Although the issue mentioned FreeBSD, this is a broader problem:
the current ARM64 code to load the TLS offset assumes a setup with
the non-default TLS model. This problem can also apply on some
configurations on other platforms.
Closes GH-11236.
There's a hash table that maps type names to class name, but names with
a leading backslash are not supported. The engine has logic to strip
away the leading backslash that we should replicate here.
It works by checking if we need to make an actual copy in case an
unexpected (e.g. invalid data or leading backslash) situations are
detected. Upon making a copy we normalize the data in the table.
Furthermore, previously the code assumed that the key was always valid
and that the structure was a non-packed hash table. This isn't
necessarily the case. The new code fixes this as well.
Closes GH-14398.
There's a few leaks where the string is copied for lowercasing but not released.
Where possible, use the _lc functionality of zend_hash to do the lookup
to avoid the leaks that currently exist with the manual lowercasing.
Closes GH-14390.
zend_ini_long() actually expects the length without the NUL byte, but
we're passing the length *with* the NUL byte. This mess can actually be
avoided altogether by using INI_INT, so use that instead.
Closes GH-14382.
This partially backports that PR to stable branches as it has been in master
without reported problems so far.
It's only a partial backport because the stable branches don't have the
ZTS persistent resource fix that would fix shutdown crashes, i.e. the
code change in mysqlnd_vio's close_stream is not backported.
This is fully fixed on master.
Closes GH-14324.
Closes GH-10599.
If there is no root, the namespace cannot be attached to it,
so we have to attach it to the old list.
This isn't a problem in "new DOM" because namespaces are managed in a
separate structure there.
The incorrect functions are being called to deal with incoming
compressed data.
gzip/x-gzip corresponds to gzuncompress(), while deflate corresponds to
gzinflate().
The existing code for gzip compression also plays with removing the
first 10 bytes (i.e. the gzip header) to pass it to the inflate
implementation but that doesn't always work properly due to trailer
data. Get rid of that entirely by using the correct functions.
Closes GH-14321.
This fixes the incompatible pointer type warnings when checking for
reentrant functions declaractions (-Wincompatible-pointer-types) in
config.log. These were not declared on some obsolete systems if
_REENTRANT was not defined. The check is for now left in the code base
but can be transitioned to newer code without checking for missing
declarations or using these otherwise in the future.
Closes GH-14315.
Curl changed the behaviour, from the changelog:
- lib: make protocol handlers store scheme name lowercase curl/curl@c294f9c
From the docs: "The returned scheme might be upper or lowercase. Do
comparisons case insensitively."
Closes GH-14312.
Infallible in practice right now, but should be fixed as infallible today does not mean infallible tomorrow:
- sodium_crypto_sign_publickey_from_secretkey
- sodium_crypto_kx_seed_keypair
- sodium_crypto_kx_keypair
- sodium_crypto_auth
- sodium_crypto_sign_ed25519_sk_to_curve25519
- sodium_pad
Fallible today:
- sodium_crypto_sign_ed25519_pk_to_curve25519
Closes GH-14309.
php_pcre_replace_impl() can fail and return NULL. We should take that
error condition into account. Because other failures return false, we
return false here as well.
At first, I also thought there was a potential memory leak in the error
check of replacement_str, but found that the error condition can never
trigger, so replace that with an assertion.
Closes GH-14292.
Some modules may reset _fmode, which causes mangling of line endings.
Always be explicit like we do in other places where the native open call
is used.
Closes GH-14218.
Class constants are inherited to user classes without cloning. Thus, internal
class constants should not be persisted at all. Simply keep pointing to the
internal class constant.
Fixes GH-14109
Closes GH-14114
Fixes GH-13970
Closes GH-14105
We cannot validate at compile-time for multiple reasons:
* Evaluating the argument naively with zend_get_attribute_value can lead to code
execution at compile time through the new expression, leading to possible
reentrance of the compiler.
* Even if the evaluation was possible, it would need to be restricted to the
current file, because constant values coming from other files can change
without affecting the current compilation unit. For this reason, validation
would need to be repeated at runtime anyway.
* Enums cannot be instantiated at compile-time (the actual bug report). This
could be allowed here, because the value is immediately destroyed. But given
the other issues, this won't be needed.
Instead, we just move it to runtime entirely. It's only needed for
ReflectionAttribute::newInstance(), which is not particularly a hot path. The
checks are also simple.
libxml doesn't do reference counting inside its node types. It's
possible to remove an entity declaration out of the document, but then
entity references will keep pointing to that stale declaration. This
will cause crashes.
One idea would be to check when a declaration is removed, to trigger a
hook that updates all references. However this means we have to keep
track of all references somehow, which would be a high-overhead
solution. The solution in this patch makes sure that the fields are
always updated before they are read.
Closes GH-14089.
This is addon to the GH-13727 bug fix. When configuring the build with:
./configure CFLAGS=-Werror=strict-prototypes
libtool check for parsing nm command would fail:
checking command to parse /usr/bin/nm -B output from cc object... failed
Upstream libtool has this specific check already fixed. Note that this
works only with Autoconf version 2.72 and later and is preparation for
future compilers that might have this error enabled by default.
This is a backport of commit 03f15534a1 to
PHP-8.2 due to GH-14002 and fixes the PHP_CXX_COMPILE_STDCXX check in
ext/intl whether the specified C++ standard is mandatory or optional.
The `dnl` (Discard to Next Line) M4 macro in this combination of `m4_if`
macros and arguments isn't properly replaced and a literal `dnl` string
is appended in the configure script. The `[]dnl` works ok.
When step_callback fails, agg_context->val is passed dtor, but agg_context->val
is also used in final_callback regardless of the success/failure of step_callback,
so should not call dtor.
closes#14004fixes#13998
