Not such as fix but taking more precautions.
Indeed, the arc4random has two little flaws in this platform,
one already caught upfront by the extension (ie size 0), also
internal use of ccrng_generate which can silently fail in few rare
cases.
Closes#7824.
Newly added dl() tests trigger an assertion in ZEND_RC_DEBUG builds. This change
disables zend_rc_debug to allows these tests to pass until this issue is
resolved.
Newly added dl() tests trigger an assertion in ZEND_RC_DEBUG builds. This change
disables zend_rc_debug to allows these tests to pass until this issue is
resolved.
Apparently, on Cirrus CI FreeBSD chmodding a file to 0444 doesn't make
it readonly. So in this case, we skip the test.
[1] <https://github.com/php/php-src/pull/7975>
We explicitly check for an exception after the logging attempt, and
bail out in that case.
Co-authored-by: Tim Düsterhus <timwolla@googlemail.com>
Closes GH-7878.
Unfortunately, libedit is locale based and does not accept UTF-8
input when the C locale is used. This patch switches the default
locale to C.UTF-8 instead (if it is available). This makes libedit
work and I believe it shouldn't affect behavior of single-byte
locale-dependent functions that PHP otherwise uses.
Closes GH-7635.
Since we're going to read from the current stream position anyway, the
`max_len` should be the size of the file minus the current position
(still catering to potentially filtered streams). We must, however,
make sure to cater to the file position being beyond the actual file
size.
While we're at, we also fix the step size in the comment, which is 8K.
A further optimization could be done for unfiltered streams, thus
saving that step size, but 8K might not be worth it.
Closes GH-7693.
Make sure to destroy the old value only after assigning the new
one. Otherwise we may try to double free, e.g. if GC runs during
this dtor.
This caused an assertion failure in phpro/grumphp and is likely
the cause for bug #81603 as well.
(cherry picked from commit 6f38acfaf9)
(I applied this to the wrong base branch at first...)
Make sure to destroy the old value only after assigning the new
one. Otherwise we may try to double free, e.g. if GC runs during
this dtor.
This caused an assertion failure in phpro/grumphp and is likely
the cause for bug #81603 as well.
Modify dns_get_record to test for records result based on dns_errno to
accommodate modern FreeBSD, for which res_nsearch() does not update
h_errno directly. Add new php_dns_errno macro, and have it consult
statp->res_h_errno when OS has res_nsearch().
Closes GH-7655.
Zero-initialize the sa4/sa6 structures. On musl sin6_scope_id is
used by getnameinfo() without NI_NUMERICHOST flag. In the interest
of being conservative simply zero out everything.
PHP 8.0 did not accept null for the usec argument, PHP 8.1 only
accepts null. This means you can't easily write code compatible
with both without triggering at least a deprecation warning.
Drop the deprecation warning for now.
Closes GH-7617.
While it may not be desired, `DateInterval::$f` supports negative
values, at least with regard to calculations. We still need to guard
from assigning double values which are out of range for signed 64bit
integers (which would be undefined behavior). zend_dval_to_lval() does
this by returning `0` instead of triggering UB. This way we can avoid
setting the invalid marker, which doesn't work as expected anyway.
We must not do that only for unserialization, but also when the property
is set in the first place.
We need to adapt some of the existing tests wrt. this behavior. In
particular, we check for an arbitrary value in bug79015.phpt, to cater
to differences between 32bit and 64bit architectures.
Closes GH-7575.
Normally incrementing the refcount on just function_name is
sufficient. However, if the callable is of the form 'X::y' inside
an instance method, this will capture $this in fcc.object, which
also needs to be retained.
The fci_addref/fci_release helpers should likely be exported as
a general API, as we may have this problem in other places as
well.
Fixes oss-fuzz #39778.
