1
0
mirror of https://github.com/php/php-src.git synced 2026-04-21 23:18:13 +02:00
Commit Graph

13677 Commits

Author SHA1 Message Date
Christoph M. Becker 4b8bbfb6db Merge branch 'PHP-8.0' into PHP-8.1
* PHP-8.0:
  Fix handling of single-key connection strings
2022-06-13 14:43:51 +02:00
Calvin Buckley 445d9502bf Fix handling of single-key connection strings
A connection string may contain just a single key, but
PHP used ";" as the heuristic to detect if a string was a connection
string versus plain DSN. However, a single-key connection string
would get treated like a DSN name, i.e. "DSN=*LOCAL". This makes it
so that "=" is used, as a connection string must contain a key.

Closes GH-8748.
2022-06-13 14:41:50 +02:00
Christoph M. Becker 4a8c59d661 [ci skip] Add missing NEWS entry 2022-06-13 14:39:00 +02:00
Remi Collet 8b07921a0c [ci skip] missing CVE 2022-06-10 14:35:12 +02:00
Remi Collet 62f64141ef [ci skip] missing CVE 2022-06-10 14:31:48 +02:00
Jakub Zelenka 976cbba76e Merge branch 'PHP-8.0' into PHP-8.1 2022-06-09 19:55:46 +01:00
Jakub Zelenka b765d4cd41 Fix bug #50293 and #81713: file path checking in OpenSSL functions
It introduces a single function to check file paths passed to OpenSSL
functions. It expands the path, check null bytes and finally does
an open basedir check.
2022-06-09 19:49:59 +01:00
Nicolas Grekas 96e3a9d316 Fix RC=1 references of declared properties when casting objects to arrays
Fixes GH-8655.
Closes GH-8737.
2022-06-09 13:28:12 +02:00
Ben Ramsey 59a3de3786 Fix date on PHP 8.1.7 release 2022-06-07 11:28:41 -05:00
Stanislav Malyshev a0f479f0b6 Update NEWS 2022-06-07 11:26:04 -05:00
Remi Collet c9ec5cfd27 NEWS for GH-8685 2022-06-03 07:55:24 +02:00
Remi Collet ae8c2bc1ce NEWS for GH-8685 2022-06-03 07:54:36 +02:00
Yurun df52903ee0 Closes GH-8626: Fix PDOStatement->execute() failed.
Then execute successfully, errorInfo() information is incorrect
2022-06-02 17:32:43 +01:00
Sara Golemon 01d84545e7 Verify internal types before abandoning call frame
An internal caller executing a builtin method with
a static return type will lose context if we drop
our frame before performing the validation.
2022-06-01 00:51:08 +00:00
Ilija Tovilo 93fc88e808 Fix Enum::from/tryFrom memory leak in JIT for internal enums
when passing an int to a string enum. Previously, the int was coerced to
a string. The JIT skips parameter clean up when unnecessary. In this
particular case, passing int to from(int|string) normally doesn't cause
a coercion so no dtor for the $value zval is generated.

To circumvent this we avoid coersion by explicitly allowing ints and
converting them to strings ourselves. Then we can free it appropriately.

See GH-8518
Closes GH-8633
2022-05-28 10:51:17 +02:00
Derick Rethans 38669f5df3 Update NEWS in 8.1 too 2022-05-27 14:44:35 +01:00
Derick Rethans d5e57268a9 Fixed bug #78139 (timezone_open accepts invalid timezone string argument). 2022-05-27 14:43:04 +01:00
Derick Rethans f36ccdb2ed Update NEWS in 8.1 too 2022-05-27 14:28:56 +01:00
Derick Rethans d8590b1aff Merge remote-tracking branch 'derickr/bug74671-dst-c-format' into PHP-8.0 2022-05-27 14:23:38 +01:00
Arnaud Le Blanc badda52a25 [ci skip] NEWS 2022-05-27 13:19:19 +02:00
Derick Rethans a04eccb294 Merge branch 'PHP-8.0' into PHP-8.1 2022-05-26 15:19:27 +01:00
Derick Rethans 172b7345b1 Update NEWS 2022-05-26 15:18:33 +01:00
Chen 040a37d3f1 Add IBT support for fiber
Indirect Branch Tracking (IBT) is part of Intel's Control-Flow
Enforcement Technology (CET). IBT is hardware based, forward edge
Control-Flow-Integrity mechanism where any indirect CALL/JMP must target
an ENDBR instruction or suffer #CP.

This commit adds IBT support for fiber:
1. Add endbr32/64 in assembly
2. Inform compiler jump_fcontext may return via indirect branch

Furthermore:
gcc support CET since v8.1 and set it to default since gcc 11. That is,
the ELF header of sapi/cli/php has a property named IBT. However, such
property is lost since PHP8.1 because the assembly introduced by Fiber.
This commit also fixes this.

Closes GH-8339

Signed-off-by: Chen, Hu <hu1.chen@intel.com>
Co-authored-by: Christoph M. Becker <cmbecker69@gmx.de>
2022-05-25 13:42:31 -05:00
Ben Ramsey 2236b2d211 [ci skip] Remove RC1 from 8.1.7 in the NEWS file 2022-05-25 12:00:01 -05:00
Ben Ramsey cc599c299e Update NEWS with mb_detect_encoding changes 2022-05-25 11:52:27 -05:00
Patrick Allaert 3b6ee1eb19 Bump for 8.1.8-dev 2022-05-25 00:54:00 +02:00
Sara Golemon e05897fe5e Bump for 8.0.21 2022-05-24 18:51:01 +00:00
Christoph M. Becker 5017240ccc Merge branch 'PHP-8.0' into PHP-8.1
* PHP-8.0:
  Fix pcntl Haiku build
2022-05-24 15:00:47 +02:00
David Carlier e33de9dda8 Fix pcntl Haiku build
guarding SIGIO constant.

Closes GH-8612.
2022-05-24 14:59:50 +02:00
Christoph M. Becker ee9a3fa762 Merge branch 'PHP-8.0' into PHP-8.1
* PHP-8.0:
  Fix GH-8538: SoapClient may strip parts of nmtokens
2022-05-23 16:51:32 +02:00
Christoph M. Becker 2a13304b2e Fix GH-8538: SoapClient may strip parts of nmtokens
When stripping the namespace prefix, we can assume that this does not
contain any colons, while the rest of the name may contain colons.
Hence we must not use `strrchr()` but rather `strchr()` instead.

Closes GH-8543.
2022-05-23 16:49:12 +02:00
Ilija Tovilo c71e75bb11 [skip ci] Add NEWS entry 2022-05-22 23:29:32 +02:00
Ilija Tovilo f0480eb4de Fix undefined behavior in php_set_inet6_addr
Postfix `++` on `NULL` is undefined behavior

Closes GH-8607
2022-05-22 23:23:47 +02:00
Derick Rethans 008016b536 Fixed bug #81565 (date parsing fails when provided with timezones including seconds) 2022-05-20 13:18:43 +01:00
Derick Rethans 78d5076b25 Fixed bug #51987 (Datetime fails to parse an ISO 8601 ordinal date (extended format)) 2022-05-20 13:18:43 +01:00
Derick Rethans 23dbefdb7b Fixed bug #51934 (strtotime plurals / incorrect time) 2022-05-20 13:18:43 +01:00
Derick Rethans ee2776210b Fixed bug #66019 (DateTime object does not support short ISO 8601 time format - YYYY-MM-DDTHH) 2022-05-20 13:18:43 +01:00
Derick Rethans ef55bf7149 Fixed bug GH-7758 (Problems with negative timestamps and fractions) 2022-05-20 13:18:42 +01:00
Levi Morrison ffd27bdec4 Stop closing stderr and stdout streams (#8570)
Extensions may (and do) write to stderr in mshutdown and similar. In
the best case, with the stderr stream closed, it's just swallowed.

However, some libraries will do things like try to detect color, and
these will outright fail and cause an error path to be taken.
2022-05-20 13:40:09 +02:00
Levi Morrison fa78e17724 Stop closing stderr and stdout streams (#8569)
Extensions may (and do) write to stderr in mshutdown and similar. In
the best case, with the stderr stream closed, it's just swallowed.

However, some libraries will do things like try to detect color, and
these will outright fail and cause an error path to be taken.
2022-05-20 13:27:23 +02:00
Christoph M. Becker dd89acaf49 Merge branch 'PHP-8.0' into PHP-8.1
* PHP-8.0:
  Fix GH-8578: Error on wrong parameter on SoapHeader constructor
2022-05-19 11:07:29 +02:00
robertnisipeanu 8735ae9d13 Fix GH-8578: Error on wrong parameter on SoapHeader constructor
Closes GH-8579.
2022-05-19 11:03:49 +02:00
Jakub Zelenka 74f75db0c3 Fix bug #79589: ssl3_read_n:unexpected eof while reading
The unexpected EOF failure was introduced in OpenSSL 3.0 to prevent
truncation attack. However there are many non complaint servers and
it is causing break for many users including potential majority
of those where the truncation attack is not applicable. For that reason
we try to keep behavior consitent with older OpenSSL versions which is
also the path chosen by some other languages and web servers.

Closes GH-8369
2022-05-15 16:52:12 +01:00
Arnaud Le Blanc 680afd160a [ci skip] NEWS 2022-05-13 12:44:16 +02:00
Arnaud Le Blanc 5a39f4c7cc [ci skip] NEWS 2022-05-13 12:41:42 +02:00
Arnaud Le Blanc d8f7797ba0 [ci skip] NEWS 2022-05-13 12:25:03 +02:00
Jakub Zelenka 82eea0efc9 Merge branch 'PHP-8.0' into PHP-8.1 2022-05-10 21:39:31 +01:00
Jakub Zelenka 23a2030438 Fix bug #72185: php-fpm writes empty fcgi record causing nginx 502
This issue might happen if there is change of the fcgi stream when
the buffer is full. Then the empty record is created which signals
end of stream which is incorrect.

The actual fix without a test was contributed by GitHub user @loveharmful
in GH-3198.
2022-05-10 21:36:55 +01:00
Arnaud Le Blanc a82ee8e38b [ci skip] NEWS 2022-05-06 18:21:11 +02:00
Derick Rethans 95f5f9d21d Adding missing NEWS entry 2022-05-05 15:25:35 +01:00