Fortunately, libxml won't allow _at this point in time_ to have more
than INT_MAX/5 attributes, so this doesn't cause issues right now.
However, if this limit is ever raised then it can cause an integer
overflow which will cause a heap overflow.
So future-proof this code by properly using safe_emalloc().
Closes GH-20472.
We would need to escape the attributes, but there's no builtin method
that we can call in libxml2 to do so in a way consistent with the
attribute escape rules and expat.
In fact, expat just repeats the input, while we reconstruct it.
To fix the issue, and fix consistency with expat, we repeat the input as
well. This works by seeking to the start and end of the tag and passing
it to the default handler. This is fine for the parser because the
parser used in ext/xml is always in non-progressive mode, so we have
access to the entire input buffer.
Instead of
* adding a zval on the stack
* initializing it
* copying the value to the attribute
Just initialize the value directly in the zend_attribute_arg
This is in preparation for the possible future transformation of `clone` into a
function call, but also meaningful on its own, since the purpose of the tests
is not to test the stack trace generation, but rather that an exception was
thrown. It also cleans up some unreachable code in the tests.
This reverts commit 8dc799aac7.
Originally, this was going to be deprecated in libxml2 2.14, but this
didn't end up happening in the end, and the replacement function that we
used got deprecated instead. So fix the deprecation warning by reverting
to the original code.
Closes GH-18407.
A bunch of different issues:
1) The referenced value is copied without incrementing the refcount.
The reason the refcount isn't incremented is because otherwise
the array modifications would violate the RC1 constraints.
Solve this by copying the reference itself instead and always
read the referenced value.
2) No type checks on the array data, so malicious scripts could
cause type confusion bugs.
3) Potential overflow when the arrays resize and we access ctag.
Closes GH-17205.
* PHP-8.3:
Fix GH-15868: Assertion failure in xml_parse_into_struct after exception
Fix GH-15868: Assertion failure in xml_parse_into_struct after exception
Upon unwinding from an exception, the parser state is not stable, we
should not continue updating the values if an exception was thrown.
Closes GH-15879.
Upon unwinding from an exception, the parser state is not stable, we
should not continue updating the values if an exception was thrown.
Closes GH-15879.
To match other capitalized strings like `ZEND_STR_UNKNOWN_CAPITALIZED` and
`ZEND_STR_ARRAY_CAPITALIZED`. Since this known string was only added in PHP
8.4, no backwards compatibility alias is needed.
When a class (or enum) has no methods, rather than using an array that only
contains `ZEND_FE_END`, use `NULL` for the functions. The implementation of
class registration for internal classes, `do_register_internal_class()` in
zend_API.c, already skips classes where the functions are `NULL`. By removing
these unneeded arrays, we can reduce the size of the header files, while also
removing an unneeded call to zend_register_functions() for each internal class
with no extra methods.
Currently, internal classes are registered with the following code:
INIT_CLASS_ENTRY(ce, "InternalClass", class_InternalClass_methods);
class_entry = zend_register_internal_class_ex(&ce, NULL);
class_entry->ce_flags |= ...;
This has worked well so far, except if InternalClass is readonly. It is because some inheritance checks are run by zend_register_internal_class_ex before ZEND_ACC_READONLY_CLASS is added to ce_flags.
The issue is fixed by adding a zend_register_internal_class_with_flags() zend API function that stubs can use from now on. This function makes sure to add the flags before running any checks. Since the new API is not available in lower PHP versions, gen_stub.php has to keep support for the existing API for PHP 8.3 and below.
The PHP_ADD_EXTENSION_DEP Autoconf macro needs to be called after
PHP_NEW_EXTENSION to be fully effective. This simplifies the code and
checks. Also, due to the current order_by_dep.awk script implementation
it needs to be on its own line with arguments unquoted so that awk can
parse the config.m4 file. Until order_by_dep.awk script is fixed.
- PHP_SETUP_LIBXML arguments quoted
- Help texts updated for HAVE_LIBXML, HAVE_DOM, HAVE_XMLREADER,
HAVE_XMLWRITER, HAVE_SOAP, HAVE_SIMPLEXML, and HAVE_XML CPP macros
- Duplicate HAVE_LIBXML symbol definition in PHP_SETUP_LIBXML M4 macro
removed (the HAVE_LIBXML marks that PHP libxml extension is available and
not only that libxml2 library is available)
