The checks can issue reads below and above the temporary buffer. A read
itself doesn't seem dangerous, but the condition result can be
arbitrary. Such reads have to be avoided. Likely this patch should be
backported.
(cherry picked from commit b053beee7e)
Since PHP 5.3 the default lexer generator is RE2C. On Unix-alike build
systems there is also optional configure option --enable-re2c-cgoto
which enables optimized conditional jumps using non-standard computed
goto extension. It is available since RE2C 0.10.3 so it's well covered
by RE2C versions PHP uses. This patch syncs usage of -g option accross
the PHP Unix-alike build system.
The checks can issue reads below and above the temporary buffer. A read
itself doesn't seem dangerous, but the condition result can be
arbitrary. Such reads have to be avoided. Likely this patch should be
backported.
Autoconf 2.50 released in 2001 has made several macros obsolete. Instead
of the AC_STRUCT_ST_BLKSIZE and AC_STRUCT_ST_RDEV the new
AC_CHECK_MEMBERS should be used.
When checking for the presence of stat struct members st_blkzize and
st_rdev the new AC_CHECK_MEMBERS macro defines new constants
HAVE_STRUCT_STAT_ST_BLKSIZE and HAVE_STRUCT_STAT_ST_RDEV.
Old constants HAVE_ST_BLKSIZE and HAVE_ST_RDEV need to be replaced
respectively in PHP code (this patch) and in PHP extenstions if they use
them.
PHP 5.4 to 7.1 require Autoconf 2.59+ version, PHP 7.2 and above require
2.64+ version, and the PHP 7.2 phpize script requires 2.59+ version which
are all greater than above mentioned 2.50 version.
The $Id$ keywords were used in Subversion where they can be substituted
with filename, last revision number change, last changed date, and last
user who changed it.
In Git this functionality is different and can be done with Git attribute
ident. These need to be defined manually for each file in the
.gitattributes file and are afterwards replaced with 40-character
hexadecimal blob object name which is based only on the particular file
contents.
This patch simplifies handling of $Id$ keywords by removing them since
they are not used anymore.
zval_dtor() doesn't make a lot of sense in PHP-7.* and it's used incorrectly in some places.
Its occurances should be replaced by zval_ptr_dtor() or zval_ptr_dtor_nogc(), or even more specialized destructors.
Phar phpinfo output lists also info about bz2 extension if it's
disabled and a quick info about installation. Instead of not maintained
pecl package bz2 the ext/bz2 should be mentioned. Also some outdated
pecl/phar are updated to ext/phar instead in test comments.
The SVN revision was utilized with Subversion. The Git ident
attribute applies only for particular file and since other core
extensions don't output this information anymore this patch
removes it from the phpinfo output to sync and make the phpinfo
core extensions more consistent.
Preventing integer overflows in principle, which allows to avoid additional
range checks. The phar format is based on 32-bit lengths, so the storage
sizes was kept same.
Current code treats the 'local files' stream wrapper ('php_plain_files_wrapper')
different than all other stream wrappers. For the 'local' stream wrapper,
is_executable only checks the mode key in the filestat array on the file or
directory in question. For other stream wrappers, is_executable always returns
FALSE on a directory. This treatment is inconsistent on its face.
Also, for a custom stream wrapper that also points to local files, the result
of is_executable is always FALSE even though it may be TRUE if the function were
called on the same item using the 'local' stream wrapper from PHP.
NOTE: patch does not attempt to add a test for this as there are no tests of
is_executable for stream wrappers.
PHP requires boolean typehints to be written "bool" and disallows
"boolean" as an alias. This changes the error messages to match
the actual type name and avoids confusing messages like "must be
of type boolean, boolean given".
This a followup to ce1d69a1f6, which
implements the same change for integer->int.
PHP requires integer typehints to be written "int" and does not
allow "integer" as an alias. This changes type error messages to
match the actual type name and avoids confusing messages like
"must be of the type integer, integer given".
Instead use a more idiomatic foreach loop. The behavior is not
strictly the same, but I see no reason why this specific case
should enforce continuously indexed integer keys.
Also handle references in the array while at it.
