php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-05 15:12:39 +02:00
Code Issues Packages Projects Releases Wiki Activity
126,550 Commits 547 Branches 1,481 Tags
98dbae4feb4f905cf9f429200062880e03f9fa3f
Commit Graph

5646 Commits

Author SHA1 Message Date
Christoph M. Becker
e22b305ffb Merge branch 'PHP-8.1' 
* PHP-8.1:
  Fix #81518: Header injection via default_mimetype / default_charset
 2021-10-14 12:24:05 +02:00
Christoph M. Becker
f99c69fc2e Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Fix #81518: Header injection via default_mimetype / default_charset
 2021-10-14 12:23:43 +02:00
Christoph M. Becker
b7f3b67060 Merge branch 'PHP-7.4' into PHP-8.0 
* PHP-7.4:
  Fix #81518: Header injection via default_mimetype / default_charset
 2021-10-14 12:21:35 +02:00
Christoph M. Becker
365769366b Fix #81518: Header injection via default_mimetype / default_charset 
We forbid setting these INI options to values containing NUL bytes, CR
or LF.

Closes GH-7574.
 2021-10-14 12:16:19 +02:00
Nikita Popov
39a1cab471 Generate tracing jit corpus in generate_all.php 
Using same corpus as function jit. To allow oss-fuzz integration.
 2021-10-11 14:33:11 +02:00
Joe Watkins
0603d3b2e2 improve configuration of pthread link for userfaultd thread under NTS (#7568) 2021-10-11 12:57:41 +02:00
Bob Weinand
ad9c10b47b Prefer userfaultfd over mprotect+SIGSEGV signal handling on linux for phpdbg watchpoints 
Closes GH-7551.
 2021-10-08 21:05:43 +02:00
Nikita Popov
5d05f810d0 Reduce max input size in parser fuzzer 
Still seeing stack overflows for $$$$$x style input, let's reduce
the input size limit further...
 2021-10-06 19:14:20 +02:00
Kamil Tekiela
10f102d790 Fix 'can not' in error messages 2021-10-05 09:51:58 +01:00
Joe Watkins
e829284b53 Merge branch 'PHP-8.1' 
* PHP-8.1:
  Fix #81496: CLI server logs wrong request method
 2021-10-05 08:43:38 +02:00
Joe Watkins
03e9bed5b5 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Fix #81496: CLI server logs wrong request method
 2021-10-05 08:43:09 +02:00
Lauri Kenttä
cdcdb33080 Fix #81496: CLI server logs wrong request method 2021-10-05 08:42:38 +02:00
Nikita Popov
0c6c882b92 Merge branch 'PHP-8.1' 
* PHP-8.1:
  Disable failing FPM test
 2021-10-04 23:31:48 +02:00
Nikita Popov
cd84480e54 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Disable failing FPM test
 2021-10-04 23:31:40 +02:00
Nikita Popov
a00d933242 Merge branch 'PHP-7.4' into PHP-8.0 
* PHP-7.4:
  Disable failing FPM test
 2021-10-04 23:31:31 +02:00
Nikita Popov
4c01bd2ade Disable failing FPM test 
Test fails intermittently, e.g.:

https://dev.azure.com/phpazuredevops/PHP/_build/results?buildId=20597&view=ms.vss-test-web.build-test-results-tab&runId=475324&resultId=115501&paneView=debug

Possibly this is because the two requests end up being processed
in sequence and no second process is spawned.
 2021-10-04 23:30:14 +02:00
Jakub Zelenka
582cd2ca7f Merge branch 'PHP-8.1' 2021-10-04 21:57:25 +01:00
Jakub Zelenka
7dd87b2343 Merge branch 'PHP-8.0' into PHP-8.1 2021-10-04 21:56:06 +01:00
Jakub Zelenka
9ed95846a3 Merge branch 'PHP-7.4' into PHP-8.0 2021-10-04 21:55:21 +01:00
Jakub Zelenka
66a655fdf4 Add the actual test for FPM prod idle timeout test with 6s sleep 2021-10-04 21:54:32 +01:00
Jakub Zelenka
2cd69115d5 Merge branch 'PHP-7.4' into PHP-8.0 2021-10-04 21:53:34 +01:00
Jakub Zelenka
edfb347019 Add FPM prod idle timeout test with 6s sleep 2021-10-04 21:50:57 +01:00
Nikita Popov
17a237a561 Merge branch 'PHP-8.1' 
* PHP-8.1:
  Revert "Add FPM prod idle timeout test"
 2021-10-04 10:17:18 +02:00
Nikita Popov
0431bd3137 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Revert "Add FPM prod idle timeout test"
  [ci skip] Fix missing NEWS
  [ci skip] Add missing NEWS
 2021-10-04 10:17:07 +02:00
Nikita Popov
987aee10a9 Merge branch 'PHP-7.4' into PHP-8.0 
* PHP-7.4:
  Revert "Add FPM prod idle timeout test"
 2021-10-04 10:16:53 +02:00
Nikita Popov
69514e6ffb Revert "Add FPM prod idle timeout test" 
This reverts commit 08f52b1643.

The newly added test fails.
 2021-10-04 10:16:20 +02:00
Jakub Zelenka
cbdcb0e46f Merge branch 'PHP-8.1' 2021-10-02 18:32:20 +01:00
Jakub Zelenka
4ef6280b9a Fix conflicting pattern wrapping in FPM openmetrics test 2021-10-02 18:31:49 +01:00
Jakub Zelenka
390d4e94ed Merge branch 'PHP-8.0' into PHP-8.1 2021-10-02 18:29:25 +01:00
Jakub Zelenka
ca3f20209f Merge branch 'PHP-7.4' into PHP-8.0 2021-10-02 18:27:47 +01:00
Jakub Zelenka
08f52b1643 Add FPM prod idle timeout test 2021-10-02 18:26:18 +01:00
codinghuang
5bda4cd25a Support specifying start position in compile_string 
Add additional zend_compile_position argument, which can be either
AT_SHEBANG, AT_OPEN_TAG or AFTER_OPEN_TAG. The previous behavior
corresponds to AFTER_OPEN_TAG.

Closes GH-7462.
 2021-09-30 10:21:33 +02:00
Nikita Popov
83fccc68d7 Consistently set bailed_out flag 
It was not set for some of the bailouts, resulting in timeouts
in the function JIT fuzzer.

Fixes oss-fuzz #39293.
 2021-09-28 12:16:22 +02:00
David CARLIER
83697aa95e fpm allow to ptrace/make the the process dumpable for FreeBSD. (#7375) 2021-09-27 21:16:23 +01:00
Nikita Popov
a12aee5cb3 Fix opcache path determination, again 
We shouldn't be appending to the executable path, but rather to
the directory of the executable.
 2021-09-24 16:27:44 +02:00
Nikita Popov
b732b6d06f Try to fetch opcache.so path relative to binary 
While the cwd-relative lookup worked for the oss-fuzz docker images,
it doesn't seem to work on the cluster infrastructure. Try finding
opcache.so relative to the binary instead.
 2021-09-23 16:44:03 +02:00
Nikita Popov
40aa6b63d1 Further limit max input size in parser fuzzer 
It's easy to cause stack overflows with degenerate cases like
"$$$$$x" repeated thousands of times. We have no interest in
addressing these.

Make the input size smaller to hopefully avoid these stack
overflows.
 2021-09-23 13:11:21 +02:00
Nikita Popov
b7409d3a63 Disable chdir in execute fuzzers 
We don't want the current working directory to change during
fuzzing, as that breaks corpus access unless an absolute path is
used. I'm not sure why this issue never came up before.
 2021-09-22 12:58:20 +02:00
Nikita Popov
831a2b3c3d Disable custom execute_ex during function JIT fuzzing as well 
Having zend_execute_ex set is normally not a problem for the
function JIT, but there is an edge case leak due to special
RELEASE_THIS handling during generator creation. As this is an
unsupported mode of operation, reset to the original handler
for the function jit fuzzer as well.
 2021-09-22 12:48:52 +02:00
Nikita Popov
b3d37e9c91 Generate function-jit corpus in generate_all.php 
For use by oss-fuzz.
 2021-09-22 11:06:22 +02:00
Nikita Popov
9d0c018668 Make sure dummy file for fuzzing exists 2021-09-22 10:58:25 +02:00
Nikita Popov
06a25c774d Add fuzzer for tracing jit 2021-09-22 10:32:46 +02:00
Nikita Popov
28e882a162 Fix null pointer ubsan warning 
Don't pass null pointer to memmove, even with zero length.
 2021-09-17 10:25:52 +02:00
Nikita Popov
62503236d5 Make it easier to run CLI server tests standalone 2021-09-17 10:15:35 +02:00
Nikita Popov
e2d05bfcb2 Allow get_request_time() hook to fail 
In particular, this allows using the hook without server_context.
The apache2handler implementation now checks that server_context
is available itself, as that's the implementation that cares
about it.
 2021-09-16 16:54:07 +02:00
Nikita Popov
13fa90fb55 Fix initializer warning in apache2handler 2021-09-16 16:52:38 +02:00
Nikita Popov
cd4243dde9 Add fuzzer for function JIT 
This is a basic fuzzer for the function JIT, which looks for
crashes and sanitizer violations only, and does not try to detect
differing behavior yet.
 2021-09-15 17:12:39 +02:00
Nikita Popov
74033b2cc6 Don't hardcode used sanitizers in fuzzer 
Now that we have generic --enable-address|undefined|memory-sanitizer
options, let the user pick one of these instead of making the fuzzer
enable one implicitly.
 2021-09-15 16:07:26 +02:00
Máté Kocsis
a1a8e9032c Remove unnecessary PHP_FUNCTION() declarations (#7472) 2021-09-07 10:04:00 +02:00
Nikita Popov
14f599ea7d Use zend_long for resource ID 
Currently, resource IDs are limited to 32-bits. As resource IDs
are not reused, this means that resource ID overflow for
long-running processes is very possible.

This patch switches resource IDs to use zend_long instead, which
means that on 64-bit systems, 64-bit resource IDs will be used.
This makes resource ID overflow practically impossible.

The tradeoff is an 8 byte increase in zend_resource size.

Closes GH-7436.
 2021-08-31 14:58:59 +02:00