Because the failure path did not release the string, there was a memory
leak.
As the only valid types for this function are IS_NULL and IS_STRING, we
and IS_NULL is always rejected in practice, solve the issue by not using
a function that increments the refcount in the first place.
Closes GH-12002.
NetBSD still adopts the old iconv signature for buffer inputs.
The next release will too so we can assume it will remain that way for
a while.
Close GH-12001
Evaluating constants at comptime can result in arrays that contain objects. This
is problematic for printing the default value of constant ASTs containing
objects, because we don't actually know what the constructor arguments were.
Avoid this by not propagating array constants.
Fixes GH-11937
Closes GH-11947
- GH-11958: DNF types in trait properties do not get bound properly
- GH-11883: Memory leak in zend_type_release() for non-arena allocated DNF types
- Internal trait bound to userland class would not be arena allocated
- Property DNF types were not properly deep copied during lazy loading
Co-authored-by: Ilija Tovilo <ilija.tovilo@me.com>
Co-authored-by: ju1ius <jules.bernable@gmail.com>
Upon resizing, the elements are destroyed from lower index to higher
index. When an element refers to an object with a destructor, it can
refer to a lower (i.e. already destroyed) element, causing a uaf.
Set refcounted zvals to NULL after destroying them to avoid a uaf.
Closes GH-11959.
The tempnam documentation currently states that "Only the first 63
characters of the prefix are used, the rest are ignored". However when
the prefix is 64 characters-long, the current implementation fails to
strip the last character, diverging from the documented behavior. This
patch fixes the implementation so it matches the documented behavior for
that specific case where the prefix is 64 characters long.
Closes GH-11870
Signed-off-by: George Peter Banyard <girgias@php.net>
People relied on manually waiting for children, but the fix for GH-11498
broke this. Fixing this in PHP is fundamentally incompatible with doing
the wait loop in userland. This reverts to the old behaviour.
Closes GH-11863.
* PHP-8.1:
Fix GH-10964: Improve `man` page about the built-in server
Fix GH-11438: mysqlnd fails to authenticate with sha256_password accounts using passwords longer than 19 characters
https://dev.mysql.com/doc/dev/mysql-server/latest/page_caching_sha2_authentication_exchanges.html
tells us that the nonce used in this authentication method is 20 bytes
long. However, we might receive additional scramble data in
php_mysqlnd_greet_read not used in this method.
On my test setup, I received 21 bytes (20 bytes + '\0'). This resulted
in the xor computation to incorrectly include the NUL byte. Every
password of at least 20 characters therefore failed to authenticate
using this method.
Looking at mysql-server source code also seems to reveal that it always
uses a fixed number of scramble bytes [1].
[1] ea7087d885/sql/auth/sha2_password.cc (L1078-L1079)
Closes GH-11445.
Co-authored-by: Kamil Tekiela <tekiela246@gmail.com>
According to https://www.php.net/manual/en/class.domdocument:
When using json_encode() on a DOMDocument object the result will be
that of encoding an empty object.
But this was broken in 8.1. The output was `{"config": null}`.
That's because the config property is defined with a default value of
NULL, hence it was included. The other properties are not included
because they don't have a default property, and nothing is ever written
to their backing field. Hence, the JSON encoder excludes them.
Similarly, `(array) $doc` would yield the same `config` key in the
array.
Closes GH-11840.
At one point this was changed from a bool to an int in libxml2, with
negative values meaning it is unspecified. Because it is cast to a bool
this therefore returned true instead of the expected false.
Closes GH-11793.
* PHP-8.1:
Fix empty argument cases for DOMParentNode methods
Fix DOMCharacterData::replaceWith() with itself
Fix incorrect attribute existence check in DOMElement::setAttributeNodeNS()
Fix DOMEntity field getter bugs
