php_strip_url_passwd modifies url in-place. We cannot assume from
php_message_handler_for_zend that data is a temporary, modifiable string.
Fixes oss-fuzz #64209
Closes GH-12733
Fix for #76857 introduced slight perf regression so this is an attempt
to fix it. The idea is to re-use stream path check from ZendAccelerator
that should be quicker than strstr.
Signed-off-by: Jakub Zelenka <bukka@php.net>
Prior to the 8.1 rewrite, inet_aton was used for ipv4 addresses
therefore addresses like `0` passed.
For the bindto's case where both ip and port are set as such, we discard
the address binding.
Close GH-12195
This changes memory stream to allow seeking past end which makes it the
same as seeking on files. It means the position is allowed to be higher
than the string length. The size only increases if data is appended to
the past position. The space between the previous string and position
is filled with zero bytes.
Fixes GH-9441
Closes GH-12058
* Zend: Make zend_strnlen available for use outside zend_compile
* exif: remove local php_strnlen, use zend_strnlen instead
* main: remove local strnlen, use zend_strnlen instead
* phar: remove local strnlen, use zend_strnlen
Mostly, extensions will use `PHP_VERSION` and `PHP_VERSION_ID`
respectfully but sometimes they want to grab the version at run-time
rather than at compile-time. For example, extensions which distribute
pre-built binaries may want this.
This is an alternative implementation for GH-10406 that resets the
has_buffered_data flag after finishing stream read so it does not impact
other ops->read use like for example php_stream_get_line.
Closes GH-11421
This adds support for the completed event. Since the read handler could
be entered twice towards the end of the stream we remember what the eof
flag was before reading so we can emit the completed event when the flag
changes to true.
Closes GH-10505.
| 732 | ts->mode = mode && mode[0] == 'r' && mode[1] != '+' ? TEMP_STREAM_READONLY : 0;
| | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~
Although mode is already dereference on line 723 in the call to strlen()
