php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-24 16:22:37 +01:00
Code Issues Packages Projects Releases Wiki Activity
139,227 Commits 545 Branches 1,479 Tags
php-8.4.4
Commit Graph

68643 Commits

Author SHA1 Message Date
Niels Dossche
e7770802bf Fix potential read of uninitialized padding data in DOM (#17628) 
The fix for GH-17481 introduced a regression that can cause the read of
uninitialized padding data when going over a chunk boundary during HTML
parsing of UTF-8.
The wrong offset was computed with respect to the input buffer, the
length of the error-corrected UTF-8 code point is not necessarily the
same as the input code point length.
This was not noticed because no CI jobs run with Valgrind nor I do it
regularly, and ASAN doesn't catch uninitialized accesses.
 2025-01-30 11:41:25 -04:00
Remi Collet
310dfbbf34 relax test for zlib-ng 2025-01-30 11:41:14 -04:00
Ilija Tovilo
4d545f91bc Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  [skip ci] Another flaky macOS phar test
 2025-01-28 12:59:25 +01:00
Ilija Tovilo
dc06a52362 Merge branch 'PHP-8.2' into PHP-8.3 
* PHP-8.2:
  [skip ci] Another flaky macOS phar test
 2025-01-28 12:58:55 +01:00
Ilija Tovilo
c14601cc90 Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  [skip ci] Another flaky macOS phar test
 2025-01-28 12:58:42 +01:00
Ilija Tovilo
d9744869e6 [skip ci] Another flaky macOS phar test 2025-01-28 12:58:30 +01:00
Ilija Tovilo
ac42a8de75 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix missing GC_PERSISTENT_LOCAL flag on accel_globals.key
 2025-01-28 12:55:55 +01:00
Ilija Tovilo
2ad778bc76 Fix missing GC_PERSISTENT_LOCAL flag on accel_globals.key 2025-01-28 12:55:09 +01:00
Ilija Tovilo
c63460c92c Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  [skip ci] Another flaky macOS phar test
 2025-01-28 12:45:35 +01:00
Ilija Tovilo
b598dbf822 Merge branch 'PHP-8.2' into PHP-8.3 
* PHP-8.2:
  [skip ci] Another flaky macOS phar test
 2025-01-28 12:45:17 +01:00
Ilija Tovilo
01309961bb Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  [skip ci] Another flaky macOS phar test
 2025-01-28 12:45:10 +01:00
Ilija Tovilo
65b990a1e0 [skip ci] Another flaky macOS phar test 2025-01-28 12:44:24 +01:00
Ilija Tovilo
c1b151020a Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix cve-2014-3538 test
 2025-01-27 21:49:10 +01:00
Ilija Tovilo
cee3687180 Merge branch 'PHP-8.2' into PHP-8.3 
* PHP-8.2:
  Fix cve-2014-3538 test
 2025-01-27 21:49:03 +01:00
Ilija Tovilo
7bda7ad31d Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Fix cve-2014-3538 test
 2025-01-27 21:48:47 +01:00
Ilija Tovilo
d17d58a982 Fix cve-2014-3538 test 
Make sure we have a unique test file to work with, and increase the time
for the nojit version to match the default version.

Closes GH-17600
 2025-01-27 20:01:13 +01:00
Ilija Tovilo
1432a13413 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix inline zend_string using struct padding
 2025-01-27 19:51:47 +01:00
Ilija Tovilo
8ea9b04a23 Fix inline zend_string using struct padding 
As explained by Snape3058: On 64-bit machines, we typically have 7 bytes
of padding between the zend_string.val[0] char and the following char[].
This means that zend_string.val[1-7] write to and read from the struct
padding, which is a bad idea.

Allocate the given string separately instead.

Fixes GH-17564
Closes GH-17576
 2025-01-27 19:50:38 +01:00
Calvin Buckley
25bdbf96cf Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix crash in PDO_ODBC statement dtor (#17586)
 2025-01-27 13:43:21 -04:00
Calvin Buckley
556def741c Fix crash in PDO_ODBC statement dtor (#17586) 
Port of 2ae897fff7 to PDO_ODBC.
 2025-01-27 13:41:11 -04:00
Gina Peter Banyard
7f321a1313 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  ext/pdo: Fix a UAF when changing default fetch class ctor args
 2025-01-26 23:37:14 +00:00
Gina Peter Banyard
3027600ffc ext/pdo: Fix a UAF when changing default fetch class ctor args 
Co-authored-by: Niels Dossche <7771979+nielsdos@users.noreply.github.com>
 2025-01-26 23:32:35 +00:00
Niels Dossche
fc7c353519 Fix GH-17572: getElementsByTagName returns collections with tagName-based indexing, causing loss of elements when converted to arrays 
Only (dtd) named node maps should have string-based indexing.
The ce check is fragile, just check for the presence of an xml hash
table.

Closes GH-17580.
 2025-01-26 16:21:54 +01:00
Niels Dossche
77130794a3 Update test expectation for different Firebird version 
libfbclient 5.0.1 with server 4.0.1 has a different error message and
code.
> Read only sql transaction

Closes GH-17565.
 2025-01-24 22:10:08 +01:00
Gina Peter Banyard
5b06a066f6 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Add NEWS entries
  Fix crash in firebird statement dtor
  ext/pdo: Fix memory leak if GC needs to free PDO Statement
 2025-01-24 20:22:13 +00:00
Niels Dossche
2ae897fff7 Fix crash in firebird statement dtor 
If both the driver object and statement end up in the GC buffer and are
freed by the GC, then the destruction order is not deterministic and it
is possible that the driver object is freed before the statement. In
that case, accessing S->H will cause a UAF. As the resources are already
released we simply skip the destruction if the driver object is already
destroyed.
 2025-01-24 20:16:12 +00:00
Gina Peter Banyard
99f8ec33d9 ext/pdo: Fix memory leak if GC needs to free PDO Statement 2025-01-24 20:16:12 +00:00
Gina Peter Banyard
d35904adf2 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  ext/session: Fix GH-17541 (ext/session NULL pointer dereferencement during ID reset)
 2025-01-24 14:10:00 +00:00
Gina Peter Banyard
a85666c17b ext/session: Fix GH-17541 (ext/session NULL pointer dereferencement during ID reset) 
Closes GH-17541
Closes GH-17546
 2025-01-24 14:04:58 +00:00
Niels Dossche
b448d540c2 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix type confusion with session SID constant
 2025-01-23 19:03:35 +01:00
Niels Dossche
2a2cc2ccce Fix type confusion with session SID constant 
Closes GH-17548.
 2025-01-23 19:03:04 +01:00
Dmitry Stogov
63965f1de5 Update IR 
IR commit: 02909bc123845fc2c41ec333b44b6f5ea1a196fe
 2025-01-22 18:30:33 +03:00
Christian Schneider
fa21fce84f ext/pgsql: Add check for constant PGRES_TUPLES_CHUNK to fix compilation failures 
close GH-17540
 2025-01-21 19:32:38 +00:00
Niels Dossche
25543b4566 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-17408: Assertion failure Zend/zend_exceptions.c
 2025-01-21 08:21:13 +01:00
Niels Dossche
5344bcca97 Fix GH-17408: Assertion failure Zend/zend_exceptions.c 
`zend_test_create_throwing_resource` sets the exception in the `test`
call frame and unwinds to `main`. It then throws for the `resource`
variable and verifies that the exception opline is set. However, it
wasn't set in `main`, it was set at the `test` call frame and rethrown later.
The assertion is too conservative, but the end result is right, so drop
the assertion.

Closes GH-17533.

Co-authored-by: Ilija Tovilo <ilija.tovilo@me.com>
 2025-01-21 08:20:38 +01:00
Jakub Zelenka
b3c297d88f Merge branch 'PHP-8.3' into PHP-8.4 2025-01-19 20:38:51 +01:00
Jakub Zelenka
191e16b703 Merge branch 'PHP-8.2' into PHP-8.3 2025-01-19 20:38:19 +01:00
Jakub Zelenka
5d632230ba Merge branch 'PHP-8.1' into PHP-8.2 2025-01-19 20:37:53 +01:00
Jakub Zelenka
235d1b14a3 Fix GH-17499: mysqli flaky test: ghsa-h35g-vwh6-m678-stmt-row-string 2025-01-19 20:36:12 +01:00
David Carlier
c82e31b026 Fix GH-17516: SplFileTempObject::getPathInfo() crash on invalid class. 
This no longer caught the case where an non SplFileInfo/inherited class
of nwas passed since the refactoring in 8.4.

close GH-17517
 2025-01-19 18:01:02 +00:00
Niels Dossche
7cc8719ee5 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-17518: offset overflow phar extractTo()
 2025-01-19 13:05:55 +01:00
Niels Dossche
eab209d81d Fix GH-17518: offset overflow phar extractTo() 
`search` can be the empty string, so we need to check the length before
checking the last char.

Closes GH-17519.
 2025-01-19 13:05:19 +01:00
Niels Dossche
22704af4b8 Cherry-pick lexbor/lexbor@f94d97a3 
Co-authored-by: Alexander Borisov <lex.borisov@gmail.com>
 2025-01-19 11:50:56 +01:00
David Carlier
05a1c04c43 Merge branch 'PHP-8.3' into PHP-8.4 2025-01-17 22:25:24 +00:00
David Carlier
a1d1269688 Fix GH-17469: UConverter::transcode() not hardcoding error handling. 
Respecting instead intl.use_exceptions/intl.error_level.

close GH-17488
 2025-01-17 22:23:27 +00:00
Niels Dossche
0b04061e71 NEWS for GH-17485 
Fixes GH-17485.
 2025-01-17 19:43:08 +01:00
Niels Dossche
d0981864eb Cherry-pick lexbor/lexbor@e58e1e8c 
Co-authored-by: Alexander Borisov <lex.borisov@gmail.com>
 2025-01-17 19:39:58 +01:00
Niels Dossche
a928b66447 Cherry-pick lexbor/lexbor@ae97abfb 
Co-authored-by: Alexander Borisov <lex.borisov@gmail.com>
 2025-01-17 19:39:12 +01:00
Niels Dossche
4531292ad2 Cherry-pick lexbor/lexbor@e39083b0 
Co-authored-by: Alexander Borisov <lex.borisov@gmail.com>
 2025-01-17 19:39:12 +01:00
Niels Dossche
525aeff070 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-17500: Segfault with requesting nodeName on nameless doctype
 2025-01-17 19:37:14 +01:00