If count is ZEND_LONG_MIN the count-- loop underflows. This is
ultimately harmless, but results in a ubsan warning.
Fix this by adding a sanity check that the count isn't negative,
because that doesn't make sense...
This fixes two leaks related to duplicate tags, as well as a leak
of zero-length FMT_(S)BYTE with non-null value. This can show up
for MAKERNOTE values where the original length is non-zero, but
the first character is a null byte.
mb_decode_numericentity() accepts a fourth optional parameter, which is
unused, however. Since this parameter doesn't do any harm, and to avoid
the small BC break, we're keeping this parameter for PHP 7, but adjust
the arginfo.
For PHP 8, we will remove this parameter.
This issue was recently introduced in c739023a50,
when the restriction that components>0 has been relaxed. We now need
to make sure that any tags that expect at least one component check
that this is the case.
The state returned by `sodium_crypto_generichash_init()` has to be
regarded as opaque byte string; neither its size nor its exact
structure are fixed, and actually vary for diffent libsodium versions.
Therefore we drop the test altogether.
When stored procedures are called, the "final result set is a status
result that includes no result set". Calling `::nextRowset()` on the
actual last result set should return FALSE, since there is actually no
further result set to be processed.
It can return false if the resource type is wrong.
```
php > var_export(hash_update_stream(hash_init('md5'),
imagecreate(1,1)));
Warning: hash_update_stream(): supplied resource is not a valid stream
resource in php shell code on line 1
false
```
The return types were initially added in
c88ffa9a56
fcgi_accept_request function is supposed to call a FastCGI implementation's
on_accept hook when entering an "accepting" stage (that is right before
calling "accept"). This hook implementation (fpm_request_accepting) updates
a worker state to an "accepting" state which is effectively an "Idle" state,
and updates counters on the scoreboard of the corresponding pool (idle++,
active--).
But this is not done when listening for client connections on a named pipe on
Windows platform. In that case a combination of
ConnectNamedPipe/WaitForSingleObject is used (to be able to catch in_shutdown
as far as I understand), but it is nonetheless functionally equivalent to
"accept" call. Also by not calling on_hook neither a worker's state is updated
to "accepting" state nor scoreboard counters are updated.
The properties HT may be a GC root itself, so we need to remove it.
I'm not sure this issue actually applies to PHP 7.2, but committing
it there to be safe. As seen from the test case, the handling here
is rather buggy on 7.2.
This can also return an array. See
https://www.php.net/manual/en/function.time-nanosleep.php#refsect1-function.time-nanosleep-returnvalues
> If the delay was interrupted by a signal, an associative array will be
returned with the components:
>
> - seconds - number of seconds remaining in the delay
> - nanoseconds - number of nanoseconds remaining in the delay
Sending a SIGUSR1 to the below program would trigger this behavior.
```
pcntl_signal(\SIGUSR1, function ($signo, $signinfo) {
echo "Handling a signal $signo\n";
});
echo "Sleeping for 100 seconds\n";
var_export(time_nanosleep(100, 0));
```
The incomplete signature existed since c88ffa9a5.
No phpt tests existed for time_nanosleep returning an array
Due to overflows in the memory limit checks, we were missing cases
where the allocation size was close to the address space size, and
caused an OOM condition rather than a memory limit error.
