If count is ZEND_LONG_MIN the count-- loop underflows. This is
ultimately harmless, but results in a ubsan warning.
Fix this by adding a sanity check that the count isn't negative,
because that doesn't make sense...
This fixes two leaks related to duplicate tags, as well as a leak
of zero-length FMT_(S)BYTE with non-null value. This can show up
for MAKERNOTE values where the original length is non-zero, but
the first character is a null byte.
mb_decode_numericentity() accepts a fourth optional parameter, which is
unused, however. Since this parameter doesn't do any harm, and to avoid
the small BC break, we're keeping this parameter for PHP 7, but adjust
the arginfo.
For PHP 8, we will remove this parameter.
This issue was recently introduced in c739023a50,
when the restriction that components>0 has been relaxed. We now need
to make sure that any tags that expect at least one component check
that this is the case.
The state returned by `sodium_crypto_generichash_init()` has to be
regarded as opaque byte string; neither its size nor its exact
structure are fixed, and actually vary for diffent libsodium versions.
Therefore we drop the test altogether.
When stored procedures are called, the "final result set is a status
result that includes no result set". Calling `::nextRowset()` on the
actual last result set should return FALSE, since there is actually no
further result set to be processed.
It can return false if the resource type is wrong.
```
php > var_export(hash_update_stream(hash_init('md5'),
imagecreate(1,1)));
Warning: hash_update_stream(): supplied resource is not a valid stream
resource in php shell code on line 1
false
```
The return types were initially added in
c88ffa9a56
This can also return an array. See
https://www.php.net/manual/en/function.time-nanosleep.php#refsect1-function.time-nanosleep-returnvalues
> If the delay was interrupted by a signal, an associative array will be
returned with the components:
>
> - seconds - number of seconds remaining in the delay
> - nanoseconds - number of nanoseconds remaining in the delay
Sending a SIGUSR1 to the below program would trigger this behavior.
```
pcntl_signal(\SIGUSR1, function ($signo, $signinfo) {
echo "Handling a signal $signo\n";
});
echo "Sleeping for 100 seconds\n";
var_export(time_nanosleep(100, 0));
```
The incomplete signature existed since c88ffa9a5.
No phpt tests existed for time_nanosleep returning an array
Due to overflows in the memory limit checks, we were missing cases
where the allocation size was close to the address space size, and
caused an OOM condition rather than a memory limit error.
As of Windows 1903, when the OneDrive on-demand feature is enabled, the
OneDrive folder is reported as reparse point by `FindFirstFile()`, but
trying to get information about the reparse point using
`DeviceIoControl()` fails with `ERROR_NOT_A_REPARSE_POINT`. We work
around this problem by falling back to `GetFileInformationByHandle()`
if that happens, but only if the reparse point is reported as cloud
reparse point, and only if PHP is running on Windows 1903 or later.
The patch has been developed in collaboration with ab@php.net.
We should keep an eye on the somewhat quirky OneDrive behavior, since
it might change again in a future Windows release.
As of MariaDB 10.0.2, the server reports a fake version number as work-
around for replication issues[1]. We apply the same "fix" as in the
MariaDB client to cater to this.
[1] <c50ee6c23d (diff-5b45fa673c88c06a9651c7906364f592)>
We have to properly clean up in case phar_flush() is failing.
We also make the expectation of the respective test case less liberal
to avoid missing such bugs in the future.
There are a few parts here:
* opcache should not be blocking signals while invoking compile_file,
otherwise signals may remain blocked on a compile error. While at
it, also protect SHM memory during compile_file.
* We should deactivate Zend signals at the end of the request, to make
sure that we gracefully recover from a missing unblock and signals
don't remain blocked forever.
* We don't use a critical section in deactivation, because it should
not be necessary. Additionally we want to clean up the signal queue,
if it is non-empty.
* Enable SIGG(check) in debug builds so we notice issues in the future.
New opcache directives have been added recently which are returned
if using `ini_get_all('zend opcache')` but are not listed in the
directives if using `opcache_get_configuration()`. This fix adds
those missing directives as well as if `opcache.mmap_base` is used
instead of `opcache.lockfile_path`. Also adds a test to ensure the
directives match with both methods of fetching.
`time_t` defaults to `_time64` (which is 64bit signed) even on x86, but
`Int32x32To64()` truncates it to signed 32bit. We replace the macro
with the "manual" calculation.
opcache incorrectly handles PHAR files when opcache.validate_permission
option enabled, because it calls
access("phar://path-to/file.phar/path/inside.php", R_OK);
rather than
access("path-to/file.phar", R_OK)
This test is easily tripped by former test runs with other PHP
versions. To avoid such false positives, we check that there is at
least one respective OPcache file, and that all found OPcache user ID
folders have exactly 32 hexadecimal digits.
Fails for me locally due to different number of warnings with
different messages. Rather than adding more wildcards I'm dropping
this test entirely, as it doesn't seem to test anything particularly
useful.
(cherry picked from commit 84333cad67)
With opcache.protect_memory=1 enabled, the XML-RPC extension causes a
segfault on PHP 7.2 as it is modifying the recursion counter of objects
it touches, without first checking if they are immutable or not.
This doesn't affect 7.3+
Also add PHP_TEST_EXTRA_ARGS environment variable, which allows
to pass on -c, -d etc flags provided by run-tests.php. Otherwise
we won't get the built-in server to run with opcache.
On some recent Windows systems, ext\pcre\tests\locales.phpt fails,
because 'pt_PT' is accepted by `setlocale()`, but not properly
supported by the ctype functions, which are used internally by PCRE2 to
build the localized character tables.
Since there appears to be no way to properly check whether a given
locale is fully supported, but we want to minimize BC impact, we filter
out typical Unix locale names, except for a few cases which have
already been properly supported on Windows. This way code like
setlocale(LC_ALL, 'de_DE.UTF-8', 'de_DE', 'German_Germany.1252');
should work like on older Windows systems.
It should be noted that the locale names causing trouble are not (yet)
documented as valid names anyway, see
<https://docs.microsoft.com/en-us/cpp/c-runtime-library/locale-names-languages-and-country-region-strings?view=vs-2019>.