Commit Graph

151 Commits

Author SHA1 Message Date
Dmitry Stogov
323b2733f6 Fixed compilation warnings 2016-06-22 00:40:50 +03:00
Anatol Belski
3d3f11ede4 Fixed the UTF-8 and long path support in the streams on Windows.
Since long the default PHP charset is UTF-8, however the Windows part is
out of step with this important point. The current implementation in PHP
doesn't technically permit to handle UTF-8 filepath and several other
things. Till now, only the ANSI compatible APIs are being used. Here is more
about it

https://msdn.microsoft.com/en-us/library/windows/desktop/dd317752%28v=vs.85%29.aspx

The patch fixes not only issues with multibyte filenames under
incompatible codepages, but indirectly also issues with some other multibyte
encodings like BIG5, Shift-JIS, etc. by providing a clean way to access
filenames in UTF-8. Below is a small list of issues from the bug tracker,
that are getting fixed:

https://bugs.php.net/63401
https://bugs.php.net/41199
https://bugs.php.net/50203
https://bugs.php.net/71509
https://bugs.php.net/64699
https://bugs.php.net/64506
https://bugs.php.net/30195
https://bugs.php.net/65358
https://bugs.php.net/61315
https://bugs.php.net/70943
https://bugs.php.net/70903
https://bugs.php.net/63593
https://bugs.php.net/54977
https://bugs.php.net/54028
https://bugs.php.net/43148
https://bugs.php.net/30730
https://bugs.php.net/33350
https://bugs.php.net/35300
https://bugs.php.net/46990
https://bugs.php.net/61309
https://bugs.php.net/69333
https://bugs.php.net/45517
https://bugs.php.net/70551
https://bugs.php.net/50197
https://bugs.php.net/72200
https://bugs.php.net/37672

Yet more related tickets can for sure be found - on bugs.php.net, Stackoverflow
and Github. Some of the bugs are pretty recent, some descend to early
2000th, but  the user comments in there last even till today. Just for example,
bug #30195 was opened in 2004, the latest comment in there was made in 2014. It
is certain, that these bugs descend not only to pure PHP use cases, but get also
redirected from the popular PHP based projects. Given the modern systems (and
those supported by PHP) are always based on NTFS, there is no excuse to keep
these issues unresolved.

The internalization approach on Windows is in many ways different from
UNIX and Linux, while it supports and is based on Unicode. It depends on the
current system code page, APIs used and exact kind how the binary was compiled
The locale doesn't affect the way Unicode or ANSI API work. PHP in particular
is being compiled without _UNICODE defined and this is conditioned by the
way we handle strings. Here is more about it

https://msdn.microsoft.com/en-us/library/tsbaswba.aspx

However, with any system code page ANSI functions automatically convert
paths to UTF-16. Paths in some encodings incompatible with the
current system code page, won't work correctly with ANSI APIs. PHP
till now only uses the ANSI Windows APIs.

For example, on a system with the current code page 1252, the paths
in cp1252 are supported and transparently converted to UTF-16 by the
ANSI functions. Once one wants to handle a filepath encoded with cp932 on
that particular system, an ANSI or a POSIX compatible function used in
PHP will produce an erroneous result. When trying to convert that cp932 path
to UTF-8 and passing to the ANSI functions, an ANSI function would
likely interpret the UTF-8 string as some string in the current code page and
create a filepath that represents every single byte of the UTF-8 string.
These behaviors are not only broken but also disregard the documented
INI settings.

This patch solves the issies with the multibyte paths on Windows by
intelligently enforcing the usage of the Unicode aware APIs. For
functions expect Unicode (fe CreateFileW, FindFirstFileW, etc.), arguments
will be converted to UTF-16 wide chars. For functions returning Unicode
aware data (fe GetCurrentDirectoryW, etc.), resulting wide string is
converted back to char's depending on the current PHP charset settings,
either to the current ANSI codepage (this is the behavior prior to this patch)
or to UTF-8 (the default behavior).

In a particular case, users might have to explicitly set
internal_encoding or default_charset, if filenames in ANSI codepage are
necessary. Current tests show no regressions and witness that this will be an
exotic case, the current default UTF-8 encoding is compatible with any
supported system. The dependency libraries are long switching to Unicode APIs,
so some tests were also added for extensions not directly related to streams.
At large, the patch brings over 150 related tests into the core. Those target
and was run on various environments with European, Asian, etc. codepages.
General PHP frameworks was tested and showed no regressions.

The impact on the current C code base is low, the most places affected
are the Windows only places in the three files tsrm_win32.c, zend_virtual_cwd.c
and plain_wrapper.c. The actual implementation of the most of the wide
char supporting functionality is in win32/ioutil.* and win32/codepage.*,
several  low level functionsare extended in place to avoid reimplementation for
now. No performance impact was sighted. As previously mentioned, the ANSI APIs
used prior the patch perform Unicode conversions internally. Using the
Unicode  APIs directly while doing custom conversions just retains the status
quo. The ways to optimize it are open (fe. by implementing caching for the
strings converted to wide variants).

The long path implementation is user transparent. If a path exceeds the
length of _MAX_PATH, it'll be automatically prefixed with \\?\. The MAXPATHLEN
is set to 2048 bytes.

Appreciation to Pierre Joye, Matt Ficken, @algo13 and others for tips, ideas
and testing.

Thanks.
2016-06-20 12:45:39 +02:00
Lior Kaplan
ed35de784f Merge branch 'PHP-5.6' into PHP-7.0
* PHP-5.6:
  Happy new year (Update copyright to 2016)
2016-01-01 19:48:25 +02:00
Lior Kaplan
49493a2dcf Happy new year (Update copyright to 2016) 2016-01-01 19:21:47 +02:00
Xinchen Hui
4171a8f6c6 Internal function argumensts cleanup (strict_types) 2015-12-12 22:52:37 -08:00
Anatol Belski
0be37148ad catch more places for libxml headers search 2015-05-10 22:22:05 +02:00
Stanislav Malyshev
b3709bfc52 Merge branch 'PHP-5.6'
* PHP-5.6: (27 commits)
  fix non-standard C
  update NEWS
  5.4.41 next
  fix CVE num
  update NEWS
  Fix bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode)
  fix test
  fix type in fix for #69085
  fix memory leak & add test
  Fix tests
  fix CVE num
  Fix bug #69337 (php_stream_url_wrap_http_ex() type-confusion vulnerability)
  Fix test
  Additional fix for bug #69324
  More fixes for bug #69152
  Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions)
  Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar)
  Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER)
  Fix bug #68486 and bug #69218 (segfault in apache2handler with apache 2.4)
  Fix bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault)
  ...

Conflicts:
	Zend/zend_exceptions.c
	ext/curl/interface.c
	ext/dom/document.c
	ext/fileinfo/libmagic/softmagic.c
	ext/gd/gd.c
	ext/hash/hash.c
	ext/pgsql/pgsql.c
	ext/phar/phar.c
	ext/phar/phar_internal.h
	ext/standard/http_fopen_wrapper.c
	ext/standard/link.c
	ext/standard/streamsfuncs.c
	ext/xmlwriter/php_xmlwriter.c
	ext/zlib/zlib.c
2015-04-14 01:28:06 -07:00
Stanislav Malyshev
9bbd995679 Merge branch 'PHP-5.5-security' into PHP-5.5.24
* PHP-5.5-security: (22 commits)
  Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER)
  Fix bug #68486 and bug #69218 (segfault in apache2handler with apache 2.4)
  Fix bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault)
  updated NEWS
  added test for bug #69354
  revert skipif, this should run everywhere
  further ODBC 3.0 compliance
  more compliance with the ODBC 3.0
  test fixes
  Prevent GC from changing zval or object 'color' before they are actually inserted into possible roots buffer.
  sigh, can't even copypaste without screwing up
  oop, put both the error number and message for both db object to the error message
  test fixes
  Fixed bug #69281 (opcache_is_script_cached no longer works)
  Fix typo: unitialized -> uninitialized
  Fix typo: unitialized -> uninitialized
  Fixed bug #68739 (Missing break / control flow). Fixed bug #68740 (NULL Pointer Dereference). Fixed bug #68677 (Use After Free).
  Fixed bug #68739 (Missing break / control flow in curl)
  Fixed bug #68740 (NULL Pointer Dereference)
  Fixed bug #68677 (Use After Free in OPcache)
  ...

Conflicts:
	configure.in
	ext/curl/tests/bug69316.phpt
	main/php_version.h
2015-04-12 20:12:38 -07:00
Stanislav Malyshev
0cb9d75cb6 Merge branch 'PHP-5.4.40' into PHP-5.5.24
* PHP-5.4.40:
  Additional fix for bug #69324
  More fixes for bug #69152
  Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions)
  Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar)
  Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER)
  Fix bug #68486 and bug #69218 (segfault in apache2handler with apache 2.4)
  Fix bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault)
  Fixed bug #68901 (use after free)
  Fixed bug #68740 (NULL Pointer Dereference)
  Fix bug #66550 (SQLite prepared statement use-after-free)
  Better fix for #68601 for perf 81e9a993f2
  Fix bug #68601 buffer read overflow in gd_gif_in.c
  Revert "Merge branch 'PHP-5.4' of https://git.php.net/repository/php-src into PHP-5.4"
  Fixed bug #69293
  Add ZEND_ARG_CALLABLE_INFO to allow internal function to type hint against callable.
2015-04-11 16:56:12 -07:00
Stanislav Malyshev
4435b9142f Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions) 2015-04-11 16:53:22 -07:00
Lior Kaplan
3b8b1435ad Merge branch 'PHP-5.6'
* PHP-5.6:
  Fix typo: unitialized -> uninitialized
  Fix typo: unitialized -> uninitialized

Conflicts:
	ext/xmlwriter/php_xmlwriter.c
2015-04-01 18:30:55 +03:00
Lior Kaplan
59c2a55ec7 Fix typo: unitialized -> uninitialized 2015-04-01 18:17:53 +03:00
Xinchen Hui
97956a5d08 Fixed tests 2015-03-30 16:25:41 +08:00
Anatol Belski
663074b6b1 cleanup mod version macros and mod defs, round x 2015-03-23 21:30:22 +01:00
Dmitry Stogov
9e70d7672d Move zend_object->guards into additional slot of zend_object->properties_table[]. As result size of objects without __get/__set/__unset/__isset magic methods is reduced. 2015-02-04 15:24:13 +03:00
Xinchen Hui
942809909e Cleanup resource handling APIs 2015-02-02 13:23:16 +08:00
Xinchen Hui
fc33f52d8c bump year 2015-01-15 23:27:30 +08:00
Xinchen Hui
73c1be2653 Bump year 2015-01-15 23:26:03 +08:00
Stanislav Malyshev
b7a7b1a624 trailing whitespace removal 2015-01-10 15:07:38 -08:00
Anatol Belski
bdeb220f48 first shot remove TSRMLS_* things 2014-12-13 23:06:14 +01:00
Andrea Faulds
c7157e4cfb Removed ZEND_ENGINE_2 checks (and ZE1 code, it's been a decade!) 2014-12-05 19:46:30 +00:00
Stanislav Malyshev
be638b22e7 Merge branch 'PHP-5.6'
* PHP-5.6:
  tests image gd
  xmlwriter_full_end_element tests
  Tests for writeAttributeNS and xmlwriter_write_attribute_ns
2014-11-23 17:53:00 -08:00
Anatol Belski
4b3e198023 removed *.dsw and *.dsp files 2014-09-28 19:02:09 +02:00
Florian MARGAINE
8eb7e7bf7f Merge branch 'master' into issue-67910
Conflicts:
	README.PARAMETER_PARSING_API
	ext/gmp/tests/001.phpt
2014-09-20 10:09:21 +02:00
Florian MARGAINE
cf0303e782 Replaces php5 with php7, without whitespace changes. 2014-09-20 10:01:44 +02:00
Johannes Schlüter
d0cb715373 s/PHP 5/PHP 7/ 2014-09-19 18:33:14 +02:00
Anatol Belski
3234480827 first show to make 's' work with size_t 2014-08-27 20:49:31 +02:00
Anatol Belski
4d997f63d9 master renames phase 3 2014-08-25 20:22:49 +02:00
Anatol Belski
c3e3c98ec6 master renames phase 1 2014-08-25 19:24:55 +02:00
Anatol Belski
168ea67b2d ported xsl, xml reader and writer 2014-08-19 12:55:03 +02:00
Anatol Belski
63d3f0b844 basic macro replacements, all at once 2014-08-19 08:07:31 +02:00
Mauricio Vieira
8afe869cab xmlwriter_full_end_element tests 2014-08-02 22:39:12 -03:00
Mauricio Vieira
51be35cf38 Tests for writeAttributeNS and xmlwriter_write_attribute_ns 2014-08-02 22:39:11 -03:00
Xinchen Hui
f3ccbb3c40 Use self instead of this(keyword) 2014-05-04 11:35:05 +08:00
Xinchen Hui
a275f4c64d Port XMLWriter 2014-05-04 11:33:17 +08:00
Xinchen Hui
c081ce628f Bump year 2014-01-03 11:08:10 +08:00
Xinchen Hui
47c9027772 Bump year 2014-01-03 11:06:16 +08:00
Xinchen Hui
c0d060f5c0 Bump year 2014-01-03 11:04:26 +08:00
Christopher Jones
c6d977dd39 Fix long-standing visual pain point: the misalignment of './configure help' text.
Whitespace changes and a couple of grammar fixes.
2013-08-06 11:06:09 -07:00
Veres Lajos
e9a95d78ef typo fixes 2013-07-15 00:23:03 -07:00
Veres Lajos
72085b0e5f typo fixes 2013-07-15 00:18:57 -07:00
Xinchen Hui
a666285bc2 Happy New Year 2013-01-01 16:37:09 +08:00
Xinchen Hui
0a7395e009 Happy New Year 2013-01-01 16:28:54 +08:00
Felipe Pena
f5e2315660 - Fixed bug #62064 (memory leak in the XML Writer module) 2012-05-18 19:34:39 -03:00
Felipe Pena
88275e547f Merge branch 'PHP-5.3' into PHP-5.4
* PHP-5.3:
  - Fixed bug #62064 (memory leak in the XML Writer module)
2012-05-18 19:23:42 -03:00
Felipe Pena
6d928fd26d - Fixed bug #62064 (memory leak in the XML Writer module) 2012-05-18 19:23:29 -03:00
Felipe Pena
e4ca0ed09f - Year++ 2012-01-01 13:15:04 +00:00
Felipe Pena
8775a37559 - Year++ 2012-01-01 13:15:04 +00:00
Felipe Pena
4e19825281 - Year++ 2012-01-01 13:15:04 +00:00
Felipe Pena
23e438594d - Make usage of new PHP_FE_END macro 2011-07-25 11:42:53 +00:00