php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-24 16:22:37 +01:00
Code Issues Packages Projects Releases Wiki Activity
132,381 Commits 545 Branches 1,479 Tags
php-8.2.28
Commit Graph

64347 Commits

Author SHA1 Message Date
Niels Dossche
a5efd911e2 Fix GHSA-wg4p-4hqh-c3g9 2025-03-11 13:54:45 -04:00
Tim Düsterhus
6d080b98de Fix GHSA-p3x9-6h7p-cgfc: libxml streams wrong content-type on redirect 
libxml streams use wrong content-type header when requesting a
redirected resource.
 2025-03-11 13:54:44 -04:00
Jakub Zelenka
7af512087b Fix GHSA-hgf5-96fm-v528: http user header check of crlf 2025-03-11 13:54:44 -04:00
Jakub Zelenka
4a0c42f752 Fix GHSA-52jp-hrpf-2jff: http redirect location truncation 
It converts the allocation of location to be on heap instead of stack
and errors if the location length is greater than 8086 bytes.
 2025-03-11 13:54:44 -04:00
Jakub Zelenka
45687b5ac0 Fix GHSA-pcmh-g36c-qc44: http headers without colon 
The header line must contain colon otherwise it is invalid and it needs
to fail.

Reviewed-by: Tim Düsterhus <tim@tideways-gmbh.com>
 2025-03-11 13:54:43 -04:00
Jakub Zelenka
bb3b9cec7c Fix GHSA-ghsa-v8xr-gpvj-cx9g: http header folding 
This adds HTTP header folding support for HTTP wrapper response
headers.

Reviewed-by: Tim Düsterhus <tim@tideways-gmbh.com>
 2025-03-11 13:54:38 -04:00
Niels Dossche
b5471300d2 Fix test GH-16535 for libxml2 2.14 2025-03-10 20:23:23 +01:00
Niels Dossche
239b01db7c Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Fix tests for libxml2 2.14
 2025-03-10 20:22:27 +01:00
Niels Dossche
f209eb448e Fix tests for libxml2 2.14 
See GH-18009.
 2025-03-10 20:22:11 +01:00
Ilija Tovilo
d6172ce37a [skip ci] Ignore snmp test on asan that frequently times out 
Not sure why this happens only on master.

Cherry-picked from becf207d0c
No longer happens just on master. ;)
 2025-03-10 11:24:27 +01:00
Ilija Tovilo
084446418f Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Suppress snmp lib memory leak, skip ASAN tests
 2025-03-08 16:11:33 +01:00
Ilija Tovilo
b0858427aa Suppress snmp lib memory leak, skip ASAN tests 
I don't know enough about this library to fix those :(

Cherry-picked from:
be4db6b550
ba1d9d0ab2
 2025-03-08 16:10:59 +01:00
Ilija Tovilo
1009ff65cc Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Upgrade security branches to Ubuntu 22.04
 2025-03-06 15:24:35 +01:00
Ilija Tovilo
5fcc8d4cd1 Upgrade security branches to Ubuntu 22.04 
20.04 goes out of security support in 2 months. Backporting various
commits.

See d98963a071
See af721c9c36
See 378b79b90c

Closes GH-17963
 2025-03-06 15:24:15 +01:00
Ilija Tovilo
9256ee7b1b Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Fix flaky DatePeriod test
 2025-03-06 15:04:08 +01:00
Ilija Tovilo
8a699372f2 Fix flaky DatePeriod test 
$start and $end use the H:i:s from the current time. If $end happens on
a second boundary, $start + 4 days will include $end, thus performing an
extra iteration. Fix this by setting H:i:s to 00:00:00.
 2025-03-06 15:01:30 +01:00
Calvin Buckley
1afbaaa804 Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Skip mysqli/tests/bug73462 on PPC CI (#17971)
 2025-03-05 10:18:41 -04:00
Calvin Buckley
dc6586dd9d Skip mysqli/tests/bug73462 on PPC CI (#17971) 
* Skip this test on PPC CI

Seems to be unfortunately flaky with persistent connections.

* use spaces in phpt file
 2025-03-05 10:17:39 -04:00
Ilija Tovilo
c5045a04f2 Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Add CONFLICT all to random port test
 2025-02-06 15:25:41 +01:00
Ilija Tovilo
726cf51236 Add CONFLICT all to random port test 
If we're very unlucky, we can get the same port opened as an ephemeral
port by some other test.

Closes GH-17706
 2025-02-06 15:25:16 +01:00
Christoph M. Becker
856866ef24 Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Fix curl_basic_022.phpt for libcurl 8.12.0
 2025-02-05 19:22:20 +01:00
Christoph M. Becker
36d46a4732 Fix curl_basic_022.phpt for libcurl 8.12.0 
Due to a deliberate change in libcurl, the expiration is now capped to
at most 400 days.  We could solve this by choosing another date roughly
a year in the future, but would need to update the test next year.
This would be especially annoying for security branches.

Another option would be to actually parse the cookie list lines, but
that might not be worth the trouble.  Instead we just ignore the exact
timestamp created by libcurl.

[1] <https://github.com/curl/curl/pull/15937>

Closes GH-17709.
 2025-02-05 19:20:47 +01:00
Ilija Tovilo
99d2055670 Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  [skip ci] Another flaky phar macOS test
 2025-02-04 14:52:15 +01:00
Ilija Tovilo
d8aedb589c [skip ci] Another flaky phar macOS test 2025-02-04 14:52:03 +01:00
Christoph M. Becker
036f00f146 Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Relax timezone_IDforWindowsID_basic2.phpt expectations
 2025-02-02 13:36:39 +01:00
Christoph M. Becker
afe8e2cdff Relax timezone_IDforWindowsID_basic2.phpt expectations 
Apparently, some ICU versions report "America/Los_Angeles" for the `ZZ`
case, what matches the behavior of ICU 76.1 (on Windows).  Possibly,
there has been some bug fix backport on some systems.  Anyhow, either
seems fine, so we're not picky about that.

Closes GH-17669.
 2025-02-02 13:35:27 +01:00
Ilija Tovilo
c14601cc90 Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  [skip ci] Another flaky macOS phar test
 2025-01-28 12:58:42 +01:00
Ilija Tovilo
d9744869e6 [skip ci] Another flaky macOS phar test 2025-01-28 12:58:30 +01:00
Ilija Tovilo
01309961bb Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  [skip ci] Another flaky macOS phar test
 2025-01-28 12:45:10 +01:00
Ilija Tovilo
65b990a1e0 [skip ci] Another flaky macOS phar test 2025-01-28 12:44:24 +01:00
Ilija Tovilo
7bda7ad31d Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Fix cve-2014-3538 test
 2025-01-27 21:48:47 +01:00
Ilija Tovilo
d17d58a982 Fix cve-2014-3538 test 
Make sure we have a unique test file to work with, and increase the time
for the nojit version to match the default version.

Closes GH-17600
 2025-01-27 20:01:13 +01:00
Jakub Zelenka
5d632230ba Merge branch 'PHP-8.1' into PHP-8.2 2025-01-19 20:37:53 +01:00
Jakub Zelenka
235d1b14a3 Fix GH-17499: mysqli flaky test: ghsa-h35g-vwh6-m678-stmt-row-string 2025-01-19 20:36:12 +01:00
Jakub Zelenka
5be673d29e Merge branch 'PHP-8.1' into PHP-8.2 2025-01-06 12:18:54 +01:00
Jakub Zelenka
9e1b58274e Test stream_context_tcp_nodelay_server on Windows 
Closes GH-17308
 2025-01-05 14:44:22 +01:00
Christoph M. Becker
919f1984d5 gh15937.phpt does not need to be an online test 
We convert the test to use the CLI test server to not require online
availability.

As of PHP 8.3, the test is supposed to fail, because the timeout is too
large.  Since exactly this scenario is already tested by gh16810.phpt,
we drop the test for PHP-8.3 and up.

Closes GH-17315.
 2025-01-01 20:06:23 +01:00
Jakub Zelenka
37504f123d Port OpenSSL gh10495, gh13860 and gh9310 test to use ephemeral ports 2024-12-31 15:02:08 +01:00
Jakub Zelenka
44a9154e75 Merge branch 'PHP-8.1' into PHP-8.2 2024-12-31 14:39:59 +01:00
Jakub Zelenka
b8731767d8 Fix GH-16955: Use empheral ports for OpenSSL server client tests 
And refactor some client server tests.

Closes GH-17180
 2024-12-31 14:25:19 +01:00
Arnaud Le Blanc
6f579934f0 Add observer temporary to dl'ed functions 
When observer is enabled, we normally add an extra temporary to all
functions, to store the previously observed frame. However, this is done in
zend_observer_post_startup() so it doesn't happen to dl'ed() functions.

One possible fix would be to move that from zend_observer_post_startup()
to zend_register_functions(), but this would be too early: Observer may
not be enabled when zend_register_functions() is called, and may still be
enabled later.

However, when zend_register_functions() is called at run-time (during dl()),
we know definitively whether observer is enabled.

Here I update zend_register_functions() to add a temporary to dl'ed()
functions when observer is enabled.

Fixes: GH-17211
Closes: GH-17220
 2024-12-20 18:45:34 +01:00
Ilija Tovilo
8a9d45b86f Backport flaky flag for phar tests 
4e12189604
b6ca871396
062837aa13
 2024-12-10 10:35:00 +01:00
Jakub Zelenka
d18768e231 Merge branch 'PHP-8.1' into PHP-8.2 2024-12-09 23:36:36 +01:00
Jakub Zelenka
39c292b1eb Use empheral port for mysqli fake server tests 2024-12-09 23:34:50 +01:00
Dmitry Stogov
b0b39cdc3e Backport JIT fix: set valid EX(opline) before calling gc_possible_root() (#16858) 
This will finally make the COMMUNTIY build of the PHP 8.1 build green.

See https://github.com/php/php-src/pull/16858#issuecomment-2509010556
Closes GH-17091
 2024-12-09 16:59:41 +01:00
Christoph M. Becker
b3b38e2d5c Skip parse_ini_file_variation6.phpt on Windows 
While the test obviously succeeds on Windows, it may occasionally
conflict with parse_ini_file_variation6-win32.phpt[1], so we skip it
like we do for many other of these tests which have win32 pendants.

[1] <https://github.com/php/php-src/actions/runs/12077554275/job/33680647284#step:6:119>

Closes GH-16989.
 2024-12-06 23:52:03 +01:00
Dmitry Stogov
9d4f5f0762 Backport fix for GH-9011 (#17052) 
* Backport fix for GH-9011

* Fix build
 2024-12-05 18:32:02 +03:00
Niels Dossche
1a6f8a0b79 Fix some MariaDB test failures 
Allow other wording too such that these mysqli tests pass.

Closes GH-17004.
 2024-12-02 19:20:54 +01:00
David Carlier
73ebc92617 Fix GH-16959: snmpget modifies the object_id (as array). 
Instead of modifying the zval, we use the zend_try_get_string.

close GH-16969
 2024-12-01 13:57:31 +00:00
Christoph M. Becker
9bae8933a3 Fix GH-16991: Getting typeinfo of non DISPATCH variant segfaults 
We must not assume that any `VARIANT` implements `IDispatch`.

Closes GH-16992.
 2024-11-29 16:29:11 +01:00