clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-21 09:57:23 +00:00
Code Issues Packages Projects Releases Wiki Activity
47b3fe4710
php-src/NEWS

753 lines
30 KiB
Plaintext
Raw Normal View History

remove BOM from NEWS
2015-07-21 14:36:36 +00:00
PHP NEWS
Please add in any changes/bug fixes you've made - we need to keep a details ChangeLog...
1999-07-22 23:54:54 +00:00
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
PHP-8.2 is now for PHP 8.2.6-dev
2023-03-28 21:27:17 +00:00
?? ??? ????, PHP 8.2.6
[ci skip] NEWS
2023-03-30 19:41:11 +00:00
- DOM:
. Fixed bug #80602 (Segfault when using DOMChildNode::before()).
(Nathan Freeman)
PHP-8.1 is now for PHP 8.1.19-dev
2023-03-30 00:51:20 +00:00
Handle indirect zvals and use up-to-date properties in SplFixedArray::__serialize Closes GH-10925.
2023-03-24 18:18:28 +00:00
- SPL:
. Handle indirect zvals and use up-to-date properties in
SplFixedArray::__serialize. (nielsdos)
Fix GH-10406: feof() behavior change for UNIX based socket resources This change restores the old behaviour for the server socket streams that don't support IO. This is now stored in the stream flags so it can be later used to do some other decisions and possibly introduce some better error reporting. Closes GH-10877
2023-03-18 19:38:01 +00:00
- Streams:
. Fixed bug GH-10406 (feof() behavior change for UNIX based socket
resources). (Jakub Zelenka)
PHP-8.2 is now for PHP 8.2.6-dev
2023-03-28 21:27:17 +00:00
30 Mar 2023, PHP 8.2.5
PHP-8.2 is now for PHP 8.2.5-dev
2023-02-28 15:15:20 +00:00
[ci skip] NEWS
2023-03-03 10:46:16 +00:00
- Core:
. Added optional support for max_execution_time in ZTS/Linux builds
(Kévin Dunglas)
Fix GH-10709: UAF in recursive AST evaluation Fixes https://oss-fuzz.com/testcase-detail/6445949468934144 Closes GH-10718
2023-02-27 12:47:57 +00:00
. Fixed use-after-free in recursive AST evaluation. (ilutov)
Fix GH-8646: Memory leak PHP FPM 8.1 Fixes GH-8646 See https://github.com/php/php-src/issues/8646 for thorough discussion. Interned strings that hold class entries can get a corresponding slot in map_ptr for the CE cache. map_ptr works like a bump allocator: there is a counter which increases to allocate the next slot in the map. For class name strings in non-opcache we have: - on startup: permanent + interned - on request: interned For class name strings in opcache we have: - on startup: permanent + interned - on request: either not interned at all, which we can ignore because they won't get a CE cache entry or they were already permanent + interned or we get a new permanent + interned string in the opcache persistence code Notice that the map_ptr layout always has the permanent strings first, and the request strings after. In non-opcache, a request string may get a slot in map_ptr, and that interned request string gets destroyed at the end of the request. The corresponding map_ptr slot can thereafter never be used again. This causes map_ptr to keep reallocating to larger and larger sizes. We solve it as follows: We can check whether we had any interned request strings, which only happens in non-opcache. If we have any, we reset map_ptr to the last permanent string. We can't lose any permanent strings because of map_ptr's layout. Closes GH-10783.
2023-03-04 22:22:05 +00:00
. Fixed bug GH-8646 (Memory leak PHP FPM 8.1). (nielsdos)
Re-add some CTE functions that were removed from being CTE by a mistake These functions were accidentally removed from being CTE in GH-7780. This patch brings them back. Closes GH-10768.
2023-03-03 22:58:26 +00:00
. Re-add some CTE functions that were removed from being CTE by a mistake.
(mvorisek)
Remove CTE flag from array_diff_ukey(), which was added by mistake This was accidentally added in GH-7780, but since it takes a callable argument, this flag is useless on this function. Closes GH-10859.
2023-03-15 16:20:26 +00:00
. Remove CTE flag from array_diff_ukey(), which was added by mistake.
(mvorisek)
Fix GH-10801: Named arguments in CTE functions cause a segfault Fixes GH-10801 Named arguments are not supported by the constant evaluation routine, in the sense that they are ignored. This causes two issues: - It causes a crash because not all oplines belonging to the call are removed, which results in SEND_VA{L,R} which should've been removed. - It causes semantic issues (demonstrated in the test case). This case never worked anyway, leading to crashes or incorrect behaviour, so just prevent CTE of calls with named parameters for now. We can choose to support it later, but introducing support for this in a stable branch seems too dangerous. This patch does not change the removal of SEND_* opcodes in remove_call because the crash bug can't be triggered anymore with this patch as there are no named parameters anymore and no variadic CTE functions exist. Closes GH-10811.
2023-03-08 21:49:41 +00:00
. Fixed bug GH-10801 (Named arguments in CTE functions cause a segfault).
(nielsdos)
Fix GH-8789 and GH-10015: Fix ZTS zend signal crashes due to NULL globals Fixes GH-8789. Fixes GH-10015. This is one small part of the underlying bug for GH-10737, as in my attempts to reproduce the issue I constantly hit this crash easily. (The fix for the other underlying issue for that bug will follow soon.) It's possible that a signal arrives at a thread that never handled a PHP request before. This causes the signal globals to dereference a NULL pointer because the TSRM pointers for the thread aren't set up to point to the thread resources yet. PR GH-9766 previously fixed this for master by ignoring the signal if the thread didn't handle a PHP request yet. While this fixes the crash bug, I think the solution is suboptimal for 3 reasons: 1) The signal is ignored and a message is printed saying there is a bug. However, this is not a bug at all. For example in Apache, the signal set up happens on child process creation, and the thread resource creation happens lazily when the first request is handled by the thread. Hence, the fact that the thread resources aren't set up yet is not actually buggy behaviour. 2) I believe since it was believed to be buggy behaviour, that fix was only applied to master, so 8.1 & 8.2 keep on crashing. 3) We can do better than ignoring the signal. By just acting in the same way as if the signals aren't active. This means we need to take the same path as if the TSRM had already shut down. Closes GH-10861.
2023-03-15 21:28:08 +00:00
. Fixed bug GH-8789 (PHP 8.0.20 (ZTS) zend_signal_handler_defer crashes on
apache). (nielsdos)
. Fixed bug GH-10015 (zend_signal_handler_defer crashes on apache shutdown).
(nielsdos)
Fix NUL byte in exception string terminating Exception::__toString() Fixes GH-10810 Closes GH-10873
2023-03-17 18:35:58 +00:00
. Fixed bug GH-10810 (Fix NUL byte terminating Exception::__toString()).
(ilutov)
Reset EG(trampoline).op_array.last_var that FFI may modify Closes GH-10916
2023-03-23 19:30:56 +00:00
. Fix potential memory corruption when mixing __callStatic() and FFI. (ilutov)
PHP-8.2 is now for PHP 8.2.5-dev
2023-02-28 15:15:20 +00:00
Fix GH-10747: Private and protected properties in serialized Date* objects throw
2023-03-09 11:15:58 +00:00
- Date:
. Fixed bug GH-10747 (Private and protected properties in serialized Date*
objects throw). (Derick)
Fix GH-10611: fpm_env_init_main leaks environ Closes GH-10618.
2023-02-18 19:41:26 +00:00
- FPM:
. Fixed bug GH-10611 (fpm_env_init_main leaks environ). (nielsdos)
Destroy file_handle in fpm_main If it's not in the CG(open_files) list, we need to destroy the file handle ourselves. Co-authored-by: Jakub Zelenka <bukka@php.net> Closes GH-10707.
2023-02-26 12:21:37 +00:00
. Destroy file_handle in fpm_main. (Jakub Zelenka, nielsdos)
Fix bug #74129: Incorrect SCRIPT_NAME with apache ProxyPassMatch This happens when there are spaces are in the path info. The reason is that Apache decodes the path info part in the SCRIPT_NAME as per CGI RFC. FPM tries to strip path info from the SCRIPT_NAME but the comparison is done against SCRIPT_FILENAME which is not decoded. For that to work we have to decode it before comparison if there is any encoded character. Closes GH-10869
2023-03-12 19:30:16 +00:00
. Fixed bug #74129 (Incorrect SCRIPT_NAME with apache ProxyPassMatch when
spaces are in path). (Jakub Zelenka)
Fix GH-10611: fpm_env_init_main leaks environ Closes GH-10618.
2023-02-18 19:41:26 +00:00
Propagate success status of ftp_close() to userland The docs say that this function returns true on success, and false on error. This function always returns true in the current implementation because the success return value from ftp_close() is never propagated to userland. This affects one test: since the test server exits after an invalid login, the ftp close correctly fails (because the server has gone away).
2023-03-03 10:24:32 +00:00
- FTP:
. Propagate success status of ftp_close(). (nielsdos)
Fix GH-10521: ftp_get/ftp_nb_get resumepos offset is maximum 10GB The char arrays were too small for a long on 64-bit systems, which resulted in cutting off the string at the end with a NUL byte. Use a size of MAX_LENGTH_OF_LONG to fix this issue instead of a fixed size of 11 chars. Closes GH-10525.
2023-02-06 21:53:29 +00:00
. Fixed bug GH-10521 (ftp_get/ftp_nb_get resumepos offset is maximum 10GB).
(nielsdos)
Propagate success status of ftp_close() to userland The docs say that this function returns true on success, and false on error. This function always returns true in the current implementation because the success return value from ftp_close() is never propagated to userland. This affects one test: since the test server exits after an invalid login, the ftp close correctly fails (because the server has gone away).
2023-03-03 10:24:32 +00:00
ext/imap/config.m4: -Werror=implicit-function-declaration compatibility. The recent clang-16 throws errors for implicitly defined functions by default. In many ./configure tests, an undefined function (which is "implicitly defined" when you try to call it) is undefined because it really does not exist. But in one case, utf8_to_mutf7() is undefined because we forgot to include the header that defines it. This commit updates the test for utf8_to_mutf7: * We now include the header (c-client.h) that defines it. * A "checking... yes/no" message was added to the test. * The test was switched from PHP_IMAP_TEST_BUILD to AC_COMPILE_IFELSE. This was the easiest way to avoid a return-type mismatch that runs afoul of -Werror=implicit-int. * CPPFLAGS is temporarily amended with the -I flag needed to find c-client.h. Fixes GH-10947. Closes GH-10948 Signed-off-by: George Peter Banyard <girgias@php.net>
2023-03-26 14:30:57 +00:00
- IMAP:
. Fix build failure with Clang 16. (orlitzky)
Fix GH-8979: Possible Memory Leak with SSL-enabled MySQL connections The stream context inside `mysqlnd_vio::enable_ssl()` is leaking. In particular: when `php_stream_context_set()` get called the refcount of `context` is increased by 1, which means that `context` will now have a refcount of 2. Later on we remove the context from the stream by calling `php_stream_context_set(stream, NULL)` but that leaves our `context` with a refcount of 1, and therefore it's never destroyed. In my test case this yielded a leak of 1456 bytes per connection (but could be more depending on your settings ofc). Annoyingly, Valgrind doesn't find it because the context is still in the `EG(regular_list)` and will thus be destroyed at the end of the request. However, I still think this bug needs to be fixed because as the users in the issue report already mentioned: there can be long-running PHP scripts. Fix it by decreasing the refcount to transfer the ownership. Closes GH-10909.
2023-03-22 20:49:37 +00:00
- MySQLnd:
. Fixed bug GH-8979 (Possible Memory Leak with SSL-enabled MySQL
connections). (nielsdos)
Fix GH-10728: opcache capstone header's inclusion. Remove capstone include folder. For most of the supported systems it worked fine somehow despite the pkg-config --cflags, but is always include it even on Linux. Closes GH-10732.
2023-02-28 19:14:46 +00:00
- Opcache:
. Fixed build for macOS to cater with pkg-config settings. (David Carlier)
Fix GH-8065: opcache.consistency_checks > 0 causes segfaults in PHP >= 8.1.5 in fpm context Disable opcache.consistency_checks. This feature does not work right now and leads to memory leaks and other problems. For analysis and discussion see GH-8065. In GH-10624 it was decided to disable the feature to prevent problems for end users. If end users which to get some consistency guarantees, they can rely on opcache.protect_memory. Closes GH-10798.
2023-03-06 20:06:54 +00:00
. Fixed bug GH-8065 (opcache.consistency_checks > 0 causes segfaults in
PHP >= 8.1.5 in fpm context). (nielsdos)
Fix GH-10728: opcache capstone header's inclusion. Remove capstone include folder. For most of the supported systems it worked fine somehow despite the pkg-config --cflags, but is always include it even on Linux. Closes GH-10732.
2023-02-28 19:14:46 +00:00
Add missing error check on PEM_write_bio_PKCS7() Closes GH-10752.
2023-03-04 19:10:10 +00:00
- OpenSSL:
. Add missing error checks on file writing functions. (nielsdos)
Fix GH-10908: Bus error with PDO Firebird on RPI with 64 bit kernel and 32 bit userland The alignment of sqldata is in most cases only the basic alignment, so the code type-puns it to a larger type, it *can* crash due to the misaligned access. This is only an issue for types > 4 bytes because every sensible system requires an alignment of at least 4 bytes for allocated data. Even though this patch uses memcpy, the compiler is smart enough to optimise it to something more efficient, especially on x86. This is just the usual approach to solve these alignment problems. Actually, unaligned memory access is undefined behaviour, so even on x86 platforms, where the bug doesn't cause a crash, this can be problematic. Furthermore, even though the issue talks about a 64-bit kernel and 32-bit userspace, this doesn't necessarily need to be the case to trigger this crash. Test was Co-authored-by: rvk01 Closes GH-10920.
2023-03-23 21:53:18 +00:00
- PDO Firebird:
. Fixed bug GH-10908 (Bus error with PDO Firebird on RPI with 64 bit kernel
and 32 bit userland). (nielsdos)
Fix GH-10766: PharData archive created with Phar::Zip format does not keep files metadata (datetime) Due to an incorrect check, the datetime was never actually set. To test this we need to write the file using phar, but read the file using a different method to not get a cached, or a value that's been transformed twice and is therefore accidentally correct. Closes GH-10769
2023-03-03 23:04:02 +00:00
- Phar:
. Fixed bug GH-10766 (PharData archive created with Phar::Zip format does
not keep files metadata (datetime)). (nielsdos)
Add missing error checks on EVP_MD_CTX_create() and EVP_VerifyInit() The first one returns NULL on error, and the second one returns 0 on error. These weren't checked. Closes GH-10762.
2023-03-03 14:17:21 +00:00
. Add missing error checks on EVP_MD_CTX_create() and EVP_VerifyInit().
(nielsdos)
Fix GH-10766: PharData archive created with Phar::Zip format does not keep files metadata (datetime) Due to an incorrect check, the datetime was never actually set. To test this we need to write the file using phar, but read the file using a different method to not get a cached, or a value that's been transformed twice and is therefore accidentally correct. Closes GH-10769
2023-03-03 23:04:02 +00:00
Merge branch 'PHP-8.1' into PHP-8.2 * PHP-8.1: Fix missing and inconsistent error check on SQLAllocHandle
2023-03-15 20:38:12 +00:00
- PDO ODBC:
. Fixed missing and inconsistent error checks on SQLAllocHandle. (nielsdos)
ext/psql: pg_meta_data, extended mode, fix typo for pseudo typtype. Closes GH-10865.
2023-03-16 19:28:07 +00:00
- PGSQL:
. Fixed typo in the array returned from pg_meta_data (extended mode).
(David Carlier)
Fix GH-10519: Array Data Address Reference Issue We need to carry around a reference to the underlying Bucket to be able to modify it by reference. Closes GH-10749 Signed-off-by: George Peter Banyard <girgias@php.net>
2023-03-02 13:15:56 +00:00
- SPL:
. Fixed bug GH-10519 (Array Data Address Reference Issue). (Nathan Freeman)
Fix GH-10907: Unable to serialize processed SplFixedArrays in PHP 8.2.4 The properties table can also contain numeric entries after a rebuild of the table based on the array. Since the array can only contain numeric entries, and the properties table can contain a mix of both, we'll add the numeric entries from the array and only the string entries from the properties table. To implement this we simply check if the key from the properties table is a string. Closes GH-10921.
2023-03-22 19:44:54 +00:00
. Fixed bug GH-10907 (Unable to serialize processed SplFixedArrays in
PHP 8.2.4). (nielsdos)
[skip ci] Add NEWS entry
2023-03-25 15:26:18 +00:00
. Fixed bug GH-10844 (ArrayIterator allows modification of readonly props).
(ilutov)
Fix GH-10519: Array Data Address Reference Issue We need to carry around a reference to the underlying Bucket to be able to modify it by reference. Closes GH-10749 Signed-off-by: George Peter Banyard <girgias@php.net>
2023-03-02 13:15:56 +00:00
Fix GH-10885: Leaking stream_socket_server context `php_stream_context_set` already increases the refcount. Closes GH-10886
2023-03-20 11:08:13 +00:00
- Standard:
. Fixed bug GH-10885 (stream_socket_server context leaks). (ilutov)
Fix GH-10052: Browscap crashes PHP 8.1.12 on request shutdown (apache2) get_browser() implements a lazy parse system for the browscap INI configuration. There are two possible moments when a browscap configuration can be loaded: during module startup or during request. In case of module startup, the strings are persistent strings, while for the request they are not. The INI parser must therefore know whether to create persistent or non-persistent strings. It does this by looking at CG(ini_parser_unbuffered_errors). If that value is 1 it's persistent, otherwise non-persistent. Note that this also controls how the errors are reported: if it's 1 then the errors are sent to stderr, otherwise we get E_WARNINGs. Currently, a hardcoded value of 1 is always used for that CG value in browscap_read_file(). This means we'll always create persistent strings *and* we'll not report parse errors correctly as E_WARNINGs. We fix both the crash and the lack of warnings by passing the value of persistent instead of a hardcoded 1. This is also in line with how other INI parsing code is called in ext/standard: they also make sure that during request a value of 0 is passed. Closes GH-10883.
2023-03-19 21:11:09 +00:00
. Fixed bug GH-10052 (Browscap crashes PHP 8.1.12 on request shutdown
(apache2)). (nielsdos)
Fix buffer-overflow in php_fgetcsv() with \0 delimiter and enclosure Fixes oss-fuzz #57392 Closes GH-10923
2023-03-24 14:19:58 +00:00
. Fixed oss-fuzz #57392 (Buffer-overflow in php_fgetcsv() with \0 delimiter
and enclosure). (ilutov)
Fix undefined behaviour in unpack() atoi()'s return value is actually undefined when an underflow or overflow occurs. For example on 32-bit on my system the overflow test which inputs "h2147483648" results in repetitions==2147483647 and on 64-bit this gives repetitions==-2147483648. The reason the test works on 32-bit is because there's a second undefined behaviour problem: in case 'h' when repetitions==2147483647, we add 1 and divide by 2. This is signed-wrap undefined behaviour and accidentally triggers the overflow check like we wanted to. Avoid all this trouble and use strtol with explicit error checking. This also fixes a semantic bug where repetitions==INT_MAX would result in the overflow check to trigger, even though there is no overflow. Closes GH-10943.
2023-03-25 19:56:17 +00:00
. Fixed undefined behaviour in unpack(). (nielsdos)
Fix GH-10885: Leaking stream_socket_server context `php_stream_context_set` already increases the refcount. Closes GH-10886
2023-03-20 11:08:13 +00:00
PHP-8.2 is now for PHP 8.2.5-dev
2023-02-28 15:15:20 +00:00
16 Mar 2023, PHP 8.2.4
PHP-8.2 is now for PHP 8.2.3-dev
2023-01-17 17:55:22 +00:00
Fix incorrect check condition in ZEND_YIELD The condition `UNEXPECTED(Z_TYPE_P(key)) == IS_REFERENCE` always returned false, because `UNEXPECTED(expression)` always returns 0 or 1. Move the parens so the comparison is executed properly. Closes GH-10332.
2023-01-15 22:15:40 +00:00
- Core:
. Fixed incorrect check condition in ZEND_YIELD. (nielsdos)
[ci skip] NEWS (#10442)
2023-01-24 22:19:21 +00:00
. Fixed incorrect check condition in type inference. (nielsdos)
Fix incorrect check in zend_internal_call_should_throw() This debug code is part of arginfo validation. This validation will never trigger properly because the OR operation makes the first if always true. Fix it by changing to an AND. Closes GH-10417 Signed-off-by: George Peter Banyard <girgias@php.net>
2023-01-22 20:51:52 +00:00
. Fix incorrect check in zend_internal_call_should_throw(). (nielsdos)
[ci skip] NEWS
2023-01-27 18:37:27 +00:00
. Fixed overflow check in OnUpdateMemoryConsumption. (nielsdos)
. Fixed bug GH-9916 (Entering shutdown sequence with a fiber suspended in a
Generator emits an unavoidable fatal error or crashes). (Arnaud)
[ci skip] NEWS
2023-01-28 16:18:12 +00:00
. Fixed bug GH-10437 (Segfault/assertion when using fibers in shutdown
function after bailout). (trowski)
[ci skip] NEWS (#10586)
2023-02-14 19:27:29 +00:00
. Fixed SSA object type update for compound assignment opcodes. (nielsdos)
Update NEWS with scanner and parser build fixes
2023-02-17 16:36:43 +00:00
. Fixed language scanner generation build. (Daniel Black)
Fix incorrect type for return value of zend_update_static_property_ex() zend_update_static_property_ex() returns a zend_result, but the return value is stored here in a bool. A bool is unsigned on my system, so in case zend_update_static_property_ex() returns FAILURE (== -1) this gets converted to 1 instead. This is not a valid zend_result value. This means that (transitive) callers could mistakingly think the function succeeded while it did in fact not succeed. Fix it by changing the type to zend_result. Closes GH-10691.
2023-02-24 15:53:20 +00:00
. Fixed zend_update_static_property() calling zend_update_static_property_ex()
misleadingly with the wrong return type. (nielsdos)
[skip ci] Add github reference to bug fix in NEWS
2023-02-24 19:44:47 +00:00
. Fix bug GH-10570 (Fixed unknown string hash on property fetch with integer
constant name). (nielsdos)
Fix GH-10692: PHP crashes on Windows when an inexistent filename is executed Fixes GH-10692 php_fopen_primary_script() does not initialize all fields of zend_file_handle. So when it fails and when fastcgi is true, the zend_destroy_file_handle() function will try to free uninitialized pointers, causing a segmentation fault. Fix it by zero-initializing file handles just like the zend_stream_init_fp() counterpart does. Closes GH-10697.
2023-02-25 12:42:45 +00:00
. Fixed php_fopen_primary_script() call resulted on zend_destroy_file_handle()
freeing dangling pointers on the handle as it was uninitialized. (nielsdos)
[ci skip] NEWS (#10442)
2023-01-24 22:19:21 +00:00
ext/curl: suppress -Wdeprecated-declarations Closes GH-10531.
2023-02-07 11:16:03 +00:00
- Curl:
. Fixed deprecation warning at compile time. (Max Kellermann)
Fixed bug GH-10270 Unable to return CURL_READFUNC_PAUSE in readfunc callback Closes GH-10607 Signed-off-by: George Peter Banyard <girgias@php.net>
2023-02-17 04:53:05 +00:00
. Fixed bug GH-10270 (Unable to return CURL_READFUNC_PAUSE in readfunc
callback). (Pierrick Charron)
ext/curl: suppress -Wdeprecated-declarations Closes GH-10531.
2023-02-07 11:16:03 +00:00
Merge remote-tracking branch 'derickr/GH-10152-serialise-datetime' into PHP-8.2
2023-01-31 12:53:29 +00:00
- Date:
Merge remote-tracking branch 'derickr/GH-10447-p-format-specifier' into PHP-8.1
2023-01-31 12:59:03 +00:00
. Fix GH-10447 ('p' format specifier does not yield 'Z' for 00:00). (Derick)
Merge remote-tracking branch 'derickr/GH-10152-serialise-datetime' into PHP-8.2
2023-01-31 12:53:29 +00:00
. Fix GH-10152 (Custom properties of Date's child classes are not
serialised). (Derick)
[ci skip] NEWS (#10442)
2023-01-24 22:19:21 +00:00
- FFI:
. Fixed incorrect bitshifting and masking in ffi bitfield. (nielsdos)
PHP-8.2 is now for PHP 8.2.3-dev
2023-01-17 17:55:22 +00:00
Sync boost/context assembly files for fibers Fixes GH-10398 The stack was misaligned upon entering the trampoline function [1], this causes a CPU trap when the SSE instruction is executed to copy data from the stack. This was fixed upstream [2]. This commit syncs all upstream changes from the boost/context assembly files to our copy. [1] https://github.com/php/php-src/pull/10407#issuecomment-1404180877 [2] https://github.com/boostorg/context/pull/219 Closes GH-10407.
2023-01-21 19:49:31 +00:00
- Fiber:
. Fixed assembly on alpine x86. (nielsdos)
Fix colletion of unfinished function call in fibers Fixes GH-10496. Co-authored-by: Bob Weinand <bobwei9@hotmail.com>
2023-02-10 17:07:34 +00:00
. Fixed bug GH-10496 (segfault when garbage collector is invoked inside of
fiber). (Bob, Arnaud)
Sync boost/context assembly files for fibers Fixes GH-10398 The stack was misaligned upon entering the trampoline function [1], this causes a CPU trap when the SSE instruction is executed to copy data from the stack. This was fixed upstream [2]. This commit syncs all upstream changes from the boost/context assembly files to our copy. [1] https://github.com/php/php-src/pull/10407#issuecomment-1404180877 [2] https://github.com/boostorg/context/pull/219 Closes GH-10407.
2023-01-21 19:49:31 +00:00
Fix GH-10315: FPM unknown child alert not valid This changes the log level for an unknown child during wait as this is not unuasual if FPM master has pid 1 and also possible in some cases for higher pid processes. Based on that and the fact that this is not really a problem, there is just a debug level message emitted for pid 1 and for higher pid a warning is emitted. Closes GH-10319
2023-01-14 16:55:16 +00:00
- FPM:
. Fixed bug GH-10315 (FPM unknown child alert not valid). (Jakub Zelenka)
Fix GH-10385: FPM successful config test early exit This introduces an enum `fpm_init_return_status` to propagate the status up to fpm_main. This also makes the code clearer by not using magic integer return numbers. Closes GH-10388
2023-01-20 21:17:27 +00:00
. Fixed bug GH-10385 (FPM successful config test early exit). (nielsdos)
Fix GH-10315: FPM unknown child alert not valid This changes the log level for an unknown child during wait as this is not unuasual if FPM master has pid 1 and also possible in some cases for higher pid processes. Based on that and the fact that this is not really a problem, there is just a debug level message emitted for pid 1 and for higher pid a warning is emitted. Closes GH-10319
2023-01-14 16:55:16 +00:00
Implement GMP::__construct() Implements a proper constructor for GMP as discussed in both GH-10158 and https://externals.io/message/119216. Fixes GH-10155 Closes GH-10225 Signed-off-by: George Peter Banyard <girgias@php.net>
2023-01-04 23:28:36 +00:00
- GMP:
. Properly implement GMP::__construct(). (nielsdos)
Fix GH-10647: Spoofchecker isSuspicious/areConfusable methods error code's argument. Closes GH-10653.
2023-02-21 16:13:25 +00:00
- Intl:
. Fixed bug GH-10647 (Spoolchecker isSuspicious/areConfusable methods
error code's argument always returning NULL0. (Nathan Freeman)
Update NEWS with scanner and parser build fixes
2023-02-17 16:36:43 +00:00
- JSON:
. Fixed JSON scanner and parser generation build.
(Daniel Black, Jakub Zelenka)
ext/mbstring: fix new_value length check Commit 8bbd0952e5bba88 added a check rejecting empty strings; in the merge commiot 379d9a1cfc6462 however it was changed to a NULL check, one that did not make sense because ZSTR_VAL() is guaranteed to never be NULL; the length check was accidently removed by that merge commit. This bug was found by GCC's -Waddress warning: ext/mbstring/mbstring.c:748:27: warning: the comparison will always evaluate as ‘true’ for the address of ‘val’ will never be NULL [-Waddress] 748 | if (!new_value || !ZSTR_VAL(new_value)) { | ^ Closes GH-10532 Signed-off-by: George Peter Banyard <girgias@php.net>
2023-02-07 11:26:19 +00:00
- MBString:
. ext/mbstring: fix new_value length check. (Max Kellermann)
Fix GH-10627: mb_convert_encoding crashes PHP on Windows Fixes GH-10627 The php_mb_convert_encoding() function can return NULL on error, but this case was not handled, which led to a NULL pointer dereference and hence a crash. Closes GH-10628 Signed-off-by: George Peter Banyard <girgias@php.net>
2023-02-19 20:43:34 +00:00
. Fix bug GH-10627 (mb_convert_encoding crashes PHP on Windows). (nielsdos)
ext/mbstring: fix new_value length check Commit 8bbd0952e5bba88 added a check rejecting empty strings; in the merge commiot 379d9a1cfc6462 however it was changed to a NULL check, one that did not make sense because ZSTR_VAL() is guaranteed to never be NULL; the length check was accidently removed by that merge commit. This bug was found by GCC's -Waddress warning: ext/mbstring/mbstring.c:748:27: warning: the comparison will always evaluate as ‘true’ for the address of ‘val’ will never be NULL [-Waddress] 748 | if (!new_value || !ZSTR_VAL(new_value)) { | ^ Closes GH-10532 Signed-off-by: George Peter Banyard <girgias@php.net>
2023-02-07 11:26:19 +00:00
Fix incorrect page_size check The current check always evaluated to false because if `!page_size` is true, then `page_size & (page_size - 1)` equals `0 & (0 - 1)` which is always 0. The if condition is meant to check if page_size is zero or not a power of two, thus we must change the AND to an OR to fix this issue. Closes GH-10427 Signed-off-by: George Peter Banyard <girgias@php.net>
2023-01-23 21:11:08 +00:00
- Opcache:
. Fix incorrect page_size check. (nielsdos)
Fix missing readonly modification error with inc/dec in JIT Closes GH-10746
2023-03-02 00:09:36 +00:00
. Fix readonly modification check when using inc/dec operators on readonly
property with JIT. (ilutov)
Fix incorrect page_size check The current check always evaluated to false because if `!page_size` is true, then `page_size & (page_size - 1)` equals `0 & (0 - 1)` which is always 0. The if condition is meant to check if page_size is zero or not a power of two, thus we must change the AND to an OR to fix this issue. Closes GH-10427 Signed-off-by: George Peter Banyard <girgias@php.net>
2023-01-23 21:11:08 +00:00
Fix incorrect error checking in php_openssl_set_server_dh_param() SSL_CTX_set_tmp_dh() and SSL_CTX_set0_tmp_dh_pkey() return 1 on success and 0 on error. But only < 0 was checked which means that errors were never caught. Closes GH-10705.
2023-02-25 22:39:00 +00:00
- OpenSSL:
. Fixed php_openssl_set_server_dh_param() DH params errors handling. (nielsdos)
Update NEWS
2023-02-07 15:28:50 +00:00
- PDO OCI:
. Fixed bug #60994 (Reading a multibyte CLOB caps at 8192 chars).
(Michael Voříšek)
Fix GH-10715: phpdbg heap buffer overflow -- by misuse of the option "--run" Fixes GH-10715 When a string starting with a NUL character is passed to phpdbg_vprint(), the vasprintf() will return that 0 characters have been printed. This causes msglen == 0. When phpdbg_process_print() is called with a message of length 0, the -1 to check for '\n' will perform an out of bounds read. Since nothing is printed anyway for msglen == 0, it seems best to just skip the printing routine for this case. Closes GH-10720.
2023-02-27 18:44:42 +00:00
- PHPDBG:
. Fixed bug GH-10715 (heap buffer overflow on --run option misuse). (nielsdos)
Fix GH-10672 (pg_lo_open segfaults in the strict_types mode) We need to use the proper ZPP qualifier for zend_string Closes GH-10677
2023-02-23 05:35:39 +00:00
- PGSQL:
. Fix GH-10672 (pg_lo_open segfaults in the strict_types mode). (girgias)
Fix incorrect check in phar tar parsing The entry.flags was used to check whether the entry has the directory flag. The flags however were masked to only contain the permissions. We need to check the mode, before the permission masking, instead of the flags to check whether it is a directory. Closes GH-10464 Signed-off-by: George Peter Banyard <girgias@php.net>
2023-01-27 23:07:35 +00:00
- Phar:
. Fix incorrect check in phar tar parsing. (nielsdos)
random: Do not trust arc4random_buf() on glibc (#10390) This effectively reverts #8984. As discussed in #10327 which will enable the use of the getrandom(2) syscall on NetBSD instead of relying on the userland arc4random_buf(), the CSPRNG should prioritize security over speed [1] and history has shown that userland implementations unavoidably fall short on the security side. In fact the glibc implementation is a thin wrapper around the syscall due to security concerns and thus does not provide any benefit over just calling getrandom(2) ourselves. Even without any performance optimizations the CSPRNG should be plenty fast for the vast majority of applications, because they often only need a few bytes of randomness to generate a session ID. If speed is desired, the OO API offers faster, but non-cryptographically secure engines.
2023-01-23 17:21:42 +00:00
- Random:
. Fix GH-10390 (Do not trust arc4random_buf() on glibc). (timwolla)
Merge branch 'PHP-8.1' into PHP-8.2 - PHP-8.1: Fix GH-10292 1st param of mt_srand() has UNKNOWN default on PHP <8.3
2023-01-24 18:42:53 +00:00
. Fix GH-10292 (Made the default value of the first param of srand() and
Fix GH-10292 1st param of mt_srand() has UNKNOWN default on PHP <8.3 Closes GH-10429
2023-01-24 18:00:41 +00:00
mt_srand() unknown). (kocsismate)
random: Do not trust arc4random_buf() on glibc (#10390) This effectively reverts #8984. As discussed in #10327 which will enable the use of the getrandom(2) syscall on NetBSD instead of relying on the userland arc4random_buf(), the CSPRNG should prioritize security over speed [1] and history has shown that userland implementations unavoidably fall short on the security side. In fact the glibc implementation is a thin wrapper around the syscall due to security concerns and thus does not provide any benefit over just calling getrandom(2) ourselves. Even without any performance optimizations the CSPRNG should be plenty fast for the vast majority of applications, because they often only need a few bytes of randomness to generate a session ID. If speed is desired, the OO API offers faster, but non-cryptographically secure engines.
2023-01-23 17:21:42 +00:00
[ci skip] NEWS
2023-02-19 22:48:39 +00:00
- Reflection:
. Fixed bug GH-10623 (Reflection::getClosureUsedVariables opcode fix with
variadic arguments). (nielsdos)
Fix segfault when using ReflectionFiber (fixes #10439) Closes GH-10478
2023-02-22 18:39:10 +00:00
. Fix Segfault when using ReflectionFiber suspended by an internal function.
(danog)
[ci skip] NEWS
2023-02-19 22:48:39 +00:00
Propagate errors correctly in ps_files_cleanup_dir() In SessionHandler::gc, we use a virtual call to PS(default_mod)->s_gc to call the gc implementation. That return value is checked against FAILURE (-1). One of the call targets of PS(default_mod)->s_gc is ps_gc_files(). ps_gc_files() calls to ps_files_cleanup_dir(). The latter function has some error checks and outputs a notice if something goes wrong. In cases of errors, the function returns 0. This means that the check in SessionHandler::gc will misinterpret this as a success and report that 0 files have been *successfully* cleaned up. Fix it by returning -1 to indicate something *did* go wrong. Closes GH-10644.
2023-02-21 10:40:41 +00:00
- Session:
. Fixed ps_files_cleanup_dir() on failure code paths with -1 instead of 0 as
the latter was considered success by callers. (nielsdos).
Fix GH-8086: Introduce mail.mixed_lf_and_crlf INI When this INI option is enabled, it reverts the line separator for headers and message to LF which was a non conformant behavior in PHP 7. It is done because some non conformant MTAs fail to parse CRLF line separator for headers and body. This is used for mail and mb_send_mail functions.
2022-12-30 15:09:48 +00:00
- Standard:
[ci skip] NEWS (#10561)
2023-02-10 23:18:50 +00:00
. Fixed bug GH-8086 (Introduce mail.mixed_lf_and_crlf INI). (Jakub Zelenka)
Fix GH-10292 1st param of mt_srand() has UNKNOWN default on PHP <8.3 Closes GH-10429
2023-01-24 18:00:41 +00:00
. Fixed bug GH-10292 (Made the default value of the first param of srand() and
mt_srand() unknown). (kocsismate)
Fix incorrect check in cs_8559_5 in map_from_unicode() The condition `code == 0x0450 || code == 0x045D` is always false because of an incorrect range check on code. According to the BMP coverage in the encoding spec for ISO-8859-5 (https://encoding.spec.whatwg.org/iso-8859-5-bmp.html) the range of valid characters is 0x0401 - 0x045F (except for 0x040D, 0x0450, 0x045D). The current check has an upper bound of 0x044F instead of 0x045F. Fix this by changing the upper bound. Closes GH-10399 Signed-off-by: George Peter Banyard <girgias@php.net>
2023-01-21 12:50:36 +00:00
. Fix incorrect check in cs_8559_5 in map_from_unicode(). (nielsdos)
Avoid crash for reset/end/next/prev() on ffi classes (#9711) (And any PECLs returning `zend_empty_array` in the handler->get_properties overrides) Closes GH-9697 This is similar to the fix used in d9651a941915eb5fb5ad557090b65256fd8509b6 for array_walk. This should make it safer for php-src (and PECLs, long-term) to return the empty immutable array in `handler->get_properties` to avoid wasting memory. See https://github.com/php/php-src/issues/9697#issuecomment-1273613175 The only possible internal iterator position for the empty array is at the end of the empty array (nInternalPointer=0). The `zend_hash*del*` helpers will always set nInternalPointer to 0 when an array becomes empty, regardless of previous insertions/deletions/updates to the array.
2023-02-03 14:17:33 +00:00
. Fix bug GH-9697 for reset/end/next/prev() attempting to move pointer of
properties table for certain internal classes such as FFI classes
[skip ci] Update NEWS with bugfixes backported from 8.1
2023-02-21 14:29:02 +00:00
. Fix incorrect error check in browsecap for pcre2_match(). (nielsdos)
Fix GH-8086: Introduce mail.mixed_lf_and_crlf INI When this INI option is enabled, it reverts the line separator for headers and message to LF which was a non conformant behavior in PHP 7. It is done because some non conformant MTAs fail to parse CRLF line separator for headers and body. This is used for mail and mb_send_mail functions.
2022-12-30 15:09:48 +00:00
[ci skip] NEWS (#10561)
2023-02-10 23:18:50 +00:00
- Streams:
. Fixed bug GH-10370 (File corruption in _php_stream_copy_to_stream_ex when
using copy_file_range). (nielsdos)
[ci skip] NEWS
2023-02-11 15:28:51 +00:00
. Fixed bug GH-10548 (copy() fails on cifs mounts because of incorrect
copy_file_range() len). (nielsdos)
[ci skip] NEWS (#10561)
2023-02-10 23:18:50 +00:00
Fix memory leaks in ext-tidy We must not instantiate the object prior checking error conditions Moreover, we need to release the HUGE amount of memory for files which are over 4GB when throwing a ValueError Closes GH-10545
2023-02-08 14:52:40 +00:00
- Tidy:
. Fix memory leaks when attempting to open a non-existing file or a file over
4GB. (Girgias)
[skip ci] Update NEWS with bugfixes backported from 8.1
2023-02-21 14:29:02 +00:00
. Add missing error check on tidyLoadConfig. (nielsdos)
Fix memory leaks in ext-tidy We must not instantiate the object prior checking error conditions Moreover, we need to release the HUGE amount of memory for files which are over 4GB when throwing a ValueError Closes GH-10545
2023-02-08 14:52:40 +00:00
Fix incorrect string length for output_handler in zlib ini code The length of "output_handler" is supposed to be passed, but as sizeof is used, the resulting number includes the NUL character, so the length is off-by-one. Subtract one to pass the correct length. Closes GH-10667.
2023-02-22 18:36:37 +00:00
- Zlib:
. Fixed output_handler directive value's length which counted the string
terminator. (nieldos)
Merge branch 'PHP-8.1' into PHP-8.2
2023-02-14 11:00:20 +00:00
14 Feb 2023, PHP 8.2.3
PHP-8.1 is now for PHP 8.1.17-dev
2023-02-13 19:16:07 +00:00
- Core:
. Fixed bug #81744 (Password_verify() always return true with some hash).
(CVE-2023-0567). (Tim Düsterhus)
. Fixed bug #81746 (1-byte array overrun in common path resolve code).
(CVE-2023-0568). (Niels Dossche)
Fix missing colon in NEWS
2023-02-14 10:46:48 +00:00
- SAPI:
Update NEWS
2023-02-14 10:23:59 +00:00
. Fixed bug GHSA-54hq-v5wp-fqgv (DOS vulnerability when parsing multipart
Fix incorrect character in NEWS
2023-02-14 10:33:56 +00:00
request body). (CVE-2023-0662) (Jakub Zelenka)
PHP-8.1 is now for PHP 8.1.15-dev
2022-12-07 17:29:37 +00:00
PHP-8.2 is now for PHP 8.2.3-dev
2023-01-17 17:55:22 +00:00
02 Feb 2023, PHP 8.2.2
PHP-8.2 is now for PHP 8.2.2-dev
2022-12-14 00:29:29 +00:00
Fix GH-10200: zif_get_object_vars: Assertion `!(((__ht)->u.flags & (1<<2)) != 0)' failed. This occurs because the array of properties is a single element with an integer key, not an associative array. Therefore it is a packed array and thus the assumption the iteration macro makes is invalid. This restores the behaviour of PHP<8.2. Closes GH-10209 Co-authored-by: Deltik <deltik@gmx.com> Signed-off-by: George Peter Banyard <girgias@php.net>
2023-01-02 14:34:03 +00:00
- Core:
. Fixed bug GH-10200 (zif_get_object_vars:
Assertion `!(((__ht)->u.flags & (1<<2)) != 0)' failed). (nielsdos)
Fix GH-10251: Assertion `(flag & (1<<3)) == 0' failed. zend_get_property_guard previously assumed that at least "str" has a pre-computed hash. This is not always the case, for example when a string is created by bitwise operations, its hash is not set. Instead of forcing a computation of the hashes, drop the hash comparison. Closes GH-10254 Co-authored-by: Changochen <changochen1@gmail.com> Signed-off-by: George Peter Banyard <girgias@php.net>
2023-01-07 12:49:24 +00:00
. Fix GH-10251 (Assertion `(flag & (1<<3)) == 0' failed). (nielsdos)
[ci skip] NEWS
2023-01-13 11:29:51 +00:00
. Fix GH-10240 (Assertion failure when adding more than 2**30 elements to an
unpacked array). (Arnaud)
. Fix GH-9735 (Fiber stack variables do not participate in cycle collector).
(Arnaud)
Fix GH-9675: Re-adjust run_time_cache init for internal enum methods Closes GH-10143.
2022-12-21 11:23:58 +00:00
. Fix GH-9675 (Broken run_time_cache init for internal enum methods).
(Petar Obradović, Bob)
[ci skip] NEWS
2023-01-20 15:54:49 +00:00
. Fix GH-10248 (Assertion `!(zval_get_type(&(*(property))) == 10)' failed).
(nielsdos)
Fix GH-10200: zif_get_object_vars: Assertion `!(((__ht)->u.flags & (1<<2)) != 0)' failed. This occurs because the array of properties is a single element with an integer key, not an associative array. Therefore it is a packed array and thus the assumption the iteration macro makes is invalid. This restores the behaviour of PHP<8.2. Closes GH-10209 Co-authored-by: Deltik <deltik@gmx.com> Signed-off-by: George Peter Banyard <girgias@php.net>
2023-01-02 14:34:03 +00:00
Fix bug #77106: Missing separator in FPM FastCGI errors
2022-11-29 21:47:53 +00:00
- FPM:
. Fixed bug #77106 (Missing separator in FPM FastCGI errors). (Jakub Zelenka)
Fix GH-9981: FPM does not reset fastcgi.error_header
2022-12-22 18:32:16 +00:00
. Fixed bug GH-9981 (FPM does not reset fastcgi.error_header).
(Jakub Zelenka)
Fix bug #68591: Configuration test does not perform UID lookups Addition check in fpm config test to verify existence of user, group, listen.owner and listen.group. Closes GH-10165
2022-12-23 19:24:57 +00:00
. Fixed bug #68591 (Configuration test does not perform UID lookups).
(Jakub Zelenka)
Fix ASAN reported leak in FPM config test This happens because config test does not shutdown SAPI. In addition this commit also fixes few failures when running FPM tests under root. Closes GH-10296
2023-01-12 11:55:14 +00:00
. Fixed memory leak when running FPM config test. (Jakub Zelenka)
Fix bug #67244: Wrong owner:group for listening unix socket Update FPM www.conf to reflect the actual logic
2023-01-13 10:31:01 +00:00
. Fixed bug #67244 (Wrong owner:group for listening unix socket).
(Jakub Zelenka)
Fix bug #77106: Missing separator in FPM FastCGI errors
2022-11-29 21:47:53 +00:00
Handle exceptions from __toString in XXH3's initialization The initialization routine for XXH3 was not prepared for exceptions from seed. Fix this by using try_convert_to_string. For discussion, please see: GH-10305 Closes GH-10352 Signed-off-by: George Peter Banyard <girgias@php.net>
2023-01-16 21:33:06 +00:00
- Hash:
. Handle exceptions from __toString in XXH3's initialization (nielsdos)
Fix GH-10112: LDAP\Connection::__construct() refers to ldap_create() There is no `ldap_create()`, but rather `ldap_connect()`. Closes GH-10115.
2022-12-16 11:16:38 +00:00
- LDAP:
. Fixed bug GH-10112 (LDAP\Connection::__construct() refers to ldap_create()).
(cmb)
PHP-8.2 is now for PHP 8.2.2-dev
2022-12-14 00:29:29 +00:00
[ci skip] NEWS
2022-12-21 13:55:53 +00:00
- Opcache:
. Fix inverted bailout value in zend_runtime_jit() (Max Kellermann).
Initialize ping_auto_globals_mask to prevent undefined behaviour Closes GH-10121
2022-12-17 15:02:55 +00:00
. Fix access to uninitialized variable in accel_preload(). (nielsdos)
ext/opcache/jit: handle zend_jit_find_trace() failures Commit 6c25413 added the flag ZEND_JIT_EXIT_INVALIDATE which resets the trace handlers in zend_jit_trace_exit(), but forgot to consider that on ZEND_JIT_TRACE_STOP_LINK, this changed handler gets passed to zend_jit_find_trace(), causing it to fail, either by returning 0 (results in bogus data) or by aborting due to ZEND_UNREACHABLE(). In either case, this crashes the PHP process. I'm not quite sure how to fix this multi-threading problem properly; my suggestion is to just fail the zend_jit_trace() call. After all, the whole ZEND_JIT_EXIT_INVALIDATE fix was about reloading modified scripts, so there's probably no point in this pending zend_jit_trace() call.
2022-12-22 12:02:52 +00:00
. Fix zend_jit_find_trace() crashes. (Max Kellermann)
ext/opcache/jit/zend_jit_trace: add missing lock for EXIT_INVALIDATE Commit 6c254131831 added the flag ZEND_JIT_EXIT_INVALIDATE which resets the trace handlers in zend_jit_trace_exit(), but forgot to lock the shared memory section. This could cause another worker process who still saw the ZEND_JIT_TRACE_JITED flag to schedule ZEND_JIT_TRACE_STOP_LINK, but when it arrived at the ZEND_JIT_DEBUG_TRACE_STOP, the handler was already reverted by the first worker process and thus zend_jit_find_trace() fails. This in turn generated a bogus jump offset in the JITed code, crashing the PHP process.
2022-12-19 21:35:22 +00:00
. Added missing lock for EXIT_INVALIDATE in zend_jit_trace_exit. (Max Kellermann)
[ci skip] NEWS
2022-12-21 13:55:53 +00:00
Fix wrong flags check for compression method in phar_object.c I found this issue using static analysis tools, it reported that the condition was always false. We can see that flags is assigned in the switch statement above, but a mistake was made in the comparison. Closes GH-10328 Signed-off-by: George Peter Banyard <girgias@php.net>
2023-01-15 14:05:36 +00:00
- Phar:
. Fix wrong flags check for compression method in phar_object.c (nielsdos)
Fix undefined behaviour in phpdbg_load_module_or_extension If zend_register_module_ex were to return NULL, then module_entry will be set to NULL, and the if's body will load module_entry->name. Since module_entry is NULL, loading the name would cause a NULL pointer dereference. However, since a NULL pointer dereference is undefined behaviour, the compiler is free to remove the check. Fix it by using *name instead of module_entry->name. Closes GH-10157 Signed-off-by: George Peter Banyard <girgias@php.net>
2022-12-22 20:03:45 +00:00
- PHPDBG:
. Fix undefined behaviour in phpdbg_load_module_or_extension(). (nielsdos)
Fix null pointer dereference of param When the validation logic for param->type was added, the logic did not account for the case where param could be NULL. The existing code did take that into account as can be seen in the `if (param)` check below. Furthermore, phpdbg_set_breakpoint_expression even calls phpdbg_create_conditional_break with param == NULL. Fix it by placing the validation logic inside a NULL check.
2022-12-26 20:43:53 +00:00
. Fix NULL pointer dereference in phpdbg_create_conditional_breal(). (nielsdos)
Fix GH-9710: phpdbg memory leaks by option "-h" Closes GH-10237 Signed-off-by: George Peter Banyard <girgias@php.net>
2023-01-05 21:11:15 +00:00
. Fix GH-9710: phpdbg memory leaks by option "-h" (nielsdos)
Fix phpdbg segmentation fault in case of malformed input If you were to enter "w $>" the function would crash with a segmentation fault because last_index is still NULL at that point. Fix it by checking for NULL and erroring out if it is. Closes GH-10353 Signed-off-by: George Peter Banyard <girgias@php.net>
2023-01-16 22:09:58 +00:00
. Fix phpdbg segmentation fault in case of malformed input (nielsdos)
Fix undefined behaviour in phpdbg_load_module_or_extension If zend_register_module_ex were to return NULL, then module_entry will be set to NULL, and the if's body will load module_entry->name. Since module_entry is NULL, loading the name would cause a NULL pointer dereference. However, since a NULL pointer dereference is undefined behaviour, the compiler is free to remove the check. Fix it by using *name instead of module_entry->name. Closes GH-10157 Signed-off-by: George Peter Banyard <girgias@php.net>
2022-12-22 20:03:45 +00:00
Fix memory leak in posix_ttyname() Closes GH-10190
2022-12-30 15:11:09 +00:00
- Posix:
. Fix memory leak in posix_ttyname() (girgias)
random: Fix check before closing `random_fd` (#10247) If, for whatever reason, the random_fd has been assigned file descriptor `0` it previously failed to close during module shutdown, thus leaking the descriptor.
2023-01-07 13:03:13 +00:00
- Random:
. Fixed bug GH-10247 (Theoretical file descriptor leak for /dev/urandom). (timwolla)
Fix GH-10187: Segfault in stripslashes() with arm64 Closes GH-10188 Co-authored-by: todeveni <toni.viemero@iki.fi> Signed-off-by: George Peter Banyard <girgias@php.net>
2022-12-30 13:31:40 +00:00
- Standard:
. Fix GH-10187 (Segfault in stripslashes() with arm64). (nielsdos)
unserialize: Strictly check for `:{` at object start (#10214) * unserialize: Strictly check for `:{` at object start * unserialize: Update CVE tests It's unlikely that the object syntax error contributed to the actual CVE. The CVE is rather caused by the incorrect object serialization data of the `C` format. Add a second string without such a syntax error to ensure that path is still executed as well to ensure the CVE is absent. * Fix test expectation in gmp/tests/bug74670.phpt No changes to the input required, because the test actually is intended to verify the behavior for a missing `}`, it's just that the report position changed. * NEWS * UPGRADING
2023-01-12 18:55:54 +00:00
. Fixed bug GH-10214 (Incomplete validation of object syntax during
unserialize()). (timwolla)
Fix substr_replace with slots in repl_ht being UNDEF The check that was supposed to check whether the array slot was UNDEF was wrong and never triggered. This resulted in a replacement with the empty string or the wrong string instead of the correct one. The correct check pattern can be observed higher up in the function's code. Closes GH-10323 Signed-off-by: George Peter Banyard <girgias@php.net>
2023-01-14 20:01:22 +00:00
. Fix substr_replace with slots in repl_ht being UNDEF. (nielsdos)
Fix GH-10187: Segfault in stripslashes() with arm64 Closes GH-10188 Co-authored-by: todeveni <toni.viemero@iki.fi> Signed-off-by: George Peter Banyard <girgias@php.net>
2022-12-30 13:31:40 +00:00
Fix missing check for xmlTextWriterEndElement xmlTextWriterEndElement returns -1 if the call fails. There was already a check for retval, but the return value wasn't assigned to retval. The other caller of xmlTextWriterEndElement is in xmlwriter_write_element_ns, which does the check correctly. Closes GH-10324 Signed-off-by: George Peter Banyard <girgias@php.net>
2023-01-14 22:38:38 +00:00
- XMLWriter
. Fix missing check for xmlTextWriterEndElement (nielsdos)
Fix GH-10187: Segfault in stripslashes() with arm64 Closes GH-10188 Co-authored-by: todeveni <toni.viemero@iki.fi> Signed-off-by: George Peter Banyard <girgias@php.net>
2022-12-30 13:31:40 +00:00
PHP-8.2 is now for PHP 8.2.2-dev
2022-12-14 00:29:29 +00:00
05 Jan 2023, PHP 8.2.1
[ci skip] Update NEWS for PHP 8.2.0
2022-11-08 06:24:02 +00:00
Fix GH-9905: constant() behaves inconsistent when class is undefined Directly referring to a constant of an undefined throws an exception; there is not much point in `constant()` raising a fatal error in this case. Closes GH-9907.
2022-11-08 16:13:35 +00:00
- Core:
. Fixed bug GH-9905 (constant() behaves inconsistent when class is undefined).
(cmb)
[ci skip] Fix GH-9918: License information for xxHash is not included in README.REDIST.BINS file Closes GH-9919.
2022-11-08 05:42:39 +00:00
. Fixed bug GH-9918 (License information for xxHash is not included in
README.REDIST.BINS file). (Akama Hitoshi)
Fix GH-9890: OpenSSL legacy providers not available on Windows We need to copy the provider DLLs from the dependency package to the PHP distribution. Closes GH-9894.
2022-11-04 18:39:07 +00:00
. Fixed bug GH-9890 (OpenSSL legacy providers not available on Windows). (cmb)
Fix GH-9650: Can't initialize heap: [0x000001e7] Closes GH-9721.
2022-11-14 14:16:31 +00:00
. Fixed bug GH-9650 (Can't initialize heap: [0x000001e7]). (Michael Voříšek)
Avoid undefined behavior in Windows ftok(3) emulation `.nFileIndexHigh` is a unsigned 32bit number. Casting that to `__int64` and shifting left by 32bits triggers undefined behavior if the most significant bit of `.nFileIndexHigh` is set. We could avoid that by casting to `(__uint64)`, but in that case the whole clause doesn't have an effect anymore, so we drop it altogether. Closes GH-9958.
2022-11-15 14:37:32 +00:00
. Fixed potentially undefined behavior in Windows ftok(3) emulation. (cmb)
Fix GH-9769: Misleading error message for unpacking of objects Only arrays can be unpacked in constant expressions. Closes GH-9776.
2022-11-17 15:32:33 +00:00
. Fixed GH-9769 (Misleading error message for unpacking of objects). (jhdxr)
PHP-8.1 is now for PHP 8.1.14-dev
2022-11-08 16:57:34 +00:00
Merge branch 'PHP-8.1' into PHP-8.2 * PHP-8.1: Fix GH-9949: Partial content on incomplete POST request
2022-12-13 14:22:39 +00:00
- Apache:
. Fixed bug GH-9949 (Partial content on incomplete POST request). (cmb)
Fixed GH-9699, GH-9866, and GH-9880 (problems with diff); and GH-9700 (greedy tzid parsing)
2022-11-30 15:47:43 +00:00
[ci skip] Fix NEWS FPM entries
2022-11-22 18:47:24 +00:00
- FPM:
. Fixed bug GH-9959 (Solaris port event mechanism is still broken after bug
#66694). (Petr Sumbera)
. Fixed bug #68207 (Setting fastcgi.error_header can result in a WARNING).
(Jakub Zelenka)
Fix bug #80669: FPM numeric user fails to set groups
2022-11-21 21:03:44 +00:00
. Fixed bug #80669 (FPM numeric user fails to set groups). (Jakub Zelenka)
Fix GH-8517: FPM child pointer can be potentially uninitialized There might be a moment when the child log event is executed after freeing a child. That could possibly happen if the child output is triggered at the same as the terminating of the child. Then the output event could be potentially processed after the terminating event which would cause this kind of issue. The issue might got more visible after introducing the log_stream on a child because it is more likely that this cannot be dereferenced after free. However it is very hard to reproduce this issue so there is no test for this. The fix basically prevents passing a child pointer and instead passes the child PID and then looks the child up by the PID when it is being processed. This is obviously slower but it is a safe way to do it and the slow down should not be hopefully visible in a way that it would overload a master process.
2022-08-28 13:58:42 +00:00
. Fixed bug GH-8517 (Random crash of FPM master process in
fpm_stdio_child_said). (Jakub Zelenka)
[ci skip] Fix NEWS FPM entries
2022-11-22 18:47:24 +00:00
Add a new imap_is_open() function to check that a connection object is still valid
2022-12-13 09:03:11 +00:00
- Imap:
. Fixed bug GH-10051 (IMAP: there's no way to check if a IMAP\Connection is
still open). (Girgias)
[ci skip] NEWS
2022-11-13 12:40:45 +00:00
- MBString:
. Fixed bug GH-9535 (The behavior of mb_strcut in mbstring has been changed in
PHP8.1). (Nathan Freeman)
[ci skip] NEWS
2022-11-25 13:37:43 +00:00
- Opcache:
. Fixed bug GH-9968 (Segmentation Fault during OPCache Preload).
(Arnaud, michdingpayc)
Fix GH-9997: OpenSSL engine clean up segfault
2022-11-24 18:29:44 +00:00
- OpenSSL:
. Fixed bug GH-9997 (OpenSSL engine clean up segfault). (Jakub Zelenka)
Fix GH-9064: PHP fails to build if openssl was built with no-ec
2022-11-25 12:49:12 +00:00
. Fixed bug GH-9064 (PHP fails to build if openssl was built with --no-ec).
(Jakub Zelenka)
Fix GH-10000: Test failures when OpenSSL compiled with no-dsa
2022-11-25 14:02:03 +00:00
. Fixed bug GH-10000 (OpenSSL test failures when OpenSSL compiled with
no-dsa). (Jakub Zelenka)
Fix GH-9997: OpenSSL engine clean up segfault
2022-11-24 18:29:44 +00:00
Fix GH-9890: OpenSSL legacy providers not available on Windows We need to copy the provider DLLs from the dependency package to the PHP distribution. Closes GH-9894.
2022-11-04 18:39:07 +00:00
- Pcntl:
[ci skip] NEWS
2022-11-13 10:07:46 +00:00
. Fixed bug GH-9298 (Signal handler called after rshutdown leads to crash).
(Erki Aring)
Fix GH-9971: Incorrect NUMERIC value returned from PDO_Firebird Dialect 1 databases store and transfer `NUMERIC(15,2)` values as doubles, which we need to cater to in `firebird_stmt_get_col()` to avoid `ZEND_ASSUME(0)` to ever be triggered, since that may result in undefined behavior. Since adding a regression test would require to create a dialect 1 database, we go without it. Closes GH-10021.
2022-11-29 14:32:46 +00:00
- PDO_Firebird:
. Fixed bug GH-9971 (Incorrect NUMERIC value returned from PDO_Firebird).
(cmb)
[ci skip] Add missing CVE in NEWS
2023-01-03 19:27:16 +00:00
- PDO/SQLite:
. Fixed bug #81740 (PDO::quote() may return unquoted string). (CVE-2022-31631)
(cmb)
Fix GH-9932: Discards further characters for session name. As those are converted, it s better to make aware of the code caller of the naming inadequacy. Closes GH-9940.
2022-11-15 12:27:44 +00:00
- Session:
. Fixed GH-9932 (session name silently fails with . and [). (David Carlier)
Fix GH-9883 SplFileObject::__toString() reads next line We need to overwrite the __toString magic method for SplFileObject, similarly to how DirectoryIterator overwrites it Moreover, the custom cast handler is useless as we define __toString methods, so use the standard one instead. Closes GH-9912
2022-11-09 15:24:30 +00:00
- SPL:
. Fixed GH-9883 (SplFileObject::__toString() reads next line). (Girgias)
Fix GH-10011 (Trampoline autoloader will get reregistered and cannot be unregistered) There are two issues to resolve: 1. The FCC is not refetch when trying to unregister a trampoline 2. Comparing the function pointer of trampolines is meaningless as they are reallocated, thus we need to compare the name of the function Found while working on GH-8294 Closes GH-10033
2022-12-02 01:23:48 +00:00
. Fixed GH-10011 (Trampoline autoloader will get reregistered and cannot be
unregistered). (Girgias)
Fix GH-9883 SplFileObject::__toString() reads next line We need to overwrite the __toString magic method for SplFileObject, similarly to how DirectoryIterator overwrites it Moreover, the custom cast handler is useless as we define __toString methods, so use the standard one instead. Closes GH-9912
2022-11-09 15:24:30 +00:00
Fix #81742: open_basedir bypass in SQLite3 by using file URI A previous fix[1] was not sufficient to catch all potential file URIs, because the patch did not cater to URL encoding. Properly parsing and decoding the URI may yield a different result than the handling of SQLite3, so we play it safe, and reject any file URIs if open_basedir is configured. [1] <https://bugs.php.net/bug.php?id=77967> Closes GH-10018.
2022-12-05 15:26:02 +00:00
- SQLite3:
. Fixed bug #81742 (open_basedir bypass in SQLite3 by using file URI). (cmb)
Merge branch 'PHP-8.1' into PHP-8.2 * PHP-8.1: Fix Windows shmget() wrt. IPC_PRIVATE
2022-12-13 14:48:58 +00:00
- TSRM:
. Fixed Windows shmget() wrt. IPC_PRIVATE. (Tyson Andre)
[ci skip] Update PHP 8.2.0 new release date
2022-11-23 02:55:35 +00:00
08 Dec 2022, PHP 8.2.0
[ci skip] Update NEWS for PHP 8.2.0 beta1
2022-07-05 16:09:39 +00:00
[ci skip] NEWS
2022-07-10 13:18:51 +00:00
- CLI:
PHP-8.2 is now for PHP 8.2.1-dev and prepare NEWS for 8.2.0
2022-11-08 18:26:35 +00:00
. Fixed bug #81496 (Server logs incorrect request method). (lauri)
[ci skip] NEWS
2022-07-10 13:18:51 +00:00
. Updated the mime-type table for the builtin-server. (Ayesh Karunaratne)
Allow to not close stream on rscr dtor in php cli sapi
2022-06-20 13:14:29 +00:00
. Fixed potential overflow for the builtin server via the
PHP_CLI_SERVER_WORKERS environment variable. (yiyuaner)
. Fixed GH-8575 by changing STDOUT, STDERR and STDIN to not close on resource
destruction. (Jakub Zelenka)
PHP-8.2 is now for PHP 8.2.1-dev and prepare NEWS for 8.2.0
2022-11-08 18:26:35 +00:00
. Implement built-in web server responding without body to HEAD request on
a static resource. (Vedran Miletic, Marin Martuslovic)
. Implement built-in web server responding with HTTP status 405 to
DELETE/PUT/PATCH request on a static resource.
(Vedran Miletic, Marin Martuslovic)
. Fixed bug GH-9709 (Null pointer dereference with -w/-s options).
(Adam Saponara)
Reduce memory allocated by var_export, json_encode, serialize, and other (#8902) smart_str uses an over-allocated string to optimize for append operations. Functions that use smart_str tend to return the over-allocated string directly. This results in unnecessary memory usage, especially for small strings. The overhead can be up to 231 bytes for strings smaller than that, and 4095 for other strings. This can be avoided for strings smaller than `4096 - zend_string header size - 1` by reallocating the string. This change introduces `smart_str_trim_to_size()`, and calls it in `smart_str_extract()`. Functions that use `smart_str` are updated to use `smart_str_extract()`. Fixes GH-8896
2022-07-08 12:47:46 +00:00
Fix GH-8750: Can not create VT_ERROR variant type We add support for creating `VT_ERROR` variants via `__construct()`, and allow casting to int via `variant_cast()` and `variant_set_type()`. We do not, however, allow type conversion by other means, to avoid otherwise easily introduced type confusion. VB(A) also only allows explicit type conversion. We also introduce `DISP_E_PARAMNOTFOUND` which might be the most important `scode` for this purpose, since this allows to skip optional parameters in method calls. Closes GH-8886.
2022-06-21 15:30:42 +00:00
- COM:
. Fixed bug GH-8750 (Can not create VT_ERROR variant type). (cmb)
Add IBT support for fiber Indirect Branch Tracking (IBT) is part of Intel's Control-Flow Enforcement Technology (CET). IBT is hardware based, forward edge Control-Flow-Integrity mechanism where any indirect CALL/JMP must target an ENDBR instruction or suffer #CP. This commit adds IBT support for fiber: 1. Add endbr32/64 in assembly 2. Inform compiler jump_fcontext may return via indirect branch Furthermore: gcc support CET since v8.1 and set it to default since gcc 11. That is, the ELF header of sapi/cli/php has a property named IBT. However, such property is lost since PHP8.1 because the assembly introduced by Fiber. This commit also fixes this. Closes GH-8339 Signed-off-by: Chen, Hu <hu1.chen@intel.com> Co-authored-by: Christoph M. Becker <cmbecker69@gmx.de>
2022-04-26 08:58:22 +00:00
- Core:
PHP-8.2 is now for PHP 8.2.1-dev and prepare NEWS for 8.2.0
2022-11-08 18:26:35 +00:00
. Fixed bug #81380 (Observer may not be initialized properly). (krakjoe)
. Fixed bug GH-7771 (Fix filename/lineno of constant expressions). (ilutov)
. Fixed bug GH-7792 (Improve class type in error messages). (ilutov)
. Support huge pages on MacOS. (David CARLIER)
Fix RC=1 references of declared properties when casting objects to arrays Fixes GH-8655. Closes GH-8737.
2022-06-09 08:48:52 +00:00
. Fixed bug GH-8655 (Casting an object to array does not unwrap refcount=1
references). (Nicolas Grekas)
Fix GH-8661: Nullsafe in coalesce triggers undefined variable warning Closes GH-8690
2022-06-02 15:15:55 +00:00
. Fixed bug GH-8661 (Nullsafe in coalesce triggers undefined variable
warning). (ilutov)
Allow arbitrary const expressions in backed enums Closes GH-7821 Closes GH-8190 Closes GH-8418
2022-03-10 21:35:01 +00:00
. Fixed bug GH-7821 and GH-8418 (Allow arbitrary const expressions in backed
enums). (ilutov)
Fix lineno in backtrace of multi-line function calls Closes GH-8810 Closes GH-8818
2022-06-17 14:20:28 +00:00
. Fixed bug GH-8810 (Incorrect lineno in backtrace of multi-line function
calls). (ilutov)
main/streams/plain_wrapper: skip lseek(SEEK_CUR) for newly opened files A file that has just been opened is known to be at offset zero, and the lseek(SEEK_CUR) system call to determine the current offset can be skipped. Closes #8540.
2022-04-29 03:22:53 +00:00
. Optimised code path for newly created file with the stream plain wrapper. (Max Kellermann)
PHP-8.2 is now for PHP 8.2.1-dev and prepare NEWS for 8.2.0
2022-11-08 18:26:35 +00:00
. Uses safe_perealloc instead of perealloc for the
ZEND_PTR_STACK_RESIZE_IF_NEEDED to avoid possible overflows. (David Carlier)
. Reduced the memory footprint of strings returned by var_export(),
json_encode(), serialize(), iconv_*(), mb_ereg*(), session_create_id(),
http_build_query(), strstr(), Reflection*::__toString(). (Arnaud)
. Fixed bug GH-8995 (WeakMap object reference offset causing TypeError).
(Tobias Bachert)
. Added error_log_mode ini setting. (Mikhail Galanin)
. Updated request startup messages. (Eric Norris)
. Fixed bug GH-7900 (Arrow function with never return type compile-time
errors). (ilutov)
. Fixed incorrect double to long casting in latest clang. (zeriyoshi)
. Added support for defining constants in traits. (sj-i)
. Stop incorrectly emitting false positive deprecation notice alongside
unsupported syntax fatal error for `"{$g{'h'}}"`. (TysonAndre)
. Fix unexpected deprecated dynamic property warning, which occurred when
exit() in finally block after an exception was thrown without catching.
(Twosee)
. Fixed bug GH-9323 (Crash in ZEND_RETURN/GC/zend_call_function)
(Tim Starling)
. Fixed bug GH-9227 (Trailing dots and spaces in filenames are ignored).
(cmb)
. Fixed bug GH-9285 (Traits cannot be used in readonly classes).
(kocsismate)
. Fixed bug GH-9186 (@strict-properties can be bypassed using
unserialization). (kocsismate)
. Fixed bug GH-9500 (Using dnf type with parentheses after readonly keyword
results in a parse error). (ilutov)
. Fixed bug GH-9516 ((A&B)|D as a param should allow AB or D. Not just A).
(Girgias)
. Fixed observer class notify with Opcache file_cache_only=1. (ilutov)
. Fixes segfault with Fiber on FreeBSD i386 architecture. (David Carlier)
. Fixed bug GH-9655 (Pure intersection types cannot be implicitly nullable)
(Girgias)
. Fixed bug GH-9589 (dl() segfaults when module is already loaded). (cmb,
Arnaud)
. Fixed bug GH-9752 (Generator crashes when interrupted during argument
evaluation with extra named params). (Arnaud)
. Fixed bug GH-9801 (Generator crashes when memory limit is exceeded during
initialization). (Arnaud)
. Fixed a bug with preloaded enums possibly segfaulting. (Bob)
. Fixed bug GH-9823 (Dont reset func in zend_closure_internal_handler).
(Florian Sowade)
. Fixed potential NULL pointer dereference Windows shm*() functions. (cmb)
. Fix target validation for internal attributes with constructor property
promotion. (kooldev)
. Fixed bug GH-9750 (Generator memory leak when interrupted during argument
evaluation. (Arnaud)
The PHP-8.1 branch is now for 8.1.0RC4
2021-09-28 21:28:33 +00:00
Introduce CURLOPT_XFERINFOFUNCTION `CURLOPT_XFERINFOFUNCTION` is available as of cURL 7.32.0, and supersedes `CURLOPT_PROGRESSFUNCTION` which is still supported by latest cURL, though. Closes GH-7823.
2021-12-24 10:14:48 +00:00
- Curl:
. Added support for CURLOPT_XFERINFOFUNCTION. (David Carlier)
Add CURLOPT_MAXFILESIZE_LARGE option Like other *LARGE options, it takes a 64 bit value. Closes GH-8557.
2022-05-15 11:01:50 +00:00
. Added support for CURLOPT_MAXFILESIZE_LARGE. (David Carlier)
PHP-8.2 is now for PHP 8.2.1-dev and prepare NEWS for 8.2.0
2022-11-08 18:26:35 +00:00
. Added new constants from cURL 7.62 to 7.80. (Pierrick)
. New function curl_upkeep(). (Pierrick)
Introduce CURLOPT_XFERINFOFUNCTION `CURLOPT_XFERINFOFUNCTION` is available as of cURL 7.32.0, and supersedes `CURLOPT_PROGRESSFUNCTION` which is still supported by latest cURL, though. Closes GH-7823.
2021-12-24 10:14:48 +00:00
GH-8458: DateInterval::createFromDateString does not throw non-relative items are present
2022-05-05 11:15:44 +00:00
- Date:
. Fixed GH-8458 (DateInterval::createFromDateString does not throw if
non-relative items are present). (Derick)
[ci skip] Update NEWS
2022-05-20 10:18:49 +00:00
. Fixed bug #52015 (Allow including end date in DatePeriod iterations)
(Daniel Egeberg, Derick)
Add "N" and "o" format specifiers to idate()
2021-12-29 15:38:45 +00:00
. idate() now accepts format specifiers "N" (ISO Day-of-Week) and "o" (ISO
Year). (Pavel Djundik)
PHP-8.2 is now for PHP 8.2.1-dev and prepare NEWS for 8.2.0
2022-11-08 18:26:35 +00:00
. Fixed bug GH-8730 (DateTime::diff miscalculation is same time zone of
different type). (Derick)
. Fixed bug GH-8964 (DateTime object comparison after applying delta less
than 1 second). (Derick)
. Fixed bug GH-9106: (DateInterval 1.5s added to DateTimeInterface is rounded
down since PHP 8.1.0). (Derick)
. Fixed bug #75035 (Datetime fails to unserialize "extreme" dates).
(Derick)
. Fixed bug #80483 (DateTime Object with 5-digit year can't unserialized).
(Derick)
. Fixed bug #81263 (Wrong result from DateTimeImmutable::diff). (Derick)
. Fixed bug GH-9431 (DateTime::getLastErrors() not returning false when no
errors/warnings). (Derick)
. Fixed bug with parsing large negative numbers with the @ notation. (Derick)
- DBA:
. Fixed LMDB driver hanging when attempting to delete a non-existing key
(Girgias)
. Fixed LMDB driver memory leak on DB creation failure (Girgias)
. Fixed GH-8856 (dba: lmdb: allow to override the MDB_NOSUBDIR flag). (Girgias)
- FFI:
. Fixed bug GH-9090 (Support assigning function pointers in FFI). (Adam
Saponara)
- Fileinfo:
. Fixed bug GH-8805 (finfo returns wrong mime type for woff/woff2 files).
(Anatol)
- Filter:
. Added FILTER_FLAG_GLOBAL_RANGE to filter Global IPs. (vnsavage)
GH-8458: DateInterval::createFromDateString does not throw non-relative items are present
2022-05-05 11:15:44 +00:00
FPM: Emit error for invalid port setting
2022-03-19 15:16:07 +00:00
- FPM:
. Emit error for invalid port setting. (David Carlier)
Add extra check for FPM proc dumpable on SELinux based systems The deny_ptrace is a OS runtime setting and is off by default, at least on workstations flavors (fedora) however it might be different on production servers.
2021-11-12 18:38:55 +00:00
. Added extra check for FPM proc dumpable on SELinux based systems.
(David Carlier)
Support fpm_get_socket_listening_queue on macOS Using TCP_CONNECTION_INFO socket option.
2022-04-09 14:08:41 +00:00
. Added support for listening queue on macOS. (David Carlier)
Update NEWS and www.conf with listen.backlog default change
2022-04-23 12:25:08 +00:00
. Changed default for listen.backlog on Linux to -1. (Cristian Rodríguez)
PHP-8.2 is now for PHP 8.2.1-dev and prepare NEWS for 8.2.0
2022-11-08 18:26:35 +00:00
. Added listen.setfib pool option to set route FIB on FreeBSD. (David Carlier)
. Added access.suppress_path pool option to filter access log entries.
(Mark Gallagher)
. Fixed on fpm scoreboard occasional warning on acquisition failure.
(Felix Wiedemann)
. Fixed bug GH-9754 (SaltStack (using Python subprocess) hangs when running
php-fpm 8.1.11). (Jakub Zelenka)
FPM: Emit error for invalid port setting
2022-03-19 15:16:07 +00:00
Fix datetime format string to follow POSIX spec in ftp_mdtm() Closes GH-8259
2022-03-28 02:48:30 +00:00
- FTP:
. Fix datetime format string to follow POSIX spec in ftp_mdtm(). (Jihwan Kim)
PHP-8.2 is now for PHP 8.2.1-dev and prepare NEWS for 8.2.0
2022-11-08 18:26:35 +00:00
- GD:
. Fixed bug #81739: OOB read due to insufficient input validation in
imageloadfont(). (CVE-2022-31630) (cmb)
- GMP:
. Fixed bug GH-9308 (GMP throws the wrong error when a GMP object is passed
to gmp_init()). (Girgias)
- Hash:
. Fixed bug #81738: buffer overflow in hash_update() on long parameter.
(CVE-2022-37454) (nicky at mouha dot be)
Fix compilation on RHEL 7 ppc64le (gcc 4.8) Fixes GH-10077 Closes GH-10078
2021-11-30 22:19:38 +00:00
. Fixed bug GH-10077: Fix compilation on RHEL 7 ppc64le. (Mattias Ellert)
PHP-8.2 is now for PHP 8.2.1-dev and prepare NEWS for 8.2.0
2022-11-08 18:26:35 +00:00
intl: Update grandfathered and redundant language tags Closes GH-7641.
2021-11-11 06:26:04 +00:00
- Intl:
. Update all grandfathered language tags with preferred values
Fix GH-7939: Cannot unserialize IntlTimeZone objects As it is now, `IntlTimeZone`, `IntlCalendar` and `IntlDateFormatter` and some other intl class instances can be serialized, but the representation is meaningless, and unserialization yields uninitialized/ unusable objects. To prevent users from noticing this too late, we deny serialization of such objects in the first place. Closes GH-7945.
2022-01-20 10:30:35 +00:00
. Fixed GH-7939 (Cannot unserialize IntlTimeZone objects). (cmb)
PHP-8.2 is now for PHP 8.2.1-dev and prepare NEWS for 8.2.0
2022-11-08 18:26:35 +00:00
. Fixed build for ICU 69.x and onwards. (David Carlier)
. Declared Transliterator::$id as readonly to unlock subclassing it. (Nicolas
Grekas)
. Fixed bug GH-9421 (Incorrect argument number for ValueError in NumberFormatter).
(Girgias)
- MBString:
. Fixed bug GH-9248 (Segmentation fault in mb_strimwidth()). (cmb)
- mysqli:
. Fixed bug GH-9841 (mysqli_query throws warning despite using
silenced error mode). (Kamil Tekiela)
- MySQLnd:
. Fixed potential heap corruption due to alignment mismatch. (cmb)
intl: Update grandfathered and redundant language tags Closes GH-7641.
2021-11-11 06:26:04 +00:00
Add oci8.prefetch_lob_size
2021-11-12 06:59:22 +00:00
- OCI8:
. Added oci8.prefetch_lob_size directive to tune LOB query performance
Oracle Client 10g is no longer supported Thus, we drop respective config option for Windows.
2021-12-12 11:31:07 +00:00
. Support for building against Oracle Client libraries 10.1 and 10.2 has been
dropped. Oracle Client libraries 11.2 or newer are now required.
Add oci8.prefetch_lob_size
2021-11-12 06:59:22 +00:00
Quote when adding to connection string in (PDO_)ODBC Because the UID= and PWD= values are appended to the SQLDriverConnect case when credentials are passed, we have to append them to the string in case users are relying on this behaviour. However, they must be quoted, or the arguments will be invalid (or possibly more injected). This means users had to quote arguments or append credentials to the raw connection string themselves. It seems that ODBC quoting rules are consistent enough (and that Microsoft trusts them enough to encode into the .NET BCL) that we can actually check if the string is already quoted (in case a user is already quoting because of this not being fixed), and if not, apply the appropriate ODBC quoting rules. This is because the code exists in main/, and are shared between both ODBC extensions, so it doesn't make sense for it to only exist in one or the other. There may be a better spot for it. Closes GH-8307.
2022-04-22 15:04:47 +00:00
- ODBC:
[ci skip] Improve latest NEWS entries to point to actual bug report
2022-05-27 15:00:16 +00:00
. Fixed bug GH-8300 (User input not escaped when building connection string).
(Calvin Buckley)
PHP-8.2 is now for PHP 8.2.1-dev and prepare NEWS for 8.2.0
2022-11-08 18:26:35 +00:00
. Fixed bug GH-9347 (Current ODBC liveness checks may be inadequate). (Calvin
Buckley)
- Opcache:
. Allocate JIT buffer close to PHP .text segemnt to allow using direct
IP-relative calls and jumps.
(Su Tao, Wang Xue, Chen Hu, Lizhen Lizhen, Dmitry)
. Added initial support for JIT performance profiling generation
for macOs Instrument. (David Carlier)
. Fixed bug GH-8030 (Segfault with JIT and large match/switch statements).
(Arnaud)
. Added JIT support improvement for macOs for segments and executable permission
bit handling. (David Carlier)
. Added JIT buffer allocation near the .text section on FreeNSD. (David Carlier)
. Fixed bug GH-9371 (Crash with JIT on mac arm64)
(jdp1024/David Carlier)
. Fixed bug GH-9259 (opcache.interned_strings_buffer setting integer
overflow). (Arnaud)
. Added indirect call reduction for jit on x86 architectures. (wxue1)
- OPcache:
. Fixed bug GH-9164 (Segfault in zend_accel_class_hash_copy).
(Arnaud, Sergei Turchanov)
- OpenSSL:
. Discard poll calls on socket when no timeout/non blocking/MSG_DONTWAIT. (Max Kellermann)
. Fixed bug GH-9310 (SSL local_cert and local_pk do not respect
open_basedir). (Jakub Zelenka)
. Implement FR #76935 ("chacha20-poly1305" is an AEAD but does not work like
AEAD). (Jakub Zelenka)
. Added openssl_cipher_key_length function. (Jakub Zelenka)
. Fixed bug GH-9517 (Compilation error openssl extension related to PR
GH-9366). (Jakub Zelenka)
. Fixed missing clean up of OpenSSL engine list - attempt to fix GH-8620.
(Jakub Zelenka)
. Fixed bug GH-8430 (OpenSSL compiled with no-md2, no-md4 or no-rmd160 does
not build). (Jakub Zelenka, fsbruva)
- PCNTL:
. Fixed pcntl_(get|set)priority error handling for MacOS. (Juan Morales)
- PCRE:
. Implemented FR #77726 (Allow null character in regex patterns). (tobil4sk)
. Updated bundled libpcre to 10.40. (cmb)
- PDO:
. Fixed bug GH-9818 (Initialize run time cache in PDO methods).
(Florian Sowade)
- PDO_Firebird:
. Fixed bug GH-8576 (Bad interpretation of length when char is UTF-8). (cmb)
Quote when adding to connection string in (PDO_)ODBC Because the UID= and PWD= values are appended to the SQLDriverConnect case when credentials are passed, we have to append them to the string in case users are relying on this behaviour. However, they must be quoted, or the arguments will be invalid (or possibly more injected). This means users had to quote arguments or append credentials to the raw connection string themselves. It seems that ODBC quoting rules are consistent enough (and that Microsoft trusts them enough to encode into the .NET BCL) that we can actually check if the string is already quoted (in case a user is already quoting because of this not being fixed), and if not, apply the appropriate ODBC quoting rules. This is because the code exists in main/, and are shared between both ODBC extensions, so it doesn't make sense for it to only exist in one or the other. There may be a better spot for it. Closes GH-8307.
2022-04-22 15:04:47 +00:00
Fix #80909: crash with persistent connections in PDO_ODBC When we have a complex connection string (more than a DSN), PHP appends a UID and PWD if none are present and a username and password are called, so SQLDriverConnect works as expected. However, it seems spprintf doesn't allocate with persistence if required. As a result, it'll be considering leaking and crash PHP on free when a persistent connection is used. Closes GH-8110.
2022-02-17 18:40:56 +00:00
- PDO_ODBC:
. Fixed bug #80909 (crash with persistent connections in PDO_ODBC). (Calvin
Buckley)
[ci skip] Improve latest NEWS entries to point to actual bug report
2022-05-27 15:00:16 +00:00
. Fixed bug GH-8300 (User input not escaped when building connection string).
(Calvin Buckley)
PHP-8.2 is now for PHP 8.2.1-dev and prepare NEWS for 8.2.0
2022-11-08 18:26:35 +00:00
. Fixed bug GH-9347 (Current ODBC liveness checks may be inadequate). (Calvin
Buckley)
. Fixed bug GH-9372 (HY010 when binding overlong parameter). (cmb)
- PDO_PGSQL:
. Fixed bug GH-9411 (PgSQL large object resource is incorrectly closed).
(Yurunsoft)
- Random:
. Added new random extension. (Go Kudo)
. Fixed bug GH-9067 (random extension is not thread safe). (cmb)
. Fixed bug GH-9055 (segmentation fault if user engine throws). (timwolla)
. Fixed bug GH-9066 (signed integer overflow). (zeriyoshi)
. Fixed bug GH-9083 (undefined behavior during shifting). (timwolla)
. Fixed bug GH-9088, GH-9056 (incorrect expansion of bytes when
generating uniform integers within a given range). (timwolla)
. Fixed bug GH-9089 (Fix memory leak on Randomizer::__construct()
call twice). (zeriyoshi)
. Fixed bug GH-9212 (PcgOneseq128XslRr64::jump() should not allow negative
$advance). (Anton Smirnov)
. Changed Mt19937 to throw a ValueError instead of InvalidArgumentException
for invalid $mode. (timwolla)
. Splitted Random\Randomizer::getInt() (without arguments) to
Random\Randomizer::nextInt(). (zeriyoshi)
. Fixed bug GH-9235 (non-existant $sequence parameter in stub for
PcgOneseq128XslRr64::__construct()). (timwolla)
. Fixed bug GH-9190, GH-9191 (undefined behavior for MT_RAND_PHP when
handling large ranges). (timwolla)
. Fixed bug GH-9249 (Xoshiro256StarStar does not reject the invalid
all-zero state). (timwolla)
. Removed redundant RuntimeExceptions from Randomizer methods. The
exceptions thrown by the engines will be exposed directly. (timwolla)
. Added extension specific Exceptions/Errors (RandomException, RandomError,
BrokenRandomEngineError). (timwolla)
. Fixed bug GH-9415 (Randomizer::getInt(0, 2**32 - 1) with Mt19937
always returns 1). (timwolla)
. Fixed Randomizer::getInt() consistency for 32-bit engines. (timwolla)
. Fixed bug GH-9464 (build on older macOs releases). (David Bohman)
. Fixed bug GH-9839 (Pre-PHP 8.2 output compatibility for non-mt_rand()
functions for MT_RAND_PHP). (timwolla)
Fix #80909: crash with persistent connections in PDO_ODBC When we have a complex connection string (more than a DSN), PHP appends a UID and PWD if none are present and a username and password are called, so SQLDriverConnect works as expected. However, it seems spprintf doesn't allocate with persistence if required. As a result, it'll be considering leaking and crash PHP on free when a persistent connection is used. Closes GH-8110.
2022-02-17 18:40:56 +00:00
Add ReflectionFunction::isAnonymous() Closes GH-8499.
2022-05-05 13:51:20 +00:00
- Reflection:
. Added ReflectionFunction::isAnonymous(). (Nicolas Grekas)
Add ReflectionMethod::hasPrototype method Closes GH-8487.
2022-05-04 11:21:37 +00:00
. Added ReflectionMethod::hasPrototype(). (Ollie Read)
Better return types for `getBackingType` (#8687) The only backing types for Enums are int and string. The proper return type for ReflectionEnum::getBackingType() is thus null|ReflectionNamedType. See also https://github.com/php/doc-en/pull/1608 Closes GH-8687
2022-06-02 16:13:21 +00:00
. Narrow ReflectionEnum::getBackingType() return type to ReflectionNamedType.
(SamMousa)
PHP-8.2 is now for PHP 8.2.1-dev and prepare NEWS for 8.2.0
2022-11-08 18:26:35 +00:00
. Fixed bug GH-8932 (ReflectionFunction provides no way to get the called
class of a Closure). (cmb, Nicolas Grekas)
Add ReflectionFunction::isAnonymous() Closes GH-8499.
2022-05-05 13:51:20 +00:00
[ci skip] Order NEWS sections alphabetically
2022-05-16 13:30:07 +00:00
- Session:
. Fixed bug GH-7787 (Improve session write failure message for user error
handlers). (ilutov)
PHP-8.2 is now for PHP 8.2.1-dev and prepare NEWS for 8.2.0
2022-11-08 18:26:35 +00:00
. Fixed GH-9200 (setcookie has an obsolete expires date format). (timwolla)
. Fixed GH-9584 (Avoid memory corruption when not unregistering custom session
handler). (ilutov)
. Fixed bug GH-9583 (session_create_id() fails with user defined save handler
that doesn't have a validateId() method). (Girgias)
- SOAP:
. Fixed bug GH-9720 (Null pointer dereference while serializing the response).
(cmb)
[ci skip] Order NEWS sections alphabetically
2022-05-16 13:30:07 +00:00
Add TCP_NOTSENT_LOWAT socket option Can be used to limit the amount of unsent data per socket. Closes GH-8559.
2022-05-15 16:43:20 +00:00
- Sockets:
. Added TCP_NOTSENT_LOWAT socket option. (David Carlier)
Add SO_MEMINFO socket option for gathering socket related info
2022-04-20 20:06:47 +00:00
. Added SO_MEMINFO socket option. (David Carlier)
[ci skip] NEWS, UPGRADING
2022-05-27 12:06:53 +00:00
. Added SO_RTABLE socket option (OpenBSD), equivalent of SO_MARK (Linux).
(David Carlier)
. Added TCP_KEEPALIVE, TCP_KEEPIDLE, TCP_KEEPINTVL, TCP_KEEPCNT socket
options. (David Carlier)
Implements socket ancillary data on FreeBSD. (#7708) using LOCAL_CREDS_PERSISTENT/SCM_CREDS2 instead so we also get the send process id.
2022-06-02 13:08:03 +00:00
. Added ancillary data support for FreeBSD. (David Carlier)
Implements ancillary data on NetBSD. With the couple LOCAL_CREDS/SCM_CREDS, in this system we get all the infos needed (included the process id). Closes GH-8700.
2022-06-03 19:43:09 +00:00
. Added ancillary data support for NetBSD. (David Carlier)
Add `SO_BPF_EXTENSIONS` flag to socket. Returns the supported bpf extensions from the kernel. Linux only. Closes GH-8713.
2022-06-06 06:18:53 +00:00
. Added SO_BPF_EXTENSIONS socket option. (David Carlier)
Add `SO_SETFIB` FreeBSD socket option constant. Aims to set the route table. Closes #8742.
2022-06-09 20:34:44 +00:00
. Added SO_SETFIB socket option. (David Carlier)
PHP-8.2 is now for PHP 8.2.1-dev and prepare NEWS for 8.2.0
2022-11-08 18:26:35 +00:00
. Added TCP_CONGESTION socket option. (David Carlier)
. Added SO_ZEROCOPY/MSG_ZEROCOPY options. (David Carlier)
. Added SOL_FILTER socket option for Solaris. (David Carlier)
. Fixed socket constants regression as of PHP 8.2.0beta3. (Bruce Dou)
Add TCP_NOTSENT_LOWAT socket option Can be used to limit the amount of unsent data per socket. Closes GH-8559.
2022-05-15 16:43:20 +00:00
Add sodium_crypto_stream_xchacha20_xor_ic() There are many use-cases where a PHP user is currently using sodium_compat's implementation of this low-level XChaCha20 API. For example, multi-part message processing (in low-memory settings) for a ciphertext that was encrypted with XChaCha20-Poly1305 (rather than the secretstream API). Adding this function to ext/sodium offers better performance and lowers users' memory usage with the polyfill, and ensures that users coming from other languages that provide libsodium bindings have a more consistent experience with our bindings. This is a win-win. This patch follows the libsodium precedent of adding functions instead of optional parameters to existing functions. The parameter order is also consistent with the C API. https://doc.libsodium.org/advanced/stream_ciphers/xchacha20#usage Closes GH-8276.
2022-03-30 07:45:47 +00:00
- Sodium:
. Added sodium_crypto_stream_xchacha20_xor_ic(). (Scott)
PHP-8.2 is now for PHP 8.2.1-dev and prepare NEWS for 8.2.0
2022-11-08 18:26:35 +00:00
- SPL:
. Uses safe_erealloc instead of erealloc to handle heap growth
for the SplHeap::insert method to avoid possible overflows. (David Carlier)
. Widen iterator_to_array() and iterator_count()'s $iterator parameter to
iterable. (timwolla)
. Fixed bug #69181 (READ_CSV|DROP_NEW_LINE drops newlines within fields).
(cmb)
. Fixed bug #65069 (GlobIterator incorrect handling of open_basedir check).
(Jakub Zelenka)
Allow user to change SQLITE_DEFENSIVE if needed Closes GH-8200.
2022-03-14 19:09:20 +00:00
- SQLite3:
. Changed sqlite3.defensive from PHP_INI_SYSTEM to PHP_INI_USER. (bohwaz)
Report wireless network interfaces on Windows too There is no particular reason to exclude wireless network interfaces from the results of `net_get_interfaces()` on Windows, especially since `getifaddrs(3)` includes these as well. Closes GH-7718.
2021-12-05 03:59:18 +00:00
- Standard:
. net_get_interfaces() also reports wireless network interfaces on Windows.
(Yurun)
Implement php_handle_avif() using libavifinfo See #80828 and the internals@ mailing list discussion at https://externals.io/message/116543 Use libavifinfo's AvifInfoGetFeaturesStream() in php_handle_avif() to get the width, height, bit depth and channel count from an AVIF payload. Implement stream reading/skipping functions and data struct. Use libavifinfo's AvifInfoIdentifyStream() in php_is_image_avif(). Update the expected features read from "test1pix.avif" in getimagesize.phpt. Closes GH-7711.
2021-12-15 19:00:24 +00:00
. Finished AVIF support in getimagesize(). (Yannis Guyon)
Optimize stripos/stristr Closes GH-7847 Closes GH-7852 Previously stripos/stristr would lowercase both the haystack and the needle to reuse strpos. The approach in this PR is similar to strpos. memchr is highly optimized so we're using it to search for the first character of the needle in the haystack. If we find it we compare the remaining characters of the needle manually. The new implementation seems to perform about half as well as strpos (as two memchr calls are necessary to find the next candidate).
2021-12-29 11:51:18 +00:00
. Fixed bug GH-7847 (stripos with large haystack has bad performance).
(ilutov)
Added: [zend_]memory_reset_peak_usage() (#8151)
2022-03-04 12:24:08 +00:00
. New function memory_reset_peak_usage(). (Patrick Allaert)
Fix parse_url(): can not recognize port without scheme Closes GH-7844.
2021-12-30 13:25:34 +00:00
. Fixed parse_url(): can not recognize port without scheme. (pandaLIU)
PHP-8.2 is now for PHP 8.2.1-dev and prepare NEWS for 8.2.0
2022-11-08 18:26:35 +00:00
. Deprecated utf8_encode() and utf8_decode(). (Rowan Tommins)
. Fixed the crypt_sha256/512 api build with clang > 12. (David Carlier)
. Uses safe_erealloc instead of erealloc to handle options in getopt
to avoid possible overflows. (David Carlier)
. Implemented FR GH-8924 (str_split should return empty array for empty
string). (Michael Vorisek)
. Added ini_parse_quantity function to convert ini quantities shorthand
notation to int. (Dennis Snell)
. Enable arc4random_buf for Linux glibc 2.36 and onwards
for the random_bytes. (Cristian Rodriguez)
. Uses CCRandomGenerateBytes instead of arc4random_buf on macOs. (David Carlier).
. Fixed bug #65489 (glob() basedir check is inconsistent). (Jakub Zelenka)
. Fixed GH-9200 (setcookie has an obsolete expires date format). (Derick)
. Fixed GH-9244 (Segfault with array_multisort + array_shift). (cmb)
. Fixed bug GH-9296 (`ksort` behaves incorrectly on arrays with mixed keys).
(Denis Vaksman)
. Marked crypt()'s $string parameter as #[\SensitiveParameter]. (timwolla)
. Fixed bug GH-9464 (build on older macOs releases). (David Bohman)
. Fixed bug GH-9518 (Disabling IPv6 support disables unrelated constants).
(cmb)
. Revert "Fixed parse_url(): can not recognize port without scheme."
(andypost)
Report wireless network interfaces on Windows too There is no particular reason to exclude wireless network interfaces from the results of `net_get_interfaces()` on Windows, especially since `getifaddrs(3)` includes these as well. Closes GH-7718.
2021-12-05 03:59:18 +00:00
[ci skip] Order NEWS sections alphabetically
2022-05-16 13:30:07 +00:00
- Streams:
. Set IP_BIND_ADDRESS_NO_PORT if available when connecting to remote host.
(Cristian Rodríguez)
Fix stream_wrapper_unregister() resource leak Closes GH-8548 Closes GH-8587
2022-05-19 17:27:14 +00:00
. Fixed bug GH-8548 (stream_wrapper_unregister() leaks memory). (ilutov)
PHP-8.2 is now for PHP 8.2.1-dev and prepare NEWS for 8.2.0
2022-11-08 18:26:35 +00:00
. Discard poll calls on socket when no timeout/non blocking/MSG_DONTWAIT. (Max Kellermann)
. Fixed bug GH-9316 ($http_response_header is wrong for long status line).
(cmb, timwolla)
. Fixed bug GH-9590 (stream_select does not abort upon exception or empty
valid fd set). (Arnaud)
. Fixed bug GH-9653 (file copy between different filesystems). (David Carlier)
. Fixed bug GH-9779 (stream_copy_to_stream fails if dest in append mode).
(Jakub Zelenka)
- Windows:
. Added preliminary support for (cross-)building for ARM64. (Yun Dou)
- XML:
. Added libxml_get_external_entity_loader() function. (Tim Starling)
[ci skip] Order NEWS sections alphabetically
2022-05-16 13:30:07 +00:00
Add ZipArchive::clearError, getStreamIndex and getStreamName methods public function clearError(): void {} public function getStreamIndex(int $index, int $flags = 0) {} public function getStreamName(string $name, int $flags = 0) {} ZipArchive::getStream is kept for BC See https://github.com/pierrejoye/php_zip/issues/20
2021-10-05 14:27:03 +00:00
- Zip:
. add ZipArchive::clearError() method
. add ZipArchive::getStreamName() method
. add ZipArchive::getStreamIndex() method
Build ext/zip as shared library by default on Windows This allows users to use PECL/zip, which is well maintained and often brings new features which are not yet available in ext/zip, as drop-in replacement for the official Windows php-src builds. Closes GH-8549.
2022-05-13 12:59:12 +00:00
. On Windows, the Zip extension is now built as shared library (DLL) by
default. (cmb)
PHP-8.2 is now for PHP 8.2.1-dev and prepare NEWS for 8.2.0
2022-11-08 18:26:35 +00:00
. Implement fseek for zip stream when possible with libzip 1.9.1. (Remi)
Reference in New Issue Copy Permalink