zend_find_array_dim_slow() may throw, make sure to handle this.
This backports the code we already use for this on PHP-8.0,
and also backports an exception check that makes this easier to
catch.
Not removing this causes build failure when reconfiguring and rebuilding after a `make clean`, e.g. enabling/disabling ZTS.
This makes https://bugs.php.net/bug.php?id=80561 more bearable. Ideally it would be rebuilt automatically on configuration change if necessary, but I have no idea how to implement this.
Closes GH-6702.
Rather than segfaulting because sname is missing lateron, report
a FAIL here. As this indicates a server bug, the errors is reported
as an out of band warning, rather than a client error.
This fixes the PHP side of bug #80713.
As these hold on to some internal resource, there can't be two
"equal" objects with different identity. Make sure the lack of
public properties doesn't result in these being treated as always
equal.
openssl_pkey_new() fetches various options from the config file --
most of these are optional, and not specifying them is not an error
condition from the perspective of the user. Unfortunately, the
CONF_get_string() API pushes an error when accessing a key that
doesn't exist (_CONF_get_string does not, but that is presumably a
private API). This commit adds a helper php_openssl_conf_get_string()
that automatically clears the error in this case. I've found that
OpenSSL occasionally does the same thing internally:
22040fb790/apps/req.c (L515-L517)
Closes GH-6699.
libcurl 7.75.0 finally adds support for `gophers://`, i.e. gopher over
TLS. The protocol is neither standardized, nor is the protocol
registered with IANA, but well, it is there and the test case should
cater to that.
We need to first clean the symtable and then check whether a cache
slot is available for it. Otherwise, it may happen that a destructor
runs while cleaning the table and uses up all the remaining slots
in the cache.
This is particularly insidious because once we overflow the cache,
the first pointer we modify is symtable_cache_ptr, making it hard
to understand what happened after the fact.
Fixes oss-fuzz #30815.
The PAM service requires the terminating null to be part
of the communication.
Tested with MariaDB-10.4(pam) and Percona Server 5.7.32(auth_pam_compat).
Also changed MySQL Enterprise test to the server side plugin, authentication_pam
as opposed to the client plugin mysql_clear_password.
Add additional check for pamtest user and pam service file as
all are required for the test.
More importantly, test result should actually succeed.
Thanks Geoff Montee for bug report.
Closes GH-78680.
We need to always destroy current, not just when iter.data is not
set.
Take this opportunity to clean up the iterator destructor code a
bit, to remove redundant checks and incorrect comments.
The get_info() handler should never fail, but even if it does,
we should still return a proper info array -- it doesn't make
sense that a completely incorrect hash returns an info array,
but a hash that is recognized but for which the options can't
be extracted would return null.
This function internally converts zero length arguments to NULL
argument -- but we should also accept them in the first place.
Null arguments being accepted was actually documented, before
bug #78399 adjusted the docs to match current behavior.
Empty string was interpreted as a special value here, which indicates
that the default magic database should be used. It makes more sense
to use null for this purpose.
The documentation also explicitly mentions that null can be used.
The parameter is not nullable, so it will be interpreted as
an empty string anyway.
The entire code here is pretty confusing though, and probably
deserves a second loop. The HTTP code only send SOAPAction/action
if soapaction is non-NULL -- but it always is, because it is
accepted through a non-nullable string parameter.
Regarding the SOAPAction header, it appears that always sending
it is actually a requirement of the standard:
> An HTTP client MUST use this header field when issuing a SOAP
> HTTP Request.
Although it does make a distinction between absence of value and
an empty string:
> The header field value of empty string ("") means that the intent
> of the SOAP message is provided by the HTTP Request-URI. No value
> means that there is no indication of the intent of the message.
The empty string interpretation appears to be the desired one.
However, for the action MIME tag the SOAP 1.2 Part 2 specification
says that
> The media type specifies an optional action parameter, which can
> be used to optimize dispatch or routing, among other things.
but also
> The SOAP Action feature defines a single property, which is
> described in Table 14. The value of this property MUST be an
> absolute URI[RFC 3986] and MUST NOT be empty.
which would indicate that we should not be sending an empty
action here.
As I'm not familiar with SOAP and this is long-standing behavior,
I'm just leaving this alone for now...
Currently an empty string is used to unset the location. Once
again, it makes more sense to use a null value for this purpose
(though the special behavior of empty strings is retained).
The code comment above the function also explicitly indicates
that null should be accepted, and the function does return null
rather than an empty string for the old location value (if it
is missing).
$typeName, $typeNamespace, $nodeName and $nodeNamespace all
special-case the empty string and don't set the property entirely
in that case. It makes more sense to use null to indicate absence
here (though of course the empty string behavior is retained).
It is explicitly documented to be nullable, and this matches other
functions like imagepng. It is also documented to accept a stream,
which it currently does not...
