37 hours agoFixed bug #80411 PHP-7.4 origin/PHP-7.4
Nikita Popov [Wed, 25 Nov 2020 16:23:42 +0000 (17:23 +0100)]
Fixed bug #80411

References to null-serializations are stored as null, and as such
are part of the reference count.

Reminds me that we really need to deprecate the mess that is

38 hours agoFixed error reporting in mysqli_stmt::__construct
Dharman [Tue, 24 Nov 2020 23:02:04 +0000 (23:02 +0000)]
Fixed error reporting in mysqli_stmt::__construct

For the sake of simplicity, I've synchronized the implementation
with PHP 8, which means null values are also accepted.

Closes GH-6454.

38 hours agoReindent more mysqli tests
Nikita Popov [Wed, 25 Nov 2020 15:07:16 +0000 (16:07 +0100)]
Reindent more mysqli tests

Due to a bug in the tidy script, most tests did not actually get

39 hours agoReindent ext/mysqli tests
Nikita Popov [Wed, 25 Nov 2020 14:57:11 +0000 (15:57 +0100)]
Reindent ext/mysqli tests

Reindent ext/mysqli tests on PHP-7.4, so they match with the
indentation on PHP-8.0. Otherwise merging test changes across
branches is very unpleasant.

2 days agoFix usage of casted string in ReflectionParameter ctor
Nikita Popov [Tue, 24 Nov 2020 15:41:18 +0000 (16:41 +0100)]
Fix usage of casted string in ReflectionParameter ctor

Fixes oss-fuzz #27755.

2 days agoFixed bug #80393
Nikita Popov [Tue, 24 Nov 2020 14:26:40 +0000 (15:26 +0100)]
Fixed bug #80393

Handle macos versions that don't start with 10.* in libtool.

Patch by kir dot morozov at gmail dot com.

2 days agoFix #77961: finfo_open crafted magic parsing SIGABRT
Christoph M. Becker [Mon, 23 Nov 2020 16:12:46 +0000 (17:12 +0100)]
Fix #77961: finfo_open crafted magic parsing SIGABRT

libmagic may abort the running process, which is not desirable for PHP;
we raise a fatal error instead.

Closes GH-6437.

2 days agoFix #80366: Return Value of zend_fstat() not Checked
Christoph M. Becker [Tue, 17 Nov 2020 13:42:22 +0000 (14:42 +0100)]
Fix #80366: Return Value of zend_fstat() not Checked

In the somewhat unlikely case that `zend_fstat()` fails, we must not
proceed executing the function, but return `false` instead.

Patch based on the patch contributed by sagpant at microsoft dot com.

Closes GH-6432.

2 days agoFixed bug #80362: Running dtrace scripts can cause php to crash
Nikita Popov [Tue, 24 Nov 2020 12:00:53 +0000 (13:00 +0100)]
Fixed bug #80362: Running dtrace scripts can cause php to crash

Patch by al at coralnet dot name.

4 days agoFix #77594: ob_tidyhandler is never reset
Christoph M. Becker [Sat, 14 Nov 2020 14:03:58 +0000 (15:03 +0100)]
Fix #77594: ob_tidyhandler is never reset

We reset to original INI value on request shutdown.

Closes GH-6425.

6 days agoFix typos in php.ini files
Benjamin Morel [Fri, 20 Nov 2020 13:45:35 +0000 (14:45 +0100)]
Fix typos in php.ini files

Closes GH-6441.

[ci skip]

7 days agoFix #72964: White space not unfolded for CC/Bcc headers
Christoph M. Becker [Tue, 10 Nov 2020 15:13:54 +0000 (16:13 +0100)]
Fix #72964: White space not unfolded for CC/Bcc headers

`\r\n` does only terminate a header, if not followed by `\t` or ` `.
We have to cater to that when determining the end position of the
respective headers.

Closes GH-6420.

7 days agoFix #80345: PHPIZE configuration has outdated PHP_RELEASE_VERSION
Christoph M. Becker [Tue, 10 Nov 2020 12:51:40 +0000 (13:51 +0100)]
Fix #80345: PHPIZE configuration has outdated PHP_RELEASE_VERSION

We must not redefine the version "constants" for phpize builds, because
these have already generated in phpize.js, from where we pass these
variables forward to configure.js.

We also add `PHP_EXTRA_VERSION` and `PHP_VERSION_STRING` to the files
for completeness.

Closes GH-6419.

8 days agoShort-circuit get_gc for currently running generator
Nikita Popov [Wed, 18 Nov 2020 11:44:31 +0000 (12:44 +0100)]
Short-circuit get_gc for currently running generator

9 days agoFix #80312: change default engine from MyISAM to InnoDB in tests
Darek Slusarczyk [Fri, 6 Nov 2020 14:41:15 +0000 (15:41 +0100)]
Fix #80312: change default engine from MyISAM to InnoDB in tests

Change mysqli and pdo_mysql tests configuration to use by default
InnoDB instead of MyISAM.

Closes GH-6405.

9 days agoFix incorrectly optimized out live range
Nikita Popov [Tue, 17 Nov 2020 09:18:37 +0000 (10:18 +0100)]
Fix incorrectly optimized out live range

For x ? y : z style structures, the live range starts at z, but
may also hold the value of y. Make sure that the refcounting check
takes this into account, by checking the type of a potential phi

10 days agoFix #74558: Can't rebind closure returned by Closure::fromCallable()
Christoph M. Becker [Thu, 12 Nov 2020 14:37:51 +0000 (15:37 +0100)]
Fix #74558: Can't rebind closure returned by Closure::fromCallable()

Failure to rebind such closures is not necessarily related to them
being created by `ReflectionFunctionAbstract::getClosure()`, so we fix
the error message.

Closes GH-6424.

2 weeks agoHandle errors during next_result()
Nikita Popov [Wed, 11 Nov 2020 14:56:05 +0000 (15:56 +0100)]
Handle errors during next_result()

2 weeks agoPHP-7.4 is now for 7.4.14
Derick Rethans [Tue, 10 Nov 2020 17:58:21 +0000 (17:58 +0000)]
PHP-7.4 is now for 7.4.14

2 weeks agoAdd integration test for symfony preloading
Nikita Popov [Mon, 9 Nov 2020 14:13:33 +0000 (15:13 +0100)]
Add integration test for symfony preloading

To help catch regressions like the one that occurred in PHP 7.4.12.

Closes GH-6414.

2 weeks agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Tue, 10 Nov 2020 10:09:40 +0000 (11:09 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  7.3.26 is next

2 weeks ago7.3.26 is next origin/PHP-7.3
Christoph M. Becker [Tue, 10 Nov 2020 10:08:16 +0000 (11:08 +0100)]
7.3.26 is next

2 weeks agoFix phi use chain management when renaming variable
Nikita Popov [Mon, 9 Nov 2020 16:06:41 +0000 (17:06 +0100)]
Fix phi use chain management when renaming variable

If there is a previous use of the new variable in the phi, we need
to NULL out the use chain of the new source we're adding.

Test case is reduced from an assertion failure in the Symfony Demo.

2 weeks agoMerge branch 'PHP-7.3' into PHP-7.4
Nikita Popov [Mon, 9 Nov 2020 13:34:24 +0000 (14:34 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fixed bug #80310: Support for icu4c 68.1.

2 weeks agoFixed bug #80310: Support for icu4c 68.1.
Alexander M. Turek [Tue, 3 Nov 2020 18:14:41 +0000 (19:14 +0100)]
Fixed bug #80310: Support for icu4c 68.1.

On stable versions, bring back the TRUE/FALSE defines by defining

Closes GH-6397.

2 weeks agoUpdate version in 7.4 branch
Derick Rethans [Sat, 7 Nov 2020 18:48:13 +0000 (18:48 +0000)]
Update version in 7.4 branch

2 weeks agoSplit tests for compatibility with ICU 68.1
Christoph M. Becker [Fri, 6 Nov 2020 16:11:26 +0000 (17:11 +0100)]
Split tests for compatibility with ICU 68.1

3 weeks agoBackport preloading trait fixup fixes
Nikita Popov [Thu, 5 Nov 2020 10:58:31 +0000 (11:58 +0100)]
Backport preloading trait fixup fixes

This cherry-picks 33969c2252b2c33a72c9039072af8862fd347a5f and
2effbfd8713936742ef46e6e85ce193b320ac005 from PHP-8.0.

The issues these commits fix could also manifest in PHP 7.4, and
a commenter on bug #80307 reports this this might indeed be

3 weeks agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Wed, 4 Nov 2020 13:54:14 +0000 (14:54 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix #80266: parse_url silently drops port number 0

3 weeks agoFix #80266: parse_url silently drops port number 0
Christoph M. Becker [Wed, 4 Nov 2020 10:34:10 +0000 (11:34 +0100)]
Fix #80266: parse_url silently drops port number 0

As of commit 81b2f3e[1], `parse_url()` accepts URLs with a zero port,
but does not report that port, what is wrong in hindsight.

Since the port number is stored as `unsigned short` there is no way to
distinguish between port zero and no port.  For BC reasons, we thus
introduce `parse_url_ex2()` which accepts an output parameter that
allows that distinction, and use the new function to fix the behavior.

The introduction of `parse_url_ex2()` has been suggested by Nikita.

[1] <;a=commit;h=81b2f3e5d9fcdffd87a4fcd12bd8c708a97091e1>

Closes GH-6399.

3 weeks agoFix dynamic function definition in preload script
Nikita Popov [Wed, 4 Nov 2020 09:54:08 +0000 (10:54 +0100)]
Fix dynamic function definition in preload script

We should use normal function renaming if the function is declared
during preloading itself, rather than afterwards.

This fixes a regression introduced by

3 weeks agoMerge branch 'PHP-7.3' into PHP-7.4
Nikita Popov [Tue, 3 Nov 2020 09:39:13 +0000 (10:39 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix another implicit function declaration in configure

3 weeks agoFix another implicit function declaration in configure
Nikita Popov [Tue, 3 Nov 2020 09:38:16 +0000 (10:38 +0100)]
Fix another implicit function declaration in configure

As mentioned on bug #80171. This one is in libtool.m4, might get
lost on libtool updates.

3 weeks agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Mon, 2 Nov 2020 10:39:16 +0000 (11:39 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix #70461: disable md5 code when it is not supported in net-snmp

3 weeks agoFix #70461: disable md5 code when it is not supported in net-snmp
Christoph M. Becker [Wed, 28 Oct 2020 14:30:49 +0000 (15:30 +0100)]
Fix #70461: disable md5 code when it is not supported in net-snmp

Patch contributed by Alexander Bergmann.

Closes GH-6389.

3 weeks agoFix SSA integrity violation for type inference in dead code
Nikita Popov [Fri, 30 Oct 2020 14:48:03 +0000 (15:48 +0100)]
Fix SSA integrity violation for type inference in dead code

The foreach body can never be executed and thus may contain empty
types. We should still uphold our SSA integrity invariants in that

3 weeks agoFix bug79177.phpt wrt. JIT
Christoph M. Becker [Fri, 30 Oct 2020 11:44:37 +0000 (12:44 +0100)]
Fix bug79177.phpt wrt. JIT

JIT ignores that the `zend_write` callback is overwritten, so we define
our own callback and caller.

We also fix the "inconsistent DLL binding" warnings on Windows, by
introducing `PHP_ZEND_TEST_API`.

Closes GH-6391.

4 weeks agoFix bug #72413: Segfault with get_result and PS cursors
Dharman [Thu, 17 Sep 2020 11:35:26 +0000 (12:35 +0100)]
Fix bug #72413: Segfault with get_result and PS cursors

We cannot simply switch to use_result here, because the fetch_row
methods in get_result mode and in use_result/store_result mode
are different: In one case it accepts a statement, in the other
a return value zval. Thus, doing a switch to use_result results
in a segfault when trying to fetch a row.

Actually supporting get_result with cursors would require adding
cursor support in mysqlnd_result, not just mysqlnd_ps. That would
be a significant amount of effort and, given the age of the issue,
does not appear to be particularly likely to happen soon.

As such, we simply generate an error when using get_result()
with cursors, which is much better than causing a segfault.
Instead, parameter binding needs to be used.

4 weeks agoHandle errors during PDO row fetch
Nikita Popov [Thu, 29 Oct 2020 13:07:08 +0000 (14:07 +0100)]
Handle errors during PDO row fetch

The EOF flag also gets set on error, so we always end up ignoring
errors here.

However, we should only check errors for unbuffered results. For
buffered results, this function is guaranteed not to error, and
querying the errno may return an unrelated error.

4 weeks agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Thu, 29 Oct 2020 12:09:19 +0000 (13:09 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix format specifier

4 weeks agoFix format specifier
Christoph M. Becker [Thu, 29 Oct 2020 11:58:45 +0000 (12:58 +0100)]
Fix format specifier

In this function, `i` is of type `size_t`.

4 weeks agoReport gone away error in one more place
Nikita Popov [Thu, 29 Oct 2020 10:43:17 +0000 (11:43 +0100)]
Report gone away error in one more place

4 weeks ago[ci skip] Fix NEWS order
Christoph M. Becker [Thu, 29 Oct 2020 11:15:31 +0000 (12:15 +0100)]
[ci skip] Fix NEWS order

4 weeks agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Thu, 29 Oct 2020 11:00:07 +0000 (12:00 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix #44618: Fetching may rely on uninitialized data

4 weeks agoFix #44618: Fetching may rely on uninitialized data
Christoph M. Becker [Thu, 29 Oct 2020 10:52:10 +0000 (11:52 +0100)]
Fix #44618: Fetching may rely on uninitialized data

Unless `SQLGetData()` returns `SQL_SUCCESS` or `SQL_SUCCESS_WITH_INFO`,
the `StrLen_or_IndPtr` output argument is not guaranteed to be properly
set.  Thus we handle retrieval failure other than `SQL_ERROR` by
yielding `false` for those column values and raising a warning.

Closes GH-6281.

4 weeks agoRetain QUIT_SEND connection state
Nikita Popov [Thu, 29 Oct 2020 09:17:35 +0000 (10:17 +0100)]
Retain QUIT_SEND connection state

If the server goes away while reading a packet, don't go back into
the READY state. This will just cause broken pipe errors down the

4 weeks agoFixed bug #65825
Nikita Popov [Wed, 28 Oct 2020 16:12:35 +0000 (17:12 +0100)]
Fixed bug #65825

Set error_info when we fail to read a packet, instead of throwing
a warning. Additionally we also need to populate the right
error_info in rowp_read -- we'll later take the error from the
packet, not the connection.

No test case, as this is hard to reliably test. I'm using the
test case from:

4 weeks agoFix #79177: FFI doesn't handle well PHP exceptions within callback
Christoph M. Becker [Wed, 28 Oct 2020 11:01:28 +0000 (12:01 +0100)]
Fix #79177: FFI doesn't handle well PHP exceptions within callback

We have to error on unhandled exceptions in FFI callbacks, to avoid
passing back undefined values.

This has been discussed and agreed upon in a previous PR[1].

[1] <>

Closes GH-6366.

4 weeks agoFixed bug #66528
Nikita Popov [Wed, 28 Oct 2020 10:58:07 +0000 (11:58 +0100)]
Fixed bug #66528

Report errors in commit, rollback and autocommit handlers.

4 weeks agoFixed run-time binding of preloaded dynamically declared function
Dmitry Stogov [Wed, 28 Oct 2020 10:50:14 +0000 (13:50 +0300)]
Fixed run-time binding of preloaded dynamically declared function

4 weeks agoHandle mysqli errors in more cases
Dharman [Thu, 17 Sep 2020 22:45:17 +0000 (23:45 +0100)]
Handle mysqli errors in more cases

Report errors autocommit, commit, rollback and mysqli_stmt_attr_set.

Additionally, copy the error from conn to stmt when preparing fails,
so these errors are also handled by mysqli_stmt_prepare.

Closes GH-6157.

4 weeks agoSync test with master
Nikita Popov [Wed, 28 Oct 2020 10:30:22 +0000 (11:30 +0100)]
Sync test with master

Sync ext/mysqli/tests/mysqli_report.phpt with PHP-8.0/master, as
the current difference in indentation makes it hard to merge.

4 weeks agoFix bug #79375
Dharman [Sun, 20 Sep 2020 15:32:47 +0000 (16:32 +0100)]
Fix bug #79375

Make sure deadlock errors are properly propagated and reports in
a number of places in mysqli and PDO MySQL.

This also fixes a memory and a segfault that can occur under these

4 weeks agoMerge branch 'PHP-7.3' into PHP-7.4
Nikita Popov [Mon, 26 Oct 2020 15:50:48 +0000 (16:50 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Deny cloning of fileinfo objects

4 weeks agoDeny cloning of fileinfo objects
Nikita Popov [Mon, 26 Oct 2020 15:50:20 +0000 (16:50 +0100)]
Deny cloning of fileinfo objects

Using a cloned finfo object will crash.

4 weeks agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Mon, 26 Oct 2020 14:40:55 +0000 (15:40 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Revert "Fix out-of-bounds write"

4 weeks agoRevert "Fix out-of-bounds write"
Christoph M. Becker [Tue, 20 Oct 2020 15:09:20 +0000 (17:09 +0200)]
Revert "Fix out-of-bounds write"

This reverts commit bf6873a18e3b6b00f82a645c0893a281ae8eadb8.

CVE-2020-26159 is bogus; the "bug" was apparently a false positive
reported by Coverity, and the "fix" apparently wrong, see

Closes GH-6357.

4 weeks agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Mon, 26 Oct 2020 12:08:47 +0000 (13:08 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix #80268: loadHTML() truncates at NUL bytes

4 weeks agoFix #80268: loadHTML() truncates at NUL bytes
Christoph M. Becker [Fri, 23 Oct 2020 09:06:30 +0000 (11:06 +0200)]
Fix #80268: loadHTML() truncates at NUL bytes

libxml2 has no particular issues parsing HTML strings with NUL bytes;
these just cause truncation of the current text content, but parsing
continues generally.  Since `::loadHTMLFile()` already supports NUL
bytes, `::loadHTML()` should as well.

Note that this is different from XML, which does not allow any NUL

Closes GH-6368.

4 weeks agoMerge branch 'PHP-7.3' into PHP-7.4
Nikita Popov [Mon, 26 Oct 2020 11:40:56 +0000 (12:40 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Declare may_retry_reparse_point on windows only

4 weeks agoDeclare may_retry_reparse_point on windows only
Nikita Popov [Mon, 26 Oct 2020 11:40:27 +0000 (12:40 +0100)]
Declare may_retry_reparse_point on windows only

4 weeks agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Mon, 26 Oct 2020 10:54:33 +0000 (11:54 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix #62474: com_event_sink crashes on certain arguments

4 weeks agoFix #62474: com_event_sink crashes on certain arguments
Christoph M. Becker [Thu, 22 Oct 2020 15:50:22 +0000 (17:50 +0200)]
Fix #62474: com_event_sink crashes on certain arguments

We have to make sure that the variant is of type `VT_DISPATCH` before
we access it as such.

Closes GH-6372.

4 weeks agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Mon, 26 Oct 2020 10:21:35 +0000 (11:21 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix #80258: Windows Deduplication Enabled, randon permission errors

4 weeks agoFix #80258: Windows Deduplication Enabled, randon permission errors
Christoph M. Becker [Mon, 19 Oct 2020 15:41:58 +0000 (17:41 +0200)]
Fix #80258: Windows Deduplication Enabled, randon permission errors

A recent bug fix regarding symlinks claimed:

> After resolving reparse points, the path still may be a reparse
> point; in that case we have to resolve that reparse point as well.

While that is basically correct, some reparse points may point to
inaccessible system folders (e.g. `IO_REPARSE_TAG_DEDUP` points to
"\System Volume Information").  Since we don't know details about
arbitrary reparse points, and are mainly interested in nested symlinks,
we take a step back, and only resolve `IO_REPARSE_TAG_SYMLINK` for now.

Close GH-6354.

4 weeks agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Mon, 26 Oct 2020 10:04:57 +0000 (11:04 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix #80280: ADD_EXTENSION_DEP() fails for ext/standard and ext/date

4 weeks agoFix #80280: ADD_EXTENSION_DEP() fails for ext/standard and ext/date
Christoph M. Becker [Sat, 24 Oct 2020 14:08:02 +0000 (16:08 +0200)]
Fix #80280: ADD_EXTENSION_DEP() fails for ext/standard and ext/date

`ADD_EXTENSION_DEP()` relies on the `PHP_<extname>` config variables to
be set to `"yes"`, and since the standard and date extension are always
enabled, we define the respective variables uncoditionally.

Closes GH-6383.

4 weeks agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Mon, 26 Oct 2020 09:58:26 +0000 (10:58 +0100)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix bug 76618

5 weeks agoFix bug 76618
George Peter Banyard [Thu, 22 Oct 2020 16:01:48 +0000 (17:01 +0100)]
Fix bug 76618

Apply patch which was attached to the bug in July 2018

5 weeks agoFix bug 76618
George Peter Banyard [Thu, 22 Oct 2020 16:01:48 +0000 (17:01 +0100)]
Fix bug 76618

Apply patch which was attached to the bug in July 2018

5 weeks agoMerge branch 'PHP-7.3' into PHP-7.4
Nikita Popov [Thu, 22 Oct 2020 14:05:34 +0000 (16:05 +0200)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Don't crash on uninitialized tidy object

5 weeks agoDon't crash on uninitialized tidy object
Nikita Popov [Thu, 22 Oct 2020 14:04:22 +0000 (16:04 +0200)]
Don't crash on uninitialized tidy object

"Uninitialized" here means that the object was created ordinarily
-- no constructor skipping involved. Most tidy methods seem to
handle this fine, but these three need to be guarded.

5 weeks agoUpdated to version 2020.4 (2020d)
Derick Rethans [Thu, 22 Oct 2020 09:12:26 +0000 (10:12 +0100)]
Updated to version 2020.4 (2020d)

5 weeks agoEmpty merge
Derick Rethans [Thu, 22 Oct 2020 09:12:25 +0000 (10:12 +0100)]
Empty merge

5 weeks agoUpdated to version 2020.4 (2020d)
Derick Rethans [Thu, 22 Oct 2020 09:12:24 +0000 (10:12 +0100)]
Updated to version 2020.4 (2020d)

5 weeks agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Tue, 20 Oct 2020 17:00:04 +0000 (19:00 +0200)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix #80242: imap_mail_compose() segfaults for multipart with rfc822

5 weeks agoFix #80242: imap_mail_compose() segfaults for multipart with rfc822
Christoph M. Becker [Tue, 20 Oct 2020 14:38:16 +0000 (16:38 +0200)]
Fix #80242: imap_mail_compose() segfaults for multipart with rfc822

libc-client expects `TYPEMESSAGE` with an explicit subtype of `RFC822`
to have a `nested.msg` (otherwise there will be a segfault during
free), but not to have any `` (this will leak

Closes GH-6345.

5 weeks agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Tue, 20 Oct 2020 14:31:25 +0000 (16:31 +0200)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Add char* cast to avoid compiler warnings

5 weeks agoAdd char* cast to avoid compiler warnings
Christoph M. Becker [Tue, 20 Oct 2020 14:25:00 +0000 (16:25 +0200)]
Add char* cast to avoid compiler warnings

In libc-client 2007f `data` is declared as `unsigned char *`; there may
be variants which declare it as `void *`, but in any case picky
compilers may warn about a pointer type mismatch in the conditional
(and error with `-W-error`), so we're adding a `char *` cast for good

5 weeks agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Tue, 20 Oct 2020 11:34:27 +0000 (13:34 +0200)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Properly fix #80220

5 weeks agoProperly fix #80220
Christoph M. Becker [Fri, 16 Oct 2020 09:58:50 +0000 (11:58 +0200)]
Properly fix #80220

The original fix for that bug[1] broke the formerly working composition
of message/rfc822 messages, which results in a segfault when freeing
the message body now.  While `imap_mail_compose()` does not really
support composition of meaningful message/rfc822 messages (although
libc-client appears to support that), some code may still use this to
compose partial messages, and using string manipulation to create the
final message.

The point is that libc-client expects `TYPEMESSAGE` with an explicit
subtype of `RFC822` to have a `nested.msg` (otherwise there will be a
segfault during free), but not to have any `` (this
will leak otherwise).

[1] <;a=commit;h=0d022ddf03c5fabaaa22e486d1e4a367ed9170a7>

Closes GH-6343.

5 weeks agoFix bug #79643: Invalid memory read when opcache.interned_strings_buffer is 0
twosee [Tue, 9 Jun 2020 06:55:36 +0000 (14:55 +0800)]
Fix bug #79643: Invalid memory read when opcache.interned_strings_buffer is 0

5 weeks agoFix CCM tag length setting for old OpenSSL versions
Nikita Popov [Tue, 20 Oct 2020 08:50:50 +0000 (10:50 +0200)]
Fix CCM tag length setting for old OpenSSL versions

While OpenSSL 1.1 allows unconditionally setting the CCM tag length
even for decryption, some older versions apparently do not. As such,
we do need to treat CCM and OCB separately after all.

5 weeks agoFix bug #79983: Add support for OCB mode
Nikita Popov [Wed, 14 Oct 2020 11:03:03 +0000 (13:03 +0200)]
Fix bug #79983: Add support for OCB mode

OCB mode ciphers were already exposed to openssl_encrypt/decrypt,
but misbehaved, because they were not treated as AEAD ciphers.
From that perspective, OCB should be treated the same way as GCM.
In OpenSSL 1.1 the necessary controls were unified under
EVP_CTRL_AEAD_* (and OCB is only supported since OpenSSL 1.1).

Closes GH-6337.

5 weeks agoUpdated to version 2020.3 (2020c)
Derick Rethans [Mon, 19 Oct 2020 08:31:03 +0000 (09:31 +0100)]
Updated to version 2020.3 (2020c)

5 weeks agoEmpty merge
Derick Rethans [Mon, 19 Oct 2020 08:31:03 +0000 (09:31 +0100)]
Empty merge

5 weeks agoUpdated to version 2020.3 (2020c)
Derick Rethans [Mon, 19 Oct 2020 08:31:02 +0000 (09:31 +0100)]
Updated to version 2020.3 (2020c)

6 weeks agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Thu, 15 Oct 2020 11:19:30 +0000 (13:19 +0200)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix broken fix for #80239

6 weeks agoFix broken fix for #80239
Christoph M. Becker [Thu, 15 Oct 2020 11:18:34 +0000 (13:18 +0200)]
Fix broken fix for #80239

No idea why that `git am` failed that badly.

6 weeks agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Thu, 15 Oct 2020 10:55:44 +0000 (12:55 +0200)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix #80239: imap_rfc822_write_address() leaks memory

6 weeks agoFix #80239: imap_rfc822_write_address() leaks memory
Christoph M. Becker [Thu, 15 Oct 2020 10:51:10 +0000 (12:51 +0200)]
Fix #80239: imap_rfc822_write_address() leaks memory

We have to free the address when we're finished with it.

6 weeks agoMerge branch 'PHP-7.3' into PHP-7.4
Nikita Popov [Thu, 15 Oct 2020 08:16:56 +0000 (10:16 +0200)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix leak in gmp_export()

6 weeks agoFix leak in gmp_export()
Nikita Popov [Thu, 15 Oct 2020 08:16:22 +0000 (10:16 +0200)]
Fix leak in gmp_export()

6 weeks agoAllow passing $tag for non-authenticated encryption
Nikita Popov [Tue, 13 Oct 2020 14:46:32 +0000 (16:46 +0200)]
Allow passing $tag for non-authenticated encryption

openssl_encrypt() currently throws a warning if the $tag out
parameter is passed for a non-authenticated cipher. This violates
the principle that a function should behave the same if a parameter
is not passed, and if the default value is passed for the parameter.

I believe this warning should simply be dropped and the $tag be
populated with null, as is already the case. Otherwise, it is not
possible to use openssl_encrypt() in generic wrapper APIs, that are
compatible with both authenticated and non-authenticated encryption.

Closes GH-6333.

6 weeks agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Tue, 13 Oct 2020 17:38:10 +0000 (19:38 +0200)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix #64076: imap_sort() does not return FALSE on failure

6 weeks agoFix #64076: imap_sort() does not return FALSE on failure
Christoph M. Becker [Tue, 13 Oct 2020 14:20:55 +0000 (16:20 +0200)]
Fix #64076: imap_sort() does not return FALSE on failure

If unsupported `$search_criteria` are passed to `imap_sort()`, the
function returns an empty array, but there is also an error on the
libc-client error stack ("Unknown search criterion: UNSUPPORTED
(errflg=2)").  If, on the other hand, unsupported `$criteria` or
unsupported `$flags` are passed, the function returns `false`.  We
solve this inconsistency by returning `false` for unsupported
`$search_criteria` as well.

Closes GH-6332.

6 weeks agoPrepare for 7.4.13
Derick Rethans [Tue, 13 Oct 2020 11:28:58 +0000 (12:28 +0100)]
Prepare for 7.4.13

6 weeks agoIgnore memory leaks reported for some libc-client functions
Christoph M. Becker [Mon, 12 Oct 2020 15:28:24 +0000 (17:28 +0200)]
Ignore memory leaks reported for some libc-client functions

At least on Windows, some static variables are lazily initialized
during `mail_open()` and `mail_lsub()`, which are reported as memory
leaks.  We suppress these false positives.

Closes GH-6326.

6 weeks agoMerge branch 'PHP-7.3' into PHP-7.4
Christoph M. Becker [Tue, 13 Oct 2020 07:53:52 +0000 (09:53 +0200)]
Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  7.3.25 is next

6 weeks ago7.3.25 is next
Christoph M. Becker [Tue, 13 Oct 2020 07:52:46 +0000 (09:52 +0200)]
7.3.25 is next