MySQL always returns a trailing empty result set for stored
procedure calls, which is used to convey status information.
The PDO MySQL implementation is presently confused about what to
do with it: If mysqlnd is used and native prepared statements are
used, this result set is skipped. In all other cases it is not
skipped. We also have quite a few XFAILed tests relating to this.
This patch normalizes (for PHP-8.0 only) the behavior towards
always retaining the empty result set. This is simply how MySQL
stored procedures work (some expletives omitted here) and we can't
distinguish this "useless" result set from an empty result of a
multi query. Multi queries are not a concern for native prepared
statements, as PDO does not allow them in that case, but they are
a concern for emulated prepared statements.
Closes GH-6497.
This has been fixed for PDO SQlite by GH-4313, however the same
issue also applied to PDO MySQL.
Move the column count setting function into the main PDO layer
(and export it) and then use it in both PDO SQLite and PDO MySQL.
When `php_zlib_deflate_filter()` is called with `PSFS_FLAG_FLUSH_INC`
but without new buckets being available (e.g. because a user calls
`rewind()` after writing to the stream), we have to make sure that any
pending data are flushed. This could basically be done like in the
attached patch[1], but that could cause unnessary flushes, which can be
harmful for compression, and adds unnecessary flush markers to the
stream. Thus, we use the `php_zlib_filter_data.finished` field, which
has not been used for `zlib.deflate` filters, and properly keep track
of the need to flush.
[1] <https://bugs.php.net/patch-display.php?bug_id=48725&patch=zlib-filter-flush-fix.patch&revision=latest>
Closes GH-6019.
Reading from a stream may return greater than zero, but nonetheless the
stream's EOF flag may have been set. We have to cater to this
condition by setting the close flag for filters.
We also have to cater to that change in the zlib.inflate filter:
If `inflate()` is called with flush mode `Z_FINISH`, but the output
buffer is not large enough to inflate all available data, it fails with
`Z_BUF_ERROR`. However, `Z_BUF_ERROR` is not fatal; in fact, the zlib
manual states: "If deflate returns with Z_OK or Z_BUF_ERROR, this
function must be called again with Z_FINISH and more output space
(updated avail_out) but no more input data, until it returns with
Z_STREAM_END or an error." Hence, we do so.
Closes GH-6001.
We also need to discard old entries in the ref_props HT when values
are overwritten.
We should really forbid these kinds of overwrites. I believe they
can only occur in manually crafted serialization strings, and
cause so many problems...
Fixes oss-fuzz #28257.
If there is no result set (e.g. for upsert queries), still allow
fetching to occur without error, i.e. treat it the same way as
an empty result set.
This normalizes behavior between native and emulated prepared
statements and addresses a regression in PHP 7.4.13.
Apparently, there are broken tarballs out there which are actually in
ustar format, but did not write the `ustar` marker. Since popular tar
tools like GNU tar and 7zip have no issues dealing with such tarballs,
Phar should also be more resilient.
Thus, when the first checksum check of a tarball in (presumed) in old-
style format fails, we check whether the checksum would be suitable for
ustar format; if so, we treat the tarball as being in ustar format.
Closes GH-6479.
Missed a check for info in this code. Add it, and add an assertion
in type source removal to make it easier to catch this issue.
Fixes oss-fuzz #28208 and #28257.
In MariaDB-10.4.3 EXPIRE passwords where supported for
MariaDB. This only behaves like MySQL when the system
variable disconnect_on_expired_passwords=1.
MariaDB if there was no password it could not be considered
expired. So the test is adjusted to use actual passwords.
(MariaDB commit a94b20a8e0d9e64eeaabdaaa7a3e03fcdb8a686e)
The error codes produced my MariaDB are different
however still conforming to the SQL specification.
Closes GH-6480.
MariaDB extended the default decimal field to 39 characters
instead of MySQL's 31 characters.
This small change allows the test to pass on MySQL and MariaDB.
Closes GH-6484.
These functions now return false silently:
is_writable, is_readable, is_executable, is_file, is_dir, is_link,
file_exists
These functions now throw a warning an return false (rather than
throwing a ValueError):
fileperms, fileinode, filesize, fileowner, filegroup, filetype,
fileatime, filemtime, filectime, lstat, stat
See also https://externals.io/message/112333.
Closes GH-6478.
If the string is too short, we should treat this the same way as
an unrecognized image type. This function should be usable to
determine whether something is a valid image without doing any
checks beforehand.
Phar signatures practically are of limited size; for the MD5 and SHA
hashes the size is fixed (at most 64 bytes for SHA512); for OpenSSL
public keys there is no size limit in theory, but "64 KiB ought to be
good enough for anybody". So we check for that limit, to avoid fatal
errors due to out of memory conditions.
Since it is neither possible to have the signature compressed in the
ZIP archive, nor is it possible to manually add a signature via Phar,
we use ZipArchive to create a suitable archive for the test on the fly.
Closes GH-6474.
The use of no-sanitize may result in an inlining failure, which
will be promoted into a compile error by always-inline. Use a
normal inlining hint without enforcing it.
As it is, `::seek(0)` sets the file pointer to the beginning of the
file, but `::seek($n)` where `$n > 0` sets the file pointer to the
beginning of the following line, having line `$n` already read into the
line buffer. This is pretty inconsistent; we fix it by always seeking
to the beginning of the line.
We also add a test case for the duplicate bug #46569.
Closes GH-6434.
Nikita Popov