The "else branch" of `next_line` can reset the `buf_begin` field to
NULL, causing the next invocation to pass NULL to `memchr` with a 0
length. When UBSAN is enabled this causes an UBSAN abort. Real world
impact is likely none because of the 0 length.
To fix this, don't set the pointer to NULL, which means that the
`memchr` will return NULL and since
`self->bytes_in_buffer < self->bufsize` we return NULL and request more
data through `fill_buffer`. That function will reset `buf_begin` and
`bytes_in_buffer` so that the next invocation works fine.
I chose this solution so we have an invariant that `buf_begin` is never
NULL, which makes reasoning easier. An alternative solution is keeping
the NULLing of `buf_begin` and add an extra check at the top of
`next_line`, but I didn't like special casing this.
Closes GH-17000.
This information can be occasionally useful, and would otherwise need
to be parsed from `phpinfo()` output.
However, maybe more importantly we unify the build date between what is
given by `php -v` and `php -i`, since these compilation units are not
necessarily preprocessed within the same second.
Closes GH-16747.
For classes that are not declared `abstract`, produce a compiler error for any
`abstract` methods. For anonymous classes, since they cannot be made abstract,
the error message is slightly different.
Co-authored-by: Ilija Tovilo <ilija.tovilo@me.com>
As is, for requested size which are already aligned, we over-allocate,
so we fix this. We also fix the allocation for chunk size 1.
This issue has been reported by @kkmuffme.
Thanks to @iluuu1994 for improving the fix!
Closes GH-16161.
When the superglobals are eagerly initialized, but "S" is not contained
in `variables_order`, `TRACK_VARS_SERVER` is created as empty array
with refcount > 1. Since this hash table may later be modified, a flag
is set which allows such COW violations for assertions. However, when
`register_argc_argv` is on, the so far uninitialized hash table is
updated with `argv`, what causes the hash table to be initialized, what
drops the allow-COW-violations flag. The following update with `argc`
then triggers a refcount violation assertion.
Since we consider `HT_ALLOW_COW_VIOLATION` a hack, we do not want to
keep the flag during hash table initialization, so we initialize the
hash table right away after creation for this code path.
Closes GH-15930.
multipart/form-data boundaries larger than the read buffer result in erroneous
parsing, which violates data integrity.
Limit boundary size, as allowed by RFC 1521:
Encapsulation boundaries [...] must be no longer than 70 characters, not
counting the two leading hyphens.
We correctly parse payloads with boundaries of length up to
FILLUNIT-strlen("\r\n--") bytes, so allow this for BC.
When an `PHP_OUTPUT_HANDLER_FAILURE` occurs, the output handler becomes
disabled (i.e. the `PHP_OUTPUT_HANDLER_DISABLED` flag is set). However,
there is no guard for disabled handlers in `php_output_handler_op()`
what may cause serious issues (as reported, UB due to passing `NULL` as
the 2nd argument of `memcpy`, because the handler's buffer has already
been `NULL`ed). Therefore, we add a respective guard for disabled
handlers, and return `PHP_OUTPUT_HANDLER_FAILURE` right away.
Closes GH-15183.
I added the function/method name to some compile-time deprecation messages which are related to parameters/return values. Consistently with the other similar error messages, I included the function/method name at the start of the message.
RFC: https://wiki.php.net/rfc/rfc1867-non-post
This function allows populating the $_POST and $_FILES globals for non-post
requests. This avoids manual parsing of RFC1867 requests.
Fixes#55815
Closes GH-11472
* Update basic ob_get_status() test
* Update ob test with class method, anonymous function, and invokable object as output handler
---------
Co-authored-by: haszi <haszika80@gmail.com>
