* Implement iteration cache, item cache and length cache for node list iteration
The current implementation follows the spec requirement that the list
must be "live". This means that changes in the document must be
reflected in the existing node lists without requiring the user to
refetch the node list.
The consequence is that getting any item, or the length of the list,
always starts searching from the root element of the node list. This
results in O(n) time to get any item or the length. If there's a for
loop over the node list, this means the iterations will take O(n²) time
in total. This causes real-world performance issues with potential for
downtime (see GH-11308 and its references for details).
We fix this by introducing a caching strategy. We cache the last
iterated object in the iterator, the last requested item in the node
list, and the last length computation. To invalidate the cache, we
simply count the number of modifications made to the containing
document. If the modification number does not match what the number was
during caching, we know the document has been modified and the cache is
invalid. If this ever overflows, we saturate the modification number and
don't do any caching anymore. Note that we don't check for overflow on
64-bit systems because it would take hundreds of years to overflow.
Fixes GH-11308.
The following sequence of actions was happening which caused a null
pointer dereference:
1. debug_backtrace() returns an array
2. The concatenation to $c will transform the array to a string via
`zval_get_string_func` for op2 and output a warning.
Note that zval op1 is of type string due to the first do-while
sequence.
3. The warning of an implicit "array to string conversion" triggers
the ob_start callback to run. This code transform $c (==op1) to a long.
4. The code below the 2 do-while sequences assume that both op1 and op2
are strings, but this is no longer the case. A dereference of the
string will therefore result in a null pointer dereference.
The solution used here is to work with the zend_string directly instead
of with the ops.
For the tests:
Co-authored-by: changochen1@gmail.com
Co-authored-by: cmbecker69@gmx.de
Co-authored-by: yukik@risec.co.jp
Closes GH-10049.
Normally, we add classes without parents (and no interfaces or traits) directly
to the class map, early binding the class. However, if the same class has
already been registered, we would instead just add a ZEND_DECLARE_CLASS
instruction and let the handler throw a duplicate class declaration exception.
However, with opcache, if on the next request the files are included in the
opposite order, we won't perform early binding. To fix this, create a
ZEND_DECLARE_CLASS_DELAYED instruction instead and handle classes without
parents accordingly, skipping any linking for classes that are already linked in
delayed early binding.
Fixes GH-8846
The error happens when the PEM contains a public key, as it will be
first tried to be parsed as a certificate. The parsing as a certificate
fails, which then leads to a corresponding error tracked by PHP with
the next call to php_openssl_store_errors().
This change introduces an error marking to be able to reset the stored
errors to the state before trying the certificate.
Closes GH-11055
PKCS7_NOOLDMIMETYPE to use Content-Type application/pkcs7-mime
OPENSSL_CMS_OLDMIMETYPE to use Content-Type application/x-pkcs7-mime
SMIME_write_PKCS7 and SMIME_write_CMS are using SMIME_write_ASN1_ex.
The Content-Type application/x-pkcs7-mime is generated with the flag SMIME_OLDMIME (0x400).[^1]
SMIME_write_PKCS7 set SMIME_OLDMIME by default.[^2]
SMIME_write_CMS does not.[^3]
I picked OPENSSL_CMS_OLDMIMETYPE over OPENSSL_CMS_NOOLDMIMETYPE because that's what the flag actually does.
[^1]: 9a2f78e14a/crypto/asn1/asn_mime.c (L248-L251)
[^2]: 9a2f78e14a/crypto/pkcs7/pk7_mime.c (L41-L43)
[^3]: 9a2f78e14a/crypto/cms/cms_io.c (L93)
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
I grepped for php_printf cases in main/ and sapi/ and converted the
cases which clearly indicate errors to fprintf(stderr, ...), like
suggested in the linked issue.
Closes GH-11163.
- PGSQL_TRACE_SUPPRESS_TIMESTAMPS.
- PGSQL_TRACE_REGRESS_MODE to have a more verbose and observable
output to check possible regressions.
Close GH-11041
I found no reason why this is done this way.
Of course this will allow users to do stupid stuff like
`fclose(STDOUT);` etc. but if they type in that code they clearly know
what they're doing...
Close GH-11169.
In phar_renmae_archive() context, added one reference but immediately
destroyed another, so do not need to increase refcount. With removal of
refcount++ line, PHP/Zend no longer reports memory leak.
Updated bug69958.phpt test file accordingly.
Closes GH-10856
zend_update_static_property_ex() returns a zend_result, but the return
value is stored here in a bool. A bool is unsigned on my system, so in
case zend_update_static_property_ex() returns FAILURE (== -1) this gets
converted to 1 instead. This is not a valid zend_result value. This
means that (transitive) callers could mistakingly think the function
succeeded while it did in fact not succeed. Fix it by changing the type
to zend_result.
Closes GH-10691.
