adding PGSQL_ERRORS_STATE constant. (David Carlier)
. pg_convert/pg_insert E_WARNING on type errors had been converted to
ValueError/TypeError exceptions. (David Carlier)
. Added pg_set_error_context_visibility to set the context's visibility
within the error messages. (David Carlier)
- Phar:
. Fix memory leak in phar_rename_archive(). (stkeke)
- POSIX:
. Added posix_sysconf. (David Carlier)
. Added posix_pathconf. (David Carlier)
. Added posix_fpathconf. (David Carlier)
. Fixed zend_parse_arg_long's bool pointer argument assignment. (Cristian Rodriguez)
. Added posix_eaccess. (David Carlier)
- Random:
. Added Randomizer::getBytesFromString(). (Joshua Rüsweg)
. Added Randomizer::nextFloat(), ::getFloat(), and IntervalBoundary. (timwolla)
. Enable getrandom() for NetBSD (from 10.x). (David Carlier)
. Deprecate MT_RAND_PHP. (timwolla)
. Fix Randomizer::getFloat() returning incorrect results under
certain circumstances. (timwolla)
- Reflection:
. Fix GH-9470 (ReflectionMethod constructor should not find private parent
method). (ilutov)
. Fix GH-10259 (ReflectionClass::getStaticProperties doesn't need null return
type). (kocsismate)
- SAPI:
. Fixed GH-11141 (Could not open input file: should be sent to stderr).
(nielsdos)
- Session:
. Fixed bug GH-11529 (Crash after dealing with an Apache request). (nielsdos)
- SimpleXML:
. Fixed bug GH-12192 (SimpleXML infinite loop when getName() is called
within foreach). (nielsdos)
. Fixed bug GH-12208 (SimpleXML infinite loop when a cast is used inside a
foreach). (nielsdos)
. Fixed bug #55098 (SimpleXML iteration produces infinite loop). (nielsdos)
- Sockets:
. Added SO_ATTACH_REUSEPORT_CBPF socket option, to give tighter control
over socket binding for a cpu core. (David Carlier)
. Added SKF_AD_QUEUE for cbpf filters. (David Carlier)
. Added socket_atmark if send/recv needs using MSG_OOB. (David Carlier)
. Added TCP_QUICKACK constant, to give tigher control over
ACK delays. (David Carlier)
. Added DONTFRAGMENT support for path MTU discovery purpose. (David Carlier)
. Added AF_DIVERT for raw socket for divert ports. (David Carlier)
. Added SOL_UPDLITE, UDPLITE_RECV_CSCOV and UDPLITE_SEND_CSCOV for updlite
protocol support. (David Carlier)
. Added SO_RERROR, SO_ZEROIZE and SO_SPLICE netbsd and openbsd constants.
(David Carlier)
. Added TCP_REPAIR for quietly close a connection. (David Carlier)
. Added SO_REUSEPORT_LB freebsd constant. (David Carlier)
. Added IP_BIND_ADDRESS_NO_PORT. (David Carlier)
- SPL:
. Fixed GH-11573 (RecursiveDirectoryIterator::hasChildren is slow).
(nielsdos)
- Standard:
. E_NOTICEs emitted by unserialize() have been promoted to E_WARNING. (timwolla)
. unserialize() now emits a new E_WARNING if the input contains unconsumed
bytes. (timwolla)
. Make array_pad's $length warning less confusing. (nielsdos)
. E_WARNING emitted by strtok in the caase both arguments are not provided when
starting tokenisation. (David Carlier)
. password_hash() will now chain the original RandomException to the ValueError
on salt generation failure. (timwolla)
. Fix GH-10239 (proc_close after proc_get_status always returns -1). (nielsdos)
. Improve the warning message for unpack() in case not enough values were
provided. (nielsdos)
. Fix GH-11010 (parse_ini_string() now preserves formatting of unquoted
strings starting with numbers when the INI_SCANNER_TYPED flag is
specified). (ilutov)
. Fix GH-10742 (http_response_code emits no error when headers were already
sent). (NattyNarwhal)
. Added support for rounding negative places in number_format().
(Marc Bennewitz)
. Prevent precision loss on formatting decimal integers in number_format().
(Marc Bennewitz)
. Added usage of posix_spawn for proc_open when supported by OS.
(Cristian Rodriguez)
. Added $before_needle argument to strrchr(). (HypeMC)
. Fixed GH-11982 (str_getcsv returns null byte for unterminated enclosure).
(Jakub Zelenka)
. Fixed str_decrement() on "1". (ilutov)
- Streams:
. Fixed bug #51056: blocking fread() will block even if data is available.
(Jakub Zelenka)
. Added storing of the original path used to open xport stream.
(Luc Vieillescazes)
. Implement GH-8641 (STREAM_NOTIFY_COMPLETED over HTTP never emitted).
(nielsdos, Jakub Zelenka)
. Fix bug GH-10406 (fgets on a redis socket connection fails on PHP 8.3).
(Jakub Zelenka)
. Implemented GH-11242 (_php_stream_copy_to_mem: Allow specifying a maximum
length without allocating a buffer of that size). (Jakub Zelenka)
. Fixed bug #52335 (fseek() on memory stream behavior different than file).
(Jakub Zelenka)
. Fixed bug #76857 (Can read "non-existant" files). (Jakub Zelenka)
- XSLTProcessor:
. Fixed bug #69168 (DomNode::getNodePath() returns invalid path). (nielsdos)
- ZIP:
. zip extension version 1.22.0 for libzip 1.10.0. (Remi)
. add new error macros (ER_DATA_LENGTH and ER_NOT_ALLOWED). (Remi)
. add new archive global flags (ER_AFL_*). (Remi)
. add ZipArchive::setArchiveFlag and ZipArchive::getArchiveFlag methods.
(Remi)