php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-15 03:51:07 +02:00
Code Issues Packages Projects Releases Wiki Activity
126,113 Commits 547 Branches 1,483 Tags
e9cf14e89cb5e589c54c3bc2fc72decb481e4366
Commit Graph

126113 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Remi Collet
e9cf14e89c add note in UPGRADING 2021-10-19 15:54:00 +02:00
Remi Collet
1b0081e122 Add --with-external-libcrypt build option 
display an error message if some algo not available in external libcrypt
 2021-10-19 15:50:31 +02:00
Nikita Popov
1f19401ffa Handle operand replacement in JMP_NULL 
In this case it's not sufficient to replace the JMP_NULL operand,
as it keeps the temporary alive and there may be more uses later.
Fix this by generalizing existing handling for other similar opcodes
like CASE/SWITCH and LIST_R.

Fixes oss-fuzz 5820123475214336.
 2021-10-19 15:19:02 +02:00
Nikita Popov
22b6aac66f Fix inc/dec of undef var with error handler 
Set the variable to null after emitting the undef var notice
rather than before. This avoids an assertion failure if the var
is unset by the error handler.

The flip side is that this may cause a leak instead, but that's
the more harmless outcome.

Fixes oss-fuzz #36604.
 2021-10-19 14:19:22 +02:00
Stanislav Malyshev
0acfd2d7b5 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Fix bug #81026 (PHP-FPM oob R/W in root process leading to priv escalation)
  Add FPM fix news
  Fix bug #81026 (PHP-FPM oob R/W in root process leading to priv escalation)
 2021-10-18 15:23:08 -07:00
Stanislav Malyshev
23a607574e Merge branch 'PHP-7.4' into PHP-8.0 
* PHP-7.4:
  Add FPM fix news
  Fix bug #81026 (PHP-FPM oob R/W in root process leading to priv escalation)
 2021-10-18 15:07:13 -07:00
Jakub Zelenka
fadb1f8c1d Fix bug #81026 (PHP-FPM oob R/W in root process leading to priv escalation) 
The main change is to store scoreboard procs directly to the variable sized
array rather than indirectly through the pointer.

Signed-off-by: Stanislav Malyshev <stas@php.net>
 2021-10-18 15:06:36 -07:00
Stanislav Malyshev
6ab9b3865a Add FPM fix news 2021-10-18 15:04:46 -07:00
Dmitry Stogov
bdebefaa61 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Fixed incorrect optimization that may cause JIT assertion
 2021-10-18 23:20:53 +03:00
Dmitry Stogov
6bd5271c62 Fixed incorrect optimization that may cause JIT assertion 2021-10-18 23:18:52 +03:00
Dmitry Stogov
288de4f54e Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Tracing JIT: Fixed memory leak
 2021-10-18 22:19:36 +03:00
Dmitry Stogov
d3063c02c6 Tracing JIT: Fixed memory leak 2021-10-18 22:14:53 +03:00
Dmitry Stogov
f2771d2f5b Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  JIT: Fixed DASM_S_RANGE_VREG error
 2021-10-18 18:00:10 +03:00
Dmitry Stogov
e59d0a7151 JIT: Fixed DASM_S_RANGE_VREG error 2021-10-18 17:58:42 +03:00
Dmitry Stogov
0e42c9e1d0 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Tracing JIT: Fixed ADD with two references to arrays
 2021-10-18 17:29:34 +03:00
Dmitry Stogov
13d1244575 Tracing JIT: Fixed ADD with two references to arrays 2021-10-18 17:26:36 +03:00
Dmitry Stogov
441e64f143 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Tracinf JIT: Prevnt generation code for instruction that with cyclic dependency
 2021-10-18 16:57:34 +03:00
Dmitry Stogov
6021e72143 Tracinf JIT: Prevnt generation code for instruction that with cyclic dependency 
e.g. $a[] += $a is compiled into ASSIGN_DIM_OP+OP_DATA, where OP_DATA.op1_use depends on ASSIGN_DIM_OP.op1_def
 2021-10-18 16:53:45 +03:00
Máté Kocsis
10a2079b13 Remove extra space before return type 
For consistency and searchability reasons
 2021-10-18 14:28:46 +02:00
Nikita Popov
ec90e85d8c Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Fix bug #81510
 2021-10-18 12:47:00 +02:00
Nikita Popov
6974372fbb Fix bug #81510 
Make the used arrays larger, because the previous sizes were not
slow enough on some hardware.
 2021-10-18 12:45:26 +02:00
Nikita Popov
6057cd2367 Fixed bug #81532 2021-10-18 12:41:27 +02:00
David Carlier
f71810fb6f Fix some FPM printf warnings on openbsd 
Closes GH-7585.
 2021-10-18 11:11:33 +02:00
Nikita Popov
e26abe631c Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Increase timeout on community job
 2021-10-18 11:09:58 +02:00
Nikita Popov
6e9b764920 Increase timeout on community job 
We're hitting the 60 minute limit occasionally.
 2021-10-18 11:08:40 +02:00
Jakub Zelenka
cb2021e5f6 Fix bug #81026 (PHP-FPM oob R/W in root process leading to priv escalation) 
The main change is to store scoreboard procs directly to the variable sized
array rather than indirectly through the pointer.

Signed-off-by: Stanislav Malyshev <stas@php.net>
 2021-10-17 20:16:10 -07:00
Christoph M. Becker
2e65c8e581 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Fix #81500: Interval serialization regression since 7.3.14 / 7.4.2
 2021-10-15 19:13:38 +02:00
Christoph M. Becker
fc886694d3 Merge branch 'PHP-7.4' into PHP-8.0 
* PHP-7.4:
  Fix #81500: Interval serialization regression since 7.3.14 / 7.4.2
 2021-10-15 19:11:26 +02:00
Christoph M. Becker
866adb122a Fix #81500: Interval serialization regression since 7.3.14 / 7.4.2 
While it may not be desired, `DateInterval::$f` supports negative
values, at least with regard to calculations.  We still need to guard
from assigning double values which are out of range for signed 64bit
integers (which would be undefined behavior).  zend_dval_to_lval() does
this by returning `0` instead of triggering UB.  This way we can avoid
setting the invalid marker, which doesn't work as expected anyway.

We must not do that only for unserialization, but also when the property
is set in the first place.

We need to adapt some of the existing tests wrt. this behavior.  In
particular, we check for an arbitrary value in bug79015.phpt, to cater
to differences between 32bit and 64bit architectures.

Closes GH-7575.
 2021-10-15 19:08:07 +02:00
Remi Collet
371a268a0a Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  remove closing bracket in bad place
 2021-10-15 16:46:58 +02:00
Remi Collet
9f98bc58c7 remove closing bracket in bad place 2021-10-15 16:46:35 +02:00
Dmitry Stogov
f8b1853816 Tracing JIT: propagete op1 type info of FETCH_DIM_FETCH_ARG in read mode 2021-10-15 15:36:27 +03:00
Dmitry Stogov
af0a980f45 Tracing JIT: Use information about really called internal function return type to improve type inference. 2021-10-15 12:30:16 +03:00
Dmitry Stogov
88982a1d20 JIT: Use more general type guard to prevent useless trace splitting 2021-10-14 23:55:35 +03:00
Christoph M. Becker
f99c69fc2e Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Fix #81518: Header injection via default_mimetype / default_charset
 2021-10-14 12:23:43 +02:00
Christoph M. Becker
b7f3b67060 Merge branch 'PHP-7.4' into PHP-8.0 
* PHP-7.4:
  Fix #81518: Header injection via default_mimetype / default_charset
 2021-10-14 12:21:35 +02:00
Christoph M. Becker
365769366b Fix #81518: Header injection via default_mimetype / default_charset 
We forbid setting these INI options to values containing NUL bytes, CR
or LF.

Closes GH-7574.
 2021-10-14 12:16:19 +02:00
Máté Kocsis
d98634e652 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Fix 2nd param name of pg_send_execute()
 2021-10-13 14:19:54 +02:00
Máté Kocsis
ca219d7d27 Fix 2nd param name of pg_send_execute() 
Closes GH-7576
 2021-10-13 14:14:47 +02:00
Dmitry Stogov
28cca5d451 JIT: Fixed incorrect FETCH_OBJ_W code for typed property (ARM64 part) 2021-10-13 14:51:34 +03:00
Dmitry Stogov
afeadc668b JIT: Fixed incorrect FETCH_OBJ_W code for typed property 2021-10-13 14:48:06 +03:00
Remi Collet
8cfd7e2105 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  bump zip ext version
 2021-10-13 11:53:25 +02:00
Remi Collet
6d0d5227d8 bump zip ext version 2021-10-13 11:53:02 +02:00
Ben Ramsey
daf6a46177 The PHP-8.1 branch is now for 8.1.0RC5 2021-10-12 18:50:51 -05:00
Nikita Popov
f555544faf Fix incorrect access of AST_UNPACK 
list_is_keyed() did not take into account that there may be
AST_UNPACK elements. These would error lateron anyway, but still
produce an invalid access here.
 2021-10-12 17:16:58 +02:00
Nikita Popov
c5e030f3aa Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Fix bug #81521
 2021-10-12 16:43:24 +02:00
Nikita Popov
53f89219ab Fix bug #81521 
The current error message is incorrect -- the problem here is not
that the property is invalid, but that these methods are unusable
prior to loading data, same as read().
 2021-10-12 16:42:32 +02:00
Dmitry Stogov
da05c0a84f JIT: Avoid generation of unused exit point for conditional braches with NULL/FALSE/TRUE operand 2021-10-12 16:57:33 +03:00
Nikita Popov
9c1d7b43e9 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Don't replace tmp with cv in YIELD argument
 2021-10-12 14:27:07 +02:00
Nikita Popov
9ebe8494b8 Don't replace tmp with cv in YIELD argument 
For by-ref generators, these may have different behavior.

Fixes oss-fuzz 6059739298004992.
 2021-10-12 14:26:53 +02:00