* Fix regression from GH-8587
Streams hold a reference to the stream wrapper. User stream wrappers
must not be released until the streams themselves are closed.
* Add test for directories
Because the UID= and PWD= values are appended to the SQLDriverConnect
case when credentials are passed, we have to append them to the string
in case users are relying on this behaviour. However, they must be
quoted, or the arguments will be invalid (or possibly more injected).
This means users had to quote arguments or append credentials to the raw
connection string themselves.
It seems that ODBC quoting rules are consistent enough (and that
Microsoft trusts them enough to encode into the .NET BCL) that we can
actually check if the string is already quoted (in case a user is
already quoting because of this not being fixed), and if not, apply the
appropriate ODBC quoting rules.
This is because the code exists in main/, and are shared between
both ODBC extensions, so it doesn't make sense for it to only exist
in one or the other. There may be a better spot for it.
Closes GH-8307.
* Use arena in DCE instead of multiple alloca()
This requires passing the optimizer context
* Use our do_alloca() instead of alloca()
* Use emalloc in DEBUG builds instead of stack allocations for do_alloca()
This helps detecting that we correctly free do_alloca()
This issue might happen if there is change of the fcgi stream when
the buffer is full. Then the empty record is created which signals
end of stream which is incorrect.
The actual fix without a test was contributed by GitHub user @loveharmful
in GH-3198.
When you choose to bind() to a local address and connect to a remote host
the kernel does not know if socket is listener or whatnot and has to reserve
a port within a ~32k range on which you are also competing with other
applications bound to the same address, this is easy to exhaust and get a
EADDRINUSE.
The linux kernel implemented IP_BIND_ADDRESS_NO_PORT on
90c337da15
which delays the port allocation until the 4-tuple is known in case source port
is 0.
CVS date not changed as in fact the actual version is related to an earier date
in reality.
They ditched the `uintptr_t`cast finally. While at it
updating the C style definitions.
Closes GH-8389.
copy_file_range() is a Linux-specific system call which allows
efficient copying between two file descriptors, eliminating the need
to transfer data from the kernel to userspace and back. For
networking file systems like NFS and Ceph, it even eliminates copying
data to the client, and local filesystems like Btrfs and XFS can
create shared extents.
Apparently, this has been forgotten when PHP 8.0.17RC1 and 8.0.18RC1
had been tagged.
We also fix the version of the fix for GH-8253, which didn't make it
into PHP 8.0.18RC1.
* ext/oci8: use zend_string_equals()
Eliminate duplicate code.
* main/php_variables: use zend_string_equals_literal()
Eliminate duplicate code.
* Zend/zend_string: add zend_string_equals_cstr()
Allows eliminating duplicate code.
* Zend, ext/{opcache,standard}, main/output: use zend_string_equals_cstr()
Eliminate duplicate code.
* Zend/zend_string: add zend_string_starts_with()
* ext/{opcache,phar,spl,standard}: use zend_string_starts_with()
This adds missing length checks to several callers, e.g. in
cache_script_in_shared_memory(). This is important when the
zend_string is shorter than the string parameter, when memcmp()
happens to check backwards; this can result in an out-of-bounds memory
access.
This is achieved by tracking the observers on the run_time_cache (with a fixed amount of slots, 2 for each observer).
That way round, if the run_time_cache is freed all associated observer data is as well.
This approach has been chosen, as to avoid any ABI or API breakage.
Future versions may for example choose to provide a hookable API for run_time_cache freeing or similar.
Closes GH-7847
Closes GH-7852
Previously stripos/stristr would lowercase both the haystack and the
needle to reuse strpos. The approach in this PR is similar to strpos.
memchr is highly optimized so we're using it to search for the first
character of the needle in the haystack. If we find it we compare the
remaining characters of the needle manually.
The new implementation seems to perform about half as well as strpos (as
two memchr calls are necessary to find the next candidate).
When bug 77574[1] has been fixed, the fix only catered to variables
retrieved via `getenv()` with a `$varname` passed, but neither to
`getenv()` without arguments nor to the general import of environment
variables into `$_ENV` and `$_SERVER`. We catch up on this by using
`GetEnvironmentStringsW()` in `_php_import_environment_variables()` and
converting the encoding to whatever had been chosen by the user.
[1] <https://bugs.php.net/bug.php?id=75574>
Closes GH-7928.
Unfortunately, libedit is locale based and does not accept UTF-8
input when the C locale is used. This patch switches the default
locale to C.UTF-8 instead (if it is available). This makes libedit
work and I believe it shouldn't affect behavior of single-byte
locale-dependent functions that PHP otherwise uses.
Closes GH-7635.
