This fixes issues causing buffer over-read that leak heap content:
- RESP packet field default left over for COM_LIST
- RESP packet upsert filename
- OK packet message
- RESP packet for stmt row data
- ps_fetch_from_1_to_8_bytes
- ps_fetch_float
- ps_fetch_double
- ps_fetch_time
- ps_fetch_date
- ps_fetch_datetime
- ps_fetch_string
- ps_fetch_bit
- RESP packet for query row data (just possible overflow on 32bit)
It also adds various protocol tests using a new fake server.
PHP-8.1 is not ready for ICU >= 75.1 which requires C++17 support.
Thus we force the usage of icu4c@74, what is scheduled for removal in
May 2025, though.
Closes GH-16789.
This is only defined as of PHP-8.4; alternatively we could also inline
the `brew --prefix` call, but that makes it harder for upward merges.
Closes GH-16785.
cURL 8.11.0 added a couple of packages to `Requires.private`, but these
packages are irrelevant when building against a shared libcurl. For
some reason, these private requirements are checked when we're doing
`pkg-config --cflags` (that happens with the preinstalled pkg-config
0.29.2, as well as with pkgconf 2.3.0). To avoid further messing with
these packages, we just drop the `Requires.private` line from
libcurl.pc.
See GH-16741 for more details.
Closes GH-16783.
This PR removes most of the logic of nightly_matrix.php by converting
nightly.yml to a workflow_call, and invoking it multiple times for each branch
in a new root.yml workflow. The naming of the files is intentionally kept to
make the diff readable. They may still be renamed afterward.
Closes GH-16642
These files are usually only used on master, as the cron trigger runs on master.
However, workflow_dispatch does use the file from the triggered branch.
Furthermore, we're looking into migrating to a workflow_call trigger, which will
also run on the target branch. Backport these files now to make those changes
easier.
Closes GH-16469
Working towards GH-16286
commit e0db221143b808d97bc3a44e9f0968c6308794b4
Author: Ilija Tovilo <ilija.tovilo@me.com>
Date: Fri Oct 25 22:48:20 2024 +0200
Move CFLAGS into ./configure command for consistency
commit 8ad67768250d181cd7fef30e0c866625bbd8ac94
Author: Ilija Tovilo <ilija.tovilo@me.com>
Date: Fri Oct 25 22:47:03 2024 +0200
Also upgrade nightly to macOS 13
commit 58a88ccb9f
Author: Ilija Tovilo <ilija.tovilo@me.com>
Date: Wed Oct 23 19:07:59 2024 +0200
Fix call to dc[n]gettext in tests with 0 $category
This causes a segfault on PHP-8.1
commit 611af05c50
Author: Ilija Tovilo <ilija.tovilo@me.com>
Date: Fri Dec 8 13:36:52 2023 +0100
[skip ci] Skip intermittently failing curl test on macOS
The test fails with "CURL ERROR: 56". I will create an issue for it shortly.
commit ec745178bb
Author: Ilija Tovilo <ilija.tovilo@me.com>
Date: Wed Oct 23 19:05:32 2024 +0200
Backport parts of 9999a0c for gettext
See 9999a0cb75
commit 5ce703496f
Author: Niels Dossche <7771979+nielsdos@users.noreply.github.com>
Date: Sun Jul 28 14:34:26 2024 +0200
Fix CI failure on macOS after Curl update
commit 714a3e7071
Author: Niels Dossche <7771979+nielsdos@users.noreply.github.com>
Date: Sat Jul 27 16:09:50 2024 +0200
Fix CI failure after Curl update (#15124)
commit 4f2eb921b9
Author: Niels Dossche <7771979+nielsdos@users.noreply.github.com>
Date: Thu May 23 22:20:37 2024 +0200
Fix GH-14307: Test curl_basic_024 fails with curl 8.8.0
Curl changed the behaviour, from the changelog:
- lib: make protocol handlers store scheme name lowercase curl/curl@c294f9c
From the docs: "The returned scheme might be upper or lowercase. Do
comparisons case insensitively."
Closes GH-14312.
commit 251195b41b
Author: Ayesh Karunaratne <ayesh@aye.sh>
Date: Thu Feb 1 02:03:55 2024 +0700
ext/curl: Fix failing tests due to string changes in libcurl 8.6.0
Upstream libcurl 8.6.0 contains a change[^1] that caused a test failure.
This fixes it by updating the test's `EXPECTF` to use a regex to account for both string patterns.
[^1]: https://github.com/curl/curl/commit/45cf4755e71f#diff-a8a54563608f8155973318f4ddb61d7328dab512b8ff2b5cc48cc76979d4204cL1683
Closes GH-13293.
commit fc5d83f2b1
Author: Christoph M. Becker <cmbecker69@gmx.de>
Date: Wed Oct 16 22:46:20 2024 +0200
Prepare for necessary move to macOS 13
GH will remove macOS 12 runner images as of December 3rd, so we prepare
for that.
Besides the obvious need to change the runner, we also suppress a
couple of warnings, because otherwise the build would fail due to
`-Werror`.
In master I use ZEND_DIAGNOSTIC_IGNORED_START, but that doesn't exist on
8.2 or 8.3 (8.3 has a similar macro though).
So to unbreak CI I just made a variation of this directly in the
php_libxml.h header.
See 683e787860 (commitcomment-134301083)
As is, we're running the push workflow for all pushes and pull request,
plus we run more comprehensive nightly workflow for all branches which
had commits during the day. That means that security branches may not
run CI for weeks or even months. In the meantime, dependencies might
be updated, which can cause later workflow runs to fail. For instance,
a few openssl tests fail due to security fixes in OpenSSL[1], an update
of Oracle Instant Client causes a couple of oci8 and pdo_oci tests to
fail[2], and the macOS builds do no longer even built (investigation
pending).
Therefore, we allow to run the pull workflow manually, so it is
possible to check the CI condition of temporary inactive branches from
time to time.
[1] <https://github.com/php/php-src/pull/16097>
[2] <https://github.com/php/php-src/pull/16107>
Closes GH-16148.
php-sdk-2.2.0 still fetches dependencies from the no longer up to date
<https://windows.php.net/downloads/php-sdk/deps/>, and as such won't be
tested with any security updates we provide for Windows. Given that
PHP 8.1 is going to receive security updates for further 15 months, we
should should not ignore these dependency updates.
Closes GH-16097.
These failures are caused by the fix for GHSA-p99j-rfp4-xqvq. Since
the two bug*.phpt tests don't need the "wsdl" query string, and don't
even need php-cgi, we just remove the `--GET--` section. The two
server*.phpt tests are harder to fix, since during evaluation of the
`--SKIPIF--` section, the soap extension can be loaded, but it may not
during evaluation of the `--FILE--` section. So for now, we skip these
tests on Windows altogether.
Co-authored-by: Niels Dossche <7771979+nielsdos@users.noreply.github.com>
Closes GH-16084.
Apache only generates REDIRECT_STATUS, so explicitly check for that
if the server name is Apache, don't allow other variable names.
Furthermore, redirect.so and Netscape no longer exist, so
remove those entries as we can't check their server name anymore.
We now also check for the configuration override *first* such that it
always take precedence. This would allow for a mitigation path if
something like this happens in the future.
It's no use trying to work around whatever the operating system and Apache
do because we'll be fighting that until eternity.
Change the skip_getopt condition such that when we're running in
CGI or FastCGI mode we always skip the argument parsing.
This is a BC break, but this seems to be the only way to get rid of this
class of issues.
multipart/form-data boundaries larger than the read buffer result in erroneous
parsing, which violates data integrity.
Limit boundary size, as allowed by RFC 1521:
Encapsulation boundaries [...] must be no longer than 70 characters, not
counting the two leading hyphens.
We correctly parse payloads with boundaries of length up to
FILLUNIT-strlen("\r\n--") bytes, so allow this for BC.
We should not early-out with success status if we found an ipv6
hostname, we should keep checking the rest of the conditions.
Because integrating the if-check of the ipv6 hostname in the
"Validate domain" if-check made the code hard to read, I extracted the
condition out to a separate function. This also required to make
a few pointers const in order to have some clean code.
The original code is error-prone due to the "best fit mapping" that
happens with the argument parsing but not with the query string.
When we get a non-ASCII character, try to remap it and see if it becomes
a hyphen.
An alternative approach is to create a custom main `wmain` receiving
wide-character variations that does the ANSI transformation with the
best-fit mapping, but that's more error-prone and could cause unexpected
breakage.
Another alternative was just don't doing this check altogether and
always check for `cgi || fastcgi` instead, but that breaks real-world
use-cases.
The old code checked for suffixes but didn't take into account trailing
whitespace. Furthermore, there is peculiar behaviour with trailing dots
too. This all happens because of the special path-handling code inside
CreateProcessW.
By studying Wine's code, we can see that CreateProcessInternalW calls
get_file_name [1] in our case because we haven't provided an application
name. That code gets the first whitespace-delimited string into app_name
excluding the quotes. It's then passed to create_process_params [2]
where there is the path handling code that transforms the command line
argument to an image path [3]. Inside Wine, the extension check if
performed after these transformations [4]. By doing the same thing in
PHP we match the behaviour and can properly match the extension even in
the given edge cases.
[1] 166895ae3a/dlls/kernelbase/process.c (L542-L543)
[2] 166895ae3a/dlls/kernelbase/process.c (L565)
[3] 166895ae3a/dlls/kernelbase/process.c (L150-L151)
[4] 166895ae3a/dlls/kernelbase/process.c (L647-L654)
