clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-21 18:07:23 +00:00
Code Issues Packages Projects Releases Wiki Activity
67bb06cc9b
php-src/NEWS

2439 lines
88 KiB
Plaintext
Raw Normal View History

remove BOM from NEWS
2015-07-21 14:36:36 +00:00
PHP NEWS
Please add in any changes/bug fixes you've made - we need to keep a details ChangeLog...
1999-07-22 23:54:54 +00:00
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
PHP-7.4 is now 7.4.17-dev
2021-02-16 11:26:47 +00:00
?? ??? 2021, php 7.4.17
Fixed bug #80781 zend_find_array_dim_slow() may throw, make sure to handle this. This backports the code we already use for this on PHP-8.0, and also backports an exception check that makes this easier to catch.
2021-02-22 08:33:23 +00:00
- Core:
. Fixed bug #80781 (Error handler that throws ErrorException infinite loop).
(Nikita)
Fix #75776: Flushing streams with compression filter is broken First, the `bzip2.compress` filter has the same issue as `zlib.deflate` so we port the respective fix[1] to ext/bz2. Second, there is still an issue, if a stream with an attached compression filter is flushed before it is closed, without any writes in between. In that case, the compression is never finalized. We fix this by enforcing a `_php_stream_flush()` with the `closing` flag set in `_php_stream_free()`, whenever a write filter is attached. This call is superfluous for most write filters, but does not hurt, even when it is unnecessary. [1] <http://git.php.net/?p=php-src.git;a=commit;h=20e75329f2adb11dd231852c061926d0e4080929> Closes GH-6703.
2021-02-16 18:36:37 +00:00
. Fixed bug #75776 (Flushing streams with compression filter is broken). (cmb)
Fixed bug #80781 zend_find_array_dim_slow() may throw, make sure to handle this. This backports the code we already use for this on PHP-8.0, and also backports an exception check that makes this easier to catch.
2021-02-22 08:33:23 +00:00
Fix #80763: msgfmt_format() does not accept DateTime references `intl_zval_to_millis()` needs to cater to references. Closes GH-6707.
2021-02-17 13:05:28 +00:00
- Intl:
. Fixed bug #80763 (msgfmt_format() does not accept DateTime references).
(cmb)
Handle incomplete result set metadata more gracefully Rather than segfaulting because sname is missing lateron, report a FAIL here. As this indicates a server bug, the errors is reported as an out of band warning, rather than a client error. This fixes the PHP side of bug #80713.
2021-02-16 14:26:31 +00:00
- MySQLnd:
. Fixed bug #80713 (SegFault when disabling ATTR_EMULATE_PREPARES and
MySQL 8.0). (Nikita)
PHP-7.4 is now 7.4.17-dev
2021-02-16 11:26:47 +00:00
Fix #80774: session_name() problem with backslash Since we do no longer URL decode cookie names[1], we must not URL encode the session name. We need to prevent broken Set-Cookie headers, by rejecting names which contain invalid characters. [1] <http://git.php.net/?p=php-src.git;a=commit;h=6559fe912661ca5ce5f0eeeb591d928451428ed0> Closes GH-6711.
2021-02-19 12:14:26 +00:00
- Session:
. Fixed bug #80774 (session_name() problem with backslash). (cmb)
Fix #80771: phpinfo(INFO_CREDITS) displays nothing in CLI There is no good reason not to show the credits in text based SAPIs, except for brevity. Thus, we suppress the credits from `php -i`. Closes GH-6710.
2021-02-22 11:24:15 +00:00
- Standard:
. Fixed bug #80771 (phpinfo(INFO_CREDITS) displays nothing in CLI). (cmb)
Fixed dates
2021-02-16 11:31:34 +00:00
04 Mar 2021, php 7.4.16
Update NEWS and version
2021-01-19 14:58:38 +00:00
Fix #80706: mail(): Headers after Bcc headers may be ignored We need to handle the case where a CRLF after a Bcc header is not the beginning of a folding marker, because in that case the Bcc header was not the last "thing". Closes GH-6666.
2021-02-04 16:43:53 +00:00
- Core:
. Fixed #80706 (mail(): Headers after Bcc headers may be ignored). (cmb)
Fix #78680: mysqlnd pam plugin missing terminating null The PAM service requires the terminating null to be part of the communication. Tested with MariaDB-10.4(pam) and Percona Server 5.7.32(auth_pam_compat). Also changed MySQL Enterprise test to the server side plugin, authentication_pam as opposed to the client plugin mysql_clear_password. Add additional check for pamtest user and pam service file as all are required for the test. More importantly, test result should actually succeed. Thanks Geoff Montee for bug report. Closes GH-78680.
2021-02-05 05:54:08 +00:00
- MySQLnd:
. Fixed bug #78680 (mysqlnd's mysql_clear_password does not transmit
null-terminated password). (Daniel Black)
Fix #74779: x() and y() truncating floats to integers We must not use the locale dependent `atof()`, but instead use the (hopefully) locale independent `zend_strtod()`, when converting string representations of floating point numbers which are sent by the server. Closes GH-6665.
2021-02-04 13:43:17 +00:00
- MySQLi:
. Fixed bug #74779 (x() and y() truncating floats to integers). (cmb)
NEWS
2021-01-28 15:25:35 +00:00
- OPcache:
. Fixed bug #80682 (opcache doesn't honour pcre.jit option). (Remi)
Fixed bug #80747 If RSA key generation fails, actually report that failure.
2021-02-15 14:33:42 +00:00
- OpenSSL:
. Fixed bug #80747 (Providing RSA key size < 512 generates key that crash
PHP). (Nikita)
Fix #75850: Unclear error message wrt. __halt_compiler() w/o semicolon We add the failure reason to the error message. Closes GH-6638.
2021-01-25 16:12:48 +00:00
- Phar:
. Fixed bug #75850 (Unclear error message wrt. __halt_compiler() w/o
semicolon) (cmb)
Fix #70091: Phar does not mark UTF-8 filenames in ZIP archives The default encoding of filenames in a ZIP archive is IBM Code Page 437. Phar, however, only supports UTF-8 filenames. Therefore we have to mark filenames as being stored in UTF-8 by setting the general purpose bit 11 (the language encoding flag). The effect of not setting this bit for non ASCII filenames can be seen in popular tools like 7-Zip and UnZip, but not when extracting the archives via ext/phar (which is agnostic to the filename encoding), or via ext/zip (which guesses the encoding). Thus we add a somewhat brittle low-level test case. Closes GH-6630.
2021-01-26 15:50:04 +00:00
. Fixed bug #70091 (Phar does not mark UTF-8 filenames in ZIP archives). (cmb)
Fix #53467: Phar cannot compress large archives When Phars are flushed, a new temporary file is created for each entry which should be compressed, and the `compressed_filesize` is retrieved. Afterwards, the Phar manifest is written, and only after that the files are copied to the actual Phar. So for each such entry there is an open temp file, what easily exceeds the limit. Therefore, we use a single temporary file for all entries, and store the start offset in the otherwise unused `header_offset` member. We ensure that the `cfp` members are properly set to NULL even if flushing fails, to avoid use after free scenarios. This solution is based on a suggestion by @lserni[1]. Closes GH-6643. [1] <https://github.com/box-project/box2/issues/80#issuecomment-77147371>
2021-01-26 16:46:32 +00:00
. Fixed bug #53467 (Phar cannot compress large archives). (cmb, lserni)
Fix #75850: Unclear error message wrt. __halt_compiler() w/o semicolon We add the failure reason to the error message. Closes GH-6638.
2021-01-25 16:12:48 +00:00
Fixed bug #80719
2021-02-11 15:12:06 +00:00
- SPL:
. Fixed bug#80719 (Iterating after failed ArrayObject::setIteratorClass()
causes Segmentation fault). (Nikita)
Fix #80654: file_get_contents() maxlen fails above (2**31)-1 bytes We remove the arbitrary restriction to `INT_MAX`; it is superfluous on 32bit systems where `ZEND_LONG_MAX == INT_MAX` anyway, and not useful on 64bit systems, where larger files should be readable, if the `memory_limit` is large enough. Closes GH-6648.
2021-01-28 16:00:16 +00:00
- Standard:
. Fixed bug #80654 (file_get_contents() maxlen fails above (2**31)-1 bytes).
(cmb)
Fix #80648: Fix for bug 79296 should be based on runtime version Instead of checking for actually affected libzip versions, we now always `ZIP_TRUNCATE` empty files unless `ZIP_RDONLY` is set. Closes GH-6625.
2021-01-20 14:24:47 +00:00
- Zip:
. Fixed bug #80648 (Fix for bug 79296 should be based on runtime version).
(cmb, Remi)
Fixed dates
2021-02-16 11:31:34 +00:00
04 Feb 2021, PHP 7.4.15
Prepare for 7.4.15
2020-12-15 14:13:29 +00:00
Fix bug #80523 Don't truncate the file length to unsigned int... I have no idea whether that fully fixes the problem because the process gets OOM killed before finishing, but at least the immediate parse error is gone now.
2020-12-16 09:16:50 +00:00
- Core:
. Fixed bug #80523 (bogus parse error on >4GB source code). (Nikita)
Fix #80384: limit read buffer size In the case of a stream with no filters, php_stream_fill_read_buffer only reads stream->chunk_size into the read buffer. If the stream has filters attached, it could unnecessarily buffer a large amount of data. With this change, php_stream_fill_read_buffer only proceeds until either the requested size or stream->chunk_size is available in the read buffer. Co-authored-by: Christoph M. Becker <cmbecker69@gmx.de> Closes GH-6444.
2020-12-01 23:40:16 +00:00
. Fixed bug #80384 (filter buffers entire read until file closed). (Adam
Seitz, cmb)
Prepare for 7.4.15
2020-12-15 14:13:29 +00:00
Fix #80595: Resetting POSTFIELDS to empty array breaks request This is mainly to work around https://github.com/curl/curl/issues/6455, but not building the mime structure for empty hashtables is a general performance optimization, so we do not restrict it to affected cURL versions (7.56.0 to 7.75.0). The minor change to bug79033.phpt is unexpected, but should not matter in practice. Closes GH-6606.
2021-01-15 13:01:40 +00:00
- Curl:
. Fixed bug #80595 (Resetting POSTFIELDS to empty array breaks request). (cmb)
Fixed bug #80376 (last day of the month causes runway cpu usage)
2020-12-21 10:30:40 +00:00
- Date:
. Fixed bug #80376 (last day of the month causes runway cpu usage. (Derick)
Fixed bug #67983 We need to check the BIT case first, otherwise it will get skipped in INT_AND_FLOAT_NATIVE mode.
2020-12-16 09:52:27 +00:00
- MySQLi:
. Fixed bug #67983 (mysqlnd with MYSQLI_OPT_INT_AND_FLOAT_NATIVE fails to
interpret bit columns). (Nikita)
MySQLnd: Support cursors in store/get result This fixes two related issues: 1. When a PS with cursor is used in store_result/get_result, perform a COM_FETCH with maximum number of rows rather than silently switching to an unbuffered result set (in the case of store_result) or erroring (in the case of get_result). In the future, we might want to make get_result unbuffered for PS with cursors, as using cursors with buffered result sets doesn't really make sense. Unlike store_result, get_result isn't very explicit about what kind of result set is desired. 2. If the client did not request a cursor, but the server reports that a cursor exists, ignore this and treat the PS as if it has no cursor (i.e. to not use COM_FETCH). It appears to be a server side bug that a cursor used inside an SP will be reported to the client, even though the client cannot use the cursor. Fixes bug #64638, bug #72862, bug #77935. Closes GH-6518.
2020-12-16 11:12:06 +00:00
. Fixed bug #64638 (Fetching resultsets from stored procedure with cursor
fails). (Nikita)
. Fixed bug #72862 (segfault using prepared statements on stored procedures
that use a cursor). (Nikita)
. Fixed bug #77935 (Crash in mysqlnd_fetch_stmt_row_cursor when calling an SP
with a cursor). (Nikita)
Fixed bug #67983 We need to check the BIT case first, otherwise it will get skipped in INT_AND_FLOAT_NATIVE mode.
2020-12-16 09:52:27 +00:00
Fix #77565: Incorrect locator detection in ZIP-based phars We must not assume that the first end of central dir signature in a ZIP archive actually designates the end of central directory record, since the data in the archive may contain arbitrary byte patterns. Thus, we better search from the end of the data, what is also slightly more efficient. There is, however, no way to detect the end of central directory signature by searching from the end of the ZIP archive with absolute certainty, since the signature could be part of the trailing comment. To mitigate, we check that the comment length fits to the found position, but that might still not be the correct position in rare cases. Closes GH-6507.
2021-01-05 14:52:38 +00:00
- Phar:
. Fixed bug #77565 (Incorrect locator detection in ZIP-based phars). (cmb)
Fix #69279: Compressed ZIP Phar extractTo() creates garbage files When extracting compressed files from an uncompressed Phar, we must not use the direct file pointer, but rather get an uncompressed file pointer. We also add a test to show that deflated and stored entries are properly extracted. This also fixes #79912, which appears to be a duplicate of #69279. Co-authored-by: Anna Filina <afilina@gmail.com> Closes GH-6599.
2020-12-18 17:05:52 +00:00
. Fixed bug #69279 (Compressed ZIP Phar extractTo() creates garbage files).
(cmb)
Fix #77565: Incorrect locator detection in ZIP-based phars We must not assume that the first end of central dir signature in a ZIP archive actually designates the end of central directory record, since the data in the archive may contain arbitrary byte patterns. Thus, we better search from the end of the data, what is also slightly more efficient. There is, however, no way to detect the end of central directory signature by searching from the end of the ZIP archive with absolute certainty, since the signature could be part of the trailing comment. To mitigate, we check that the comment length fits to the found position, but that might still not be the correct position in rare cases. Closes GH-6507.
2021-01-05 14:52:38 +00:00
Prepare for 7.4.15
2020-12-15 14:13:29 +00:00
07 Jan 2021, PHP 7.4.14
PHP-7.4 is now for 7.4.14
2020-11-10 17:58:21 +00:00
Fix #74558: Can't rebind closure returned by Closure::fromCallable() Failure to rebind such closures is not necessarily related to them being created by `ReflectionFunctionAbstract::getClosure()`, so we fix the error message. Closes GH-6424.
2020-11-12 14:37:51 +00:00
- Core:
. Fixed bug #74558 (Can't rebind closure returned by Closure::fromCallable()).
(cmb)
Fix #80345: PHPIZE configuration has outdated PHP_RELEASE_VERSION We must not redefine the version "constants" for phpize builds, because these have already generated in phpize.js, from where we pass these variables forward to configure.js. We also add `PHP_EXTRA_VERSION` and `PHP_VERSION_STRING` to the files for completeness. Closes GH-6419.
2020-11-10 12:51:40 +00:00
. Fixed bug #80345 (PHPIZE configuration has outdated PHP_RELEASE_VERSION).
(cmb)
Fix #72964: White space not unfolded for CC/Bcc headers `\r\n` does only terminate a header, if not followed by `\t` or ` `. We have to cater to that when determining the end position of the respective headers. Closes GH-6420.
2020-11-10 15:13:54 +00:00
. Fixed bug #72964 (White space not unfolded for CC/Bcc headers). (cmb)
Fixed bug #80362: Running dtrace scripts can cause php to crash Patch by al at coralnet dot name.
2020-11-24 12:00:53 +00:00
. Fixed bug #80362 (Running dtrace scripts can cause php to crash).
(al at coralnet dot name)
Fixed bug #80393 Handle macos versions that don't start with 10.* in libtool. Patch by kir dot morozov at gmail dot com.
2020-11-24 14:26:40 +00:00
. Fixed bug #80393 (Build of PHP extension fails due to configuration gap
with libtool). (kir dot morozov at gmail dot com)
Fix bug #80402: Don't strip -lpthread The current behavior has been introduced 20 years ago in f9e375f493a1aeacbbcc8f2f00880d05b4ba7aaf as part of a larger change. It's not clear to me why special treatement of -lpthread is necessary here.
2020-11-24 11:23:03 +00:00
. Fixed bug #80402 (configure filtering out -lpthread). (Nikita)
Fix #77069: stream filter loses final block of data Reading from a stream may return greater than zero, but nonetheless the stream's EOF flag may have been set. We have to cater to this condition by setting the close flag for filters. We also have to cater to that change in the zlib.inflate filter: If `inflate()` is called with flush mode `Z_FINISH`, but the output buffer is not large enough to inflate all available data, it fails with `Z_BUF_ERROR`. However, `Z_BUF_ERROR` is not fatal; in fact, the zlib manual states: "If deflate returns with Z_OK or Z_BUF_ERROR, this function must be called again with Z_FINISH and more output space (updated avail_out) but no more input data, until it returns with Z_STREAM_END or an error." Hence, we do so. Closes GH-6001.
2020-09-22 14:02:01 +00:00
. Fixed bug #77069 (stream filter loses final block of data). (cmb)
PHP-7.4 is now for 7.4.14
2020-11-10 17:58:21 +00:00
Fix #77961: finfo_open crafted magic parsing SIGABRT libmagic may abort the running process, which is not desirable for PHP; we raise a fatal error instead. Closes GH-6437.
2020-11-23 16:12:46 +00:00
- Fileinfo:
. Fixed bug #77961 (finfo_open crafted magic parsing SIGABRT). (cmb)
Fix bug #69625: FPM returns 200 status on request without SCRIPT_FILENAME
2020-11-28 21:27:53 +00:00
- FPM:
. Fixed bug #69625 (FPM returns 200 status on request without
SCRIPT_FILENAME env). (Jakub Zelenka)
Fixed bug #80425 Rename the methods in MessageFormatAdapter to make sure they don't clash with anything defined by icu itself, which may be a problem if icu is linked statically.
2020-11-27 09:02:00 +00:00
- Intl:
. Fixed bug #80425 (MessageFormatAdapter::getArgTypeList redefined). (Nikita)
Fixed bug #80368 We assume that usually LibreSSL supports everything OpenSSL 1.1 does. In this instance, this is not the case.
2020-11-27 09:57:19 +00:00
- OpenSSL:
. Fixed bug #80368 (OpenSSL extension fails to build against LibreSSL due to
lack of OCB support). (Nikita)
Fix #73809: Phar Zip parse crash - mmap fail Phar signatures practically are of limited size; for the MD5 and SHA hashes the size is fixed (at most 64 bytes for SHA512); for OpenSSL public keys there is no size limit in theory, but "64 KiB ought to be good enough for anybody". So we check for that limit, to avoid fatal errors due to out of memory conditions. Since it is neither possible to have the signature compressed in the ZIP archive, nor is it possible to manually add a signature via Phar, we use ZipArchive to create a suitable archive for the test on the fly. Closes GH-6474.
2020-12-01 13:20:39 +00:00
- Phar:
. Fixed bug #73809 (Phar Zip parse crash - mmap fail). (cmb)
Fix #77322: PharData::addEmptyDir('/') Possible integer overflow `phar_path_check()` already strips a leading slash, so we must not attempt to strip the trailing slash from an now empty directory name. Closes GH-6508.
2020-12-11 15:47:42 +00:00
. Fixed bug #75102 (`PharData` says invalid checksum for valid tar). (cmb)
. Fixed bug #77322 (PharData::addEmptyDir('/') Possible integer overflow).
(cmb)
Fix #73809: Phar Zip parse crash - mmap fail Phar signatures practically are of limited size; for the MD5 and SHA hashes the size is fixed (at most 64 bytes for SHA512); for OpenSSL public keys there is no size limit in theory, but "64 KiB ought to be good enough for anybody". So we check for that limit, to avoid fatal errors due to out of memory conditions. Since it is neither possible to have the signature compressed in the ZIP archive, nor is it possible to manually add a signature via Phar, we use ZipArchive to create a suitable archive for the test on the fly. Closes GH-6474.
2020-12-01 13:20:39 +00:00
Fixed bug #80458 If there is no result set (e.g. for upsert queries), still allow fetching to occur without error, i.e. treat it the same way as an empty result set. This normalizes behavior between native and emulated prepared statements and addresses a regression in PHP 7.4.13.
2020-12-02 21:24:20 +00:00
- PDO MySQL:
. Fixed bug #80458 (PDOStatement::fetchAll() throws for upsert queries).
(Kamil Tekiela)
Fixed bug #63185
2020-12-08 10:30:54 +00:00
. Fixed bug #63185 (nextRowset() ignores MySQL errors with native prepared
statements). (Nikita)
Fixed bug #78154 Handle errors during next_result in exec.
2020-12-09 11:46:47 +00:00
. Fixed bug #78152 (PDO::exec() - Bad error handling with multiple commands).
(Nikita)
Backport fix for bug #70066 Given the number of duplicates this bug report had, it seems worthwhile to fix this on PHP-7.4 as well. Cherry-pick of 106e7e4bca7c0fd975eb219b18e3c34957ba8657.
2020-12-09 16:24:30 +00:00
. Fixed bug #70066 (Unexpected "Cannot execute queries while other unbuffered
queries"). (Nikita)
Fixed bug #71145 Consume any additional result sets when running INIT_COMMAND.
2020-12-10 09:28:10 +00:00
. Fixed bug #71145 (Multiple statements in init command triggers unbuffered
query error). (Nikita)
Fixed bug #76815 When we receive an error while reading a result set, we should assume that no more result sets are available. libmysqlclient implements the same behavior.
2020-12-10 10:21:06 +00:00
. Fixed bug #76815 (PDOStatement cannot be GCed/closeCursor-ed when a
PROCEDURE resultset SIGNAL). (Nikita)
Fixed bug #80458 If there is no result set (e.g. for upsert queries), still allow fetching to occur without error, i.e. treat it the same way as an empty result set. This normalizes behavior between native and emulated prepared statements and addresses a regression in PHP 7.4.13.
2020-12-02 21:24:20 +00:00
Fix #80366: Return Value of zend_fstat() not Checked In the somewhat unlikely case that `zend_fstat()` fails, we must not proceed executing the function, but return `false` instead. Patch based on the patch contributed by sagpant at microsoft dot com. Closes GH-6432.
2020-11-17 13:42:22 +00:00
- Standard:
[ci skip] Update NEWS
2021-01-04 09:46:32 +00:00
. Fixed bug #77423 (FILTER_VALIDATE_URL accepts URLs with invalid userinfo).
(CVE-2020-7071) (cmb)
Fix #80366: Return Value of zend_fstat() not Checked In the somewhat unlikely case that `zend_fstat()` fails, we must not proceed executing the function, but return `false` instead. Patch based on the patch contributed by sagpant at microsoft dot com. Closes GH-6432.
2020-11-17 13:42:22 +00:00
. Fixed bug #80366 (Return Value of zend_fstat() not Checked). (sagpant, cmb)
Fixed bug #80411 References to null-serializations are stored as null, and as such are part of the reference count. Reminds me that we really need to deprecate the mess that is Serializable.
2020-11-25 16:23:42 +00:00
. Fixed bug #80411 (References to null-serialized object break serialize()).
(Nikita)
Fix #80366: Return Value of zend_fstat() not Checked In the somewhat unlikely case that `zend_fstat()` fails, we must not proceed executing the function, but return `false` instead. Patch based on the patch contributed by sagpant at microsoft dot com. Closes GH-6432.
2020-11-17 13:42:22 +00:00
Fix #77594: ob_tidyhandler is never reset We reset to original INI value on request shutdown. Closes GH-6425.
2020-11-14 14:03:58 +00:00
- Tidy:
. Fixed bug #77594 (ob_tidyhandler is never reset). (cmb)
Fix #48725: Support for flushing in zlib stream When `php_zlib_deflate_filter()` is called with `PSFS_FLAG_FLUSH_INC` but without new buckets being available (e.g. because a user calls `rewind()` after writing to the stream), we have to make sure that any pending data are flushed. This could basically be done like in the attached patch[1], but that could cause unnessary flushes, which can be harmful for compression, and adds unnecessary flush markers to the stream. Thus, we use the `php_zlib_filter_data.finished` field, which has not been used for `zlib.deflate` filters, and properly keep track of the need to flush. [1] <https://bugs.php.net/patch-display.php?bug_id=48725&patch=zlib-filter-flush-fix.patch&revision=latest> Closes GH-6019.
2020-08-19 16:19:08 +00:00
- Zlib:
. Fixed #48725 (Support for flushing in zlib stream). (cmb)
PHP-7.4 is now for 7.4.14
2020-11-10 17:58:21 +00:00
26 Nov 2020, PHP 7.4.13
Prepare for 7.4.13
2020-10-13 11:28:58 +00:00
Fix #80280: ADD_EXTENSION_DEP() fails for ext/standard and ext/date `ADD_EXTENSION_DEP()` relies on the `PHP_<extname>` config variables to be set to `"yes"`, and since the standard and date extension are always enabled, we define the respective variables uncoditionally. Closes GH-6383.
2020-10-24 14:08:02 +00:00
- Core:
. Fixed bug #80280 (ADD_EXTENSION_DEP() fails for ext/standard and ext/date).
(cmb)
Fix #80258: Windows Deduplication Enabled, randon permission errors A recent bug fix regarding symlinks claimed: > After resolving reparse points, the path still may be a reparse > point; in that case we have to resolve that reparse point as well. While that is basically correct, some reparse points may point to inaccessible system folders (e.g. `IO_REPARSE_TAG_DEDUP` points to "\System Volume Information"). Since we don't know details about arbitrary reparse points, and are mainly interested in nested symlinks, we take a step back, and only resolve `IO_REPARSE_TAG_SYMLINK` for now. Close GH-6354.
2020-10-19 15:41:58 +00:00
. Fixed bug #80258 (Windows Deduplication Enabled, randon permission errors).
(cmb)
Fix #80280: ADD_EXTENSION_DEP() fails for ext/standard and ext/date `ADD_EXTENSION_DEP()` relies on the `PHP_<extname>` config variables to be set to `"yes"`, and since the standard and date extension are always enabled, we define the respective variables uncoditionally. Closes GH-6383.
2020-10-24 14:08:02 +00:00
Fix #62474: com_event_sink crashes on certain arguments We have to make sure that the variant is of type `VT_DISPATCH` before we access it as such. Closes GH-6372.
2020-10-22 15:50:22 +00:00
- COM:
. Fixed bug #62474 (com_event_sink crashes on certain arguments). (cmb)
Fix #80268: loadHTML() truncates at NUL bytes libxml2 has no particular issues parsing HTML strings with NUL bytes; these just cause truncation of the current text content, but parsing continues generally. Since `::loadHTMLFile()` already supports NUL bytes, `::loadHTML()` should as well. Note that this is different from XML, which does not allow any NUL bytes. Closes GH-6368.
2020-10-23 09:06:30 +00:00
- DOM:
. Fixed bug #80268 (loadHTML() truncates at NUL bytes). (cmb)
Fix #79177: FFI doesn't handle well PHP exceptions within callback We have to error on unhandled exceptions in FFI callbacks, to avoid passing back undefined values. This has been discussed and agreed upon in a previous PR[1]. [1] <https://github.com/php/php-src/pull/5120> Closes GH-6366.
2020-10-28 11:01:28 +00:00
- FFI:
. Fixed bug #79177 (FFI doesn't handle well PHP exceptions within callback).
(cmb, Dmitry, Nikita)
Fix #64076: imap_sort() does not return FALSE on failure If unsupported `$search_criteria` are passed to `imap_sort()`, the function returns an empty array, but there is also an error on the libc-client error stack ("Unknown search criterion: UNSUPPORTED (errflg=2)"). If, on the other hand, unsupported `$criteria` or unsupported `$flags` are passed, the function returns `false`. We solve this inconsistency by returning `false` for unsupported `$search_criteria` as well. Closes GH-6332.
2020-10-13 14:20:55 +00:00
- IMAP:
. Fixed bug #64076 (imap_sort() does not return FALSE on failure). (cmb)
Fix bug 76618 Apply patch which was attached to the bug in July 2018
2020-10-22 16:01:48 +00:00
. Fixed bug #76618 (segfault on imap_reopen). (girgias)
Fix #80239: imap_rfc822_write_address() leaks memory We have to free the address when we're finished with it.
2020-10-15 10:51:10 +00:00
. Fixed bug #80239 (imap_rfc822_write_address() leaks memory). (cmb)
Properly fix #80220 The original fix for that bug[1] broke the formerly working composition of message/rfc822 messages, which results in a segfault when freeing the message body now. While `imap_mail_compose()` does not really support composition of meaningful message/rfc822 messages (although libc-client appears to support that), some code may still use this to compose partial messages, and using string manipulation to create the final message. The point is that libc-client expects `TYPEMESSAGE` with an explicit subtype of `RFC822` to have a `nested.msg` (otherwise there will be a segfault during free), but not to have any `contents.text.data` (this will leak otherwise). [1] <http://git.php.net/?p=php-src.git;a=commit;h=0d022ddf03c5fabaaa22e486d1e4a367ed9170a7> Closes GH-6343.
2020-10-16 09:58:50 +00:00
. Fixed minor regression caused by fixing bug #80220. (cmb)
Fix #80242: imap_mail_compose() segfaults for multipart with rfc822 libc-client expects `TYPEMESSAGE` with an explicit subtype of `RFC822` to have a `nested.msg` (otherwise there will be a segfault during free), but not to have any `contents.text.data` (this will leak otherwise). Closes GH-6345.
2020-10-20 14:38:16 +00:00
. Fixed bug #80242 (imap_mail_compose() segfaults for multipart with rfc822).
(cmb)
Prepare for 7.4.13
2020-10-13 11:28:58 +00:00
[ci skip] Fix NEWS order
2020-10-29 11:15:31 +00:00
- MySQLi:
. Fixed bug #79375 (mysqli_store_result does not report error from lock wait
timeout). (Kamil Tekiela, Nikita)
. Fixed bug #76525 (mysqli::commit does not throw if MYSQLI_REPORT_ERROR
enabled and mysqlnd used). (Kamil Tekiela)
Fix bug #72413: Segfault with get_result and PS cursors We cannot simply switch to use_result here, because the fetch_row methods in get_result mode and in use_result/store_result mode are different: In one case it accepts a statement, in the other a return value zval. Thus, doing a switch to use_result results in a segfault when trying to fetch a row. Actually supporting get_result with cursors would require adding cursor support in mysqlnd_result, not just mysqlnd_ps. That would be a significant amount of effort and, given the age of the issue, does not appear to be particularly likely to happen soon. As such, we simply generate an error when using get_result() with cursors, which is much better than causing a segfault. Instead, parameter binding needs to be used.
2020-09-17 11:35:26 +00:00
. Fixed bug #72413 (mysqlnd segfault (fetch_row second parameter
typemismatch)). (Kamil Tekiela)
[ci skip] Fix NEWS order
2020-10-29 11:15:31 +00:00
Fix #44618: Fetching may rely on uninitialized data Unless `SQLGetData()` returns `SQL_SUCCESS` or `SQL_SUCCESS_WITH_INFO`, the `StrLen_or_IndPtr` output argument is not guaranteed to be properly set. Thus we handle retrieval failure other than `SQL_ERROR` by yielding `false` for those column values and raising a warning. Closes GH-6281.
2020-10-29 10:52:10 +00:00
- ODBC:
. Fixed bug #44618 (Fetching may rely on uninitialized data). (cmb)
Fix bug #79643: Invalid memory read when opcache.interned_strings_buffer is 0
2020-06-09 06:55:36 +00:00
- Opcache:
. Fixed bug #79643 (PHP with Opcache crashes when a file with specific name
is included). (twosee)
Fixed run-time binding of preloaded dynamically declared function
2020-10-28 10:50:14 +00:00
. Fixed run-time binding of preloaded dynamically declared function. (Dmitry)
Fix bug #79643: Invalid memory read when opcache.interned_strings_buffer is 0
2020-06-09 06:55:36 +00:00
Fix bug #79983: Add support for OCB mode OCB mode ciphers were already exposed to openssl_encrypt/decrypt, but misbehaved, because they were not treated as AEAD ciphers. From that perspective, OCB should be treated the same way as GCM. In OpenSSL 1.1 the necessary controls were unified under EVP_CTRL_AEAD_* (and OCB is only supported since OpenSSL 1.1). Closes GH-6337.
2020-10-14 11:03:03 +00:00
- OpenSSL:
. Fixed bug #79983 (openssl_encrypt / openssl_decrypt fail with OCB mode).
(Nikita)
Fixed bug #66528 Report errors in commit, rollback and autocommit handlers.
2020-10-28 10:58:07 +00:00
- PDO MySQL:
. Fixed bug #66528 (No PDOException or errorCode if database becomes
unavailable before PDO::commit). (Nikita)
Fixed bug #65825 Set error_info when we fail to read a packet, instead of throwing a warning. Additionally we also need to populate the right error_info in rowp_read -- we'll later take the error from the packet, not the connection. No test case, as this is hard to reliably test. I'm using the test case from: https://github.com/php/php-src/pull/2131#issuecomment-538374838
2020-10-28 16:12:35 +00:00
. Fixed bug #65825 (PDOStatement::fetch() does not throw exception on broken
server connection). (Nikita)
Fix bug #79375 Make sure deadlock errors are properly propagated and reports in a number of places in mysqli and PDO MySQL. This also fixes a memory and a segfault that can occur under these conditions.
2020-09-20 15:32:47 +00:00
Fix #70461: disable md5 code when it is not supported in net-snmp Patch contributed by Alexander Bergmann. Closes GH-6389.
2020-10-28 14:30:49 +00:00
- SNMP:
. Fixed bug #70461 (disable md5 code when it is not supported in net-snmp).
(Alexander Bergmann, cmb)
Fix #80266: parse_url silently drops port number 0 As of commit 81b2f3e[1], `parse_url()` accepts URLs with a zero port, but does not report that port, what is wrong in hindsight. Since the port number is stored as `unsigned short` there is no way to distinguish between port zero and no port. For BC reasons, we thus introduce `parse_url_ex2()` which accepts an output parameter that allows that distinction, and use the new function to fix the behavior. The introduction of `parse_url_ex2()` has been suggested by Nikita. [1] <http://git.php.net/?p=php-src.git;a=commit;h=81b2f3e5d9fcdffd87a4fcd12bd8c708a97091e1> Closes GH-6399.
2020-11-04 10:34:10 +00:00
- Standard:
. Fixed bug #80266 (parse_url silently drops port number 0). (cmb, Nikita)
Prepare for 7.4.13
2020-10-13 11:28:58 +00:00
29 Oct 2020, PHP 7.4.12
The next release here will be 7.4.12
2020-09-15 08:36:57 +00:00
Fix mmap copying Instead of attempting to map large files into memory at once, we map chunks of at most `PHP_STREAM_MMAP_MAX` bytes, and repeat that until we hit the point where `php_stream_seek()` fails (see bug 54902), and copy the rest of the file by reading and writing small chunks. We also fix the mapping behavior for zero bytes on Windows, which did not error (as with `mmap()`), but would have mapped the remaining file.
2020-09-21 11:57:05 +00:00
- Core:
. Fixed bug #80061 (Copying large files may have suboptimal performance).
(cmb)
Fix #79423: copy command is limited to size of file it can copy Passing `NULL` as `lpFileSizeHigh` to `GetFileSize()` gives wrong results for files larger than 0xFFFFFFFF bytes. We fix this by using `GetFileSizeEx()`, and let the mapping fail, if the file size is too large for the architecture. Closes GH-5319.
2020-09-09 17:21:41 +00:00
. Fixed bug #79423 (copy command is limited to size of file it can copy).
(cmb)
Fix bug #80126 When performing an unlinked instanceof, we also need to consider interfaces of parent classes, as they may not have been inherited yet.
2020-10-06 14:30:58 +00:00
. Fixed bug #80126 (Covariant return types failing compilation). (Nikita)
Fixed bug #80186 Early exit in FE_RESET if get_properties() returns empty array, as we cannot add HT iterators to zend_empty_array.
2020-10-09 14:56:08 +00:00
. Fixed bug #80186 (Segfault when iterating over FFI object). (Nikita)
Fix mmap copying Instead of attempting to map large files into memory at once, we map chunks of at most `PHP_STREAM_MMAP_MAX` bytes, and repeat that until we hit the point where `php_stream_seek()` fails (see bug 54902), and copy the rest of the file by reading and writing small chunks. We also fix the mapping behavior for zero bytes on Windows, which did not error (as with `mmap()`), but would have mapped the remaining file.
2020-09-21 11:57:05 +00:00
Fix #80185: jdtounix() fails after 2037 There is no such thing as the "end of the unix epoch", and if it was, it would certainly not be 2037-10-11T02:00:00. There is, however, potential integer overflow which we need to avoid. Closes GH-6288.
2020-10-07 08:38:30 +00:00
- Calendar:
. Fixed bug #80185 (jdtounix() fails after 2037). (cmb)
Fix #80213: imap_mail_compose() segfaults on certain $bodies We have to cater to non-associative arrays where the key may be `NULL`; we just skip these elements. Closes GH-6315.
2020-10-10 12:09:07 +00:00
- IMAP:
. Fixed bug #80213 (imap_mail_compose() segfaults on certain $bodies). (cmb)
Fix #80215: imap_mail_compose() may modify by-val parameters We separate the input arrays and all sub-arrays to avoid modification of the passed parameters. This should be rewritten to use `zend_string`s for the "master" branch. Closes GH-6316.
2020-10-10 15:16:41 +00:00
. Fixed bug #80215 (imap_mail_compose() may modify by-val parameters). (cmb)
Fix #80220: imap_mail_compose() may leak memory Unless `topbod` is of `TYPEMULTIPART`, `mail_free_body()` does not free the `nested.part`; while we could do this ourselves, instead we just ignore additional bodies in this case, i.e. we don't attach them in the first place. Closes GH-6321.
2020-10-12 08:36:18 +00:00
. Fixed bug #80220 (imap_mail_compose() may leak memory). (cmb)
Fix #80223: imap_mail_compose() leaks envelope on malformed bodies We have to clean up even on failure. Closes GH-6322.
2020-10-12 11:26:38 +00:00
. Fixed bug #80223 (imap_mail_compose() leaks envelope on malformed bodies).
(cmb)
Fix #80216: imap_mail_compose() does not validate types/encodings We need to check whether the given `type`s and `encoding`s are within bounds to avoid segfaults and out-of-bound reads. Closes GH-6323.
2020-10-12 12:04:18 +00:00
. Fixed bug #80216 (imap_mail_compose() does not validate types/encodings).
(cmb)
Fix #80226: imap_sort() leaks sortpgm memory We need to free what we have allocated. Closes GH-6327.
2020-10-12 16:06:53 +00:00
. Fixed bug #80226 (imap_sort() leaks sortpgm memory). (cmb)
Fix #80213: imap_mail_compose() segfaults on certain $bodies We have to cater to non-associative arrays where the key may be `NULL`; we just skip these elements. Closes GH-6315.
2020-10-10 12:09:07 +00:00
Fix #80115: mysqlnd.debug doesn't recognize absolute paths with slashes
2020-09-17 10:37:02 +00:00
- MySQLnd:
. Fixed bug #80115 (mysqlnd.debug doesn't recognize absolute paths with
slashes). (cmb)
Fix bug #80107: Handling of large compressed packets There's two layers of packet splitting going on. First, packets need to be split into having a payload of exactly 2^24-1 bytes or being the last packet. If the split packet has size between 2^24-5 and 2^24-1 bytes, the compressed packets also needs to be split, though the choice of split doesn't matter here. I'm splitting off the first 8192 bytes, as that's what I observe libmysqlclient to be doing.
2020-09-16 14:18:29 +00:00
. Fixed bug #80107 (mysqli_query() fails for ~16 MB long query when
compression is enabled). (Nikita)
Fix #80115: mysqlnd.debug doesn't recognize absolute paths with slashes
2020-09-17 10:37:02 +00:00
Fix #78470: odbc_specialcolumns() no longer accepts $nullable It is mandatory to pass either `SQL_NO_NULLS` or `SQL_NULLABLE` as tenth parameter to `SQLSpecialColumns()`; otherwise the function call fails. Therefore the user must be allowed to pass the desired value as parameter to `odbc_specialcolumns()` again. Closes GH-6200.
2020-09-24 08:30:41 +00:00
- ODBC:
. Fixed bug #78470 (odbc_specialcolumns() no longer accepts $nullable). (cmb)
Fix #80147: BINARY strings may not be properly zero-terminated We have to manually ensure that all strings fetched from a data source are zero-terminated. Closes GH-6213.
2020-09-25 09:25:02 +00:00
. Fixed bug #80147 (BINARY strings may not be properly zero-terminated).
(cmb)
Fix #80150: Failure to fetch error message In case of statement related errors, we need to pass the respective statement handle to `SQLError()`. Closes GH-6217.
2020-09-25 15:27:41 +00:00
. Fixed bug #80150 (Failure to fetch error message). (cmb)
Fix #80152: odbc_execute() moves internal pointer of $params As least intrusive fix, we separate the passed array argument. Closes GH-6219.
2020-09-26 11:14:40 +00:00
. Fixed bug #80152 (odbc_execute() moves internal pointer of $params). (cmb)
Fix #46050: odbc_next_result corrupts prepared resource When resetting the result's values, we also have to reset its numcols.
2020-10-05 15:46:37 +00:00
. Fixed bug #46050 (odbc_next_result corrupts prepared resource). (cmb)
Fix #78470: odbc_specialcolumns() no longer accepts $nullable It is mandatory to pass either `SQL_NO_NULLS` or `SQL_NULLABLE` as tenth parameter to `SQLSpecialColumns()`; otherwise the function call fails. Therefore the user must be allowed to pass the desired value as parameter to `odbc_specialcolumns()` again. Closes GH-6200.
2020-09-24 08:30:41 +00:00
Fixed bug #80083 Add db2_execute() to the list of functions accessing the local scope. Ideally the API wouldn't do that, but it seems most pragmatic to address this on the opcache side at this point.
2020-09-17 08:12:10 +00:00
- OPcache:
. Fixed bug #80083 (Optimizer pass 6 removes variables used for ibm_db2 data
binding). (Nikita)
Fixed bug #80194 We should strip NOPs from unreachable_free blocks as well, to make sure that the free really is the first op.
2020-10-07 13:03:12 +00:00
. Fixed bug #80194 (Assertion failure during block assembly of unreachable
free with leading nop). (Nikita)
The next release here will be 7.4.12
2020-09-15 08:36:57 +00:00
Update to PCRE2 10.35 We also backport the fix for bug #79846, and add a test case for the related bug #79363.
2020-09-17 11:44:42 +00:00
- PCRE:
. Updated to PCRE 10.35. (cmb)
Fix #80118: Erroneous whitespace match with JIT only We backport r1273[1] from PCRE2. [1] <https://vcs.pcre.org/pcre2?revision=1273&view=revision> Closes GH-6165.
2020-09-19 10:37:57 +00:00
. Fixed bug #80118 (Erroneous whitespace match with JIT only). (cmb)
Update to PCRE2 10.35 We also backport the fix for bug #79846, and add a test case for the related bug #79363.
2020-09-17 11:44:42 +00:00
Fix #67465: NULL Pointer dereference in odbc_handle_preparer We have to initialize `stmt->driver_data` before we use it. Closes GH-6225.
2020-09-28 15:05:17 +00:00
- PDO_ODBC:
. Fixed bug #67465 (NULL Pointer dereference in odbc_handle_preparer). (cmb)
Fix #80114: parse_url does not accept URLs with port 0 URIs with a 0 port are generally valid, so `parse_url()` should recognize such URIs, but still report the port as missing. Co-authored-by: twosee <twose@qq.com> Closes GH-6152.
2020-09-20 11:45:09 +00:00
- Standard:
. Fixed bug #80114 (parse_url does not accept URLs with port 0). (cmb, twosee)
Fix #76943: Inconsistent stream_wrapper_restore() errors If restoring of any not registered built-in wrapper is requested, the function is supposed to fail with a warning, so we have to check this condition first. Furthermore, to be able to detect whether a built-in wrapper has been changed, it is not sufficient to check whether *any* userland wrapper has been registered, but rather whether the specific wrapper has been modified. Closes GH-6183.
2020-09-22 11:01:32 +00:00
. Fixed bug #76943 (Inconsistent stream_wrapper_restore() errors). (cmb)
Fix #76735: Incorrect message in fopen on invalid mode We have to log errors in `stream_opener` callbacks to the wrapper's error log, because otherwise we may pick up an unrelated `errno` or a most generic message. Closes GH-6187.
2020-09-22 16:57:21 +00:00
. Fixed bug #76735 (Incorrect message in fopen on invalid mode). (cmb)
Fix #80114: parse_url does not accept URLs with port 0 URIs with a 0 port are generally valid, so `parse_url()` should recognize such URIs, but still report the port as missing. Co-authored-by: twosee <twose@qq.com> Closes GH-6152.
2020-09-20 11:45:09 +00:00
Fix #77040: tidyNode::isHtml() is completely broken The documentation of `tidyNode::isHtml()` states that this method "checks if a node is part of a HTML document". That is, of course, nonsense, since a tidyNode is "an HTML node in an HTML file, as detected by tidy." What this method is actually supposed to do is to check whether a node is an element (unless it is the root element). This has been broken by commit d8eeb8e[1], which assumed that `enum TidyNodeType` would represent flags of a bitmask, what it does not. [1] <http://git.php.net/?p=php-src.git;a=commit;h=d8eeb8e28673236bca3f066ded75037a5bdf6378> Closes GH-6290.
2020-10-07 10:45:43 +00:00
- Tidy:
. Fixed bug #77040 (tidyNode::isHtml() is completely broken). (cmb)
The next release here will be 7.4.12
2020-09-15 08:36:57 +00:00
01 Oct 2020, PHP 7.4.11
Prepare for 7.4.11
2020-08-18 07:06:20 +00:00
Fix #79979: passing value to by-ref param via CUFA crashes If a by-val send is not allowed, we must not do so. Instead we wrap the value in a temporary reference. Closes GH-6000
2020-08-24 09:47:31 +00:00
- Core:
. Fixed bug #79979 (passing value to by-ref param via CUFA crashes). (cmb,
Nikita)
Fix bug #80037 If we're accessing an uninitialized typed property and __get is defined, don't perform a read_property callback, as __get is supposed to have no effect on uninitialized typed properties. Usually it doesn't, but by-reference assignments cannot be performed through read_property. I'm deleting the test for bug #80039 again, as it doesn't really make sense anymore with this fix.
2020-08-31 10:17:00 +00:00
. Fixed bug #80037 (Typed property must not be accessed before initialization
when __get() declared). (Nikita)
Fix #80048: Bug #69100 has not been fixed for Windows We fix the erroneous length calculation on Windows, too. Closes GH-6067.
2020-09-03 12:27:45 +00:00
. Fixed bug #80048 (Bug #69100 has not been fixed for Windows). (cmb)
Fixed bug #80049 Type checking may convert to refcounted values, so force freeing of extra args.
2020-09-03 15:10:34 +00:00
. Fixed bug #80049 (Memleak when coercing integers to string via variadic
argument). (Nikita)
[ci skip] Add 7.4.11 security fixes to NEWS
2020-09-29 17:13:38 +00:00
. Fixed bug #79699 (PHP parses encoded cookie names so malicious `__Host-`
cookies can be sent). (CVE-2020-7070) (Stas)
Fix #79979: passing value to by-ref param via CUFA crashes If a by-val send is not allowed, we must not do so. Instead we wrap the value in a temporary reference. Closes GH-6000
2020-08-24 09:47:31 +00:00
Fix #80007: Potential type confusion in unixtojd() parameter parsing Also it fixes test on 32-bit armv7 and x86 - Test unixtojd() function : error conditions [ext/calendar/tests/unixtojd_error1.phpt] Closes GH-6033
2020-08-21 23:44:48 +00:00
- Calendar:
. Fixed bug #80007 (Potential type confusion in unixtojd() parameter parsing).
(Andy Postnikov)
Prepare for 7.4.11
2020-08-18 07:06:20 +00:00
Fix #64130: COM obj parameters passed by reference are not updated `ITypeInfo_GetIDsOfNames()` is supposed to fail with `E_NOTIMPL` for out-of-process servers, thus we should not remove the already available typeinfo of the object in this case. We also properly free the `byref_vals`.
2020-08-26 12:45:13 +00:00
- COM:
. Fixed bug #64130 (COM obj parameters passed by reference are not updated).
(cmb)
Fix #80002: calc free space for new interned string is wrong We need to calculate the free size in bytes. Patch contributed by t-matsuno. Closes GH-6024
2020-08-20 09:20:03 +00:00
- OPcache:
. Fixed bug #80002 (calc free space for new interned string is wrong).
(t-matsuno)
Fixed bug #80046 We already protect against optimizing away loop frees in DFA pass, but not in block pass.
2020-09-03 09:16:50 +00:00
. Fixed bug #80046 (FREE for SWITCH_STRING optimized away). (Nikita)
Fix #79825: opcache.file_cache causes SIGSEGV with custom opcode handlers Modules may have changed after restart which can cause dangling pointers from custom opcode handlers in the second-level cache files. This fix includes the installed module names and versions in the accel_system_id hash as entropy. Closes GH-5836
2020-07-10 17:20:40 +00:00
. Fixed bug #79825 (opcache.file_cache causes SIGSEGV when custom opcode
handlers changed). (SammyK)
Fix #80002: calc free space for new interned string is wrong We need to calculate the free size in bytes. Patch contributed by t-matsuno. Closes GH-6024
2020-08-20 09:20:03 +00:00
[ci skip] Add 7.4.11 security fixes to NEWS
2020-09-29 17:13:38 +00:00
- OpenSSL:
. Fixed bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12
bytes IV). (CVE-2020-7069) (Jakub Zelenka)
Fix #80027 Terrible performance using $query->fetch on queries with many bind parameters Added new flags that allow skipping param_evt(s) that are not used by drivers, in a backwards and forward compatible manner. Updated the pgsql, mysql, sqlite and oci drivers to properly use the new flags. I've left out pdo_dblib, which doesn't have a param_hook, and pdo_firebird, which seems to be using PARAM_EVT_NORMALIZE in a wrong context (param type vs event type).
2020-08-31 08:45:36 +00:00
- PDO:
. Fixed bug #80027 (Terrible performance using $query->fetch on queries with
[ci skip] moved soap fix to 7.4.11 When committing I didn't notice that version had been just bumped
2020-10-02 07:33:50 +00:00
many bind parameters). (Matteo)
- SOAP:
. Fixed bug #47021 (SoapClient stumbles over WSDL delivered with
"Transfer-Encoding: chunked"). (Matteo)
Fix #80027 Terrible performance using $query->fetch on queries with many bind parameters Added new flags that allow skipping param_evt(s) that are not used by drivers, in a backwards and forward compatible manner. Updated the pgsql, mysql, sqlite and oci drivers to properly use the new flags. I've left out pdo_dblib, which doesn't have a param_hook, and pdo_firebird, which seems to be using PARAM_EVT_NORMALIZE in a wrong context (param type vs event type).
2020-08-31 08:45:36 +00:00
Fix #79986: str_ireplace bug with diacritics characters `tolower()` returns an `int`, so we must not convert to `char` which may be `signed` and as such may be subject to overflow (actually, implementation defined behavior). Closes GH-6007
2020-08-18 11:24:17 +00:00
- Standard:
. Fixed bug #79986 (str_ireplace bug with diacritics characters). (cmb)
Fixed bug #80077 Quoting from the bug report: > The domain names passed to getmxrr() do not contain a trailing dot. > DNS lookups which do not find records will (depending on the local > resolver config) try again by adding the local domain to the end of > the searched host/domain. In many environments there's an mx record > for any subdomain of the local domain and the MX query will return > a hit. But the test expects no hit. So the test fails when checking > that "qa.php.net" does not have an MX record in DNS. In our local > environment the resolver falls back to also check qa.php.net.kippdata.de > which does have an MX record. Using "qa.php.net." instead of "qa.php.net" > should fix this for everyone.
2020-09-08 07:58:35 +00:00
. Fixed bug #80077 (getmxrr test bug). (Rainer Jung)
Fix #72941: Modifying bucket->data by-ref has no effect any longer To match the PHP 5 behavior, we have to explicitly cater to `buffer` or `data` being references. Closes GH-6096.
2020-09-08 13:09:30 +00:00
. Fixed bug #72941 (Modifying bucket->data by-ref has no effect any longer).
(cmb)
Fix #80067: Omitting the port in bindto setting errors A recent commit[1] which fixed a memory leak introduced a regression regarding the formerly liberal handling of IP addresses to bind to. We fix this by reverting that commit, and fix the memory leak where it actually occurs. In other words, this fix is less intrusive than the former fix. [1] <http://git.php.net/?p=php-src.git;a=commit;h=0b8c83f5936581942715d14883cdebddc18bad30> Closes GH-6104.
2020-09-09 12:28:55 +00:00
. Fixed bug #80067 (Omitting the port in bindto setting errors). (cmb)
Fix #79986: str_ireplace bug with diacritics characters `tolower()` returns an `int`, so we must not convert to `char` which may be `signed` and as such may be subject to overflow (actually, implementation defined behavior). Closes GH-6007
2020-08-18 11:24:17 +00:00
Prepare for 7.4.11
2020-08-18 07:06:20 +00:00
03 Sep 2020, PHP 7.4.10
Prepare for 7.4.10
2020-07-21 08:23:51 +00:00
Fix #79884: PHP_CONFIG_FILE_PATH is meaningless It does not make sense to make assumptions about `PHP_CONFIG_FILE_PATH` during build time, since that value is never used during run time on Windows. Since there is no `--with-config-file-path` on Windows either, we define `PHP_CONFIG_FILE_PATH` as `""`.
2020-07-22 08:48:15 +00:00
- Core:
. Fixed bug #79884 (PHP_CONFIG_FILE_PATH is meaningless). (cmb)
Fix #77932: File extensions are case-sensitive The file extension to mime type mapping *must* not depend on the file extension's case for case-insensitive file systems, and *should* not for case-sensitive file systems.
2020-07-27 08:13:52 +00:00
. Fixed bug #77932 (File extensions are case-sensitive). (cmb)
Fix #79806: realpath() erroneously resolves link to link After resolving reparse points, the path still may be a reparse point; in that case we have to resolve that reparse point as well.
2020-07-28 09:22:57 +00:00
. Fixed bug #79806 (realpath() erroneously resolves link to link). (cmb)
Fix #79895: support = in PHP_CHECK_GCC_ARG m4 macro Closes GH-5890.
2020-07-24 20:46:11 +00:00
. Fixed bug #79895 (PHP_CHECK_GCC_ARG does not allow flags with equal sign).
(Santiago M. Mola)
Fix #79919: Stack use-after-scope in define() Instead of the temporary `rv`, we use the `val_free` which is there for this purpose.
2020-07-31 07:12:22 +00:00
. Fixed bug #79919 (Stack use-after-scope in define()). (cmb)
Fix #79934: CRLF-only line in heredoc causes parsing error Fixes the function `next_newline()` in zend_language_scanner.l. The function now correctly returns a newline_len of 2 for "\r\n". Closes GH-5944.
2020-08-05 18:21:26 +00:00
. Fixed bug #79934 (CRLF-only line in heredoc causes parsing error).
(Pieter van den Ham)
Fixed bug #79947 Move the FREE_OP for op_data out of the zend_binary_assign_op_dim_slow() slow path, so it can be used by the other error path as well. This makes ASSIGN_DIM_OP structurally more similar to ASSIGN_DIM.
2020-08-10 08:08:31 +00:00
. Fixed bug #79947 (Memory leak on invalid offset type in compound
assignment). (Nikita)
Fix #79884: PHP_CONFIG_FILE_PATH is meaningless It does not make sense to make assumptions about `PHP_CONFIG_FILE_PATH` during build time, since that value is never used during run time on Windows. Since there is no `--with-config-file-path` on Windows either, we define `PHP_CONFIG_FILE_PATH` as `""`.
2020-07-22 08:48:15 +00:00
Fix #48585: com_load_typelib holds reference, fails on second call Whether the type library is cached is actually irrelevant here; what matters is that the symbols are imported, and since these are not cached, we have to import them for every request. And we cannot cache the symbols, because the import depends on the current codepage, but the codepage is a `PHP_INI_ALL` setting.
2020-08-04 16:25:50 +00:00
- COM:
. Fixed bug #48585 (com_load_typelib holds reference, fails on second call).
(cmb)
Fix bug #75785 by attempt switching endianness on Maker's Note Different manufacturer models may come with a different endianness (motorola/intel) format. In order to avoid a big refactor and a gigantic lookup table, this commit simply attempts to switch the endianness and proceed when values are acceptable. Closes GH-5849.
2020-07-12 19:53:52 +00:00
- Exif:
. Fixed bug #75785 (Many errors from exif_read_data).
(Níckolas Daniel da Silva)
Fix bug #70574: Move files to proper locale dir Closes GH-5940.
2020-08-05 11:33:52 +00:00
- Gettext:
. Fixed bug #70574 (Tests fail due to relying on Linux fallback behavior for
gettext()). (Florian Engelhardt)
Updated NEWS
2020-07-28 08:28:31 +00:00
- LDAP:
. Fixed memory leaks. (ptomulik)
Fix #73060: php failed with error after temp folder cleaned up Instead of storing the mapping base address and the address of `execute_ex()` in a separate file in the temporary folder, we store them right at the beginning of the memory mapping.
2020-07-29 13:11:04 +00:00
- OPcache:
. Fixed bug #73060 (php failed with error after temp folder cleaned up).
(cmb)
Fixed bug #79917 op_arrays can be shared on two levels: Either the op_array is completely shared, or it is distinct but shares all members (apart from static_variables). The the op_array is distinct, we need to make sure to properly initialize the MAP_PTR structures.
2020-08-11 12:42:13 +00:00
. Fixed bug #79917 (File cache segfault with a static variable in inherited
method). (Nikita)
Fix #73060: php failed with error after temp folder cleaned up Instead of storing the mapping base address and the address of `execute_ex()` in a separate file in the temporary folder, we store them right at the beginning of the memory mapping.
2020-07-29 13:11:04 +00:00
Fix #64705 errorInfo property of PDOException is null when PDO::__construct() fails PDO driver constructors are throwing PdoException without setting errorInfo, so create a new reusable function that throws exceptions for PDO and will also set the errorInfo. Use this function in pdo_mysql, pdo_sqlite, and pdo_pgsql.
2019-02-17 21:59:00 +00:00
- PDO:
. Fixed bug #64705 (errorInfo property of PDOException is null when
PDO::__construct() fails). (Ahmed Abdou)
Fixed bug #79724
2020-08-13 09:45:05 +00:00
- Session:
. Fixed bug #79724 (Return type does not match in ext/session/mod_mm.c).
(Nikita)
Fixed bug #79930 We're inserting src_zval, so that's what we should addref.
2020-08-05 13:41:42 +00:00
- Standard:
. Fixed bug #79930 (array_merge_recursive() crashes when called with array
with single reference). (Nikita)
Fix bug #79944 Only return true from dns_get_mx if we actually found any MX record.
2020-08-10 14:53:31 +00:00
. Fixed bug #79944 (getmxrr always returns true on Alpine linux). (Nikita)
Fixed bug #79951 One branch did not release tmp_replace_entry_str. Also reduce the scope of some variables.
2020-08-11 08:33:59 +00:00
. Fixed bug #79951 (Memory leak in str_replace of empty string). (Nikita)
Fixed bug #79930 We're inserting src_zval, so that's what we should addref.
2020-08-05 13:41:42 +00:00
Fix #79922: Crash after multiple calls to xml_parser_free() We must not call `zend_list_delete()` in resource closer functions exposed to userland, because decreasing the refcount there leads to use-after-free scenarios. In this case, commit 4a42fbb worked for typical use-cases where `xml_parser_free()` has been called exactly once for the resource, because there is an internal zval (`->index`) referencing the same resource which already increased the refcount by one. However, when `xml_parser_free()` is called multiple times on the same XML parser resource, the resource would be freed prematurely. Instead we forcefully close the resource in `xml_parser_free()`. We also could decrease the refcount of the resource there, but that would require to call `xml_parser_free()` which is somewhat uncommon, and would be particularly bad wrt. PHP 8 where that function is a NOP, and as such doesn't have to be called. So we do no longer increase the refcount of the resource when copying it to the internal zval, and let the usualy refcounting semantics take care of the resource destruction. [1] <http://git.php.net/?p=php-src.git;a=commit;h=4a42fbbbc73aad7427aef5c89974d1833636e082>
2020-08-10 08:40:31 +00:00
- XML:
. Fixed bug #79922 (Crash after multiple calls to xml_parser_free()). (cmb)
Prepare for 7.4.10
2020-07-21 08:23:51 +00:00
06 Aug 2020, PHP 7.4.9
7.3 is now 7.3.21-dev
2020-06-23 08:29:42 +00:00
Fixed bug #79030 Use usec from apache request time Don't unnecessarily truncate to milliseconds. Closes GH-5760.
2020-06-24 07:44:35 +00:00
- Apache:
. Fixed bug #79030 (Upgrade apache2handler's php_apache_sapi_get_request_time
to return usec). (Herbert256)
Fix #63208: BSTR to PHP string conversion not binary safe A `BSTR` is similar to a `zend_string`; it stores the length of the string just before the actual string, and thus the string may contain NUL bytes. However, `php_com_olestring_to_string()` is supposed to deal with arbitrary `OLECHAR*`s which may not be `BSTR`s, so we introduce `php_com_bstr_to_string()` and use it for the only case where we actually have to deal with `BSTR`s which may contain NUL bytes. Contrary to `php_com_olestring_to_string()` we return a `zend_string`, so we can save the re-allocation when converting to a `zval`. We also cater to `php_com_string_to_olestring()` not being binary safe, with basically the same fix we did for `php_com_olestring_to_string()`.
2020-06-29 15:38:14 +00:00
- COM:
. Fixed bug #63208 (BSTR to PHP string conversion not binary safe). (cmb)
Fix #63527: DCOM does not work with Username, Password parameter We must not mix multibyte and wide character strings in the `COAUTHIDENTITY` structure. Using wide character strings throughout would have the advantage that the remote connection can be established regardless of the code page of the server, but that would more likely break BC, so we just drop the wide character string conversion of the username.
2020-07-10 13:43:32 +00:00
. Fixed bug #63527 (DCOM does not work with Username, Password parameter).
(cmb)
Merge branch 'PHP-7.3' into PHP-7.4 * PHP-7.3: Fix #63208: BSTR to PHP string conversion not binary safe
2020-06-29 17:05:37 +00:00
Fixed bug #79740
2020-06-26 08:31:55 +00:00
- Core:
[ci skip] Add missing NEWS entries
2020-08-03 09:08:31 +00:00
. Fixed bug #79877 (getimagesize function silently truncates after a null
byte) (cmb)
Fixed bug #79740
2020-06-26 08:31:55 +00:00
. Fixed bug #79740 (serialize() and unserialize() methods can not be called
statically). (Nikita)
Merge branch 'PHP-7.3' into PHP-7.4 * PHP-7.3: Fixed bug #79778
2020-07-07 08:20:11 +00:00
. Fixed bug #79783 (Segfault in php_str_replace_common). (Nikita)
Fixed bug #79778 In the interest of avoiding side-effects during dumping, I'm replacing the value with a <constant ast> string instead of performing an update constant operation.
2020-07-07 08:11:34 +00:00
. Fixed bug #79778 (Assertion failure if dumping closure with unresolved
static variable). (Nikita)
Fixed bug #79779 ASSIGN_OBJ_REF was not handling in zend_wrong_string_offset.
2020-07-07 08:27:22 +00:00
. Fixed bug #79779 (Assertion failure when assigning property of string
offset by reference). (Nikita)
Fixed bug #79792 We need to remove the iterators even if the array is empty (we will not create one if the first place, but the array may become empty after the fact).
2020-07-07 09:57:01 +00:00
. Fixed bug #79792 (HT iterators not removed if empty array is destroyed).
(Nikita)
Fixed bug #78598 When performing an RW modification of an array offset, the undefined offset warning may call an error handler / OB callback, which may destroy the array we're supposed to change. Detect this by temporarily incrementing the reference count. If we find that the array has been modified/destroyed in the meantime, we do nothing -- the execution model here would be that the modification has happened on the destroyed version of the array.
2020-02-04 13:19:07 +00:00
. Fixed bug #78598 (Changing array during undef index RW error segfaults).
(Nikita)
Fixed bug #79784 The fix here is essentially the same as for bug #78598, just for the undefined variable notice, rather than the undefined index one.
2020-07-07 12:22:58 +00:00
. Fixed bug #79784 (Use after free if changing array during undef var during
array write fetch). (Nikita)
Fixed bug #79793 Make sure the string key is not released while throwing the undefined index warning.
2020-07-07 14:24:13 +00:00
. Fixed bug #79793 (Use after free if string used in undefined index warning
is changed). (Nikita)
Fixed bug #79862 While normally a private property in the active scope would take priority, we should not use this if it has the wrong "staticness".
2020-07-15 12:59:55 +00:00
. Fixed bug #79862 (Public non-static property in child should take priority
over private static). (Nikita)
Fixed bug #79740
2020-06-26 08:31:55 +00:00
Fix #79756: finfo_file crash (FILEINFO_MIME) If `ctime` or `asctime` return `NULL`, we must not attempt to copy the buffer, but rather return `NULL` as well.
2020-06-29 14:10:33 +00:00
- Fileinfo:
. Fixed bug #79756 (finfo_file crash (FILEINFO_MIME)). (cmb)
Fix #55857: ftp_size on large files `atol()` returns a `long` which is not the same as `zend_long` on LLP64; we use `ZEND_ATOL()` instead. There is no need for a new test case, since filesize_large.phpt already tests for that behavior; unfortunately, the FTP test suite relies on `pcntl_fork()` and therefore cannot be run on Windows.
2020-06-23 13:17:31 +00:00
- FTP:
. Fixed bug #55857 (ftp_size on large files). (cmb)
Fix bug #79787 Closes GH-5807.
2020-07-04 14:12:57 +00:00
- Mbstring:
. Fixed bug #79787 (mb_strimwidth does not trim string). (XXiang)
Fixed bug #79881
2020-07-22 08:20:37 +00:00
- OpenSSL:
. Fixed bug #79881 (Memory leak in openssl_pkey_get_public()). (Nikita)
[ci skip] Add missing NEWS entries
2020-08-03 09:08:31 +00:00
- Phar:
. Fixed bug #79797 (Use of freed hash key in the phar_parse_zipfile
function). (CVE-2020-7068) (cmb)
Fix #79487: ::getStaticProperties() ignores property modifications When retrieving the static class properties via reflection, we have to cater to possible modifications.
2020-06-24 08:03:46 +00:00
- Reflection:
. Fixed bug #79487 (::getStaticProperties() ignores property modifications).
(cmb, Nikita)
Fixed bug #79820 Similar to what is done for ReflectionType itself, copy the type name stored inside ReflectionProperty. Also make sure the type field is always initialized for dynamic properties. This is a non-issue in PHP 8, because we store a pointer to the property_info there, rather than a copy.
2020-07-15 04:47:21 +00:00
. Fixed bug #69804 (::getStaticPropertyValue() throws on protected props).
Fix #69804: ::getStaticPropertyValue() throws on protected props `ReflectionClass` allows reading of the values of private and protected constants, and also to get private and protected static methods. Therefore getting the values of private and protected static properties is also permissible, especially since `::getStaticProperties()` already allows to do so. We also allow ::setStaticPropertyValue() to modify private and protected properties, because otherwise this method is useless, as modifying public properties can be done directly.
2020-04-15 13:15:21 +00:00
(cmb, Nikita)
Fixed bug #79820 Similar to what is done for ReflectionType itself, copy the type name stored inside ReflectionProperty. Also make sure the type field is always initialized for dynamic properties. This is a non-issue in PHP 8, because we store a pointer to the property_info there, rather than a copy.
2020-07-15 04:47:21 +00:00
. Fixed bug #79820 (Use after free when type duplicated into
ReflectionProperty gets resolved). (Christopher Broadbent)
Fix #79487: ::getStaticProperties() ignores property modifications When retrieving the static class properties via reflection, we have to cater to possible modifications.
2020-06-24 08:03:46 +00:00
Fix #70362: Can't copy() large 'data://' with open_basedir open_basedir is only relevant for plain files, so there is no need to check it for other URL wrappers.
2020-03-05 11:20:04 +00:00
- Standard:
. Fixed bug #70362 (Can't copy() large 'data://' with open_basedir). (cmb)
Fix bug #78008: dns_check_record() always return true on Alpine - free handle before return result - cleaned up remaining usage of MAXPACKET - update dns_get_mx() to use the same approach Closes GH-5854.
2020-07-14 01:14:05 +00:00
. Fixed bug #78008 (dns_check_record() always return true on Alpine).
(Andy Postnikov)
Fixed bug #79839 Add reference type sources in array_walk.
2020-07-17 12:50:22 +00:00
. Fixed bug #79839 (array_walk() does not respect property types). (Nikita)
Fix #70362: Can't copy() large 'data://' with open_basedir open_basedir is only relevant for plain files, so there is no need to check it for other URL wrappers.
2020-03-05 11:20:04 +00:00
Revert "Partial fixed bug #79649 (Altering disable_functions from module init corrupts memory)" This reverts commit a297c09da5ad355d53a8e8ea72655a06d15b7bc7.
2020-07-09 08:48:35 +00:00
09 Jul 2020, PHP 7.4.8
Add (expected) release date, and new header for 7.4.8
2020-05-26 13:20:06 +00:00
Fix #79595: zend_init_fpu() alters FPU precision On startup, PHP deliberately changes the floating point control word to enforce binary64 format for the calculations for best consistency across platforms. However, this is unnessary for x86_64 architectures, because in this case SSE instructions are used by default, and there is no good reason to pass `-mfpmath=i387` or such. Therefore, we can skip the modification, which has the benefit that system libraries are free to work in the mode of their liking.
2020-05-26 06:57:31 +00:00
- Core:
. Fixed bug #79595 (zend_init_fpu() alters FPU precision). (cmb, Nikita)
Fix #79650: php-win.exe 100% cpu lockup As of PHP 7.3.0, `sapi_cli_single_write()` is supposed to return `< 0` on failure, but `fwrite()` returns a `size_t`, and signals error by setting the stream's error indicator. We have to cater to that.
2020-05-31 11:28:09 +00:00
. Fixed bug #79650 (php-win.exe 100% cpu lockup). (cmb)
Fix #79668: get_defined_functions(true) may miss functions Instead of some brittle and unefficient string matching, we can just check for the function handler.
2020-06-03 10:05:00 +00:00
. Fixed bug #79668 (get_defined_functions(true) may miss functions). (cmb,
Nikita)
Fixed bug #79683 Reset fake_scope during __toString() call. I'll check if we can solve this more globally in master, by resetting fake_scope in zend_call_function.
2020-06-09 13:51:05 +00:00
. Fixed bug #79683 (Fake reflection scope affects __toString()). (Nikita)
Fix possibly unsupported timercmp() usage The `timercmp()` manpage[1] points out that some systems have a broken implementation which does not support `>=`. This is definitely the case for the Windows SDK, which only supports `<` and `>`. [1] <https://linux.die.net/man/3/timercmp>
2020-06-09 08:12:32 +00:00
. Fixed possibly unsupported timercmp() usage. (cmb)
Add (expected) release date, and new header for 7.4.8
2020-05-26 13:20:06 +00:00
Fix #79687: Sony picture - PHP Warning - Make, Model, MakerNotes Even if the length of a maker note does not match our expectations (either because the maker note is corrupted, or because our expectations do not quite match reality), there is no need to let parsing fail; we can still go on parsing the other meta information.
2020-06-13 12:09:28 +00:00
- Exif:
. Fixed bug #79687 (Sony picture - PHP Warning - Make, Model, MakerNotes).
(cmb)
Update NEWS wrt. bug 79681
2020-06-10 14:44:17 +00:00
- Fileinfo:
. Fixed bug #79681 (mime_content_type/finfo returning incorrect mimetype).
(cmb)
Fix #73527: Invalid memory access in php_filter_strip
2020-06-04 09:49:59 +00:00
- Filter:
. Fixed bug #73527 (Invalid memory access in php_filter_strip). (cmb)
Fix #79676: imagescale adds black border with IMG_BICUBIC We have to loop over all image pixels to avoid the black border. This is also done in external libgd in `_gdScaleOneAxis` and `_gdScalePass`.
2020-06-05 14:36:00 +00:00
- GD:
. Fixed bug #79676 (imagescale adds black border with IMG_BICUBIC). (cmb)
Fix #62890: default_socket_timeout=-1 causes connection to timeout While unencrypted connections ignore negative timeouts, SSL/TLS connections did not special case that, and so always failed due to timeout.
2020-06-09 10:42:02 +00:00
- OpenSSL:
. Fixed bug #62890 (default_socket_timeout=-1 causes connection to timeout).
(cmb)
Fix #79664: PDOStatement::getColumnMeta fails on empty result set As its name suggests, `sqlite3_data_count` returns the number of columns in the current row of the result set; we are interested in the number of columns regardless of the current row, so we have to use `sqlite3_column_count` instead.
2020-06-02 07:36:39 +00:00
- PDO SQLite:
. Fixed bug #79664 (PDOStatement::getColumnMeta fails on empty result set).
(cmb)
Fix #73926: phpdbg will not accept input on restart execution We are more liberal, and accept Windows line endings (CRLF) as well.
2020-05-19 12:45:47 +00:00
- phpdbg:
. Fixed bug #73926 (phpdbg will not accept input on restart execution). (cmb)
Fix #73927: phpdbg fails with windows error prompt at "watch array" We expect zvals, so we should request zvals. We also suppress spurious watchpoint removal notices.
2020-05-27 16:26:32 +00:00
. Fixed bug #73927 (phpdbg fails with windows error prompt at "watch array").
(cmb)
Fix several mostly Windows related phpdbg bugs * Properly initialize PHPDBG_G(watch_tmp) Otherwise that may cause segfaults in ZTS builds. * Deactivate potentially remaining watchpoints after REPL Otherwise the memory could still be protected, resulting in segfaults during shutdown. * NULL zend_handlers_table after freeing As of commit 4130fe4[1], the `zend_handlers_table` is explicitly freed in the `zend_vm_dtor()`. Since phpdbg (and maybe some other SAPIs) may restart the engine afterwards, we have to make sure that the table is also NULLed. * Only set context option if there is a context In other words, we must not follow the null pointer. * Cater to file handles without attached console File handles do not necessarily have an attached console (for instance, pipes do not), in which case `GetConsoleScreenBufferInfo()` fails. In this case we set a default value (`40`) for lines like on other systems. [1] <http://git.php.net/?p=php-src.git;a=commit;h=4130fe437a5db7ead1444d3748bd0fbad9829cb2>
2020-05-25 17:12:24 +00:00
. Fixed several mostly Windows related phpdbg bugs. (cmb)
Fix #73926: phpdbg will not accept input on restart execution We are more liberal, and accept Windows line endings (CRLF) as well.
2020-05-19 12:45:47 +00:00
Fixed bug #79710 Make sure we don't use zresource after the stream has been destroyed.
2020-06-19 08:46:02 +00:00
- SPL:
. Fixed bug #79710 (Reproducible segfault in error_handler during GC
involved an SplFileObject). (Nikita)
Fix #74267: segfault with streams and invalid data If the current character is a line break character, it cannot be a tab or space character, so we would always fail with an invalid sequence error. Obviously, these `scan_stat == 4` conditions are meant to be exclusive. Furthermore, if `in_pp == NULL || in_left_p == NULL` is true, we hit a segfault if we are not returning right away. Obviously, the additional constraints don't make sense, so we remove them.
2020-06-08 21:19:43 +00:00
- Standard:
. Fixed bug #74267 (segfault with streams and invalid data). (cmb)
Fixed bug #79570 Use the same logic for getgrgid_r, getpwnam_r and getpwuid_r as for getgrnam_r in #75696 Closes GH-5740.
2020-06-19 12:31:28 +00:00
. Fixed bug #79579 (ZTS build of PHP 7.3.17 doesn't handle ERANGE for
posix_getgrgid and others). (Böszörményi Zoltán)
Fix #74267: segfault with streams and invalid data If the current character is a line break character, it cannot be a tab or space character, so we would always fail with an invalid sequence error. Obviously, these `scan_stat == 4` conditions are meant to be exclusive. Furthermore, if `in_pp == NULL || in_left_p == NULL` is true, we hit a segfault if we are not returning right away. Obviously, the additional constraints don't make sense, so we remove them.
2020-06-08 21:19:43 +00:00
Add (expected) release date, and new header for 7.4.8
2020-05-26 13:20:06 +00:00
11 Jun 2020, PHP 7.4.7
Bump version
2020-04-28 07:10:50 +00:00
Fix #79566: Private SHM is not private on Windows We map the POSIX semantics of `IPC_PRIVATE` by creating unnamed file mapping objects on Windows. While that is not particularly useful for ext/shmop, which is the only bundled extension which uses `shmget()`, it may be useful for external extensions.
2020-05-05 07:31:17 +00:00
- Core:
fixed typo of bug id (#79599)
2020-05-15 07:43:38 +00:00
. Fixed bug #79599 (coredump in set_error_handler). (Laruence)
Fix #79566: Private SHM is not private on Windows We map the POSIX semantics of `IPC_PRIVATE` by creating unnamed file mapping objects on Windows. While that is not particularly useful for ext/shmop, which is the only bundled extension which uses `shmget()`, it may be useful for external extensions.
2020-05-05 07:31:17 +00:00
. Fixed bug #79566 (Private SHM is not private on Windows). (cmb)
Fix #79489: .user.ini does not inherit On Windows, PATH_TRANSLATED may contain backslashes as well as slashes, so we must not only check for `DEFAULT_SLASH`.
2020-05-05 08:36:16 +00:00
. Fixed bug #79489 (.user.ini does not inherit). (cmb)
Fixed bug #79600 Missed unsetting of DO_INIT in one case.
2020-05-15 09:03:05 +00:00
. Fixed bug #79600 (Regression in 7.4.6 when yielding an array based
generator). (Nikita)
#79657 was cherry-picked in 7.4.7
2020-07-16 10:05:45 +00:00
. Fixed bug #79657 ("yield from" hangs when invalid value encountered).
(Nikita)
Fix #79566: Private SHM is not private on Windows We map the POSIX semantics of `IPC_PRIVATE` by creating unnamed file mapping objects on Windows. While that is not particularly useful for ext/shmop, which is the only bundled extension which uses `shmget()`, it may be useful for external extensions.
2020-05-05 07:31:17 +00:00
Fix #79571: FFI: var_dumping unions may segfault We must not attempt to access arbitrary union members when retrieving debug info, because that may not be valid. Therefore we do no longer dereference pointer types inside of unions, but report their address as string in `%p` format instead.
2020-05-11 12:35:27 +00:00
- FFI:
. Fixed bug #79571 (FFI: var_dumping unions may segfault). (cmb)
Fix #79615: Wrong GIF header written in GD GIFEncode The color resolution is expected in bits 4-6 of the packed fields byte of the logical screen descriptor (byte 10 of the GIF data stream), according to the specification[1], section 18. [1] <https://www.w3.org/Graphics/GIF/spec-gif89a.txt>
2020-05-22 07:11:28 +00:00
- GD:
. Fixed bug #79615 (Wrong GIF header written in GD GIFEncode). (sageptr, cmb)
Add missing NEWS entry I forgot to update NEWS after merging back then.
2020-06-18 13:28:19 +00:00
- MySQLnd:
. Fixed bug #79596 (MySQL FLOAT truncates to int some locales). (cmb)
Fixed bug #79535 We did not allocate a cache slot for FETCH_CLASS. This is already fixed on newer PHP versions.
2020-05-04 12:50:31 +00:00
- Opcache:
Fix #79588: Boolean opcache settings ignore on/off values We should display boolean INI settings as boolean.
2020-05-12 14:14:54 +00:00
. Fixed bug #79588 (Boolean opcache settings ignore on/off values). (cmb)
Fixed bug #79600 Missed unsetting of DO_INIT in one case.
2020-05-15 09:03:05 +00:00
. Fixed bug #79548 (Preloading segfault with inherited method using static
variable). (Nikita)
Fix bug #79603, by retrying on RTD key collision This is a non-intrusive fix for 7.4, still trying to find a good solution for master. Closes GH-5597.
2020-05-19 08:13:25 +00:00
. Fixed bug #79603 (RTD collision with opcache). (Nikita)
Fixed bug #79535 We did not allocate a cache slot for FETCH_CLASS. This is already fixed on newer PHP versions.
2020-05-04 12:50:31 +00:00
Fix #79561: dns_get_record() fails with DNS_ALL Since Windows has its own definitions of the `PHP_DNS_*` macros, we have to use these when registering the PHP constants.
2020-05-04 14:51:51 +00:00
- Standard:
. Fixed bug #79561 (dns_get_record() fails with DNS_ALL). (cmb)
Fixed historical dates in NEWS
2020-05-26 10:47:26 +00:00
14 May 2020, PHP 7.4.6
The 7.4 branch is now for 7.4.6
2020-03-31 13:57:12 +00:00
Fixed bug #78434 The DO_INIT flag, which will skip the first resume on a primed generator, should always be set when starting to yield from a new generator, not only when the yield from happens during priming.
2020-04-03 08:06:41 +00:00
- Core:
Fixed bug #79536 (zend_clear_exception prevent exception's destructor to be called).
2020-04-29 10:58:28 +00:00
. Fixed bug #79536 (zend_clear_exception prevent exception's destructor to be
called). (Laruence)
Fixed bug #78434 The DO_INIT flag, which will skip the first resume on a primed generator, should always be set when starting to yield from a new generator, not only when the yield from happens during priming.
2020-04-03 08:06:41 +00:00
. Fixed bug #78434 (Generator yields no items after valid() call). (Nikita)
Fixed bug #79477 Make sure to deindirect properties when creating array.
2020-04-15 09:20:33 +00:00
. Fixed bug #79477 (casting object into array creates references). (Nikita)
Fix #79514: Memory leaks while including unexistent file We have to destroy (un-opened) ZEND_HANDLE_FILENAMEs.
2020-04-24 12:51:44 +00:00
. Fixed bug #79514 (Memory leaks while including unexistent file). (cmb,
Nikita)
Fixed bug #78434 The DO_INIT flag, which will skip the first resume on a primed generator, should always be set when starting to yield from a new generator, not only when the yield from happens during priming.
2020-04-03 08:06:41 +00:00
Fix #78221: DOMNode::normalize() doesn't remove empty text nodes If a text node is not followed by another text node, we remove it, if its textContent is empty.
2020-03-11 12:02:09 +00:00
- DOM:
. Fixed bug #78221 (DOMNode::normalize() doesn't remove empty text nodes).
(cmb)
Fix bug #79336 Make reading of floats and doubles host-endian independent.
2020-04-16 09:52:37 +00:00
- EXIF:
. Fixed bug #79336 (ext/exif/tests/bug79046.phpt fails on Big endian arch).
(Nikita)
Fix #79491: Search for .user.ini extends up to root dir The `start` parameter of `php_cgi_ini_activate_user_config` is supposed to hold the byte offset of the doc root in the given `path`. However, the current expression which fixes a potential type incompatibility will ever only evaluate to zero or one, because it uses the *logical* and operator (`&&`). Furthermore we notice that subtracting one from `doc_root_len` is not necessary, so there is even no need for the `start` parameter at all.
2020-04-19 12:22:24 +00:00
- FCGI:
. Fixed bug #79491 (Search for .user.ini extends up to root dir). (cmb)
Add NEWS entryc [ci skip]
2020-04-01 07:26:20 +00:00
- MBString:
. Fixed bug #79441 (Segfault in mb_chr() if internal encoding is unsupported).
(Girgias)
The 7.4 branch is now for 7.4.6
2020-03-31 13:57:12 +00:00
Fix #79497: Fix php_openssl_subtract_timeval() I stumbled upon this while debugging a strange issue with stream_socket_client() where it randomly throws out errors when the connection timeout is set to below 1s. The logic to calculate time difference in php_openssl_subtract_timeval() is wrong when a.tv_usec < b.tv_usec, causing connection errors before the timeout is reached.
2020-04-19 23:03:11 +00:00
- OpenSSL:
. Fixed bug #79497 (stream_socket_client() throws an unknown error sometimes
with <1s timeout). (Joe Cai)
Merge branch 'PHP-7.3' into PHP-7.4 * PHP-7.3: Fix #79503: Memory leak on duplicate metadata
2020-04-22 13:08:13 +00:00
- PCRE:
Upgrade to PCRE2 10.34 We backport the slightly modified variant from master.
2020-04-06 12:21:56 +00:00
. Upgraded to PCRE2 10.34. (cmb)
Fix #79503: Memory leak on duplicate metadata Duplicate metadata can only happen if someone tampers with the phar, so we can and should treat that as error.
2020-04-22 12:11:13 +00:00
- Phar:
Merge branch 'PHP-7.3' into PHP-7.4 * PHP-7.3: Fix #79503: Memory leak on duplicate metadata
2020-04-22 13:08:13 +00:00
. Fixed bug #79503 (Memory leak on duplicate metadata). (cmb)
This bug fix was cherry picked into 7.4.6
2020-05-26 13:18:19 +00:00
- SimpleXML:
. Fixed bug #79528 (Different object of the same xml between 7.4.5 and
7.4.4). (cmb)
Fix #69264: __debugInfo() ignored while extending SPL classes We actually implement `::__debugInfo()` and drop the `get_debug_info()` handlers of all relevant SPL classes. This is cleaner and gives more flexibility regarding overriding the functionality in descendant classes.
2020-04-06 09:02:15 +00:00
- SPL:
. Fixed bug #69264 (__debugInfo() ignored while extending SPL classes). (cmb)
Fix bug #67369 ArrayObject serializatino drops the iterator class When ArrayObject is round-tripped through serialize() and unserialize(), it forgets any iterator class name which was set using ::setIteratorClass(). Fix that.
2020-04-15 13:25:14 +00:00
. Fixed bug #67369 (ArrayObject serialization drops the iterator class).
(Alex Dowad)
Fix #69264: __debugInfo() ignored while extending SPL classes We actually implement `::__debugInfo()` and drop the `get_debug_info()` handlers of all relevant SPL classes. This is cleaner and gives more flexibility regarding overriding the functionality in descendant classes.
2020-04-06 09:02:15 +00:00
Fixed bug #79468 Close the stream filter resources when removing them from the stream.
2020-04-13 23:46:34 +00:00
- Standard:
. Fixed bug #79468 (SIGSEGV when closing stream handle with a stream filter
appended). (dinosaur)
Fix bug #79447 Partially reverts 846b6479537a112d1ded725e6484e46462048b35: instead of throwing, this skips uninitialized typed properties when serializing objects. This makes serialize with __sleep() behave the same as serialize() without __sleep(). As in the non-__sleep() case, unserialize(serialize($x)) identity may not be preserved due to replacement of uninitialized/unset properties with default values. Fixing this will require changes to the serialization format. Closes GH-5396.
2020-04-15 22:11:38 +00:00
. Fixed bug #79447 (Serializing uninitialized typed properties with __sleep
should not throw). (nicolas-grekas)
Fixed bug #79468 Close the stream filter resources when removing them from the stream.
2020-04-13 23:46:34 +00:00
Fixed historical dates in NEWS
2020-05-26 10:47:26 +00:00
16 Apr 2020, PHP 7.4.5
Next is 7.3.17
2020-03-03 09:19:31 +00:00
Fix #79364: When copy empty array, next key is unspecified We must not forget to keep the `nNextFreeElement` when duplicating empty arrays.
2020-03-10 15:12:53 +00:00
- Core:
. Fixed bug #79364 (When copy empty array, next key is unspecified). (cmb)
Fix #78210: Invalid pointer address This is actually about three distinct issues: * If an empty string is passed as $address to `stream_socket_sendto()`, the `sa` is not initialized, so we must not pass it as `addr` to `php_stream_xport_sendto()`. * On POSIX, `recvfrom()` truncates messages which are too long to fit into the specified buffer (unless `MSG_PEEK` is given), discards the excessive bytes, and returns the buffer length. On Windows, the same happens, but `recvfrom()` returns `SOCKET_ERROR` with the error code `WSAEMSGSIZE`. We have to catch this for best POSIX compatibility. * In `php_network_parse_network_address_with_port()`, we have to zero `in6` (not only its alias `sa`) to properly support IPv6. Co-Authored-By: Nikita Popov <nikita.ppv@googlemail.com>
2020-03-11 09:16:04 +00:00
. Fixed bug #78210 (Invalid pointer address). (cmb, Nikita)
Fix #79364: When copy empty array, next key is unspecified We must not forget to keep the `nNextFreeElement` when duplicating empty arrays.
2020-03-10 15:12:53 +00:00
Fix #79199: curl_copy_handle() memory leak `curl_copy_handle()` already registers a new resource, so we must not increase the refcount of the original resource.
2020-03-11 17:29:40 +00:00
- CURL:
. Fixed bug #79199 (curl_copy_handle() memory leak). (cmb)
Fix #79396: DateTime hour incorrect during DST jump forward When you attempt to set the time to a non-existent time occuring during a DST jump forward, the hour does not move forward correctly.
2020-03-18 20:04:46 +00:00
- Date:
. Fixed bug #79396 (DateTime hour incorrect during DST jump forward). (Nate
Brunette)
Fix #74940: DateTimeZone loose comparison always true Since `DateTimeZone` does not implement a `compare_objects` handler, nor has any properties, two `DateTimeZone` instances always compare as being equal, even if they designate totally different timezones. Even worse, after calling `var_dump()` on these objects, the actual comparison may yield a correct result. We therefore introduce a `compare_objects` handlers, which prevents different behavior before/after `var_dump()`, and which allows us to clearly define the intended semantics.
2020-03-04 18:20:10 +00:00
. Fixed bug #74940 (DateTimeZone loose comparison always true). (cmb)
Fix #79396: DateTime hour incorrect during DST jump forward When you attempt to set the time to a non-existent time occuring during a DST jump forward, the hour does not move forward correctly.
2020-03-18 20:04:46 +00:00
Allow numeric [UG]ID in FPM listen.{owner,group}
2020-02-04 12:53:16 +00:00
- FPM:
. Implement request #77062 (Allow numeric [UG]ID in FPM listen.{owner,group})
(Andre Nathan)
Fix #79200: Some iconv functions cut Windows-1258 To cater to potentially state-dependent encodings, we have to reset the conversion descriptor into its initial shift state to properly finish the conversion. Furthermore, state-dependent encodings may not show progress when comparing `in_left` before and after the conversion; we rather have to see whether `out_left` has decreased. Also we have to cater to the fact that the final potentially state resetting call does not signal failure, but we still have to break respective loops afterwards.
2020-03-16 12:09:16 +00:00
- Iconv:
. Fixed bug #79200 (Some iconv functions cut Windows-1258). (cmb)
Fixed bug #79412 (Opcache chokes and uses 100% CPU on specific script).
2020-03-25 14:31:06 +00:00
- OPcache:
. Fixed bug #79412 (Opcache chokes and uses 100% CPU on specific script).
(Dmitry)
Fix #79413: session_create_id() fails for active sessions The comment on `PS_VALIDATE_SID_FUNC(files)` is very clear that the function is supposed to return `SUCCESS` if the session already exists. So to detect a collision, we have to check for `SUCCESS`, not `FAILURE`. We also fix the wrong condition in session_regenerate_id() as well.
2020-03-26 18:01:33 +00:00
- Session:
. Fixed bug #79413 (session_create_id() fails for active sessions). (cmb)
Fix #79427: Integer Overflow in shmop_open() If `shm.shm_segsz > ZEND_LONG_MAX` the assignment to `shmop->size` a few lines below would overflow, so we catch that early and bail out if necessary.
2020-03-29 14:56:57 +00:00
- Shmop:
. Fixed bug #79427 (Integer Overflow in shmop_open()). (cmb)
Fix #61597: SXE properties may lack attributes and content We must not treat a node as string if it has attributes, unless it is an entity declaration which is always treated as string by simplexml.
2020-03-07 10:20:06 +00:00
- SimpleXML:
. Fixed bug #61597 (SXE properties may lack attributes and content). (cmb)
Fixed bug #79357 Peculiarly, for once the cause was not SOAPs "interesting" error handling, but a bug in the call trampoline for internal functions...
2020-03-09 13:59:59 +00:00
- SOAP:
. Fixed bug #79357 (SOAP request segfaults when any request parameter is
missing). (Nikita)
Fix #75673: SplStack::unserialize() behavior Even though `SplStack::unserialize()` is not supposed to be called on an already constructed instance, it is probably better if the method clears the stack before actually unserializing.
2020-03-05 13:57:27 +00:00
- Spl:
. Fixed bug #75673 (SplStack::unserialize() behavior). (cmb)
Fix #79393: Null coalescing operator failing with SplFixedArray We favor the KISS principle over optimization[1] – SPL is already special enough. [1] <https://github.com/php/php-src/pull/2489/commits/352f3d4476a79bb86136b431719df7394e5a8d4e#r112498098>ff
2020-03-18 16:39:27 +00:00
. Fixed bug #79393 (Null coalescing operator failing with SplFixedArray).
(cmb)
Fix #75673: SplStack::unserialize() behavior Even though `SplStack::unserialize()` is not supposed to be called on an already constructed instance, it is probably better if the method clears the stack before actually unserializing.
2020-03-05 13:57:27 +00:00
Fix bug #79410 (system() swallows last chunk if it is exactly 4095 bytes without newline) Closes GH-5292.
2020-03-24 15:43:17 +00:00
- Standard:
Add NEWS entries [ci skip]
2020-04-14 06:53:35 +00:00
. Fixed bug #79330 (shell_exec() silently truncates after a null byte). (stas)
Add missing CVE
2020-04-14 16:18:18 +00:00
. Fixed bug #79465 (OOB Read in urldecode()). (CVE-2020-7067) (stas)
Fix bug #79410 (system() swallows last chunk if it is exactly 4095 bytes without newline) Closes GH-5292.
2020-03-24 15:43:17 +00:00
. Fixed bug #79410 (system() swallows last chunk if it is exactly 4095 bytes
without newline). (Christian Schneider)
NEWS
2020-03-20 10:17:29 +00:00
- Zip:
. Fixed Bug #79296 (ZipArchive::open fails on empty file). (Remi)
NEWS
2020-03-29 12:23:28 +00:00
. Fixed bug #79424 (php_zip_glob uses gl_pathc after call to globfree).
(Max Rees)
NEWS
2020-03-20 10:17:29 +00:00
19 Mar 2020, PHP 7.4.4
Next is 7.3.16
2020-02-04 10:38:29 +00:00
Fixed bug #79244 (php crashes during parsing INI file). (Laruence) Cherry-picked the fix(not sure why this wasn't merged to 7.4) for: Fixed bug #77589 (Core dump using parse_ini_string with numeric sections) Section name should not be typed(NULL, FALSE, TRUE etc) Conflicts: Zend/zend_ini_scanner.c
2020-02-10 05:01:51 +00:00
- Core:
. Fixed bug #79244 (php crashes during parsing INI file). (Laruence)
Fix #63206: Fully support error/exception_handler stacking, even with null or inside the handler Always push the current user_error/exception_handler to the stack, even when it is empty, so restore_error_handler() always works as expected. The user_error_handler is especially temporarily empty when we are inside the error handler, which caused inconsistent behaviour before.
2020-02-24 20:32:02 +00:00
. Fixed bug #63206 (restore_error_handler does not restore previous errors
mask). (Mark Plomer)
Fixed bug #79244 (php crashes during parsing INI file). (Laruence) Cherry-picked the fix(not sure why this wasn't merged to 7.4) for: Fixed bug #77589 (Core dump using parse_ini_string with numeric sections) Section name should not be typed(NULL, FALSE, TRUE etc) Conflicts: Zend/zend_ini_scanner.c
2020-02-10 05:01:51 +00:00
Fix #66322: COMPersistHelper::SaveToFile can save to wrong location Saving under the given `filename` may also work, but since `::LoadFromFile` uses the `fullpath` we follow suit.
2020-02-06 13:59:55 +00:00
- COM:
. Fixed bug #66322 (COMPersistHelper::SaveToFile can save to wrong location).
(cmb)
Fix #79242: COM error constants don't match com_exception codes Because a `HRESULT` is a `LONG`[1], no special treatment is required on x86 platforms to get appropriate values. On x64 platforms we prefer positive values, what we could accomplish by casting the `HRESULT` value to `ULONG` and then to `zend_long`, but since the current behavior is correct and the performance improvement is negligible, we defer that to master. [1] <https://docs.microsoft.com/en-us/windows/win32/winprog/windows-data-types#hresult>
2020-02-07 17:04:14 +00:00
. Fixed bug #79242 (COM error constants don't match com_exception codes on
x86). (cmb)
Fix #79247: Garbage collecting variant objects segfaults variant objects have no (declared) properties, so the `get_properties` handlers returns a pointer to constant storage for efficiency reasons. This pointer must not be returned from the `get_gc` handler, though; instead we set up an own `get_gc` handler and return NULL from it, to signal that there are no properties to collect.
2020-02-08 09:58:15 +00:00
. Fixed bug #79247 (Garbage collecting variant objects segfaults). (cmb)
Fix #79248: Traversing empty VT_ARRAY throws com_exception If the `VT_ARRAY` is empty, i.e. its upperbound is less than its lower bound, we must not call `php_com_safearray_get_elem()`, because that function throws in this case.
2020-02-08 15:56:30 +00:00
. Fixed bug #79248 (Traversing empty VT_ARRAY throws com_exception). (cmb)
Fix #79299: com_print_typeinfo prints duplicate variables `lastid` has to retain its value during the traversal, so we move it to an outer scope. Patch contributed by Litiano Moura.
2020-02-23 22:23:12 +00:00
. Fixed bug #79299 (com_print_typeinfo prints duplicate variables). (Litiano
Moura)
Fix #79332: php_istreams are never freed Releasing the `com_dotnet_istream_wrapper` in `istream_destructor()` is pointless, since `istream_destructor()` is only called when the resource is going to be released. This recursion is not a real issue, though, since the resource is never exposed to userland, and has at most refcount 1, so due to well defined unsigned integer underflow, it never is released twice. However, returning early in this case causes a memory leak which needs to be fixed.
2020-03-02 09:45:37 +00:00
. Fixed bug #79332 (php_istreams are never freed). (cmb)
Fix #79333: com_print_typeinfo() leaks memory We have to free the `ansiname`s, regardless of whether they have been put into the hashtable or not. Since bug79299.phpt already shows the leak when run with a leak checker, there is no need for another regression test.
2020-03-02 10:36:30 +00:00
. Fixed bug #79333 (com_print_typeinfo() leaks memory). (cmb)
Fix #66322: COMPersistHelper::SaveToFile can save to wrong location Saving under the given `filename` may also work, but since `::LoadFromFile` uses the `fullpath` we follow suit.
2020-02-06 13:59:55 +00:00
Fix NEWS [ci skip] This bugfix didn't make it into 7.4.3.
2020-02-06 09:46:38 +00:00
- CURL:
. Fixed bug #79019 (Copied cURL handles upload empty file). (cmb)
Fix #79013: Content-Length missing when posting a curlFile with curl Unfortunately, some Webservers (e.g. IIS) do not implement the (F)CGI specifications correctly wrt. chunked uploads (i.e. Transfer-encoding: chunked), but instead pass -1 as CONTENT_LENGTH to the CGI application. However, our (F)CFI SAPIs (i.e. cgi and cgi-fcgi) do not support this. Therefore we try to retrieve the stream size in advance and pass it to `curl_mime_data_cb()` to prevent libcurl from doing chunked uploads. This is basically the same approach that `curl_mime_filedata()` implements, except that we are keeping already opened streams open for the `read_cb()`.
2020-03-02 17:45:12 +00:00
. Fixed bug #79013 (Content-Length missing when posting a curlFile with
curl). (cmb)
Fix NEWS [ci skip] This bugfix didn't make it into 7.4.3.
2020-02-06 09:46:38 +00:00
Fix #77569: Write Acess Violation in DomImplementation We must not assume that the zval IS_STRING.
2020-02-13 14:13:26 +00:00
- DOM:
Fix typo in recent bugfix
2020-02-14 08:21:13 +00:00
. Fixed bug #77569: (Write Access Violation in DomImplementation). (Nikita,
Fix #77569: Write Acess Violation in DomImplementation We must not assume that the zval IS_STRING.
2020-02-13 14:13:26 +00:00
cmb)
Fix #79271: DOMDocumentType::$childNodes is NULL Dom level 2 core, DOM level 3 core and the DOM living standard agree that `childNodes` always return a `NodeList`, and never `null`.
2020-02-14 09:55:17 +00:00
. Fixed bug #79271 (DOMDocumentType::$childNodes is NULL). (cmb)
next will be 7.2.28
2020-01-22 08:17:00 +00:00
Fix #79311: enchant_dict_suggest() fails on big endian architecture For obvious reasons, we must not assign a `size_t` value to an `int` variable using memcpy(). However, there is actually no need for the intermediate `n_sugg_st` here, if we use the proper types in the first place. A regression test is not necessary, because dict_suggest.phpt already exhibits the erroneous behavior on big endian architectures.
2020-02-28 12:18:00 +00:00
- Enchant:
. Fixed bug #79311 (enchant_dict_suggest() fails on big endian architecture).
(cmb)
Merge branch 'PHP-7.2' into PHP-7.3 * PHP-7.2: Fix NEWS
2020-03-17 10:08:45 +00:00
- EXIF:
. Fixed bug #79282 (Use-of-uninitialized-value in exif). (CVE-2020-7064)
(Nikita)
Merge branch 'PHP-7.3' into PHP-7.4 * PHP-7.3: Fix NEWS
2020-03-17 10:11:15 +00:00
- Fileinfo:
. Fixed bug #79283 (Segfault in libmagic patch contains a buffer
overflow). (cmb)
Fix bug #77653 (operator displayed instead of the real error message)
2020-02-09 19:40:25 +00:00
- FPM:
. Fixed bug #77653 (operator displayed instead of the real error message).
(Jakub Zelenka)
Fix bug #79014 (PHP-FPM & Primary script unknown)
2020-02-23 19:14:05 +00:00
. Fixed bug #79014 (PHP-FPM & Primary script unknown). (Jakub Zelenka)
Fix bug #77653 (operator displayed instead of the real error message)
2020-02-09 19:40:25 +00:00
Merge branch 'PHP-7.2' into PHP-7.3 * PHP-7.2: Fix NEWS
2020-03-17 10:08:45 +00:00
- MBstring:
. Fixed bug #79371 (mb_strtolower (UTF-32LE): stack-buffer-overflow at
php_unicode_tolower_full). (CVE-2020-7065) (cmb)
Fix #64032: mysqli reports different client_version While `mysqli_get_client_version()` calls `mysql_get_client_version()` to retrieve the client version, `mysql::$client_version` is initialized to `MYSQL_VERSION_ID`. Both should match though, and since the former is the more useful information, we fix `mysql::$client_version`. We do not add a regression test, because it would usually succeed anyway, and we already have several tests with respective `assert()`s.
2020-02-26 17:33:25 +00:00
- MySQLi:
. Fixed bug #64032 (mysqli reports different client_version). (cmb)
Native Windows support for mysqlnd sha256 authentification We implement that on top of Cryptography API: Next Generation (CNG).
2020-02-26 16:01:37 +00:00
- MySQLnd:
. Implemented FR #79275 (Support auth_plugin_caching_sha2_password on
Windows). (cmb)
Merge branch 'PHP-7.3' into PHP-7.4 * PHP-7.3: Fixed bug #79062
2020-02-28 16:07:36 +00:00
- Opcache:
. Fixed bug #79252 (preloading causes php-fpm to segfault during exit).
(Nikita)
Fixed bug #79188
2020-01-29 09:57:44 +00:00
- PCRE:
. Fixed bug #79188 (Memory corruption in preg_replace/preg_replace_callback
and unicode). (Nikita)
PCRE: Only remember valid UTF-8 if start offset zero PCRE only validates the string starting from the start offset (minus maximum look-behind, but let's ignore that), so we can only remember that the string is fully valid UTF-8 is the original start offset is zero.
2020-02-07 16:01:39 +00:00
. Fixed bug #79241 (Segmentation fault on preg_match()). (Nikita)
Fixed bug #79257 Replace an existing entry for a given name only if we have a match.
2020-02-11 16:30:59 +00:00
. Fixed bug #79257 (Duplicate named groups (?J) prefer last alternative even
if not matched). (Nikita)
Fixed bug #79188
2020-01-29 09:57:44 +00:00
Fix #79038: PDOStatement::nextRowset() leaks column values Firstly, we must not rely on `stmt->column_count` when freeing the driver specific column values, but rather store the column count in the driver data. Since the column count is a `short`, 16 bit are sufficient, so we can store it in reserved bits of `pdo_odbc_stmt`. Furthermore, we must not allocate new column value storage when the statement is not executed, but rather when the column value storage has not been allocated. Finally, we have to introduce a driver specific `cursor_closer` to avoid that `::closeCursor()` calls `odbc_stmt_next_rowset()` which then frees the column value storage, because it may be still needed for bound columns.
2019-12-27 12:20:11 +00:00
- PDO_ODBC:
. Fixed bug #79038 (PDOStatement::nextRowset() leaks column values). (cmb)
Fixed bug #79062 Back up the doc comment when performing heredoc scanahead.
2020-02-28 16:06:05 +00:00
- Reflection:
. Fixed bug #79062 (Property with heredoc default value returns false for
getDocComment). (Nikita)
Fix #79294: ::columnType() may fail after SQLite3Stmt::reset() The fix for feature request #53466 did not properly handle resetting of the corresponding statement; the problem with this is that the statement does not know about its result sets. But even if we could fix this, the `complete` handling still appears to be brittle, since the `sqlite3_column_type()`docs[1] state: | If the SQL statement does not currently point to a valid row, or if | the column index is out of range, the result is undefined. Fortunately, we can use `sqlite3_data_count()` instead, since[2]: | If prepared statement P does not have results ready to return (via | calls to the sqlite3_column() family of interfaces) then | sqlite3_data_count(P) returns 0. Thus, we guard `SQLite3::columnType()` with `sqlite3_data_count()`, and completely drop updating the `php_sqlite3_result_object.complete` field, but keep it for ABI BC purposes. [1] <https://www.sqlite.org/c3ref/column_blob.html> [2] <https://www.sqlite.org/c3ref/data_count.html>
2020-02-21 12:24:37 +00:00
- SQLite3:
. Fixed bug #79294 (::columnType() may fail after SQLite3Stmt::reset()). (cmb)
Fix #79254: getenv() w/o arguments not showing changes To be able to see changes done only with `SetEnvironmentVariable()`, we have to use `GetEnvironmentStrings()` instead of `environ`, because the latter sees only changes done with `putenv()`. For best backward compatibility we're using `GetEnvironmentStringsA()`; switching to the wide string version likely makes sense for master, though.
2020-02-11 08:43:15 +00:00
- Standard:
Merge branch 'PHP-7.3' into PHP-7.4 * PHP-7.3: Fix NEWS
2020-03-17 10:11:15 +00:00
. Fixed bug #79329 (get_headers() silently truncates after a null byte).
Merge branch 'PHP-7.2' into PHP-7.3 * PHP-7.2: Fix NEWS
2020-03-17 10:08:45 +00:00
(CVE-2020-7066) (cmb)
Fix #79254: getenv() w/o arguments not showing changes To be able to see changes done only with `SetEnvironmentVariable()`, we have to use `GetEnvironmentStrings()` instead of `environ`, because the latter sees only changes done with `putenv()`. For best backward compatibility we're using `GetEnvironmentStringsA()`; switching to the wide string version likely makes sense for master, though.
2020-02-11 08:43:15 +00:00
. Fixed bug #79254 (getenv() w/o arguments not showing changes). (cmb)
Fixes #79265: Improper injection of Host header when using fopen for http requests Check all occurrences of the string "host:" (and other headers), not just the first one.
2020-02-24 05:04:37 +00:00
. Fixed bug #79265 (Improper injection of Host header when using fopen for
http requests). (Miguel Xavier Penha Neto)
Fix #79254: getenv() w/o arguments not showing changes To be able to see changes done only with `SetEnvironmentVariable()`, we have to use `GetEnvironmentStrings()` instead of `environ`, because the latter sees only changes done with `putenv()`. For best backward compatibility we're using `GetEnvironmentStringsA()`; switching to the wide string version likely makes sense for master, though.
2020-02-11 08:43:15 +00:00
NEWS
2020-02-28 09:36:12 +00:00
- Zip:
. Fixed bug #79315 (ZipArchive::addFile doesn't honor start/length
parameters). (Remi)
20 Feb 2020, PHP 7.4.3
Fixed bug #78810
2019-11-15 11:06:17 +00:00
Fixed bug #71876 This is a backport of fcdc0a6db0ae63fbed9e3828137b899b844623ce to the PHP-7.3 branch. We need to make sure that OnUpdateString is also called for a NULL value, otherwise the reset of the encoding at the end of the request will not work. I believe I already tried to land this before once, but it didn't actually end up on the PHP-7.3 branch due to a push conflict that I only noticed just now.
2020-01-03 10:14:45 +00:00
- Core:
Fixed bug #79155 Make sure we only unset the NULLABLE flag temporarily for class resolution, as the same type may be compiled multiple types.
2020-01-23 11:48:45 +00:00
. Fixed bug #79146 (cscript can fail to run on some systems). (clarodeus)
. Fixed bug #79155 (Property nullability lost when using multiple property
definition). (Nikita)
Fix bug #78323: Code 0 is returned on invalid options Set CLI exit code to 1 when invalid parameters are passed, and print error to stderr.
2020-01-17 19:26:35 +00:00
. Fixed bug #78323 (Code 0 is returned on invalid options). (Ivan Mikheykin)
Fixed bug #78989 Always operate on copies of the functions, so we don't reference temporary trait methods that have gone out of scope. This could be more efficient, but doing an allocated copy only when strictly necessary turned out to be somewhat tricky.
2020-01-28 09:41:11 +00:00
. Fixed bug #78989 (Delayed variance check involving trait segfaults).
(Nikita)
Fix #79174: cookie values with spaces fail to round-trip The fix for bug #78929 disabled the conversion of spaces in cookie values to plus signs, but failed to adapt `php_setcookie()` accordingly, so that it uses raw URL encoding as well.
2020-01-28 14:11:59 +00:00
. Fixed bug #79174 (cookie values with spaces fail to round-trip). (cmb)
Fix bug #76047 Unlink the current stack frame before freeing CVs or extra args. This means it will no longer show up in back traces that are generated during CV destruction. We already did this prior to destructing the object/closure, presumably for the same reason.
2020-01-31 09:21:37 +00:00
. Fixed bug #76047 (Use-after-free when accessing already destructed
backtrace arguments). (Nikita)
Fixed bug #71876 This is a backport of fcdc0a6db0ae63fbed9e3828137b899b844623ce to the PHP-7.3 branch. We need to make sure that OnUpdateString is also called for a NULL value, otherwise the reset of the encoding at the end of the request will not work. I believe I already tried to land this before once, but it didn't actually end up on the PHP-7.3 branch due to a push conflict that I only noticed just now.
2020-01-03 10:14:45 +00:00
Fix #79078: Hypothetical use-after-free in curl_multi_add_handle() To avoid this, we have to verify the handlers already in `curl_multi_add_handle()`, not only in `curl_multi_exec()`.
2020-01-08 10:52:24 +00:00
- CURL:
. Fixed bug #79078 (Hypothetical use-after-free in curl_multi_add_handle()).
(cmb)
Fix #79096: FFI Struct Segfault We must not assume that the size of a function's return value is at most `sizeof(ffi_arg)`, but rather have to use the size which already has been determined for the return type if it is larger than `sizeof(ffi_arg)`. To be able to have a regression test, we export the required test function from the zend-test extension, and make sure that the test can be run on different platforms regardless of whether zend-tests was built statically or dynamically.
2020-01-12 13:01:42 +00:00
- FFI:
. Fixed bug #79096 (FFI Struct Segfault). (cmb)
Fix bug #79112: IMAP can't find OpenSSL during configure Remove the check of PHP_OPENSSL inside SETUP_OPENSSL. It's the responsibility of the caller to determine whether they want to enable openssl or not. This makes SSL detection in IMAP work, which uses a different option. Additionally also clarify that --with-openssl-dir cannot actually be used to specify an OpenSSL directory -- these options just serve as a way to enable OpenSSL in extensions without also enabling the OpenSSL extension. They need to be renamed to something clearer in master. Closes GH-5091.
2020-01-17 10:22:32 +00:00
- IMAP:
. Fixed bug #79112 (IMAP extension can't find OpenSSL libraries at configure
time). (Nikita)
Fix NEWS [ci skip] Cosmetics.
2020-02-20 09:55:17 +00:00
- Intl:
Fix #79212: NumberFormatter::format() may detect wrong type We have to convert to number *before* detecting the type, to cater to internal objects implementing `cast_object`. We also get rid of the fallback behavior of using `FORMAT_TYPE_INT32`, because that can no longer happen; after `convert_scalar_to_number_ex` the type is either `IS_LONG` or `IS_DOUBLE`. We cater explicitly to the `IS_ARRAY` case what also avoids triggering a type confusion when `::TYPE_INT64` is passed as `$type`.
2020-02-02 12:38:34 +00:00
. Fixed bug #79212 (NumberFormatter::format() may detect wrong type). (cmb)
Fix #79191: Error in SoapClient ctor disables DOMDocument::save() The culprit is the too restrictive fix for bug #71536, which prevents `php_libxml_streams_IO_write()` from properly executing when unclean shutdown is flagged. A *more* suitable solution is to move the `xmlwriter_free_resource_ptr()` call from the `free_obj` handler to an added `dtor_obj` handler, to avoid to write to a closed stream in case of late object freeing. This makes the `EG(active)` guard superfluous. We also fix bug79029.phpt which has to use different variables for the three parts to actually check the original shutdown issue. Thanks to bwoebi and daverandom for helping to investigate this issue.
2020-02-03 22:10:20 +00:00
- Libxml:
. Fixed bug #79191 (Error in SoapClient ctor disables DOMDocument::save()).
(Nikita, cmb)
Fix #79149: SEGV in mb_convert_encoding with non-string encodings We must not assume that `hash_entry` `IS_STRING`, but rather use `encoding_str` which is guaranteed to be.
2020-01-22 08:43:51 +00:00
- MBString:
. Fixed bug #79149 (SEGV in mb_convert_encoding with non-string encodings).
(cmb)
Fix #78666 mysqli_options generates Warning on var_dump() Closes GH-5121
2020-01-24 19:08:32 +00:00
- MySQLi:
. Fixed bug #78666 (Properties may emit a warning on var_dump()). (kocsismate)
Fix #79084: mysqlnd may fetch wrong column indexes with MYSQLI_BOTH Column names can be numeric strings, so we have to make sure to insert the column values with the appropriate numeric keys, instead of adding them.
2020-01-13 10:47:40 +00:00
- MySQLnd:
. Fixed bug #79084 (mysqlnd may fetch wrong column indexes with MYSQLI_BOTH).
(cmb)
Fixed bug #79011 auth_plugin_data_len here is 21, including the trailing null byte. Directly use SCRAMBLE_LENGTH instead. Also add a sanity check that the provided scramble is long enough.
2020-01-24 13:52:28 +00:00
. Fixed bug #79011 (MySQL caching_sha2_password Access denied for password
with more than 20 chars). (Nikita)
Fix #79084: mysqlnd may fetch wrong column indexes with MYSQLI_BOTH Column names can be numeric strings, so we have to make sure to insert the column values with the appropriate numeric keys, instead of adding them.
2020-01-13 10:47:40 +00:00
Fixed bug #79114 (Eval class during preload causes class to be only half available)
2020-01-20 04:24:49 +00:00
- Opcache:
Fixed bug #79128 We need to extend the hash table before performing raw append operations. This doesn't matter if preloading happens in the same process, as the tables will be large enough to hold all entries as a side-effect of the preloading process. However, if preloading happens in a different process, we need to reserve space here.
2020-01-24 15:18:28 +00:00
. Fixed bug #79114 (Eval class during preload causes class to be only half
Fixed bug #79114 (Eval class during preload causes class to be only half available)
2020-01-20 04:24:49 +00:00
available). (Laruence)
Fixed bug #79128 We need to extend the hash table before performing raw append operations. This doesn't matter if preloading happens in the same process, as the tables will be large enough to hold all entries as a side-effect of the preloading process. However, if preloading happens in a different process, we need to reserve space here.
2020-01-24 15:18:28 +00:00
. Fixed bug #79128 (Preloading segfaults if preload_user is used). (Nikita)
Fixed bug #79193
2020-01-30 13:55:58 +00:00
. Fixed bug #79193 (Incorrect type inference for self::$field =& $field).
(Nikita)
Fixed bug #79114 (Eval class during preload causes class to be only half available)
2020-01-20 04:24:49 +00:00
Fix #79145: openssl memory leak We must increase the refcount of `return_value` only if `cert` is a resource; this is already done in `php_openssl_evp_from_zval()`, though.
2020-01-21 15:17:25 +00:00
- OpenSSL:
. Fixed bug #79145 (openssl memory leak). (cmb, Nikita)
Fix #76584: PharFileInfo::decompress not working We actually have to decompress, when told to do so.
2020-01-26 12:33:07 +00:00
- Phar:
Fix NEWS [ci skip]
2020-02-17 18:35:42 +00:00
. Fixed bug #79082 (Files added to tar with Phar::buildFromIterator have
all-access permissions). (CVE-2020-7063) (stas)
. Fixed bug #79171 (heap-buffer-overflow in phar_extract_file).
Remove extra tab in NEWS [ci skip]
2020-02-18 10:09:37 +00:00
(CVE-2020-7061) (cmb)
Fix #76584: PharFileInfo::decompress not working We actually have to decompress, when told to do so.
2020-01-26 12:33:07 +00:00
. Fixed bug #76584 (PharFileInfo::decompress not working). (cmb)
Fixed bug #79115
2020-01-17 10:37:35 +00:00
- Reflection:
. Fixed bug #79115 (ReflectionClass::isCloneable call reflected class
__destruct). (Nikita)
Fix NEWS [ci skip]
2020-02-17 18:35:42 +00:00
- Session:
. Fixed bug #79221 (Null Pointer Dereference in PHP Session Upload Progress).
(CVE-2020-7062) (stas)
Fixed bug #78902
2019-12-16 01:10:28 +00:00
- Standard:
. Fixed bug #78902 (Memory leak when using stream_filter_append). (liudaixiao)
Fix #78969 Make PASSWORD_DEFAULT match PASSWORD_BCRYPT instead of being null It was an unintentional BC break.
2020-01-22 12:33:11 +00:00
. Fixed bug #78969 (PASSWORD_DEFAULT should match PASSWORD_BCRYPT instead of being null). (kocsismate)
Fixed bug #78902
2019-12-16 01:10:28 +00:00
Fix #78090: bug45161.phpt takes forever to finish Not all systems support the discard protocol (TCP port 9), and since there is no particular reason to use it, we switch to using actual server testing.
2020-02-03 10:47:01 +00:00
- Testing:
. Fixed bug #78090 (bug45161.phpt takes forever to finish). (cmb)
Fix #70078: XSL callbacks with nodes as parameter leak memory The fix for bug #49634 solved a double-free by copying the node with `xmlDocCopyNodeList()`, but the copied node is later freed by calling `xmlFreeNode()` instead of `xmlFreeNodeList()`, thus leaking memory. However, there is no need to treat the node as node list, i.e. to copy also the node's siblings; just creating a recursive copy of the node with `xmlDocCopyNode()` is sufficient, while that also avoids the leak.
2020-01-29 17:23:51 +00:00
- XSL:
. Fixed bug #70078 (XSL callbacks with nodes as parameter leak memory). (cmb)
Add ZipArchive::CM_LZMA2 constant (since libzip 1.6.0)
2020-01-24 13:06:19 +00:00
- Zip:
NEWS
2020-02-03 09:09:12 +00:00
. Add ZipArchive::CM_LZMA2 and ZipArchive::CM_XZ constants (since libzip 1.6.0). (Remi)
. Add ZipArchive::RDONLY (since libzip 1.0.0). (Remi)
. Add ZipArchive::ER_* missing constants. (Remi)
. Add ZipArchive::LIBZIP_VERSION constant. (Remi)
. Fixed bug #73119 (Wrong return for ZipArchive::addEmptyDir Method). (Remi)
Add ZipArchive::CM_LZMA2 constant (since libzip 1.6.0)
2020-01-24 13:06:19 +00:00
Bump version
2020-01-08 17:26:14 +00:00
23 Jan 2020, PHP 7.4.2
PHP-7.4 is now 7.4.2-dev
2019-12-10 16:55:36 +00:00
Fix #78929: plus signs in cookie values are converted to spaces We switch the cookie value parsing function from `php_url_decode()` to `php_raw_url_decode()`, so that cookie values are now parsed according to RFC 6265, section 4.1.1. We also refactor to remove duplicate code without changing the execution flow.
2019-12-12 10:49:06 +00:00
- Core:
Remove support for preloading on Windows Due to ASLR restrictions, preloading on Windows does not work with any code that has preloading dependencies on internal classes. This effectively makes it unusable for any non-trivial codebase. Instead of pretending like preloading is going to work, only to make people realize that it really doesn't once they get beyond a dummy example, we disable support for preloading on Windows entirely. Closes GH-4999.
2019-12-10 13:29:58 +00:00
. Preloading support on Windows has been disabled. (Nikita)
Fixed bug #79022 (class_exists returns True for classes that are not ready to be used)
2019-12-24 06:04:19 +00:00
. Fixed bug #79022 (class_exists returns True for classes that are not ready
to be used). (Laruence)
Fix #78929: plus signs in cookie values are converted to spaces We switch the cookie value parsing function from `php_url_decode()` to `php_raw_url_decode()`, so that cookie values are now parsed according to RFC 6265, section 4.1.1. We also refactor to remove duplicate code without changing the execution flow.
2019-12-12 10:49:06 +00:00
. Fixed bug #78929 (plus signs in cookie values are converted to spaces).
(Alexey Kachalin)
Fixed bug #78973 Save opline in leave helper to correctly handle destructor calls during CV freeing (or other leave freeing).
2019-12-16 17:52:30 +00:00
. Fixed bug #78973 (Destructor during CV freeing causes segfault if opline
never saved). (Nikita)
Fixed bug #78776 By using the normal inheritance check if the parent is abstract as well.
2019-12-18 14:53:09 +00:00
. Fixed bug #78776 (Abstract method implementation from trait does not check
"static"). (Nikita)
Fixed bug #78999 (Cycle leak when using function result as temporary)
2019-12-19 20:11:08 +00:00
. Fixed bug #78999 (Cycle leak when using function result as temporary).
(Dmitry)
Fix #79008: General performance regression with PHP 7.4 on Windows We no longer try to retrieve the filename of a given stream when fstat'ing, because this is very slow. Since we neither didn't do that in PHP 7.3 and earlier, we regard this as sensible trade-off.
2019-12-20 15:23:32 +00:00
. Fixed bug #79008 (General performance regression with PHP 7.4 on Windows).
(cmb)
Throw Error when referencing uninit typed prop in __sleep Previously this generated a notice, but would likely generate an Error when unserializing. Now we treat it with the same distinction as direct property accesses, i.e. referencing an unset/undefined normal property stays a notice, while a typed property becomes an Error exception. This fixed bug #79002. Closes GH-5050.
2020-01-03 14:35:10 +00:00
. Fixed bug #79002 (Serializing uninitialized typed properties with __sleep
makes unserialize throw). (Nikita)
Fix #78929: plus signs in cookie values are converted to spaces We switch the cookie value parsing function from `php_url_decode()` to `php_raw_url_decode()`, so that cookie values are now parsed according to RFC 6265, section 4.1.1. We also refactor to remove duplicate code without changing the execution flow.
2019-12-12 10:49:06 +00:00
Extend CURLFile to support streams Due to former restrictions of the libcurl API, curl multipart/formdata file uploads supported only proper files. However, as of curl 7.56.0 the new `curl_mime_*()` API is available (and already supported by PHP[1]), which allows us to support arbitrary *seekable* streams, which is generally desirable, and particularly resolves issues with the transparent Unicode and long part support on Windows (see bug #77711). Note that older curl versions are still supported, but CURLFile is still restricted to proper files in this case. [1] <http://git.php.net/?p=php-src.git;a=commit;h=a83b68ba56714bfa06737a61af795460caa4a105> (cherry picked from commit c68dc6b5e37e74d89e0a387079139c054c8faa81)
2019-04-29 08:21:07 +00:00
- CURL:
Fix #79033: Curl timeout error with specific url and post We must not set an empty mime structure as `CURLOPT_MIMEPOST`; instead we set it to `NULL` if `CURLOPT_POSTFIELDS` has been set to an empty array.
2019-12-28 09:47:03 +00:00
. Fixed bug #79033 (Curl timeout error with specific url and post). (cmb)
Fix bug #79063: Curl openssl does not respect PKG_CONFIG_PATH
2020-01-06 09:29:41 +00:00
. Fixed bug #79063 (curl openssl does not respect PKG_CONFIG_PATH). (Nikita)
Extend CURLFile to support streams Due to former restrictions of the libcurl API, curl multipart/formdata file uploads supported only proper files. However, as of curl 7.56.0 the new `curl_mime_*()` API is available (and already supported by PHP[1]), which allows us to support arbitrary *seekable* streams, which is generally desirable, and particularly resolves issues with the transparent Unicode and long part support on Windows (see bug #77711). Note that older curl versions are still supported, but CURLFile is still restricted to proper files in this case. [1] <http://git.php.net/?p=php-src.git;a=commit;h=a83b68ba56714bfa06737a61af795460caa4a105> (cherry picked from commit c68dc6b5e37e74d89e0a387079139c054c8faa81)
2019-04-29 08:21:07 +00:00
Fix #79015: undefined-behavior in php_date.c We check that the given microsecond fraction is in the valid range [0, 1000000[, and otherwise mark it as invalid. We also drop the useless do loop; a plain block is sufficient here.
2019-12-23 13:42:54 +00:00
- Date:
. Fixed bug #79015 (undefined-behavior in php_date.c). (cmb)
Fix #78808: [LMDB] MDB_MAP_FULL: Environment mapsize limit reached We implement support for a fifth parameter, which allows to specify the mapsize. The parameter defaults to zero, in which case the compiled in default mapsize (usually 1048576) will be used. The mapsize should be a multiple of the page size of the OS.
2019-11-14 10:21:41 +00:00
- DBA:
. Fixed bug #78808 ([LMDB] MDB_MAP_FULL: Environment mapsize limit reached).
(cmb)
Fixed bug #79046
2019-12-30 16:22:50 +00:00
- Exif:
. Fixed bug #79046 (NaN to int cast undefined behavior in exif). (Nikita)
Fix #74170: locale information change after mime_content_type Some functions in libmagic (distributed with fileinfo extension) perform this sequence of calls: func() { setlocale(LC_TYPE, "C") .. do some work .. setlocale(LC_TYPE, "") } It effectively resets LC_TYPE if it that was set before the function call. To avoid manipulations with current locale at all, the problematic functions were modified to use locale-independent functions.
2019-08-29 07:29:19 +00:00
- Fileinfo:
. Fixed bug #74170 (locale information change after mime_content_type).
(Sergei Turchanov)
Fix #78923: Artifacts when convoluting image with transparency We have to properly initialize `pxl` before using it. Fix ported from <https://github.com/libgd/libgd/pull/559>.
2019-12-07 02:56:37 +00:00
- GD:
Fix #79067: gdTransformAffineCopy() may use unitialized values We port <https://github.com/libgd/libgd/commit/7a06c1669c563917bc48c464521e3de962ddb4e8>.
2020-01-06 08:35:13 +00:00
. Fixed bug #79067 (gdTransformAffineCopy() may use unitialized values). (cmb)
Fix #79068: gdTransformAffineCopy() changes interpolation method We port <https://github.com/libgd/libgd/commit/9088591eae437358ee5b929adf82865e37e3001e>.
2020-01-06 09:33:47 +00:00
. Fixed bug #79068 (gdTransformAffineCopy() changes interpolation method).
(cmb)
Fix #78923: Artifacts when convoluting image with transparency We have to properly initialize `pxl` before using it. Fix ported from <https://github.com/libgd/libgd/pull/559>.
2019-12-07 02:56:37 +00:00
Fixed bug #79029 (Use After Free's in XMLReader / XMLWriter). We backport the fix PHP 7.3, since this branch is affected as well. (cherry picked from commit b5e004379647bd1ebb75eb2eac8826fb6abdd3d8) (cherry picked from commit e36daa6927c05d2e687bb77495ef206cde118b33) (cherry picked from commit 2704ee6844c03348de9d15e74646d09007ef0f7c)
2019-12-25 11:05:44 +00:00
- Libxml:
. Fixed bug #79029 (Use After Free's in XMLReader / XMLWriter). (Laruence)
Fixed bug #78950: Preloading trait method with static variables We need to make sure that trait methods with static variables allocate a separate MAP slot for the static variables pointer, rather than working in-place.
2019-12-12 10:19:07 +00:00
- OPcache:
Fixed bug #78961 (erroneous optimization of re-assigned $GLOBALS)
2019-12-16 09:24:47 +00:00
. Fixed bug #78961 (erroneous optimization of re-assigned $GLOBALS). (Dmitry)
Fixed bug #78950: Preloading trait method with static variables We need to make sure that trait methods with static variables allocate a separate MAP slot for the static variables pointer, rather than working in-place.
2019-12-12 10:19:07 +00:00
. Fixed bug #78950 (Preloading trait method with static variables). (Nikita)
Introduce extra counter to avoid RTD key collisions Also generate a fatal error if a collision occurs in zend_compile. This is not perfect, because collisions might still be introduced via opcache, if one file is included multiple times during a request, invalidate in the meantime and recompiled by different processes. This still needs to be addressed, but this patch fixes the much more common case of collisions occuring when opcache is not used. Fixes bug #78903.
2019-12-11 16:11:30 +00:00
. Fixed bug #78903 (Conflict in RTD key for closures results in crash).
(Nikita)
Fixed bug #78986 Don't assume that handlers live in the arena, they may also be in SHM.
2019-12-18 10:37:39 +00:00
. Fixed bug #78986 (Opcache segfaults when inheriting ctor from immutable
into mutable class). (Nikita)
Fix #79040: Warning Opcode handlers are unusable due to ASLR We must not use the same shared memory OPcache instance for different SAPIs, since their memory layout is different. To avoid this, we add the SAPI name (truncated to at most 20 characters) to the names of the memory base file, the mutex and the file mapping.
2019-12-30 11:20:31 +00:00
. Fixed bug #79040 (Warning Opcode handlers are unusable due to ASLR). (cmb)
Fixed bug #79055 Fix file cache serialization of property types. I'm changing the overall type serialization format to perform additional adjustments in order to yield a plausible pointer for zend_type, rather than using an entirely separate serialization format, as was previously done. That would have been annoying to extend to the case of CE pointers.
2020-01-02 14:50:44 +00:00
. Fixed bug #79055 (Typed property become unknown with OPcache file cache).
(Nikita)
PHP-7.4 is now 7.4.2-dev
2019-12-10 16:55:36 +00:00
Fix #78402: pcntl_signal() misleading error message An error message can be misleading when a handler passed to pcntl_signal() is not callable.
2019-12-17 19:03:42 +00:00
- Pcntl:
. Fixed bug #78402 (Converting null to string in error message is bad DX).
(SATŌ Kentarō)
Fix #78983: pdo_pgsql config.w32 cannot find libpq-fe.h When configured with a path specified.
2019-12-17 17:47:08 +00:00
- PDO_PgSQL:
. Fixed bug #78983 (pdo_pgsql config.w32 cannot find libpq-fe.h). (SATŌ
Kentarō)
Fix #78980: pgsqlGetNotify() overlooks dead connection pgsqlGetNotify() didn't check result of PQconsumeInput().
2019-12-17 17:16:55 +00:00
. Fixed bug #78980 (pgsqlGetNotify() overlooks dead connection). (SATŌ
Kentarō)
Fix #78982: pdo_pgsql returns dead persistent connection Call PQconsumeInput() before PQstatus() to update the status.
2019-12-17 17:36:03 +00:00
. Fixed bug #78982 (pdo_pgsql returns dead persistent connection). (SATŌ
Kentarō)
Fix #78983: pdo_pgsql config.w32 cannot find libpq-fe.h When configured with a path specified.
2019-12-17 17:47:08 +00:00
Add test for bug #79031 Fixed by preceding revert.
2019-12-30 10:31:27 +00:00
- Session:
. Fixed bug #79031 (Session unserialization problem). (Nikita)
Fix #78538: shmop memory leak If the descriptor's refcount drops to zero, we have to unmap the respective file view, to avoid leaking memory.
2019-11-25 13:05:15 +00:00
- Shmop:
. Fixed bug #78538 (shmop memory leak). (cmb)
Fixed bug #79056
2020-01-03 09:40:51 +00:00
- Sqlite3:
. Fixed bug #79056 (sqlite does not respect PKG_CONFIG_PATH during
compilation). (Nikita)
Fix #78976: SplFileObject::fputcsv returns -1 on failure `php_stream_write()` returns `-1` on failure now, which has to be catered to by `SplFileObject::fputcsv()` which still is supposed to return `false` on failure.
2019-12-17 16:52:18 +00:00
- Spl:
. Fixed bug #78976 (SplFileObject::fputcsv returns -1 on failure). (cmb)
Fixed bug #79000 Don't report EAGAIN/EWOULDBLOCK as errors for fwrite on non-blocking socket streams. This matches behavior for fread, as well as behavior for plain file streams. Closes GH-5026.
2019-12-19 12:27:09 +00:00
- Standard:
. Fixed bug #79000 (Non-blocking socket stream reports EAGAIN as error).
(Nikita)
Fix #54298: Using empty additional_headers adding extraneous CRLF If the header string is empty, we pass `NULL` to `php_mail()` to avoid further checks on the string length.
2020-01-05 14:15:09 +00:00
. Fixed bug #54298 (Using empty additional_headers adding extraneous CRLF).
(cmb)
Fixed bug #79000 Don't report EAGAIN/EWOULDBLOCK as errors for fwrite on non-blocking socket streams. This matches behavior for fread, as well as behavior for plain file streams. Closes GH-5026.
2019-12-19 12:27:09 +00:00
fix release date
2019-12-18 13:18:03 +00:00
18 Dec 2019, PHP 7.4.1
Fixed bug #78810
2019-11-15 11:06:17 +00:00
- Core:
. Fixed bug #78810 (RW fetches do not throw "uninitialized property"
exception). (Nikita)
Fixed bug #78868 (Calling __autoload() with incorrect EG(fake_scope) value)
2019-11-25 11:05:43 +00:00
. Fixed bug #78868 (Calling __autoload() with incorrect EG(fake_scope) value).
(Antony Dovgal, Dmitry)
Fix #78296: is_file fails to detect file If we're constructing extended-length paths (i.e. paths prefixed with `\\?\`), we have to replace all forward slashes with backward slashes, because the former are not supported by Windows for extended-length paths. The more efficient and likely cleaner alternative solution would be to cater to this in `php_win32_ioutil_normalize_path_w()` by always replacing forward slashes, but that might break existing code. It might be sensible to change that for `master`, though.
2019-11-25 11:16:54 +00:00
. Fixed bug #78296 (is_file fails to detect file). (cmb)
Fix #78883: fgets(STDIN) fails on Windows We add the `is_seekable` member to `php_stdio_stream_data`, and prefer that over `is_pipe`, since the latter is simply a misnomer. We keep `is_pipe` for now for Windows only, though, because we need special support for pipes there. We also fix the misaligned bitfield which formerly took 33 bit.
2019-12-02 14:14:57 +00:00
. Fixed bug #78883 (fgets(STDIN) fails on Windows). (cmb)
Fixed bug #78898
2019-12-04 08:40:48 +00:00
. Fixed bug #78898 (call_user_func(['parent', ...]) fails while other
succeed). (Nikita)
Fixed bug #78904: Don't call any magic for uninitialized typed properties We already changed the behavior for __set() in f1848a4. However, it seems that this is also a problem for all the other property magic, see bug #78904. This commit makes the behavior of all the property magic consistent: Magic will not be triggered for uninitialized typed properties, only explicitly unset() ones. This brings behavior more in line how non-typed properties behave and avoids WTF. Closes GH-4974.
2019-10-28 12:34:33 +00:00
. Fixed bug #78904 (Uninitialized property triggers __get()). (Nikita)
Fixed bug #78926: Handle class table reallocation on failed link When we change back the bucket key on a class linking failure, make sure to reload the bucket pointer, as the class table may have been reallocated in the meantime. Also remove a bogus bucket key change in anon class registration: We don't actually rename the class in this case anymore, the RTD key is already the final name.
2019-12-09 08:15:27 +00:00
. Fixed bug #78926 (Segmentation fault on Symfony cache:clear). (Nikita)
Fixed bug #78810
2019-11-15 11:06:17 +00:00
Fix #78849: GD build broken with -D SIGNED_COMPARE_SLOW Apparently, this has not been tested for a long time, and might be a refactoring relict. Anyhow, we have to pass the context to `GIFNextPixel` as well.
2019-11-21 08:49:29 +00:00
- GD:
. Fixed bug #78849 (GD build broken with -D SIGNED_COMPARE_SLOW). (cmb)
Merge branch 'PHP-7.3' into PHP-7.4 * PHP-7.3: Fix #78923: Artifacts when convoluting image with transparency
2019-12-07 11:07:51 +00:00
. Fixed bug #78923 (Artifacts when convoluting image with transparency).
(wilson chen)
Fix #78849: GD build broken with -D SIGNED_COMPARE_SLOW Apparently, this has not been tested for a long time, and might be a refactoring relict. Anyhow, we have to pass the context to `GIFNextPixel` as well.
2019-11-21 08:49:29 +00:00
Add NEWS entry for bug #76601 fix
2019-11-17 14:52:36 +00:00
- FPM:
. Fixed bug #76601 (Partially working php-fpm ater incomplete reload).
(Maksim Nikulin)
Fix bug #78889 (php-fpm service fails to start)
2019-12-01 17:13:20 +00:00
. Fixed bug #78889 (php-fpm service fails to start). (Jakub Zelenka)
Fix bug #78916 (php-fpm 7.4.0 don't send mail via mail())
2019-12-08 17:57:17 +00:00
. Fixed bug #78916 (php-fpm 7.4.0 don't send mail via mail()).
(Jakub Zelenka)
Add NEWS entry for bug #76601 fix
2019-11-17 14:52:36 +00:00
Fix #78912: INTL Support for accounting format We provide `NumberFormatter::CURRENCY_ACCOUNTING` to wrap `UNUM_CURRENCY_ACCOUNTING `[1]. [1] <https://unicode-org.github.io/icu-docs/apidoc/released/icu4c/unum_8h.html#a4eb4d3ff13bd506e7078b2be4052266dae97cdd7ed612d07d251021c076efb1c5>
2019-12-06 11:41:41 +00:00
- Intl:
. Implemented FR #78912 (INTL Support for accounting format). (cmb)
Fix bug #78823: add zlib library to mysqlnd The problem is newer binutils will no longer default to --copy-dt-needed-entries but use --no-copy-dt-needed-entries instead. So all libraries needed *must* be provided. Workarounds (either one works) 1) Add "-Wl,--copy-dt-needed-entries" to LDFLAGS to bring back the old behavior of the linker 2) Add "-lz" to list of libraries to be added In "ext/mysqlnd/mysqlnd_protocol_frame_codec.c" when the "zlib.h" header is included should also trigger adding '-lz' to the list of libraries.
2019-11-25 22:54:49 +00:00
- Mysqlnd:
. Fixed bug #78823 (ZLIB_LIBS not added to EXTRA_LIBS). (Arjen de Korte)
Fix ASLR related invalid opline handler issues Opcache stores `opline->handler`s in shared memory. These pointers are invalid, if the main PHP DLL is loaded at another base address due to ASLR. We therefore store the address of `execute_ex` in the mmap base file, and check on startup whether it matches its current address. If not, we fall back on the file cache if enabled, and bail out otherwise. This still does not address cases where the opline handler is located inside of another DLL (e.g. for some profilers, debuggers), but there seems to be no general solution for now. (cherry picked from commit 8ba10b8fbc020dc225d3b19d8f088f1351a3e304)
2019-11-12 15:12:59 +00:00
- OPcache:
Update NEWS
2019-11-18 11:36:01 +00:00
. Fixed $x = (bool)$x; with opcache (should emit undeclared variable notice).
(Tyson Andre)
Fixed bug #78935: Check that all linked classes can be preloaded During preloading, check that all classes that have been included as part of the preload script itself (rather than through opcache_compile_file) can actually be preloaded, i.e. satisfy Windows restrictions, have resolved initializers and resolved property types. When resolving initializers and property types, also autoload additional classes. Because of this, the resolution runs in a loop.
2019-12-09 14:14:39 +00:00
. Fixed bug #78935 (Preloading removes classes that have dependencies).
(Nikita, Dmitry)
Fix ASLR related invalid opline handler issues Opcache stores `opline->handler`s in shared memory. These pointers are invalid, if the main PHP DLL is loaded at another base address due to ASLR. We therefore store the address of `execute_ex` in the mmap base file, and check on startup whether it matches its current address. If not, we fall back on the file cache if enabled, and bail out otherwise. This still does not address cases where the opline handler is located inside of another DLL (e.g. for some profilers, debuggers), but there seems to be no general solution for now. (cherry picked from commit 8ba10b8fbc020dc225d3b19d8f088f1351a3e304)
2019-11-12 15:12:59 +00:00
Fix #78853: preg_match() may return integer > 1 Commit 54ebebd[1] optimized the match loop, but for this case it has been overlooked, that we must only loop if we're doing global matching. [1] <http://git.php.net/?p=php-src.git;a=commit;h=54ebebd686255c5f124af718c966edb392782d4a>
2019-11-22 18:21:43 +00:00
- PCRE:
. Fixed bug #78853 (preg_match() may return integer > 1). (cmb)
Fixed bug #78895 (Reflection detects abstract non-static class as abstract static. IS_IMPLICIT_ABSTRACT is not longer used)
2019-12-09 10:49:12 +00:00
- Reflection:
. Fixed bug #78895 (Reflection detects abstract non-static class as abstract
static. IS_IMPLICIT_ABSTRACT is not longer used). (Dmitry)
Fixed bug #78759 Handle INDIRECT values in array.
2019-11-07 10:15:29 +00:00
- Standard:
Fix #77638: var_export'ing certain class instances segfaults If objects return immutable property hash tables (typically, `zend_empty_array`), we must not try to apply recursion protection on those.
2019-11-25 14:44:15 +00:00
. Fixed bug #77638 (var_export'ing certain class instances segfaults). (cmb)
Fix #78840: imploding $GLOBALS crashes We add support for IS_INDIRECT zvals to implode().
2019-11-26 09:19:27 +00:00
. Fixed bug #78840 (imploding $GLOBALS crashes). (cmb)
Fix #78833: Integer overflow in pack causes out-of-bound access We check for potential signed integer overflow, and bail out gracefully, in that case.
2019-11-19 13:22:26 +00:00
. Fixed bug #78833 (Integer overflow in pack causes out-of-bound access).
(cmb)
Fix #78814: strip_tags allows / in tag name => whitelist bypass When normalizing tags to check whether they are contained in the set of allowable tags, we must not strip slashes, unless they come immediately after the opening `<`, or immediately before the closing `>`.
2019-11-17 13:14:59 +00:00
. Fixed bug #78814 (strip_tags allows / in tag name => whitelist bypass).
(cmb)
Bump for 7.2.26-dev
2019-11-05 15:56:19 +00:00
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
28 Nov 2019, PHP 7.4.0
Update NEWS for 7.4.0RC6
2019-10-29 08:50:32 +00:00
Fixed bug #78768 Remove the typedef from zend_types.h, use explicit struct prefix instead.
2019-11-01 16:04:15 +00:00
- Core:
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Implemented RFC: Deprecate curly brace syntax for accessing array elements
and string offsets.
https://wiki.php.net/rfc/deprecate_curly_braces_array_access (Andrey Gromov)
. Implemented RFC: Deprecations for PHP 7.4.
https://wiki.php.net/rfc/deprecations_php_7_4 (Kalle, Nikita)
. Fixed bug #52752 (Crash when lexing). (Nikita)
. Fixed bug #60677 (CGI doesn't properly validate shebang line contains #!).
Fixed bug #78644 Make sure the initialize the result of FETCH_OBJ_UNSET operations. I'm using a NULL value rather than ERROR here, because the latter no longer exists in master.
2019-10-08 12:30:53 +00:00
(Nikita)
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Fixed bug #71030 (Self-assignment in list() may have inconsistent behavior).
Allow SA_RESTART for SIGALRM If no explicit restart_syscalls is passed, default to restart_syscalls=0 for SIGALRM only, to reduce BC impact.
2019-01-14 12:04:37 +00:00
(Nikita)
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Fixed bug #72530 (Use After Free in GC with Certain Destructors). (Nikita)
. Fixed bug #75921 (Inconsistent: No warning in some cases when stdObj is
created on the fly). (David Walker)
. Implemented FR #76148 (Add array_key_exists() to the list of specially
compiled functions). (Majkl578)
. Fixed bug #76430 (__METHOD__ inconsistent outside of method).
(Ryan McCullagh, Nikita)
. Fixed bug #76451 (Aliases during inheritance type checks affected by
opcache). (Nikita)
. Implemented FR #77230 (Support custom CFLAGS and LDFLAGS from environment).
Fix #78579: mb_decode_numericentity: args number inconsistency mb_decode_numericentity() accepts a fourth optional parameter, which is unused, however. Since this parameter doesn't do any harm, and to avoid the small BC break, we're keeping this parameter for PHP 7, but adjust the arginfo. For PHP 8, we will remove this parameter.
2019-09-21 13:56:06 +00:00
(cmb)
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Fixed bug #77345 (Stack Overflow caused by circular reference in garbage
collection). (Alexandru Patranescu, Nikita, Dmitry)
Fix #77812: Interactive mode does not support PHP 7.3-style heredoc As of PHP 7.3.0, the rules regarding the heredoc and nowdoc closing identifier have been relaxed. While formerly, the closing identifier was required to be placed at the beginning of a line and to be immediately followed by (a semicolon and) a line break, it may now be preceeded by whitespace, and may be followed by any non-word character. We adjust the recognition logic respectively.
2019-08-23 11:59:10 +00:00
. Fixed bug #77812 (Interactive mode does not support PHP 7.3-style heredoc).
(cmb, Nikita)
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Fixed bug #77877 (call_user_func() passes $this to static methods).
Fixed bug #78376 (Incorrect preloading of constant static properties)
2019-08-05 19:55:06 +00:00
(Dmitry)
Move shebang handling into the lexer Instead of handling shebang lines by adjusting the file pointer in individual SAPIs, move the handling into the lexer, where this is both a lot simpler and more robust. Whether the shebang should be skipped is controlled by CG(skip_shebang) -- we might want to do that in more cases. This fixed bugs #60677 and #78066.
2019-07-15 14:21:46 +00:00
. Fixed bug #78066 (PHP eats the first byte of a program that comes from
process substitution). (Nikita)
Fixed bug #78151
2019-06-13 07:37:30 +00:00
. Fixed bug #78151 (Segfault caused by indirect expressions in PHP 7.4a1).
(Nikita)
Fixed bug #78154
2019-06-13 08:59:01 +00:00
. Fixed bug #78154 (SEND_VAR_NO_REF does not always send reference). (Nikita)
Fixed bug #78182
2019-06-19 14:35:12 +00:00
. Fixed bug #78182 (Segmentation fault during by-reference property
assignment). (Nikita)
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Fixed bug #78212 (Segfault in built-in webserver). (cmb)
. Fixed bug #78220 (Can't access OneDrive folder). (cmb, ab)
. Fixed bug #78226 (Unexpected __set behavior with typed properties). (Nikita)
. Fixed bug #78239 (Deprecation notice during string conversion converted to
exception hangs). (Nikita)
. Fixed bug #78335 (Static properties/variables containing cycles report as
leak). (Nikita)
. Fixed bug #78340 (Include of stream wrapper not reading whole file).
Fixed bug #71030 Make sure to always fetch the RHS of a list assignment first, instead of special casing known self-assignments, which will not detect cases using references correctly. As a side-effect, it is no longer possible to do something like byRef(list($x) = $y). This worked by accident previously, but only if $y was a CV and the self-assignment case did not trigger. However it shouldn't work for the same reason that byRef($x = $y) doesn't. Conversely byRef(list(&$x) = $y) and byRef($x =& $y) continue to be legal.
2019-05-09 12:19:53 +00:00
(Nikita)
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Fixed bug #78344 (Segmentation fault on zend_check_protected). (Nikita)
. Fixed bug #78356 (Array returned from ArrayAccess is incorrectly unpacked
as argument). (Nikita)
. Fixed bug #78379 (Cast to object confuses GC, causes crash). (Dmitry)
. Fixed bug #78386 (fstat mode has unexpected value on PHP 7.4). (cmb)
. Fixed bug #78396 (Second file_put_contents in Shutdown hangs script).
(Nikita)
. Fixed bug #78406 (Broken file includes with user-defined stream filters).
(Nikita)
. Fixed bug #78438 (Corruption when __unserializing deeply nested structures).
(cmb, Nikita)
. Fixed bug #78441 (Parse error due to heredoc identifier followed by digit).
(cmb)
. Fixed bug #78454 (Consecutive numeric separators cause OOM error).
(Theodore Brown)
. Fixed bug #78460 (PEAR installation failure). (Peter Kokot, L. Declercq)
. Fixed bug #78531 (Crash when using undefined variable as object). (Dmitry)
. Fixed bug #78535 (auto_detect_line_endings value not parsed as bool).
(bugreportuser)
. Fixed bug #78604 (token_get_all() does not properly tokenize FOO<?php with
short_open_tag=0). (Nikita)
. Fixed bug #78614 (Does not compile with DTRACE anymore).
(tz at FreeBSD dot org)
. Fixed bug #78620 (Out of memory error). (cmb, Nikita)
. Fixed bug #78632 (method_exists() in php74 works differently from php73 in
checking priv. methods). (Nikita)
. Fixed bug #78644 (SEGFAULT in ZEND_UNSET_OBJ_SPEC_VAR_CONST_HANDLER).
(Nikita)
. Fixed bug #78658 (Memory corruption using Closure::bindTo). (Nikita)
. Fixed bug #78656 (Parse errors classified as highest log-level). (Erik
Lundin)
. Fixed bug #78662 (stream_write bad error detection). (Remi)
. Fixed bug #78768 (redefinition of typedef zend_property_info). (Nikita)
. Fixed bug #78788 (./configure generates invalid php_version.h). (max)
. Fixed incorrect usage of QM_ASSIGN instruction. It must not return IS_VAR.
As a side effect, this allowed passing left hand list() "by reference",
instead of compile-time error. (Dmitry)
Implement ZEND_ARRAY_KEY_EXISTS opcode to speed up array_key_exists()
2018-07-02 21:00:32 +00:00
NEWS
2019-05-02 20:34:46 +00:00
- CLI:
. The built-in CLI server now reports the request method in log files.
(Simon Welsh)
Deprecate case-insensitive constants via typelib import As of PHP 7.3.0, case-insensitive constants are deprecated. We catch up on this with regard to ext/com_dotnet, which allows to import constants from typelibs, by triggering a deprecation notice whenever `com_load_typelib()` is called with `$case_sensitive` being `false`, and whenever `com.autoregister_casesensitive` is set to `false`, regardless of whether there are actually constants in the typelib which would be imported.
2019-02-14 17:34:47 +00:00
- COM:
. Deprecated registering of case-insensitive constants from typelibs. (cmb)
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Fixed bug #78650 (new COM Crash). (cmb)
. Fixed bug #78694 (Appending to a variant array causes segfault). (cmb)
Deprecate case-insensitive constants via typelib import As of PHP 7.3.0, case-insensitive constants are deprecated. We catch up on this with regard to ext/com_dotnet, which allows to import constants from typelibs, by triggering a deprecation notice whenever `com_load_typelib()` is called with `$case_sensitive` being `false`, and whenever `com.autoregister_casesensitive` is set to `false`, regardless of whether there are actually constants in the typelib which would be imported.
2019-02-14 17:34:47 +00:00
Merge branch 'PHP-7.2' into PHP-7.3
2018-09-18 00:31:07 +00:00
- CURL:
. Fixed bug #76480 (Use curl_multi_wait() so that timeouts are respected).
(Pierrick)
Extend CURLFile to support streams Due to former restrictions of the libcurl API, curl multipart/formdata file uploads supported only proper files. However, as of curl 7.56.0 the new `curl_mime_*()` API is available (and already supported by PHP[1]), which allows us to support arbitrary *seekable* streams, which is generally desirable, and particularly resolves issues with the transparent Unicode and long part support on Windows (see bug #77711). Note that older curl versions are still supported, but CURLFile is still restricted to proper files in this case. [1] <http://git.php.net/?p=php-src.git;a=commit;h=a83b68ba56714bfa06737a61af795460caa4a105>
2019-04-29 08:21:07 +00:00
. Implemented FR #77711 (CURLFile should support UNICODE filenames). (cmb)
Deprecate CURLPIPE_HTTP1 `CURLPIPE_HTTP1` is deprecated and has no effect as of cURL 7.62.0[1]. We therefore deprecate the PHP constant as well, and trigger a warning that it is no longer supported, if used against cURL 7.62.0 and up. [1] <https://curl.haxx.se/libcurl/c/CURLMOPT_PIPELINING.html>
2019-05-07 15:05:07 +00:00
. Deprecated CURLPIPE_HTTP1. (cmb)
Deprecate and ignore $version parameter of curl_version() `curl_version()`[1] (of ext/curl) makes `curl_version_info()`[2] (of libcurl) available to PHP userland. The latter requires to pass an `age` argument which usually is `CURLVERSION_NOW`, so that the information returned by the runtime matches the declarations used during compile time. For C programs it is simply necessary to pass this information, and in rare occasions it might make sense to pass something else than `CURLVERSION_NOW`. curl.h notes: | The 'CURLVERSION_NOW' is the symbolic name meant to be used by | basically all programs ever that want to get version information. For the PHP binding, using a newer `age` than available at compile time will neither provide the PHP program more information, nor would using an older `age` have tangible benefits. We therefore deprecate the useless `$version` parameter, and if it is passed nonetheless, we use `CURLVERSION_NOW` instead of the supplied value, and raise a warning. [1] <https://www.php.net/manual/en/function.curl-version.php> [2] <https://curl.haxx.se/libcurl/c/curl_version_info.html>
2019-05-13 06:53:41 +00:00
. Deprecated $version parameter of curl_version(). (cmb)
bump to 7.2.11-dev
2018-08-28 08:17:33 +00:00
Add UPGRADING notes [ci skip]
2018-10-10 10:00:57 +00:00
- Date:
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Updated timelib to 2018.02. (Derick)
. Fixed bug #69044 (discrepency between time and microtime). (krakjoe)
. Fixed bug #70153 (\DateInterval incorrectly unserialized). (Maksim Iakunin)
Add UPGRADING notes [ci skip]
2018-10-10 10:00:57 +00:00
. Fixed bug #75232 (print_r of DateTime creating side-effect). (Nikita)
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Fixed bug #78383 (Casting a DateTime to array no longer returns its
properties). (Nikita)
. Fixed bug #78751 (Serialising DatePeriod converts DateTimeImmutable). (cmb)
Add UPGRADING notes [ci skip]
2018-10-10 10:00:57 +00:00
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
- Exif:
. Fixed bug #78333 (Exif crash (bus error) due to wrong alignment and
invalid cast). (Nikita)
. Fixed bug #78256 (heap-buffer-overflow on exif_process_user_comment).
(CVE-2019-11042) (Stas)
. Fixed bug #78222 (heap-buffer-overflow on exif_scan_thumbnail).
(CVE-2019-11041) (Stas)
Added FFI extension
2019-01-14 08:47:50 +00:00
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
- Fileinfo:
[ci skip] Update NEWS
2019-05-30 11:59:21 +00:00
. Fixed bug #78075 (finfo_file treats JSON file as text/plain). (Anatol)
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Fixed bug #78183 (finfo_file shows wrong mime-type for .tga file).
(Anatol)
[ci skip] Update NEWS
2019-05-30 11:59:21 +00:00
Sync the changes to ext/filter with 7.4, now that it works. - Removed --with-pcre-dir - The filter extension can now be built as shared on Unix with ./configure
2019-03-20 18:09:45 +00:00
- Filter:
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. The filter extension no longer has the --with-pcre-dir on Unix builds,
[ci skip] Add password registry RFC to changelog
2019-05-07 00:22:29 +00:00
allowing the extension to be once more compiled as shared using
Sync the changes to ext/filter with 7.4, now that it works. - Removed --with-pcre-dir - The filter extension can now be built as shared on Unix with ./configure
2019-03-20 18:09:45 +00:00
./configure. (Kalle)
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
- FFI:
. Added FFI extension. (Dmitry)
. Fixed bug #78488 (OOB in ZEND_FUNCTION(ffi_trampoline)). (Dmitry)
. Fixed bug #78543 (is_callable() on FFI\CData throws Exception). (cmb)
. Fixed bug #78716 (Function name mangling is wrong for some parameter
types). (cmb)
. Fixed bug #78762 (Failing FFI::cast() may leak memory). (cmb)
. Fixed bug #78761 (Zend memory heap corruption with preload and casting).
(cmb)
. Implement FR #78270 (Support __vectorcall convention with FFI). (cmb)
. Added missing FFI::isNull(). (Philip Hofstetter)
Implement FR #72510: systemd service should be hardened
2016-06-28 20:08:45 +00:00
- FPM:
. Implemented FR #72510 (systemd service should be hardened). (Craig Andrews)
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Fixed bug #74083 (master PHP-fpm is stopped on multiple reloads).
(Maksim Nikulin)
. Fixed bug #78334 (fpm log prefix message includes wrong stdout/stderr
notation). (Tsuyoshi Sadakata)
. Fixed bug #78599 (env_path_info underflow in fpm_main.c can lead to RCE).
(CVE-2019-11043) (Jakub Zelenka)
Implement FR #72510: systemd service should be hardened
2016-06-28 20:08:45 +00:00
ext/gd: Use pkg-config to detect the availability of freetype2 The latest version of freetype2 does not install freetype-config by default, but pkg-config support has been there for approximately 15 years. In order to reliably detect freetype2, pkg-config *must* be used. See: https://savannah.nongnu.org/bugs/?53093 https://bugs.php.net/bug.php?id=76324
2018-05-14 21:25:37 +00:00
- GD:
NEWS and UPGRADING for the scatter filter
2019-05-09 23:37:02 +00:00
. Implemented the scatter filter (IMG_FILTER_SCATTER). (Kalle)
[ci skip] Fix names of the constants `GD_CROP_DEFAULT` and `GD_CROP_SIDES` are names of libgd constants, and as such they are not relevant for userland developers. Therefore, we replace them by the constant names of our wrapper, i.e. `IMG_CROP_DEFAULT` and `IMG_CROP_SIDES`, respectively.
2018-12-01 22:54:17 +00:00
. The bundled libgd behaves now like system libgd wrt. IMG_CROP_DEFAULT never
falling back to IMG_CROP_SIDES.
Resolve imagecropauto() default $mode quirk The `$mode` parameter of `imagecropauto()` defaults to `-1`. However, `-1` is changed to `GD_CROP_DEFAULT` right away, so basically the default is `GD_CROP_DEFAULT`, which is rather confusing and unnecessary. Therefore, we change the default to `IMG_CROP_DEFAULT`, but still allow an explicit `-1` to be passed for BC reasons, in which case we trigger a deprecation notice, so we can rid the `-1` support eventually.
2018-12-12 16:25:37 +00:00
. The default $mode parameter of imagecropauto() has been changed to
IMG_CROP_DEFAULT; passing -1 is now deprecated.
Preserve aspect ratio for width or height
2018-12-29 18:41:57 +00:00
. Added support for aspect ratio preserving scaling to a fixed height for
imagescale(). (Andreas Treichel)
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Added TGA read support. (cmb)
. Fixed bug #73291 (imagecropauto() $threshold differs from external libgd).
(cmb)
. Fixed bug #76324 (cannot detect recent versions of freetype with
pkg-config). (Eli Schwartz)
. Fixed bug #78314 (missing freetype support/functions with external gd).
(Remi)
- GMP:
. Fixed bug #78574 (broken shared build). (Remi)
ext/gd: Use pkg-config to detect the availability of freetype2 The latest version of freetype2 does not install freetype-config by default, but pkg-config support has been there for approximately 15 years. In order to reliably detect freetype2, pkg-config *must* be used. See: https://savannah.nongnu.org/bugs/?53093 https://bugs.php.net/bug.php?id=76324
2018-05-14 21:25:37 +00:00
Implemented RFC "Always available hash extension"
2018-10-03 06:47:07 +00:00
- Hash:
. The hash extension is now an integral part of PHP and cannot be disabled
as per RFC: https://wiki.php.net/rfc/permanent_hash_ext. (Kalle)
Fix #71890: Add support for crc32c Castagnoli's polynomial. This variant of crc32 is heavily used by storage systems, such as iSCSI, SCTP, Btrfs, ext4, and is increasingly being used in API (such as Google Cloud Storage, and Apache Kafka).
2019-03-04 03:57:40 +00:00
. Implemented FR #71890 (crc32c checksum algorithm). (Andrew Brampton)
Implemented RFC "Always available hash extension"
2018-10-03 06:47:07 +00:00
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
- Iconv:
. Fixed bug #78342 (Bus error in configure test for iconv //IGNORE). (Rainer
Jung)
. Fixed bug #78642 (Wrong libiconv version displayed). (gedas at martynas,
cmb).
- Libxml:
. Fixed bug #78279 (libxml_disable_entity_loader settings is shared between
requests (cgi-fcgi)). (Nikita)
Fix typo
2019-05-01 20:38:17 +00:00
- InterBase:
NEWS for ext/interbase unbundling
2019-05-01 20:35:30 +00:00
. Unbundled the InterBase extension and moved it to PECL. (Kalle)
Require ICU ≥ 50.1 Given that ICU is a set of lively developed libraries, that ICU 50.1 has been released on 2012-11-05, and PHP 7.4 is scheduled to be released seven years after it, we consider it appropriate to ditch these legacy versions. Particularly, that would be a reasonable groundwork to implement part two of the “Deprecate and remove INTL_IDNA_VARIANT_2003” RFC[1], namely to default idn_to_ascii()'s and idn_to_utf8()'s $variant parameter to INTL_IDNA_VARIANT_UTS46, which is not defined in ICU < 4.6. See also the related discussion on internals@[2]. [1] <https://wiki.php.net/rfc/deprecate-and-remove-intl_idna_variant_2003> [2] <http://news.php.net/php.internals/101626>ff
2018-09-06 12:04:44 +00:00
- Intl:
Improve wording As suggested by Tom Sommer[1]. [1] <https://github.com/php/php-src/commit/8a4c2f16217fb8f8d098355f3943f31e82bcfd71#r32037340>
2019-01-24 12:09:18 +00:00
. Raised requirements to ICU ≥ 50.1. (cmb)
SimpleXMLElement and ResourceBundle implement Countable Both classes already have a count() method and are considered countable by \is_countable().
2019-05-29 14:45:10 +00:00
. Changed ResourceBundle to implement Countable. (LeSuisse)
Change default of $variant param of idn_to_ascii() and idn_to_utf8() According to the “Deprecate and remove INTL_IDNA_VARIANT_2003” RFC[1], we change the default of the $variant parameter of `idn_to_ascii()` and `idn_to_utf8()` from `INTL_IDNA_VARIANT_2003` to `INTL_IDNA_VARIANT_UTS46`. [1] <https://wiki.php.net/rfc/deprecate-and-remove-intl_idna_variant_2003>
2018-09-15 12:37:55 +00:00
. Changed default of $variant parameter of idn_to_ascii() and idn_to_utf8().
(cmb)
Require ICU ≥ 50.1 Given that ICU is a set of lively developed libraries, that ICU 50.1 has been released on 2012-11-05, and PHP 7.4 is scheduled to be released seven years after it, we consider it appropriate to ditch these legacy versions. Particularly, that would be a reasonable groundwork to implement part two of the “Deprecate and remove INTL_IDNA_VARIANT_2003” RFC[1], namely to default idn_to_ascii()'s and idn_to_utf8()'s $variant parameter to INTL_IDNA_VARIANT_UTS46, which is not defined in ICU < 4.6. See also the related discussion on internals@[2]. [1] <https://wiki.php.net/rfc/deprecate-and-remove-intl_idna_variant_2003> [2] <http://news.php.net/php.internals/101626>ff
2018-09-06 12:04:44 +00:00
Mark ldap_control_paged_result and ldap_control_paged_result_response as deprecated These functions have serious limitations and may confuse users. Same operations can be done using the new ldap control system in search operations.
2019-02-04 11:09:51 +00:00
- LDAP:
. Deprecated ldap_control_paged_result_response and ldap_control_paged_result
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
- LiteSpeed:
. Updated to LiteSpeed SAPI V7.5 (Fixed clean shutdown). (George Wang)
. Updated to LiteSpeed SAPI V7.4.3 (increased response header count limit from
100 to 1000, added crash handler to cleanly shutdown PHP request, added
CloudLinux mod_lsapi mode). (George Wang)
. Fixed bug #76058 (After "POST data can't be buffered", using php://input
makes huge tmp files). (George Wang)
- MBString:
Fix internal_encoding fallback in mbstring By introducing a hook that is called whenever one of internal_encoding / input_encoding / output_encoding changes, so that mbstring can adjust it's internal state. This also makes internal_encoding work with zend multibyte.
2019-04-16 14:35:35 +00:00
. Fixed bug #77907 (mb-functions do not respect default_encoding). (Nikita)
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Fixed bug #78579 (mb_decode_numericentity: args number inconsistency).
(cmb)
. Fixed bug #78609 (mb_check_encoding() no longer supports stringable
objects). (cmb)
- MySQLi:
. Fixed bug #67348 (Reading $dbc->stat modifies $dbc->affected_rows).
(Derick)
. Fixed bug #76809 (SSL settings aren't respected when persistent connections
are used). (fabiomsouto)
. Fixed bug #78179 (MariaDB server version incorrectly detected). (cmb)
. Fixed bug #78213 (Empty row pocket). (cmb)
- MySQLnd:
. Fixed connect_attr issues and added the _server_host connection attribute.
(Qianqian Bu)
. Fixed bug #60594 (mysqlnd exposes 160 lines of stats in phpinfo). (PeeHaa)
- ODBC:
. Fixed bug #78473 (odbc_close() closes arbitrary resources). (cmb)
Fix internal_encoding fallback in mbstring By introducing a hook that is called whenever one of internal_encoding / input_encoding / output_encoding changes, so that mbstring can adjust it's internal state. This also makes internal_encoding work with zend multibyte.
2019-04-16 14:35:35 +00:00
Implemented preloading RFC: https://wiki.php.net/rfc/preload. Squashed commit of the following: commit 106c815fffb8eb3efe00a27a5229cb1f8ffc9736 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Nov 14 16:36:44 2018 +0300 Added NEWS entry commit 1dacd5e20b7043368ef9e80db296d1781134b6fd Merge: d516139abf ba99aa133c Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Nov 14 16:33:37 2018 +0300 Merge branch 'master' into preload * master: Fixed issues related to optimization and persitence of classes linked with interfaces, traits or internal classes. Added possiblity to avoid signal handlers reinitialization on each request. commit d516139abf5ffbd495ee6037f1dc04a1cfe588a7 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Nov 14 16:13:15 2018 +0300 Override opcache.preload for testing commit 162b154d0bbfbaf8ef93975f7e56a1353236903d Merge: 45fdd034ce 8bda22592e Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Nov 14 15:38:09 2018 +0300 Merge branch 'master' into preload * master: (34 commits) Eliminate useless $this related check Eliminate useless $this related checks Replace zend_parse_method_parameters() by zend_parse_parameters() and avoid useless checks. Replace getThis() by EX(This), when additional check is not necessary. Fixed tests Validate length on socket_write Fix compilation on x32 Fix #77141: Signedness issue in SOAP when precision=-1 Support SQLite3 @name notation Remove lexer files generated by RE2C Update libmagic.patch [ci skip] Update libmagic.patch [ci skip] Fork test with pcre.jit=0 Rework magic data Fix regex Fix regex Rework magic data Sync one more upstream libmagic piece Suppress already used warning Ignore getaddrinfo failed message ... commit 45fdd034ceceb68e8fb23bd6e70d627f17dfd411 Author: Dmitry Stogov <dmitry@zend.com> Date: Fri Nov 9 13:07:03 2018 +0300 Properly resolve magic method of preloaded classes inherited from internal ones. commit 34645aeb4272b71a81a7e0d91f27eded557b78be Author: Dmitry Stogov <dmitry@zend.com> Date: Thu Nov 8 15:29:17 2018 +0300 Don't preload constants defined during preload script excution. commit cef0d67c3e5aac89b3d606fbd8d445225c07c83f Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Nov 7 15:56:54 2018 +0300 Support for class aliasses commit 08ffc9a552c7cf4fbff1a4b3d2de4e7c33f4120d Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Nov 7 15:34:39 2018 +0300 Resolve constants only in linked classes commit 8d3429cda83c87646eef0006d5cda075f2400b24 Author: Dmitry Stogov <dmitry@zend.com> Date: Tue Nov 6 11:56:39 2018 +0300 Fixed preloading of references to internal classes. commit 7ae3a47d20e83f7d804506c6d50f6a392199260b Merge: 9b0a53ed1c 049f239cfc Author: Dmitry Stogov <dmitry@zend.com> Date: Tue Nov 6 11:37:15 2018 +0300 Merge branch 'master' into preload * master: Update NEWS [ci skip] Update NEWS [ci skip] Update libmagic.patch [ci skip] Update libmagic.patch [ci skip] Declare function proto in header Declare function proto in header Fix #76825: Undefined symbols ___cpuid_count NEWS Fix: #77110 undefined symbol zend_string_equal_val in C++ build Fix #77105: Use position:sticky for <th> in `phpinfo()` Implement handling for JIT recognition when cross compiling Backport 7f5f4601 for 7.2 Fix #76348: WSDL_CACHE_MEMORY causes Segmentation fault Rework places in libmagic regarding previous CVE-2014-3538 fixes Change the way JIT availability is checked Fix a test for ldap extension Fixed bug #77092 Future-proof email addresses commit 9b0a53ed1cd5995efae0d71e1941d1db4ef6ba39 Author: Dmitry Stogov <dmitry@zend.com> Date: Fri Nov 2 14:54:44 2018 +0300 We don't need preload_restart() here commit 0bd17bd43890423e1e98a5925f11cea93da3df55 Author: Dmitry Stogov <dmitry@zend.com> Date: Fri Nov 2 14:44:30 2018 +0300 EG(*) may be not initializd at this point - use CG(*). commit b610467051d8a3687a60ffc2957bc353cb6b3bd4 Merge: 3a9d90f74a 67e0138c0d Author: Dmitry Stogov <dmitry@zend.com> Date: Fri Nov 2 11:33:37 2018 +0300 Merge branch 'master' into preload * master: Future-proof email addresses... Update email addresses. We're still @Zend, but future proofing it... commit 3a9d90f74a3d890cb59658d604d5a202e3aee256 Author: Dmitry Stogov <dmitry@zend.com> Date: Thu Nov 1 15:19:48 2018 +0300 Fexed resolution of method clones commit aea85c65bd1795d0750dee6ac0e476acd2ac9dd7 Author: Dmitry Stogov <dmitry@zend.com> Date: Thu Nov 1 11:45:50 2018 +0300 Prevent inlining of method copied from trait commit 36b644fbb738e7548ccb436e5d04d653d93cce14 Merge: 7a20781d2e b91690c892 Author: Dmitry Stogov <dmitry@zend.com> Date: Thu Nov 1 10:56:02 2018 +0300 Merge branch 'master' into preload * master: Fix stray newline that caused this test to fail Fix session tests that fail if error_log is set This test needs to log to stdout Fix error condition Fixed bug #77081 ftruncate() changes seek pointer in c mode Fix and improve test case commit 7a20781d2ee694262f913a612d8b0b6a24ceff7b Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 31 00:52:46 2018 +0300 Added test commit 4a57b5d563f9c9616f3c236f57ccd09d8a66f146 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 31 00:50:21 2018 +0300 Fixed preloading of classes linked with traits commit 68c4f99e23695e74eafa43097ecab62392bad3ee Author: Dmitry Stogov <dmitry@zend.com> Date: Tue Oct 30 16:25:14 2018 +0300 Added test commit 38ab7ef4cf429dcfd5dfb18f844242cdf3a4d61f Merge: eb6e2c529f bf38e6c10a Author: Dmitry Stogov <dmitry@zend.com> Date: Tue Oct 30 16:14:39 2018 +0300 Merge branch 'master' into preload * master: Keep original value of "prototype" commit eb6e2c529f8cedf6823346387dd8b0ba6a4f045b Merge: 562049510f 2fefa8c61e Author: Dmitry Stogov <dmitry@zend.com> Date: Tue Oct 30 15:35:39 2018 +0300 Merge branch 'master' into preload * master: Call function_add_ref() in proper place Updated to version 2018.7 (2018g) Updated to version 2018.7 (2018g) Updated to version 2018.7 (2018g) Reslove inherited op_array references once afrer all optimizations. commit 562049510f605c21cd46fc3b6f97ed15bfe7b0dc Merge: e806cb732a 4828fb7b6b Author: Dmitry Stogov <dmitry@zend.com> Date: Tue Oct 30 10:29:49 2018 +0300 Merge branch 'master' into preload * master: [ci skip] Update NEWS [ci skip] Update NEWS [ci skip] Update NEWS fix bug #77079 Add missing null initialization Remove redundant mbfl_string_init calls Use zend_string for mbstring last encoding cache commit e806cb732a2a3f1e409528988a0571421c541078 Author: Dmitry Stogov <dmitry@zend.com> Date: Mon Oct 29 22:32:15 2018 +0300 Fixed double-free commit 2f697ef8af0e7b21c47707b2d688880e8c987a8b Author: Dmitry Stogov <dmitry@zend.com> Date: Mon Oct 29 22:07:32 2018 +0300 typo commit c559f22b3e61b38761831d9610889d28ba6875e0 Merge: 310631cc05 ea2e67876a Author: Dmitry Stogov <dmitry@zend.com> Date: Mon Oct 29 21:59:27 2018 +0300 Merge branch 'master' into preload * master: Stop Apache if PHP wasn't started successful. Execute zend_post_startup() with module_initialized flag set. Removed dead code Fix mb_strrpos() with encoding passed as 3rd param commit 310631cc0565ac87091c4f1a8a9f739a13e7e778 Author: Dmitry Stogov <dmitry@zend.com> Date: Mon Oct 29 16:48:42 2018 +0300 Stop Apache if PHP wasn't started successful. commit 0a24d7ba8f3280507c9663b32e14030212cf8491 Author: Dmitry Stogov <dmitry@zend.com> Date: Mon Oct 29 16:25:49 2018 +0300 Avoid use-after-free in main thread commit 17a3cb4a2ab271c2b2357c04e36efa64e02444ff Author: Dmitry Stogov <dmitry@zend.com> Date: Mon Oct 29 15:25:17 2018 +0300 Execute zend_post_startup() with module_initialized flag set. commit 6d4b22c518bec956e9632fad4329360304d17fd7 Author: Dmitry Stogov <dmitry@zend.com> Date: Mon Oct 29 14:12:20 2018 +0300 Override SAPI.ub_write and SAPI.flush for preloading commit 386c9d3470168f70afe5d3b72a58ea0c0da1519c Merge: d7fbb4d402 359f19edc9 Author: Dmitry Stogov <dmitry@zend.com> Date: Mon Oct 29 13:49:24 2018 +0300 Merge branch 'master' into preload * master: Optimize substr() edge-case conditions [ci skip] Update UPGRADING Fix #71592: External entity processing never fails Add TIDY_TAG_* constants supported by libtidy 5 Add is_iterable to opcache Optimizer commit d7fbb4d402a18c8fd1c49e0c92afd9f9e513bc7a Author: Dmitry Stogov <dmitry@zend.com> Date: Fri Oct 26 13:11:54 2018 +0300 Restore preload state if it was already loaded in another process. commit 0fe9ea1c07822b5d4672cece2c180bf9795e16e4 Author: Dmitry Stogov <dmitry@zend.com> Date: Fri Oct 26 12:29:06 2018 +0300 Removed dead code commit 3a2d1bcc1fd27b6983522c262931fc0187c0afef Author: Dmitry Stogov <dmitry@zend.com> Date: Fri Oct 26 00:19:40 2018 +0300 Support for builds without ZEND_SIGNALS commit e6b76ecb4beea3b922bf7529050e3828f745dedb Merge: 4531fbf931 68694c9997 Author: Dmitry Stogov <dmitry@zend.com> Date: Thu Oct 25 23:43:25 2018 +0300 Merge branch 'master' into preload * master: Don't wrap php_module_shutdown() with zend_try. executor_globals are released in ZTS build, and this leads to crash. [ci skip] Fix indentation in UPGRADING. commit 4531fbf9310bfb7bb579134cc84e8c10c5d42059 Author: Dmitry Stogov <dmitry@zend.com> Date: Thu Oct 25 22:44:49 2018 +0300 Disable linking and preloading of classes those parent or one of interface or trait is an internal class. commit a594a618ce98242c1d273eb9ede75b4f6b4635d8 Author: Dmitry Stogov <dmitry@zend.com> Date: Thu Oct 25 22:30:51 2018 +0300 Cleanup - remove useless ZCSG(saved_map_ptr_last) - move preloaded classes/functions clean-up code back into better place commit ab9a40f63cfa1a205b8f853b7e0c2ce61edabb32 Author: Dmitry Stogov <dmitry@zend.com> Date: Thu Oct 25 20:52:51 2018 +0300 Added support for preloaded classes/functions in ZTS build commit e3c65db099517082b66dd20ea57e1bda649a7aa5 Merge: 4f57c1e029 33e777acbf Author: Dmitry Stogov <dmitry@zend.com> Date: Thu Oct 25 20:52:26 2018 +0300 Merge branch 'master' into preload * master: Improved shared interned strings handling. The previous implementation worked incorrectly in ZTS build. It changed strings only in function/class tables of one thread. Now all threads gets the same shared interned strings. Also, on shutdown, we don't try to replace SHM interned strings back to process strings, but delay dettachment of SHM instead. Don't use request heap at shutdown Don't optimize function if inference failed Fixed bug #77058 Improve "narrowing" error message bump versions commit 4f57c1e029ce9c24bd699ea61b05973c4665bc32 Author: Dmitry Stogov <dmitry@zend.com> Date: Thu Oct 25 15:29:58 2018 +0300 Cleanup (move preload_shutdown() call to better place) commit 26587a95c071cf9dd098199eb3708fca8adae243 Author: Dmitry Stogov <dmitry@zend.com> Date: Thu Oct 25 14:30:51 2018 +0300 eol commit d70cb10480fdc7d814495150cd48e43d4147138f Author: Dmitry Stogov <dmitry@zend.com> Date: Thu Oct 25 14:30:20 2018 +0300 cleanup commit aabe685dbb887e91c240b6c5553193889bcfc540 Merge: d9fc51bc3b 40808ac41e Author: Dmitry Stogov <dmitry@zend.com> Date: Thu Oct 25 12:42:51 2018 +0300 Merge branch 'master' into preload * master: Remove unused var Remove ext/json parser files generated by bison Fix run-tests.php for running phpdbg and certain test sections Normalize .gitignore commit d9fc51bc3bdfbd7f4149a884b09e3c09a41f7a8d Merge: b5ffba0faf b6ef8998d5 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 24 15:59:24 2018 +0300 Merge branch 'master' into preload * master: Fixed reseting of interned strings buffer. commit b5ffba0fafb4d940336d5f5fe93950dad1d8d779 Merge: e4a7ef0c43 a404383118 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 24 12:46:28 2018 +0300 Merge branch 'master' into preload * master: Fixed build in directory different from source commit e4a7ef0c431ec97cdd00e44dfa0ef17887d1e5e3 Merge: 811f20aaa5 d1e14e2cc0 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 24 11:59:43 2018 +0300 Merge branch 'master' into preload * master: (29 commits) Make php_plain_files_wrapper to be writable (workaround for swoole) Remove phpdbg parser files generated by bison Fix conflicts in phpdbg parser Refetetch function name on exceptional path to allow better code on fast code path. fix typo in sysvsem.c Fixed bug #50675 bump to 7.2.13-dev [ci skip] Update NEWS wrt. php-7.3.0RC4 tagging Inlining in the most frequently used code paths Fixed test failurs introduced by 9c144e0d8217d1ef7a83c2498214308b21af749f Use persistent strings only for persistent connections Fix accessibility checks for dynamic properties Updated to version 2018.6 (2018f) Updated to version 2018.6 (2018f) Updated to version 2018.6 (2018f) Fix arginfo and clean up fpm_get_status Defragment two Zend related Makefile fragments together [ci skip] Remove automake and aclocal in comments Fix #75282: xmlrpc_encode_request() crashes Fix tests for ICU 63.1 ... commit 811f20aaa5030035666d9f325dd7c64632c70a50 Author: Dmitry Stogov <dmitry@zend.com> Date: Mon Oct 22 14:10:49 2018 +0300 Added information about preloading to opcache_get_status() commit 093e8b1bbffdc07d217a543613ea14c3eeac710e Author: Dmitry Stogov <dmitry@zend.com> Date: Fri Oct 19 13:46:23 2018 +0300 Added warning message commit a2ba970ce3d0ac51ebfbe1bfc2dc7b99b9750a75 Author: Dmitry Stogov <dmitry@zend.com> Date: Fri Oct 19 13:35:40 2018 +0300 Added test commit b67e28367c11db50360e664a7ad6ac95b393f2e4 Author: Dmitry Stogov <dmitry@zend.com> Date: Fri Oct 19 13:33:12 2018 +0300 Don't preload functions declared at run-time. commit b0139dc22854ee000586ef83c149d7d25181da60 Merge: a609520adb 3fe698b904 Author: Dmitry Stogov <dmitry@zend.com> Date: Fri Oct 19 13:23:14 2018 +0300 Merge branch 'master' into preload * master: Mark "top-level" functions. Don't initialize static_member_tables during start-up, when inherit internal classes. [ci skip] Update NEWS [ci skip] Update NEWS [ci skip] Update NEWS Fix #77035: The phpize and ./configure create redundant .deps file Remove outdated PEAR artefacts Fix tests/output/bug74815.phpt generating errors.log Revert "Use C++ symbols, when C++11 or upper is compiled" Use C++ symbols, when C++11 or upper is compiled Added new line Remove stamp-h Move all testing docs to qa.php.net Fix a typo in UPGRADING.INTERNALS Fix test when it's run on another drive [ci skip] Update UPGRADING wrt. tidyp support Fixed incorrect reallocation Fix #77027: tidy::getOptDoc() not available on Windows Run CI tests under opcache.protect_memory=1 commit a609520adbc0bf12701d467bae4a016fde43231e Merge: ac8f45f61b b6ac50f9e6 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 17:01:05 2018 +0300 Merge branch 'master' into preload * master: Fixed comment Micro optimizations Mark "top-level" classes commit ac8f45f61b561af9aee629232bc3705143ceaac3 Merge: 632b30b545 d57cd36e47 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 15:53:41 2018 +0300 Merge branch 'master' into preload * master: Immutable clases and op_arrays. commit 632b30b5451c8fdf0879a3ba4d937ff4ecfc8ce7 Merge: d33908a99a cd0c36c3f9 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 15:04:43 2018 +0300 Merge branch 'immutable' into preload * immutable: Remove the "auto" encoding Fixed bug #77025 Add vtbls for EUC-TW encoding commit cd0c36c3f943849e5b97a8dbe2dd029fbeab3df9 Merge: 4740dabb84 ad6738e886 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 14:43:38 2018 +0300 Merge branch 'master' into immutable * master: Remove the "auto" encoding Fixed bug #77025 Add vtbls for EUC-TW encoding commit d33908a99a3c746f188e268df3db541591f6fcc2 Merge: 21e0bebca3 4740dabb84 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 14:14:23 2018 +0300 Merge branch 'immutable' into preload * immutable: Reverted back ce->iterator_funcs_ptr. Initialize ce->iterator_funcs_ptr fields in immutable classes. commit 4740dabb843c6d4f7f866b4a2456073c9eaf4c77 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 14:12:28 2018 +0300 Reverted back ce->iterator_funcs_ptr. Initialize ce->iterator_funcs_ptr fields in immutable classes. commit 21e0bebca3e6fff3c3484ee46f9aa3ac4e98eaeb Merge: c78277ae84 ad7a78b253 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 12:29:59 2018 +0300 Merge branch 'immutable' into preload * immutable: Added comment Added type cast Moved static class members initialization into the proper place. Removed redundand assertion Removed duplicate code Hide offset encoding magic in ZEND_MAP_PTR_IS_OFFSET(), ZEND_MAP_PTR_OFFSET2PTR() and ZEND_MAP_PTR_PTR2OFFSET() macros. typo Remove unused variable makefile_am_files Classify object handlers are required/optional Add support for getting SKIP_TAGSTART and SKIP_WHITE options Remove some obsolete config_vars.mk occurrences Remove bsd_converted from .gitignore Remove configuration parser and scanners ignores Remove obsolete buildconf.stamp from .gitignore [ci skip] Add magicdata.patch exception to .gitignore Remove outdated ext/spl/examples items from .gitignore Remove unused test.inc in ext/iconv/tests commit ad7a78b253be970db70c2251e66f9297d8e7f829 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 11:46:30 2018 +0300 Added comment commit 0276ea51875bab37be01a4dc5e5a047c5698c571 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 11:42:43 2018 +0300 Added type cast commit c63fc5d5f19c58498108d1698055b2b442227eb3 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 11:36:51 2018 +0300 Moved static class members initialization into the proper place. commit b945548e9306b1826c881918858b5e5aa3eb3002 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 11:21:03 2018 +0300 Removed redundand assertion commit d5a41088401814c829847db212488f8aae39bcd2 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 11:19:13 2018 +0300 Removed duplicate code commit 8dadca8864e66de70a24bdf1181bcf7dd8fb27d7 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 11:05:43 2018 +0300 Hide offset encoding magic in ZEND_MAP_PTR_IS_OFFSET(), ZEND_MAP_PTR_OFFSET2PTR() and ZEND_MAP_PTR_PTR2OFFSET() macros. commit 9ef07c88bd76801e2d4fbfeab3ebfd6e6a67ac5f Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 10:48:29 2018 +0300 typo commit a06f0f3d3aba53e766046221ee44fb9720389ecc Merge: 94099586ec 3412345ffe Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 10:47:07 2018 +0300 Merge branch 'master' into immutable * master: Remove unused variable makefile_am_files Classify object handlers are required/optional Add support for getting SKIP_TAGSTART and SKIP_WHITE options Remove some obsolete config_vars.mk occurrences Remove bsd_converted from .gitignore Remove configuration parser and scanners ignores Remove obsolete buildconf.stamp from .gitignore [ci skip] Add magicdata.patch exception to .gitignore Remove outdated ext/spl/examples items from .gitignore Remove unused test.inc in ext/iconv/tests commit c78277ae84b21067744d1701949e4e1fadd8872a Author: Dmitry Stogov <dmitry@zend.com> Date: Tue Oct 16 17:25:35 2018 +0300 Preloadsing support for opcache restart commit f76a955c02f6a033d4656d5e0d9dad9a8e83cc86 Author: Dmitry Stogov <dmitry@zend.com> Date: Tue Oct 16 13:52:36 2018 +0300 Fixed incorrect signal handlers overriding commit 0810ce0d8165d4b752267f035f9fa0aaa1698ceb Author: Dmitry Stogov <dmitry@zend.com> Date: Mon Oct 15 23:38:48 2018 +0300 An attempt to implemnt "preloading" ability. commit 94099586ec599117581ca01c15b1f6c5f749e23a Author: Dmitry Stogov <dmitry@zend.com> Date: Mon Oct 15 23:34:01 2018 +0300 Immutable clases and op_arrays
2018-11-14 13:46:05 +00:00
- Opcache:
. Implemented preloading RFC: https://wiki.php.net/rfc/preload. (Dmitry)
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Add opcache.preload_user INI directive. (Dmitry)
. Added new INI directive opcache.cache_id (Windows only). (cmb)
. Fixed bug #78106 (Path resolution fails if opcache disabled during request).
(Nikita)
. Fixed bug #78175 (Preloading segfaults at preload time and at runtime).
(Dmitry)
. Fixed bug #78202 (Opcache stats for cache hits are capped at 32bit NUM).
(cmb)
. Fixed bug #78271 (Invalid result of if-else). (Nikita)
. Fixed bug #78341 (Failure to detect smart branch in DFA pass). (Nikita)
. Fixed bug #78376 (Incorrect preloading of constant static properties).
(Dmitry)
. Fixed bug #78429 (opcache_compile_file(__FILE__); segfaults). (cmb)
. Fixed bug #78512 (Cannot make preload work). (Dmitry)
. Fixed bug #78514 (Preloading segfaults with inherited typed property).
(Nikita)
. Fixed bug #78654 (Incorrectly computed opcache checksum on files with
non-ascii characters). (mhagstrand)
Implemented preloading RFC: https://wiki.php.net/rfc/preload. Squashed commit of the following: commit 106c815fffb8eb3efe00a27a5229cb1f8ffc9736 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Nov 14 16:36:44 2018 +0300 Added NEWS entry commit 1dacd5e20b7043368ef9e80db296d1781134b6fd Merge: d516139abf ba99aa133c Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Nov 14 16:33:37 2018 +0300 Merge branch 'master' into preload * master: Fixed issues related to optimization and persitence of classes linked with interfaces, traits or internal classes. Added possiblity to avoid signal handlers reinitialization on each request. commit d516139abf5ffbd495ee6037f1dc04a1cfe588a7 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Nov 14 16:13:15 2018 +0300 Override opcache.preload for testing commit 162b154d0bbfbaf8ef93975f7e56a1353236903d Merge: 45fdd034ce 8bda22592e Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Nov 14 15:38:09 2018 +0300 Merge branch 'master' into preload * master: (34 commits) Eliminate useless $this related check Eliminate useless $this related checks Replace zend_parse_method_parameters() by zend_parse_parameters() and avoid useless checks. Replace getThis() by EX(This), when additional check is not necessary. Fixed tests Validate length on socket_write Fix compilation on x32 Fix #77141: Signedness issue in SOAP when precision=-1 Support SQLite3 @name notation Remove lexer files generated by RE2C Update libmagic.patch [ci skip] Update libmagic.patch [ci skip] Fork test with pcre.jit=0 Rework magic data Fix regex Fix regex Rework magic data Sync one more upstream libmagic piece Suppress already used warning Ignore getaddrinfo failed message ... commit 45fdd034ceceb68e8fb23bd6e70d627f17dfd411 Author: Dmitry Stogov <dmitry@zend.com> Date: Fri Nov 9 13:07:03 2018 +0300 Properly resolve magic method of preloaded classes inherited from internal ones. commit 34645aeb4272b71a81a7e0d91f27eded557b78be Author: Dmitry Stogov <dmitry@zend.com> Date: Thu Nov 8 15:29:17 2018 +0300 Don't preload constants defined during preload script excution. commit cef0d67c3e5aac89b3d606fbd8d445225c07c83f Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Nov 7 15:56:54 2018 +0300 Support for class aliasses commit 08ffc9a552c7cf4fbff1a4b3d2de4e7c33f4120d Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Nov 7 15:34:39 2018 +0300 Resolve constants only in linked classes commit 8d3429cda83c87646eef0006d5cda075f2400b24 Author: Dmitry Stogov <dmitry@zend.com> Date: Tue Nov 6 11:56:39 2018 +0300 Fixed preloading of references to internal classes. commit 7ae3a47d20e83f7d804506c6d50f6a392199260b Merge: 9b0a53ed1c 049f239cfc Author: Dmitry Stogov <dmitry@zend.com> Date: Tue Nov 6 11:37:15 2018 +0300 Merge branch 'master' into preload * master: Update NEWS [ci skip] Update NEWS [ci skip] Update libmagic.patch [ci skip] Update libmagic.patch [ci skip] Declare function proto in header Declare function proto in header Fix #76825: Undefined symbols ___cpuid_count NEWS Fix: #77110 undefined symbol zend_string_equal_val in C++ build Fix #77105: Use position:sticky for <th> in `phpinfo()` Implement handling for JIT recognition when cross compiling Backport 7f5f4601 for 7.2 Fix #76348: WSDL_CACHE_MEMORY causes Segmentation fault Rework places in libmagic regarding previous CVE-2014-3538 fixes Change the way JIT availability is checked Fix a test for ldap extension Fixed bug #77092 Future-proof email addresses commit 9b0a53ed1cd5995efae0d71e1941d1db4ef6ba39 Author: Dmitry Stogov <dmitry@zend.com> Date: Fri Nov 2 14:54:44 2018 +0300 We don't need preload_restart() here commit 0bd17bd43890423e1e98a5925f11cea93da3df55 Author: Dmitry Stogov <dmitry@zend.com> Date: Fri Nov 2 14:44:30 2018 +0300 EG(*) may be not initializd at this point - use CG(*). commit b610467051d8a3687a60ffc2957bc353cb6b3bd4 Merge: 3a9d90f74a 67e0138c0d Author: Dmitry Stogov <dmitry@zend.com> Date: Fri Nov 2 11:33:37 2018 +0300 Merge branch 'master' into preload * master: Future-proof email addresses... Update email addresses. We're still @Zend, but future proofing it... commit 3a9d90f74a3d890cb59658d604d5a202e3aee256 Author: Dmitry Stogov <dmitry@zend.com> Date: Thu Nov 1 15:19:48 2018 +0300 Fexed resolution of method clones commit aea85c65bd1795d0750dee6ac0e476acd2ac9dd7 Author: Dmitry Stogov <dmitry@zend.com> Date: Thu Nov 1 11:45:50 2018 +0300 Prevent inlining of method copied from trait commit 36b644fbb738e7548ccb436e5d04d653d93cce14 Merge: 7a20781d2e b91690c892 Author: Dmitry Stogov <dmitry@zend.com> Date: Thu Nov 1 10:56:02 2018 +0300 Merge branch 'master' into preload * master: Fix stray newline that caused this test to fail Fix session tests that fail if error_log is set This test needs to log to stdout Fix error condition Fixed bug #77081 ftruncate() changes seek pointer in c mode Fix and improve test case commit 7a20781d2ee694262f913a612d8b0b6a24ceff7b Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 31 00:52:46 2018 +0300 Added test commit 4a57b5d563f9c9616f3c236f57ccd09d8a66f146 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 31 00:50:21 2018 +0300 Fixed preloading of classes linked with traits commit 68c4f99e23695e74eafa43097ecab62392bad3ee Author: Dmitry Stogov <dmitry@zend.com> Date: Tue Oct 30 16:25:14 2018 +0300 Added test commit 38ab7ef4cf429dcfd5dfb18f844242cdf3a4d61f Merge: eb6e2c529f bf38e6c10a Author: Dmitry Stogov <dmitry@zend.com> Date: Tue Oct 30 16:14:39 2018 +0300 Merge branch 'master' into preload * master: Keep original value of "prototype" commit eb6e2c529f8cedf6823346387dd8b0ba6a4f045b Merge: 562049510f 2fefa8c61e Author: Dmitry Stogov <dmitry@zend.com> Date: Tue Oct 30 15:35:39 2018 +0300 Merge branch 'master' into preload * master: Call function_add_ref() in proper place Updated to version 2018.7 (2018g) Updated to version 2018.7 (2018g) Updated to version 2018.7 (2018g) Reslove inherited op_array references once afrer all optimizations. commit 562049510f605c21cd46fc3b6f97ed15bfe7b0dc Merge: e806cb732a 4828fb7b6b Author: Dmitry Stogov <dmitry@zend.com> Date: Tue Oct 30 10:29:49 2018 +0300 Merge branch 'master' into preload * master: [ci skip] Update NEWS [ci skip] Update NEWS [ci skip] Update NEWS fix bug #77079 Add missing null initialization Remove redundant mbfl_string_init calls Use zend_string for mbstring last encoding cache commit e806cb732a2a3f1e409528988a0571421c541078 Author: Dmitry Stogov <dmitry@zend.com> Date: Mon Oct 29 22:32:15 2018 +0300 Fixed double-free commit 2f697ef8af0e7b21c47707b2d688880e8c987a8b Author: Dmitry Stogov <dmitry@zend.com> Date: Mon Oct 29 22:07:32 2018 +0300 typo commit c559f22b3e61b38761831d9610889d28ba6875e0 Merge: 310631cc05 ea2e67876a Author: Dmitry Stogov <dmitry@zend.com> Date: Mon Oct 29 21:59:27 2018 +0300 Merge branch 'master' into preload * master: Stop Apache if PHP wasn't started successful. Execute zend_post_startup() with module_initialized flag set. Removed dead code Fix mb_strrpos() with encoding passed as 3rd param commit 310631cc0565ac87091c4f1a8a9f739a13e7e778 Author: Dmitry Stogov <dmitry@zend.com> Date: Mon Oct 29 16:48:42 2018 +0300 Stop Apache if PHP wasn't started successful. commit 0a24d7ba8f3280507c9663b32e14030212cf8491 Author: Dmitry Stogov <dmitry@zend.com> Date: Mon Oct 29 16:25:49 2018 +0300 Avoid use-after-free in main thread commit 17a3cb4a2ab271c2b2357c04e36efa64e02444ff Author: Dmitry Stogov <dmitry@zend.com> Date: Mon Oct 29 15:25:17 2018 +0300 Execute zend_post_startup() with module_initialized flag set. commit 6d4b22c518bec956e9632fad4329360304d17fd7 Author: Dmitry Stogov <dmitry@zend.com> Date: Mon Oct 29 14:12:20 2018 +0300 Override SAPI.ub_write and SAPI.flush for preloading commit 386c9d3470168f70afe5d3b72a58ea0c0da1519c Merge: d7fbb4d402 359f19edc9 Author: Dmitry Stogov <dmitry@zend.com> Date: Mon Oct 29 13:49:24 2018 +0300 Merge branch 'master' into preload * master: Optimize substr() edge-case conditions [ci skip] Update UPGRADING Fix #71592: External entity processing never fails Add TIDY_TAG_* constants supported by libtidy 5 Add is_iterable to opcache Optimizer commit d7fbb4d402a18c8fd1c49e0c92afd9f9e513bc7a Author: Dmitry Stogov <dmitry@zend.com> Date: Fri Oct 26 13:11:54 2018 +0300 Restore preload state if it was already loaded in another process. commit 0fe9ea1c07822b5d4672cece2c180bf9795e16e4 Author: Dmitry Stogov <dmitry@zend.com> Date: Fri Oct 26 12:29:06 2018 +0300 Removed dead code commit 3a2d1bcc1fd27b6983522c262931fc0187c0afef Author: Dmitry Stogov <dmitry@zend.com> Date: Fri Oct 26 00:19:40 2018 +0300 Support for builds without ZEND_SIGNALS commit e6b76ecb4beea3b922bf7529050e3828f745dedb Merge: 4531fbf931 68694c9997 Author: Dmitry Stogov <dmitry@zend.com> Date: Thu Oct 25 23:43:25 2018 +0300 Merge branch 'master' into preload * master: Don't wrap php_module_shutdown() with zend_try. executor_globals are released in ZTS build, and this leads to crash. [ci skip] Fix indentation in UPGRADING. commit 4531fbf9310bfb7bb579134cc84e8c10c5d42059 Author: Dmitry Stogov <dmitry@zend.com> Date: Thu Oct 25 22:44:49 2018 +0300 Disable linking and preloading of classes those parent or one of interface or trait is an internal class. commit a594a618ce98242c1d273eb9ede75b4f6b4635d8 Author: Dmitry Stogov <dmitry@zend.com> Date: Thu Oct 25 22:30:51 2018 +0300 Cleanup - remove useless ZCSG(saved_map_ptr_last) - move preloaded classes/functions clean-up code back into better place commit ab9a40f63cfa1a205b8f853b7e0c2ce61edabb32 Author: Dmitry Stogov <dmitry@zend.com> Date: Thu Oct 25 20:52:51 2018 +0300 Added support for preloaded classes/functions in ZTS build commit e3c65db099517082b66dd20ea57e1bda649a7aa5 Merge: 4f57c1e029 33e777acbf Author: Dmitry Stogov <dmitry@zend.com> Date: Thu Oct 25 20:52:26 2018 +0300 Merge branch 'master' into preload * master: Improved shared interned strings handling. The previous implementation worked incorrectly in ZTS build. It changed strings only in function/class tables of one thread. Now all threads gets the same shared interned strings. Also, on shutdown, we don't try to replace SHM interned strings back to process strings, but delay dettachment of SHM instead. Don't use request heap at shutdown Don't optimize function if inference failed Fixed bug #77058 Improve "narrowing" error message bump versions commit 4f57c1e029ce9c24bd699ea61b05973c4665bc32 Author: Dmitry Stogov <dmitry@zend.com> Date: Thu Oct 25 15:29:58 2018 +0300 Cleanup (move preload_shutdown() call to better place) commit 26587a95c071cf9dd098199eb3708fca8adae243 Author: Dmitry Stogov <dmitry@zend.com> Date: Thu Oct 25 14:30:51 2018 +0300 eol commit d70cb10480fdc7d814495150cd48e43d4147138f Author: Dmitry Stogov <dmitry@zend.com> Date: Thu Oct 25 14:30:20 2018 +0300 cleanup commit aabe685dbb887e91c240b6c5553193889bcfc540 Merge: d9fc51bc3b 40808ac41e Author: Dmitry Stogov <dmitry@zend.com> Date: Thu Oct 25 12:42:51 2018 +0300 Merge branch 'master' into preload * master: Remove unused var Remove ext/json parser files generated by bison Fix run-tests.php for running phpdbg and certain test sections Normalize .gitignore commit d9fc51bc3bdfbd7f4149a884b09e3c09a41f7a8d Merge: b5ffba0faf b6ef8998d5 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 24 15:59:24 2018 +0300 Merge branch 'master' into preload * master: Fixed reseting of interned strings buffer. commit b5ffba0fafb4d940336d5f5fe93950dad1d8d779 Merge: e4a7ef0c43 a404383118 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 24 12:46:28 2018 +0300 Merge branch 'master' into preload * master: Fixed build in directory different from source commit e4a7ef0c431ec97cdd00e44dfa0ef17887d1e5e3 Merge: 811f20aaa5 d1e14e2cc0 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 24 11:59:43 2018 +0300 Merge branch 'master' into preload * master: (29 commits) Make php_plain_files_wrapper to be writable (workaround for swoole) Remove phpdbg parser files generated by bison Fix conflicts in phpdbg parser Refetetch function name on exceptional path to allow better code on fast code path. fix typo in sysvsem.c Fixed bug #50675 bump to 7.2.13-dev [ci skip] Update NEWS wrt. php-7.3.0RC4 tagging Inlining in the most frequently used code paths Fixed test failurs introduced by 9c144e0d8217d1ef7a83c2498214308b21af749f Use persistent strings only for persistent connections Fix accessibility checks for dynamic properties Updated to version 2018.6 (2018f) Updated to version 2018.6 (2018f) Updated to version 2018.6 (2018f) Fix arginfo and clean up fpm_get_status Defragment two Zend related Makefile fragments together [ci skip] Remove automake and aclocal in comments Fix #75282: xmlrpc_encode_request() crashes Fix tests for ICU 63.1 ... commit 811f20aaa5030035666d9f325dd7c64632c70a50 Author: Dmitry Stogov <dmitry@zend.com> Date: Mon Oct 22 14:10:49 2018 +0300 Added information about preloading to opcache_get_status() commit 093e8b1bbffdc07d217a543613ea14c3eeac710e Author: Dmitry Stogov <dmitry@zend.com> Date: Fri Oct 19 13:46:23 2018 +0300 Added warning message commit a2ba970ce3d0ac51ebfbe1bfc2dc7b99b9750a75 Author: Dmitry Stogov <dmitry@zend.com> Date: Fri Oct 19 13:35:40 2018 +0300 Added test commit b67e28367c11db50360e664a7ad6ac95b393f2e4 Author: Dmitry Stogov <dmitry@zend.com> Date: Fri Oct 19 13:33:12 2018 +0300 Don't preload functions declared at run-time. commit b0139dc22854ee000586ef83c149d7d25181da60 Merge: a609520adb 3fe698b904 Author: Dmitry Stogov <dmitry@zend.com> Date: Fri Oct 19 13:23:14 2018 +0300 Merge branch 'master' into preload * master: Mark "top-level" functions. Don't initialize static_member_tables during start-up, when inherit internal classes. [ci skip] Update NEWS [ci skip] Update NEWS [ci skip] Update NEWS Fix #77035: The phpize and ./configure create redundant .deps file Remove outdated PEAR artefacts Fix tests/output/bug74815.phpt generating errors.log Revert "Use C++ symbols, when C++11 or upper is compiled" Use C++ symbols, when C++11 or upper is compiled Added new line Remove stamp-h Move all testing docs to qa.php.net Fix a typo in UPGRADING.INTERNALS Fix test when it's run on another drive [ci skip] Update UPGRADING wrt. tidyp support Fixed incorrect reallocation Fix #77027: tidy::getOptDoc() not available on Windows Run CI tests under opcache.protect_memory=1 commit a609520adbc0bf12701d467bae4a016fde43231e Merge: ac8f45f61b b6ac50f9e6 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 17:01:05 2018 +0300 Merge branch 'master' into preload * master: Fixed comment Micro optimizations Mark "top-level" classes commit ac8f45f61b561af9aee629232bc3705143ceaac3 Merge: 632b30b545 d57cd36e47 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 15:53:41 2018 +0300 Merge branch 'master' into preload * master: Immutable clases and op_arrays. commit 632b30b5451c8fdf0879a3ba4d937ff4ecfc8ce7 Merge: d33908a99a cd0c36c3f9 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 15:04:43 2018 +0300 Merge branch 'immutable' into preload * immutable: Remove the "auto" encoding Fixed bug #77025 Add vtbls for EUC-TW encoding commit cd0c36c3f943849e5b97a8dbe2dd029fbeab3df9 Merge: 4740dabb84 ad6738e886 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 14:43:38 2018 +0300 Merge branch 'master' into immutable * master: Remove the "auto" encoding Fixed bug #77025 Add vtbls for EUC-TW encoding commit d33908a99a3c746f188e268df3db541591f6fcc2 Merge: 21e0bebca3 4740dabb84 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 14:14:23 2018 +0300 Merge branch 'immutable' into preload * immutable: Reverted back ce->iterator_funcs_ptr. Initialize ce->iterator_funcs_ptr fields in immutable classes. commit 4740dabb843c6d4f7f866b4a2456073c9eaf4c77 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 14:12:28 2018 +0300 Reverted back ce->iterator_funcs_ptr. Initialize ce->iterator_funcs_ptr fields in immutable classes. commit 21e0bebca3e6fff3c3484ee46f9aa3ac4e98eaeb Merge: c78277ae84 ad7a78b253 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 12:29:59 2018 +0300 Merge branch 'immutable' into preload * immutable: Added comment Added type cast Moved static class members initialization into the proper place. Removed redundand assertion Removed duplicate code Hide offset encoding magic in ZEND_MAP_PTR_IS_OFFSET(), ZEND_MAP_PTR_OFFSET2PTR() and ZEND_MAP_PTR_PTR2OFFSET() macros. typo Remove unused variable makefile_am_files Classify object handlers are required/optional Add support for getting SKIP_TAGSTART and SKIP_WHITE options Remove some obsolete config_vars.mk occurrences Remove bsd_converted from .gitignore Remove configuration parser and scanners ignores Remove obsolete buildconf.stamp from .gitignore [ci skip] Add magicdata.patch exception to .gitignore Remove outdated ext/spl/examples items from .gitignore Remove unused test.inc in ext/iconv/tests commit ad7a78b253be970db70c2251e66f9297d8e7f829 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 11:46:30 2018 +0300 Added comment commit 0276ea51875bab37be01a4dc5e5a047c5698c571 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 11:42:43 2018 +0300 Added type cast commit c63fc5d5f19c58498108d1698055b2b442227eb3 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 11:36:51 2018 +0300 Moved static class members initialization into the proper place. commit b945548e9306b1826c881918858b5e5aa3eb3002 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 11:21:03 2018 +0300 Removed redundand assertion commit d5a41088401814c829847db212488f8aae39bcd2 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 11:19:13 2018 +0300 Removed duplicate code commit 8dadca8864e66de70a24bdf1181bcf7dd8fb27d7 Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 11:05:43 2018 +0300 Hide offset encoding magic in ZEND_MAP_PTR_IS_OFFSET(), ZEND_MAP_PTR_OFFSET2PTR() and ZEND_MAP_PTR_PTR2OFFSET() macros. commit 9ef07c88bd76801e2d4fbfeab3ebfd6e6a67ac5f Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 10:48:29 2018 +0300 typo commit a06f0f3d3aba53e766046221ee44fb9720389ecc Merge: 94099586ec 3412345ffe Author: Dmitry Stogov <dmitry@zend.com> Date: Wed Oct 17 10:47:07 2018 +0300 Merge branch 'master' into immutable * master: Remove unused variable makefile_am_files Classify object handlers are required/optional Add support for getting SKIP_TAGSTART and SKIP_WHITE options Remove some obsolete config_vars.mk occurrences Remove bsd_converted from .gitignore Remove configuration parser and scanners ignores Remove obsolete buildconf.stamp from .gitignore [ci skip] Add magicdata.patch exception to .gitignore Remove outdated ext/spl/examples items from .gitignore Remove unused test.inc in ext/iconv/tests commit c78277ae84b21067744d1701949e4e1fadd8872a Author: Dmitry Stogov <dmitry@zend.com> Date: Tue Oct 16 17:25:35 2018 +0300 Preloadsing support for opcache restart commit f76a955c02f6a033d4656d5e0d9dad9a8e83cc86 Author: Dmitry Stogov <dmitry@zend.com> Date: Tue Oct 16 13:52:36 2018 +0300 Fixed incorrect signal handlers overriding commit 0810ce0d8165d4b752267f035f9fa0aaa1698ceb Author: Dmitry Stogov <dmitry@zend.com> Date: Mon Oct 15 23:38:48 2018 +0300 An attempt to implemnt "preloading" ability. commit 94099586ec599117581ca01c15b1f6c5f749e23a Author: Dmitry Stogov <dmitry@zend.com> Date: Mon Oct 15 23:34:01 2018 +0300 Immutable clases and op_arrays
2018-11-14 13:46:05 +00:00
[ci skip] Update NEWS
2018-11-14 20:45:24 +00:00
- OpenSSL:
Update NEWS with added TLS 1.3 info
2019-04-28 17:48:35 +00:00
. Added TLS 1.3 support to streams including new tlsv1.3 stream.
(Codarren Velvindron, Jakub Zelenka)
[ci skip] Update NEWS
2018-11-14 20:45:24 +00:00
. Added openssl_x509_verify function. (Ben Scholzen)
Improve openssl_random_pseudo_bytes() CSPRNG implementations should always fail closed. Now openssl_random_pseudo_bytes() will fail closed by throwing an `\Exception` in fail conditions. RFC: https://wiki.php.net/rfc/improve-openssl-random-pseudo-bytes
2018-11-19 23:14:53 +00:00
. openssl_random_pseudo_bytes() now throws in error conditions.
(Sammy Kaye Powers)
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Changed the default config path (Windows only). (cmb)
. Fixed bug #78231 (Segmentation fault upon stream_socket_accept of exported
socket-to-stream). (Nikita)
. Fixed bug #78391 (Assertion failure in openssl_random_pseudo_bytes).
(Nikita)
. Fixed bug #78775 (TLS issues from HTTP request affecting other encrypted
connections). (Nikita)
- Pcntl:
. Fixed bug #77335 (PHP is preventing SIGALRM from specifying SA_RESTART).
(Nikita)
[ci skip] Update NEWS
2018-11-14 20:45:24 +00:00
Fixed bug #72685 We currently have a large performance problem when implementing lexers working on UTF-8 strings in PHP. This kind of code tends to perform a large number of matches at different offsets on a single string. This is generally fast. However, if /u mode is used, the full string will be UTF-8 validated on each match. This results in quadratic runtime. This patch fixes the issue by adding a IS_STR_VALID_UTF8 flag, which is set when we have determined that the string is valid UTF8 and further validation is skipped. A limitation of this approach is that we can't set the flag for interned strings. I think this is not a problem for this use-case which will generally work on dynamic data. If we want to use this flag for other purposes as well (mbstring?) then it might be worthwhile to UTF-8 validate strings during interning. But right now this doesn't seem useful.
2019-03-18 11:57:43 +00:00
- PCRE:
Fix bug #73948 If PREG_UNMATCHED_AS_NULL is used, make sure that unmatched capturing groups at the end are also set to null, rather than just those in the middle.
2019-03-19 11:11:05 +00:00
. Implemented FR #77094 (Support flags in preg_replace_callback). (Nikita)
Fixed bug #72685 We currently have a large performance problem when implementing lexers working on UTF-8 strings in PHP. This kind of code tends to perform a large number of matches at different offsets on a single string. This is generally fast. However, if /u mode is used, the full string will be UTF-8 validated on each match. This results in quadratic runtime. This patch fixes the issue by adding a IS_STR_VALID_UTF8 flag, which is set when we have determined that the string is valid UTF8 and further validation is skipped. A limitation of this approach is that we can't set the flag for interned strings. I think this is not a problem for this use-case which will generally work on dynamic data. If we want to use this flag for other purposes as well (mbstring?) then it might be worthwhile to UTF-8 validate strings during interning. But right now this doesn't seem useful.
2019-03-18 11:57:43 +00:00
. Fixed bug #72685 (Repeated UTF-8 validation of same string in UTF-8 mode).
(Nikita)
Fix bug #73948 If PREG_UNMATCHED_AS_NULL is used, make sure that unmatched capturing groups at the end are also set to null, rather than just those in the middle.
2019-03-19 11:11:05 +00:00
. Fixed bug #73948 (Preg_match_all should return NULLs on trailing optional
capture groups).
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Fixed bug #78338 (Array cross-border reading in PCRE). (cmb)
. Fixed bug #78349 (Bundled pcre2 library missing LICENCE file). (Peter Kokot)
Fixed bug #72685 We currently have a large performance problem when implementing lexers working on UTF-8 strings in PHP. This kind of code tends to perform a large number of matches at different offsets on a single string. This is generally fast. However, if /u mode is used, the full string will be UTF-8 validated on each match. This results in quadratic runtime. This patch fixes the issue by adding a IS_STR_VALID_UTF8 flag, which is set when we have determined that the string is valid UTF8 and further validation is skipped. A limitation of this approach is that we can't set the flag for interned strings. I think this is not a problem for this use-case which will generally work on dynamic data. If we want to use this flag for other purposes as well (mbstring?) then it might be worthwhile to UTF-8 validate strings during interning. But right now this doesn't seem useful.
2019-03-18 11:57:43 +00:00
Merge branch 'PHP-7.3' into PHP-7.4 * PHP-7.3: Fix bug #77849 Disable cloning of PDO handle/connection objects to avoid segfault
2019-04-05 22:55:58 +00:00
- PDO:
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Implemented FR #71885 (Allow escaping question mark placeholders).
https://wiki.php.net/rfc/pdo_escape_placeholders (Matteo)
Merge branch 'PHP-7.3' into PHP-7.4 * PHP-7.3: Fix bug #77849 Disable cloning of PDO handle/connection objects to avoid segfault
2019-04-05 22:55:58 +00:00
. Fixed bug #77849 (Disable cloning of PDO handle/connection objects).
(camporter)
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Implemented FR #78033 (PDO - support username & password specified in
DSN). (sjon)
- PDO_Firebird:
. Implemented FR #65690 (PDO_Firebird should also support dialect 1).
(Simonov Denis)
. Implemented FR #77863 (PDO firebird support type Boolean in input
parameters). (Simonov Denis)
- PDO_MySQL:
. Fixed bug #41997 (SP call yields additional empty result set). (cmb)
. Fixed bug #78623 (Regression caused by "SP call yields additional empty
result set"). (cmb)
[ci skip] Prepare NEWS for 7.3 GA
2018-12-03 12:56:14 +00:00
NEWS and UPGRADING
2018-10-01 05:24:04 +00:00
- PDO_OCI:
Merge PDO_OCI tracing attribute PR
2019-02-11 06:05:36 +00:00
. Support Oracle Database tracing attributes ACTION, MODULE,
CLIENT_INFO, and CLIENT_IDENTIFIER. (Cameron Porter)
Bug > Feature Request
2018-10-01 05:52:22 +00:00
. Implemented FR #76908 (PDO_OCI getColumnMeta() not implemented).
NEWS and UPGRADING
2018-10-01 05:24:04 +00:00
(Valentin Collet, Chris Jones, Remi)
Update NEWS and UPGRADING wrt. PR 2760
2018-09-21 13:00:07 +00:00
- PDO_SQLite:
. Implemented sqlite_stmt_readonly in PDO_SQLite. (BohwaZ)
Improve wording As suggested by Tom Sommer[1]. [1] <https://github.com/php/php-src/commit/8a4c2f16217fb8f8d098355f3943f31e82bcfd71#r32037340>
2019-01-24 12:09:18 +00:00
. Raised requirements to SQLite 3.5.0. (cmb)
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Fixed bug #78192 (SegFault when reuse statement after schema has changed).
(Vincent Quatrevieux)
. Fixed bug #78348 (Remove -lrt from pdo_sqlite.so). (Peter Kokot)
- Phar:
. Fixed bug #77919 (Potential UAF in Phar RSHUTDOWN). (cmb)
Update NEWS and UPGRADING wrt. PR 2760
2018-09-21 13:00:07 +00:00
Merge branch 'PHP-7.3' into PHP-7.4 * PHP-7.3: Fix bug 76596: phpdbg supports display_errors=stderr
2019-01-30 17:28:36 +00:00
- phpdbg:
. Fixed bug #76596 (phpdbg support for display_errors=stderr). (kabel)
Merge branch 'PHP-7.3' into PHP-7.4 * PHP-7.3: fix bug #76801: phpdbg too many open files error
2019-03-23 08:49:03 +00:00
. Fixed bug #76801 (too many open files). (alekitto)
Merge branch 'PHP-7.3' into PHP-7.4 * PHP-7.3: Fix #77800 phpdbg segfaults on conditional breakpoints
2019-03-26 22:06:34 +00:00
. Fixed bug #77800 (phpdbg segfaults on listing some conditional breakpoints).
(krakjoe)
Merge branch 'PHP-7.3' into PHP-7.4 * PHP-7.3: Fix #77805 phpdbg build fails when readline is shared
2019-03-27 09:04:18 +00:00
. Fixed bug #77805 (phpdbg build fails when readline is shared). (krakjoe)
[ci skip] Add password registry RFC to changelog
2019-05-07 00:22:29 +00:00
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
- Recode:
. Unbundled the recode extension. (cmb)
- Reflection:
. Fixed bug #76737 (Unserialized reflection objects are broken, they
shouldn't be serializable). (Nikita)
. Fixed bug #78263 (\ReflectionReference::fromArrayElement() returns null
while item is a reference). (Nikita)
. Fixed bug #78410 (Cannot "manually" unserialize class that is final and
extends an internal one). (Nikita)
. Fixed bug #78697 (ReflectionClass::implementsInterface - inaccurate error
message with traits). (villfa)
. Fixed bug #78774 (ReflectionNamedType on Typed Properties Crash). (Nikita)
- Session:
. Fixed bug #78624 (session_gc return value for user defined session
handlers). (bshaffer)
SimpleXMLElement and ResourceBundle implement Countable Both classes already have a count() method and are considered countable by \is_countable().
2019-05-29 14:45:10 +00:00
- SimpleXML:
. Implemented FR #65215 (SimpleXMLElement could register as implementing
Countable). (LeSuisse)
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Fixed bug #75245 (Don't set content of elements with only whitespaces).
(eriklundin)
SimpleXMLElement and ResourceBundle implement Countable Both classes already have a count() method and are considered countable by \is_countable().
2019-05-29 14:45:10 +00:00
Merge branch 'PHP-7.3' * PHP-7.3: Validate length on socket_write
2018-11-13 12:00:31 +00:00
- Sockets:
. Fixed bug #67619 (Validate length on socket_write). (thiagooak)
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Fixed bug #78665 (Multicasting may leak memory). (cmb)
Update NEWS for 7.2.0beta2
2017-07-18 16:00:34 +00:00
Merge branch 'PHP-7.3' into PHP-7.4 * PHP-7.3: Fix bug #77646
2019-02-21 15:19:44 +00:00
- sodium:
Merge branch 'PHP-7.3' into PHP-7.4 * PHP-7.3: Fix bug #77646
2019-02-21 15:45:43 +00:00
. Fixed bug #77646 (sign_detached() strings not terminated). (Frank)
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Fixed bug #78510 (Partially uninitialized buffer returned by
sodium_crypto_generichash_init()). (Frank Denis, cmb)
. Fixed bug #78516 (password_hash(): Memory cost is not in allowed range).
(cmb, Nikita)
- SPL:
. Fixed bug #77518 (SeekableIterator::seek() should accept 'int' typehint as
documented). (Nikita)
. Fixed bug #78409 (Segfault when creating instance of ArrayIterator without
constructor). (Nikita)
. Fixed bug #78436 (Missing addref in SplPriorityQueue EXTR_BOTH mode).
(Nikita)
. Fixed bug #78456 (Segfault when serializing SplDoublyLinkedList). (Nikita)
[ci skip] Prepare NEWS for 7.3 GA
2018-12-03 12:56:14 +00:00
Update to SQLite 3.25.0
2018-09-15 21:12:25 +00:00
- SQLite3:
[ci skip] Update NEWS and UPGRADING wrt. unbundling libsqlite
2018-10-06 10:44:50 +00:00
. Unbundled libsqlite. (cmb)
Improve wording As suggested by Tom Sommer[1]. [1] <https://github.com/php/php-src/commit/8a4c2f16217fb8f8d098355f3943f31e82bcfd71#r32037340>
2019-01-24 12:09:18 +00:00
. Raised requirements to SQLite 3.7.4. (cmb)
Deny (un)serialization of SQLite3, SQLite3Stmt and SQLite3Result Serializing `SQLite3`, `SQLite3Stmt` and `SQLite3Result` instances is possible but pointless, since unserializing results in uninitialized instances, which will bail out of any method call. Therefore, we deny serialization and unserialization in the first place.
2018-11-29 00:08:03 +00:00
. Forbid (un)serialization of SQLite3, SQLite3Stmt and SQLite3Result. (cmb)
Support SQLite3 @name notation Besides the common `:param` notation to designate named parameters in prepared statements, SQLite3 also supports `@param` and `$param`. While the latter is mostly to support the Tcl programming language, and would be confusing for PHP's sqlite3 binding due to the similarity with string interpolation, the former is common under .NET and raises no such issue. Therefore we add support for it. This patch has been developed in cooperation with @BohwaZ.
2018-11-11 13:55:34 +00:00
. Added support for the SQLite @name notation. (cmb, BohwaZ)
Implement SQLite3Stmt::getSQL method, returning the original statement SQL, eventually expanded
2018-10-18 13:21:10 +00:00
. Added SQLite3Stmt::getSQL() to retrieve the SQL of the statement. (Bohwaz)
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Implement FR ##70950 (Make SQLite3 Online Backup API available). (BohwaZ)
Fixed bug #77518
2019-01-25 10:12:34 +00:00
Update NEWS
2018-08-29 14:12:18 +00:00
- Standard:
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Implemented password hashing registry RFC:
https://wiki.php.net/rfc/password_registry. (Sara)
. Implemented RFC where password_hash() has argon2i(d) implementations from
ext/sodium when PHP is built without libargon:
https://wiki.php.net/rfc/sodium.argon.hash (Sara)
Allow empty $escape to eschew escaping CSV Albeit CSV is still a widespread data exchange format, it has never been officially standardized. There exists, however, the “informational” RFC 4180[1] which has no notion of escape characters, but rather defines `escaped` as strings enclosed in double-quotes where contained double-quotes have to be doubled. While this concept is supported by PHP's implementation (`$enclosure`), the `$escape` sometimes interferes, so that `fgetcsv()` is unable to correctly parse externally generated CSV, and `fputcsv()` is sometimes generating non-compliant CSV. Since PHP's `$escape` concept is availble for many years, we cannot drop it for BC reasons (even though many consider it as bug). Instead we allow to pass an empty string as `$escape` parameter to the respective functions, which results in ignoring/omitting any escaping, and as such is more inline with RFC 4180. It is noteworthy that this is almost no userland BC break, since formerly most functions did not accept an empty string, and failed in this case. The only exception was `str_getcsv()` which did accept an empty string, and used a backslash as escape character then (which appears to be unintended behavior, anyway). The changed functions are `fputcsv()`, `fgetcsv()` and `str_getcsv()`, and also the `::setCsvControl()`, `::getCsvControl()`, `::fputcsv()`, and `::fgetcsv()` methods of `SplFileObject`. The implementation also changes the type of the escape parameter of the PHP_APIs `php_fgetcsv()` and `php_fputcsv()` from `char` to `int`, where `PHP_CSV_NO_ESCAPE` means to ignore/omit escaping. The parameter accepts the same values as `isalpha()` and friends, i.e. “the value of which shall be representable as an `unsigned char` or shall equal the value of the macro `EOF`. If the argument has any other value, the behavior is undefined.” This is a subtle BC break, since the character `chr(128)` has the value `-1` if `char` is signed, and so likely would be confused with `EOF` when converted to `int`. We consider this BC break to be acceptable, since it's rather unlikely that anybody uses `chr(128)` as escape character, and it easily can be fixed by casting all `escape` arguments to `unsigned char`. This patch implements the feature requests 38301[2] and 51496[3]. [1] <https://tools.ietf.org/html/rfc4180> [2] <https://bugs.php.net/bug.php?id=38301> [3] <https://bugs.php.net/bug.php?id=51496>
2018-12-02 15:28:18 +00:00
. Implemented FR #38301 (field enclosure behavior in fputcsv). (cmb)
. Implemented FR #51496 (fgetcsv should take empty string as an escape). (cmb)
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Fixed bug #73535 (php_sockop_write() returns 0 on error, can be used to
trigger Denial of Service). (Nikita)
. Fixed bug #74764 (Bindto IPv6 works with file_get_contents but fails with
stream_socket_client). (Ville Hukkamäki)
. Fixed bug #76859 (stream_get_line skips data if used with data-generating
filter). (kkopachev)
Update NEWS and UPGRADING [ci skip]
2019-02-13 03:14:32 +00:00
. Implemented FR #77377 (No way to handle CTRL+C in Windows). (Anatol)
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
. Fixed bug #77930 (stream_copy_to_stream should use mmap more often).
(Nikita)
. Implemented FR #78177 (Make proc_open accept command array). (Nikita)
. Fixed bug #78208 (password_needs_rehash() with an unknown algo should always
return true). (Sara)
. Fixed bug #78241 (touch() does not handle dates after 2038 in PHP 64-bit). (cmb)
. Fixed bug #78282 (atime and mtime mismatch). (cmb)
. Fixed bug #78326 (improper memory deallocation on stream_get_contents()
with fixed length buffer). (Albert Casademont)
. Fixed bug #78346 (strip_tags no longer handling nested php tags). (cmb)
. Fixed bug #78506 (Error in a php_user_filter::filter() is not reported).
(Nikita)
. Fixed bug #78549 (Stack overflow due to nested serialized input). (Nikita)
. Fixed bug #78759 (array_search in $GLOBALS). (Nikita)
Add support for zlib/level context option
2017-10-24 02:10:56 +00:00
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
- Testing:
. Fixed bug #78684 (PCRE bug72463_2 test is sending emails on Linux). (cmb)
Fixed bug #76737 Explicitly prohibit serialization and unserialization of reflection objects.
2018-09-29 12:47:57 +00:00
Add TIDY_TAG_* constants supported by libtidy 5 Cf. <http://api.html-tidy.org/tidy/tidylib_api_5.0.0/tidyenum_8h.html#ae5b597c0999422ff383f08ab595ef5e8a16d20becf3c3cb022ddabccc83d8c314>.
2018-10-27 14:17:09 +00:00
- Tidy:
. Added TIDY_TAG_* constants for HTML5 elements. (cmb)
Fix arginfo for tidy's global functions See https://secure.php.net/tidy_getopt , etc. I can't find any other obvious incorrect reflection.
2019-02-18 03:38:18 +00:00
. Fixed bug #76736 (wrong reflection for tidy_get_head, tidy_get_html,
tidy_get_root, and tidy_getopt) (tandre)
Add TIDY_TAG_* constants supported by libtidy 5 Cf. <http://api.html-tidy.org/tidy/tidylib_api_5.0.0/tidyenum_8h.html#ae5b597c0999422ff383f08ab595ef5e8a16d20becf3c3cb022ddabccc83d8c314>.
2018-10-27 14:17:09 +00:00
Deprecate ext/wddx Cf. <https://wiki.php.net/rfc/deprecate-and-remove-ext-wddx>.
2019-02-11 18:27:27 +00:00
- WDDX:
Unbundle ext/wddx The extension is now available from <https://pecl.php.net/package/wddx>. Cf. <https://wiki.php.net/rfc/deprecate-and-remove-ext-wddx>.
2019-03-20 13:15:50 +00:00
. Deprecated and unbundled the WDDX extension. (cmb)
Deprecate ext/wddx Cf. <https://wiki.php.net/rfc/deprecate-and-remove-ext-wddx>.
2019-02-11 18:27:27 +00:00
Consolidate NEWS for 7.4.0 release
2019-11-24 09:23:33 +00:00
- Zip:
. Fixed bug #78641 (addGlob can modify given remove_path value). (cmb)
WIP: Merge NEWS
2019-11-23 19:00:51 +00:00
21 Nov 2019, PHP 7.3.12
- Core:
. Fixed bug #78658 (Memory corruption using Closure::bindTo). (Nikita)
. Fixed bug #78656 (Parse errors classified as highest log-level). (Erik
Lundin)
. Fixed bug #78752 (Segfault if GC triggered while generator stack frame is
being destroyed). (Nikita)
. Fixed bug #78689 (Closure::fromCallable() doesn't handle
[Closure, '__invoke']). (Nikita)
- COM:
. Fixed bug #78694 (Appending to a variant array causes segfault). (cmb)
- Date:
. Fixed bug #70153 (\DateInterval incorrectly unserialized). (Maksim Iakunin)
. Fixed bug #78751 (Serialising DatePeriod converts DateTimeImmutable). (cmb)
- Iconv:
. Fixed bug #78642 (Wrong libiconv version displayed). (gedas at martynas,
cmb).
- OpCache:
. Fixed bug #78654 (Incorrectly computed opcache checksum on files with
non-ascii characters). (mhagstrand)
. Fixed bug #78747 (OpCache corrupts custom extension result). (Nikita)
- OpenSSL:
. Fixed bug #78775 (TLS issues from HTTP request affecting other encrypted
connections). (Nikita)
- Reflection:
. Fixed bug #78697 (ReflectionClass::ImplementsInterface - inaccurate error
message with traits). (villfa)
- Sockets:
. Fixed bug #78665 (Multicasting may leak memory). (cmb)
24 Oct 2019, PHP 7.3.11
- Core:
. Fixed bug #78535 (auto_detect_line_endings value not parsed as bool).
(bugreportuser)
. Fixed bug #78620 (Out of memory error). (cmb, Nikita)
- Exif :
. Fixed bug #78442 ('Illegal component' on exif_read_data since PHP7)
(Kalle)
- FPM:
. Fixed bug #78599 (env_path_info underflow in fpm_main.c can lead to RCE).
(CVE-2019-11043) (Jakub Zelenka)
. Fixed bug #78413 (request_terminate_timeout does not take effect after
fastcgi_finish_request). (Sergei Turchanov)
- MBString:
. Fixed bug #78633 (Heap buffer overflow (read) in mb_eregi). (cmb)
. Fixed bug #78579 (mb_decode_numericentity: args number inconsistency).
(cmb)
. Fixed bug #78609 (mb_check_encoding() no longer supports stringable
objects). (cmb)
- MySQLi:
. Fixed bug #76809 (SSL settings aren't respected when persistent connections
are used). (fabiomsouto)
- Mysqlnd:
. Fixed bug #78525 (Memory leak in pdo when reusing native prepared
statements). (Nikita)
- PCRE:
. Fixed bug #78272 (calling preg_match() before pcntl_fork() will freeze
child process). (Nikita)
- PDO_MySQL:
. Fixed bug #78623 (Regression caused by "SP call yields additional empty
result set"). (cmb)
- Session:
. Fixed bug #78624 (session_gc return value for user defined session
handlers). (bshaffer)
- Standard:
. Fixed bug #76342 (file_get_contents waits twice specified timeout).
(Thomas Calvet)
. Fixed bug #78612 (strtr leaks memory when integer keys are used and the
subject string shorter). (Nikita)
. Fixed bug #76859 (stream_get_line skips data if used with data-generating
filter). (kkopachev)
- Zip:
. Fixed bug #78641 (addGlob can modify given remove_path value). (cmb)
26 Sep 2019, PHP 7.3.10
- Core:
. Fixed bug #78220 (Can't access OneDrive folder). (cmb, ab)
. Fixed bug #77922 (Double release of doc comment on inherited shadow
property). (Nikita)
. Fixed bug #78441 (Parse error due to heredoc identifier followed by digit).
(cmb)
. Fixed bug #77812 (Interactive mode does not support PHP 7.3-style heredoc).
(cmb, Nikita)
- FastCGI:
. Fixed bug #78469 (FastCGI on_accept hook is not called when using named
pipes on Windows). (Sergei Turchanov)
- FPM:
. Fixed bug #78334 (fpm log prefix message includes wrong stdout/stderr
notation). (Tsuyoshi Sadakata)
- Intl:
. Ensure IDNA2003 rules are used with idn_to_ascii() and idn_to_utf8()
when requested. (Sara)
- MBString:
. Fixed bug #78559 (Heap buffer overflow in mb_eregi). (cmb)
- MySQLnd:
. Fixed connect_attr issues and added the _server_host connection attribute.
(Qianqian Bu)
- ODBC:
. Fixed bug #78473 (odbc_close() closes arbitrary resources). (cmb)
- PDO_MySQL:
. Fixed bug #41997 (SP call yields additional empty result set). (cmb)
- sodium:
. Fixed bug #78510 (Partially uninitialized buffer returned by
sodium_crypto_generichash_init()). (Frank Denis, cmb)
29 Aug 2019, PHP 7.3.9
- Core:
. Fixed bug #78363 (Buffer overflow in zendparse). (Nikita)
. Fixed bug #78379 (Cast to object confuses GC, causes crash). (Dmitry)
. Fixed bug #78412 (Generator incorrectly reports non-releasable $this as GC
child). (Nikita)
- Curl:
. Fixed bug #77946 (Bad cURL resources returned by curl_multi_info_read()).
(Abyr Valg)
- Exif:
. Fixed bug #78333 (Exif crash (bus error) due to wrong alignment and
invalid cast). (Nikita)
- FPM:
. Fixed bug #77185 (Use-after-free in FPM master event handling).
(Maksim Nikulin)
- Iconv:
. Fixed bug #78342 (Bus error in configure test for iconv //IGNORE). (Rainer
Jung)
- LiteSpeed:
. Updated to LiteSpeed SAPI V7.5 (Fixed clean shutdown). (George Wang)
- MBString:
. Fixed bug #78380 (Oniguruma 6.9.3 fixes CVEs). (CVE-2019-13224) (Stas)
- MySQLnd:
. Fixed bug #78179 (MariaDB server version incorrectly detected). (cmb)
. Fixed bug #78213 (Empty row pocket). (cmb)
- Opcache:
. Fixed bug #77191 (Assertion failure in dce_live_ranges() when silencing is
used). (Nikita)
- Standard:
. Fixed bug #69100 (Bus error from stream_copy_to_stream (file -> SSL stream)
with invalid length). (Nikita)
. Fixed bug #78282 (atime and mtime mismatch). (cmb)
. Fixed bug #78326 (improper memory deallocation on stream_get_contents()
with fixed length buffer). (Albert Casademont)
. Fixed bug #78346 (strip_tags no longer handling nested php tags). (cmb)
01 Aug 2019, PHP 7.3.8
- Core:
. Added syslog.filter=raw option. (Erik Lundin)
. Fixed bug #78212 (Segfault in built-in webserver). (cmb)
- Date:
. Fixed bug #69044 (discrepency between time and microtime). (krakjoe)
. Updated timelib to 2018.02. (Derick)
- EXIF:
. Fixed bug #78256 (heap-buffer-overflow on exif_process_user_comment).
(CVE-2019-11042) (Stas)
. Fixed bug #78222 (heap-buffer-overflow on exif_scan_thumbnail).
(CVE-2019-11041) (Stas)
- FTP:
. Fixed bug #78039 (FTP with SSL memory leak). (Nikita)
- Libxml:
. Fixed bug #78279 (libxml_disable_entity_loader settings is shared between
requests (cgi-fcgi)). (Nikita)
- LiteSpeed:
. Updated to LiteSpeed SAPI V7.4.3 (increased response header count limit from
100 to 1000, added crash handler to cleanly shutdown PHP request, added
CloudLinux mod_lsapi mode). (George Wang)
. Fixed bug #76058 (After "POST data can't be buffered", using php://input
makes huge tmp files). (George Wang)
- Openssl:
. Fixed bug #78231 (Segmentation fault upon stream_socket_accept of exported
socket-to-stream). (Nikita)
- Opcache:
. Fixed bug #78189 (file cache strips last character of uname hash). (cmb)
. Fixed bug #78202 (Opcache stats for cache hits are capped at 32bit NUM).
(cmb)
. Fixed bug #78271 (Invalid result of if-else). (Nikita)
. Fixed bug #78291 (opcache_get_configuration doesn't list all directives).
(Andrew Collington)
. Fixed bug #78341 (Failure to detect smart branch in DFA pass). (Nikita)
- PCRE:
. Fixed bug #78197 (PCRE2 version check in configure fails for "##.##-xxx"
version strings). (pgnet, Peter Kokot)
. Fixed bug #78338 (Array cross-border reading in PCRE). (cmb)
- PDO_Sqlite:
. Fixed bug #78192 (SegFault when reuse statement after schema has changed).
(Vincent Quatrevieux)
- Phar:
. Fixed bug #77919 (Potential UAF in Phar RSHUTDOWN). (cmb)
- Phpdbg:
. Fixed bug #78297 (Include unexistent file memory leak). (Nikita)
- SQLite:
. Upgraded to SQLite 3.28.0. (cmb)
- Standard:
. Fixed bug #78241 (touch() does not handle dates after 2038 in PHP 64-bit). (cmb)
. Fixed bug #78269 (password_hash uses weak options for argon2). (Remi)
04 Jul 2019, PHP 7.3.7
- Core:
. Fixed bug #76980 (Interface gets skipped if autoloader throws an exception).
(Nikita)
- DOM:
. Fixed bug #78025 (segfault when accessing properties of DOMDocumentType).
(cmb)
- MySQLi:
. Fixed bug #77956 (When mysqli.allow_local_infile = Off, use a meaningful
error message). (Sjon Hortensius)
. Fixed bug #38546 (bindParam incorrect processing of bool types).
(camporter)
- MySQLnd:
. Fixed bug #77955 (Random segmentation fault in mysqlnd from php-fpm).
(Nikita)
- Opcache:
. Fixed bug #78015 (Incorrect evaluation of expressions involving partials
arrays in SCCP). (Nikita)
. Fixed bug #78106 (Path resolution fails if opcache disabled during request).
(Nikita)
- OpenSSL:
. Fixed bug #78079 (openssl_encrypt_ccm.phpt fails with OpenSSL 1.1.1c).
(Jakub Zelenka)
- phpdbg:
. Fixed bug #78050 (SegFault phpdbg + opcache on include file twice).
(Nikita)
- Sockets:
. Fixed bug #78038 (Socket_select fails when resource array contains
references). (Nikita)
- Sodium:
. Fixed bug #78114 (segfault when calling sodium_* functions from eval). (cmb)
- Standard:
. Fixed bug #77135 (Extract with EXTR_SKIP should skip $this).
(Craig Duncan, Dmitry)
. Fixed bug #77937 (preg_match failed). (cmb, Anatol)
- Zip:
. Fixed bug #76345 (zip.h not found). (Michael Maroszek)
30 May 2019, PHP 7.3.6
- cURL:
. Implemented FR #72189 (Add missing CURL_VERSION_* constants). (Javier
Spagnoletti)
- Date:
. Fixed bug #77909 (DatePeriod::__construct() with invalid recurrence count
value). (Ignace Nyamagana Butera)
- EXIF:
. Fixed bug #77988 (heap-buffer-overflow on php_jpg_get16).
(CVE-2019-11040) (Stas)
- FPM:
. Fixed bug #77934 (php-fpm kill -USR2 not working). (Jakub Zelenka)
. Fixed bug #77921 (static.php.net doesn't work anymore). (Peter Kokot)
- GD:
. Fixed bug #77943 (imageantialias($image, false); does not work). (cmb)
. Fixed bug #77973 (Uninitialized read in gdImageCreateFromXbm).
(CVE-2019-11038) (cmb)
- Iconv:
. Fixed bug #78069 (Out-of-bounds read in iconv.c:_php_iconv_mime_decode()
due to integer overflow). (CVE-2019-11039). (maris dot adam)
- JSON:
. Fixed bug #77843 (Use after free with json serializer). (Nikita)
- Opcache:
. Fixed possible crashes, because of inconsistent PCRE cache and opcache
SHM reset. (Alexey Kalinin, Dmitry)
- PDO_MySQL:
. Fixed bug #77944 (Wrong meta pdo_type for bigint on LLP64). (cmb)
- Reflection:
. Fixed bug #75186 (Inconsistent reflection of Closure:::__invoke()). (Nikita)
- Session:
. Fixed bug #77911 (Wrong warning for session.sid_bits_per_character). (cmb)
- SOAP:
. Fixed bug #77945 (Segmentation fault when constructing SoapClient with
WSDL_CACHE_BOTH). (Nikita)
- SPL:
. Fixed bug #77024 (SplFileObject::__toString() may return array). (Craig
Duncan)
- SQLite:
. Fixed bug #77967 (Bypassing open_basedir restrictions via file uris). (Stas)
- Standard:
. Fixed bug #77931 (Warning for array_map mentions wrong type). (Nikita)
. Fixed bug #78003 (strip_tags output change since PHP 7.3). (cmb)
02 May 2019, PHP 7.3.5
- Core:
. Fixed bug #77903 (ArrayIterator stops iterating after offsetSet call).
(Nikita)
- CLI:
. Fixed bug #77794 (Incorrect Date header format in built-in server).
(kelunik)
- EXIF
. Fixed bug #77950 (Heap-buffer-overflow in _estrndup via exif_process_IFD_TAG).
(CVE-2019-11036) (Stas)
- Interbase:
. Fixed bug #72175 (Impossibility of creating multiple connections to
Interbase with php 7.x). (Nikita)
- Intl:
. Fixed bug #77895 (IntlDateFormatter::create fails in strict mode if $locale
= null). (Nikita)
- LDAP:
. Fixed bug #77869 (Core dump when using server controls) (mcmic)
- Mail
. Fixed bug #77821 (Potential heap corruption in TSendMail()). (cmb)
- mbstring:
. Implemented FR #72777 (Implement regex stack limits for mbregex functions).
(Yasuo Ohgaki, Stas)
- MySQLi:
. Fixed bug #77773 (Unbuffered queries leak memory - MySQLi / mysqlnd).
(Nikita)
- PCRE:
. Fixed bug #77827 (preg_match does not ignore \r in regex flags). (requinix,
cmb)
- PDO:
. Fixed bug #77849 (Disable cloning of PDO handle/connection objects).
(camporter)
- phpdbg:
. Fixed bug #76801 (too many open files). (alekitto)
. Fixed bug #77800 (phpdbg segfaults on listing some conditional breakpoints).
(krakjoe)
. Fixed bug #77805 (phpdbg build fails when readline is shared). (krakjoe)
- Reflection:
. Fixed bug #77772 (ReflectionClass::getMethods(null) doesn't work). (Nikita)
. Fixed bug #77882 (Different behavior: always calls destructor). (Nikita)
- Standard:
. Fixed bug #77793 (Segmentation fault in extract() when overwriting
reference with itself). (Nikita)
. Fixed bug #77844 (Crash due to null pointer in parse_ini_string with
INI_SCANNER_TYPED). (Nikita)
. Fixed bug #77853 (Inconsistent substr_compare behaviour with empty
haystack). (Nikita)
04 Apr 2019, PHP 7.3.4
- Core:
. Fixed bug #77738 (Nullptr deref in zend_compile_expr). (Laruence)
. Fixed bug #77660 (Segmentation fault on break 2147483648). (Laruence)
. Fixed bug #77652 (Anonymous classes can lose their interface information).
(Nikita)
. Fixed bug #77345 (Stack Overflow caused by circular reference in garbage
collection). (Alexandru Patranescu, Nikita, Dmitry)
. Fixed bug #76956 (Wrong value for 'syslog.filter' documented in php.ini).
(cmb)
- Apache2Handler:
. Fixed bug #77648 (BOM in sapi/apache2handler/php_functions.c). (cmb)
- Bcmath:
. Fixed bug #77742 (bcpow() implementation related to gcc compiler
optimization). (Nikita)
- CLI Server:
. Fixed bug #77722 (Incorrect IP set to $_SERVER['REMOTE_ADDR'] on the
localhost). (Nikita)
- COM:
. Fixed bug #77578 (Crash when php unload). (cmb)
- EXIF:
. Fixed bug #77753 (Heap-buffer-overflow in php_ifd_get32s). (CVE-2019-11034)
(Stas)
. Fixed bug #77831 (Heap-buffer-overflow in exif_iif_add_value).
(CVE-2019-11035) (Stas)
- FPM:
. Fixed bug #77677 (FPM fails to build on AIX due to missing WCOREDUMP).
(Kevin Adler)
- GD:
. Fixed bug #77700 (Writing truecolor images as GIF ignores interlace flag).
(cmb)
- MySQLi:
. Fixed bug #77597 (mysqli_fetch_field hangs scripts). (Nikita)
- Opcache:
. Fixed bug #77743 (Incorrect pi node insertion for jmpznz with identical
successors). (Nikita)
- PCRE:
. Fixed bug #76127 (preg_split does not raise an error on invalid UTF-8).
(Nikita)
- Phar:
. Fixed bug #77697 (Crash on Big_Endian platform). (Laruence)
- phpdbg:
. Fixed bug #77767 (phpdbg break cmd aliases listed in help do not match
actual aliases). (Miriam Lauter)
- sodium:
. Fixed bug #77646 (sign_detached() strings not terminated). (Frank)
- SQLite3:
. Added sqlite3.defensive INI directive. (BohwaZ)
- Standard:
. Fixed bug #77664 (Segmentation fault when using undefined constant in
custom wrapper). (Laruence)
. Fixed bug #77669 (Crash in extract() when overwriting extracted array).
(Nikita)
. Fixed bug #76717 (var_export() does not create a parsable value for
PHP_INT_MIN). (Nikita)
. Fixed bug #77765 (FTP stream wrapper should set the directory as
executable). (Vlad Temian)
07 Mar 2019, PHP 7.3.3
- Core:
. Fixed bug #77589 (Core dump using parse_ini_string with numeric sections).
(Laruence)
. Fixed bug #77329 (Buffer Overflow via overly long Error Messages).
(Dmitry)
. Fixed bug #77494 (Disabling class causes segfault on member access).
(Dmitry)
. Fixed bug #77498 (Custom extension Segmentation fault when declare static
property). (Nikita)
. Fixed bug #77530 (PHP crashes when parsing `(2)::class`). (Ekin)
. Fixed bug #77546 (iptcembed broken function). (gdegoulet)
. Fixed bug #77630 (rename() across the device may allow unwanted access
during processing). (Stas)
- COM:
. Fixed bug #77621 (Already defined constants are not properly reported).
(cmb)
. Fixed bug #77626 (Persistence confusion in php_com_import_typelib()). (cmb)
- EXIF:
. Fixed bug #77509 (Uninitialized read in exif_process_IFD_in_TIFF). (Stas)
. Fixed bug #77540 (Invalid Read on exif_process_SOFn). (Stas)
. Fixed bug #77563 (Uninitialized read in exif_process_IFD_in_MAKERNOTE). (Stas)
. Fixed bug #77659 (Uninitialized read in exif_process_IFD_in_MAKERNOTE). (Stas)
- Mbstring:
. Fixed bug #77514 (mb_ereg_replace() with trailing backslash adds null byte).
(Nikita)
- MySQL
. Disabled LOCAL INFILE by default, can be enabled using php.ini directive
mysqli.allow_local_infile for mysqli, or PDO::MYSQL_ATTR_LOCAL_INFILE
attribute for pdo_mysql. (Darek Slusarczyk)
- OpenSSL:
. Fixed bug #77390 (feof might hang on TLS streams in case of fragmented TLS
records). (Abyl Valg, Jakub Zelenka)
- PDO_OCI:
. Support Oracle Database tracing attributes ACTION, MODULE,
CLIENT_INFO, and CLIENT_IDENTIFIER. (Cameron Porter)
- PHAR:
. Fixed bug #77396 (Null Pointer Dereference in phar_create_or_parse_filename).
(bishop)
. Fixed bug #77586 (phar_tar_writeheaders_int() buffer overflow). (bishop)
- phpdbg:
. Fixed bug #76596 (phpdbg support for display_errors=stderr). (kabel)
- SPL:
. Fixed bug #51068 (DirectoryIterator glob:// don't support current path
relative queries). (Ahmed Abdou)
. Fixed bug #77431 (openFile() silently truncates after a null byte). (cmb)
- Standard:
. Fixed bug #77552 (Unintialized php_stream_statbuf in stat functions).
(John Stevenson)
. Fixed bug #77612 (setcookie() sets incorrect SameSite header if all of its
options filled). (Nikita)
07 Feb 2019, PHP 7.3.2
- Core:
. Fixed bug #77369 (memcpy with negative length via crafted DNS response). (Stas)
. Fixed bug #77387 (Recursion detection broken when printing GLOBALS).
(Laruence)
. Fixed bug #77376 ("undefined function" message no longer includes
namespace). (Laruence)
. Fixed bug #77357 (base64_encode / base64_decode doest not work on nested
VM). (Nikita)
. Fixed bug #77339 (__callStatic may get incorrect arguments). (Dmitry)
. Fixed bug #77317 (__DIR__, __FILE__, realpath() reveal physical path for
subst virtual drive). (Anatol)
. Fixed bug #77263 (Segfault when using 2 RecursiveFilterIterator). (Dmitry)
. Fixed bug #77447 (PHP 7.3 built with ASAN crashes in
zend_cpu_supports_avx2). (Nikita)
. Fixed bug #77484 (Zend engine crashes when calling realpath in invalid
working dir). (Anatol)
- Curl:
. Fixed bug #76675 (Segfault with H2 server push). (Pedro Magalhães)
- Fileinfo:
. Fixed bug #77346 (webm files incorrectly detected as
application/octet-stream). (Anatol)
- FPM:
. Fixed bug #77430 (php-fpm crashes with Main process exited, code=dumped,
status=11/SEGV). (Jakub Zelenka)
- GD:
. Fixed bug #73281 (imagescale(…, IMG_BILINEAR_FIXED) can cause black border).
(cmb)
. Fixed bug #73614 (gdImageFilledArc() doesn't properly draw pies). (cmb)
. Fixed bug #77272 (imagescale() may return image resource on failure). (cmb)
. Fixed bug #77391 (1bpp BMPs may fail to be loaded). (Romain Déoux, cmb)
. Fixed bug #77479 (imagewbmp() segfaults with very large images). (cmb)
- ldap:
. Fixed bug #77440 (ldap_bind using ldaps or ldap_start_tls()=exception in
libcrypto-1_1-x64.dll). (Anatol)
- Mbstring:
. Fixed bug #77428 (mb_ereg_replace() doesn't replace a substitution
variable). (Nikita)
. Fixed bug #77454 (mb_scrub() silently truncates after a null byte).
(64796c6e69 at gmail dot com)
- MySQLnd:
. Fixed bug #77308 (Unbuffered queries memory leak). (Dmitry)
. Fixed bug #75684 (In mysqlnd_ext_plugin.h the plugin methods family has
no external visibility). (Anatol)
- Opcache:
. Fixed bug #77266 (Assertion failed in dce_live_ranges). (Laruence)
. Fixed bug #77257 (value of variable assigned in a switch() construct gets
lost). (Nikita)
. Fixed bug #77434 (php-fpm workers are segfaulting in zend_gc_addre).
(Nikita)
. Fixed bug #77361 (configure fails on 64-bit AIX when opcache enabled).
(Kevin Adler)
. Fixed bug #77287 (Opcache literal compaction is incompatible with EXT
opcodes). (Nikita)
- PCRE:
. Fixed bug #77338 (get_browser with empty string). (Nikita)
- PDO:
. Fixed bug #77273 (array_walk_recursive corrupts value types leading to PDO
failure). (Nikita)
- PDO MySQL:
. Fixed bug #77289 (PDO MySQL segfaults with persistent connection).
(Lauri Kenttä)
- SOAP:
. Fixed bug #77410 (Segmentation Fault when executing method with an empty
parameter). (Nikita)
- Sockets:
. Fixed bug #76839 (socket_recvfrom may return an invalid 'from' address
on MacOS). (Michael Meyer)
- SPL:
. Fixed bug #77298 (segfault occurs when add property to unserialized empty
ArrayObject). (jhdxr)
- Standard:
. Fixed bug #77395 (segfault about array_multisort). (Laruence)
. Fixed bug #77439 (parse_str segfaults when inserting item into existing
array). (Nikita)
10 Jan 2019, PHP 7.3.1
- Core:
. Fixed bug #76654 (Build failure on Mac OS X on 32-bit Intel). (Ryandesign)
. Fixed bug #71041 (zend_signal_startup() needs ZEND_API).
(Valentin V. Bartenev)
. Fixed bug #76046 (PHP generates "FE_FREE" opcode on the wrong line).
(Nikita)
. Fixed bug #77291 (magic methods inherited from a trait may be ignored).
(cmb)
- CURL:
. Fixed bug #77264 (curl_getinfo returning microseconds, not seconds).
(Pierrick)
- COM:
. Fixed bug #77177 (Serializing or unserializing COM objects crashes). (cmb)
- Exif:
. Fixed bug #77184 (Unsigned rational numbers are written out as signed
rationals). (Colin Basnett)
- GD:
. Fixed bug #77195 (Incorrect error handling of imagecreatefromjpeg()). (cmb)
. Fixed bug #77198 (auto cropping has insufficient precision). (cmb)
. Fixed bug #77200 (imagecropauto(…, GD_CROP_SIDES) crops left but not right).
(cmb)
. Fixed bug #77269 (efree() on uninitialized Heap data in imagescale leads to
use-after-free). (cmb)
. Fixed bug #77270 (imagecolormatch Out Of Bounds Write on Heap). (cmb)
- MBString:
. Fixed bug #77367 (Negative size parameter in mb_split). (Stas)
. Fixed bug #77370 (Buffer overflow on mb regex functions - fetch_token).
(Stas)
. Fixed bug #77371 (heap buffer overflow in mb regex functions
- compile_string_node). (Stas)
. Fixed bug #77381 (heap buffer overflow in multibyte match_at). (Stas)
. Fixed bug #77382 (heap buffer overflow due to incorrect length in
expand_case_fold_string). (Stas)
. Fixed bug #77385 (buffer overflow in fetch_token). (Stas)
. Fixed bug #77394 (Buffer overflow in multibyte case folding - unicode).
(Stas)
. Fixed bug #77418 (Heap overflow in utf32be_mbc_to_code). (Stas)
- OCI8:
. Fixed bug #76804 (oci_pconnect with OCI_CRED_EXT not working). (KoenigsKind)
. Added oci_set_call_timeout() for call timeouts.
. Added oci_set_db_operation() for the DBOP end-to-end-tracing attribute.
- Opcache:
. Fixed bug #77215 (CFG assertion failure on multiple finalizing switch
frees in one block). (Nikita)
. Fixed bug #77275 (OPcache optimization problem for ArrayAccess->offsetGet).
(Nikita)
- PCRE:
. Fixed bug #77193 (Infinite loop in preg_replace_callback). (Anatol)
- PDO:
. Handle invalid index passed to PDOStatement::fetchColumn() as error. (Sergei
Morozov)
- Phar:
. Fixed bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext). (Stas)
- Soap:
. Fixed bug #77088 (Segfault when using SoapClient with null options).
(Laruence)
- Sockets:
. Fixed bug #77136 (Unsupported IPV6_RECVPKTINFO constants on macOS).
(Mizunashi Mana)
- Sodium:
. Fixed bug #77297 (SodiumException segfaults on PHP 7.3). (Nikita, Scott)
- SPL:
. Fixed bug #77359 (spl_autoload causes segfault). (Lauri Kenttä)
. Fixed bug #77360 (class_uses causes segfault). (Lauri Kenttä)
- SQLite3:
. Fixed bug #77051 (Issue with re-binding on SQLite3). (BohwaZ)
- Xmlrpc:
. Fixed bug #77242 (heap out of bounds read in xmlrpc_decode()). (cmb)
. Fixed bug #77380 (Global out of bounds read in xmlrpc base64 code). (Stas)
06 Dec 2018, PHP 7.3.0
- Core:
. Improved PHP GC. (Dmitry, Nikita)
. Redesigned the old ext_skel program written in PHP, run:
'php ext_skel.php' for all options. This means there are no dependencies,
thus making it work on Windows out of the box. (Kalle)
. Removed support for BeOS. (Kalle)
. Add PHP_VERSION to phpinfo() <title/>. (github/MattJeevas)
. Add net_get_interfaces(). (Sara, Joe, Anatol)
. Added gc_status(). (Benjamin Eberlei)
. Implemented flexible heredoc and nowdoc syntax, per
RFC https://wiki.php.net/rfc/flexible_heredoc_nowdoc_syntaxes.
(Thomas Punt)
. Added support for references in list() and array destructuring, per
RFC https://wiki.php.net/rfc/list_reference_assignment.
(David Walker)
. Improved effectiveness of ZEND_SECURE_ZERO for NetBSD and systems
without native similar feature. (devnexen)
. Added syslog.facility and syslog.ident INI entries for customizing syslog
logging. (Philip Prindeville)
. Fixed bug #75683 (Memory leak in zend_register_functions() in ZTS mode).
(Dmitry)
. Fixed bug #75031 (support append mode in temp/memory streams). (adsr)
. Fixed bug #74860 (Uncaught exceptions not being formatted properly when
error_log set to "syslog"). (Philip Prindeville)
. Fixed bug #75220 (Segfault when calling is_callable on parent).
(andrewnester)
. Fixed bug #69954 (broken links and unused config items in distributed ini
files). (petk)
. Fixed bug #74922 (Composed class has fatal error with duplicate, equal const
properties). (pmmaga)
. Fixed bug #63911 (identical trait methods raise errors during composition).
(pmmaga)
. Fixed bug #75677 (Clang ignores fastcall calling convention on variadic
function). (Li-Wen Hsu)
. Fixed bug #54043 (Remove inconsitency of internal exceptions and user
defined exceptions). (Nikita)
. Fixed bug #53033 (Mathematical operations convert objects to integers).
(Nikita)
. Fixed bug #73108 (Internal class cast handler uses integer instead of
float). (Nikita)
. Fixed bug #75765 (Fatal error instead of Error exception when base class is
not found). (Timur Ibragimov)
. Fixed bug #76198 (Wording: "iterable" is not a scalar type). (Levi Morrison)
. Fixed bug #76137 (config.guess/config.sub do not recognize RISC-V). (cmb)
. Fixed bug #76427 (Segfault in zend_objects_store_put). (Laruence)
. Fixed bug #76422 (ftruncate fails on files > 2GB). (Anatol)
. Fixed bug #76509 (Inherited static properties can be desynchronized from
their parent by ref). (Nikita)
. Fixed bug #76439 (Changed behaviour in unclosed HereDoc). (Nikita, tpunt)
. Fixed bug #63217 (Constant numeric strings become integers when used as
ArrayAccess offset). (Rudi Theunissen, Dmitry)
. Fixed bug #33502 (Some nullary functions don't check the number of
arguments). (cmb)
. Fixed bug #76392 (Error relocating sapi/cli/php: unsupported relocation
type 37). (Peter Kokot)
. The declaration and use of case-insensitive constants has been deprecated.
(Nikita)
. Added syslog.filter INI entry for syslog filtering. (Philip Prindeville)
. Fixed bug #76667 (Segfault with divide-assign op and __get + __set).
(Laruence)
. Fixed bug #76030 (RE2C_FLAGS rarely honoured) (Cristian Rodríguez)
. Fixed broken zend_read_static_property (Laruence)
. Fixed bug #76773 (Traits used on the parent are ignored for child classes).
(daverandom)
. Fixed bug #76767 (asm operand has impossible constraints in zend_operators.h).
(ondrej)
. Fixed bug #76752 (Crash in ZEND_COALESCE_SPEC_TMP_HANDLER - assertion in
_get_zval_ptr_tmp failed). (Laruence)
. Fixed bug #76820 (Z_COPYABLE invalid definition). (mvdwerve, cmb)
. Fixed bug #76510 (file_exists() stopped working for phar://). (cmb)
. Fixed bug #76869 (Incorrect bypassing protected method accessibilty check).
(Dmitry)
. Fixed bug #72635 (Undefined class used by class constant in constexpr
generates fatal error). (Nikita)
. Fixed bug #76947 (file_put_contents() blocks the directory of the file
(__DIR__)). (Anatol)
. Fixed bug #76979 (define() error message does not mention resources as
valid values). (Michael Moravec)
. Fixed bug #76825 (Undefined symbols ___cpuid_count). (Laruence, cmb)
. Fixed bug #77110 (undefined symbol zend_string_equal_val in C++ build).
(Remi)
- BCMath:
. Implemented FR #67855 (No way to get current scale in use). (Chris Wright,
cmb)
. Fixed bug #66364 (BCMath bcmul ignores scale parameter). (cmb)
. Fixed bug #75164 (split_bc_num() is pointless). (cmb)
. Fixed bug #75169 (BCMath errors/warnings bypass PHP's error handling). (cmb)
- CLI:
. Fixed bug #44217 (Output after stdout/stderr closed cause immediate exit
with status 0). (Robert Lu)
. Fixed bug #77111 (php-win.exe corrupts unicode symbols from cli
parameters). (Anatol)
- cURL:
. Expose curl constants from curl 7.50 to 7.61. (Pierrick)
. Fixed bug #74125 (Fixed finding CURL on systems with multiarch support).
(cebe)
- Date:
. Implemented FR #74668: Add DateTime::createFromImmutable() method.
(majkl578, Rican7)
. Fixed bug #75222 (DateInterval microseconds property always 0). (jhdxr)
. Fixed bug #68406 (calling var_dump on a DateTimeZone object modifies it).
(jhdxr)
. Fixed bug #76131 (mismatch arginfo for date_create). (carusogabriel)
. Updated timelib to 2018.01RC1 to address several bugs:
. Fixed bug #75577 (DateTime::createFromFormat does not accept 'v' format
specifier). (Derick)
. Fixed bug #75642 (Wrap around behaviour for microseconds is not working).
(Derick)
- DBA:
. Fixed bug #75264 (compiler warnings emitted). (petk)
- DOM:
. Fixed bug #76285 (DOMDocument::formatOutput attribute sometimes ignored).
(Andrew Nester, Laruence, Anatol)
- Fileinfo:
. Fixed bug #77095 (slowness regression in 7.2/7.3 (compared to 7.1)).
(Anatol)
- Filter:
. Added the 'add_slashes' sanitization mode (FILTER_SANITIZE_ADD_SLASHES).
(Kalle)
- FPM:
. Added fpm_get_status function. (Till Backhaus)
. Fixed bug #62596 (getallheaders() missing with PHP-FPM). (Remi)
. Fixed bug #69031 (Long messages into stdout/stderr are truncated
incorrectly) - added new log related FPM configuration options:
log_limit, log_buffering and decorate_workers_output. (Jakub Zelenka)
- ftp:
. Fixed bug #77151 (ftp_close(): SSL_read on shutdown). (Remi)
- GD:
. Added support for WebP in imagecreatefromstring(). (Andreas Treichel, cmb)
- GMP:
. Export internal structures and accessor helpers for GMP object. (Sara)
. Added gmp_binomial(n, k). (Nikita)
. Added gmp_lcm(a, b). (Nikita)
. Added gmp_perfect_power(a). (Nikita)
. Added gmp_kronecker(a, b). (Nikita)
- iconv:
. Fixed bug #53891 (iconv_mime_encode() fails to Q-encode UTF-8 string). (cmb)
. Fixed bug #77147 (Fixing 60494 ignored ICONV_MIME_DECODE_CONTINUE_ON_ERROR).
(cmb)
- IMAP:
. Fixed bug #77020 (null pointer dereference in imap_mail). (cmb)
. Fixed bug #77153 (imap_open allows to run arbitrary shell commands via
mailbox parameter). (Stas)
- Interbase:
. Fixed bug #75453 (Incorrect reflection for ibase_[p]connect). (villfa)
. Fixed bug #76443 (php+php_interbase.dll crash on module_shutdown). (Kalle)
- intl:
. Fixed bug #75317 (UConverter::setDestinationEncoding changes source instead
of destination). (andrewnester)
. Fixed bug #76829 (Incorrect validation of domain on idn_to_utf8()
function). (Anatol)
- JSON:
. Added JSON_THROW_ON_ERROR flag. (Andrea)
- LDAP:
. Added ldap_exop_refresh helper for EXOP REFRESH operation with dds overlay.
(Come)
. Added full support for sending and parsing ldap controls. (Come)
. Fixed bug #49876 (Fix LDAP path lookup on 64-bit distros). (dzuelke)
- libxml2:
. Fixed bug #75871 (use pkg-config where available). (pmmaga)
- litespeed:
. Fixed bug #75248 (Binary directory doesn't get created when building
only litespeed SAPI). (petk)
. Fixed bug #75251 (Missing program prefix and suffix). (petk)
- MBstring:
. Updated to Oniguruma 6.9.0. (cmb)
. Fixed bug #65544 (mb title case conversion-first word in quotation isn't
capitalized). (Nikita)
. Fixed bug #71298 (MB_CASE_TITLE misbehaves with curled apostrophe/quote).
(Nikita)
. Fixed bug #73528 (Crash in zif_mb_send_mail). (Nikita)
. Fixed bug #74929 (mbstring functions version 7.1.1 are slow compared to 5.3
on Windows). (Nikita)
. Fixed bug #76319 (mb_strtolower with invalid UTF-8 causes segmentation
fault). (Nikita)
. Fixed bug #76574 (use of undeclared identifiers INT_MAX and LONG_MAX). (cmb)
. Fixed bug #76594 (Bus Error due to unaligned access in zend_ini.c
OnUpdateLong). (cmb, Nikita)
. Fixed bug #76706 (mbstring.http_output_conv_mimetypes is ignored). (cmb)
. Fixed bug #76958 (Broken UTF7-IMAP conversion). (Nikita)
. Fixed bug #77025 (mb_strpos throws Unknown encoding or conversion error).
(Nikita)
. Fixed bug #77165 (mb_check_encoding crashes when argument given an empty
array). (Nikita)
- Mysqlnd:
. Fixed bug #76386 (Prepared Statement formatter truncates fractional seconds
from date/time column). (Victor Csiky)
- ODBC:
. Removed support for ODBCRouter. (Kalle)
. Removed support for Birdstep. (Kalle)
. Fixed bug #77079 (odbc_fetch_object has incorrect type signature).
(Jon Allen)
- Opcache:
. Fixed bug #76466 (Loop variable confusion). (Dmitry, Laruence, Nikita)
. Fixed bug #76463 (var has array key type but not value type). (Laruence)
. Fixed bug #76446 (zend_variables.c:73: zend_string_destroy: Assertion
`!(zval_gc_flags((str)->gc)). (Nikita, Laruence)
. Fixed bug #76711 (OPcache enabled triggers false-positive "Illegal string
offset"). (Dmitry)
. Fixed bug #77058 (Type inference in opcache causes side effects). (Nikita)
. Fixed bug #77092 (array_diff_key() - segmentation fault). (Nikita)
- OpenSSL:
. Added openssl_pkey_derive function. (Jim Zubov)
. Add min_proto_version and max_proto_version ssl stream options as well as
related constants for possible TLS protocol values. (Jakub Zelenka)
- PCRE:
. Implemented https://wiki.php.net/rfc/pcre2-migration. (Anatol, Dmitry)
. Upgrade PCRE2 to 10.32. (Anatol)
. Fixed bug #75355 (preg_quote() does not quote # control character).
(Michael Moravec)
. Fixed bug #76512 (\w no longer includes unicode characters). (cmb)
. Fixed bug #76514 (Regression in preg_match makes it fail with
PREG_JIT_STACKLIMIT_ERROR). (Anatol)
. Fixed bug #76909 (preg_match difference between 7.3 and < 7.3). (Anatol)
- PDO_DBlib:
. Implemented FR #69592 (allow 0-column rowsets to be skipped automatically).
(fandrieu)
. Expose TDS version as \PDO::DBLIB_ATTR_TDS_VERSION attribute on \PDO
instance. (fandrieu)
. Treat DATETIME2 columns like DATETIME. (fandrieu)
. Fixed bug #74243 (allow locales.conf to drive datetime format). (fandrieu)
- PDO_Firebird:
. Fixed bug #74462 (PDO_Firebird returns only NULLs for results with boolean
for FIREBIRD >= 3.0). (Dorin Marcoci)
- PDO_OCI:
. Fixed bug #74631 (PDO_PCO with PHP-FPM: OCI environment initialized
before PHP-FPM sets it up). (Ingmar Runge)
- PDO SQLite
. Add support for additional open flags
- pgsql:
. Added new error constants for pg_result_error(): PGSQL_DIAG_SCHEMA_NAME,
PGSQL_DIAG_TABLE_NAME, PGSQL_DIAG_COLUMN_NAME, PGSQL_DIAG_DATATYPE_NAME,
PGSQL_DIAG_CONSTRAINT_NAME and PGSQL_DIAG_SEVERITY_NONLOCALIZED. (Kalle)
. Fixed bug #77047 (pg_convert has a broken regex for the 'TIME WITHOUT
TIMEZONE' data type). (Andy Gajetzki)
- phar:
. Fixed bug #74991 (include_path has a 4096 char limit in some cases).
(bwbroersma)
. Fixed bug #65414 (deal with leading slash when adding files correctly).
(bishopb)
- readline:
. Added completion_append_character and completion_suppress_append options
to readline_info() if linked against libreadline. (krageon)
- Session:
. Fixed bug #74941 (session fails to start after having headers sent).
(morozov)
- SimpleXML:
. Fixed bug #54973 (SimpleXML casts integers wrong). (Nikita)
. Fixed bug #76712 (Assignment of empty string creates extraneous text node).
(cmb)
- Sockets:
. Fixed bug #67619 (Validate length on socket_write). (thiagooak)
- SOAP:
. Fixed bug #75464 (Wrong reflection on SoapClient::__setSoapHeaders).
(villfa)
. Fixed bug #70469 (SoapClient generates E_ERROR even if exceptions=1 is
used). (Anton Artamonov)
. Fixed bug #50675 (SoapClient can't handle object references correctly).
(Cameron Porter)
. Fixed bug #76348 (WSDL_CACHE_MEMORY causes Segmentation fault). (cmb)
. Fixed bug #77141 (Signedness issue in SOAP when precision=-1). (cmb)
- SPL:
. Fixed bug #74977 (Appending AppendIterator leads to segfault).
(Andrew Nester)
. Fixed bug #75173 (incorrect behavior of AppendIterator::append in foreach
loop). (jhdxr)
. Fixed bug #74372 (autoloading file with syntax error uses next autoloader,
may hide parse error). (Nikita)
. Fixed bug #75878 (RecursiveTreeIterator::setPostfix has wrong signature).
(cmb)
. Fixed bug #74519 (strange behavior of AppendIterator). (jhdxr)
. Fixed bug #76131 (mismatch arginfo for splarray constructor).
(carusogabriel)
- SQLite3:
. Updated bundled libsqlite to 3.24.0. (cmb)
- Standard:
. Added is_countable() function. (Gabriel Caruso)
. Added support for the SameSite cookie directive, including an alternative
signature for setcookie(), setrawcookie() and session_set_cookie_params().
(Frederik Bosch, pmmaga)
. Remove superfluous warnings from inet_ntop()/inet_pton(). (daverandom)
. Fixed bug #75916 (DNS_CAA record results contain garbage). (Mike,
Philip Sharp)
. Fixed unserialize(), to disable creation of unsupported data structures
through manually crafted strings. (Dmitry)
. Fixed bug #75409 (accept EFAULT in addition to ENOSYS as indicator
that getrandom() is missing). (sarciszewski)
. Fixed bug #74719 (fopen() should accept NULL as context). (Alexander Holman)
. Fixed bug #69948 (path/domain are not sanitized in setcookie). (cmb)
. Fixed bug #75996 (incorrect url in header for mt_rand). (tatarbj)
. Added hrtime() function, to get high resolution time. (welting)
. Fixed bug #48016 (stdClass::__setState is not defined although var_export()
uses it). (Andrea)
. Fixed bug #76136 (stream_socket_get_name should enclose IPv6 in brackets).
(seliver)
. Fixed bug #76688 (Disallow excessive parameters after options array).
(pmmaga)
. Fixed bug #76713 (Segmentation fault caused by property corruption).
(Laruence)
. Fixed bug #76755 (setcookie does not accept "double" type for expire time).
(Laruence)
. Fixed bug #76674 (improve array_* failure messages exposing what was passed
instead of an array). (carusogabriel)
. Fixed bug #76803 (ftruncate changes file pointer). (Anatol)
. Fixed bug #76818 (Memory corruption and segfault). (Remi)
. Fixed bug #77081 (ftruncate() changes seek pointer in c mode). (cmb, Anatol)
- Testing:
. Implemented FR #62055 (Make run-tests.php support --CGI-- sections). (cmb)
- Tidy:
. Support using tidyp instead of tidy. (devnexen)
. Fixed bug #74707 (Tidy has incorrect ReflectionFunction param counts for
functions taking tidy). (Gabriel Caruso)
. Fixed arginfo for tidy::__construct(). (Tyson Andre)
- Tokenizer:
. Fixed bug #76437 (token_get_all with TOKEN_PARSE flag fails to recognise
close tag). (Laruence)
. Fixed bug #75218 (Change remaining uncatchable fatal errors for parsing
into ParseError). (Nikita)
. Fixed bug #76538 (token_get_all with TOKEN_PARSE flag fails to recognise
close tag with newline). (Nikita)
. Fixed bug #76991 (Incorrect tokenization of multiple invalid flexible
heredoc strings). (Nikita)
- XML:
. Fixed bug #71592 (External entity processing never fails). (cmb)
- Zlib:
. Added zlib/level context option for compress.zlib wrapper. (Sara)
Reference in New Issue Copy Permalink