When normalizing tags to check whether they are contained in the set
of allowable tags, we must not strip slashes, unless they come
immediately after the opening `<`, or immediately before the closing
`>`.
If we're constructing extended-length paths (i.e. paths prefixed with
`\\?\`), we have to replace all forward slashes with backward slashes,
because the former are not supported by Windows for extended-length
paths.
The more efficient and likely cleaner alternative solution would be to
cater to this in `php_win32_ioutil_normalize_path_w()` by always
replacing forward slashes, but that might break existing code. It
might be sensible to change that for `master`, though.
This partially reverts commit c55d09c2f5,
because `MB_ONIGURUMA_VERSION` is only available as of PHP 7.4.0, so
that change made no sense for PHP-7.3; we keep it for PHP-7.4, though.
We also stick with the modification to bug78633.phpt.
Apparently, bug 78633 has now really been fixed; the former fix only
catered to the buffer overflow, but yielded a wrong result. Also,
the order of the named captures has been fixed.
Apparently, this has not been tested for a long time, and might be a
refactoring relict. Anyhow, we have to pass the context to
`GIFNextPixel` as well.
And `$x = !$x`
Noticed while working on GH-4912
The included test would not emit undefined variable errors in php 8.0
with opcache enabled. The command used:
```
php -d zend_extension=opcache.so --no-php-ini -d error_reporting=E_ALL \
-d opcache.file_cache= -d opcache.enable_cli=1 test.php
```
Opcache stores `opline->handler`s in shared memory. These pointers are
invalid, if the main PHP DLL is loaded at another base address due to
ASLR. We therefore store the address of `execute_ex` in the mmap base
file, and check on startup whether it matches its current address. If
not, we fall back on the file cache if enabled, and bail out otherwise.
This still does not address cases where the opline handler is located
inside of another DLL (e.g. for some profilers, debuggers), but there
seems to be no general solution for now.
(cherry picked from commit 8ba10b8fbc)
Clear the OpenSSL error queue before performing SSL stream operations.
As we don't control all code that could possibly be using OpenSSL,
we can't rely on the error queue being empty.
