Prior to libavif 1.1.0, `avifAlloc()` was infallible (it called
`abort()` on OOM conditions); thus, several API functions which used
`avifAlloc()` did not report failure. That changed as of libavif
1.0.0[1], so checking and handling failure conditions can now be done.
However, due to `avifAlloc()` being fallible as of libavif 1.1.0, this
error checking and handling is mandatory to avoid more serious issues.
[1] <eb02b2ec52/CHANGELOG.md (L273-L281)>
Closes GH-16434.
Note that this is not actually security related[1], but still a
reasonable sanity check.
"If a function be advertised to return an error code in the event of
difficulties, thou shalt check for that code, yea, even though the
checks triple the size of thy code and produce aches in thy typing
fingers, for if thou thinkest it cannot happen to me, the gods shall
surely punish thee for thy arrogance." – Henry Spencer
[1] <https://github.com/libgd/libgd/issues/697#issuecomment-2369613187>
When this function has been added to our bundled GD[1], it had been
overlooked to also declare it in gd.h, like it's done in libgd. While
MSVC doesn't have any issues with this, clang reports an error.
[1] <03bd4333f6>
We port this modification[1] from libgd into our bundled libgd, because
the change makes sense, and we want the code bases to stay in sync as
close as possible.
We also apply a quick fix to the respective test.
[1] <f0a059be6c>
According to the docs (https://www.php.net/manual/en/function.imagecreatefromwebp.php and https://www.php.net/manual/en/function.imagewebp.php), `false` should be returned on errors (similar to other functions of the `gd` extension), but actually all errors result in a `Fatal Error`. It doesn't look normal when trying to read an empty file or a file in the wrong format causes the program to stop. The problem seems to be related to a mega-patch that replaced `zend_error` with `zend_error_noreturn` almost everywhere. My patch fixes this behavior by switching from `zend_error_noerror` to `gd_error` (i.e. to `E_WARNING` level). All necessary memory cleanup is already in the code (as it was before the "zend_error_noreturn" patch).
Close GH-13774
* Replace WIN32 conditions with _WIN32 or PHP_WIN32
WIN32 is defined by the SDK and not defined all the time on Windows by
compilers or the environment. _WIN32 is defined as 1 when the
compilation target is 32-bit ARM, 64-bit ARM, x86, or x64. Otherwise,
undefined.
This syncs these usages one step further.
Upstream libgd has replaced WIN32 with _WIN32 via
c60d9fe577
PHP_WIN32 is added to ext/sockets/sockets.stub.php as done in other
*.stub.php files at this point.
* Use PHP_WIN32 in ext/random
* Use PHP_WIN32 in ext/sockets
* Use _WIN32 in xxhash.h as done upstream
See https://github.com/Cyan4973/xxHash/pull/931
* Update end comment with PHP_WIN32
These are available since C99 with math.h also on Windows, without
requiring checking. Upstream libgd uses floorf() unconditionally and
doesn't use fabsf().
This removes the deprecated malloc.h header Autoconf check on *nix
systems and its HAVE_MALLOC_H symbol. It can be replaced mostly with the
stdlib.h. The libgd usptream also doesn't include it anymore.
On Windows, it is still used for some memory allocation functions, but
can be replaced with stdlib.h in the future.
libgd uses an incorrect absolute path check in gdft.c.
It checks if either the path starts with a '/' (only valid on Posix
btw), or whether it contains something of the form C:\ or C:/.
However, this overlooks the possibility of using UNC paths on Windows.
As we already do PHP-specific stuff with VCWD_ macros, use
IS_ABSOLUTE_PATH to check for an absolute path which will take into
account UNC paths as well.
Closes GH-13241.
