Casting from pointer to array is special, so we must not fall back to
the general FFI casting. There is a particular issue regarding the
size comparison, namely that the pointer size is always 8 for 64bit
architectures, but the size of an array is determined by its
declaration, so as is casting a pointer to an array with more than 8
elements would fail, but casting to an array with less than 9 elements
succeeds, but the internal pointer would point to some arbitrary
memory.
We fix this by properly supporting the cast. An alternative would be
to deny this kind of cast generally, since it is not necessarily safe.
However, FFI isn't necessarily safe anyway.
We also check pointer/array type compatibility when casting.
Co-authored-by: Dmitry Stogov <dmitry@zend.com>
Closes GH-7876.
We have to error on unhandled exceptions in FFI callbacks, to avoid
passing back undefined values.
This has been discussed and agreed upon in a previous PR[1].
[1] <https://github.com/php/php-src/pull/5120>
Closes GH-6366.
From an engine perspective, named parameters mainly add three
concepts:
* The SEND_* opcodes now accept a CONST op2, which is the
argument name. For now, it is looked up by linear scan and
runtime cached.
* This may leave UNDEF arguments on the stack. To avoid having
to deal with them in other places, a CHECK_UNDEF_ARGS opcode
is used to either replace them with defaults, or error.
* For variadic functions, EX(extra_named_params) are collected
and need to be freed based on ZEND_CALL_HAS_EXTRA_NAMED_PARAMS.
RFC: https://wiki.php.net/rfc/named_params
Closes GH-5357.
Casting objects to bool is supposed to yield `true`. Since the
`cast_object` handler is required now, we have to implement the
`_IS_BOOL` conversion there.
Add ZVAL_CHAR/RETVAL_CHAR/RETURN_CHAR as a shortcut for using
ZVAL_INTERNED_STRING and ZSTR_CHAR.
Add zend_string_init_fast() as a helper for the empty string /
one char interned string / zend_string_init() pattern.
Also add corresponding ZVAL_STRINGL_FAST etc macros.
Closes GH-5684.
We must not attempt to access arbitrary union members when retrieving
debug info, because that may not be valid. Therefore we do no longer
dereference pointer types inside of unions, but report their address as
string in `%p` format instead.
Avoid subtle differences in behavior depending on whether the
handler is absent or returns FAILURE.
If you previously set cast_object to NULL, create a handler that
always returns FAILURE instead.
* PHP-7.4:
Disable instantiation of zero size FFI\CData objects
Fix # 79171: heap-buffer-overflow in phar_extract_file
Fix bug #79082 - Files added to tar with Phar::buildFromIterator have all-access permissions
Fix bug #79221 - Null Pointer Dereference in PHP Session Upload Progress
Bob Weinand