The `encoding` attribute of the XML declaration is optional; it is good
practice to use external encoding information where available if it is
missing. Thus, we check for `charset` info of `Content-Type` headers,
and see whether the encoding is supported.
We cater to trailing parameters and quoted-strings, but not to escaped
backslashes and quotes in quoted-strings, since no known character
encoding contains these anyway.
Co-authored-by: Michael Wallner <mike@php.net>
Closes GH-6747.
This issue came up recently in a bug report[1]; without the error code,
users can barely guess why the function failed.
[1] <https://bugs.php.net/80812>
Closes GH-6745.
* @@session.old_passwords is present only in 5.6 and 5.7. Newer versions
already behave as if they have old_passwords=2.
* SET PASSWORD FOR ... = PASSWORD(...) syntax was removed in 8.0.
For all affected tests, versions that don't support newer SQL are
already explicitly excluded with version checks.
Closes GH-6729.
If the SKIPIF section return nocache, don't cache the result. This
is used by tests that perform complex test set in conjunction with
skip checks, and need to be evaluated every time.
* PHP-8.0:
Fix ASAN warning (Zend/zend_string.h:165:2: runtime error: null pointer passed as argument 2 of memcpy(), which is declared to never be null)
When opening HTTP streams, and reading the headers, we currently
discard header lines longer than `HTTP_HEADER_BLOCK_SIZE` (1024 bytes).
While this is not generally forbidden by RFC 7230, section 3.2.5, it
is not generally allowed either, since that may change the "message
framing or response semantics".
We thus fix this by allowing arbitrarily long header lines.
Closes GH-6720.
If the ZEROFILL flag is set for a field, do not convert it into
an integer (text protocol) or convert it explicitly into a padded
string (binary protocol).
So far, `SendText()` simply separates potential email address lists at
any comma, disregarding that commas inside a quoted-string do not
delimit addresses. We fix that by introducing an own variant of
`strtok_r()` which caters to quoted-strings.
We also make `FormatEmailAddress()` aware of quoted strings.
We do not cater to email address comments, and potentially other quirks
of RFC 5322 email addresses, but catering to quoted-strings is supposed
to solve almost all practical use cases.
Co-authored-by: Nikita Popov <nikita.ppv@gmail.com>
Closes GH-6735.
Because of the memcpy, compilers can't infer that ZSTR_LEN (i.e. class_name->len)
did not change, so they copy it out of memory into a register for the last two
accesses.
php_var_serialize_string already does something similar.
Closes GH-6734
Currently, dynamically declared functions and closures are inserted
into the function table under a runtime definition key, and then later
possibly renamed. When opcache is not used and a file containing a
closure is repeatedly included, this leads to a very large memory leak,
as the no longer needed closure declarations will never be freed
(https://bugs.php.net/bug.php?id=76982).
With this patch, dynamic functions are instead stored in a
dynamic_func_defs member on the op_array, which opcodes reference
by index. When the parent op_array is destroyed, the dynamic_func_defs
it contains are also destroyed (unless they are stilled used elsewhere,
e.g. because they have been bound, or are used by a live closure). This
resolves the fundamental part of the leak, though doesn't completely
fix it yet due to some arena allocations.
The main non-obvious change here is to static variable handling:
We can't destroy static_variables_ptr in destroy_op_array, as e.g.
that would clear the static variables in a dynamic function when
the op_array containing it is destroyed. Static variable destruction
is separated out for this reason (we already do static variable
destruction separately for normal functions, so we only need to
handle main scripts).
Closes GH-5595.
