zend_std_get_property_ptr_ptr() was the only property handler that did
not propagate the IN_GET guard to the underlying object when forwarding
from a lazy proxy after initialization. This caused __get to be called
on the underlying object when it shouldn't be, leading to assertion
failures.
The same guard-copying pattern already existed in read_property,
write_property, unset_property, and has_property since commit
26f5009e91 (GH-18039).
Also fixes GH-20873 and GH-20854.
Closes GH-20875
openssl_pkey_new() checks private_key_bits >= 384 before generating any
key. For EC, X25519, ED25519, X448, and ED448 the size is inherent to
the curve or algorithm, so this check doesn't apply and causes failures
when default_bits is missing from openssl.cnf (which is the case in
OpenSSL 3.6's default config).
Skip the minimum-bits check for key types that don't use private_key_bits.
Closes GH-21387.
Registering namespace after the parsing is too late because parsing can
fail due to attributes referencing namespaces.
So we have to register fake namespaces before the parsing.
However, the clone operation reconciles namespaces in the wrong way, so
we have to clone via an object.
Closes GH-21371.
The cookie option parser uses a wrong offset to start scanning
attributes, causing cookie values containing substrings like
"path=" or "domain=" to be falsely matched as attributes.
close GH-21400
This path wasn't tested (clearly).
To trigger this we use FFI, which seemed like the easiest way that
doesn't involve using another process messing with the shared memory.
Closes GH-21388.
Previously, static trait properties would always redeclare locally declared
static properties to make sure any inherited property would stop sharing a
common slot with the parent. This would leave holes in property_info, creating
issues for this code:
zend_hash_extend(&ce->properties_info,
zend_hash_num_elements(&ce->properties_info) +
zend_hash_num_elements(&parent_ce->properties_info), 0);
where zend_hash_num_elements(&ce->properties_info) +
zend_hash_num_elements(&parent_ce->properties_info) is supposed to extend the
hash table enough to hold all additional properties coming from parent. However,
if ce->properties_info contains holes this might not be enough, given all parent
properties are appended at nNumUsed.
This could be fixed by further extending the hash table, but we can also avoid
the holes in properties_info completely by not redeclaring trait properties that
are already declared in the target class. This is now possible because traits
are bound before performing parent class inheritance, so if the property is
already present we know it will separate the property slot.
Fixes GH-20672
Closes GH-21358
Fix `PQTRACE_SUPPRESS_TIMESTAMPS` guard misspelling in pgsql.stub.php.
The guard has been misspelled as `PQTRACE_SUPPPRESS_TIMESTAMPS`
(three P's) since 7ec8ae12c4, preventing the
`PGSQL_TRACE_SUPPRESS_TIMESTAMPS` constant from being registered.
close GH-21386
Also switch to uint64_t as that's used on master and makes the code
simpler to fix.
Closes GH-20807.
Co-authored-by: Arnaud Le Blanc <arnaud.lb@gmail.com>
Mirror the mdata_used protection pattern from php_pcre_replace_func_impl
in php_pcre_match_impl, php_pcre_replace_impl, php_pcre_split_impl,
and php_pcre_grep_impl.
close GH-21291
Fix pcre2_code leak when pcre2_pattern_info() fails after a successful
pcre2_compile(), and fix match_sets/match_data/marks leak when
offsets[1] < offsets[0] in php_pcre_match_impl().
close GH-21298
Since GH-15021 preloaded constants are propagated to compiled scripts. This is
problematic for file cache, which assumes all referenced zvals are either
persistently allocated or local to the current script. However, preloaded
constants live in shm as immutable, but not persistent.
To solve this, we'd need to duplicate propagated constants in the optimizer when
file cache is used. This is error prone given it needs to happen in many places.
It's debatable whether constant propagation is even correct in this case, as
running the preloaded script on a restart isn't guaranteed to produce the same
result.
Hence, avoid the issue for now by just not relying on preloaded symbols when
file cache is used.
Fixes GH-21052
Closes GH-21281
When installing executables that were built using libtool, we are
supposed to use
$ libtool --mode-install <install-command>
rather than the bare <install-command>. This is discussed ever so
briefly in the "Installing executables" section of the GNU libtool
documentation:
https://www.gnu.org/software/libtool/manual/libtool.html
So far this has not caused a problem with GNU libtool on the platforms
that PHP supports, but there is an alternate libtool implementation
called slibtool that stores wrappers at the locations where PHP is
expecting the true executables to live. As a result, the wrappers (and
not the executables) are installed when slibtool is used to build PHP.
This is fixed by replacing,
$(INSTALL)
with
$(LIBTOOL) --mode=install $(INSTALL)
in the install-foo rules for the executables that are built with
libtool.
Closes GH-13674
Move the signal table update after the php_signal4 call, mirroring
what is already done in the SIG_DFL/SIG_IGN (integer) code path.
This prevents a stale entry in the table if sigaction fails.
close GH-21270
Add missing PCNTL_CPU_DESTROY(mask) call before RETURN_THROWS() when
the cpu id is out of range, matching the cleanup on other error paths.
close GH-21268
Save errno into a local int before calling close(fd), as close() may
clobber errno on failure. Use int rather than errno_t because errno_t
is defined in C11 Annex K (bounds-checking interfaces) which is
optional and not widely implemented — many platforms (Linux/glibc,
musl, macOS, FreeBSD) do not provide it.
close GH-21256
