It is insufficient to check whether the `base` is contained in `fname`;
we also need to ensure that `fname` is properly separated. And of
course, `fname` has to start with `base`.
For consistency with PDOStatement::setAttribute(). Attribute values
can for example also be bool.
This is backwards-compatible, as mixed is the same as no type for
parameter variance.
We must avoid integer overflows in memory allocations, so we introduce
an additional check in the VM, and bail out in the rare case of an
overflow.
Closes GH-7381.
We're currently only testing prime shm + use shm and prime file +
use file.
This adds testing for the prime shm + use file combination. The
prime file + use shm combination is broken on PHP-8.0, so not
tested.
The IS_UNSERIALIZED check here does not work if the string is
interned (serialized with file_cache_only=0) but unserialization
happens with file_cache_only=1. In this case the unserializde
string will be in the str area after mem, which is not included
in the script size, and which is also not accessible at this
point without threading through more information. Work around
the problem by checking for the serialized representation instead.
We must avoid integer overflows in memory allocations, so we introduce
an additional check in the VM, and bail out in the rare case of an
overflow. Since the recent fix for bug #74960 still doesn't catch all
possible overflows, we fix that right away.
Some GCC versions don't like zend_try in loop. Avoid the issue
by pulling it out of the loop, we don't particularly care about
skipping further warnings if a bailout occurs, just that it
does not interrupt shutdown.
Closes GH-7380.
This is a non-intrusive, minimal fix for bug #81316, which prevents
a bailout during imap RSHUTDOWN and prevents the basic shutdown
handler from being skipped.
I wasn't able to make the issue reproduce in a small test.
As of PHP 8.0.0, these functions are supposed to return int, so we
cannot return `false`. Since calling the parser recursively is a
programmer error, we throw an `Error` in this case.
Cf. <https://github.com/php/php-src/pull/7363>.
The fix for bug #73151[1] cured the symptoms, but not the root cause,
namely xmlParse() must not be called recursively. Since that bugfix
also messed up the error handling, we basically revert it (but also
simplify the return), and then prevent calling the parser recursively.
[1] <https://github.com/php/php-src/pull/2166/commits/f2a8a8c068995a5d780882c556cedd53bce3827d>
Co-authored-by: Nikita Popov <nikita.ppv@gmail.com>
Closes GH-7363.
The stream position is not related to the buffer, and needs to be
updated for non-seekable streams as well. The erroneous condition
around the position update is a relict of an old commit[1].
The unexpected test expectation is due to bug #81345.
[1] <https://github.com/php/php-src/commit/088e2692c3d1e680fd3d9306c4adb417e761acff>
Closes GH-7356.
When flushing the stream filters actually causes data to be written to
the stream, we need to update its position, because that is not done by
the streams' write methods.
Closes GH-7354.
The recent fix for bug 52093 is not compatible with LibreSSL ≥ 2.7.0,
which we recognize as mostly OpenSSL 1.1.0 compatible, but they still
do not support `ASN1_INTEGER_set_int64()`.
Closes GH-7339.
Stanislav Malyshev