The rename code can error out prior to the reassignment of the filename,
which is why the test causes a crash.
The rename code can also error out at a later point,
which means it will have already assigned the new filename.
We detect in which case we are in and act accordingly.
Closes GH-19761.
PSFS_FEED_ME is supposed to be returned when the filter did not receive
enough data and did not generate buckets for the output brigade.
The test generates buckets anyway on the output brigade, and the stream
layer did not handle that case causing a memory leak.
To solve this, discard any such buckets as it would conflict with the
status code returned by the filter. This keeps BC and solves the leak.
Closes GH-18972.
The case of returning 0 is inconsistent in when it returns an empty
array, furthermore the caller already returns an empty array.
Because the caller overwrites the return value in these cases, it can
cause a memory leak.
This is easier to trigger on master in some cases as different code paths
are taken with the new bundled glob. On some platforms it is also
triggerable on 8.3.
Closes GH-19715.
This code is very similar to code on PHP 8.4 and higher, but the
mitigation is extended to entity references and to attribute children.
Closes GH-19620.
Since cbf67e4, the GC needs to find all WeakMaps referencing a weakly
referenced object. Doing so, it treats all ZEND_WEAKREF_TAG_MAP as WeakMap
instances.
However, a ZEND_WEAKREF_TAG_MAP reference may be a bare HashTable when
zend_weakrefs_hash_add() is used.
Introduce a new tag, ZEND_WEAKREF_TAG_BARE_HT, and use this tag when weakly
referencing an object from a bare HashTable. Ignore such references in GC.
Fixes GH-19543
Closes GH-19544
Co-authored-by: Tim Düsterhus <tim@tideways-gmbh.com>
The tidyOptGetCategory function (added in libtidy 5.4.0) if only useable if TidyInternalCategory (added in libtidy 5.6.0) is also present, so check for the latter instead.
close GH-19053
There are 2 issues:
1. When a MULTISORT_ABORT happens, it frees func, but func may point to
ARRAYG(multisort_func), which would be a problem with nested
invocations as it can destroy that of the "parent" invocation.
To solve this, delay assigning to the globals.
2. The old globals were not restored which means that nested invocations
with different flags will cause a wrong sorting function to be used.
Closes GH-19319.
The 'rl_pending_input' is a variable in Readline library and checking it
with PHP_CHECK_LIBRARY wouldn't find it on some systems.
Library check works on most systems but not on the mentioned AIX in the
bug as it exports variables and functions differently whereas the linker
couldn't resolve the variable as a function.
This should fix the build on systems where this caused issues, such as
AIX.
The <readline/readline.h> is not self-contained header and needs to also
have <stdio.h> included before to have FILE type available. This fixes
the issue on unpatched default readline installations, such as macOS.
Checking this variable ensures that the found library is the correct
library and also that it is of minimum version needed by current PHP
code (https://bugs.php.net/48608).
The library check:
```c
| char rl_pending_input ();
| int main (void) {
| return rl_pending_input ();
| }
```
The declaration check:
```c
| #include <stdio.h>
| #include <readline/readline.h>
| int main (void) {
| #ifndef rl_pending_input
| #ifdef __cplusplus
| (void) rl_pending_input;
| #else
| (void) rl_pending_input;
| #endif
| #endif
| ;
| return 0;
| }
```
Closes https://bugs.php.net/51558
Closes GH-19259.
With opcache, zend_string_init_interned() will allocate non-interned strings at
runtime because shm is locked. Hence, we need to make sure to actually free this
string.
Fixes OSS-Fuzz #433303828
Closes GH-19211
For attributes, relying on the ref_map doesn't make sense the first
place as you can't really refer to attributes from attributes.
The code therefore assumes that the node is unique, which is broken.
Closes GH-19181.
