From 9f303cf7d33127a413f551460914aaa7a0c0d775 Mon Sep 17 00:00:00 2001 From: Pierrick Charron Date: Tue, 30 Aug 2022 12:10:40 -0400 Subject: [PATCH 1/2] Prepare NEWS for PHP 8.2.0RC2 --- NEWS | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/NEWS b/NEWS index 793c6d2be98..a842befce1d 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,9 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| -?? ??? ????, PHP 8.2.0RC1 +?? ??? ????, PHP 8.2.0RC2 + + +01 Sep 2022, PHP 8.2.0RC1 - CLI: . Implement built-in web server responding without body to HEAD request on From c77bbf6fe53a3a6b76245516fcc42fa550f70516 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim=20D=C3=BCsterhus?= Date: Tue, 30 Aug 2022 20:02:28 +0200 Subject: [PATCH 2/2] Mark crypt()'s $string parameter as #[\SensitiveParameter] --- NEWS | 2 ++ ext/standard/basic_functions.stub.php | 2 +- ext/standard/basic_functions_arginfo.h | 4 +++- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/NEWS b/NEWS index a842befce1d..5edeef8bd15 100644 --- a/NEWS +++ b/NEWS @@ -2,6 +2,8 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? ??? ????, PHP 8.2.0RC2 +- Standard: + . Marked crypt()'s $string parameter as #[\SensitiveParameter]. (timwolla) 01 Sep 2022, PHP 8.2.0RC1 diff --git a/ext/standard/basic_functions.stub.php b/ext/standard/basic_functions.stub.php index 7a6ee00d8e4..0e0968e3b3c 100755 --- a/ext/standard/basic_functions.stub.php +++ b/ext/standard/basic_functions.stub.php @@ -911,7 +911,7 @@ function crc32(string $string): int {} /* crypt.c */ /** @refcount 1 */ -function crypt(string $string, string $salt): string {} +function crypt(#[\SensitiveParameter] string $string, string $salt): string {} /* datetime.c */ diff --git a/ext/standard/basic_functions_arginfo.h b/ext/standard/basic_functions_arginfo.h index 4469a5b07ee..8793bd4eee2 100644 --- a/ext/standard/basic_functions_arginfo.h +++ b/ext/standard/basic_functions_arginfo.h @@ -1,5 +1,5 @@ /* This is a generated file, edit the .stub.php file instead. - * Stub hash: 4df5576b4e03b18896abf58e6c70d9fd6ae76687 */ + * Stub hash: d0941f025c602b46179675026eb198d7425c717a */ ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_set_time_limit, 0, 1, _IS_BOOL, 0) ZEND_ARG_TYPE_INFO(0, seconds, IS_LONG, 0) @@ -3567,6 +3567,8 @@ static void register_basic_functions_symbols(int module_number) REGISTER_LONG_CONSTANT("PHP_ROUND_HALF_ODD", PHP_ROUND_HALF_ODD, CONST_PERSISTENT); + zend_add_parameter_attribute(zend_hash_str_find_ptr(CG(function_table), "crypt", sizeof("crypt") - 1), 0, ZSTR_KNOWN(ZEND_STR_SENSITIVEPARAMETER), 0); + zend_add_parameter_attribute(zend_hash_str_find_ptr(CG(function_table), "password_hash", sizeof("password_hash") - 1), 0, ZSTR_KNOWN(ZEND_STR_SENSITIVEPARAMETER), 0); zend_add_parameter_attribute(zend_hash_str_find_ptr(CG(function_table), "password_verify", sizeof("password_verify") - 1), 0, ZSTR_KNOWN(ZEND_STR_SENSITIVEPARAMETER), 0);