php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-24 16:22:37 +01:00
Code Issues Packages Projects Releases Wiki Activity
140,613 Commits 545 Branches 1,479 Tags
php-8.4.16
Commit Graph

69475 Commits

Author SHA1 Message Date
Niels Dossche
7ac9c40f67 Fix GHSA-www2-q4fc-65wf 2025-12-17 00:51:19 +09:00
Niels Dossche
e6d7d34c1a Fix GHSA-h96m-rvf9-jgm2 2025-12-17 00:51:19 +09:00
Jakub Zelenka
d521259e44 Fix GHSA-8xr5-qppj-gvwj: PDO quoting result null deref 2025-12-17 00:51:16 +09:00
Niels Dossche
78e3d05d7d Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  intl: Fix tests for icu update
 2025-12-02 21:00:13 +01:00
Niels Dossche
4b63315ad5 Merge branch 'PHP-8.2' into PHP-8.3 
* PHP-8.2:
  intl: Fix tests for icu update
 2025-12-02 20:59:41 +01:00
Niels Dossche
667b28cba4 Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  intl: Fix tests for icu update
 2025-12-02 20:59:34 +01:00
Niels Dossche
2b04e0831a intl: Fix tests for icu update 2025-12-02 20:59:26 +01:00
Niels Dossche
e81d8089cb Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  dom: Backport test for libxml changes
 2025-12-02 20:52:27 +01:00
Niels Dossche
688902d455 dom: Backport test for libxml changes 2025-12-02 20:52:20 +01:00
Niels Dossche
881754ec1e Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Tweak values for test on Windows (#20633)
 2025-12-02 20:48:36 +01:00
Niels Dossche
ad867ce651 Tweak values for test on Windows (#20633) 2025-12-02 20:48:24 +01:00
Niels Dossche
dd2179433c xml: Backport more deprecation fixes 2025-12-02 20:09:31 +01:00
Ilija Tovilo
a7413712c2 Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Fix deprecation warning for libxml SAX header (#18594)
 2025-12-02 18:12:20 +01:00
Niels Dossche
903fcb45c3 Fix deprecation warning for libxml SAX header (#18594) 
This header is deprecated, but fortunately it isn't actually used.
 2025-12-02 18:10:46 +01:00
Ilija Tovilo
bdc09a0c50 Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  dom: Fix compile warning due to misplaced const cast
 2025-12-02 16:59:59 +01:00
Niels Dossche
bd67ba66a8 dom: Fix compile warning due to misplaced const cast 2025-12-02 16:59:51 +01:00
Ilija Tovilo
ed847f49c3 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Suppress libxml deprecations
 2025-12-02 16:45:31 +01:00
Ilija Tovilo
685bd9de81 Merge branch 'PHP-8.2' into PHP-8.3 
* PHP-8.2:
  Suppress libxml deprecations
 2025-12-02 16:41:37 +01:00
Ilija Tovilo
26b9395ad6 Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Suppress libxml deprecations
 2025-12-02 16:38:08 +01:00
Ilija Tovilo
f7fb13eb07 Suppress libxml deprecations 
Closes GH-20538
 2025-12-02 16:37:50 +01:00
Daniel Scherzer
355d296baa Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-20426: fix Spoofchecker::setRestrictionLevel() error (#20427)
 2025-12-01 13:39:38 -08:00
Daniel Scherzer
c343ede18d Fix GH-20426: fix Spoofchecker::setRestrictionLevel() error (#20427) 2025-12-01 13:37:49 -08:00
Niels Dossche
9734ba4d21 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-20614: SplFixedArray incorrectly handles references in deserialization
 2025-11-30 10:42:19 +01:00
Niels Dossche
366ed4c750 Fix GH-20614: SplFixedArray incorrectly handles references in deserialization 
All other code caters to dereferencing array elements, except the
unserialize handler. This causes references to be present in the fixed
array even though this seems not intentional as reference assign is
otherwise impossible.
On 8.5+ this causes an assertion failure. On 8.3+ this causes references
to be present where they shouldn't be.

Closes GH-20616.
 2025-11-30 10:41:32 +01:00
David Carlier
1701589884 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-20601: ftp_connect() timeout argument overflow.
 2025-11-29 23:05:37 +00:00
David Carlier
4312a446d0 Fix GH-20601: ftp_connect() timeout argument overflow. 
close GH-20603
 2025-11-29 23:05:14 +00:00
David Carlier
6d5490861f Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-20602: imagescale() overflow with large height values.
 2025-11-29 13:31:38 +00:00
David Carlier
c8e13af455 Fix GH-20602: imagescale() overflow with large height values. 
close GH-20605
 2025-11-29 13:30:49 +00:00
Niels Dossche
159a75c93c Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-20584: Information Leak of Memory
  Fix GH-20583: Stack overflow in http_build_query via deep structures
 2025-11-28 18:39:27 +01:00
Niels Dossche
8fe7930533 Fix GH-20584: Information Leak of Memory 
The string added had uninitialized memory due to
php_read_stream_all_chunks() not moving the buffer position, resulting
in the same data always being overwritten instead of new data being
added to the end of the buffer.

Closes GH-20592.
 2025-11-28 18:38:48 +01:00
Niels Dossche
292a7f73ba Fix GH-20583: Stack overflow in http_build_query via deep structures 
Closes GH-20590.
 2025-11-28 18:38:18 +01:00
Niels Dossche
eb733a3127 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-20286: use-after-destroy during userland stream_close()
 2025-11-23 17:51:35 +01:00
Niels Dossche
27f17c3322 Fix GH-20286: use-after-destroy during userland stream_close() 
Closes GH-20493.

Co-authored-by: David Carlier <devnexen@gmail.com>
 2025-11-23 17:46:28 +01:00
David Carlier
30cb1998ae Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-20551: imagegammacorrect out of range gamma value.
 2025-11-22 22:22:50 +00:00
David Carlier
f88d247ce2 Fix GH-20551: imagegammacorrect out of range gamma value. 
close GH-20552
 2025-11-22 22:22:27 +00:00
Remi Collet
c9de303087 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  NEWS
  Fix GH-20528: Regression breaks mysql connexion using an IPv6 address enclosed in square brackets
 2025-11-21 09:19:56 +01:00
Remi Collet
9d71c1e0b6 Fix GH-20528: Regression breaks mysql connexion using an IPv6 address enclosed in square brackets 2025-11-21 09:17:20 +01:00
Niels Dossche
10ac41f158 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-20492: mbstring compile warning due to non-strings
  Fix GH-20491: SLES15 compile error with mbstring oniguruma
 2025-11-20 19:23:36 +01:00
Niels Dossche
159ef1401c Fix GH-20492: mbstring compile warning due to non-strings 
This is a partial backport of ea69276f, but without changing public
headers as that's not allowed at this point.

Closes GH-20494.
 2025-11-20 19:17:55 +01:00
Niels Dossche
a1912e3cdd Fix GH-20491: SLES15 compile error with mbstring oniguruma 
The issue is specific to SLES15.
Arguably this should be reported to them as it seems to me they meddled
with the oniguruma source code.

The definition in oniguruma.h on that platform looks like this (same as upstream):
```c
ONIG_EXTERN
int onig_error_code_to_str PV_((OnigUChar* s, int err_code, ...));
```

Where `PV_` is defined as (differs):
```c
#ifndef PV_
#ifdef HAVE_STDARG_PROTOTYPES
# define PV_(args) args
#else
# define PV_(args) ()
#endif
#endif
```

So that means that `HAVE_STDARG_PROTOTYPES` is unset.
This can be set if we define `HAVE_STDARG_H`,
which we can do because PHP requires at least C99 in which the header
is always available.
We could also use an autoconf check, but this isn't really necessary as
it will always succeed.
 2025-11-20 19:17:17 +01:00
Niels Dossche
6eb10dc433 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  libxml: Fix input buffer deprecation
 2025-11-19 18:41:43 +01:00
Niels Dossche
8c2407714f libxml: Fix input buffer deprecation 
While this fixed the last deprecation in ext/libxml, it's not a full
fix: The full fix would be to move to the context-specific APIs to
override the behaviour. However, that requires API/ABI incompatible
changes so that can't be done on a stable branch.

Closes GH-20525.
 2025-11-19 18:41:28 +01:00
Niels Dossche
4eacb6de83 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  zip: Don't truncate return value of zip_fread() with user sizes
 2025-11-18 20:31:15 +01:00
Niels Dossche
2f05830a5f zip: Don't truncate return value of zip_fread() with user sizes 
The return type has been zip_int64_t since 2009, so we shouldn't
truncate to an int because the user may have requested a size that won't
fit in an int.

Closes GH-20509.
 2025-11-18 20:30:42 +01:00
Niels Dossche
4401b03aa9 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  libxml: Fix some deprecations regarding input buffer/parser handling
 2025-11-18 18:53:44 +01:00
Niels Dossche
6054a900ff libxml: Fix some deprecations regarding input buffer/parser handling 
Closes GH-20514.
 2025-11-18 18:53:17 +01:00
Niels Dossche
48d80d2729 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix assertion failures resulting in crashes with stream filter object parameters
 2025-11-17 18:24:13 +01:00
Niels Dossche
93ce0500aa Fix assertion failures resulting in crashes with stream filter object parameters 
This works for dynamic props but not for non-dynamic props due to the
missing INDIRECT handling.

Closes GH-20500.
 2025-11-17 18:23:43 +01:00
Niels Dossche
9db074d2ad Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix crash in property existence test in ext/zip
 2025-11-16 21:28:57 +01:00
Niels Dossche
46a15ed439 Fix crash in property existence test in ext/zip 
When type == 2, the zval is not initialized, so zval_ptr_dtor() on it
will crash.
Unfortunately couldn't test with property_exists() or Reflection because
they have fast paths that go through the property info, but fortunately
there are paths that don't implement a fast path (e.g. because it
doesn't make sense at that point), like with array_column().
So we use array_column() to trigger the crash.

Closes GH-20496.
 2025-11-16 21:28:30 +01:00