`try` is a keyword in C++, and as such C++ code including <zend_enum.h>
fails to compile unless a workaround is in place. To resolve this, we
simply rename the parameter.
We choose `try_from` to make it clear that this parameter is true when
the function is called from `BackedEnum::tryFrom()`. For consistency,
we also rename the `try` parameter of `zend_enum_from_base()`, although
that function is not exported.
This issue had been reported by @oplanre, who also provided an initial
PR.
Closes GH-15259.
The destructor of generators is a no-op when the generator is running in a fiber,
because the fiber may resume the generator. Normally the destructor
is not called in this case, but this can happen during shutdown.
We detect that a generator is running in a fiber with the
ZEND_GENERATOR_IN_FIBER flag.
This change fixes two cases not handled by this mechanism:
- The ZEND_GENERATOR_IN_FIBER flag was not added when resuming a "yield from $nonGenerator"
- When a generator that is running in a fiber has multiple children (aka multiple generators yielding from it), all of them could be considered to also run in a fiber (only one actually is), and could leak if not destroyed before shutdown.
This prevents compilation error when compiling PHP by GCC with "-O2 -g -Wall -Werror"
zend_API.c:2754:34: error: array subscript ‘zend_function
{aka const union _zend_function}[0]’ is partly outside array bounds of
‘unsigned char[160]’ [-Werror=array-bounds=]
2754 | if (ZSTR_VAL(fptr->common.function_name)[0] != '_'
Instead of fixing up temporaries count in between observer steps, just apply the additional temporary in the two affected observer steps.
Closes GH-14018.
This was only partially fixed in PHP-8.3. Backports and fixes the case for both
initialized and uninitialized property writes.
Fixes GH-14969
Closes GH-14971
The create_obj handler of InternalIterator is overwritten, but not the
clone_obj handler. This is not allowed.
In PHP 8.2 this didn't cause a segfault because the standard object
handler was used for the clone instead of the internal handler.
So then it allocates and frees the object using the standard object handlers.
In 8.3 however, the object is created using the standard object handler and
freed using the custom handler, resulting in the buffer overflow.
Even though bisect points to 1e1ea4f this only reveals the bug.
Closes GH-14882.
You cannot return or yield a reference to a nullsafe chain. This was
checked already in zend_compile_return but not yet in
zend_compile_yield.
Closes GH-14716.
Values retrieved from zend_getenv should be freed.
Note: The only possible value for `zend_getenv` is `sapi_getenv` which uses
zend alloc to duplicate the string that it reads from the SAPI module.
Closes GH-14708.
is_zend_ptr() expected zend_mm_heap.huge_list to be circular, but it's in fact NULL-terminated. It could crash when at least one huge block exists and the ptr did not belong to any block.
