I'm going for a very conservative fix here, where the previous
logic is restored for the case where an object is passed to
method_exists(). We might want to check against EG(scope) instead,
but this seems like a safer choice.
This means that behavior in PHP 7.4 changes only for
method_exists('C', 'privateMethodNotOnC'), which should be sensible.
stream_get-line repeatedly calls php_stream_fill_read_buffer until
enough data is accumulated in buffer. However, when stream contains
filters attached to it, then each call to fill buffer essentially
resets buffer read/write pointers and new data is written over old.
This causes stream_get_line to skip parts of data from stream
This patch fixes such behavior, so fill buffer call will append.
Add a max_depth option to unserialize and an unserialize_max_depth
ini setting, which can be used to control the depth limit. The
default value is 4096.
This option is intended to prevent stack overflows during the
unserialization of deeply nested structures.
This fixes bug #78549 and addresses oss-fuzz #17581, #17589, #17664,
and #17788.
rename_variation2.tmp is ... unsurprisingly ... already used by
rename_variation2.phpt. Alternatively it could be placed in the
directory that the test creates, but maybe this is intended to
test cross-directory renames, so I'll leave it.
Resources used as array keys are generally handled by throwing a
notice and converting the resource to the resource handle. The only
exception is the [$resource => null] syntax, where this was treated
as an illegal offset type instead. However, this also only happened
for VM evaluations, the AST evaluator did handle resources correctly.
This removes object auto-vivification support.
This also means that we can remove the corresponding special
handling for typed properites: We no longer need to check that a
property is convertible to stdClass if such a conversion might
take place indirectly due to a nested property write.
Additionally OBJ_W style operations now no longer modify the
object operand, and as such we no longer need to treat op1 as a
def in SSA form.
The next step would be to actually compile the whole LHS of OBJ_W
operations in R rather than W mode, but that causes issues with
SimpleXML, whose object handlers depend on the current compilation
structure.
Part of https://wiki.php.net/rfc/engine_warnings.
