* Fix GH-13834: Applying non-zero offset 36 to null pointer in zend_jit.c
ssa_op can be NULL in function JIT. Doing pointer arithmetic on a NULL
pointer is undefined behaviour. Undefined behaviour can be dangerous
because the optimizer may assume then that the variable is not actually
NULL.
To solve this:
1. Add ADVANCE_SSA_OP() to safely add an offset to ssa_op in zend_jit.c
2. For inference, add an extra offset argument to the helper functions.
To reproduce this, use Clang (not GCC) on a test like
sapi/cli/tests/gh12363.phpt (or other tests also work).
* Remove -fno-sanitize=pointer-overflow flag from CI
* Fix NULL pointer offsets added to the stack_map
* Fix an offset add on a potentially NULL ssa->ops
* Fix NULL pointer arithmetic in zend_range_info()
* Address review comments
There are two depth limiting parameters for XSLT templates.
1) maxTemplateDepth
This corresponds to the recursion depth of a template. For very
complicated templates this can be hit.
2) maxTemplateVars
This is the total number of live variables. When using recursive
templates with lots of parameters you can hit this limit.
This patch introduces two new properties to XSLTProcessor that
corresponds to the above variables.
MAPPHAR_FAIL will call the destructor of the manifest, mounted_dirs, and
virtual_dirs tables. When a new phar object is allocated using (p)ecalloc,
the bytes are zeroed, but the flag for an uninitialized table is
non-zero. So we have to manually set the flag in case that we have a
code path that can destroy the tables without first initializing them at
least once.
Closes GH-13847.
Fix the following build failure without pthread raised since version
8.3.0 and
a11c8a3039:
/home/buildroot/instance-0/output-1/build/php-8.3.4/Zend/zend_call_stack.c:39:11: fatal error: pthread.h: No such file or directory
39 | # include <pthread.h>
| ^~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/a4ef648a9da50b26ed56d5d490e4cf5a1bfff970
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Close GH-13843
If the destination already exists, then the `add` function on the
manifest will return NULL, resulting in a NULL entry and therefore a
NULL deref. As `copy()` (not `Phar::copy`) chooses to succeed and
overwrite the destination if it already exists, we should do the same.
Therefore the fix is as simple as changing `add` to `update`.
Closes GH-13840.
The POSIX shared memory object operations functions (shm_open,
shm_unlink...) are in:
* C library on most systems (newer Linux, Solaris 11.4, illumos, BSD*,
macOS, Haiku, etc.)
* real-time (rt) library on older Linux distributions and Solaris <= 10.
Haiku C library (called root library) on Haiku is linked in by default.
Previous check always added additional rt or root library to global LIBS
and rt to OPCACHE_SHARED_LIBADD. Now, the library containing shm_open is
linked as needed to the always shared opcache extension.
This also removes unused HAVE_SHM_OPEN and HAVE_LIBROOT symbols.
This fixes the issue with unbounded waiting on SSL_peek which can happen
when only part of the record is fetched. It makes socket non blocking so
it is possible to verify if OpenSSL is expecting some more data or if
there is an error.
This also fixes bug #79501
Closes GH-13487
