Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/zlib/tests/bug61139.phpt ext/zlib/zlib_fopen_wrapper.c
Why is this test creating the file in the root directory?
And should it be created at all since the function fails?
-Hannes
On Fri, Mar 2, 2012 at 15:16, Nikita Popov wrote:
> nikic Fri, 02 Mar 2012 14:16:47 +
>
> Revision: http://svn.php.net/viewvc?view=revision&revision=323819
>
> Log:
> Merge: Fix bug #61139: gzopen leaks when specifying invalid mode
>
> Bug: https://bugs.php.net/61139 (Assigned) gzopen leaks when specifying
> invalid mode
>
> Changed paths:
> U php/php-src/branches/PHP_5_4/NEWS
> A php/php-src/branches/PHP_5_4/ext/zlib/tests/bug61139.phpt
> U php/php-src/branches/PHP_5_4/ext/zlib/zlib_fopen_wrapper.c
>
> Modified: php/php-src/branches/PHP_5_4/NEWS
> ===
> --- php/php-src/branches/PHP_5_4/NEWS 2012-03-02 14:08:11 UTC (rev 323818)
> +++ php/php-src/branches/PHP_5_4/NEWS 2012-03-02 14:16:47 UTC (rev 323819)
> @@ -43,6 +43,9 @@
> - XMLRPC:
> . Fixed bug #61097 (Memory leak in xmlrpc functions copying zvals). (Nikita
> Popov)
>
> +- Zlib:
> + . Fixed bug #61139 (gzopen leaks when specifying invalid mode). (Nikita
> Popov)
> +
> 01 Mar 2012, PHP 5.4.0
>
> - Installation:
>
> Added: php/php-src/branches/PHP_5_4/ext/zlib/tests/bug61139.phpt
> ===
> --- php/php-src/branches/PHP_5_4/ext/zlib/tests/bug61139.phpt
> (rev 0)
> +++ php/php-src/branches/PHP_5_4/ext/zlib/tests/bug61139.phpt 2012-03-02
> 14:16:47 UTC (rev 323819)
> @@ -0,0 +1,14 @@
> +--TEST--
> +Bug #61139 (gzopen leaks when specifying invalid mode)
> +--SKIPIF--
> + +if (!extension_loaded('zlib')) {
> + die('skip - zlib extension not loaded');
> +}
> +?>
> +--FILE--
> + +
> +gzopen('someFile', 'c');
> +--EXPECTF--
> +Warning: gzopen(): gzopen failed in %s on line %d
>
> Modified: php/php-src/branches/PHP_5_4/ext/zlib/zlib_fopen_wrapper.c
> ===
> --- php/php-src/branches/PHP_5_4/ext/zlib/zlib_fopen_wrapper.c 2012-03-02
> 14:08:11 UTC (rev 323818)
> +++ php/php-src/branches/PHP_5_4/ext/zlib/zlib_fopen_wrapper.c 2012-03-02
> 14:16:47 UTC (rev 323819)
> @@ -109,7 +109,7 @@
> php_stream *php_stream_gzopen(php_stream_wrapper *wrapper, char *path, char
> *mode, int options,
> char **opened_path,
> php_stream_context *context STREAMS_DC TSRMLS_DC)
> {
> - struct php_gz_stream_data_t *self = {0};
> + struct php_gz_stream_data_t *self;
> php_stream *stream = NULL, *innerstream = NULL;
>
> /* sanity check the stream: it can be either read-only or write-only */
> @@ -120,8 +120,6 @@
> return NULL;
> }
>
> - self = emalloc(sizeof(*self));
> -
> if (strncasecmp("compress.zlib://", path, 16) == 0) {
> path += 16;
> } else if (strncasecmp("zlib:", path, 5) == 0) {
> @@ -134,32 +132,29 @@
> int fd;
>
> if (SUCCESS == php_stream_cast(innerstream, PHP_STREAM_AS_FD,
> (void **) &fd, REPORT_ERRORS)) {
> - self->gz_file = gzdopen(dup(fd), mode);
> + self = emalloc(sizeof(*self));
> self->stream = innerstream;
> - if (self->gz_file) {
> + self->gz_file = gzdopen(dup(fd), mode);
> +
> + if (self->gz_file) {
> stream =
> php_stream_alloc_rel(&php_stream_gzio_ops, self, 0, mode);
> if (stream) {
> stream->flags |=
> PHP_STREAM_FLAG_NO_BUFFER;
> return stream;
> }
> +
> gzclose(self->gz_file);
> }
> +
> + efree(self);
> if (options & REPORT_ERRORS) {
> php_error_docref(NULL TSRMLS_CC, E_WARNING,
> "gzopen failed");
> }
> - } else if (innerstream) {
> - php_stream_close(innerstream);
> }
> - }
>
> - if (stream) {
> - php_stream_close(stream);
> + php_stream_close(innerstream);
> }
> -
> - if (self) {
> - efree(self);
> - }
> -
> +
> return NULL;
> }
>
>
>
> --
> PHP CVS Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS
iliaaSat, 17 Mar 2012 17:51:51 + Revision: http://svn.php.net/viewvc?view=revision&revision=324323 Log: Fixed typo Changed paths: U php/php-src/branches/PHP_5_4/NEWS Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2012-03-17 10:37:21 UTC (rev 324322) +++ php/php-src/branches/PHP_5_4/NEWS 2012-03-17 17:51:51 UTC (rev 324323) @@ -12,7 +12,7 @@ exist in ISO-8859-1). (Gustavo) . Fixed bug #61273 (call_user_func_array with more than 16333 arguments leaks / crashes). (Laruence) - . Fixed bug #61225 (Incorect lexing of 0b00*+). (Pierrick) + . Fixed bug #61225 (Incorrect lexing of 0b00*+). (Pierrick) . Fixed bug #61165 (Segfault - strip_tags()). (Laruence) . Fixed bug #61106 (Segfault when using header_register_callback). (Nikita Popov) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/ext/standard/info.c trunk/ext/standard/info.c
aharvey Fri, 16 Mar 2012 02:07:46 +
Revision: http://svn.php.net/viewvc?view=revision&revision=324289
Log:
Fix bug #61409 (Bad formatting on phpinfo()). Patch by Jakub Vrana.
Bug: https://bugs.php.net/61409 (Assigned) Bad formatting on php_info()
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/ext/standard/info.c
U php/php-src/trunk/ext/standard/info.c
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-03-15 23:17:06 UTC (rev 324288)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-03-16 02:07:46 UTC (rev 324289)
@@ -96,6 +96,7 @@
- Standard:
. Fixed memory leak in substr_replace. (Pierrick)
. Make max_file_uploads ini directive settable outside of php.ini (Rasmus)
+ . Fixed bug #61409 (Bad formatting on phpinfo()). (Jakub Vrana)
. Fixed bug #60222 (time_nanosleep() does validate input params). (Ilia)
. Fixed bug #60106 (stream_socket_server silently truncates long unix socket
paths). (Ilia)
Modified: php/php-src/branches/PHP_5_4/ext/standard/info.c
===
--- php/php-src/branches/PHP_5_4/ext/standard/info.c2012-03-15 23:17:06 UTC
(rev 324288)
+++ php/php-src/branches/PHP_5_4/ext/standard/info.c2012-03-16 02:07:46 UTC
(rev 324289)
@@ -117,7 +117,7 @@
HashPosition pos;
if (!sapi_module.phpinfo_as_text) {
- php_info_printf("Registered
%s", name);
+ php_info_printf("Registered
%s", name);
} else {
php_info_printf("\nRegistered %s => ", name);
}
Modified: php/php-src/trunk/ext/standard/info.c
===
--- php/php-src/trunk/ext/standard/info.c 2012-03-15 23:17:06 UTC (rev
324288)
+++ php/php-src/trunk/ext/standard/info.c 2012-03-16 02:07:46 UTC (rev
324289)
@@ -117,7 +117,7 @@
HashPosition pos;
if (!sapi_module.phpinfo_as_text) {
- php_info_printf("Registered
%s", name);
+ php_info_printf("Registered
%s", name);
} else {
php_info_printf("\nRegistered %s => ", name);
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/ext/standard/html.c branches/PHP_5_4/ext/standard/tests/strings/bug61374.phpt trunk/ext/standard/html.c trunk/ext/standard/tests/str
cataphract Tue, 13 Mar 2012 18:08:30 +
Revision: http://svn.php.net/viewvc?view=revision&revision=324199
Log:
- Fixed bug #61374: html_entity_decode tries to decode code points that don't
exist in ISO-8859-1.
Bug: https://bugs.php.net/61374 (Assigned) html_entity_decode tries to decode
code points that don't exist in ISO-8859-1
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/ext/standard/html.c
A php/php-src/branches/PHP_5_4/ext/standard/tests/strings/bug61374.phpt
U php/php-src/trunk/ext/standard/html.c
A php/php-src/trunk/ext/standard/tests/strings/bug61374.phpt
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-03-13 16:09:42 UTC (rev 324198)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-03-13 18:08:30 UTC (rev 324199)
@@ -8,6 +8,8 @@
. "Connection: close" instead of "Connection: closed" (Gustavo)
- Core:
+ . Fixed bug #61374 (html_entity_decode tries to decode code points that don't
+exist in ISO-8859-1). (Gustavo)
. Fixed bug #61273 (call_user_func_array with more than 16333 arguments
leaks / crashes). (Laruence)
. Fixed bug #61225 (Incorect lexing of 0b00*+). (Pierrick)
Modified: php/php-src/branches/PHP_5_4/ext/standard/html.c
===
--- php/php-src/branches/PHP_5_4/ext/standard/html.c2012-03-13 16:09:42 UTC
(rev 324198)
+++ php/php-src/branches/PHP_5_4/ext/standard/html.c2012-03-13 18:08:30 UTC
(rev 324199)
@@ -1004,8 +1004,9 @@
/* && code2 == '\0' always true for current
maps */)
goto invalid_code;
- /* deal with encodings other than utf-8/iso-8859-1 */
- if (!CHARSET_UNICODE_COMPAT(charset)) {
+ /* UTF-8 doesn't need mapping (ISO-8859-1 doesn't either, but
+* the call is needed to ensure the codepoint <= U+00FF) */
+ if (charset != cs_utf_8) {
/* replace unicode code point */
if (map_from_unicode(code, charset, &code) == FAILURE
|| code2 != 0)
goto invalid_code; /* not representable in
target charset */
Added: php/php-src/branches/PHP_5_4/ext/standard/tests/strings/bug61374.phpt
===
--- php/php-src/branches/PHP_5_4/ext/standard/tests/strings/bug61374.phpt
(rev 0)
+++ php/php-src/branches/PHP_5_4/ext/standard/tests/strings/bug61374.phpt
2012-03-13 18:08:30 UTC (rev 324199)
@@ -0,0 +1,7 @@
+--TEST--
+Bug #61374: html_entity_decode tries to decode code points that don't exist in
ISO-8859-1
+--FILE--
+--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS
pajoye Tue, 13 Mar 2012 12:55:33 + Revision: http://svn.php.net/viewvc?view=revision&revision=324185 Log: - add CVE Changed paths: U php/php-src/branches/PHP_5_4/NEWS Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2012-03-13 11:03:09 UTC (rev 324184) +++ php/php-src/branches/PHP_5_4/NEWS 2012-03-13 12:55:33 UTC (rev 324185) @@ -317,9 +317,9 @@ been added. (Scott) . Added http_response_code() function. FR #52555. (Paul Dragoonis, Kalle) . Fixed bug #55500 (Corrupted $_FILES indices lead to security concern). -(Stas) +(CVE-2012-1172). (Stas) . Fixed bug #54374 (Insufficient validating of upload name leading to -corrupted $_FILES indices). (Stas, lekensteyn at gmail dot com) +corrupted $_FILES indices). (CVE-2012-1172). (Stas, lekensteyn at gmail dot com) - Improved CLI SAPI: . Added built-in web server that is intended for testing purpose. -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS
rasmus Mon, 12 Mar 2012 15:21:15 + Revision: http://svn.php.net/viewvc?view=revision&revision=324160 Log: Remove reference to "default_charset" here since the it isn't really about the ini option at all. That only comes into play when you force it by passing and empty encoding string to those functions. Changed paths: U php/php-src/branches/PHP_5_4/NEWS Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2012-03-12 14:52:02 UTC (rev 324159) +++ php/php-src/branches/PHP_5_4/NEWS 2012-03-12 15:21:15 UTC (rev 324160) @@ -168,8 +168,8 @@ . Changed error handlers to only generate docref links when the docref_root php.ini setting is not empty. (Derick) . Changed silent conversion of array to string to produce a notice. (Patrick) - . Changed default value of "default_charset" php.ini option from ISO-8859-1 to -UTF-8. (Rasmus) + . Changed default encoding from ISO-8859-1 to UTF-8 when not specified in +htmlspecialchars and htmlentities. (Rasmus) . Changed casting of null/''/false into an Object when adding a property from E_STRICT into a warning. (Scott) . Changed E_ALL to include E_STRICT. (Stas) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS
laruence Sun, 11 Mar 2012 09:07:02 + Revision: http://svn.php.net/viewvc?view=revision&revision=324101 Log: Same wrong order here Changed paths: U php/php-src/branches/PHP_5_4/NEWS Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2012-03-11 09:06:12 UTC (rev 324100) +++ php/php-src/branches/PHP_5_4/NEWS 2012-03-11 09:07:02 UTC (rev 324101) @@ -61,10 +61,10 @@ object). (Laruence) - PDO_mysql + . Fixed bug #61207 (PDO::nextRowset() after a multi-statement query doesn't +always work). (Johannes) . Fixed bug #61194 (PDO should export compression flag with myslqnd). (Johannes) - . Fixed bug #61207 (PDO::nextRowset() after a multi-statement query doesn't -always work). (Johannes) - Phar . Fixed bug #61184 (Phar::webPhar() generates headers with trailing NUL -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/sapi/cli/php_cli_server.c branches/PHP_5_4/sapi/cli/tests/php_cli_server_017.phpt trunk/sapi/cli/php_cli_server.c trunk/sapi/cli/tes
laruence Sun, 11 Mar 2012 08:56:14 +
Revision: http://svn.php.net/viewvc?view=revision&revision=324098
Log:
Implemented FR #60850 (Built in web server does not set
$_SERVER['SCRIPT_FILENAME'] when using router)
Bug: https://bugs.php.net/60850 (Open) Built in web server does not set
$_SERVER['SCRIPT_FILENAME'] when using router
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c
A php/php-src/branches/PHP_5_4/sapi/cli/tests/php_cli_server_017.phpt
U php/php-src/trunk/sapi/cli/php_cli_server.c
A php/php-src/trunk/sapi/cli/tests/php_cli_server_017.phpt
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-03-11 08:41:40 UTC (rev 324097)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-03-11 08:56:14 UTC (rev 324098)
@@ -4,6 +4,8 @@
- CLI Server:
. "Connection: close" instead of "Connection: closed" (Gustavo)
+ . Implemented FR #60850 (Built in web server does not set
+$_SERVER['SCRIPT_FILENAME'] when using router). (Laruence)
- Core:
. Fixed bug #61225 (Incorect lexing of 0b00*+). (Pierrick)
Modified: php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c
===
--- php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c 2012-03-11
08:41:40 UTC (rev 324097)
+++ php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c 2012-03-11
08:56:14 UTC (rev 324098)
@@ -599,6 +599,11 @@
sapi_cli_server_register_variable(track_vars_array, "SCRIPT_NAME",
client->request.vpath TSRMLS_CC);
if (SG(request_info).path_translated) {
sapi_cli_server_register_variable(track_vars_array,
"SCRIPT_FILENAME", SG(request_info).path_translated TSRMLS_CC);
+ } else if (client->server->router) {
+ char *temp;
+ spprintf(&temp, 0, "%s/%s", client->server->document_root,
client->server->router);
+ sapi_cli_server_register_variable(track_vars_array,
"SCRIPT_FILENAME", temp TSRMLS_CC);
+ efree(temp);
}
if (client->request.path_info) {
sapi_cli_server_register_variable(track_vars_array,
"PATH_INFO", client->request.path_info TSRMLS_CC);
Added: php/php-src/branches/PHP_5_4/sapi/cli/tests/php_cli_server_017.phpt
===
--- php/php-src/branches/PHP_5_4/sapi/cli/tests/php_cli_server_017.phpt
(rev 0)
+++ php/php-src/branches/PHP_5_4/sapi/cli/tests/php_cli_server_017.phpt
2012-03-11 08:56:14 UTC (rev 324098)
@@ -0,0 +1,44 @@
+--TEST--
+Implement Req #60850 (Built in web server does not set
$_SERVER['SCRIPT_FILENAME'] when using router)
+--SKIPIF--
+
+--FILE--
+
+--EXPECTF--
+HTTP/1.1 200 OK
+Host: %s
+Connection: close
+X-Powered-By: %s
+Content-type: text/html
+
+string(%d) "%s/tests/index.php"
Modified: php/php-src/trunk/sapi/cli/php_cli_server.c
===
--- php/php-src/trunk/sapi/cli/php_cli_server.c 2012-03-11 08:41:40 UTC (rev
324097)
+++ php/php-src/trunk/sapi/cli/php_cli_server.c 2012-03-11 08:56:14 UTC (rev
324098)
@@ -599,6 +599,11 @@
sapi_cli_server_register_variable(track_vars_array, "SCRIPT_NAME",
client->request.vpath TSRMLS_CC);
if (SG(request_info).path_translated) {
sapi_cli_server_register_variable(track_vars_array,
"SCRIPT_FILENAME", SG(request_info).path_translated TSRMLS_CC);
+ } else if (client->server->router) {
+ char *temp;
+ spprintf(&temp, 0, "%s/%s", client->server->document_root,
client->server->router);
+ sapi_cli_server_register_variable(track_vars_array,
"SCRIPT_FILENAME", temp TSRMLS_CC);
+ efree(temp);
}
if (client->request.path_info) {
sapi_cli_server_register_variable(track_vars_array,
"PATH_INFO", client->request.path_info TSRMLS_CC);
Added: php/php-src/trunk/sapi/cli/tests/php_cli_server_017.phpt
===
--- php/php-src/trunk/sapi/cli/tests/php_cli_server_017.phpt
(rev 0)
+++ php/php-src/trunk/sapi/cli/tests/php_cli_server_017.phpt2012-03-11
08:56:14 UTC (rev 324098)
@@ -0,0 +1,44 @@
+--TEST--
+Implement Req #60850 (Built in web server does not set
$_SERVER['SCRIPT_FILENAME'] when using router)
+--SKIPIF--
+
+--FILE--
+
+--EXPECTF--
+HTTP/1.1 200 OK
+Host: %s
+Connection: close
+X-Powered-By: %s
+Content-type: text/html
+
+string(%d) "%s/tests/index.php"
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS
cataphract Wed, 07 Mar 2012 19:47:18 + Revision: http://svn.php.net/viewvc?view=revision&revision=324008 Log: - Updated NEWS with news of bug #61306 having been resolved (see r323988). - Tidied up NEWS Bug: https://bugs.php.net/61306 (Assigned) Segfault at end of request Changed paths: U php/php-src/branches/PHP_5_4/NEWS Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2012-03-07 17:34:24 UTC (rev 324007) +++ php/php-src/branches/PHP_5_4/NEWS 2012-03-07 19:47:18 UTC (rev 324008) @@ -2,35 +2,34 @@ ||| ?? ??? 2012, PHP 5.4.1 RC1 -- Array: - . Fixed bug #52719 (array_walk_recursive crashes if third param of the -function is by reference). (Nikita Popov) - . Fixed bug #61058 (array_fill leaks if start index is PHP_INT_MAX). -(Laruence) - - CLI Server: . "Connection: close" instead of "Connection: closed" (Gustavo) - Core: - . Fixed bug #60573 (type hinting with "self" keyword causes weird errors). + . Fixed bug #61225 (Incorect lexing of 0b00*+). (Pierrick) + . Fixed bug #61165 (Segfault - strip_tags()). (Laruence) + . Fixed bug #61106 (Segfault when using header_register_callback). (Nikita +Popov) + . Fixed bug #61087 (Memory leak in parse_ini_file when specifying +invalid scanner mode). (Nikic, Laruence) + . Fixed bug #61072 (Memory leak when restoring an exception handler). +(Nikic, Laruence) + . Fixed bug #61058 (array_fill leaks if start index is PHP_INT_MAX). (Laruence) + . Fixed bug #61052 (Missing error check in trait 'insteadof' clause). (Stefan) + . Fixed bug #61011 (Crash when an exception is thrown by __autoload +accessing a static property). (Laruence) + . Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical +vars). (Laruence) + . Fixed bug #60978 (exit code incorrect). (Laruence) + . Fixed bug #60911 (Confusing error message when extending traits). (Stefan) + . Fixed bug #60801 (strpbrk() mishandles NUL byte). (Adam) . Fixed bug #60717 (Order of traits in use statement can cause a fatal error). (Stefan) - . Fixed bug #60801 (strpbrk() mishandles NUL byte). (Adam) - . Fixed bug #60911 (Confusing error message when extending traits). (Stefan) - . Fixed bug #60978 (exit code incorrect). (Laruence) - . Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical -vars). (Laruence) - . Fixed bug #61011 (Crash when an exception is thrown by __autoload -accessing a static property). (Laruence) - . Fixed bug #61052 (Missing error check in trait 'insteadof' clause). (Stefan) - . Fixed bug #61072 (Memory leak when restoring an exception handler). -(Nikic, Laruence) - . Fixed bug #61087 (Memory leak in parse_ini_file when specifying -invalid scanner mode). (Nikic, Laruence) - . Fixed bug #61106 (Segfault when using header_register_callback). (Nikita Popov) - . Fixed bug #61165 (Segfault - strip_tags()). (Laruence) - . Fixed bug #61225 (Incorect lexing of 0b00*+). (Pierrick) + . Fixed bug #60573 (type hinting with "self" keyword causes weird errors). +(Laruence) + . Fixed bug #52719 (array_walk_recursive crashes if third param of the +function is by reference). (Nikita Popov) - Installation . Fixed bug #61172 (Add Apache 2.4 support). (Chris Jones) @@ -70,15 +69,19 @@ - Standard: . Fixed memory leak in substr_replace. (Pierrick) . Make max_file_uploads ini directive settable outside of php.ini (Rasmus) - . Fixed bug #60106 (stream_socket_server silently truncates long unix socket paths). (Ilia) + . Fixed bug #60106 (stream_socket_server silently truncates long unix socket +paths). (Ilia) - XMLRPC: - . Fixed bug #61097 (Memory leak in xmlrpc functions copying zvals). (Nikita Popov) - . Fixed bug #61264 (xmlrpc_parse_method_descriptions leaks temporary variable). (Nikita Popov) + . Fixed bug #61264 (xmlrpc_parse_method_descriptions leaks temporary +variable). (Nikita Popov) + . Fixed bug #61097 (Memory leak in xmlrpc functions copying zvals). (Nikita +Popov) - Zlib: + . Fixed bug #61306 (initialization of global inappropriate for ZTS). (Gustavo) + . Fixed bug #61287 (A particular string fails to decompress). (Mike) . Fixed bug #61139 (gzopen leaks when specifying invalid mode). (Nikita Popov) - . Fixed bug #61287 (A particular string fails to decompress). (Mike) 01 Mar 2012, PHP 5.4.0 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/ext/pdo/pdo_dbh.c trunk/ext/pdo/pdo_dbh.c
laruence Tue, 06 Mar 2012 03:45:27 + Revision: http://svn.php.net/viewvc?view=revision&revision=323935 Log: Fixed bug #61292 (Segfault while calling a method on an overloaded PDO object) Bug: https://bugs.php.net/61292 (Verified) Segfault while calling a method on an overloaded PDO object. Changed paths: U php/php-src/branches/PHP_5_4/NEWS U php/php-src/branches/PHP_5_4/ext/pdo/pdo_dbh.c U php/php-src/trunk/ext/pdo/pdo_dbh.c Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2012-03-06 02:21:04 UTC (rev 323934) +++ php/php-src/branches/PHP_5_4/NEWS 2012-03-06 03:45:27 UTC (rev 323935) @@ -49,6 +49,10 @@ . Fixed bug #60887 (SoapClient ignores user_agent option and sends no User-Agent header). (carloschilazo at gmail dot com) +- PDO + . Fixed bug #61292 (Segfault while calling a method on an overloaded PDO +object). (Laruence) + - PDO_mysql . Fixed bug #61207 (PDO::nextRowset() after a multi-statement query doesn't always work). (Johannes) Modified: php/php-src/branches/PHP_5_4/ext/pdo/pdo_dbh.c === --- php/php-src/branches/PHP_5_4/ext/pdo/pdo_dbh.c 2012-03-06 02:21:04 UTC (rev 323934) +++ php/php-src/branches/PHP_5_4/ext/pdo/pdo_dbh.c 2012-03-06 03:45:27 UTC (rev 323935) @@ -343,6 +343,7 @@ pdbh->def_stmt_ce = dbh->def_stmt_ce; pdbh->def_stmt_ctor_args = dbh->def_stmt_ctor_args; pdbh->std.properties = dbh->std.properties; + pdbh->std.properties_table = dbh->std.properties_table; } /* kill the non-persistent thingamy */ efree(dbh); Modified: php/php-src/trunk/ext/pdo/pdo_dbh.c === --- php/php-src/trunk/ext/pdo/pdo_dbh.c 2012-03-06 02:21:04 UTC (rev 323934) +++ php/php-src/trunk/ext/pdo/pdo_dbh.c 2012-03-06 03:45:27 UTC (rev 323935) @@ -343,6 +343,7 @@ pdbh->def_stmt_ce = dbh->def_stmt_ce; pdbh->def_stmt_ctor_args = dbh->def_stmt_ctor_args; pdbh->std.properties = dbh->std.properties; + pdbh->std.properties_table = dbh->std.properties_table; } /* kill the non-persistent thingamy */ efree(dbh); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/zlib/php_zlib.h ext/zlib/tests/bug61287.phpt ext/zlib/zlib.c
mike Mon, 05 Mar 2012 15:38:24 +
Revision: http://svn.php.net/viewvc?view=revision&revision=323917
Log:
MFH: Fixed bug #61287 (A particular string fails to decompress)
Bug: https://bugs.php.net/61287 (Assigned) A particular string fails to
decompress
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/ext/zlib/php_zlib.h
A + php/php-src/branches/PHP_5_4/ext/zlib/tests/bug61287.phpt
(from php/php-src/trunk/ext/zlib/tests/bug61287.phpt:r323916)
U php/php-src/branches/PHP_5_4/ext/zlib/zlib.c
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-03-05 15:35:22 UTC (rev 323916)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-03-05 15:38:24 UTC (rev 323917)
@@ -61,6 +61,7 @@
- Zlib:
. Fixed bug #61139 (gzopen leaks when specifying invalid mode). (Nikita
Popov)
+ . Fixed bug #61287 (A particular string fails to decompress). (Mike)
01 Mar 2012, PHP 5.4.0
Modified: php/php-src/branches/PHP_5_4/ext/zlib/php_zlib.h
===
--- php/php-src/branches/PHP_5_4/ext/zlib/php_zlib.h2012-03-05 15:35:22 UTC
(rev 323916)
+++ php/php-src/branches/PHP_5_4/ext/zlib/php_zlib.h2012-03-05 15:38:24 UTC
(rev 323917)
@@ -65,6 +65,7 @@
#define phpext_zlib_ptr zlib_module_ptr
#ifdef ZTS
+# include "TSRM.h"
# define ZLIBG(v) TSRMG(zlib_globals_id, zend_zlib_globals *, v)
#else
# define ZLIBG(v) (zlib_globals.v)
Copied: php/php-src/branches/PHP_5_4/ext/zlib/tests/bug61287.phpt (from rev
323916, php/php-src/trunk/ext/zlib/tests/bug61287.phpt)
===
--- php/php-src/branches/PHP_5_4/ext/zlib/tests/bug61287.phpt
(rev 0)
+++ php/php-src/branches/PHP_5_4/ext/zlib/tests/bug61287.phpt 2012-03-05
15:38:24 UTC (rev 323917)
@@ -0,0 +1,24 @@
+--TEST--
+bug #61287 - inflate needs the terminating null byte
+--SKIPIF--
+ 1,
+'discipline' => 23,
+'degrees' => array(),
+'country_id' => 27
+);
+
+$serialized = serialize($array);
+
+$deflated = gzdeflate($serialized, 9);
+$inflated = gzinflate($deflated);
+
+echo strlen($inflated),"\n";
+?>
+Done
+--EXPECT--
+92
+Done
Modified: php/php-src/branches/PHP_5_4/ext/zlib/zlib.c
===
--- php/php-src/branches/PHP_5_4/ext/zlib/zlib.c2012-03-05 15:35:22 UTC
(rev 323916)
+++ php/php-src/branches/PHP_5_4/ext/zlib/zlib.c2012-03-05 15:38:24 UTC
(rev 323917)
@@ -400,7 +400,7 @@
status = inflateInit2(&Z, encoding);
if (Z_OK == status) {
Z.next_in = (Bytef *) in_buf;
- Z.avail_in = in_len;
+ Z.avail_in = in_len + 1; /* NOTE: data must be zero
terminated */
switch (status = php_zlib_inflate_rounds(&Z, max_len,
out_buf, out_len)) {
case Z_STREAM_END:
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/tests/traits/bug61052.phpt branches/PHP_5_4/Zend/zend_compile.c trunk/Zend/tests/traits/bug61052.phpt trunk/Zend/zend_compile.c
gron Sun, 04 Mar 2012 19:34:19 +
Revision: http://svn.php.net/viewvc?view=revision&revision=323898
Log:
Fixed Bug #61052 (Missing error check in trait 'insteadof' clause)
Bug: https://bugs.php.net/61052 (Assigned) missing error check in trait
'insteadof' clause
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
A php/php-src/branches/PHP_5_4/Zend/tests/traits/bug61052.phpt
U php/php-src/branches/PHP_5_4/Zend/zend_compile.c
A php/php-src/trunk/Zend/tests/traits/bug61052.phpt
U php/php-src/trunk/Zend/zend_compile.c
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-03-04 19:30:01 UTC (rev 323897)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-03-04 19:34:19 UTC (rev 323898)
@@ -23,6 +23,7 @@
vars). (Laruence)
. Fixed bug #61011 (Crash when an exception is thrown by __autoload
accessing a static property). (Laruence)
+ . Fixed bug #61052 (Missing error check in trait 'insteadof' clause).
(Stefan)
. Fixed bug #61072 (Memory leak when restoring an exception handler).
(Nikic, Laruence)
. Fixed bug #61087 (Memory leak in parse_ini_file when specifying
Added: php/php-src/branches/PHP_5_4/Zend/tests/traits/bug61052.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/traits/bug61052.phpt
(rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/traits/bug61052.phpt
2012-03-04 19:34:19 UTC (rev 323898)
@@ -0,0 +1,18 @@
+--TEST--
+Bug #61052 (missing error check in trait 'insteadof' clause)
+--FILE--
+exclude_from_classes[j])
{
char* class_name =
(char*)cur_precedence->exclude_from_classes[j];
zend_uint name_length =
strlen(class_name);
cur_precedence->exclude_from_classes[j]
= zend_fetch_class(class_name, name_length, ZEND_FETCH_CLASS_TRAIT TSRMLS_CC);
+
+ /* make sure that the trait method is
not from a class mentioned in
+exclude_from_classes, for consistency
*/
+ if (cur_precedence->trait_method->ce ==
cur_precedence->exclude_from_classes[i]) {
+ zend_error(E_COMPILE_ERROR,
+
"Inconsistent insteadof definition. "
+ "The method
%s is to be used from %s, but %s is also on the exclude list",
+
cur_method_ref->method_name,
+
cur_precedence->trait_method->ce->name,
+
cur_precedence->trait_method->ce->name);
+ }
+
efree(class_name);
j++;
}
Added: php/php-src/trunk/Zend/tests/traits/bug61052.phpt
===
--- php/php-src/trunk/Zend/tests/traits/bug61052.phpt
(rev 0)
+++ php/php-src/trunk/Zend/tests/traits/bug61052.phpt 2012-03-04 19:34:19 UTC
(rev 323898)
@@ -0,0 +1,18 @@
+--TEST--
+Bug #61052 (missing error check in trait 'insteadof' clause)
+--FILE--
+exclude_from_classes[j])
{
char* class_name =
(char*)cur_precedence->exclude_from_classes[j];
zend_uint name_length =
strlen(class_name);
cur_precedence->exclude_from_classes[j]
= zend_fetch_class(class_name, name_length, ZEND_FETCH_CLASS_TRAIT TSRMLS_CC);
+
+ /* make sure that the trait method is
not from a class mentioned in
+exclude_from_classes, for consistency
*/
+ if (cur_precedence->trait_method->ce ==
cur_precedence->exclude_from_classes[i]) {
+ zend_error(E_COMPILE_ERROR,
+
"Inconsistent insteadof definition. "
+ "The method
%s is to be used from %s, but %s is also on the exclude list",
+
cur_method_ref->method_name,
+
cur_precedence->trait_method->ce->name,
+
cur_precedence->trait_method->ce->name);
+
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/tests/traits/bug55524.phpt branches/PHP_5_4/Zend/zend_compile.c trunk/Zend/tests/traits/bug55524.phpt trunk/Zend/zend_compile.c
gron Sun, 04 Mar 2012 18:33:33 +
Revision: http://svn.php.net/viewvc?view=revision&revision=323892
Log:
Fixed Bug #60911 (Confusing error message when extending traits)
Bug: https://bugs.php.net/60911 (Assigned) Confusing error message when
extending traits
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/Zend/tests/traits/bug55524.phpt
U php/php-src/branches/PHP_5_4/Zend/zend_compile.c
U php/php-src/trunk/Zend/tests/traits/bug55524.phpt
U php/php-src/trunk/Zend/zend_compile.c
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-03-04 18:26:11 UTC (rev 323891)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-03-04 18:33:33 UTC (rev 323892)
@@ -17,6 +17,7 @@
. Fixed bug #60717 (Order of traits in use statement can cause a fatal
error). (Stefan)
. Fixed bug #60801 (strpbrk() mishandles NUL byte). (Adam)
+ . Fixed bug #60911 (Confusing error message when extending traits). (Stefan)
. Fixed bug #60978 (exit code incorrect). (Laruence)
. Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical
vars). (Laruence)
Modified: php/php-src/branches/PHP_5_4/Zend/tests/traits/bug55524.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/traits/bug55524.phpt
2012-03-04 18:26:11 UTC (rev 323891)
+++ php/php-src/branches/PHP_5_4/Zend/tests/traits/bug55524.phpt
2012-03-04 18:33:33 UTC (rev 323892)
@@ -12,4 +12,4 @@
echo 'DONE';
?>
--EXPECTF--
-Fatal error: A trait (Foo) cannot extend a class in %s on line %d
+Fatal error: A trait (Foo) cannot extend a class. Traits can only be composed
from other traits with the 'use' keyword. Error in %s on line %d
Modified: php/php-src/branches/PHP_5_4/Zend/zend_compile.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_compile.c2012-03-04 18:26:11 UTC
(rev 323891)
+++ php/php-src/branches/PHP_5_4/Zend/zend_compile.c2012-03-04 18:33:33 UTC
(rev 323892)
@@ -4995,7 +4995,7 @@
if (doing_inheritance) {
/* Make sure a trait does not try to extend a class */
if ((new_class_entry->ce_flags & ZEND_ACC_TRAIT) == ZEND_ACC_TRAIT) {
- zend_error(E_COMPILE_ERROR, "A trait (%s) cannot extend a class",
new_class_entry->name);
+ zend_error(E_COMPILE_ERROR, "A trait (%s) cannot extend a class.
Traits can only be composed from other traits with the 'use' keyword. Error",
new_class_entry->name);
}
opline->extended_value = parent_class_name->u.op.var;
Modified: php/php-src/trunk/Zend/tests/traits/bug55524.phpt
===
--- php/php-src/trunk/Zend/tests/traits/bug55524.phpt 2012-03-04 18:26:11 UTC
(rev 323891)
+++ php/php-src/trunk/Zend/tests/traits/bug55524.phpt 2012-03-04 18:33:33 UTC
(rev 323892)
@@ -12,4 +12,4 @@
echo 'DONE';
?>
--EXPECTF--
-Fatal error: A trait (Foo) cannot extend a class in %s on line %d
+Fatal error: A trait (Foo) cannot extend a class. Traits can only be composed
from other traits with the 'use' keyword. Error in %s on line %d
Modified: php/php-src/trunk/Zend/zend_compile.c
===
--- php/php-src/trunk/Zend/zend_compile.c 2012-03-04 18:26:11 UTC (rev
323891)
+++ php/php-src/trunk/Zend/zend_compile.c 2012-03-04 18:33:33 UTC (rev
323892)
@@ -4995,7 +4995,7 @@
if (doing_inheritance) {
/* Make sure a trait does not try to extend a class */
if ((new_class_entry->ce_flags & ZEND_ACC_TRAIT) == ZEND_ACC_TRAIT) {
- zend_error(E_COMPILE_ERROR, "A trait (%s) cannot extend a class",
new_class_entry->name);
+ zend_error(E_COMPILE_ERROR, "A trait (%s) cannot extend a class.
Traits can only be composed from other traits with the 'use' keyword. Error",
new_class_entry->name);
}
opline->extended_value = parent_class_name->u.op.var;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/tests/traits/bug60717.phpt branches/PHP_5_4/Zend/tests/traits/bugs/abstract-methods06.phpt branches/PHP_5_4/Zend/zend_compile.c
gron Sun, 04 Mar 2012 18:26:11 +
Revision: http://svn.php.net/viewvc?view=revision&revision=323891
Log:
Fixed Bug #60717 (Order of traits in use statement can cause a fatal error)
# Compatibility is now correctly checked in both directions.
# Introduced helper method for the test.
Bug: https://bugs.php.net/60717 (Assigned) Order of traits in use statement can
cause a fatal error
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
A php/php-src/branches/PHP_5_4/Zend/tests/traits/bug60717.phpt
U
php/php-src/branches/PHP_5_4/Zend/tests/traits/bugs/abstract-methods06.phpt
U php/php-src/branches/PHP_5_4/Zend/zend_compile.c
A php/php-src/trunk/Zend/tests/traits/bug60717.phpt
U php/php-src/trunk/Zend/tests/traits/bugs/abstract-methods06.phpt
U php/php-src/trunk/Zend/zend_compile.c
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-03-04 17:21:16 UTC (rev 323890)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-03-04 18:26:11 UTC (rev 323891)
@@ -14,6 +14,8 @@
- Core:
. Fixed bug #60573 (type hinting with "self" keyword causes weird errors).
(Laruence)
+ . Fixed bug #60717 (Order of traits in use statement can cause a fatal
+error). (Stefan)
. Fixed bug #60801 (strpbrk() mishandles NUL byte). (Adam)
. Fixed bug #60978 (exit code incorrect). (Laruence)
. Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical
Added: php/php-src/branches/PHP_5_4/Zend/tests/traits/bug60717.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/traits/bug60717.phpt (rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/traits/bug60717.phpt 2012-03-04 18:26:11 UTC (rev 323891)
@@ -0,0 +1,73 @@
+--TEST--
+Bug #60717 (Order of traits in use statement can cause unexpected unresolved abstract method)
+--FILE--
+
--EXPECTF--
-Fatal error: Declaration of THelloB::hello() must be compatible with THelloA::hello($a) in %s on line %d
\ No newline at end of file
+Fatal error: Declaration of THelloA::hello($a) must be compatible with THelloB::hello() in %s on line %d
\ No newline at end of file
Modified: php/php-src/branches/PHP_5_4/Zend/zend_compile.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_compile.c 2012-03-04 17:21:16 UTC (rev 323890)
+++ php/php-src/branches/PHP_5_4/Zend/zend_compile.c 2012-03-04 18:26:11 UTC (rev 323891)
@@ -3623,6 +3623,18 @@
}
/* }}} */
+static zend_bool zend_traits_method_compatibility_check(zend_function *fn, zend_function *other_fn TSRMLS_DC) /* {{{ */
+{
+ zend_uintfn_flags = fn->common.scope->ce_flags;
+ zend_uint other_flags = other_fn->common.scope->ce_flags;
+
+ return zend_do_perform_implementation_check(fn, other_fn TSRMLS_CC)
+ && zend_do_perform_implementation_check(other_fn, fn TSRMLS_CC)
+ && ((fn_flags & ZEND_ACC_FINAL) == (other_flags & ZEND_ACC_FINAL)) /* equal final qualifier */
+ && ((fn_flags & ZEND_ACC_STATIC)== (other_flags & ZEND_ACC_STATIC)); /* equal static qualifier */
+}
+/* }}} */
+
static int zend_traits_merge_functions(zend_function *fn TSRMLS_DC, int num_args, va_list args, zend_hash_key *hash_key) /* {{{ */
{
size_t current;
@@ -3645,22 +3657,16 @@
if (i == current) {
continue; /* just skip this, cause its the table this function is applied on */
}
-
+
if (zend_hash_quick_find(function_tables[i], hash_key->arKey, hash_key->nKeyLength, hash_key->h, (void **)&other_trait_fn) == SUCCESS) {
/* if it is an abstract method, there is no collision */
if (other_trait_fn->common.fn_flags & ZEND_ACC_ABSTRACT) {
/* Make sure they are compatible */
-if (fn->common.fn_flags & ZEND_ACC_ABSTRACT) {
- /* In case both are abstract, just check prototype, but need to do that in both directions */
- if ( !zend_do_perform_implementation_check(fn, other_trait_fn TSRMLS_CC)
- || !zend_do_perform_implementation_check(other_trait_fn, fn TSRMLS_CC)) {
- zend_error(E_COMPILE_ERROR, "Declaration of %s must be compatible with %s", //ZEND_FN_SCOPE_NAME(fn), fn->common.function_name, //::%s()
- zend_get_function_declaration(fn TSRMLS_CC),
- zend_get_function_declaration(other_trait_fn TSRMLS_CC));
- }
-} else {
- /* otherwise, do the full check */
- do_inheritance_check_on_method(fn, other_trait_fn TSRMLS_CC);
+/* In case both are abstract, just check prototype, but need to do that in both directions */
+if (!zend_traits_method_compatibility_check(fn, other_trait_fn TSRMLS_CC)) {
+ zend_error(E_COMPILE_ERROR, "Declaration of %s must be compatible with %s",
+zend_get_function_declaration(fn TSRMLS_CC),
+zend_get_function_declaration(other_trait_fn TSRMLS_CC));
}
/* we can savely free and remove
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS
sixd Fri, 02 Mar 2012 15:46:51 + Revision: http://svn.php.net/viewvc?view=revision&revision=323823 Log: Reorder Changed paths: U php/php-src/branches/PHP_5_4/NEWS Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2012-03-02 15:43:37 UTC (rev 323822) +++ php/php-src/branches/PHP_5_4/NEWS 2012-03-02 15:46:51 UTC (rev 323823) @@ -2,43 +2,47 @@ ||| ?? ??? 2012, PHP 5.4.1 RC1 +- Array: + . Fixed bug #61058 (array_fill leaks if start index is PHP_INT_MAX). +(Laruence) + - CLI Server: . "Connection: close" instead of "Connection: closed" (Gustavo) - Core: - . Fixed bug #61225 (Incorect lexing of 0b00*+). (Pierrick) - . Fixed bug #61165 (Segfault - strip_tags()). (Laruence) + . Fixed bug #60573 (type hinting with "self" keyword causes weird errors). +(Laruence) + . Fixed bug #60801 (strpbrk() mishandles NUL byte). (Adam) + . Fixed bug #60978 (exit code incorrect). (Laruence) + . Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical +vars). (Laruence) + . Fixed bug #61011 (Crash when an exception is thrown by __autoload +accessing a static property). (Laruence) + . Fixed bug #61072 (Memory leak when restoring an exception handler). +(Nikic, Laruence) . Fixed bug #61087 (Memory leak in parse_ini_file when specifying invalid scanner mode). (Nikic, Laruence) - . Fixed bug #61072 (Memory leak when restoring an exception handler). -(Nikic, Laruence) - . Fixed bug #61011 (Crash when an exception is thrown by __autoload -accessing a static property). (Laruence) - . Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical -vars). (Laruence) - . Fixed bug #60978 (exit code incorrect). (Laruence) - . Fixed bug #60801 (strpbrk() mishandles NUL byte). (Adam) - . Fixed bug #60573 (type hinting with "self" keyword causes weird errors). -(Laruence) . Fixed bug #61106 (Segfault when using header_register_callback). (Nikita Popov) + . Fixed bug #61165 (Segfault - strip_tags()). (Laruence) + . Fixed bug #61225 (Incorect lexing of 0b00*+). (Pierrick) -- Standard: - . Fixed memory leak in substr_replace. (Pierrick) - . make max_file_uploads ini directive settable outside of php.ini (Rasmus) - - Installation . Fixed bug #61172 (Add Apache 2.4 support). (Chris Jones) +- mbstring: + . MFH mb_ereg_replace_callback() for security enhancements. (Rui) + - Phar - . Fixed bug #61184 (Phar::webPhar() generates headers with trailing NUL bytes). (Nikita Popov) + . Fixed bug #61184 (Phar::webPhar() generates headers with trailing NUL +bytes). (Nikita Popov) - Reflection: . Fixed bug #60968 (Late static binding doesn't work with ReflectionMethod::invokeArgs()). (Laruence) -- Array: - . Fixed bug #61058 (array_fill leaks if start index is PHP_INT_MAX). -(Laruence) +- Standard: + . Fixed memory leak in substr_replace. (Pierrick) + . Make max_file_uploads ini directive settable outside of php.ini (Rasmus) - XMLRPC: . Fixed bug #61097 (Memory leak in xmlrpc functions copying zvals). (Nikita Popov) @@ -46,9 +50,6 @@ - Zlib: . Fixed bug #61139 (gzopen leaks when specifying invalid mode). (Nikita Popov) -- mbstring: - . MFH mb_ereg_replace_callback() for security enhancements. (Rui) - 01 Mar 2012, PHP 5.4.0 - Installation: -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/mbstring/mbstring.c ext/mbstring/php_mbregex.c ext/mbstring/php_mbregex.h ext/mbstring/tests/mb_ereg_replace_callback.phpt
hirokawa Fri, 02 Mar 2012 14:19:05 +
Revision: http://svn.php.net/viewvc?view=revision&revision=323820
Log:
MFH mb_ereg_replace_callback() for security enhancements.
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/ext/mbstring/mbstring.c
U php/php-src/branches/PHP_5_4/ext/mbstring/php_mbregex.c
U php/php-src/branches/PHP_5_4/ext/mbstring/php_mbregex.h
A
php/php-src/branches/PHP_5_4/ext/mbstring/tests/mb_ereg_replace_callback.phpt
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-03-02 14:16:47 UTC (rev 323819)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-03-02 14:19:05 UTC (rev 323820)
@@ -46,6 +46,9 @@
- Zlib:
. Fixed bug #61139 (gzopen leaks when specifying invalid mode). (Nikita Popov)
+- mbstring:
+ . MFH mb_ereg_replace_callback() for security enhancements. (Rui)
+
01 Mar 2012, PHP 5.4.0
- Installation:
Modified: php/php-src/branches/PHP_5_4/ext/mbstring/mbstring.c
===
--- php/php-src/branches/PHP_5_4/ext/mbstring/mbstring.c 2012-03-02 14:16:47 UTC (rev 323819)
+++ php/php-src/branches/PHP_5_4/ext/mbstring/mbstring.c 2012-03-02 14:19:05 UTC (rev 323820)
@@ -467,6 +467,13 @@
ZEND_ARG_INFO(0, string)
ZEND_END_ARG_INFO()
+ZEND_BEGIN_ARG_INFO_EX(arginfo_mb_ereg_replace_callback, 0, 0, 3)
+ ZEND_ARG_INFO(0, pattern)
+ ZEND_ARG_INFO(0, callback)
+ ZEND_ARG_INFO(0, string)
+ ZEND_ARG_INFO(0, option)
+ZEND_END_ARG_INFO()
+
ZEND_BEGIN_ARG_INFO_EX(arginfo_mb_split, 0, 0, 2)
ZEND_ARG_INFO(0, pattern)
ZEND_ARG_INFO(0, string)
Modified: php/php-src/branches/PHP_5_4/ext/mbstring/php_mbregex.c
===
--- php/php-src/branches/PHP_5_4/ext/mbstring/php_mbregex.c 2012-03-02 14:16:47 UTC (rev 323819)
+++ php/php-src/branches/PHP_5_4/ext/mbstring/php_mbregex.c 2012-03-02 14:19:05 UTC (rev 323820)
@@ -784,7 +784,7 @@
/* }}} */
/* {{{ _php_mb_regex_ereg_replace_exec */
-static void _php_mb_regex_ereg_replace_exec(INTERNAL_FUNCTION_PARAMETERS, OnigOptionType options)
+static void _php_mb_regex_ereg_replace_exec(INTERNAL_FUNCTION_PARAMETERS, OnigOptionType options, int is_callable)
{
zval **arg_pattern_zval;
@@ -794,6 +794,9 @@
char *replace;
int replace_len;
+ zend_fcall_info arg_replace_fci;
+ zend_fcall_info_cache arg_replace_fci_cache;
+
char *string;
int string_len;
@@ -826,12 +829,22 @@
char *option_str = NULL;
int option_str_len = 0;
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "Zss|s",
- &arg_pattern_zval,
- &replace, &replace_len,
- &string, &string_len,
- &option_str, &option_str_len) == FAILURE) {
- RETURN_FALSE;
+ if (!is_callable) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "Zss|s",
+ &arg_pattern_zval,
+ &replace, &replace_len,
+ &string, &string_len,
+ &option_str, &option_str_len) == FAILURE) {
+RETURN_FALSE;
+ }
+ } else {
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "Zfs|s",
+ &arg_pattern_zval,
+ &arg_replace_fci, &arg_replace_fci_cache,
+ &string, &string_len,
+ &option_str, &option_str_len) == FAILURE) {
+RETURN_FALSE;
+ }
}
if (option_str != NULL) {
@@ -859,7 +872,7 @@
RETURN_FALSE;
}
- if (eval) {
+ if (eval || is_callable) {
pbuf = &eval_buf;
description = zend_make_compiled_string_description("mbregex replace" TSRMLS_CC);
} else {
@@ -867,6 +880,13 @@
description = NULL;
}
+ if (is_callable) {
+ if (eval) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Option 'e' cannot be used with replacement callback");
+ RETURN_FALSE;
+ }
+ }
+
/* do the actual work */
err = 0;
pos = (OnigUChar *)string;
@@ -889,28 +909,32 @@
#endif
/* copy the part of the string before the match */
smart_str_appendl(&out_buf, pos, (size_t)((OnigUChar *)(string + regs->beg[0]) - pos));
- /* copy replacement and backrefs */
- i = 0;
- p = replace;
- while (i < replace_len) {
-int fwd = (int) php_mb_mbchar_bytes_ex(p, enc);
-n = -1;
-if ((replace_len - i) >= 2 && fwd == 1 &&
+
+ if (!is_callable) {
+/* copy replacement and backrefs */
+i = 0;
+p = replace;
+while (i < replace_len) {
+ int fwd = (int) php_mb_mbchar_bytes_ex(p, enc);
+ n = -1;
+ if ((replace_len - i) >= 2 && fwd == 1 &&
p[0] == '\\' && p[1] >= '0' && p[1] <= '9') {
- n = p[1] - '0';
-}
-if (n >= 0 && n < regs->num_regs) {
- if (regs->beg[n] >= 0 && regs->beg[n] < regs->end[n] && regs->end[n] <= string_len) {
- smart_str_appendl(pbuf, string + regs->beg[n], regs->end[n] - regs->beg[n]);
+ n = p[1] - '0';
}
- p += 2;
- i += 2;
-} else {
- smart_str_appendl(pbuf, p, fwd);
- p += fwd;
- i += fwd;
+ if (n >= 0 && n <
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/zlib/tests/bug61139.phpt ext/zlib/zlib_fopen_wrapper.c
nikicFri, 02 Mar 2012 14:16:47 +
Revision: http://svn.php.net/viewvc?view=revision&revision=323819
Log:
Merge: Fix bug #61139: gzopen leaks when specifying invalid mode
Bug: https://bugs.php.net/61139 (Assigned) gzopen leaks when specifying invalid
mode
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
A php/php-src/branches/PHP_5_4/ext/zlib/tests/bug61139.phpt
U php/php-src/branches/PHP_5_4/ext/zlib/zlib_fopen_wrapper.c
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-03-02 14:08:11 UTC (rev 323818)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-03-02 14:16:47 UTC (rev 323819)
@@ -43,6 +43,9 @@
- XMLRPC:
. Fixed bug #61097 (Memory leak in xmlrpc functions copying zvals). (Nikita
Popov)
+- Zlib:
+ . Fixed bug #61139 (gzopen leaks when specifying invalid mode). (Nikita
Popov)
+
01 Mar 2012, PHP 5.4.0
- Installation:
Added: php/php-src/branches/PHP_5_4/ext/zlib/tests/bug61139.phpt
===
--- php/php-src/branches/PHP_5_4/ext/zlib/tests/bug61139.phpt
(rev 0)
+++ php/php-src/branches/PHP_5_4/ext/zlib/tests/bug61139.phpt 2012-03-02
14:16:47 UTC (rev 323819)
@@ -0,0 +1,14 @@
+--TEST--
+Bug #61139 (gzopen leaks when specifying invalid mode)
+--SKIPIF--
+
+--FILE--
+gz_file = gzdopen(dup(fd), mode);
+ self = emalloc(sizeof(*self));
self->stream = innerstream;
- if (self->gz_file) {
+ self->gz_file = gzdopen(dup(fd), mode);
+
+ if (self->gz_file) {
stream =
php_stream_alloc_rel(&php_stream_gzio_ops, self, 0, mode);
if (stream) {
stream->flags |=
PHP_STREAM_FLAG_NO_BUFFER;
return stream;
}
+
gzclose(self->gz_file);
}
+
+ efree(self);
if (options & REPORT_ERRORS) {
php_error_docref(NULL TSRMLS_CC, E_WARNING,
"gzopen failed");
}
- } else if (innerstream) {
- php_stream_close(innerstream);
}
- }
- if (stream) {
- php_stream_close(stream);
+ php_stream_close(innerstream);
}
-
- if (self) {
- efree(self);
- }
-
+
return NULL;
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/xmlrpc/tests/bug61097.phpt ext/xmlrpc/xmlrpc-epi-php.c
nikicFri, 02 Mar 2012 14:08:11 +
Revision: http://svn.php.net/viewvc?view=revision&revision=323818
Log:
Merge: Fix bug #61097: Memory leak in xmlrpc functions copying zvals
Bug: https://bugs.php.net/61097 (Assigned) Memory leak in xmlrpc functions
copying zvals
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
A php/php-src/branches/PHP_5_4/ext/xmlrpc/tests/bug61097.phpt
U php/php-src/branches/PHP_5_4/ext/xmlrpc/xmlrpc-epi-php.c
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-03-02 13:17:32 UTC (rev 323817)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-03-02 14:08:11 UTC (rev 323818)
@@ -40,6 +40,9 @@
. Fixed bug #61058 (array_fill leaks if start index is PHP_INT_MAX).
(Laruence)
+- XMLRPC:
+ . Fixed bug #61097 (Memory leak in xmlrpc functions copying zvals). (Nikita
Popov)
+
01 Mar 2012, PHP 5.4.0
- Installation:
Added: php/php-src/branches/PHP_5_4/ext/xmlrpc/tests/bug61097.phpt
===
--- php/php-src/branches/PHP_5_4/ext/xmlrpc/tests/bug61097.phpt
(rev 0)
+++ php/php-src/branches/PHP_5_4/ext/xmlrpc/tests/bug61097.phpt 2012-03-02
14:08:11 UTC (rev 323818)
@@ -0,0 +1,16 @@
+--TEST--
+Bug #61097 (Memory leak in xmlrpc functions copying zvals)
+--SKIPIF--
+
+--FILE--
+
+--EXPECT--
+Done
Modified: php/php-src/branches/PHP_5_4/ext/xmlrpc/xmlrpc-epi-php.c
===
--- php/php-src/branches/PHP_5_4/ext/xmlrpc/xmlrpc-epi-php.c2012-03-02
13:17:32 UTC (rev 323817)
+++ php/php-src/branches/PHP_5_4/ext/xmlrpc/xmlrpc-epi-php.c2012-03-02
14:08:11 UTC (rev 323818)
@@ -1043,9 +1043,8 @@
*/
if (XMLRPC_ServerRegisterMethod(server->server_ptr, method_key,
php_xmlrpc_callback)) {
/* save for later use */
- MAKE_STD_ZVAL(method_name_save);
- *method_name_save = **method_name;
- zval_copy_ctor(method_name_save);
+ ALLOC_ZVAL(method_name_save);
+ MAKE_COPY_ZVAL(method_name, method_name_save);
/* register our php method */
add_zval(server->method_map, method_key,
&method_name_save);
@@ -1073,9 +1072,8 @@
if (type == le_xmlrpc_server) {
/* save for later use */
- MAKE_STD_ZVAL(method_name_save);
- *method_name_save = **method_name;
- zval_copy_ctor(method_name_save);
+ ALLOC_ZVAL(method_name_save);
+ MAKE_COPY_ZVAL(method_name, method_name_save);
/* register our php method */
add_zval(server->introspection_map, NULL, &method_name_save);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS
Hi Nikic: just FYI, I was told that, the entries in NEWS should be in desc order(in a category) by bug id :) thanks On Fri, Mar 2, 2012 at 4:25 PM, Nikita Popov wrote: > nikic Fri, 02 Mar 2012 08:25:28 + > > Revision: http://svn.php.net/viewvc?view=revision&revision=323805 > > Log: > Forgot NEWS for r323803 > > Changed paths: > U php/php-src/branches/PHP_5_4/NEWS > > Modified: php/php-src/branches/PHP_5_4/NEWS > === > --- php/php-src/branches/PHP_5_4/NEWS 2012-03-02 08:21:54 UTC (rev 323804) > +++ php/php-src/branches/PHP_5_4/NEWS 2012-03-02 08:25:28 UTC (rev 323805) > @@ -20,6 +20,7 @@ > . Fixed bug #60801 (strpbrk() mishandles NUL byte). (Adam) > . Fixed bug #60573 (type hinting with "self" keyword causes weird errors). > (Laruence) > + . Fixed bug #61106 (Segfault when using header_register_callback). (Nikita > Popov) > > - Standard: > . Fixed memory leak in substr_replace. (Pierrick) > > > -- > PHP CVS Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php -- Laruence Xinchen Hui http://www.laruence.com/ -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS
nikicFri, 02 Mar 2012 08:25:28 + Revision: http://svn.php.net/viewvc?view=revision&revision=323805 Log: Forgot NEWS for r323803 Changed paths: U php/php-src/branches/PHP_5_4/NEWS Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2012-03-02 08:21:54 UTC (rev 323804) +++ php/php-src/branches/PHP_5_4/NEWS 2012-03-02 08:25:28 UTC (rev 323805) @@ -20,6 +20,7 @@ . Fixed bug #60801 (strpbrk() mishandles NUL byte). (Adam) . Fixed bug #60573 (type hinting with "self" keyword causes weird errors). (Laruence) + . Fixed bug #61106 (Segfault when using header_register_callback). (Nikita Popov) - Standard: . Fixed memory leak in substr_replace. (Pierrick) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/phar/phar_object.c
nikicFri, 02 Mar 2012 08:21:54 +
Revision: http://svn.php.net/viewvc?view=revision&revision=323804
Log:
Merge: Fix bug #61184 Phar::webPhar() generates headers with trailing NUL bytes
Bug: https://bugs.php.net/61184 (Assigned) Phar::webPhar() generates headers
with trailing NUL bytes
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/ext/phar/phar_object.c
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-03-02 08:04:51 UTC (rev 323803)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-03-02 08:21:54 UTC (rev 323804)
@@ -28,6 +28,9 @@
- Installation
. Fixed bug #61172 (Add Apache 2.4 support). (Chris Jones)
+- Phar
+ . Fixed bug #61184 (Phar::webPhar() generates headers with trailing NUL
bytes). (Nikita Popov)
+
- Reflection:
. Fixed bug #60968 (Late static binding doesn't work with
ReflectionMethod::invokeArgs()). (Laruence)
Modified: php/php-src/branches/PHP_5_4/ext/phar/phar_object.c
===
--- php/php-src/branches/PHP_5_4/ext/phar/phar_object.c 2012-03-02 08:04:51 UTC
(rev 323803)
+++ php/php-src/branches/PHP_5_4/ext/phar/phar_object.c 2012-03-02 08:21:54 UTC
(rev 323804)
@@ -428,7 +428,7 @@
sapi_header_line ctr = {0};
ctr.response_code = 403;
- ctr.line_len = sizeof("HTTP/1.0 403 Access Denied");
+ ctr.line_len = sizeof("HTTP/1.0 403 Access Denied")-1;
ctr.line = "HTTP/1.0 403 Access Denied";
sapi_header_op(SAPI_HEADER_REPLACE, &ctr TSRMLS_CC);
sapi_send_headers(TSRMLS_C);
@@ -453,7 +453,7 @@
}
ctr.response_code = 404;
- ctr.line_len = sizeof("HTTP/1.0 404 Not Found")+1;
+ ctr.line_len = sizeof("HTTP/1.0 404 Not Found")-1;
ctr.line = "HTTP/1.0 404 Not Found";
sapi_header_op(SAPI_HEADER_REPLACE, &ctr TSRMLS_CC);
sapi_send_headers(TSRMLS_C);
@@ -893,7 +893,7 @@
char *tmp = NULL, sa = '\0';
sapi_header_line ctr = {0};
ctr.response_code = 301;
- ctr.line_len = sizeof("HTTP/1.1 301 Moved
Permanently")+1;
+ ctr.line_len = sizeof("HTTP/1.1 301 Moved
Permanently")-1;
ctr.line = "HTTP/1.1 301 Moved Permanently";
sapi_header_op(SAPI_HEADER_REPLACE, &ctr TSRMLS_CC);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS Zend/tests/bug61087.phpt Zend/zend_ini_scanner.c Zend/zend_ini_scanner.l Zend/zend_ini_scanner_defs.h
laruence Fri, 02 Mar 2012 03:52:06 +
Revision: http://svn.php.net/viewvc?view=revision&revision=323786
Log:
MFH: Fixed bug #61087 (Memory leak in parse_ini_file when specifying invalid
scanner mode)
Bug: https://bugs.php.net/61087 (Assigned) Memory leak in parse_ini_file when
specifying invalid scanner mode
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
A php/php-src/branches/PHP_5_4/Zend/tests/bug61087.phpt
U php/php-src/branches/PHP_5_4/Zend/zend_ini_scanner.c
U php/php-src/branches/PHP_5_4/Zend/zend_ini_scanner.l
U php/php-src/branches/PHP_5_4/Zend/zend_ini_scanner_defs.h
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-03-02 03:51:26 UTC (rev 323785)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-03-02 03:52:06 UTC (rev 323786)
@@ -8,6 +8,8 @@
- Core:
. Fixed bug #61225 (Incorect lexing of 0b00*+). (Pierrick)
. Fixed bug #61165 (Segfault - strip_tags()). (Laruence)
+ . Fixed bug #61087 (Memory leak in parse_ini_file when specifying
+invalid scanner mode). (Nikic, Laruence)
. Fixed bug #61072 (Memory leak when restoring an exception handler).
(Nikic, Laruence)
. Fixed bug #61011 (Crash when an exception is thrown by __autoload
Added: php/php-src/branches/PHP_5_4/Zend/tests/bug61087.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/bug61087.phpt (rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/bug61087.phpt 2012-03-02 03:52:06 UTC (rev 323786)
@@ -0,0 +1,10 @@
+--TEST--
+Bug #61087 (Memory leak in parse_ini_file when specifying invalid scanner mode)
+--FILE--
+
+--EXPECTF--
+Warning: Invalid scanner mode in %s on line %d
Modified: php/php-src/branches/PHP_5_4/Zend/zend_ini_scanner.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_ini_scanner.c 2012-03-02 03:51:26 UTC (rev 323785)
+++ php/php-src/branches/PHP_5_4/Zend/zend_ini_scanner.c 2012-03-02 03:52:06 UTC (rev 323786)
@@ -1,4 +1,4 @@
-/* Generated by re2c 0.13.5 on Mon Jan 17 14:03:33 2011 */
+/* Generated by re2c 0.13.5 on Fri Mar 2 11:49:21 2012 */
#line 1 "Zend/zend_ini_scanner.l"
/*
+--+
@@ -230,12 +230,15 @@
char *buf;
size_t size;
- if (zend_stream_fixup(fh, &buf, &size TSRMLS_CC) == FAILURE ||
- init_ini_scanner(scanner_mode, fh TSRMLS_CC) == FAILURE
- ) {
+ if (zend_stream_fixup(fh, &buf, &size TSRMLS_CC) == FAILURE) {
return FAILURE;
}
+ if (init_ini_scanner(scanner_mode, fh TSRMLS_CC) == FAILURE) {
+ zend_file_handle_dtor(fh TSRMLS_CC);
+ return FAILURE;
+ }
+
yy_scan_buffer(buf, size TSRMLS_CC);
return SUCCESS;
@@ -330,7 +333,7 @@
}
}
-#line 334 "Zend/zend_ini_scanner.c"
+#line 337 "Zend/zend_ini_scanner.c"
{
YYCTYPE yych;
unsigned int yyaccept = 0;
@@ -459,7 +462,7 @@
yy3:
YYDEBUG(3, *YYCURSOR);
yyleng = YYCURSOR - SCNG(yy_text);
-#line 426 "Zend/zend_ini_scanner.l"
+#line 429 "Zend/zend_ini_scanner.l"
{ /* Get option name */
/* Eat leading whitespace */
EAT_LEADING_WHITESPACE();
@@ -469,7 +472,7 @@
RETURN_TOKEN(TC_LABEL, yytext, yyleng);
}
-#line 473 "Zend/zend_ini_scanner.c"
+#line 476 "Zend/zend_ini_scanner.c"
yy4:
YYDEBUG(4, *YYCURSOR);
yyaccept = 0;
@@ -478,24 +481,24 @@
yy5:
YYDEBUG(5, *YYCURSOR);
yyleng = YYCURSOR - SCNG(yy_text);
-#line 544 "Zend/zend_ini_scanner.l"
+#line 547 "Zend/zend_ini_scanner.l"
{
/* eat whitespace */
goto restart;
}
-#line 487 "Zend/zend_ini_scanner.c"
+#line 490 "Zend/zend_ini_scanner.c"
yy6:
YYDEBUG(6, *YYCURSOR);
++YYCURSOR;
yy7:
YYDEBUG(7, *YYCURSOR);
yyleng = YYCURSOR - SCNG(yy_text);
-#line 549 "Zend/zend_ini_scanner.l"
+#line 552 "Zend/zend_ini_scanner.l"
{
SCNG(lineno)++;
return END_OF_LINE;
}
-#line 499 "Zend/zend_ini_scanner.c"
+#line 502 "Zend/zend_ini_scanner.c"
yy8:
YYDEBUG(8, *YYCURSOR);
yych = *++YYCURSOR;
@@ -530,11 +533,11 @@
++YYCURSOR;
YYDEBUG(11, *YYCURSOR);
yyleng = YYCURSOR - SCNG(yy_text);
-#line 472 "Zend/zend_ini_scanner.l"
+#line 475 "Zend/zend_ini_scanner.l"
{ /* Disallow these chars outside option values */
return yytext[0];
}
-#line 538 "Zend/zend_ini_scanner.c"
+#line 541 "Zend/zend_ini_scanner.c"
yy12:
YYDEBUG(12, *YYCURSOR);
yyaccept = 1;
@@ -551,11 +554,11 @@
goto yy54;
YYDEBUG(15, *YYCURSOR);
yyleng = YYCURSOR - SCNG(yy_text);
-#line 572 "Zend/zend_ini_scanner.l"
+#line 575 "Zend/zend_ini_scanner.l"
{
return 0;
}
-#line 559 "Zend/zend_ini_scanner.c"
+#line 562 "Zend/zend_ini_scanner.c"
yy16:
YYDEBUG(16, *YYCURSOR);
++YYCURSOR;
@@ -564,7 +567,7 @@
yy17:
YYDEBUG(17, *YYCURSOR);
yyleng = YYCURSOR - SCNG(yy_text);
-#line 436 "Zend/zend_ini_scanner.l"
+#line 439 "Zend/zend_ini_scanner.l"
{ /* S
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/ext/standard/array.c branches/PHP_5_4/ext/standard/tests/array/bug61058.phpt trunk/NEWS
laruence Fri, 02 Mar 2012 03:40:40 +
Revision: http://svn.php.net/viewvc?view=revision&revision=323782
Log:
MFH: Fixed bug #61058 (array_fill leaks if start index is PHP_INT_MAX)
Bug: https://bugs.php.net/61058 (Assigned) array_fill leaks if start index is
PHP_INT_MAX
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/ext/standard/array.c
A php/php-src/branches/PHP_5_4/ext/standard/tests/array/bug61058.phpt
U php/php-src/trunk/NEWS
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-03-02 03:40:30 UTC (rev 323781)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-03-02 03:40:40 UTC (rev 323782)
@@ -30,6 +30,10 @@
. Fixed bug #60968 (Late static binding doesn't work with
ReflectionMethod::invokeArgs()). (Laruence)
+- Array:
+ . Fixed bug #61058 (array_fill leaks if start index is PHP_INT_MAX).
+(Laruence)
+
01 Mar 2012, PHP 5.4.0
- Installation:
Modified: php/php-src/branches/PHP_5_4/ext/standard/array.c
===
--- php/php-src/branches/PHP_5_4/ext/standard/array.c 2012-03-02 03:40:30 UTC
(rev 323781)
+++ php/php-src/branches/PHP_5_4/ext/standard/array.c 2012-03-02 03:40:40 UTC
(rev 323782)
@@ -1563,12 +1563,17 @@
array_init_size(return_value, num);
num--;
+ zend_hash_index_update(Z_ARRVAL_P(return_value), start_key, &val,
sizeof(zval *), NULL);
zval_add_ref(&val);
- zend_hash_index_update(Z_ARRVAL_P(return_value), start_key, &val,
sizeof(zval *), NULL);
while (num--) {
- zval_add_ref(&val);
- zend_hash_next_index_insert(Z_ARRVAL_P(return_value), &val,
sizeof(zval *), NULL);
+ if (zend_hash_next_index_insert(Z_ARRVAL_P(return_value), &val,
sizeof(zval *), NULL) == SUCCESS) {
+ zval_add_ref(&val);
+ } else {
+ zval_dtor(return_value);
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot add
element to the array as the next element is already occupied");
+ RETURN_FALSE;
+ }
}
}
/* }}} */
Added: php/php-src/branches/PHP_5_4/ext/standard/tests/array/bug61058.phpt
===
--- php/php-src/branches/PHP_5_4/ext/standard/tests/array/bug61058.phpt
(rev 0)
+++ php/php-src/branches/PHP_5_4/ext/standard/tests/array/bug61058.phpt
2012-03-02 03:40:40 UTC (rev 323782)
@@ -0,0 +1,8 @@
+--TEST--
+Bug #61058 (array_fill leaks if start index is PHP_INT_MAX)
+--FILE--
+
+--EXPECTF--
+Warning: array_fill(): Cannot add element to the array as the next element is
already occupied in %sbug61058.php on line %d
Modified: php/php-src/trunk/NEWS
===
--- php/php-src/trunk/NEWS 2012-03-02 03:40:30 UTC (rev 323781)
+++ php/php-src/trunk/NEWS 2012-03-02 03:40:40 UTC (rev 323782)
@@ -31,8 +31,4 @@
- pgsql
. Added pg_escape_literal() and pg_escape_identifier() (Yasuo)
-- Array:
- . Fixed bug #61058 (array_fill leaks if start index is PHP_INT_MAX).
-(Laruence)
-
<<< NOTE: Insert NEWS from last stable release here prior to actual release!
>>>
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS
rasmus Fri, 02 Mar 2012 03:40:08 + Revision: http://svn.php.net/viewvc?view=revision&revision=323780 Log: Actually, this was a merge from trunk, and Gustavo did it originally. Changed paths: U php/php-src/branches/PHP_5_4/NEWS Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2012-03-02 03:39:04 UTC (rev 323779) +++ php/php-src/branches/PHP_5_4/NEWS 2012-03-02 03:40:08 UTC (rev 323780) @@ -3,7 +3,7 @@ ?? ??? 2012, PHP 5.4.1 RC1 - CLI Server: - . "Connection: close" instead of "Connection: closed" (Rasmus) + . "Connection: close" instead of "Connection: closed" (Gustavo) - Core: . Fixed bug #61225 (Incorect lexing of 0b00*+). (Pierrick) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS sapi/cli/php_cli_server.c
rasmus Fri, 02 Mar 2012 03:38:04 +
Revision: http://svn.php.net/viewvc?view=revision&revision=323778
Log:
CLI Server was sending "Connection: closed" instead of "Connection: close"
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-03-02 03:36:30 UTC (rev 323777)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-03-02 03:38:04 UTC (rev 323778)
@@ -2,6 +2,9 @@
|||
?? ??? 2012, PHP 5.4.1 RC1
+- CLI Server:
+ . "Connection: close" instead of "Connection: closed" (Rasmus)
+
- Core:
. Fixed bug #61225 (Incorect lexing of 0b00*+). (Pierrick)
. Fixed bug #61165 (Segfault - strip_tags()). (Laruence)
Modified: php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c
===
--- php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c 2012-03-02
03:36:30 UTC (rev 323777)
+++ php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c 2012-03-02
03:38:04 UTC (rev 323778)
@@ -351,7 +351,7 @@
smart_str_appendl_ex(buffer, "\r\n", 2, persistent);
}
}
- smart_str_appendl_ex(buffer, "Connection: closed\r\n",
sizeof("Connection: closed\r\n") - 1, persistent);
+ smart_str_appendl_ex(buffer, "Connection: close\r\n",
sizeof("Connection: close\r\n") - 1, persistent);
} /* }}} */
static const char *get_mime_type(const char *ext, size_t ext_len) /* {{{ */
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/ext/reflection/php_reflection.c branches/PHP_5_4/ext/reflection/tests/bug60367.phpt trunk/NEWS
laruence Fri, 02 Mar 2012 03:36:30 +
Revision: http://svn.php.net/viewvc?view=revision&revision=323777
Log:
MFH: Fixed bug #60968 (Late static binding doesn't work with
ReflectionMethod::invokeArgs())
Bug: https://bugs.php.net/60968 (Assigned) Late static binding doesn't work
with ReflectionMethod::invokeArgs()
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/ext/reflection/php_reflection.c
U php/php-src/branches/PHP_5_4/ext/reflection/tests/bug60367.phpt
U php/php-src/trunk/NEWS
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-03-02 03:34:03 UTC (rev 323776)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-03-02 03:36:30 UTC (rev 323777)
@@ -22,6 +22,10 @@
- Installation
. Fixed bug #61172 (Add Apache 2.4 support). (Chris Jones)
+- Reflection:
+ . Fixed bug #60968 (Late static binding doesn't work with
+ReflectionMethod::invokeArgs()). (Laruence)
+
01 Mar 2012, PHP 5.4.0
- Installation:
Modified: php/php-src/branches/PHP_5_4/ext/reflection/php_reflection.c
===
--- php/php-src/branches/PHP_5_4/ext/reflection/php_reflection.c
2012-03-02 03:34:03 UTC (rev 323776)
+++ php/php-src/branches/PHP_5_4/ext/reflection/php_reflection.c
2012-03-02 03:36:30 UTC (rev 323777)
@@ -2920,7 +2920,7 @@
fcc.initialized = 1;
fcc.function_handler = mptr;
fcc.calling_scope = obj_ce;
- fcc.called_scope = obj_ce;
+ fcc.called_scope = intern->ce;
fcc.object_ptr = object;
result = zend_call_function(&fci, &fcc TSRMLS_CC);
Modified: php/php-src/branches/PHP_5_4/ext/reflection/tests/bug60367.phpt
===
--- php/php-src/branches/PHP_5_4/ext/reflection/tests/bug60367.phpt
2012-03-02 03:34:03 UTC (rev 323776)
+++ php/php-src/branches/PHP_5_4/ext/reflection/tests/bug60367.phpt
2012-03-02 03:36:30 UTC (rev 323777)
@@ -20,7 +20,9 @@
$method = new ReflectionMethod("b::call");
$method->invoke(null);
+$method->invokeArgs(null, array());
$method = new ReflectionMethod("A::call");
$method->invoke(null);
+$method->invokeArgs(null, array());
--EXPECTF--
-BA
+BBAA
Modified: php/php-src/trunk/NEWS
===
--- php/php-src/trunk/NEWS 2012-03-02 03:34:03 UTC (rev 323776)
+++ php/php-src/trunk/NEWS 2012-03-02 03:36:30 UTC (rev 323777)
@@ -31,10 +31,6 @@
- pgsql
. Added pg_escape_literal() and pg_escape_identifier() (Yasuo)
-- Reflection:
- . Fixed bug #60968 (Late static binding doesn't work with
-ReflectionMethod::invokeArgs()). (Laruence)
-
- Array:
. Fixed bug #61058 (array_fill leaks if start index is PHP_INT_MAX).
(Laruence)
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/tests/bug60573.phpt branches/PHP_5_4/Zend/zend_compile.c trunk/NEWS
laruence Fri, 02 Mar 2012 03:32:12 +
Revision: http://svn.php.net/viewvc?view=revision&revision=323773
Log:
MFH: Fixed bug #60573 (type hinting with "self" keyword causes weird errors)
Bug: https://bugs.php.net/60573 (Assigned) type hinting with "self" keyword
causes weird errors
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
A php/php-src/branches/PHP_5_4/Zend/tests/bug60573.phpt
U php/php-src/branches/PHP_5_4/Zend/zend_compile.c
U php/php-src/trunk/NEWS
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-03-02 03:29:24 UTC (rev 323772)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-03-02 03:32:12 UTC (rev 323773)
@@ -12,6 +12,8 @@
. Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical
vars). (Laruence)
. Fixed bug #60978 (exit code incorrect). (Laruence)
+ . Fixed bug #60573 (type hinting with "self" keyword causes weird errors).
+(Laruence)
- Standard:
. Fixed memory leak in substr_replace. (Pierrick)
Added: php/php-src/branches/PHP_5_4/Zend/tests/bug60573.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/bug60573.phpt
(rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/bug60573.phpt 2012-03-02
03:32:12 UTC (rev 323773)
@@ -0,0 +1,84 @@
+--TEST--
+Bug #60573 (type hinting with "self" keyword causes weird errors)
+--FILE--
+common.arg_info[i].class_name
- && strcasecmp(fe->common.arg_info[i].class_name,
proto->common.arg_info[i].class_name)!=0) {
- const char *colon;
- if (fe->common.type != ZEND_USER_FUNCTION) {
- return 0;
- } else if (strchr(proto->common.arg_info[i].class_name,
'\\') != NULL ||
- (colon =
zend_memrchr(fe->common.arg_info[i].class_name, '\\',
fe->common.arg_info[i].class_name_len)) == NULL ||
- strcasecmp(colon+1,
proto->common.arg_info[i].class_name) != 0) {
- zend_class_entry **fe_ce, **proto_ce;
- int found, found2;
-
- found =
zend_lookup_class(fe->common.arg_info[i].class_name,
fe->common.arg_info[i].class_name_len, &fe_ce TSRMLS_CC);
- found2 =
zend_lookup_class(proto->common.arg_info[i].class_name,
proto->common.arg_info[i].class_name_len, &proto_ce TSRMLS_CC);
-
- /* Check for class alias */
- if (found != SUCCESS || found2 != SUCCESS ||
- (*fe_ce)->type == ZEND_INTERNAL_CLASS ||
- (*proto_ce)->type ==
ZEND_INTERNAL_CLASS ||
- *fe_ce != *proto_ce) {
+ if (fe->common.arg_info[i].class_name) {
+ const char *fe_class_name, *proto_class_name;
+ zend_uint fe_class_name_len, proto_class_name_len;
+
+ if (!strcasecmp(fe->common.arg_info[i].class_name,
"parent") && proto->common.scope) {
+ fe_class_name = proto->common.scope->name;
+ fe_class_name_len =
proto->common.scope->name_length;
+ } else if
(!strcasecmp(fe->common.arg_info[i].class_name, "self") && fe->common.scope) {
+ fe_class_name = fe->common.scope->name;
+ fe_class_name_len =
fe->common.scope->name_length;
+ } else {
+ fe_class_name =
fe->common.arg_info[i].class_name;
+ fe_class_name_len =
fe->common.arg_info[i].class_name_len;
+ }
+
+ if (!strcasecmp(proto->common.arg_info[i].class_name,
"parent") && proto->common.scope && proto->common.scope->parent) {
+ proto_class_name =
proto->common.scope->parent->name;
+ proto_class_name_len =
proto->common.scope->parent->name_length;
+ } else if
(!strcasecmp(proto->common.arg_info[i].class_name, "self") &&
proto->common.scope) {
+ proto_class_name = proto->common.scope->name;
+ proto_class_name_len =
proto->common.scope->name_length;
+ } else {
+ proto_class_name =
proto->common.arg_info[i].class_name;
+ proto_class_name_len =
proto->common.arg_info[i].class_name_len;
+ }
+
+ if (strcasecmp(fe_class_name, proto_class_name)!=0) {
+ const char *colon;
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/tests/bug60978.phpt branches/PHP_5_4/Zend/zend_execute_API.c trunk/NEWS trunk/Zend/tests/bug60978.phpt
laruence Fri, 02 Mar 2012 03:25:41 +
Revision: http://svn.php.net/viewvc?view=revision&revision=323771
Log:
MFH: Fixed bug #60978 (exit code incorrect)
Bug: https://bugs.php.net/60978 (Assigned) exit code incorrect
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
A php/php-src/branches/PHP_5_4/Zend/tests/bug60978.phpt
U php/php-src/branches/PHP_5_4/Zend/zend_execute_API.c
U php/php-src/trunk/NEWS
U php/php-src/trunk/Zend/tests/bug60978.phpt
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-03-02 03:20:50 UTC (rev 323770)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-03-02 03:25:41 UTC (rev 323771)
@@ -11,6 +11,7 @@
accessing a static property). (Laruence)
. Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical
vars). (Laruence)
+ . Fixed bug #60978 (exit code incorrect). (Laruence)
- Standard:
. Fixed memory leak in substr_replace. (Pierrick)
Added: php/php-src/branches/PHP_5_4/Zend/tests/bug60978.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/bug60978.phpt
(rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/bug60978.phpt 2012-03-02
03:25:41 UTC (rev 323771)
@@ -0,0 +1,10 @@
+--TEST--
+Bug #60978 (exit code incorrect)
+--FILE--
+
+--EXPECT--
+2
Property changes on: php/php-src/branches/PHP_5_4/Zend/tests/bug60978.phpt
___
Added: svn:executable
+ *
Modified: php/php-src/branches/PHP_5_4/Zend/zend_execute_API.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_execute_API.c2012-03-02
03:20:50 UTC (rev 323770)
+++ php/php-src/branches/PHP_5_4/Zend/zend_execute_API.c2012-03-02
03:25:41 UTC (rev 323771)
@@ -1195,7 +1195,13 @@
}
CG(interactive) = 0;
- zend_execute(new_op_array TSRMLS_CC);
+ zend_try {
+ zend_execute(new_op_array TSRMLS_CC);
+ } zend_catch {
+ destroy_op_array(new_op_array TSRMLS_CC);
+ efree(new_op_array);
+ zend_bailout();
+ } zend_end_try();
CG(interactive) = orig_interactive;
if (local_retval_ptr) {
Modified: php/php-src/trunk/NEWS
===
--- php/php-src/trunk/NEWS 2012-03-02 03:20:50 UTC (rev 323770)
+++ php/php-src/trunk/NEWS 2012-03-02 03:25:41 UTC (rev 323771)
@@ -6,7 +6,6 @@
. World domination
- Core:
- . Fixed bug #60978 (exit code incorrect). (Laruence)
. Fixed bug #60573 (type hinting with "self" keyword causes weird errors).
(Laruence)
Modified: php/php-src/trunk/Zend/tests/bug60978.phpt
===
--- php/php-src/trunk/Zend/tests/bug60978.phpt 2012-03-02 03:20:50 UTC (rev
323770)
+++ php/php-src/trunk/Zend/tests/bug60978.phpt 2012-03-02 03:25:41 UTC (rev
323771)
@@ -3,7 +3,7 @@
--FILE--
--EXPECT--
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/main/php_variables.c branches/PHP_5_4/tests/basic/bug61000.phpt trunk/NEWS
laruence Fri, 02 Mar 2012 03:18:04 +
Revision: http://svn.php.net/viewvc?view=revision&revision=323769
Log:
MFH: Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical
vars)
Bug: https://bugs.php.net/61000 (Assigned) Exceeding max nesting level doesn't
delete numerical vars
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/main/php_variables.c
A php/php-src/branches/PHP_5_4/tests/basic/bug61000.phpt
U php/php-src/trunk/NEWS
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-03-02 03:14:20 UTC (rev 323768)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-03-02 03:18:04 UTC (rev 323769)
@@ -9,6 +9,8 @@
(Nikic, Laruence)
. Fixed bug #61011 (Crash when an exception is thrown by __autoload
accessing a static property). (Laruence)
+ . Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical
+vars). (Laruence)
- Standard:
. Fixed memory leak in substr_replace. (Pierrick)
Modified: php/php-src/branches/PHP_5_4/main/php_variables.c
===
--- php/php-src/branches/PHP_5_4/main/php_variables.c 2012-03-02 03:14:20 UTC
(rev 323768)
+++ php/php-src/branches/PHP_5_4/main/php_variables.c 2012-03-02 03:18:04 UTC
(rev 323769)
@@ -133,7 +133,7 @@
if (track_vars_array) {
ht = Z_ARRVAL_P(track_vars_array);
- zend_hash_del(ht, var, var_len + 1);
+ zend_symtable_del(ht, var, var_len + 1);
}
zval_dtor(val);
Added: php/php-src/branches/PHP_5_4/tests/basic/bug61000.phpt
===
--- php/php-src/branches/PHP_5_4/tests/basic/bug61000.phpt
(rev 0)
+++ php/php-src/branches/PHP_5_4/tests/basic/bug61000.phpt 2012-03-02
03:18:04 UTC (rev 323769)
@@ -0,0 +1,19 @@
+--TEST--
+Bug #61000 (Exceeding max nesting level doesn't delete numerical vars)
+--INI--
+max_input_nesting_level=2
+--POST--
+1[a][]=foo&1[a][b][c]=bar
+--GET--
+a[a][]=foo&a[a][b][c]=bar
+--FILE--
+--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/tests/bug61011.phpt branches/PHP_5_4/Zend/zend_vm_def.h branches/PHP_5_4/Zend/zend_vm_execute.h trunk/NEWS
laruence Fri, 02 Mar 2012 03:12:15 +
Revision: http://svn.php.net/viewvc?view=revision&revision=323767
Log:
MFH: Fixed bug #61011 (Crash when an exception is thrown by __autoload
accessing a static property)
Bug: https://bugs.php.net/61011 (Assigned) Crash when an exception is thrown by
__autoload accessing a static property
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
A php/php-src/branches/PHP_5_4/Zend/tests/bug61011.phpt
U php/php-src/branches/PHP_5_4/Zend/zend_vm_def.h
U php/php-src/branches/PHP_5_4/Zend/zend_vm_execute.h
U php/php-src/trunk/NEWS
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-03-02 02:56:08 UTC (rev 323766)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-03-02 03:12:15 UTC (rev 323767)
@@ -7,6 +7,8 @@
. Fixed bug #61165 (Segfault - strip_tags()). (Laruence)
. Fixed bug #61072 (Memory leak when restoring an exception handler).
(Nikic, Laruence)
+ . Fixed bug #61011 (Crash when an exception is thrown by __autoload
+accessing a static property). (Laruence)
- Standard:
. Fixed memory leak in substr_replace. (Pierrick)
Added: php/php-src/branches/PHP_5_4/Zend/tests/bug61011.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/bug61011.phpt (rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/bug61011.phpt 2012-03-02 03:12:15 UTC (rev 323767)
@@ -0,0 +1,35 @@
+--TEST--
+Bug #61011 (Crash when an exception is thrown by __autoload accessing a static property)
+--FILE--
+op2.literal->cache_slot);
} else {
ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC);
+if (UNEXPECTED(ce == NULL)) {
+ if (OP1_TYPE != IS_CONST && varname == &tmp_varname) {
+ zval_dtor(&tmp_varname);
+ }
+ FREE_OP1();
+ CHECK_EXCEPTION();
+ ZEND_VM_NEXT_OPCODE();
+}
CACHE_PTR(opline->op2.literal->cache_slot, ce);
}
} else {
@@ -2234,7 +2242,8 @@
} else {
ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC);
if (UNEXPECTED(ce == NULL)) {
-zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_P(opline->op1.zv));
+CHECK_EXCEPTION();
+ZEND_VM_NEXT_OPCODE();
}
CACHE_PTR(opline->op1.literal->cache_slot, ce);
}
@@ -2414,7 +2423,8 @@
if (Z_TYPE_PP(obj) == IS_STRING) {
ce = zend_fetch_class_by_name(Z_STRVAL_PP(obj), Z_STRLEN_PP(obj), NULL, 0 TSRMLS_CC);
if (UNEXPECTED(ce == NULL)) {
- zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL_PP(obj));
+ CHECK_EXCEPTION();
+ ZEND_VM_NEXT_OPCODE();
}
EX(called_scope) = ce;
EX(object) = NULL;
@@ -2964,6 +2974,7 @@
catch_ce = CACHED_PTR(opline->op1.literal->cache_slot);
} else {
catch_ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, ZEND_FETCH_CLASS_NO_AUTOLOAD TSRMLS_CC);
+
CACHE_PTR(opline->op1.literal->cache_slot, catch_ce);
}
ce = Z_OBJCE_P(EG(exception));
@@ -3492,7 +3503,8 @@
} else {
ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op1.zv), Z_STRLEN_P(opline->op1.zv), opline->op1.literal + 1, opline->extended_value TSRMLS_CC);
if (UNEXPECTED(ce == NULL)) {
- zend_error_noreturn(E_ERROR, "Undefined class constant '%s'", Z_STRVAL_P(opline->op2.zv));
+ CHECK_EXCEPTION();
+ ZEND_VM_NEXT_OPCODE();
}
CACHE_PTR(opline->op1.literal->cache_slot, ce);
}
@@ -3879,6 +3891,16 @@
ce = CACHED_PTR(opline->op2.literal->cache_slot);
} else {
ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC);
+if (UNEXPECTED(ce == NULL)) {
+ if (OP1_TYPE != IS_CONST && varname == &tmp) {
+ zval_dtor(&tmp);
+ } else if (OP1_TYPE == IS_VAR || OP1_TYPE == IS_CV) {
+ zval_ptr_dtor(&varname);
+ }
+ FREE_OP1();
+ CHECK_EXCEPTION();
+ ZEND_VM_NEXT_OPCODE();
+}
CACHE_PTR(opline->op2.literal->cache_slot, ce);
}
} else {
@@ -4368,6 +4390,10 @@
ce = CACHED_PTR(opline->op2.literal->cache_slot);
} else {
ce = zend_fetch_class_by_name(Z_STRVAL_P(opline->op2.zv), Z_STRLEN_P(opline->op2.zv), opline->op2.literal + 1, 0 TSRMLS_CC);
+ if (UNEXPECTED(ce == NULL)) {
+ CHECK_EXCEPTION();
+ ZEND_VM_NEXT_OPCODE();
+ }
CACHE_PTR(opline->op2.literal->cache_slot, ce);
}
} else {
Modified: php/php-src/branches/PHP_5_4/Zend/zend_vm_execute.h
===
--- php/php-src/branches/PHP_5_4/Zend/zend_vm_execute.h 2012-03-02 02:56:08 UTC (rev 323766)
+++ php/php-src/branches/PHP_5_4/Zend/zend_vm_execu
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/zend_builtin_functions.c trunk/NEWS
laruence Fri, 02 Mar 2012 02:56:08 +
Revision: http://svn.php.net/viewvc?view=revision&revision=323766
Log:
MFH: Fixed bug #61072 (Memory leak when restoring an exception handler).
Bug: https://bugs.php.net/61072 (Assigned) Memory leak when restoring an
exception handler
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/Zend/zend_builtin_functions.c
U php/php-src/trunk/NEWS
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-03-02 02:51:57 UTC (rev 323765)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-03-02 02:56:08 UTC (rev 323766)
@@ -5,6 +5,8 @@
- Core:
. Fixed bug #61225 (Incorect lexing of 0b00*+). (Pierrick)
. Fixed bug #61165 (Segfault - strip_tags()). (Laruence)
+ . Fixed bug #61072 (Memory leak when restoring an exception handler).
+(Nikic, Laruence)
- Standard:
. Fixed memory leak in substr_replace. (Pierrick)
Modified: php/php-src/branches/PHP_5_4/Zend/zend_builtin_functions.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_builtin_functions.c 2012-03-02
02:51:57 UTC (rev 323765)
+++ php/php-src/branches/PHP_5_4/Zend/zend_builtin_functions.c 2012-03-02
02:56:08 UTC (rev 323766)
@@ -1615,8 +1615,7 @@
RETURN_TRUE;
}
- *EG(user_exception_handler) = *exception_handler;
- zval_copy_ctor(EG(user_exception_handler));
+ MAKE_COPY_ZVAL(&exception_handler, EG(user_exception_handler));
if (!had_orig_exception_handler) {
RETURN_NULL();
Modified: php/php-src/trunk/NEWS
===
--- php/php-src/trunk/NEWS 2012-03-02 02:51:57 UTC (rev 323765)
+++ php/php-src/trunk/NEWS 2012-03-02 02:56:08 UTC (rev 323766)
@@ -6,8 +6,6 @@
. World domination
- Core:
- . Fixed bug #61072 (Memory leak when restoring an exception handler).
-(Nikic, Laruence)
. Fixed bug #61011 (Crash when an exception is thrown by __autoload
accessing a static property). (Laruence)
. Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/tests/bug61165.phpt branches/PHP_5_4/Zend/zend_API.c trunk/NEWS
laruence Fri, 02 Mar 2012 02:51:57 +
Revision: http://svn.php.net/viewvc?view=revision&revision=323765
Log:
MFH: Fix bug #61165 (Segfault - strip_tags())
Bug: https://bugs.php.net/61165 (Assigned) Segfault - strip_tags()
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
A php/php-src/branches/PHP_5_4/Zend/tests/bug61165.phpt
U php/php-src/branches/PHP_5_4/Zend/zend_API.c
U php/php-src/trunk/NEWS
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-03-02 02:38:18 UTC (rev 323764)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-03-02 02:51:57 UTC (rev 323765)
@@ -4,6 +4,7 @@
- Core:
. Fixed bug #61225 (Incorect lexing of 0b00*+). (Pierrick)
+ . Fixed bug #61165 (Segfault - strip_tags()). (Laruence)
- Standard:
. Fixed memory leak in substr_replace. (Pierrick)
Added: php/php-src/branches/PHP_5_4/Zend/tests/bug61165.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/bug61165.phpt
(rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/bug61165.phpt 2012-03-02
02:51:57 UTC (rev 323765)
@@ -0,0 +1,28 @@
+--TEST--
+Bug #61165 (Segfault - strip_tags())
+--FILE--
+_this = $this; // <-- uncoment this
+return 'A';
+}
+}
+
+$t = new T;
+for ($i = 0; $i < 3; $i++) {
+strip_tags($t);
+ strip_tags(new T);
+}
+var_dump($handler);
+--EXPECTF--
+object(T)#%d (1) {
+ ["_this"]=>
+ *RECURSION*
+}
Modified: php/php-src/branches/PHP_5_4/Zend/zend_API.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_API.c2012-03-02 02:38:18 UTC
(rev 323764)
+++ php/php-src/branches/PHP_5_4/Zend/zend_API.c2012-03-02 02:51:57 UTC
(rev 323765)
@@ -262,12 +262,16 @@
static int parse_arg_object_to_string(zval **arg, char **p, int *pl, int type
TSRMLS_DC) /* {{{ */
{
if (Z_OBJ_HANDLER_PP(arg, cast_object)) {
- SEPARATE_ZVAL_IF_NOT_REF(arg);
- if (Z_OBJ_HANDLER_PP(arg, cast_object)(*arg, *arg, type
TSRMLS_CC) == SUCCESS) {
+ zval *obj;
+ MAKE_STD_ZVAL(obj);
+ if (Z_OBJ_HANDLER_P(*arg, cast_object)(*arg, obj, type
TSRMLS_CC) == SUCCESS) {
+ zval_ptr_dtor(arg);
+ *arg = obj;
*pl = Z_STRLEN_PP(arg);
*p = Z_STRVAL_PP(arg);
return SUCCESS;
}
+ efree(obj);
}
/* Standard PHP objects */
if (Z_OBJ_HT_PP(arg) == &std_object_handlers || !Z_OBJ_HANDLER_PP(arg,
cast_object)) {
Modified: php/php-src/trunk/NEWS
===
--- php/php-src/trunk/NEWS 2012-03-02 02:38:18 UTC (rev 323764)
+++ php/php-src/trunk/NEWS 2012-03-02 02:51:57 UTC (rev 323765)
@@ -6,7 +6,6 @@
. World domination
- Core:
- . Fixed bug #61165 (Segfault - strip_tags()). (Laruence)
. Fixed bug #61072 (Memory leak when restoring an exception handler).
(Nikic, Laruence)
. Fixed bug #61011 (Crash when an exception is thrown by __autoload
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS main/main.c
rasmus Thu, 01 Mar 2012 22:49:03 +
Revision: http://svn.php.net/viewvc?view=revision&revision=323739
Log:
Merge: make max_file_uploads PHP_INI_SYSTEM|PHP_INI_PERDIR
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/main/main.c
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-03-01 22:48:49 UTC (rev 323738)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-03-01 22:49:03 UTC (rev 323739)
@@ -4,6 +4,7 @@
- Standard:
. Fixed memory leak in substr_replace. (Pierrick)
+ . make max_file_uploads ini directive settable outside of php.ini (Rasmus)
01 Mar 2012, PHP 5.4.0
Modified: php/php-src/branches/PHP_5_4/main/main.c
===
--- php/php-src/branches/PHP_5_4/main/main.c2012-03-01 22:48:49 UTC (rev
323738)
+++ php/php-src/branches/PHP_5_4/main/main.c2012-03-01 22:49:03 UTC (rev
323739)
@@ -552,7 +552,7 @@
PHP_INI_ENTRY("mail.force_extra_parameters",NULL,
PHP_INI_SYSTEM|PHP_INI_PERDIR, OnChangeMailForceExtra)
PHP_INI_ENTRY("disable_functions", "",
PHP_INI_SYSTEM, NULL)
PHP_INI_ENTRY("disable_classes","",
PHP_INI_SYSTEM, NULL)
- PHP_INI_ENTRY("max_file_uploads", "20",
PHP_INI_SYSTEM, NULL)
+ PHP_INI_ENTRY("max_file_uploads", "20",
PHP_INI_SYSTEM|PHP_INI_PERDIR, NULL)
STD_PHP_INI_BOOLEAN("allow_url_fopen", "1",
PHP_INI_SYSTEM, OnUpdateBool, allow_url_fopen,
php_core_globals, core_globals)
STD_PHP_INI_BOOLEAN("allow_url_include","0",
PHP_INI_SYSTEM, OnUpdateBool, allow_url_include,
php_core_globals, core_globals)
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/string.c
Test for bug #55871 is already covering this issue. P. On 1 March 2012 11:35, Antony Dovgal wrote: > On 03/01/2012 07:10 PM, Pierrick Charron wrote: >> >> pierrick Thu, 01 Mar 2012 15:10:29 + >> >> Revision: http://svn.php.net/viewvc?view=revision&revision=323710 >> >> Log: >> Fixed memory leak in substr_replace > > > +test ? > > -- > Wbr, > Antony Dovgal > --- > http://pinba.org - realtime profiling for PHP > > -- > PHP CVS Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS
sixd Thu, 01 Mar 2012 17:59:59 +
Revision: http://svn.php.net/viewvc?view=revision&revision=323721
Log:
Tidy up PHP 5.4.0 section, incuding removing most (?) bugs in new
features found/fixed during RC phase, and removing 5.4 section entries
for bugs already publicly released in PHP <= 5.3.10.
There are still many things in UPGRADING not mentioned here.
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-03-01 17:51:54 UTC (rev 323720)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-03-01 17:59:59 UTC (rev 323721)
@@ -7,25 +7,30 @@
01 Mar 2012, PHP 5.4.0
-- autoconf 2.59+ is now supported (and required) for generating the
- configure script with ./buildconf. Autoconf 2.60+ is desirable
- otherwise the configure help order may be incorrect. (Rasmus, Chris Jones)
+- Installation:
+ . autoconf 2.59+ is now supported (and required) for generating the
+configure script with ./buildconf. Autoconf 2.60+ is desirable
+otherwise the configure help order may be incorrect. (Rasmus, Chris Jones)
- Removed legacy features:
. break/continue $var syntax. (Dmitry)
- . Safe mode and all related ini options. (Kalle)
- . register_globals and register_long_arrays ini options. (Kalle)
+ . Safe mode and all related php.ini options. (Kalle)
+ . register_globals and register_long_arrays php.ini options. (Kalle)
. import_request_variables(). (Kalle)
. allow_call_time_pass_reference. (Pierrick)
- . define_syslog_variables ini option and its associated function. (Kalle)
- . highlight.bg ini option. (Kalle)
+ . define_syslog_variables php.ini option and its associated function. (Kalle)
+ . highlight.bg php.ini option. (Kalle)
+ . safe_mode, safe_mode_gid, safe_mode_include_dir,
+safe_mode_exec_dir, safe_mode_allowed_env_vars and
+safe_mode_protected_env_vars php.ini options.
+ . zend.ze1_compatibility_mode php.ini option.
. Session bug compatibility mode (session.bug_compat_42 and
-session.bug_compat_warn ini options). (Kalle)
+session.bug_compat_warn php.ini options). (Kalle)
. session_is_registered(), session_register() and session_unregister()
functions. (Kalle)
- . y2k_compliance ini option. (Kalle)
+ . y2k_compliance php.ini option. (Kalle)
. magic_quotes_gpc, magic_quotes_runtime and magic_quotes_sybase
-ini options. get_magic_quotes_gpc, get_magic_quotes_runtime are kept
+php.ini options. get_magic_quotes_gpc, get_magic_quotes_runtime are kept
but always return false, set_magic_quotes_runtime raises an
E_CORE_ERROR. (Pierrick, Pierre)
. Removed support for putenv("TZ=..") for setting the timezone. (Derick)
@@ -33,21 +38,21 @@
date.timezone or date_default_timezone_set(). Instead of a guessed
timezone, "UTC" is now used instead. (Derick)
-- Moved extensions to PECL: (Johannes)
+- Moved extensions to PECL:
. ext/sqlite. (Note: the ext/sqlite3 and ext/pdo_sqlite extensions are
-not affected)
+not affected) (Johannes)
- General improvements:
. Added short array syntax support ([1,2,3]), see UPGRADING guide for full
details. (rsky0711 at gmail . com, sebastian.deutsch at 9elements . com,
Pierre)
- . Added binary numbers format (0b001010). (Jonah dot Harris at gmail dot com)
+ . Added binary number format (0b001010). (Jonah dot Harris at gmail dot com)
. Added support for Class::{expr}() syntax (Pierrick)
- . Added multibyte support by default. Previously php had to be compiled
-with --enable-zend-multibyte. Now it can be enabled or disabled through
-zend.multibyte directive in php.ini. (Dmitry)
+ . Added multibyte support by default. Previously PHP had to be compiled
+with --enable-zend-multibyte. Now it can be enabled or disabled through
+the zend.multibyte directive in php.ini. (Dmitry)
. Removed compile time dependency from ext/mbstring (Dmitry)
- . Added support for Traits. (Stefan)
+ . Added support for Traits. (Stefan, with fixes by Dmitry and Laruence)
. Added closure $this support back. (Stas)
. Added array dereferencing support. (Felipe)
. Added callable typehint. (Hannes)
@@ -59,21 +64,21 @@
. Implemented Zend Signal Handling (configurable option --enable-zend-signals,
off by default). (Lucas Nealan, Arnaud Le Blanc, Brian Shire, Ilia)
. Improved output layer, see README.NEW-OUTPUT-API for internals. (Mike)
- . Improved unix build system to allow building multiple PHP binary SAPIs and
+ . Improved UNIX build system to allow building multiple PHP binary SAPIs and
one SAPI module the same time. FR #53271, FR #52419. (Jani)
. Implemented closure rebinding as parameter to bindTo. (Gustavo Lopes)
. Improved the warning message of incompatible arguments. (Laruence)
. Improved ternary operator performance when returning arrays. (Arnaud, Dmitry)
Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/string.c
On 03/01/2012 07:10 PM, Pierrick Charron wrote: pierrick Thu, 01 Mar 2012 15:10:29 + Revision: http://svn.php.net/viewvc?view=revision&revision=323710 Log: Fixed memory leak in substr_replace +test ? -- Wbr, Antony Dovgal --- http://pinba.org - realtime profiling for PHP -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/string.c
pierrick Thu, 01 Mar 2012 15:10:29 +
Revision: http://svn.php.net/viewvc?view=revision&revision=323710
Log:
Fixed memory leak in substr_replace
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/ext/standard/string.c
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-03-01 15:10:23 UTC (rev 323709)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-03-01 15:10:29 UTC (rev 323710)
@@ -1,7 +1,10 @@
PHPNEWS
|||
?? ??? 2012, PHP 5.4.1 RC1
-
+
+- Standard:
+ . Fixed memory leak in substr_replace. (Pierrick)
+
01 Mar 2012, PHP 5.4.0
- autoconf 2.59+ is now supported (and required) for generating the
Modified: php/php-src/branches/PHP_5_4/ext/standard/string.c
===
--- php/php-src/branches/PHP_5_4/ext/standard/string.c 2012-03-01 15:10:23 UTC
(rev 323709)
+++ php/php-src/branches/PHP_5_4/ext/standard/string.c 2012-03-01 15:10:29 UTC
(rev 323710)
@@ -2518,6 +2518,9 @@
if(Z_REFCOUNT_P(orig_str) != refcount) {
php_error_docref(NULL
TSRMLS_CC, E_WARNING, "Argument was modified while replacing");
+ if(Z_TYPE_PP(tmp_repl) !=
IS_STRING) {
+ zval_dtor(repl_str);
+ }
break;
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS configure.in main/php_version.h
stas Wed, 29 Feb 2012 07:24:27 + Revision: http://svn.php.net/viewvc?view=revision&revision=323658 Log: back to dev Changed paths: U php/php-src/branches/PHP_5_4/NEWS U php/php-src/branches/PHP_5_4/configure.in U php/php-src/branches/PHP_5_4/main/php_version.h Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2012-02-29 07:22:43 UTC (rev 323657) +++ php/php-src/branches/PHP_5_4/NEWS 2012-02-29 07:24:27 UTC (rev 323658) @@ -1,5 +1,7 @@ PHPNEWS ||| +?? ??? 2012, PHP 5.4.1 RC1 + 01 Mar 2012, PHP 5.4.0 - autoconf 2.59+ is now supported (and required) for generating the Modified: php/php-src/branches/PHP_5_4/configure.in === --- php/php-src/branches/PHP_5_4/configure.in 2012-02-29 07:22:43 UTC (rev 323657) +++ php/php-src/branches/PHP_5_4/configure.in 2012-02-29 07:24:27 UTC (rev 323658) @@ -119,8 +119,8 @@ PHP_MAJOR_VERSION=5 PHP_MINOR_VERSION=4 -PHP_RELEASE_VERSION=0 -PHP_EXTRA_VERSION="" +PHP_RELEASE_VERSION=1 +PHP_EXTRA_VERSION="RC1-dev" PHP_VERSION="$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION" PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 1 + [$]PHP_MINOR_VERSION \* 100 + [$]PHP_RELEASE_VERSION` Modified: php/php-src/branches/PHP_5_4/main/php_version.h === --- php/php-src/branches/PHP_5_4/main/php_version.h 2012-02-29 07:22:43 UTC (rev 323657) +++ php/php-src/branches/PHP_5_4/main/php_version.h 2012-02-29 07:24:27 UTC (rev 323658) @@ -2,7 +2,7 @@ /* edit configure.in to change version number */ #define PHP_MAJOR_VERSION 5 #define PHP_MINOR_VERSION 4 -#define PHP_RELEASE_VERSION 0 -#define PHP_EXTRA_VERSION "" -#define PHP_VERSION "5.4.0" -#define PHP_VERSION_ID 50400 +#define PHP_RELEASE_VERSION 1 +#define PHP_EXTRA_VERSION "RC1-dev" +#define PHP_VERSION "5.4.1RC1-dev" +#define PHP_VERSION_ID 50401 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS
Stas, Some of those bug fixes listed under 5.4.0 are already fixed in 5.3.10. Random examples include the OCI8 fixes, OpenSSL fix 60279, Tidy fix 54682, and CURL fix 60439. Do you need a hand sorting out the dups? Chris On 02/28/2012 04:50 PM, Stanislav Malyshev wrote: stas Wed, 29 Feb 2012 00:50:00 + Revision: http://svn.php.net/viewvc?view=revision&revision=323645 Log: prepare NEWS for 5.4.0 Changed paths: U php/php-src/branches/PHP_5_4/NEWS -- Email: christopher.jo...@oracle.com Tel: +1 650 506 8630 Blog: http://blogs.oracle.com/opal/ -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/ext/standard/var_unserializer.c branches/PHP_5_4/ext/standard/var_unserializer.re trunk/ext/standard/var_unserializer.c trunk/ext/st
pajoye Tue, 28 Feb 2012 18:36:10 +
Revision: http://svn.php.net/viewvc?view=revision&revision=323633
Log:
- fix bug #60879, unserialize does not invoke __wakeup
Bug: https://bugs.php.net/60879 (Closed) unserialize() Does not invoke
__wakeup() on object
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/ext/standard/var_unserializer.c
U php/php-src/branches/PHP_5_4/ext/standard/var_unserializer.re
U php/php-src/trunk/ext/standard/var_unserializer.c
U php/php-src/trunk/ext/standard/var_unserializer.re
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-02-28 17:22:32 UTC (rev 323632)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-02-28 18:36:10 UTC (rev 323633)
@@ -13,6 +13,8 @@
default (Stas).
. Fixed bug #60965 (Buffer overflow on htmlspecialchars/entities with
$double=false). (Gustavo)
+ . Fixed bug #60879 (unserialize() Does not invoke __wakeup() on object).
+(Pierre, Steve)
. Fixed output layer compat function not passing along input buffer with
php_output_context_pass() if the output_handler_func does not set out_str
(releaze3 at gmail dot com, Mike)
Modified: php/php-src/branches/PHP_5_4/ext/standard/var_unserializer.c
===
--- php/php-src/branches/PHP_5_4/ext/standard/var_unserializer.c
2012-02-28 17:22:32 UTC (rev 323632)
+++ php/php-src/branches/PHP_5_4/ext/standard/var_unserializer.c
2012-02-28 18:36:10 UTC (rev 323633)
@@ -375,6 +375,9 @@
return elements;
}
+#ifdef PHP_WIN32
+# pragma optimize("", off)
+#endif
static inline int object_common2(UNSERIALIZE_PARAMETER, long elements)
{
zval *retval_ptr = NULL;
@@ -399,6 +402,9 @@
return finish_nested_data(UNSERIALIZE_PASSTHRU);
}
+#ifdef PHP_WIN32
+# pragma optimize("", on)
+#endif
PHPAPI int php_var_unserialize(UNSERIALIZE_PARAMETER)
{
Modified: php/php-src/branches/PHP_5_4/ext/standard/var_unserializer.re
===
--- php/php-src/branches/PHP_5_4/ext/standard/var_unserializer.re
2012-02-28 17:22:32 UTC (rev 323632)
+++ php/php-src/branches/PHP_5_4/ext/standard/var_unserializer.re
2012-02-28 18:36:10 UTC (rev 323633)
@@ -379,6 +379,9 @@
return elements;
}
+#ifdef PHP_WIN32
+# pragma optimize("", off)
+#endif
static inline int object_common2(UNSERIALIZE_PARAMETER, long elements)
{
zval *retval_ptr = NULL;
@@ -403,6 +406,9 @@
return finish_nested_data(UNSERIALIZE_PASSTHRU);
}
+#ifdef PHP_WIN32
+# pragma optimize("", on)
+#endif
PHPAPI int php_var_unserialize(UNSERIALIZE_PARAMETER)
{
Modified: php/php-src/trunk/ext/standard/var_unserializer.c
===
--- php/php-src/trunk/ext/standard/var_unserializer.c 2012-02-28 17:22:32 UTC
(rev 323632)
+++ php/php-src/trunk/ext/standard/var_unserializer.c 2012-02-28 18:36:10 UTC
(rev 323633)
@@ -375,6 +375,9 @@
return elements;
}
+#ifdef PHP_WIN32
+# pragma optimize("", off)
+#endif
static inline int object_common2(UNSERIALIZE_PARAMETER, long elements)
{
zval *retval_ptr = NULL;
@@ -399,6 +402,9 @@
return finish_nested_data(UNSERIALIZE_PASSTHRU);
}
+#ifdef PHP_WIN32
+# pragma optimize("", on)
+#endif
PHPAPI int php_var_unserialize(UNSERIALIZE_PARAMETER)
{
Modified: php/php-src/trunk/ext/standard/var_unserializer.re
===
--- php/php-src/trunk/ext/standard/var_unserializer.re 2012-02-28 17:22:32 UTC
(rev 323632)
+++ php/php-src/trunk/ext/standard/var_unserializer.re 2012-02-28 18:36:10 UTC
(rev 323633)
@@ -379,6 +379,9 @@
return elements;
}
+#ifdef PHP_WIN32
+# pragma optimize("", off)
+#endif
static inline int object_common2(UNSERIALIZE_PARAMETER, long elements)
{
zval *retval_ptr = NULL;
@@ -403,6 +406,9 @@
return finish_nested_data(UNSERIALIZE_PASSTHRU);
}
+#ifdef PHP_WIN32
+# pragma optimize("", on)
+#endif
PHPAPI int php_var_unserialize(UNSERIALIZE_PARAMETER)
{
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS
mike Thu, 16 Feb 2012 09:04:32 + Revision: http://svn.php.net/viewvc?view=revision&revision=323251 Log: NEWS for r323219 Changed paths: U php/php-src/branches/PHP_5_4/NEWS Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2012-02-16 08:00:00 UTC (rev 323250) +++ php/php-src/branches/PHP_5_4/NEWS 2012-02-16 09:04:32 UTC (rev 323251) @@ -10,6 +10,9 @@ default (Stas). . Fixed bug #60965 (Buffer overflow on htmlspecialchars/entities with $double=false). (Gustavo) + . Fixed output layer compat function not passing along input buffer with +php_output_context_pass() if the output_handler_func does not set out_str +(releaze3 at gmail dot com, Mike) - CGI/FastCGI SAPI . Fixed reinitialization of SAPI callbacks after php_module_startup(). -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS configure.in main/php_version.h
stas Thu, 16 Feb 2012 07:47:02 + Revision: http://svn.php.net/viewvc?view=revision&revision=323248 Log: back to dev Changed paths: U php/php-src/branches/PHP_5_4/NEWS U php/php-src/branches/PHP_5_4/configure.in U php/php-src/branches/PHP_5_4/main/php_version.h Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2012-02-16 07:45:08 UTC (rev 323247) +++ php/php-src/branches/PHP_5_4/NEWS 2012-02-16 07:47:02 UTC (rev 323248) @@ -1,5 +1,7 @@ PHPNEWS ||| +?? ??? 2012, PHP 5.4.0 RC 9 + 15 Feb 2012, PHP 5.4.0 RC 8 - Core: . Added ability to reset user opcode handlers (Yoram). Modified: php/php-src/branches/PHP_5_4/configure.in === --- php/php-src/branches/PHP_5_4/configure.in 2012-02-16 07:45:08 UTC (rev 323247) +++ php/php-src/branches/PHP_5_4/configure.in 2012-02-16 07:47:02 UTC (rev 323248) @@ -120,7 +120,7 @@ PHP_MAJOR_VERSION=5 PHP_MINOR_VERSION=4 PHP_RELEASE_VERSION=0 -PHP_EXTRA_VERSION="RC8" +PHP_EXTRA_VERSION="RC9-dev" PHP_VERSION="$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION" PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 1 + [$]PHP_MINOR_VERSION \* 100 + [$]PHP_RELEASE_VERSION` Modified: php/php-src/branches/PHP_5_4/main/php_version.h === --- php/php-src/branches/PHP_5_4/main/php_version.h 2012-02-16 07:45:08 UTC (rev 323247) +++ php/php-src/branches/PHP_5_4/main/php_version.h 2012-02-16 07:47:02 UTC (rev 323248) @@ -3,6 +3,6 @@ #define PHP_MAJOR_VERSION 5 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 0 -#define PHP_EXTRA_VERSION "RC8" -#define PHP_VERSION "5.4.0RC8" +#define PHP_EXTRA_VERSION "RC9-dev" +#define PHP_VERSION "5.4.0RC9-dev" #define PHP_VERSION_ID 50400 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS configure.in main/php_version.h
stas Thu, 16 Feb 2012 07:45:08 + Revision: http://svn.php.net/viewvc?view=revision&revision=323247 Log: 5.4.0rc8 Changed paths: U php/php-src/branches/PHP_5_4/NEWS U php/php-src/branches/PHP_5_4/configure.in U php/php-src/branches/PHP_5_4/main/php_version.h Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2012-02-16 04:02:04 UTC (rev 323246) +++ php/php-src/branches/PHP_5_4/NEWS 2012-02-16 07:45:08 UTC (rev 323247) @@ -1,6 +1,6 @@ PHPNEWS ||| -?? Feb 2012, PHP 5.4.0 RC 8 +15 Feb 2012, PHP 5.4.0 RC 8 - Core: . Added ability to reset user opcode handlers (Yoram). . Improved max_input_vars directive to check nested variables (Dmitry). Modified: php/php-src/branches/PHP_5_4/configure.in === --- php/php-src/branches/PHP_5_4/configure.in 2012-02-16 04:02:04 UTC (rev 323246) +++ php/php-src/branches/PHP_5_4/configure.in 2012-02-16 07:45:08 UTC (rev 323247) @@ -120,7 +120,7 @@ PHP_MAJOR_VERSION=5 PHP_MINOR_VERSION=4 PHP_RELEASE_VERSION=0 -PHP_EXTRA_VERSION="RC8-dev" +PHP_EXTRA_VERSION="RC8" PHP_VERSION="$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION" PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 1 + [$]PHP_MINOR_VERSION \* 100 + [$]PHP_RELEASE_VERSION` Modified: php/php-src/branches/PHP_5_4/main/php_version.h === --- php/php-src/branches/PHP_5_4/main/php_version.h 2012-02-16 04:02:04 UTC (rev 323246) +++ php/php-src/branches/PHP_5_4/main/php_version.h 2012-02-16 07:45:08 UTC (rev 323247) @@ -3,6 +3,6 @@ #define PHP_MAJOR_VERSION 5 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 0 -#define PHP_EXTRA_VERSION "RC8-dev" -#define PHP_VERSION "5.4.0RC8-dev" +#define PHP_EXTRA_VERSION "RC8" +#define PHP_VERSION "5.4.0RC8" #define PHP_VERSION_ID 50400 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/Zend.m4 branches/PHP_5_4/Zend/zend.h branches/PHP_5_4/main/main.c trunk/Zend/Zend.m4 trunk/Zend/zend.h trunk/main/main.c
Hi! Did you run the tests? Just from a quick skim I think this would break both the pcntl and the posix extension. Yes, I did - no (new) fails both on Mac and Linux. If you see any please tell me. -- Stanislav Malyshev, Software Architect SugarCRM: http://www.sugarcrm.com/ (408)454-6900 ext. 227 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/Zend.m4 branches/PHP_5_4/Zend/zend.h branches/PHP_5_4/main/main.c trunk/Zend/Zend.m4 trunk/Zend/zend.h trunk/main/main.c
On 02/15/2012 08:52 PM, Rasmus Lerdorf wrote: > On 02/15/2012 05:51 PM, Stanislav Malyshev wrote: >> stas Thu, 16 Feb 2012 01:51:45 + >> >> Revision: http://svn.php.net/viewvc?view=revision&revision=323245 >> >> Log: >> make ZEND_SIGNALS configurable, off by default >> also make ZEND_SIGNALS enabled and disabled binary-compatible >> >> Changed paths: >> U php/php-src/branches/PHP_5_4/NEWS >> U php/php-src/branches/PHP_5_4/Zend/Zend.m4 >> U php/php-src/branches/PHP_5_4/Zend/zend.h >> U php/php-src/branches/PHP_5_4/main/main.c >> U php/php-src/trunk/Zend/Zend.m4 >> U php/php-src/trunk/Zend/zend.h >> U php/php-src/trunk/main/main.c > > Did you run the tests? Just from a quick skim I think this would break > both the pcntl and the posix extension. ok, the pcntl test failures were due to the API bump and not having recompiled shared extensions that rely on zend_signals posix seems ok -Rasmus -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/Zend.m4 branches/PHP_5_4/Zend/zend.h branches/PHP_5_4/main/main.c trunk/Zend/Zend.m4 trunk/Zend/zend.h trunk/main/main.c
On 02/15/2012 05:51 PM, Stanislav Malyshev wrote: > stas Thu, 16 Feb 2012 01:51:45 + > > Revision: http://svn.php.net/viewvc?view=revision&revision=323245 > > Log: > make ZEND_SIGNALS configurable, off by default > also make ZEND_SIGNALS enabled and disabled binary-compatible > > Changed paths: > U php/php-src/branches/PHP_5_4/NEWS > U php/php-src/branches/PHP_5_4/Zend/Zend.m4 > U php/php-src/branches/PHP_5_4/Zend/zend.h > U php/php-src/branches/PHP_5_4/main/main.c > U php/php-src/trunk/Zend/Zend.m4 > U php/php-src/trunk/Zend/zend.h > U php/php-src/trunk/main/main.c Did you run the tests? Just from a quick skim I think this would break both the pcntl and the posix extension. -Rasmus -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/Zend.m4 branches/PHP_5_4/Zend/zend.h branches/PHP_5_4/main/main.c trunk/Zend/Zend.m4 trunk/Zend/zend.h trunk/main/main.c
stas Thu, 16 Feb 2012 01:51:45 + Revision: http://svn.php.net/viewvc?view=revision&revision=323245 Log: make ZEND_SIGNALS configurable, off by default also make ZEND_SIGNALS enabled and disabled binary-compatible Changed paths: U php/php-src/branches/PHP_5_4/NEWS U php/php-src/branches/PHP_5_4/Zend/Zend.m4 U php/php-src/branches/PHP_5_4/Zend/zend.h U php/php-src/branches/PHP_5_4/main/main.c U php/php-src/trunk/Zend/Zend.m4 U php/php-src/trunk/Zend/zend.h U php/php-src/trunk/main/main.c Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2012-02-16 00:51:37 UTC (rev 323244) +++ php/php-src/branches/PHP_5_4/NEWS 2012-02-16 01:51:45 UTC (rev 323245) @@ -4,6 +4,8 @@ - Core: . Added ability to reset user opcode handlers (Yoram). . Improved max_input_vars directive to check nested variables (Dmitry). + . Made ZEND_SIGNALS configurable via --enable-zend-signals, off by +default (Stas). . Fixed bug #60965 (Buffer overflow on htmlspecialchars/entities with $double=false). (Gustavo) Modified: php/php-src/branches/PHP_5_4/Zend/Zend.m4 === --- php/php-src/branches/PHP_5_4/Zend/Zend.m4 2012-02-16 00:51:37 UTC (rev 323244) +++ php/php-src/branches/PHP_5_4/Zend/Zend.m4 2012-02-16 01:51:45 UTC (rev 323245) @@ -393,14 +393,20 @@ AC_CHECK_FUNCS(mremap) +AC_ARG_ENABLE(zend-signals, +[ --enable-zend-signals Use zend signal handling],[ + ZEND_SIGNALS=$enableval +],[ + ZEND_SIGNALS=no +]) + AC_CHECK_FUNC(sigaction, [ - ZEND_SIGNALS=yes - AC_DEFINE(ZEND_SIGNALS, 1, [Use zend signal handling]) AC_DEFINE(HAVE_SIGACTION, 1, [Whether sigaction() is available]) ], [ ZEND_SIGNALS=no ]) if test "$ZEND_SIGNALS" = "yes"; then + AC_DEFINE(ZEND_SIGNALS, 1, [Use zend signal handling]) CFLAGS="$CFLAGS -DZEND_SIGNALS" fi Modified: php/php-src/branches/PHP_5_4/Zend/zend.h === --- php/php-src/branches/PHP_5_4/Zend/zend.h2012-02-16 00:51:37 UTC (rev 323244) +++ php/php-src/branches/PHP_5_4/Zend/zend.h2012-02-16 01:51:45 UTC (rev 323245) @@ -531,10 +531,8 @@ int (*write_function)(const char *str, uint str_length); FILE *(*fopen_function)(const char *filename, char **opened_path TSRMLS_DC); void (*message_handler)(long message, const void *data TSRMLS_DC); -#ifndef ZEND_SIGNALS void (*block_interruptions)(void); void (*unblock_interruptions)(void); -#endif int (*get_configuration_directive)(const char *name, uint name_length, zval *contents); void (*ticks_function)(int ticks); void (*on_timeout)(int seconds TSRMLS_DC); @@ -677,10 +675,8 @@ extern ZEND_API int (*zend_printf)(const char *format, ...) ZEND_ATTRIBUTE_PTR_FORMAT(printf, 1, 2); extern ZEND_API zend_write_func_t zend_write; extern ZEND_API FILE *(*zend_fopen)(const char *filename, char **opened_path TSRMLS_DC); -#ifndef ZEND_SIGNALS extern ZEND_API void (*zend_block_interruptions)(void); extern ZEND_API void (*zend_unblock_interruptions)(void); -#endif extern ZEND_API void (*zend_ticks_function)(int ticks); extern ZEND_API void (*zend_error_cb)(int type, const char *error_filename, const uint error_lineno, const char *format, va_list args) ZEND_ATTRIBUTE_PTR_FORMAT(printf, 4, 0); extern ZEND_API void (*zend_on_timeout)(int seconds TSRMLS_DC); Modified: php/php-src/branches/PHP_5_4/main/main.c === --- php/php-src/branches/PHP_5_4/main/main.c2012-02-16 00:51:37 UTC (rev 323244) +++ php/php-src/branches/PHP_5_4/main/main.c2012-02-16 01:51:45 UTC (rev 323245) @@ -1999,10 +1999,8 @@ zuf.write_function = php_output_wrapper; zuf.fopen_function = php_fopen_wrapper_for_zend; zuf.message_handler = php_message_handler_for_zend; -#ifndef ZEND_SIGNALS zuf.block_interruptions = sapi_module.block_interruptions; zuf.unblock_interruptions = sapi_module.unblock_interruptions; -#endif zuf.get_configuration_directive = php_get_configuration_directive_for_zend; zuf.ticks_function = php_run_ticks; zuf.on_timeout = php_on_timeout; Modified: php/php-src/trunk/Zend/Zend.m4 === --- php/php-src/trunk/Zend/Zend.m4 2012-02-16 00:51:37 UTC (rev 323244) +++ php/php-src/trunk/Zend/Zend.m4 2012-02-16 01:51:45 UTC (rev 323245) @@ -393,14 +393,20 @@ AC_CHECK_FUNCS(mremap) +AC_ARG_ENABLE(zend-signals, +[ --enable-zend-signals Use zend signal handling],[ + ZEND_SIGNALS=$enableval +],[ + ZEND_SIGNALS=no +]) + AC_CHECK_FUNC(sigaction, [ - ZEND_SIGNALS=yes - AC_DEFINE(ZEND_SIGNALS, 1, [Use zend signal handling])
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/sapi/cgi/cgi_main.c trunk/sapi/cgi/cgi_main.c
dmitry Tue, 14 Feb 2012 13:31:23 +
Revision: http://svn.php.net/viewvc?view=revision&revision=323212
Log:
Fixed reinitialization of SAPI callbacks after php_module_startup()
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/sapi/cgi/cgi_main.c
U php/php-src/trunk/sapi/cgi/cgi_main.c
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-02-14 13:05:31 UTC (rev 323211)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-02-14 13:31:23 UTC (rev 323212)
@@ -7,6 +7,10 @@
. Fixed bug #60965 (Buffer overflow on htmlspecialchars/entities with
$double=false). (Gustavo)
+- CGI/FastCGI SAPI
+ . Fixed reinitialization of SAPI callbacks after php_module_startup().
+(Dmitry)
+
02 Feb 2012, PHP 5.4.0 RC 7
- Core:
. Fixed bug #60895 (Possible invalid handler usage in windows random
Modified: php/php-src/branches/PHP_5_4/sapi/cgi/cgi_main.c
===
--- php/php-src/branches/PHP_5_4/sapi/cgi/cgi_main.c2012-02-14 13:05:31 UTC
(rev 323211)
+++ php/php-src/branches/PHP_5_4/sapi/cgi/cgi_main.c2012-02-14 13:31:23 UTC
(rev 323212)
@@ -1860,6 +1860,15 @@
php_optind = orig_optind;
php_optarg = orig_optarg;
+ if (fastcgi || bindpath) {
+ /* Override SAPI callbacks */
+ cgi_sapi_module.ub_write = sapi_fcgi_ub_write;
+ cgi_sapi_module.flush= sapi_fcgi_flush;
+ cgi_sapi_module.read_post= sapi_fcgi_read_post;
+ cgi_sapi_module.getenv = sapi_fcgi_getenv;
+ cgi_sapi_module.read_cookies = sapi_fcgi_read_cookies;
+ }
+
#ifdef ZTS
SG(request_info).path_translated = NULL;
#endif
@@ -1929,13 +1938,6 @@
fastcgi = fcgi_is_fastcgi();
}
if (fastcgi) {
- /* Override SAPI callbacks */
- sapi_module.ub_write = sapi_fcgi_ub_write;
- sapi_module.flush= sapi_fcgi_flush;
- sapi_module.read_post= sapi_fcgi_read_post;
- sapi_module.getenv = sapi_fcgi_getenv;
- sapi_module.read_cookies = sapi_fcgi_read_cookies;
-
/* How many times to run PHP scripts before dying */
if (getenv("PHP_FCGI_MAX_REQUESTS")) {
max_requests = atoi(getenv("PHP_FCGI_MAX_REQUESTS"));
Modified: php/php-src/trunk/sapi/cgi/cgi_main.c
===
--- php/php-src/trunk/sapi/cgi/cgi_main.c 2012-02-14 13:05:31 UTC (rev
323211)
+++ php/php-src/trunk/sapi/cgi/cgi_main.c 2012-02-14 13:31:23 UTC (rev
323212)
@@ -1859,6 +1859,15 @@
php_optind = orig_optind;
php_optarg = orig_optarg;
+ if (fastcgi || bindpath) {
+ /* Override SAPI callbacks */
+ cgi_sapi_module.ub_write = sapi_fcgi_ub_write;
+ cgi_sapi_module.flush= sapi_fcgi_flush;
+ cgi_sapi_module.read_post= sapi_fcgi_read_post;
+ cgi_sapi_module.getenv = sapi_fcgi_getenv;
+ cgi_sapi_module.read_cookies = sapi_fcgi_read_cookies;
+ }
+
#ifdef ZTS
SG(request_info).path_translated = NULL;
#endif
@@ -1928,13 +1937,6 @@
fastcgi = fcgi_is_fastcgi();
}
if (fastcgi) {
- /* Override SAPI callbacks */
- sapi_module.ub_write = sapi_fcgi_ub_write;
- sapi_module.flush= sapi_fcgi_flush;
- sapi_module.read_post= sapi_fcgi_read_post;
- sapi_module.getenv = sapi_fcgi_getenv;
- sapi_module.read_cookies = sapi_fcgi_read_cookies;
-
/* How many times to run PHP scripts before dying */
if (getenv("PHP_FCGI_MAX_REQUESTS")) {
max_requests = atoi(getenv("PHP_FCGI_MAX_REQUESTS"));
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/zend_execute.c trunk/Zend/zend_execute.c
dmitry Tue, 14 Feb 2012 09:27:08 +
Revision: http://svn.php.net/viewvc?view=revision&revision=323204
Log:
Added ability to reset user opcode handlers (Yoram)
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/Zend/zend_execute.c
U php/php-src/trunk/Zend/zend_execute.c
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-02-14 09:26:38 UTC (rev 323203)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-02-14 09:27:08 UTC (rev 323204)
@@ -2,6 +2,7 @@
|||
?? Feb 2012, PHP 5.4.0 RC 8
- Core:
+ . Added ability to reset user opcode handlers (Yoram).
. Improved max_input_vars directive to check nested variables (Dmitry).
. Fixed bug #60965 (Buffer overflow on htmlspecialchars/entities with
$double=false). (Gustavo)
Modified: php/php-src/branches/PHP_5_4/Zend/zend_execute.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_execute.c2012-02-14 09:26:38 UTC
(rev 323203)
+++ php/php-src/branches/PHP_5_4/Zend/zend_execute.c2012-02-14 09:27:08 UTC
(rev 323204)
@@ -1512,7 +1512,12 @@
ZEND_API int zend_set_user_opcode_handler(zend_uchar opcode,
user_opcode_handler_t handler)
{
if (opcode != ZEND_USER_OPCODE) {
- zend_user_opcodes[opcode] = ZEND_USER_OPCODE;
+ if (handler == NULL) {
+ /* restore the original handler */
+ zend_user_opcodes[opcode] = opcode;
+ } else {
+ zend_user_opcodes[opcode] = ZEND_USER_OPCODE;
+ }
zend_user_opcode_handlers[opcode] = handler;
return SUCCESS;
}
Modified: php/php-src/trunk/Zend/zend_execute.c
===
--- php/php-src/trunk/Zend/zend_execute.c 2012-02-14 09:26:38 UTC (rev
323203)
+++ php/php-src/trunk/Zend/zend_execute.c 2012-02-14 09:27:08 UTC (rev
323204)
@@ -1512,7 +1512,12 @@
ZEND_API int zend_set_user_opcode_handler(zend_uchar opcode,
user_opcode_handler_t handler)
{
if (opcode != ZEND_USER_OPCODE) {
- zend_user_opcodes[opcode] = ZEND_USER_OPCODE;
+ if (handler == NULL) {
+ /* restore the original handler */
+ zend_user_opcodes[opcode] = opcode;
+ } else {
+ zend_user_opcodes[opcode] = ZEND_USER_OPCODE;
+ }
zend_user_opcode_handlers[opcode] = handler;
return SUCCESS;
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/html.c ext/standard/tests/strings/bug60965.phpt
On Sun, 05 Feb 2012 15:00:11 +0100, Gustavo Lopes wrote: On Sun, 5 Feb 2012 14:37:27 +0100, Pierre Joye wrote: 2012/2/5 Gustavo Lopes : All the length and position variables are of type size_t, so I'd say we'd be out of memory long before that could be a problem (unless there's some architecture of which I'm not aware where SIZE_T is low enough for this to be a problem). read: SIZE_MAX, not SIZE_T By the way, SIZE_MAX (can be up to 65k or so afair) should not be used in relation with buffer (string or other) length. It defines the maximum size of a single object allocation that the compiler can manage. Not sure if it is actually what you want here. SIZE_MAX is indeed the limit of size_t. See ISO/IEC 9899:TC3, section 7.18.3 on http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1124.pdf (page 259). Forgetting the irrelevant case where size_t is 16 bit wide, there is indeed a potential problem if size_t is 32-bit wide. First, if you can pass a string with about 2GB you could the multiplication by 2 would wrap around. But you could even pass a smaller string (possibly 10/15 times less, I don't know what's the maximum expansion factor of htmlentities) and then it could wrap in the reallocation. I'll take this into account. See http://svn.php.net/viewvc/php/php-src/trunk/ext/standard/html.c?r1=323079&r2=323078&pathrev=323079 I don't know if this is worth merging to 5.4 at this point; after all 5.3 has the same problem. Obrigado! I think this bug (although probably exploitable) is low risk, since it requires a large 'memory_limit' value to be triggable. Your last patch seems good to me. Nuno -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/html.c ext/standard/tests/strings/bug60965.phpt
On Sun, 05 Feb 2012 15:00:11 +0100, Gustavo Lopes wrote: On Sun, 5 Feb 2012 14:37:27 +0100, Pierre Joye wrote: 2012/2/5 Gustavo Lopes : All the length and position variables are of type size_t, so I'd say we'd be out of memory long before that could be a problem (unless there's some architecture of which I'm not aware where SIZE_T is low enough for this to be a problem). read: SIZE_MAX, not SIZE_T By the way, SIZE_MAX (can be up to 65k or so afair) should not be used in relation with buffer (string or other) length. It defines the maximum size of a single object allocation that the compiler can manage. Not sure if it is actually what you want here. SIZE_MAX is indeed the limit of size_t. See ISO/IEC 9899:TC3, section 7.18.3 on http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1124.pdf (page 259). Forgetting the irrelevant case where size_t is 16 bit wide, there is indeed a potential problem if size_t is 32-bit wide. First, if you can pass a string with about 2GB you could the multiplication by 2 would wrap around. But you could even pass a smaller string (possibly 10/15 times less, I don't know what's the maximum expansion factor of htmlentities) and then it could wrap in the reallocation. I'll take this into account. See http://svn.php.net/viewvc/php/php-src/trunk/ext/standard/html.c?r1=323079&r2=323078&pathrev=323079 I don't know if this is worth merging to 5.4 at this point; after all 5.3 has the same problem. -- Gustavo Lopes -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/html.c ext/standard/tests/strings/bug60965.phpt
On Sun, 5 Feb 2012 14:37:27 +0100, Pierre Joye wrote: 2012/2/5 Gustavo Lopes : All the length and position variables are of type size_t, so I'd say we'd be out of memory long before that could be a problem (unless there's some architecture of which I'm not aware where SIZE_T is low enough for this to be a problem). read: SIZE_MAX, not SIZE_T By the way, SIZE_MAX (can be up to 65k or so afair) should not be used in relation with buffer (string or other) length. It defines the maximum size of a single object allocation that the compiler can manage. Not sure if it is actually what you want here. SIZE_MAX is indeed the limit of size_t. See ISO/IEC 9899:TC3, section 7.18.3 on http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1124.pdf (page 259). Forgetting the irrelevant case where size_t is 16 bit wide, there is indeed a potential problem if size_t is 32-bit wide. First, if you can pass a string with about 2GB you could the multiplication by 2 would wrap around. But you could even pass a smaller string (possibly 10/15 times less, I don't know what's the maximum expansion factor of htmlentities) and then it could wrap in the reallocation. I'll take this into account. -- Gustavo Lopes -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/html.c ext/standard/tests/strings/bug60965.phpt
2012/2/5 Gustavo Lopes : >> All the length and position variables are of type size_t, so I'd say >> we'd be out of memory long before that could be a problem (unless >> there's some architecture of which I'm not aware where SIZE_T is low >> enough for this to be a problem). > > > read: SIZE_MAX, not SIZE_T By the way, SIZE_MAX (can be up to 65k or so afair) should not be used in relation with buffer (string or other) length. It defines the maximum size of a single object allocation that the compiler can manage. Not sure if it is actually what you want here. -- Pierre @pierrejoye | http://blog.thepimp.net | http://www.libgd.org -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/html.c ext/standard/tests/strings/bug60965.phpt
On Sun, 05 Feb 2012 14:00:11 +0100, Gustavo Lopes wrote: On Sun, 5 Feb 2012 10:55:39 -, Nuno Lopes wrote: I didn't carefully review this patch, but doesn't this code suffer from potential math overflow? i.e. with strlen($input_str) > INT_MAX/2 (or UINT_MAX/2) All the length and position variables are of type size_t, so I'd say we'd be out of memory long before that could be a problem (unless there's some architecture of which I'm not aware where SIZE_T is low enough for this to be a problem). read: SIZE_MAX, not SIZE_T -- Gustavo Lopes -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/html.c ext/standard/tests/strings/bug60965.phpt
On Sun, 5 Feb 2012 10:55:39 -, Nuno Lopes wrote: I didn't carefully review this patch, but doesn't this code suffer from potential math overflow? i.e. with strlen($input_str) > INT_MAX/2 (or UINT_MAX/2) All the length and position variables are of type size_t, so I'd say we'd be out of memory long before that could be a problem (unless there's some architecture of which I'm not aware where SIZE_T is low enough for this to be a problem). -- Gustavo Lopes -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/html.c ext/standard/tests/strings/bug60965.phpt
I didn't carefully review this patch, but doesn't this code suffer from
potential math overflow?
i.e. with strlen($input_str) > INT_MAX/2 (or UINT_MAX/2)
Nuno
- Original Message -
From: "Gustavo André dos Santos Lopes"
To:
Sent: Sunday, February 05, 2012 9:59 AM
Subject: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS
ext/standard/html.c ext/standard/tests/strings/bug60965.phpt
cataphract Sun, 05 Feb 2012 09:59:33 +
Revision: http://svn.php.net/viewvc?view=revision&revision=323074
Log:
- Merge r323056 (see bug #60965).
Bug: https://bugs.php.net/60965 (Critical) Buffer overflow on
htmlspecialchars/entities with $double=false
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/ext/standard/html.c
A +
php/php-src/branches/PHP_5_4/ext/standard/tests/strings/bug60965.phpt
(from
php/php-src/trunk/ext/standard/tests/strings/bug60965.phpt:r323056)
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-02-05 09:58:50 UTC (rev 323073)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-02-05 09:59:33 UTC (rev 323074)
@@ -1,10 +1,13 @@
PHP
NEWS
|||
?? Feb 2012, PHP 5.4.0 RC 8
+- Core:
+ . Fixed bug #60965 (Buffer overflow on htmlspecialchars/entities with
+$double=false). (Gustavo)
02 Feb 2012, PHP 5.4.0 RC 7
- Core:
- . Fix bug #60895 (Possible invalid handler usage in windows random
+ . Fixed bug #60895 (Possible invalid handler usage in windows random
functions). (Pierre)
. Fixed bug #51860 (Include fails with toplevel symlink to /). (Dmitry)
. Fixed (disabled) inline-caching for ZEND_OVERLOADED_FUNCTION methods.
Modified: php/php-src/branches/PHP_5_4/ext/standard/html.c
===
--- php/php-src/branches/PHP_5_4/ext/standard/html.c 2012-02-05 09:58:50
UTC (rev 323073)
+++ php/php-src/branches/PHP_5_4/ext/standard/html.c 2012-02-05 09:59:33
UTC (rev 323074)
@@ -1215,7 +1215,6 @@
size_t cursor, maxlen, len;
char *replaced;
enum entity_charset charset = determine_charset(hint_charset TSRMLS_CC);
- int matches_map;
int doctype = flags & ENT_HTML_DOC_TYPE_MASK;
entity_table_opt entity_table;
const enc_to_uni *to_uni_table = NULL;
@@ -1253,12 +1252,14 @@
}
}
+ /* initial estimate */
if (oldlen < 64) {
maxlen = 128;
} else {
maxlen = 2 * oldlen;
}
- replaced = emalloc(maxlen);
+
+ replaced = emalloc(maxlen + 1);
len = 0;
cursor = 0;
while (cursor < oldlen) {
@@ -1271,7 +1272,7 @@
/* guarantee we have at least 40 bytes to write.
* In HTML5, entities may take up to 33 bytes */
if (len + 40 > maxlen) {
- replaced = erealloc(replaced, maxlen += 128);
+ replaced = erealloc(replaced, (maxlen += 128) + 1);
}
if (status == FAILURE) {
@@ -1291,7 +1292,6 @@
mbsequence = &old[cursor_before];
mbseqlen = cursor - cursor_before;
}
- matches_map = 0;
if (this_char != '&') { /* no entity on this position */
const unsigned char *rep = NULL;
@@ -1302,12 +1302,15 @@
goto pass_char_through;
if (all) { /* false that CHARSET_PARTIAL_SUPPORT(charset) */
- /* look for entity for this char */
if (to_uni_table != NULL) {
+ /* !CHARSET_UNICODE_COMPAT therefore not UTF-8; since UTF-8
+ * is the only multibyte encoding with !CHARSET_PARTIAL_SUPPORT,
+ * we're using a single byte encoding */
map_to_unicode(this_char, to_uni_table, &this_char);
if (this_char == 0x) /* no mapping; pass through */
goto pass_char_through;
}
+ /* the cursor may advance */
find_entity_for_char(this_char, charset, entity_table.ms_table, &rep,
&rep_len, old, oldlen, &cursor);
} else {
@@ -1397,6 +1400,10 @@
}
}
/* checks passed; copy entity to result */
+ /* entity size is unbounded, we may need more memory */
+ if (maxlen < len + ent_len + 2 /* & and ; */) {
+ replaced = erealloc(replaced, (maxlen += ent_len + 128) + 1);
+ }
replaced[len++] = '&';
memcpy(&replaced[len], &old[cursor], ent_len);
len += ent_len;
Copied:
php/php-src/branches/PHP_5_4/ext/standard/tests/strings/bug60965.phpt
(from rev 323056,
php/php-src/trunk/ext/standard/tests/strings/bug60965.phpt)
===
--- php/php-src/branches/PHP_5_4/ext/standard/tests/strings/bug60965.phpt
(rev 0)
+++ php/php-src/branches/PHP_5_4/ext/standard/tests/strings/bug60965.phpt
2012-02-05 09:59:33 UTC (rev 323074)
@@ -0,0 +1,10 @@
+--TEST--
+Bug #60965: Buffer overflow on htmlspecialchars/entities with
$double=false
+--FILE--
++echo
htmlspecialchars('"""""""""""""""""""""""""""""""""""""""""""""',
+ENT_QUOTES, 'UTF-8', false), "\n";
+echo "Done.\n";
+--EXPECT--
+"""""""""""""""""""""""""""""""""""""""""""""
+Done.
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/html.c ext/standard/tests/strings/bug60965.phpt
cataphract Sun, 05 Feb 2012 09:59:33 +
Revision: http://svn.php.net/viewvc?view=revision&revision=323074
Log:
- Merge r323056 (see bug #60965).
Bug: https://bugs.php.net/60965 (Critical) Buffer overflow on
htmlspecialchars/entities with $double=false
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/ext/standard/html.c
A + php/php-src/branches/PHP_5_4/ext/standard/tests/strings/bug60965.phpt
(from
php/php-src/trunk/ext/standard/tests/strings/bug60965.phpt:r323056)
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-02-05 09:58:50 UTC (rev 323073)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-02-05 09:59:33 UTC (rev 323074)
@@ -1,10 +1,13 @@
PHPNEWS
|||
?? Feb 2012, PHP 5.4.0 RC 8
+- Core:
+ . Fixed bug #60965 (Buffer overflow on htmlspecialchars/entities with
+$double=false). (Gustavo)
02 Feb 2012, PHP 5.4.0 RC 7
- Core:
- . Fix bug #60895 (Possible invalid handler usage in windows random
+ . Fixed bug #60895 (Possible invalid handler usage in windows random
functions). (Pierre)
. Fixed bug #51860 (Include fails with toplevel symlink to /). (Dmitry)
. Fixed (disabled) inline-caching for ZEND_OVERLOADED_FUNCTION methods.
Modified: php/php-src/branches/PHP_5_4/ext/standard/html.c
===
--- php/php-src/branches/PHP_5_4/ext/standard/html.c2012-02-05 09:58:50 UTC
(rev 323073)
+++ php/php-src/branches/PHP_5_4/ext/standard/html.c2012-02-05 09:59:33 UTC
(rev 323074)
@@ -1215,7 +1215,6 @@
size_t cursor, maxlen, len;
char *replaced;
enum entity_charset charset = determine_charset(hint_charset TSRMLS_CC);
- int matches_map;
int doctype = flags & ENT_HTML_DOC_TYPE_MASK;
entity_table_opt entity_table;
const enc_to_uni *to_uni_table = NULL;
@@ -1253,12 +1252,14 @@
}
}
+ /* initial estimate */
if (oldlen < 64) {
maxlen = 128;
} else {
maxlen = 2 * oldlen;
}
- replaced = emalloc(maxlen);
+
+ replaced = emalloc(maxlen + 1);
len = 0;
cursor = 0;
while (cursor < oldlen) {
@@ -1271,7 +1272,7 @@
/* guarantee we have at least 40 bytes to write.
* In HTML5, entities may take up to 33 bytes */
if (len + 40 > maxlen) {
- replaced = erealloc(replaced, maxlen += 128);
+ replaced = erealloc(replaced, (maxlen += 128) + 1);
}
if (status == FAILURE) {
@@ -1291,7 +1292,6 @@
mbsequence = &old[cursor_before];
mbseqlen = cursor - cursor_before;
}
- matches_map = 0;
if (this_char != '&') { /* no entity on this position */
const unsigned char *rep= NULL;
@@ -1302,12 +1302,15 @@
goto pass_char_through;
if (all) { /* false that
CHARSET_PARTIAL_SUPPORT(charset) */
- /* look for entity for this char */
if (to_uni_table != NULL) {
+ /* !CHARSET_UNICODE_COMPAT therefore
not UTF-8; since UTF-8
+* is the only multibyte encoding with
!CHARSET_PARTIAL_SUPPORT,
+* we're using a single byte encoding */
map_to_unicode(this_char, to_uni_table,
&this_char);
if (this_char == 0x) /* no mapping;
pass through */
goto pass_char_through;
}
+ /* the cursor may advance */
find_entity_for_char(this_char, charset,
entity_table.ms_table, &rep,
&rep_len, old, oldlen, &cursor);
} else {
@@ -1397,6 +1400,10 @@
}
}
/* checks passed; copy entity to result */
+ /* entity size is unbounded, we may need more
memory */
+ if (maxlen < len + ent_len + 2 /* & and ; */) {
+ replaced = erealloc(replaced, (maxlen
+= ent_len + 128) + 1);
+ }
replaced[len++] = '&';
memcpy(&replaced[len], &old[cursor], ent
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS configure.in main/php_version.h
stas Thu, 02 Feb 2012 06:09:50 + Revision: http://svn.php.net/viewvc?view=revision&revision=323010 Log: back to dev Changed paths: U php/php-src/branches/PHP_5_4/NEWS U php/php-src/branches/PHP_5_4/configure.in U php/php-src/branches/PHP_5_4/main/php_version.h Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2012-02-02 06:08:29 UTC (rev 323009) +++ php/php-src/branches/PHP_5_4/NEWS 2012-02-02 06:09:50 UTC (rev 323010) @@ -1,5 +1,7 @@ PHPNEWS ||| +?? Feb 2012, PHP 5.4.0 RC 8 + 02 Feb 2012, PHP 5.4.0 RC 7 - Core: . Fix bug #60895 (Possible invalid handler usage in windows random Modified: php/php-src/branches/PHP_5_4/configure.in === --- php/php-src/branches/PHP_5_4/configure.in 2012-02-02 06:08:29 UTC (rev 323009) +++ php/php-src/branches/PHP_5_4/configure.in 2012-02-02 06:09:50 UTC (rev 323010) @@ -120,7 +120,7 @@ PHP_MAJOR_VERSION=5 PHP_MINOR_VERSION=4 PHP_RELEASE_VERSION=0 -PHP_EXTRA_VERSION="RC7" +PHP_EXTRA_VERSION="RC8-dev" PHP_VERSION="$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION" PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 1 + [$]PHP_MINOR_VERSION \* 100 + [$]PHP_RELEASE_VERSION` Modified: php/php-src/branches/PHP_5_4/main/php_version.h === --- php/php-src/branches/PHP_5_4/main/php_version.h 2012-02-02 06:08:29 UTC (rev 323009) +++ php/php-src/branches/PHP_5_4/main/php_version.h 2012-02-02 06:09:50 UTC (rev 323010) @@ -3,6 +3,6 @@ #define PHP_MAJOR_VERSION 5 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 0 -#define PHP_EXTRA_VERSION "RC7" -#define PHP_VERSION "5.4.0RC7" +#define PHP_EXTRA_VERSION "RC8-dev" +#define PHP_VERSION "5.4.0RC8-dev" #define PHP_VERSION_ID 50400 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS configure.in main/php_version.h
stas Thu, 02 Feb 2012 06:08:29 + Revision: http://svn.php.net/viewvc?view=revision&revision=323009 Log: 5.4.0 rc7 Changed paths: U php/php-src/branches/PHP_5_4/NEWS U php/php-src/branches/PHP_5_4/configure.in U php/php-src/branches/PHP_5_4/main/php_version.h Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2012-02-01 23:20:30 UTC (rev 323008) +++ php/php-src/branches/PHP_5_4/NEWS 2012-02-02 06:08:29 UTC (rev 323009) @@ -1,6 +1,6 @@ PHPNEWS ||| -?? Jan 2012, PHP 5.4.0 RC 7 +02 Feb 2012, PHP 5.4.0 RC 7 - Core: . Fix bug #60895 (Possible invalid handler usage in windows random functions). (Pierre) Modified: php/php-src/branches/PHP_5_4/configure.in === --- php/php-src/branches/PHP_5_4/configure.in 2012-02-01 23:20:30 UTC (rev 323008) +++ php/php-src/branches/PHP_5_4/configure.in 2012-02-02 06:08:29 UTC (rev 323009) @@ -120,7 +120,7 @@ PHP_MAJOR_VERSION=5 PHP_MINOR_VERSION=4 PHP_RELEASE_VERSION=0 -PHP_EXTRA_VERSION="RC7-dev" +PHP_EXTRA_VERSION="RC7" PHP_VERSION="$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION" PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 1 + [$]PHP_MINOR_VERSION \* 100 + [$]PHP_RELEASE_VERSION` Modified: php/php-src/branches/PHP_5_4/main/php_version.h === --- php/php-src/branches/PHP_5_4/main/php_version.h 2012-02-01 23:20:30 UTC (rev 323008) +++ php/php-src/branches/PHP_5_4/main/php_version.h 2012-02-02 06:08:29 UTC (rev 323009) @@ -3,6 +3,6 @@ #define PHP_MAJOR_VERSION 5 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 0 -#define PHP_EXTRA_VERSION "RC7-dev" -#define PHP_VERSION "5.4.0RC7-dev" +#define PHP_EXTRA_VERSION "RC7" +#define PHP_VERSION "5.4.0RC7" #define PHP_VERSION_ID 50400 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/zend_vm_def.h branches/PHP_5_4/Zend/zend_vm_execute.h trunk/Zend/zend_vm_def.h trunk/Zend/zend_vm_execute.h
dmitry Mon, 30 Jan 2012 10:51:02 +
Revision: http://svn.php.net/viewvc?view=revision&revision=322928
Log:
Fixed (disabled) inline-caching for ZEND_OVERLOADED_FUNCTION methods
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/Zend/zend_vm_def.h
U php/php-src/branches/PHP_5_4/Zend/zend_vm_execute.h
U php/php-src/trunk/Zend/zend_vm_def.h
U php/php-src/trunk/Zend/zend_vm_execute.h
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-01-30 10:08:11 UTC (rev 322927)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-01-30 10:51:02 UTC (rev 322928)
@@ -5,6 +5,8 @@
. Fix bug #60895 (Possible invalid handler usage in windows random
functions). (Pierre)
. Fixed bug #51860 (Include fails with toplevel symlink to /). (Dmitry)
+ . Fixed (disabled) inline-caching for ZEND_OVERLOADED_FUNCTION methods.
+(Dmitry)
- OpenSSL:
. Fix possible attack in SSL sockets with SSL 3.0 / TLS 1.0.
Modified: php/php-src/branches/PHP_5_4/Zend/zend_vm_def.h
===
--- php/php-src/branches/PHP_5_4/Zend/zend_vm_def.h 2012-01-30 10:08:11 UTC (rev 322927)
+++ php/php-src/branches/PHP_5_4/Zend/zend_vm_def.h 2012-01-30 10:51:02 UTC (rev 322928)
@@ -2187,6 +2187,7 @@
zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval);
}
if (OP2_TYPE == IS_CONST &&
+ EXPECTED(EX(fbc)->type <= ZEND_USER_FUNCTION) &&
EXPECTED((EX(fbc)->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) &&
EXPECTED(EX(object) == object)) {
CACHE_POLYMORPHIC_PTR(opline->op2.literal->cache_slot, EX(called_scope), EX(fbc));
@@ -2284,7 +2285,9 @@
if (UNEXPECTED(EX(fbc) == NULL)) {
zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval);
}
- if (OP2_TYPE == IS_CONST && EXPECTED((EX(fbc)->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) {
+ if (OP2_TYPE == IS_CONST &&
+ EXPECTED(EX(fbc)->type <= ZEND_USER_FUNCTION) &&
+ EXPECTED((EX(fbc)->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) {
if (OP1_TYPE == IS_CONST) {
CACHE_PTR(opline->op2.literal->cache_slot, EX(fbc));
} else {
Modified: php/php-src/branches/PHP_5_4/Zend/zend_vm_execute.h
===
--- php/php-src/branches/PHP_5_4/Zend/zend_vm_execute.h 2012-01-30 10:08:11 UTC (rev 322927)
+++ php/php-src/branches/PHP_5_4/Zend/zend_vm_execute.h 2012-01-30 10:51:02 UTC (rev 322928)
@@ -3453,7 +3453,9 @@
if (UNEXPECTED(EX(fbc) == NULL)) {
zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval);
}
- if (IS_CONST == IS_CONST && EXPECTED((EX(fbc)->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) {
+ if (IS_CONST == IS_CONST &&
+ EXPECTED(EX(fbc)->type <= ZEND_USER_FUNCTION) &&
+ EXPECTED((EX(fbc)->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) {
if (IS_CONST == IS_CONST) {
CACHE_PTR(opline->op2.literal->cache_slot, EX(fbc));
} else {
@@ -4237,7 +4239,9 @@
if (UNEXPECTED(EX(fbc) == NULL)) {
zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval);
}
- if (IS_TMP_VAR == IS_CONST && EXPECTED((EX(fbc)->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) {
+ if (IS_TMP_VAR == IS_CONST &&
+ EXPECTED(EX(fbc)->type <= ZEND_USER_FUNCTION) &&
+ EXPECTED((EX(fbc)->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) {
if (IS_CONST == IS_CONST) {
CACHE_PTR(opline->op2.literal->cache_slot, EX(fbc));
} else {
@@ -4900,7 +4904,9 @@
if (UNEXPECTED(EX(fbc) == NULL)) {
zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval);
}
- if (IS_VAR == IS_CONST && EXPECTED((EX(fbc)->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) {
+ if (IS_VAR == IS_CONST &&
+ EXPECTED(EX(fbc)->type <= ZEND_USER_FUNCTION) &&
+ EXPECTED((EX(fbc)->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) {
if (IS_CONST == IS_CONST) {
CACHE_PTR(opline->op2.literal->cache_slot, EX(fbc));
} else {
@@ -5434,7 +5440,9 @@
if (UNEXPECTED(EX(fbc) == NULL)) {
zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval);
}
- if (IS_UNUSED == IS_CONST && EXPECTED((EX(fbc)->common.fn_flags & (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) {
+ if (IS_UNUSED == IS_CONST &&
+ EXPECTED(EX(fbc)->type <= ZEND_USER_FUNCTION) &&
+ EXPECTED((E
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/ftp/ftp.c ext/openssl/xp_ssl.c
scottmac Thu, 26 Jan 2012 05:15:57 +
Revision: http://svn.php.net/viewvc?view=revision&revision=322785
Log:
MFH r322485
Fix possible attack in SSL sockets with SSL 3.0 / TLS 1.0.
CVE-2011-3389
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/ext/ftp/ftp.c
U php/php-src/branches/PHP_5_4/ext/openssl/xp_ssl.c
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-01-26 04:16:32 UTC (rev 322784)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-01-26 05:15:57 UTC (rev 322785)
@@ -1,6 +1,8 @@
PHPNEWS
|||
-?? Jan 2012, PHP 5.4.0
+?? Jan 2012, PHP 5.4.0 RC 7
+- Fix possible attack in SSL sockets with SSL 3.0 / TLS 1.0.
+ CVE-2011-3389. (Scott)
19 Jan 2012, PHP 5.4.0 RC6
Modified: php/php-src/branches/PHP_5_4/ext/ftp/ftp.c
===
--- php/php-src/branches/PHP_5_4/ext/ftp/ftp.c 2012-01-26 04:16:32 UTC (rev
322784)
+++ php/php-src/branches/PHP_5_4/ext/ftp/ftp.c 2012-01-26 05:15:57 UTC (rev
322785)
@@ -243,6 +243,7 @@
{
#if HAVE_OPENSSL_EXT
SSL_CTX *ctx = NULL;
+ long ssl_ctx_options = SSL_OP_ALL;
#endif
if (ftp == NULL) {
return 0;
@@ -279,7 +280,10 @@
return 0;
}
- SSL_CTX_set_options(ctx, SSL_OP_ALL);
+#if OPENSSL_VERSION_NUMBER >= 0x0090605fL
+ ssl_ctx_options &= ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
+#endif
+ SSL_CTX_set_options(ctx, ssl_ctx_options);
ftp->ssl_handle = SSL_new(ctx);
if (ftp->ssl_handle == NULL) {
@@ -1495,6 +1499,7 @@
#if HAVE_OPENSSL_EXT
SSL_CTX *ctx;
+ long ssl_ctx_options = SSL_OP_ALL;
#endif
if (data->fd != -1) {
@@ -1521,7 +1526,10 @@
return 0;
}
- SSL_CTX_set_options(ctx, SSL_OP_ALL);
+#if OPENSSL_VERSION_NUMBER >= 0x0090605fL
+ ssl_ctx_options &= ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
+#endif
+ SSL_CTX_set_options(ctx, ssl_ctx_options);
data->ssl_handle = SSL_new(ctx);
if (data->ssl_handle == NULL) {
Modified: php/php-src/branches/PHP_5_4/ext/openssl/xp_ssl.c
===
--- php/php-src/branches/PHP_5_4/ext/openssl/xp_ssl.c 2012-01-26 04:16:32 UTC
(rev 322784)
+++ php/php-src/branches/PHP_5_4/ext/openssl/xp_ssl.c 2012-01-26 05:15:57 UTC
(rev 322785)
@@ -310,6 +310,7 @@
TSRMLS_DC)
{
SSL_METHOD *method;
+ long ssl_ctx_options = SSL_OP_ALL;
if (sslsock->ssl_handle) {
if (sslsock->s.is_blocked) {
@@ -377,7 +378,10 @@
return -1;
}
- SSL_CTX_set_options(sslsock->ctx, SSL_OP_ALL);
+#if OPENSSL_VERSION_NUMBER >= 0x0090605fL
+ ssl_ctx_options &= ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
+#endif
+ SSL_CTX_set_options(sslsock->ctx, ssl_ctx_options);
#if OPENSSL_VERSION_NUMBER >= 0x0090806fL
{
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/tests/bug60825.phpt branches/PHP_5_4/Zend/zend_vm_def.h branches/PHP_5_4/Zend/zend_vm_execute.h trunk/NEWS
laruence Thu, 26 Jan 2012 01:21:35 +
Revision: http://svn.php.net/viewvc?view=revision&revision=322770
Log:
Fixed bug #60825 (Segfault when running symfony 2 tests)
Bug: https://bugs.php.net/60825 (Critical) Segfault when running symfony 2 tests
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
A php/php-src/branches/PHP_5_4/Zend/tests/bug60825.phpt
U php/php-src/branches/PHP_5_4/Zend/zend_vm_def.h
U php/php-src/branches/PHP_5_4/Zend/zend_vm_execute.h
U php/php-src/trunk/NEWS
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-01-25 23:11:18 UTC (rev 322769)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-01-26 01:21:35 UTC (rev 322770)
@@ -9,6 +9,8 @@
$_SERVER['REQUEST_TIME_FLOAT'] to include microsecond precision. (Patrick)
. Fixed bug #60809 (TRAITS - PHPDoc Comment Style Bug). (Dmitry)
. Fixed bug #60768 (Output buffer not discarded) (Mike)
+ . Fixed bug #60825 (Segfault when running symfony 2 tests).
+(Dmitry, Laruence)
- Hash
. Fixed bug #60221 (Tiger hash output byte order) (Mike)
Added: php/php-src/branches/PHP_5_4/Zend/tests/bug60825.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/bug60825.phpt (rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/bug60825.phpt 2012-01-26 01:21:35 UTC (rev 322770)
@@ -0,0 +1,19 @@
+--TEST--
+Bug #60825 (Segfault when running symfony 2 tests)
+--DESCRIPTION--
+run this with valgrind
+--FILE--
+
+--EXPECTF--
+string(%d) "%sbug60825.php" refcount(2)
Modified: php/php-src/branches/PHP_5_4/Zend/zend_vm_def.h
===
--- php/php-src/branches/PHP_5_4/Zend/zend_vm_def.h 2012-01-25 23:11:18 UTC (rev 322769)
+++ php/php-src/branches/PHP_5_4/Zend/zend_vm_def.h 2012-01-26 01:21:35 UTC (rev 322770)
@@ -2391,7 +2391,7 @@
CHECK_EXCEPTION();
ZEND_VM_NEXT_OPCODE();
} else if (OP2_TYPE != IS_CONST &&
- EXPECTED(Z_TYPE_P(function_name) == IS_ARRAY) &&
+ EXPECTED(Z_TYPE_P(function_name) == IS_ARRAY) &&
zend_hash_num_elements(Z_ARRVAL_P(function_name)) == 2) {
zend_class_entry *ce;
zval **method = NULL;
@@ -2399,15 +2399,15 @@
zend_hash_index_find(Z_ARRVAL_P(function_name), 0, (void **) &obj);
zend_hash_index_find(Z_ARRVAL_P(function_name), 1, (void **) &method);
-
+
if (Z_TYPE_PP(obj) != IS_STRING && Z_TYPE_PP(obj) != IS_OBJECT) {
zend_error_noreturn(E_ERROR, "First array member is not a valid class name or object");
}
-
+
if (Z_TYPE_PP(method) != IS_STRING) {
zend_error_noreturn(E_ERROR, "Second array member is not a valid method");
}
-
+
if (Z_TYPE_PP(obj) == IS_STRING) {
ce = zend_fetch_class_by_name(Z_STRVAL_PP(obj), Z_STRLEN_PP(obj), NULL, 0 TSRMLS_CC);
if (UNEXPECTED(ce == NULL)) {
@@ -2415,7 +2415,7 @@
}
EX(called_scope) = ce;
EX(object) = NULL;
-
+
if (ce->get_static_method) {
EX(fbc) = ce->get_static_method(ce, Z_STRVAL_PP(method), Z_STRLEN_PP(method) TSRMLS_CC);
} else {
@@ -2429,7 +2429,7 @@
if (UNEXPECTED(EX(fbc) == NULL)) {
zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), Z_STRVAL_PP(method));
}
-
+
if ((EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) != 0) {
EX(object) = NULL;
} else {
@@ -3693,17 +3693,18 @@
zend_op_array *new_op_array=NULL;
zend_free_op free_op1;
zval *inc_filename;
- zval tmp_inc_filename;
+zval *tmp_inc_filename = NULL;
zend_bool failure_retval=0;
SAVE_OPLINE();
inc_filename = GET_OP1_ZVAL_PTR(BP_VAR_R);
if (inc_filename->type!=IS_STRING) {
- ZVAL_COPY_VALUE(&tmp_inc_filename, inc_filename);
- zval_copy_ctor(&tmp_inc_filename);
- convert_to_string(&tmp_inc_filename);
- inc_filename = &tmp_inc_filename;
+ MAKE_STD_ZVAL(tmp_inc_filename);
+ ZVAL_COPY_VALUE(tmp_inc_filename, inc_filename);
+ zval_copy_ctor(tmp_inc_filename);
+ convert_to_string(tmp_inc_filename);
+ inc_filename = tmp_inc_filename;
}
if (opline->extended_value != ZEND_EVAL && strlen(Z_STRVAL_P(inc_filename)) != Z_STRLEN_P(inc_filename)) {
@@ -3767,8 +3768,8 @@
EMPTY_SWITCH_DEFAULT_CASE()
}
}
- if (inc_filename==&tmp_inc_filename) {
- zval_dtor(&tmp_inc_filename);
+ if (tmp_inc_filename) {
+ zval_ptr_dtor(&tmp_inc_filename);
}
FREE_OP1();
if (UNEXPECTED(EG(exception) != NULL)) {
@@ -4510,15 +4511,15 @@
if (Z_TYPE_P(offset) <= IS_BOOL /* simple scalar types */
|| (Z_TYPE_P(offset) == IS_STRING /* or numeric string */
&& IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, 0))) {
-ZVAL_COPY_VALUE(&tmp, offset);
-zval_copy_ctor(&tmp);
-convert_to_long(&tmp);
-offset = &tmp;
+ ZVAL_COPY_VALUE(&tmp, offset);
+ zval_copy_ctor(&tmp);
+ convert_to_long(&tmp
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/tests/traits/bug60809.phpt branches/PHP_5_4/Zend/zend_compile.c trunk/Zend/tests/traits/bug60809.phpt trunk/Zend/zend_compile.c
dmitry Fri, 20 Jan 2012 12:30:57 +
Revision: http://svn.php.net/viewvc?view=revision&revision=322495
Log:
Fixed Bug #60809 (TRAITS - PHPDoc Comment Style Bug)
Fixed some other traits related bugs (uninitialized variable, return =>
continue)
Removed some trait related redundant code and variables
Bug: https://bugs.php.net/60809 (Critical) TRAITS - PHPDoc Comment Style Bug
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
A php/php-src/branches/PHP_5_4/Zend/tests/traits/bug60809.phpt
U php/php-src/branches/PHP_5_4/Zend/zend_compile.c
A php/php-src/trunk/Zend/tests/traits/bug60809.phpt
U php/php-src/trunk/Zend/zend_compile.c
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-01-20 12:28:37 UTC (rev 322494)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-01-20 12:30:57 UTC (rev 322495)
@@ -7,6 +7,7 @@
- Core:
. Restoring $_SERVER['REQUEST_TIME'] as a long and introducing
$_SERVER['REQUEST_TIME_FLOAT'] to include microsecond precision. (Patrick)
+ . Fixed bug #60809 (TRAITS - PHPDoc Comment Style Bug). (Dmitry)
. Fixed bug #60768 (Output buffer not discarded) (Mike)
- Hash
Added: php/php-src/branches/PHP_5_4/Zend/tests/traits/bug60809.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/traits/bug60809.phpt (rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/traits/bug60809.phpt 2012-01-20 12:30:57 UTC (rev 322495)
@@ -0,0 +1,36 @@
+--TEST--
+Bug #60809 (TRAITS - PHPDoc Comment Style Bug)
+--FILE--
+hello_world;
+ }
+}
+
+class Example extends ExampleParent {
+ use ExampleTrait;
+}
+
+trait ExampleTrait {
+ /**
+ *
+ */
+ private $hello_world = "hello bar\n";
+ /**
+ *
+ */
+ public $prop = "ops";
+ public function bar() {
+ echo $this->hello_world;
+ }
+}
+
+$x = new Example();
+$x->foo();
+$x->bar();
+?>
+--EXPECT--
+hello foo
+hello bar
Modified: php/php-src/branches/PHP_5_4/Zend/zend_compile.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_compile.c 2012-01-20 12:28:37 UTC (rev 322494)
+++ php/php-src/branches/PHP_5_4/Zend/zend_compile.c 2012-01-20 12:30:57 UTC (rev 322495)
@@ -3714,19 +3714,15 @@
static int zend_traits_merge_functions_to_class(zend_function *fn TSRMLS_DC, int num_args, va_list args, zend_hash_key *hash_key) /* {{{ */
{
zend_class_entry *ce = va_arg(args, zend_class_entry*);
- int add = 0;
zend_function* existing_fn = NULL;
zend_function fn_copy, *fn_copy_p;
zend_function* prototype = NULL; /* is used to determine the prototype according to the inheritance chain */
- if (zend_hash_quick_find(&ce->function_table, hash_key->arKey, hash_key->nKeyLength, hash_key->h, (void**) &existing_fn) == FAILURE) {
- add = 1; /* not found */
- } else if (existing_fn->common.scope != ce) {
- add = 1; /* or inherited from other class or interface */
- }
-
- if (add) {
+ if (zend_hash_quick_find(&ce->function_table, hash_key->arKey, hash_key->nKeyLength, hash_key->h, (void**) &existing_fn) == FAILURE ||
+ existing_fn->common.scope != ce) {
+ /* not found or inherited from other class or interface */
zend_function* parent_function;
+
if (ce->parent && zend_hash_quick_find(&ce->parent->function_table, hash_key->arKey, hash_key->nKeyLength, hash_key->h, (void**) &parent_function) != FAILURE) {
prototype = parent_function; /* ->common.fn_flags |= ZEND_ACC_ABSTRACT; */
@@ -3800,7 +3796,6 @@
static int zend_traits_copy_functions(zend_function *fn TSRMLS_DC, int num_args, va_list args, zend_hash_key *hash_key) /* {{{ */
{
HashTable* target;
- zend_class_entry *target_ce;
zend_trait_alias** aliases;
HashTable* exclude_table;
char* lcname;
@@ -3810,7 +3805,6 @@
size_t i = 0;
target= va_arg(args, HashTable*);
- target_ce = va_arg(args, zend_class_entry*);
aliases = va_arg(args, zend_trait_alias**);
exclude_table = va_arg(args, HashTable*);
@@ -3901,9 +3895,9 @@
/* }}} */
/* Copies function table entries to target function table with applied aliasing */
-static void zend_traits_copy_trait_function_table(HashTable *target, zend_class_entry *target_ce, HashTable *source, zend_trait_alias** aliases, HashTable* exclude_table TSRMLS_DC) /* {{{ */
+static void zend_traits_copy_trait_function_table(HashTable *target, HashTable *source, zend_trait_alias** aliases, HashTable* exclude_table TSRMLS_DC) /* {{{ */
{
- zend_hash_apply_with_arguments(source TSRMLS_CC, (apply_func_args_t)zend_traits_copy_functions, 4, target, target_ce, aliases, exclude_table);
+ zend_hash_apply_with_arguments(source TSRMLS_CC, (apply_func_args_t)zend_traits_copy_functions, 3, target, aliases, exclude_table);
}
/* }}} */
@@ -4035,10 +4029,10 @@
zend_traits_compile_exclude_table(&exclude_table, ce->trait_precedences, ce->traits[
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS configure.in main/php_version.h
stas Thu, 19 Jan 2012 06:27:56 + Revision: http://svn.php.net/viewvc?view=revision&revision=322461 Log: 5.4.0RC6 Changed paths: U php/php-src/branches/PHP_5_4/NEWS U php/php-src/branches/PHP_5_4/configure.in U php/php-src/branches/PHP_5_4/main/php_version.h Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2012-01-19 00:20:04 UTC (rev 322460) +++ php/php-src/branches/PHP_5_4/NEWS 2012-01-19 06:27:56 UTC (rev 322461) @@ -1,7 +1,9 @@ PHPNEWS ||| -?? Jan 2012, PHP 5.4.0 RC6 +?? Jan 2012, PHP 5.4.0 +19 Jan 2012, PHP 5.4.0 RC6 + - Core: . Restoring $_SERVER['REQUEST_TIME'] as a long and introducing $_SERVER['REQUEST_TIME_FLOAT'] to include microsecond precision. (Patrick) Modified: php/php-src/branches/PHP_5_4/configure.in === --- php/php-src/branches/PHP_5_4/configure.in 2012-01-19 00:20:04 UTC (rev 322460) +++ php/php-src/branches/PHP_5_4/configure.in 2012-01-19 06:27:56 UTC (rev 322461) @@ -120,7 +120,7 @@ PHP_MAJOR_VERSION=5 PHP_MINOR_VERSION=4 PHP_RELEASE_VERSION=0 -PHP_EXTRA_VERSION="RC6-dev" +PHP_EXTRA_VERSION="RC6" PHP_VERSION="$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION" PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 1 + [$]PHP_MINOR_VERSION \* 100 + [$]PHP_RELEASE_VERSION` Modified: php/php-src/branches/PHP_5_4/main/php_version.h === --- php/php-src/branches/PHP_5_4/main/php_version.h 2012-01-19 00:20:04 UTC (rev 322460) +++ php/php-src/branches/PHP_5_4/main/php_version.h 2012-01-19 06:27:56 UTC (rev 322461) @@ -3,6 +3,6 @@ #define PHP_MAJOR_VERSION 5 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 0 -#define PHP_EXTRA_VERSION "RC6-dev" -#define PHP_VERSION "5.4.0RC6-dev" +#define PHP_EXTRA_VERSION "RC6" +#define PHP_VERSION "5.4.0RC6" #define PHP_VERSION_ID 50400 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/ext/hash/config.m4 branches/PHP_5_4/ext/hash/config.w32 branches/PHP_5_4/ext/hash/hash.c branches/PHP_5_4/ext/hash/hash_salsa.c bran
mike Wed, 18 Jan 2012 09:15:34 +
Revision: http://svn.php.net/viewvc?view=revision&revision=322437
Log:
merge ext/hash from trunk
Changed paths:
_U php/php-src/branches/PHP_5_4/
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/ext/hash/config.m4
U php/php-src/branches/PHP_5_4/ext/hash/config.w32
U php/php-src/branches/PHP_5_4/ext/hash/hash.c
D php/php-src/branches/PHP_5_4/ext/hash/hash_salsa.c
U php/php-src/branches/PHP_5_4/ext/hash/hash_tiger.c
U php/php-src/branches/PHP_5_4/ext/hash/php_hash.h
D php/php-src/branches/PHP_5_4/ext/hash/php_hash_salsa.h
U php/php-src/branches/PHP_5_4/ext/hash/tests/hash_algos.phpt
U php/php-src/branches/PHP_5_4/ext/hash/tests/hash_copy_001.phpt
U php/php-src/branches/PHP_5_4/ext/hash/tests/hash_file_basic1.phpt
U php/php-src/branches/PHP_5_4/ext/hash/tests/hash_hmac_basic.phpt
U php/php-src/branches/PHP_5_4/ext/hash/tests/hash_hmac_file_basic.phpt
U php/php-src/branches/PHP_5_4/ext/hash/tests/tiger.phpt
U php/php-src/trunk/NEWS
Property changes on: php/php-src/branches/PHP_5_4
___
Modified: svn:mergeinfo
- /php/php-src/trunk:284726
+ /php/php-src/trunk:284726,322419,322421,322423
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-01-18 07:57:40 UTC (rev 322436)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-01-18 09:15:34 UTC (rev 322437)
@@ -7,6 +7,10 @@
$_SERVER['REQUEST_TIME_FLOAT'] to include microsecond precision. (Patrick)
. Fixed bug #60768 (Output buffer not discarded) (Mike)
+- Hash
+ . Fixed bug #60221 (Tiger hash output byte order) (Mike)
+ . Removed Salsa10/Salsa20, which are actually stream ciphers (Mike)
+
- Pdo Firebird:
. Fixed bug #47415 (segfaults when passing lowercased column name to
bindColumn). (Mariuz)
Modified: php/php-src/branches/PHP_5_4/ext/hash/config.m4
===
--- php/php-src/branches/PHP_5_4/ext/hash/config.m4 2012-01-18 07:57:40 UTC (rev 322436)
+++ php/php-src/branches/PHP_5_4/ext/hash/config.m4 2012-01-18 09:15:34 UTC (rev 322437)
@@ -27,10 +27,10 @@
EXT_HASH_SOURCES="hash.c hash_md.c hash_sha.c hash_ripemd.c hash_haval.c \
hash_tiger.c hash_gost.c hash_snefru.c hash_whirlpool.c hash_adler32.c \
-hash_crc32.c hash_salsa.c hash_fnv.c hash_joaat.c"
+hash_crc32.c hash_fnv.c hash_joaat.c"
EXT_HASH_HEADERS="php_hash.h php_hash_md.h php_hash_sha.h php_hash_ripemd.h \
php_hash_haval.h php_hash_tiger.h php_hash_gost.h php_hash_snefru.h \
-php_hash_whirlpool.h php_hash_adler32.h php_hash_crc32.h php_hash_salsa.h \
+php_hash_whirlpool.h php_hash_adler32.h php_hash_crc32.h \
php_hash_fnv.h php_hash_joaat.h php_hash_types.h"
PHP_NEW_EXTENSION(hash, $EXT_HASH_SOURCES, $ext_shared)
Modified: php/php-src/branches/PHP_5_4/ext/hash/config.w32
===
--- php/php-src/branches/PHP_5_4/ext/hash/config.w32 2012-01-18 07:57:40 UTC (rev 322436)
+++ php/php-src/branches/PHP_5_4/ext/hash/config.w32 2012-01-18 09:15:34 UTC (rev 322437)
@@ -15,11 +15,11 @@
AC_DEFINE('HAVE_HASH_EXT', 1);
EXTENSION("hash", "hash.c hash_md.c hash_sha.c hash_ripemd.c hash_haval.c "
+ "hash_tiger.c hash_gost.c hash_snefru.c hash_whirlpool.c "
- + "hash_adler32.c hash_crc32.c hash_salsa.c hash_joaat.c hash_fnv.c");
+ + "hash_adler32.c hash_crc32.c hash_joaat.c hash_fnv.c");
PHP_INSTALL_HEADERS("ext/hash/", "php_hash.h php_hash_md.h php_hash_sha.h php_hash_ripemd.h " +
"php_hash_haval.h php_hash_tiger.h php_hash_gost.h php_hash_snefru.h " +
- "php_hash_whirlpool.h php_hash_adler32.h php_hash_crc32.h php_hash_salsa.h " +
+ "php_hash_whirlpool.h php_hash_adler32.h php_hash_crc32.h " +
"php_hash_types.h");
}
Modified: php/php-src/branches/PHP_5_4/ext/hash/hash.c
===
--- php/php-src/branches/PHP_5_4/ext/hash/hash.c 2012-01-18 07:57:40 UTC (rev 322436)
+++ php/php-src/branches/PHP_5_4/ext/hash/hash.c 2012-01-18 09:15:34 UTC (rev 322437)
@@ -851,8 +851,6 @@
php_hash_register_algo("adler32", &php_hash_adler32_ops);
php_hash_register_algo("crc32", &php_hash_crc32_ops);
php_hash_register_algo("crc32b", &php_hash_crc32b_ops);
- php_hash_register_algo("salsa10", &php_hash_salsa10_ops);
- php_hash_register_algo("salsa20", &php_hash_salsa20_ops);
php_hash_register_algo("fnv132", &php_hash_fnv132_ops);
php_hash_register_algo("fnv164", &php_hash_fnv164_ops);
php_hash_register_algo("joaat", &php_hash_joaat_ops);
Deleted: php/php-src/branches/PHP_5_4/ext/hash/hash_salsa.c
===
--- php/php-src/branches/PHP_5_4/ext/hash/hash_salsa.c 201
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/main/output.c branches/PHP_5_4/tests/output/bug60768.phpt trunk/main/output.c trunk/tests/output/bug60768.phpt
mike Mon, 16 Jan 2012 17:51:35 +
Revision: http://svn.php.net/viewvc?view=revision&revision=322374
Log:
Fix bug #60768 Output buffer not discarded
in php_output_handler_op():
* if appending to buffer succeeds, just return HANDLER_NO_DATA
and do nothing else
* if a zero sized string or true is returned from the handler
function, reset the context as well as the handler's buffer
Bug: https://bugs.php.net/60768 (error getting bug information)
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/main/output.c
A php/php-src/branches/PHP_5_4/tests/output/bug60768.phpt
U php/php-src/trunk/main/output.c
A php/php-src/trunk/tests/output/bug60768.phpt
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-01-16 16:10:50 UTC (rev 322373)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-01-16 17:51:35 UTC (rev 322374)
@@ -5,6 +5,7 @@
- Core:
. Restoring $_SERVER['REQUEST_TIME'] as a long and introducing
$_SERVER['REQUEST_TIME_FLOAT'] to include microsecond precision. (Patrick)
+ . Fixed bug #60768 (Output buffer not discarded) (Mike)
- Pdo Firebird:
. Fixed bug #47415 (segfaults when passing lowercased column name to
Modified: php/php-src/branches/PHP_5_4/main/output.c
===
--- php/php-src/branches/PHP_5_4/main/output.c 2012-01-16 16:10:50 UTC (rev
322373)
+++ php/php-src/branches/PHP_5_4/main/output.c 2012-01-16 17:51:35 UTC (rev
322374)
@@ -885,7 +885,8 @@
/* storable? */
if (php_output_handler_append(handler, &context->in TSRMLS_CC) &&
!context->op) {
- status = PHP_OUTPUT_HANDLER_NO_DATA;
+ context->op = original_op;
+ return PHP_OUTPUT_HANDLER_NO_DATA;
} else {
/* need to start? */
if (!(handler->flags & PHP_OUTPUT_HANDLER_STARTED)) {
@@ -961,14 +962,14 @@
handler->buffer.used = 0;
handler->buffer.size = 0;
break;
+ case PHP_OUTPUT_HANDLER_NO_DATA:
+ /* handler ate all */
+ php_output_context_reset(context);
+ /* no break */
case PHP_OUTPUT_HANDLER_SUCCESS:
/* no more buffered data */
handler->buffer.used = 0;
break;
- case PHP_OUTPUT_HANDLER_NO_DATA:
- /* handler ate all */
- php_output_context_reset(context);
- break;
}
context->op = original_op;
Added: php/php-src/branches/PHP_5_4/tests/output/bug60768.phpt
===
--- php/php-src/branches/PHP_5_4/tests/output/bug60768.phpt
(rev 0)
+++ php/php-src/branches/PHP_5_4/tests/output/bug60768.phpt 2012-01-16
17:51:35 UTC (rev 322374)
@@ -0,0 +1,25 @@
+--TEST--
+Bug #60768 Output buffer not discarded
+--FILE--
+
+DONE
+--EXPECT--
+Output size: 120, expected 120
+DONE
+
Modified: php/php-src/trunk/main/output.c
===
--- php/php-src/trunk/main/output.c 2012-01-16 16:10:50 UTC (rev 322373)
+++ php/php-src/trunk/main/output.c 2012-01-16 17:51:35 UTC (rev 322374)
@@ -885,7 +885,8 @@
/* storable? */
if (php_output_handler_append(handler, &context->in TSRMLS_CC) &&
!context->op) {
- status = PHP_OUTPUT_HANDLER_NO_DATA;
+ context->op = original_op;
+ return PHP_OUTPUT_HANDLER_NO_DATA;
} else {
/* need to start? */
if (!(handler->flags & PHP_OUTPUT_HANDLER_STARTED)) {
@@ -961,14 +962,14 @@
handler->buffer.used = 0;
handler->buffer.size = 0;
break;
+ case PHP_OUTPUT_HANDLER_NO_DATA:
+ /* handler ate all */
+ php_output_context_reset(context);
+ /* no break */
case PHP_OUTPUT_HANDLER_SUCCESS:
/* no more buffered data */
handler->buffer.used = 0;
break;
- case PHP_OUTPUT_HANDLER_NO_DATA:
- /* handler ate all */
- php_output_context_reset(context);
- break;
}
context->op = original_op;
Added: php/php-src/trunk/tests/output/bug60768.phpt
===
--- php/php-src/trunk/tests/output/bug60768.phpt
(rev 0)
+++ php/php-src/trunk/tests/output/bug60768.phpt2012-01-16 17
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/snmp/snmp.c ext/snmp/tests/bug60749.phpt ext/snmp/tests/ipv6.phpt
lytboris Fri, 13 Jan 2012 18:46:56 +
Revision: http://svn.php.net/viewvc?view=revision&revision=322214
Log:
merge from trunk:
Fixed bug #60585 (php build fails with USE flag snmp when IPv6 support is
disabled
Fixed bug #60749 (SNMP module should not strip non-standard SNMP port from
hostname
Bugs: https://bugs.php.net/60585 (Assigned) php build fails with USE flag snmp
when IPv6 support is disabled
https://bugs.php.net/60749 (Assigned) SNMP module should not strip
non-standard SNMP port from hostname
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
_U php/php-src/branches/PHP_5_4/ext/snmp/
U php/php-src/branches/PHP_5_4/ext/snmp/snmp.c
_U php/php-src/branches/PHP_5_4/ext/snmp/tests/
A + php/php-src/branches/PHP_5_4/ext/snmp/tests/bug60749.phpt
(from php/php-src/trunk/ext/snmp/tests/bug60749.phpt:r322213)
U php/php-src/branches/PHP_5_4/ext/snmp/tests/ipv6.phpt
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-01-13 18:34:21 UTC (rev 322213)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-01-13 18:46:56 UTC (rev 322214)
@@ -12,6 +12,12 @@
. Fixed bug #53280 (segfaults if query column count less than param count).
(Mariuz)
+- SNMP:
+ . Fixed bug #60585 (php build fails with USE flag snmp when IPv6 support
+is disabled). (Boris Lytochkin)
+ . Fixed bug #60749 (SNMP module should not strip non-standard SNMP port
+from hostname). (Boris Lytochkin)
+
07 Jan 2012, PHP 5.4.0 RC5
- Core:
. Fixed bug #60613 (Segmentation fault with $cls->{expr}() syntax). (Dmitry)
Property changes on: php/php-src/branches/PHP_5_4/ext/snmp
___
Modified: svn:mergeinfo
-
/php/php-src/trunk/ext/snmp:284726,311033-315236,315606,315608,315862,315924,316022,316029,316031
+
/php/php-src/trunk/ext/snmp:284726,311033-315236,315606,315608,315862,315924,316022,316029,316031,322213
Modified: php/php-src/branches/PHP_5_4/ext/snmp/snmp.c
===
--- php/php-src/branches/PHP_5_4/ext/snmp/snmp.c2012-01-13 18:34:21 UTC
(rev 322213)
+++ php/php-src/branches/PHP_5_4/ext/snmp/snmp.c2012-01-13 18:46:56 UTC
(rev 322214)
@@ -1171,11 +1171,11 @@
continue;
}
#else
- if (res->sa_family != AF_INET) {
+ if ((*res)->sa_family != AF_INET) {
res++;
continue;
}
- strcat(pptr, inet_ntoa(res));
+ strcat(pptr, inet_ntoa(((struct
sockaddr_in*)(*res))->sin_addr));
#endif
break;
}
@@ -1188,6 +1188,12 @@
There should be check for non-empty session->peername!
*/
+ /* put back non-standard SNMP port */
+ if (session->remote_port != SNMP_PORT) {
+ pptr = session->peername + strlen(session->peername);
+ sprintf(pptr, ":%d", session->remote_port);
+ }
+
php_network_freeaddresses(psal);
if (version == SNMP_VERSION_3) {
Property changes on: php/php-src/branches/PHP_5_4/ext/snmp/tests
___
Modified: svn:mergeinfo
-
/php/php-src/trunk/ext/snmp/tests:284726,311033-315236,315386,315606,315608,315862,315916,315924,316022,316029,316031
+
/php/php-src/trunk/ext/snmp/tests:284726,311033-315236,315386,315606,315608,315862,315916,315924,316022,316029,316031,322213
Copied: php/php-src/branches/PHP_5_4/ext/snmp/tests/bug60749.phpt (from rev
322213, php/php-src/trunk/ext/snmp/tests/bug60749.phpt)
===
--- php/php-src/branches/PHP_5_4/ext/snmp/tests/bug60749.phpt
(rev 0)
+++ php/php-src/branches/PHP_5_4/ext/snmp/tests/bug60749.phpt 2012-01-13
18:46:56 UTC (rev 322214)
@@ -0,0 +1,28 @@
+--TEST--
+Bug #60749: SNMP module should not strip non-standard SNMP port from hostname
+--CREDITS--
+Boris Lytochkin
+--SKIPIF--
+
+--FILE--
+info;
+if (strcmp($info["hostname"], "$ip:$port") !== 0) {
+ echo "'" . $info["hostname"] . "' != '$ip:$port'\n";
+}
+var_dump($session->close());
+?>
+--EXPECTF--
+bool(true)
Modified: php/php-src/branches/PHP_5_4/ext/snmp/tests/ipv6.phpt
===
--- php/php-src/branches/PHP_5_4/ext/snmp/tests/ipv6.phpt 2012-01-13
18:34:21 UTC (rev 322213)
+++ php/php-src/branches/PHP_5_4/ext/snmp/tests/ipv6.phpt 2012-01-13
18:46:56 UTC (rev 322214)
@@ -4,16 +4,17 @@
Boris Lytochkin
--SKIPIF--
--FILE--
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS
mariuz Tue, 10 Jan 2012 13:42:14 +
Revision: http://svn.php.net/viewvc?view=revision&revision=322021
Log:
Added fixes Pdo Firebird bugs to the NEWS file
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-01-10 13:33:01 UTC (rev 322020)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-01-10 13:42:14 UTC (rev 322021)
@@ -6,6 +6,12 @@
. Restoring $_SERVER['REQUEST_TIME'] as a long and introducing
$_SERVER['REQUEST_TIME_FLOAT'] to include microsecond precision. (Patrick)
+- Pdo Firebird:
+ . Fixed bug #47415 (segfaults when passing lowercased column name to
+bindColumn). (Mariuz)
+ . Fixed bug #53280 (segfaults if query column count less than param count).
+(Mariuz)
+
07 Jan 2012, PHP 5.4.0 RC5
- Core:
. Fixed bug #60613 (Segmentation fault with $cls->{expr}() syntax). (Dmitry)
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS main/php_variables.c
patrickallaert Fri, 06 Jan 2012 13:38:06 +
Revision: http://svn.php.net/viewvc?view=revision&revision=321828
Log:
Changed: restoring REQUEST_TIME as a long, introducing REQUEST_TIME_FLOAT
instead as discussed on the ML
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/main/php_variables.c
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-01-06 13:37:51 UTC (rev 321827)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-01-06 13:38:06 UTC (rev 321828)
@@ -2,6 +2,10 @@
|||
?? Jan 2012, PHP 5.4.0 RC6
+- Core:
+ . Restoring $_SERVER['REQUEST_TIME'] as a long and introducing
+$_SERVER['REQUEST_TIME_FLOAT'] to include microsecond precision. (Patrick)
+
07 Jan 2012, PHP 5.4.0 RC5
- Core:
. Fixed bug #60613 (Segmentation fault with $cls->{expr}() syntax). (Dmitry)
Modified: php/php-src/branches/PHP_5_4/main/php_variables.c
===
--- php/php-src/branches/PHP_5_4/main/php_variables.c 2012-01-06 13:37:51 UTC
(rev 321827)
+++ php/php-src/branches/PHP_5_4/main/php_variables.c 2012-01-06 13:38:06 UTC
(rev 321828)
@@ -581,10 +581,13 @@
}
/* store request init time */
{
- zval new_entry;
- Z_TYPE(new_entry) = IS_DOUBLE;
- Z_DVAL(new_entry) = sapi_get_request_time(TSRMLS_C);
- php_register_variable_ex("REQUEST_TIME", &new_entry, array_ptr
TSRMLS_CC);
+ zval request_time_float, request_time_long;
+ Z_TYPE(request_time_float) = IS_DOUBLE;
+ Z_DVAL(request_time_float) = sapi_get_request_time(TSRMLS_C);
+ php_register_variable_ex("REQUEST_TIME_FLOAT",
&request_time_float, array_ptr TSRMLS_CC);
+ Z_TYPE(request_time_long) = IS_LONG;
+ Z_LVAL(request_time_long) =
zend_dval_to_lval(Z_DVAL(request_time_float));
+ php_register_variable_ex("REQUEST_TIME", &request_time_long,
array_ptr TSRMLS_CC);
}
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS configure.in main/php_version.h
stas Thu, 05 Jan 2012 07:24:26 +
Revision: http://svn.php.net/viewvc?view=revision&revision=321781
Log:
back to dev
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/configure.in
U php/php-src/branches/PHP_5_4/main/php_version.h
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-01-05 07:22:29 UTC (rev 321780)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-01-05 07:24:26 UTC (rev 321781)
@@ -1,5 +1,7 @@
PHPNEWS
|||
+?? Jan 2012, PHP 5.4.0 RC6
+
07 Jan 2012, PHP 5.4.0 RC5
- Core:
. Fixed bug #60613 (Segmentation fault with $cls->{expr}() syntax). (Dmitry)
Modified: php/php-src/branches/PHP_5_4/configure.in
===
--- php/php-src/branches/PHP_5_4/configure.in 2012-01-05 07:22:29 UTC (rev
321780)
+++ php/php-src/branches/PHP_5_4/configure.in 2012-01-05 07:24:26 UTC (rev
321781)
@@ -120,7 +120,7 @@
PHP_MAJOR_VERSION=5
PHP_MINOR_VERSION=4
PHP_RELEASE_VERSION=0
-PHP_EXTRA_VERSION="RC5"
+PHP_EXTRA_VERSION="RC6-dev"
PHP_VERSION="$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION"
PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 1 + [$]PHP_MINOR_VERSION \*
100 + [$]PHP_RELEASE_VERSION`
Modified: php/php-src/branches/PHP_5_4/main/php_version.h
===
--- php/php-src/branches/PHP_5_4/main/php_version.h 2012-01-05 07:22:29 UTC
(rev 321780)
+++ php/php-src/branches/PHP_5_4/main/php_version.h 2012-01-05 07:24:26 UTC
(rev 321781)
@@ -3,6 +3,6 @@
#define PHP_MAJOR_VERSION 5
#define PHP_MINOR_VERSION 4
#define PHP_RELEASE_VERSION 0
-#define PHP_EXTRA_VERSION "RC5"
-#define PHP_VERSION "5.4.0RC5"
+#define PHP_EXTRA_VERSION "RC6-dev"
+#define PHP_VERSION "5.4.0RC6-dev"
#define PHP_VERSION_ID 50400
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS configure.in main/php_version.h
stas Thu, 05 Jan 2012 07:22:29 +
Revision: http://svn.php.net/viewvc?view=revision&revision=321780
Log:
5.4.0rc5
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/configure.in
U php/php-src/branches/PHP_5_4/main/php_version.h
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-01-05 07:14:54 UTC (rev 321779)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-01-05 07:22:29 UTC (rev 321780)
@@ -1,6 +1,6 @@
PHPNEWS
|||
-?? Jan 2012, PHP 5.4.0 RC5
+07 Jan 2012, PHP 5.4.0 RC5
- Core:
. Fixed bug #60613 (Segmentation fault with $cls->{expr}() syntax). (Dmitry)
. Fixed bug #60611 (Segmentation fault with Cls::{expr}() syntax). (Laruence)
Modified: php/php-src/branches/PHP_5_4/configure.in
===
--- php/php-src/branches/PHP_5_4/configure.in 2012-01-05 07:14:54 UTC (rev
321779)
+++ php/php-src/branches/PHP_5_4/configure.in 2012-01-05 07:22:29 UTC (rev
321780)
@@ -120,7 +120,7 @@
PHP_MAJOR_VERSION=5
PHP_MINOR_VERSION=4
PHP_RELEASE_VERSION=0
-PHP_EXTRA_VERSION="RC5-dev"
+PHP_EXTRA_VERSION="RC5"
PHP_VERSION="$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION"
PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 1 + [$]PHP_MINOR_VERSION \*
100 + [$]PHP_RELEASE_VERSION`
Modified: php/php-src/branches/PHP_5_4/main/php_version.h
===
--- php/php-src/branches/PHP_5_4/main/php_version.h 2012-01-05 07:14:54 UTC
(rev 321779)
+++ php/php-src/branches/PHP_5_4/main/php_version.h 2012-01-05 07:22:29 UTC
(rev 321780)
@@ -3,6 +3,6 @@
#define PHP_MAJOR_VERSION 5
#define PHP_MINOR_VERSION 4
#define PHP_RELEASE_VERSION 0
-#define PHP_EXTRA_VERSION "RC5-dev"
-#define PHP_VERSION "5.4.0RC5-dev"
+#define PHP_EXTRA_VERSION "RC5"
+#define PHP_VERSION "5.4.0RC5"
#define PHP_VERSION_ID 50400
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/zend.h branches/PHP_5_4/Zend/zend_signal.h trunk/Zend/zend.h trunk/Zend/zend_signal.h
laruence Wed, 04 Jan 2012 08:25:06 +
Revision: http://svn.php.net/viewvc?view=revision&revision=321753
Log:
Fixed bug #60627 (httpd.worker segfault on startup with php_value)
Bug: https://bugs.php.net/60627 (Analyzed) httpd.worker segfault on startup
with php_value
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/Zend/zend.h
U php/php-src/branches/PHP_5_4/Zend/zend_signal.h
U php/php-src/trunk/Zend/zend.h
U php/php-src/trunk/Zend/zend_signal.h
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-01-04 08:13:58 UTC (rev 321752)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-01-04 08:25:06 UTC (rev 321753)
@@ -5,6 +5,8 @@
. Fixed bug #60613 (Segmentation fault with $cls->{expr}() syntax). (Dmitry)
. Fixed bug #60611 (Segmentation fault with Cls::{expr}() syntax). (Laruence)
. Fixed bug #55871 (Interruption in substr_replace()). (Stas)
+ . Fixed bug #60627 (httpd.worker segfault on startup with php_value).
+(Laruence)
- SAPI:
. Fixed bug #55500 (Corrupted $_FILES indices lead to security concern).
Modified: php/php-src/branches/PHP_5_4/Zend/zend.h
===
--- php/php-src/branches/PHP_5_4/Zend/zend.h2012-01-04 08:13:58 UTC (rev
321752)
+++ php/php-src/branches/PHP_5_4/Zend/zend.h2012-01-04 08:25:06 UTC (rev
321753)
@@ -709,8 +709,8 @@
#else
#include "zend_signal.h"
-#define HANDLE_BLOCK_INTERRUPTIONS() SIGG(depth)++;
-#define HANDLE_UNBLOCK_INTERRUPTIONS() if
(UNEXPECTED((--SIGG(depth))==SIGG(blocked))) {
zend_signal_handler_unblock(TSRMLS_C); }
+#define HANDLE_BLOCK_INTERRUPTIONS()
ZEND_SIGNAL_BLOCK_INTERRUPUTIONS()
+#define HANDLE_UNBLOCK_INTERRUPTIONS()
ZEND_SIGNAL_UNBLOCK_INTERRUPTIONS()
#endif
BEGIN_EXTERN_C()
Modified: php/php-src/branches/PHP_5_4/Zend/zend_signal.h
===
--- php/php-src/branches/PHP_5_4/Zend/zend_signal.h 2012-01-04 08:13:58 UTC
(rev 321752)
+++ php/php-src/branches/PHP_5_4/Zend/zend_signal.h 2012-01-04 08:25:06 UTC
(rev 321753)
@@ -69,9 +69,13 @@
BEGIN_EXTERN_C()
ZEND_API extern int zend_signal_globals_id;
END_EXTERN_C()
+# define ZEND_SIGNAL_BLOCK_INTERRUPUTIONS() if
(EXPECTED(zend_signal_globals_id)) { SIGG(depth)++; }
+# define ZEND_SIGNAL_UNBLOCK_INTERRUPTIONS() if
(EXPECTED(zend_signal_globals_id) &&
UNEXPECTED((--SIGG(depth))==SIGG(blocked))) {
zend_signal_handler_unblock(TSRMLS_C); }
#else /* ZTS */
# define SIGG(v) (zend_signal_globals.v)
extern ZEND_API zend_signal_globals_t zend_signal_globals;
+# define ZEND_SIGNAL_BLOCK_INTERRUPUTIONS() SIGG(depth)++;
+# define ZEND_SIGNAL_UNBLOCK_INTERRUPTIONS() if
(UNEXPECTED((--SIGG(depth))==SIGG(blocked))) {
zend_signal_handler_unblock(TSRMLS_C); }
#endif /* not ZTS */
# define SIGNAL_BEGIN_CRITICAL() sigset_t oldmask; \
Modified: php/php-src/trunk/Zend/zend.h
===
--- php/php-src/trunk/Zend/zend.h 2012-01-04 08:13:58 UTC (rev 321752)
+++ php/php-src/trunk/Zend/zend.h 2012-01-04 08:25:06 UTC (rev 321753)
@@ -709,8 +709,8 @@
#else
#include "zend_signal.h"
-#define HANDLE_BLOCK_INTERRUPTIONS() SIGG(depth)++;
-#define HANDLE_UNBLOCK_INTERRUPTIONS() if
(UNEXPECTED((--SIGG(depth))==SIGG(blocked))) {
zend_signal_handler_unblock(TSRMLS_C); }
+#define HANDLE_BLOCK_INTERRUPTIONS()
ZEND_SIGNAL_BLOCK_INTERRUPUTIONS()
+#define HANDLE_UNBLOCK_INTERRUPTIONS()
ZEND_SIGNAL_UNBLOCK_INTERRUPTIONS()
#endif
BEGIN_EXTERN_C()
Modified: php/php-src/trunk/Zend/zend_signal.h
===
--- php/php-src/trunk/Zend/zend_signal.h2012-01-04 08:13:58 UTC (rev
321752)
+++ php/php-src/trunk/Zend/zend_signal.h2012-01-04 08:25:06 UTC (rev
321753)
@@ -69,9 +69,13 @@
BEGIN_EXTERN_C()
ZEND_API extern int zend_signal_globals_id;
END_EXTERN_C()
+# define ZEND_SIGNAL_BLOCK_INTERRUPUTIONS() if
(EXPECTED(zend_signal_globals_id)) { SIGG(depth)++; }
+# define ZEND_SIGNAL_UNBLOCK_INTERRUPTIONS() if
(EXPECTED(zend_signal_globals_id) &&
UNEXPECTED((--SIGG(depth))==SIGG(blocked))) {
zend_signal_handler_unblock(TSRMLS_C); }
#else /* ZTS */
# define SIGG(v) (zend_signal_globals.v)
extern ZEND_API zend_signal_globals_t zend_signal_globals;
+# define ZEND_SIGNAL_BLOCK_INTERRUPUTIONS() SIGG(depth)++;
+# define ZEND_SIGNAL_UNBLOCK_INTERRUPTIONS() if
(UNEXPECTED((--SIGG(depth))==SIGG(blocked))) {
zend_signal_handler_unblock(TSRMLS_C); }
#endif /* not ZTS */
# define SIGNAL_BEGIN_CRITICAL() sigset_t oldmask; \
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS
arpadWed, 04 Jan 2012 01:34:08 + Revision: http://svn.php.net/viewvc?view=revision&revision=321742 Log: NEWS entry for r321738 Changed paths: U php/php-src/branches/PHP_5_4/NEWS Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2012-01-04 01:31:30 UTC (rev 321741) +++ php/php-src/branches/PHP_5_4/NEWS 2012-01-04 01:34:08 UTC (rev 321742) @@ -24,6 +24,8 @@ - Improved Session extension: . Fixed bug #60640 (invalid return values). (Arpad) + . Implement FR #60551 (session_set_save_handler should support a core's +session handler interface). (Arpad) 22 Dec 2011, PHP 5.4.0 RC4 - Core: -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/ext/session/mod_user_class.c trunk/ext/session/mod_user_class.c
arpadWed, 04 Jan 2012 01:31:30 + Revision: http://svn.php.net/viewvc?view=revision&revision=321741 Log: fix return values of inherited session handler to match user handlers - #60640 Bug: https://bugs.php.net/60640 (Assigned) Invalid return values Changed paths: U php/php-src/branches/PHP_5_4/NEWS U php/php-src/branches/PHP_5_4/ext/session/mod_user_class.c U php/php-src/trunk/ext/session/mod_user_class.c Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2012-01-04 01:22:15 UTC (rev 321740) +++ php/php-src/branches/PHP_5_4/NEWS 2012-01-04 01:31:30 UTC (rev 321741) @@ -22,6 +22,8 @@ . Fixed bug #60629 (memory corruption when web server closed the fcgi fd). (fat) +- Improved Session extension: + . Fixed bug #60640 (invalid return values). (Arpad) 22 Dec 2011, PHP 5.4.0 RC4 - Core: Modified: php/php-src/branches/PHP_5_4/ext/session/mod_user_class.c === --- php/php-src/branches/PHP_5_4/ext/session/mod_user_class.c 2012-01-04 01:22:15 UTC (rev 321740) +++ php/php-src/branches/PHP_5_4/ext/session/mod_user_class.c 2012-01-04 01:31:30 UTC (rev 321741) @@ -48,7 +48,7 @@ } PS(mod_user_is_open) = 1; - RETVAL_LONG(PS(default_mod)->s_open(&PS(mod_data), save_path, session_name TSRMLS_CC)); + RETVAL_BOOL(SUCCESS == PS(default_mod)->s_open(&PS(mod_data), save_path, session_name TSRMLS_CC)); } /* }}} */ @@ -63,7 +63,7 @@ zend_parse_parameters_none(); PS(mod_user_is_open) = 0; - RETVAL_LONG(PS(default_mod)->s_close(&PS(mod_data) TSRMLS_CC)); + RETVAL_BOOL(SUCCESS == PS(default_mod)->s_close(&PS(mod_data) TSRMLS_CC)); } /* }}} */ @@ -104,7 +104,7 @@ return; } - RETVAL_LONG(PS(default_mod)->s_write(&PS(mod_data), key, val, val_len TSRMLS_CC)); + RETVAL_BOOL(SUCCESS == PS(default_mod)->s_write(&PS(mod_data), key, val, val_len TSRMLS_CC)); } /* }}} */ @@ -122,7 +122,7 @@ } PS(mod_user_is_open) = 0; - RETVAL_LONG(PS(default_mod)->s_destroy(&PS(mod_data), key TSRMLS_CC)); + RETVAL_BOOL(SUCCESS == PS(default_mod)->s_destroy(&PS(mod_data), key TSRMLS_CC)); } /* }}} */ @@ -139,6 +139,6 @@ return; } - RETVAL_LONG(PS(default_mod)->s_gc(&PS(mod_data), maxlifetime, &nrdels TSRMLS_CC)); + RETVAL_BOOL(SUCCESS == PS(default_mod)->s_gc(&PS(mod_data), maxlifetime, &nrdels TSRMLS_CC)); } /* }}} */ Modified: php/php-src/trunk/ext/session/mod_user_class.c === --- php/php-src/trunk/ext/session/mod_user_class.c 2012-01-04 01:22:15 UTC (rev 321740) +++ php/php-src/trunk/ext/session/mod_user_class.c 2012-01-04 01:31:30 UTC (rev 321741) @@ -48,7 +48,7 @@ } PS(mod_user_is_open) = 1; - RETVAL_LONG(PS(default_mod)->s_open(&PS(mod_data), save_path, session_name TSRMLS_CC)); + RETVAL_BOOL(SUCCESS == PS(default_mod)->s_open(&PS(mod_data), save_path, session_name TSRMLS_CC)); } /* }}} */ @@ -63,7 +63,7 @@ zend_parse_parameters_none(); PS(mod_user_is_open) = 0; - RETVAL_LONG(PS(default_mod)->s_close(&PS(mod_data) TSRMLS_CC)); + RETVAL_BOOL(SUCCESS == PS(default_mod)->s_close(&PS(mod_data) TSRMLS_CC)); } /* }}} */ @@ -104,7 +104,7 @@ return; } - RETVAL_LONG(PS(default_mod)->s_write(&PS(mod_data), key, val, val_len TSRMLS_CC)); + RETVAL_BOOL(SUCCESS == PS(default_mod)->s_write(&PS(mod_data), key, val, val_len TSRMLS_CC)); } /* }}} */ @@ -122,7 +122,7 @@ } PS(mod_user_is_open) = 0; - RETVAL_LONG(PS(default_mod)->s_destroy(&PS(mod_data), key TSRMLS_CC)); + RETVAL_BOOL(SUCCESS == PS(default_mod)->s_destroy(&PS(mod_data), key TSRMLS_CC)); } /* }}} */ @@ -139,6 +139,6 @@ return; } - RETVAL_LONG(PS(default_mod)->s_gc(&PS(mod_data), maxlifetime, &nrdels TSRMLS_CC)); + RETVAL_BOOL(SUCCESS == PS(default_mod)->s_gc(&PS(mod_data), maxlifetime, &nrdels TSRMLS_CC)); } /* }}} */ -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/main/rfc1867.c branches/PHP_5_4/tests/basic/bug55500.phpt trunk/main/rfc1867.c trunk/tests/basic/bug55500.phpt
stas Sun, 01 Jan 2012 23:54:25 +
Revision: http://svn.php.net/viewvc?view=revision&revision=321664
Log:
fix bug #54374, bug #55500 - filter file names better, no dangling [s
Bugs: https://bugs.php.net/54374 (Open) Insufficient validating of upload name
leading to corrupted $_FILES indices
https://bugs.php.net/55500 (error getting bug information)
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/main/rfc1867.c
A php/php-src/branches/PHP_5_4/tests/basic/bug55500.phpt
U php/php-src/trunk/main/rfc1867.c
A php/php-src/trunk/tests/basic/bug55500.phpt
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-01-01 23:51:21 UTC (rev 321663)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-01-01 23:54:25 UTC (rev 321664)
@@ -5,6 +5,12 @@
. Fixed bug #60613 (Segmentation fault with $cls->{expr}() syntax). (Dmitry)
. Fixed bug #60611 (Segmentation fault with Cls::{expr}() syntax). (Laruence)
+- SAPI:
+ . Fixed bug #54374 (Insufficient validating of upload name leading to
+corrupted $_FILES indices). (Stas, lekensteyn at gmail dot com)
+ . Fixed bug #55500 (Corrupted $_FILES indices lead to security concern).
+(Stas)
+
- CLI SAPI:
. Fixed bug #60591 (Memory leak when access a non-exists file). (Laruence)
Modified: php/php-src/branches/PHP_5_4/main/rfc1867.c
===
--- php/php-src/branches/PHP_5_4/main/rfc1867.c 2012-01-01 23:51:21 UTC (rev
321663)
+++ php/php-src/branches/PHP_5_4/main/rfc1867.c 2012-01-01 23:54:25 UTC (rev
321664)
@@ -556,7 +556,7 @@
{
char *s = strrchr(path, '\\');
char *s2 = strrchr(path, '/');
-
+
if (s && s2) {
if (s > s2) {
++s;
@@ -942,6 +942,10 @@
}
tmp++;
}
+ /* Brackets should always be closed */
+ if(c != 0) {
+ skip_upload = 1;
+ }
}
total_bytes = cancel_upload = 0;
@@ -977,7 +981,7 @@
offset = 0;
end = 0;
-
+
if (!cancel_upload) {
/* only bother to open temp file if we have
data */
blen = multipart_buffer_read(mbuff, buff,
sizeof(buff), &end TSRMLS_CC);
@@ -1275,7 +1279,7 @@
php_rfc1867_getword = getword;
php_rfc1867_getword_conf = getword_conf;
php_rfc1867_basename = basename;
-}
+}
/* }}} */
/*
Added: php/php-src/branches/PHP_5_4/tests/basic/bug55500.phpt
===
--- php/php-src/branches/PHP_5_4/tests/basic/bug55500.phpt
(rev 0)
+++ php/php-src/branches/PHP_5_4/tests/basic/bug55500.phpt 2012-01-01
23:54:25 UTC (rev 321664)
@@ -0,0 +1,67 @@
+--TEST--
+Bug #55500 (Corrupted $_FILES indices lead to security concern)
+--INI--
+file_uploads=1
+error_reporting=E_ALL&~E_NOTICE
+upload_max_filesize=1024
+--POST_RAW--
+Content-Type: multipart/form-data;
boundary=---20896060251896012921717172737
+-20896060251896012921717172737
+Content-Disposition: form-data; name="file[]"; filename="file1.txt"
+Content-Type: text/plain-file1
+
+1
+-20896060251896012921717172737
+Content-Disposition: form-data; name="file[[type]"; filename="file2.txt"
+Content-Type: text/plain-file2
+
+2
+-20896060251896012921717172737
+Content-Disposition: form-data; name="file[[name]"; filename="file3.txt"
+Content-Type: text/plain-file3
+
+3
+-20896060251896012921717172737
+Content-Disposition: form-data; name="file[name]["; filename="file4.txt"
+Content-Type: text/plain-file3
+
+4
+-20896060251896012921717172737--
+--FILE--
+
+--EXPECTF--
+array(1) {
+ [%u|b%"file"]=>
+ array(5) {
+[%u|b%"name"]=>
+array(1) {
+ [0]=>
+ %unicode|string%(9) "file1.txt"
+}
+[%u|b%"type"]=>
+array(1) {
+ [0]=>
+ %unicode|string%(16) "text/plain-file1"
+}
+[%u|b%"tmp_name"]=>
+array(1) {
+ [0]=>
+ %unicode|string%(%d) "%s"
+}
+[%u|b%"error"]=>
+array(1) {
+ [0]=>
+ int(0)
+}
+[%u|b%"size"]=>
+array(1) {
+ [0]=>
+ int(1)
+}
+ }
+}
+array(0) {
+}
Modified: php/php-src/trunk/main/rfc1867.c
===
--- php/php-src/trunk/main/rfc1867.c2012-01-01 23:51:21 UTC (rev 321663)
+++ php/php-src/trunk/main/rfc1867.c2012-
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/tests/bug60613.phpt branches/PHP_5_4/Zend/zend_compile.c trunk/Zend/tests/bug60613.phpt trunk/Zend/zend_compile.c
dmitry Wed, 28 Dec 2011 09:59:39 +
Revision: http://svn.php.net/viewvc?view=revision&revision=321463
Log:
Fixed bug #60613 (Segmentation fault with $cls->{expr}() syntax)
Bug: https://bugs.php.net/60613 (Closed) Segmentation fault with $cls->{expr}()
syntax
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
A php/php-src/branches/PHP_5_4/Zend/tests/bug60613.phpt
U php/php-src/branches/PHP_5_4/Zend/zend_compile.c
A php/php-src/trunk/Zend/tests/bug60613.phpt
U php/php-src/trunk/Zend/zend_compile.c
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2011-12-28 09:53:15 UTC (rev 321462)
+++ php/php-src/branches/PHP_5_4/NEWS 2011-12-28 09:59:39 UTC (rev 321463)
@@ -2,6 +2,7 @@
|||
?? Jan 2012, PHP 5.4.0 RC5
- Core:
+ . Fixed bug #60613 (Segmentation fault with $cls->{expr}() syntax). (Dmitry)
. Fixed bug #60611 (Segmentation fault with Cls::{expr}() syntax). (Laruence)
- CLI SAPI:
Added: php/php-src/branches/PHP_5_4/Zend/tests/bug60613.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/bug60613.phpt
(rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/bug60613.phpt 2011-12-28
09:59:39 UTC (rev 321463)
@@ -0,0 +1,19 @@
+--TEST--
+Bug #60613 (Segmentation fault with $cls->{expr}() syntax)
+--FILE--
+{0}();
+$cls->{1.0}();
+$cls->{true}();
+$cls->{false}();
+$cls->{null}();
+echo "ok\n";
+--EXPECT--
+ok
+
Modified: php/php-src/branches/PHP_5_4/Zend/zend_compile.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_compile.c2011-12-28 09:53:15 UTC
(rev 321462)
+++ php/php-src/branches/PHP_5_4/Zend/zend_compile.c2011-12-28 09:59:39 UTC
(rev 321463)
@@ -89,7 +89,8 @@
} while (0)
#define FREE_POLYMORPHIC_CACHE_SLOT(literal) do { \
- if (CG(active_op_array)->literals[literal].cache_slot == \
+ if (CG(active_op_array)->literals[literal].cache_slot != -1 && \
+ CG(active_op_array)->literals[literal].cache_slot == \
CG(active_op_array)->last_cache_slot -
POLYMORPHIC_CACHE_SLOT_SIZE) { \
CG(active_op_array)->literals[literal].cache_slot = -1;
\
CG(active_op_array)->last_cache_slot -=
POLYMORPHIC_CACHE_SLOT_SIZE; \
Added: php/php-src/trunk/Zend/tests/bug60613.phpt
===
--- php/php-src/trunk/Zend/tests/bug60613.phpt (rev 0)
+++ php/php-src/trunk/Zend/tests/bug60613.phpt 2011-12-28 09:59:39 UTC (rev
321463)
@@ -0,0 +1,19 @@
+--TEST--
+Bug #60613 (Segmentation fault with $cls->{expr}() syntax)
+--FILE--
+{0}();
+$cls->{1.0}();
+$cls->{true}();
+$cls->{false}();
+$cls->{null}();
+echo "ok\n";
+--EXPECT--
+ok
+
Modified: php/php-src/trunk/Zend/zend_compile.c
===
--- php/php-src/trunk/Zend/zend_compile.c 2011-12-28 09:53:15 UTC (rev
321462)
+++ php/php-src/trunk/Zend/zend_compile.c 2011-12-28 09:59:39 UTC (rev
321463)
@@ -89,7 +89,8 @@
} while (0)
#define FREE_POLYMORPHIC_CACHE_SLOT(literal) do { \
- if (CG(active_op_array)->literals[literal].cache_slot == \
+ if (CG(active_op_array)->literals[literal].cache_slot != -1 && \
+ CG(active_op_array)->literals[literal].cache_slot == \
CG(active_op_array)->last_cache_slot -
POLYMORPHIC_CACHE_SLOT_SIZE) { \
CG(active_op_array)->literals[literal].cache_slot = -1;
\
CG(active_op_array)->last_cache_slot -=
POLYMORPHIC_CACHE_SLOT_SIZE; \
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/acinclude.m4 trunk/acinclude.m4
On Tue, Dec 27, 2011 at 18:02, Nuno Lopes wrote: Uhm, I don't think this change makes much sense (nor does the previous behaviour on Mac).. Extensions that use C++ should pull in the required libraries themselves. We shouldn't be linking PHP everytime with libstdc++ if that is not needed. Then what is the idea behind PHP_REQUIRE_CXX? As I see it, it should pull in everything needed for the extension to use c++. Ah, sorry, I was fooled by your commit message.. I didn't noticed your change was in PHP_REQUIRE_CXX. Anyway, pulling libstdc++ is a bit too gcc centric. If I use, say, clang, then I may want to use libc++ instead. The right fix, I believe, is to change the link command to use $CXX instead of $CC, since the c++ compiler knows which libraries it needs. For example, it seems that PHP_SHARED_MODULE is doing the right thing. Nuno -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/acinclude.m4 trunk/acinclude.m4
On Tue, Dec 27, 2011 at 18:02, Nuno Lopes wrote: > Uhm, I don't think this change makes much sense (nor does the previous > behaviour on Mac).. > Extensions that use C++ should pull in the required libraries themselves. We > shouldn't be linking PHP everytime with libstdc++ if that is not needed. Then what is the idea behind PHP_REQUIRE_CXX? As I see it, it should pull in everything needed for the extension to use c++. -Hannes -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/acinclude.m4 trunk/acinclude.m4
Uhm, I don't think this change makes much sense (nor does the previous behaviour on Mac).. Extensions that use C++ should pull in the required libraries themselves. We shouldn't be linking PHP everytime with libstdc++ if that is not needed. Nuno - Original Message - bjoriTue, 27 Dec 2011 13:53:11 + Revision: http://svn.php.net/viewvc?view=revision&revision=321435 Log: Looks like we need to explicity add libstdc++ on recent linux' too, like fedora 14 and ubuntu 11 This fixes build failures for ext/intl and several pecl exts Changed paths: U php/php-src/branches/PHP_5_4/NEWS U php/php-src/branches/PHP_5_4/acinclude.m4 U php/php-src/trunk/acinclude.m4 Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2011-12-27 11:05:58 UTC (rev 321434) +++ php/php-src/branches/PHP_5_4/NEWS 2011-12-27 13:53:11 UTC (rev 321435) @@ -7,6 +7,10 @@ - CLI SAPI: . Fixed bug #60591 (Memory leak when access a non-exists file). (Laruence) +- Intl: + . Fixed build on Fedora 15 / Ubuntu 11. (Hannes) + + 22 Dec 2011, PHP 5.4.0 RC4 - Core: . Added max_input_vars directive to prevent attacks based on hash collisions Modified: php/php-src/branches/PHP_5_4/acinclude.m4 === --- php/php-src/branches/PHP_5_4/acinclude.m4 2011-12-27 11:05:58 UTC (rev 321434) +++ php/php-src/branches/PHP_5_4/acinclude.m4 2011-12-27 13:53:11 UTC (rev 321435) @@ -762,11 +762,7 @@ if test -z "$php_cxx_done"; then AC_PROG_CXX AC_PROG_CXXCPP -case $host_alias in - *darwin*) -PHP_ADD_LIBRARY(stdc++) - ;; -esac +PHP_ADD_LIBRARY(stdc++) php_cxx_done=yes fi ]) Modified: php/php-src/trunk/acinclude.m4 === --- php/php-src/trunk/acinclude.m4 2011-12-27 11:05:58 UTC (rev 321434) +++ php/php-src/trunk/acinclude.m4 2011-12-27 13:53:11 UTC (rev 321435) @@ -762,11 +762,7 @@ if test -z "$php_cxx_done"; then AC_PROG_CXX AC_PROG_CXXCPP -case $host_alias in - *darwin*) -PHP_ADD_LIBRARY(stdc++) - ;; -esac +PHP_ADD_LIBRARY(stdc++) php_cxx_done=yes fi ]) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/acinclude.m4 trunk/acinclude.m4
bjoriTue, 27 Dec 2011 13:53:11 + Revision: http://svn.php.net/viewvc?view=revision&revision=321435 Log: Looks like we need to explicity add libstdc++ on recent linux' too, like fedora 14 and ubuntu 11 This fixes build failures for ext/intl and several pecl exts Changed paths: U php/php-src/branches/PHP_5_4/NEWS U php/php-src/branches/PHP_5_4/acinclude.m4 U php/php-src/trunk/acinclude.m4 Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2011-12-27 11:05:58 UTC (rev 321434) +++ php/php-src/branches/PHP_5_4/NEWS 2011-12-27 13:53:11 UTC (rev 321435) @@ -7,6 +7,10 @@ - CLI SAPI: . Fixed bug #60591 (Memory leak when access a non-exists file). (Laruence) +- Intl: + . Fixed build on Fedora 15 / Ubuntu 11. (Hannes) + + 22 Dec 2011, PHP 5.4.0 RC4 - Core: . Added max_input_vars directive to prevent attacks based on hash collisions Modified: php/php-src/branches/PHP_5_4/acinclude.m4 === --- php/php-src/branches/PHP_5_4/acinclude.m4 2011-12-27 11:05:58 UTC (rev 321434) +++ php/php-src/branches/PHP_5_4/acinclude.m4 2011-12-27 13:53:11 UTC (rev 321435) @@ -762,11 +762,7 @@ if test -z "$php_cxx_done"; then AC_PROG_CXX AC_PROG_CXXCPP -case $host_alias in - *darwin*) -PHP_ADD_LIBRARY(stdc++) - ;; -esac +PHP_ADD_LIBRARY(stdc++) php_cxx_done=yes fi ]) Modified: php/php-src/trunk/acinclude.m4 === --- php/php-src/trunk/acinclude.m4 2011-12-27 11:05:58 UTC (rev 321434) +++ php/php-src/trunk/acinclude.m4 2011-12-27 13:53:11 UTC (rev 321435) @@ -762,11 +762,7 @@ if test -z "$php_cxx_done"; then AC_PROG_CXX AC_PROG_CXXCPP -case $host_alias in - *darwin*) -PHP_ADD_LIBRARY(stdc++) - ;; -esac +PHP_ADD_LIBRARY(stdc++) php_cxx_done=yes fi ]) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/tests/bug60611.phpt branches/PHP_5_4/Zend/zend_compile.c trunk/Zend/tests/bug60611.phpt trunk/Zend/zend_compile.c
laruence Tue, 27 Dec 2011 08:38:18 +
Revision: http://svn.php.net/viewvc?view=revision&revision=321429
Log:
Fix bug #60611 (Segmentation fault with Cls::{expr}() syntax)
Bug: https://bugs.php.net/60611 (Open) Segmentation fault with Cls::{expr}()
syntax
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
A php/php-src/branches/PHP_5_4/Zend/tests/bug60611.phpt
U php/php-src/branches/PHP_5_4/Zend/zend_compile.c
A php/php-src/trunk/Zend/tests/bug60611.phpt
U php/php-src/trunk/Zend/zend_compile.c
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2011-12-27 06:24:33 UTC (rev 321428)
+++ php/php-src/branches/PHP_5_4/NEWS 2011-12-27 08:38:18 UTC (rev 321429)
@@ -1,6 +1,9 @@
PHPNEWS
|||
?? Jan 2012, PHP 5.4.0 RC5
+- Core:
+ . Fixed bug #60611 (Segmentation fault with Cls::{expr}() syntax). (Laruence)
+
- CLI SAPI:
. Fixed bug #60591 (Memory leak when access a non-exists file). (Laruence)
Added: php/php-src/branches/PHP_5_4/Zend/tests/bug60611.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/bug60611.phpt
(rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/bug60611.phpt 2011-12-27
08:38:18 UTC (rev 321429)
@@ -0,0 +1,28 @@
+--TEST--
+Bug #60611 (Segmentation fault with Cls::{expr}() syntax)
+--FILE--
+{0}();
+$cls->{1.0}();
+$cls->{true}();
+$cls->{false}();
+$cls->{null}();
+
+echo "done";
+?>
+--EXPECT--
+done
Modified: php/php-src/branches/PHP_5_4/Zend/zend_compile.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_compile.c2011-12-27 06:24:33 UTC
(rev 321428)
+++ php/php-src/branches/PHP_5_4/Zend/zend_compile.c2011-12-27 08:38:18 UTC
(rev 321429)
@@ -1973,9 +1973,10 @@
if (last_op->opcode == ZEND_FETCH_OBJ_R) {
if (last_op->op2_type == IS_CONST) {
zval name;
-
name = CONSTANT(last_op->op2.constant);
- if (!IS_INTERNED(Z_STRVAL(name))) {
+ if (Z_TYPE(name) != IS_STRING) {
+ convert_to_string(&name);
+ } else if (!IS_INTERNED(Z_STRVAL(name))) {
Z_STRVAL(name) = estrndup(Z_STRVAL(name),
Z_STRLEN(name));
}
FREE_POLYMORPHIC_CACHE_SLOT(last_op->op2.constant);
@@ -2367,7 +2368,11 @@
zend_op *opline;
if (method_name->op_type == IS_CONST) {
- char *lcname =
zend_str_tolower_dup(Z_STRVAL(method_name->u.constant),
Z_STRLEN(method_name->u.constant));
+ char *lcname;
+ if (Z_TYPE(method_name->u.constant) != IS_STRING) {
+ convert_to_string(&method_name->u.constant);
+ }
+ lcname =
zend_str_tolower_dup(Z_STRVAL(method_name->u.constant),
Z_STRLEN(method_name->u.constant));
if ((sizeof(ZEND_CONSTRUCTOR_FUNC_NAME)-1) ==
Z_STRLEN(method_name->u.constant) &&
memcmp(lcname, ZEND_CONSTRUCTOR_FUNC_NAME,
sizeof(ZEND_CONSTRUCTOR_FUNC_NAME)-1) == 0) {
zval_dtor(&method_name->u.constant);
Added: php/php-src/trunk/Zend/tests/bug60611.phpt
===
--- php/php-src/trunk/Zend/tests/bug60611.phpt (rev 0)
+++ php/php-src/trunk/Zend/tests/bug60611.phpt 2011-12-27 08:38:18 UTC (rev
321429)
@@ -0,0 +1,28 @@
+--TEST--
+Bug #60611 (Segmentation fault with Cls::{expr}() syntax)
+--FILE--
+{0}();
+$cls->{1.0}();
+$cls->{true}();
+$cls->{false}();
+$cls->{null}();
+
+echo "done";
+?>
+--EXPECT--
+done
Modified: php/php-src/trunk/Zend/zend_compile.c
===
--- php/php-src/trunk/Zend/zend_compile.c 2011-12-27 06:24:33 UTC (rev
321428)
+++ php/php-src/trunk/Zend/zend_compile.c 2011-12-27 08:38:18 UTC (rev
321429)
@@ -1973,9 +1973,10 @@
if (last_op->opcode == ZEND_FETCH_OBJ_R) {
if (last_op->op2_type == IS_CONST) {
zval name;
-
name = CONSTANT(last_op->op2.constant);
- if (!IS_INTERNED(Z_STRVAL(name))) {
+ if (Z_TYPE(name) != IS_STRING) {
+ convert_to_string(&name);
+ } else if (!IS_INTERNED(Z_STRVAL(name))) {
Z_STRVAL(name) = estrndup(Z_STRVAL(name),
Z_STRLEN(name));
}
FREE_POLYMORPHIC_CACHE_SLOT(last_op->op2.constant);
@@
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/sapi/cli/php_cli_server.c trunk/sapi/cli/php_cli_server.c
laruence Thu, 22 Dec 2011 07:39:44 +
Revision: http://svn.php.net/viewvc?view=revision&revision=321320
Log:
Fix bug #60591 (Memory leak when access a non-exists file)
Bug: https://bugs.php.net/60591 (Open) Memory leak when access a non-exists file
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c
U php/php-src/trunk/sapi/cli/php_cli_server.c
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2011-12-22 07:00:53 UTC (rev 321319)
+++ php/php-src/branches/PHP_5_4/NEWS 2011-12-22 07:39:44 UTC (rev 321320)
@@ -1,6 +1,8 @@
PHPNEWS
|||
?? Jan 2012, PHP 5.4.0 RC5
+- CLI SAPI:
+ . Fixed bug #60591 (Memory leak when access a non-exists file). (Laruence)
22 Dec 2011, PHP 5.4.0 RC4
- Core:
Modified: php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c
===
--- php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c 2011-12-22
07:00:53 UTC (rev 321319)
+++ php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c 2011-12-22
07:39:44 UTC (rev 321320)
@@ -454,6 +454,11 @@
}
} /* }}} */
+static int sapi_cli_server_discard_headers(sapi_headers_struct *sapi_headers
TSRMLS_DC) /* {{{ */{
+ return SAPI_HEADER_SENT_SUCCESSFULLY;
+}
+/* }}} */
+
static int sapi_cli_server_send_headers(sapi_headers_struct *sapi_headers
TSRMLS_DC) /* {{{ */
{
php_cli_server_client *client = SG(server_context);
@@ -1309,6 +1314,9 @@
file++;
}
if (!*file || is_static_file) {
+ if (prev_patch) {
+ pefree(prev_patch, 1);
+ }
pefree(buf, 1);
return;
}
@@ -1742,19 +1750,30 @@
}
{
int err = 0;
- sapi_activate_headers_only(TSRMLS_C);
- php_cli_server_client_begin_capture(client);
+ zval *style = NULL;
zend_try {
+ php_output_activate(TSRMLS_C);
+ php_output_start_user(NULL, 0,
PHP_OUTPUT_HANDLER_STDFLAGS TSRMLS_CC);
php_info_print_style(TSRMLS_C);
- if (client->capture_buffer.first) {
-
php_cli_server_buffer_append(&client->content_sender.buffer,
client->capture_buffer.first);
+ MAKE_STD_ZVAL(style);
+ php_output_get_contents(style TSRMLS_CC);
+ php_output_discard(TSRMLS_C);
+ php_output_deactivate(TSRMLS_C);
+ if (style && Z_STRVAL_P(style)) {
+ char *block = pestrndup(Z_STRVAL_P(style),
Z_STRLEN_P(style), 1);
+ php_cli_server_chunk *chunk =
php_cli_server_chunk_heap_new(block, block, Z_STRLEN_P(style));
+ if (!chunk) {
+ zval_ptr_dtor(&style);
+ goto fail;
+ }
+
php_cli_server_buffer_append(&client->content_sender.buffer, chunk);
+ zval_ptr_dtor(&style);
+ } else {
+ err = 1;
}
- client->capture_buffer.first =
client->capture_buffer.last = NULL;
} zend_catch {
err = 1;
} zend_end_try();
- php_cli_server_client_end_capture(client);
- sapi_deactivate(TSRMLS_C);
if (err) {
goto fail;
}
@@ -2002,6 +2021,15 @@
return SUCCESS;
}
} else {
+ if (server->router) {
+ static int (*send_header_func)(sapi_headers_struct *
TSRMLS_DC);
+ send_header_func = sapi_module.send_headers;
+ /* we don't want the header to be sent now */
+ sapi_module.send_headers =
sapi_cli_server_discard_headers;
+ php_request_shutdown(0);
+ sapi_module.send_headers = send_header_func;
+ SG(rfc1867_uploaded_files) = NULL;
+ }
if (SUCCESS != php_cli_server_begin_send_static(server, client
TSRMLS_CC)) {
php_cli_ser
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS configure.in main/php_version.h
stas Thu, 22 Dec 2011 03:27:00 + Revision: http://svn.php.net/viewvc?view=revision&revision=321315 Log: back to dev Changed paths: U php/php-src/branches/PHP_5_4/NEWS U php/php-src/branches/PHP_5_4/configure.in U php/php-src/branches/PHP_5_4/main/php_version.h Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2011-12-22 03:25:28 UTC (rev 321314) +++ php/php-src/branches/PHP_5_4/NEWS 2011-12-22 03:27:00 UTC (rev 321315) @@ -1,5 +1,7 @@ PHPNEWS ||| +?? Jan 2012, PHP 5.4.0 RC5 + 22 Dec 2011, PHP 5.4.0 RC4 - Core: . Added max_input_vars directive to prevent attacks based on hash collisions Modified: php/php-src/branches/PHP_5_4/configure.in === --- php/php-src/branches/PHP_5_4/configure.in 2011-12-22 03:25:28 UTC (rev 321314) +++ php/php-src/branches/PHP_5_4/configure.in 2011-12-22 03:27:00 UTC (rev 321315) @@ -120,7 +120,7 @@ PHP_MAJOR_VERSION=5 PHP_MINOR_VERSION=4 PHP_RELEASE_VERSION=0 -PHP_EXTRA_VERSION="RC4" +PHP_EXTRA_VERSION="RC5-dev" PHP_VERSION="$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION" PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 1 + [$]PHP_MINOR_VERSION \* 100 + [$]PHP_RELEASE_VERSION` Modified: php/php-src/branches/PHP_5_4/main/php_version.h === --- php/php-src/branches/PHP_5_4/main/php_version.h 2011-12-22 03:25:28 UTC (rev 321314) +++ php/php-src/branches/PHP_5_4/main/php_version.h 2011-12-22 03:27:00 UTC (rev 321315) @@ -3,6 +3,6 @@ #define PHP_MAJOR_VERSION 5 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 0 -#define PHP_EXTRA_VERSION "RC4" -#define PHP_VERSION "5.4.0RC4" +#define PHP_EXTRA_VERSION "RC5-dev" +#define PHP_VERSION "5.4.0RC5-dev" #define PHP_VERSION_ID 50400 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS configure.in main/php_version.h
stas Thu, 22 Dec 2011 03:25:28 + Revision: http://svn.php.net/viewvc?view=revision&revision=321314 Log: 5.4.0rc4 Changed paths: U php/php-src/branches/PHP_5_4/NEWS U php/php-src/branches/PHP_5_4/configure.in U php/php-src/branches/PHP_5_4/main/php_version.h Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2011-12-22 03:22:42 UTC (rev 321313) +++ php/php-src/branches/PHP_5_4/NEWS 2011-12-22 03:25:28 UTC (rev 321314) @@ -1,6 +1,6 @@ PHPNEWS ||| -?? Dec 2011, PHP 5.4.0 RC4 +22 Dec 2011, PHP 5.4.0 RC4 - Core: . Added max_input_vars directive to prevent attacks based on hash collisions (Dmitry). Modified: php/php-src/branches/PHP_5_4/configure.in === --- php/php-src/branches/PHP_5_4/configure.in 2011-12-22 03:22:42 UTC (rev 321313) +++ php/php-src/branches/PHP_5_4/configure.in 2011-12-22 03:25:28 UTC (rev 321314) @@ -120,7 +120,7 @@ PHP_MAJOR_VERSION=5 PHP_MINOR_VERSION=4 PHP_RELEASE_VERSION=0 -PHP_EXTRA_VERSION="RC4-dev" +PHP_EXTRA_VERSION="RC4" PHP_VERSION="$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION" PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 1 + [$]PHP_MINOR_VERSION \* 100 + [$]PHP_RELEASE_VERSION` Modified: php/php-src/branches/PHP_5_4/main/php_version.h === --- php/php-src/branches/PHP_5_4/main/php_version.h 2011-12-22 03:22:42 UTC (rev 321313) +++ php/php-src/branches/PHP_5_4/main/php_version.h 2011-12-22 03:25:28 UTC (rev 321314) @@ -3,6 +3,6 @@ #define PHP_MAJOR_VERSION 5 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 0 -#define PHP_EXTRA_VERSION "RC4-dev" -#define PHP_VERSION "5.4.0RC4-dev" +#define PHP_EXTRA_VERSION "RC4" +#define PHP_VERSION "5.4.0RC4" #define PHP_VERSION_ID 50400 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/zend_compile.c branches/PHP_5_4/Zend/zend_object_handlers.c trunk/Zend/zend_compile.c trunk/Zend/zend_object_handlers.c
s/class/object/ Sent from my iPhone 在 2011-12-20,9:29,Xinchen Hui 写道: > Hi: > For public and protected properties, you will have only one copy > in the child class, so there is no such conflict. > > Thanks > > Sent from my iPhone > > 在 2011-12-20,1:12,Stefan Marr 写道: > >> Hi: >> >> Thanks guys! >> >> I have only briefly rechecked the code, and dont remember at the moment how >> the default property table works, but for me it feels like these offsets are >> also incorrect for public or protected stuff that gets newly added to the >> class? >> >> Best regards >> Stefan >> >> On 19 Dec 2011, at 17:48, Xinchen Hui wrote: >> >>> laruence Mon, 19 Dec 2011 16:48:18 + >>> >>> Revision: http://svn.php.net/viewvc?view=revision&revision=321166 >>> >>> Log: >>> Fixed bug #60558 (Invalid read and writes) >>> Re-Fixed bug #60536 (Traits Segfault) >>> #Thanks to tony2001, I found the previous fix -r321089 is actually not a >>> correct one. >>> #The key problem there is because the traits didn't correct set the >>> property_info.offset >>> #for private properties. so here come the new fix. >>> >>> Bugs: https://bugs.php.net/60558 (Re-Opened) Invalid read and writes >>>https://bugs.php.net/60536 (Closed) Traits Segfault >>> >>> Changed paths: >>> U php/php-src/branches/PHP_5_4/NEWS >>> U php/php-src/branches/PHP_5_4/Zend/zend_compile.c >>> U php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c >>> U php/php-src/trunk/Zend/zend_compile.c >>> U php/php-src/trunk/Zend/zend_object_handlers.c >>> >>> -- >>> PHP CVS Mailing List (http://www.php.net/) >>> To unsubscribe, visit: http://www.php.net/unsub.php >> >> -- >> Stefan Marr >> Software Languages Lab >> Vrije Universiteit Brussel >> Pleinlaan 2 / B-1050 Brussels / Belgium >> http://soft.vub.ac.be/~smarr >> Phone: +32 2 629 2974 >> Fax: +32 2 629 3525 >> -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/zend_compile.c branches/PHP_5_4/Zend/zend_object_handlers.c trunk/Zend/zend_compile.c trunk/Zend/zend_object_handlers.c
Hi: For public and protected properties, you will have only one copy in the child class, so there is no such conflict. Thanks Sent from my iPhone 在 2011-12-20,1:12,Stefan Marr 写道: > Hi: > > Thanks guys! > > I have only briefly rechecked the code, and dont remember at the moment how > the default property table works, but for me it feels like these offsets are > also incorrect for public or protected stuff that gets newly added to the > class? > > Best regards > Stefan > > On 19 Dec 2011, at 17:48, Xinchen Hui wrote: > >> laruence Mon, 19 Dec 2011 16:48:18 + >> >> Revision: http://svn.php.net/viewvc?view=revision&revision=321166 >> >> Log: >> Fixed bug #60558 (Invalid read and writes) >> Re-Fixed bug #60536 (Traits Segfault) >> #Thanks to tony2001, I found the previous fix -r321089 is actually not a >> correct one. >> #The key problem there is because the traits didn't correct set the >> property_info.offset >> #for private properties. so here come the new fix. >> >> Bugs: https://bugs.php.net/60558 (Re-Opened) Invalid read and writes >> https://bugs.php.net/60536 (Closed) Traits Segfault >> >> Changed paths: >> U php/php-src/branches/PHP_5_4/NEWS >> U php/php-src/branches/PHP_5_4/Zend/zend_compile.c >> U php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c >> U php/php-src/trunk/Zend/zend_compile.c >> U php/php-src/trunk/Zend/zend_object_handlers.c >> >> -- >> PHP CVS Mailing List (http://www.php.net/) >> To unsubscribe, visit: http://www.php.net/unsub.php > > -- > Stefan Marr > Software Languages Lab > Vrije Universiteit Brussel > Pleinlaan 2 / B-1050 Brussels / Belgium > http://soft.vub.ac.be/~smarr > Phone: +32 2 629 2974 > Fax: +32 2 629 3525 > -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/zend_compile.c branches/PHP_5_4/Zend/zend_object_handlers.c trunk/Zend/zend_compile.c trunk/Zend/zend_object_handlers.c
Hi: Thanks guys! I have only briefly rechecked the code, and dont remember at the moment how the default property table works, but for me it feels like these offsets are also incorrect for public or protected stuff that gets newly added to the class? Best regards Stefan On 19 Dec 2011, at 17:48, Xinchen Hui wrote: > laruence Mon, 19 Dec 2011 16:48:18 + > > Revision: http://svn.php.net/viewvc?view=revision&revision=321166 > > Log: > Fixed bug #60558 (Invalid read and writes) > Re-Fixed bug #60536 (Traits Segfault) > #Thanks to tony2001, I found the previous fix -r321089 is actually not a > correct one. > #The key problem there is because the traits didn't correct set the > property_info.offset > #for private properties. so here come the new fix. > > Bugs: https://bugs.php.net/60558 (Re-Opened) Invalid read and writes > https://bugs.php.net/60536 (Closed) Traits Segfault > > Changed paths: >U php/php-src/branches/PHP_5_4/NEWS >U php/php-src/branches/PHP_5_4/Zend/zend_compile.c >U php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c >U php/php-src/trunk/Zend/zend_compile.c >U php/php-src/trunk/Zend/zend_object_handlers.c > > -- > PHP CVS Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php -- Stefan Marr Software Languages Lab Vrije Universiteit Brussel Pleinlaan 2 / B-1050 Brussels / Belgium http://soft.vub.ac.be/~smarr Phone: +32 2 629 2974 Fax: +32 2 629 3525 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/zend_compile.c branches/PHP_5_4/Zend/zend_object_handlers.c trunk/Zend/zend_compile.c trunk/Zend/zend_object_handlers.c
laruence Mon, 19 Dec 2011 16:48:18 +
Revision: http://svn.php.net/viewvc?view=revision&revision=321166
Log:
Fixed bug #60558 (Invalid read and writes)
Re-Fixed bug #60536 (Traits Segfault)
#Thanks to tony2001, I found the previous fix -r321089 is actually not a
correct one.
#The key problem there is because the traits didn't correct set the
property_info.offset
#for private properties. so here come the new fix.
Bugs: https://bugs.php.net/60558 (Re-Opened) Invalid read and writes
https://bugs.php.net/60536 (Closed) Traits Segfault
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/Zend/zend_compile.c
U php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c
U php/php-src/trunk/Zend/zend_compile.c
U php/php-src/trunk/Zend/zend_object_handlers.c
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2011-12-19 16:14:50 UTC (rev 321165)
+++ php/php-src/branches/PHP_5_4/NEWS 2011-12-19 16:48:18 UTC (rev 321166)
@@ -7,6 +7,7 @@
. Fixed bug #60536 (Traits Segfault). (Laruence)
. Fixed bug #60362 (non-existent sub-sub keys should not have values).
(Laruence, alan_k, Stas)
+ . Fixed bug #60558 (Invalid read and writes). (Laruence)
- CLI SAPI:
. Fixed bug #60477 (Segfault after two multipart/form-data POST requests,
Modified: php/php-src/branches/PHP_5_4/Zend/zend_compile.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_compile.c 2011-12-19 16:14:50 UTC (rev 321165)
+++ php/php-src/branches/PHP_5_4/Zend/zend_compile.c 2011-12-19 16:48:18 UTC (rev 321166)
@@ -4208,6 +4208,50 @@
}
/* }}} */
+static void zend_traits_register_private_property(zend_class_entry *ce, const char *name, int name_len, zend_property_info *old_info, zval *property TSRMLS_DC) /* {{{ */
+{
+ char *priv_name;
+ int priv_name_length;
+ const char *interned_name;
+ zend_property_info property_info;
+ ulong h = zend_get_hash_value(name, name_len+1);
+ property_info = *old_info;
+
+ if (old_info->flags & ZEND_ACC_STATIC) {
+ property_info.offset = ce->default_static_members_count++;
+ ce->default_static_members_table = perealloc(ce->default_static_members_table, sizeof(zval*) * ce->default_static_members_count, ce->type == ZEND_INTERNAL_CLASS);
+ ce->default_static_members_table[property_info.offset] = property;
+ if (ce->type == ZEND_USER_CLASS) {
+ ce->static_members_table = ce->default_static_members_table;
+ }
+ } else {
+ property_info.offset = ce->default_properties_count++;
+ ce->default_properties_table = perealloc(ce->default_properties_table, sizeof(zval*) * ce->default_properties_count, ce->type == ZEND_INTERNAL_CLASS);
+ ce->default_properties_table[property_info.offset] = property;
+ }
+
+ zend_mangle_property_name(&priv_name, &priv_name_length, ce->name, ce->name_length, name, name_len, ce->type & ZEND_INTERNAL_CLASS);
+ property_info.name = priv_name;
+ property_info.name_length = priv_name_length;
+
+ interned_name = zend_new_interned_string(property_info.name, property_info.name_length+1, 0 TSRMLS_CC);
+ if (interned_name != property_info.name) {
+ if (ce->type == ZEND_USER_CLASS) {
+ efree((char*)property_info.name);
+ } else {
+ free((char*)property_info.name);
+ }
+ property_info.name = interned_name;
+ }
+
+ property_info.h = zend_get_hash_value(property_info.name, property_info.name_length+1);
+
+ property_info.ce = ce;
+
+ zend_hash_quick_update(&ce->properties_info, name, name_len+1, h, &property_info, sizeof(zend_property_info), NULL);
+}
+/* }}} */
+
static void zend_do_traits_property_binding(zend_class_entry *ce TSRMLS_DC) /* {{{ */
{
size_t i;
@@ -4295,6 +4339,17 @@
prop_name,
ce->name);
}
+} else {
+ /* private property, make the property_info.offset indenpended */
+ if (property_info->flags & ZEND_ACC_STATIC) {
+ prop_value = ce->traits[i]->default_static_members_table[property_info->offset];
+ } else {
+ prop_value = ce->traits[i]->default_properties_table[property_info->offset];
+ }
+ Z_ADDREF_P(prop_value);
+
+ zend_traits_register_private_property(ce, prop_name, prop_name_length, property_info, prop_value TSRMLS_CC);
+ return;
}
}
Modified: php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c 2011-12-19 16:14:50 UTC (rev 321165)
+++ php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c 2011-12-19 16:48:18 UTC (rev 321166)
@@ -62,7 +62,6 @@
ALLOC_HASHTABLE(zobj->properties);
zend_hash_init(zobj->properties, 0, NULL, ZVAL_PTR_DTOR, 0);
if (ce->default_properties_count) {
- char *flags = ecalloc(ce->default_properties_count, sizeof(char));
for (zend_hash_internal_pointer_reset_ex(&
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/zend_object_handlers.c trunk/Zend/zend_object_handlers.c
laruence Mon, 19 Dec 2011 12:00:09 +
Revision: http://svn.php.net/viewvc?view=revision&revision=321161
Log:
Revert previous bad fix, introduce memory leak
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c
U php/php-src/trunk/Zend/zend_object_handlers.c
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2011-12-19 10:50:15 UTC (rev 321160)
+++ php/php-src/branches/PHP_5_4/NEWS 2011-12-19 12:00:09 UTC (rev 321161)
@@ -7,7 +7,6 @@
. Fixed bug #60536 (Traits Segfault). (Laruence)
. Fixed bug #60362 (non-existent sub-sub keys should not have values).
(Laruence, alan_k, Stas)
- . Fixed bug #60558 (Invalid read and writes). (Laruence)
- CLI SAPI:
. Fixed bug #60477 (Segfault after two multipart/form-data POST requests,
Modified: php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c2011-12-19
10:50:15 UTC (rev 321160)
+++ php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c2011-12-19
12:00:09 UTC (rev 321161)
@@ -85,7 +85,6 @@
prop_info->offset >= 0 &&
zobj->properties_table[prop_info->offset]) {
if
(UNEXPECTED(flags[prop_info->offset])) {
- Z_ADDREF_P(*(zval
**)zobj->properties_table[prop_info->offset]);
zend_hash_quick_add(zobj->properties, prop_info->name,
prop_info->name_length+1, prop_info->h,
(void**)zobj->properties_table[prop_info->offset], sizeof(zval*),
(void**)&zobj->properties_table[prop_info->offset]);
} else {
zend_hash_quick_add(zobj->properties, prop_info->name,
prop_info->name_length+1, prop_info->h,
(void**)&zobj->properties_table[prop_info->offset], sizeof(zval*),
(void**)&zobj->properties_table[prop_info->offset]);
Modified: php/php-src/trunk/Zend/zend_object_handlers.c
===
--- php/php-src/trunk/Zend/zend_object_handlers.c 2011-12-19 10:50:15 UTC
(rev 321160)
+++ php/php-src/trunk/Zend/zend_object_handlers.c 2011-12-19 12:00:09 UTC
(rev 321161)
@@ -85,7 +85,6 @@
prop_info->offset >= 0 &&
zobj->properties_table[prop_info->offset]) {
if
(UNEXPECTED(flags[prop_info->offset])) {
- Z_ADDREF_P(*(zval
**)zobj->properties_table[prop_info->offset]);
zend_hash_quick_add(zobj->properties, prop_info->name,
prop_info->name_length+1, prop_info->h,
(void**)zobj->properties_table[prop_info->offset], sizeof(zval*),
(void**)&zobj->properties_table[prop_info->offset]);
} else {
zend_hash_quick_add(zobj->properties, prop_info->name,
prop_info->name_length+1, prop_info->h,
(void**)&zobj->properties_table[prop_info->offset], sizeof(zval*),
(void**)&zobj->properties_table[prop_info->offset]);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/zend_object_handlers.c trunk/Zend/zend_object_handlers.c
laruence Mon, 19 Dec 2011 09:58:29 +
Revision: http://svn.php.net/viewvc?view=revision&revision=321158
Log:
Fixed bug #60558 (Invalid read and writes)
Bug: https://bugs.php.net/60558 (Open) Invalid read and writes
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c
U php/php-src/trunk/Zend/zend_object_handlers.c
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2011-12-19 09:57:38 UTC (rev 321157)
+++ php/php-src/branches/PHP_5_4/NEWS 2011-12-19 09:58:29 UTC (rev 321158)
@@ -7,6 +7,7 @@
. Fixed bug #60536 (Traits Segfault). (Laruence)
. Fixed bug #60362 (non-existent sub-sub keys should not have values).
(Laruence, alan_k, Stas)
+ . Fixed bug #60558 (Invalid read and writes). (Laruence)
- CLI SAPI:
. Fixed bug #60477 (Segfault after two multipart/form-data POST requests,
Modified: php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c2011-12-19
09:57:38 UTC (rev 321157)
+++ php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c2011-12-19
09:58:29 UTC (rev 321158)
@@ -85,6 +85,7 @@
prop_info->offset >= 0 &&
zobj->properties_table[prop_info->offset]) {
if
(UNEXPECTED(flags[prop_info->offset])) {
+ Z_ADDREF_P(*(zval
**)zobj->properties_table[prop_info->offset]);
zend_hash_quick_add(zobj->properties, prop_info->name,
prop_info->name_length+1, prop_info->h,
(void**)zobj->properties_table[prop_info->offset], sizeof(zval*),
(void**)&zobj->properties_table[prop_info->offset]);
} else {
zend_hash_quick_add(zobj->properties, prop_info->name,
prop_info->name_length+1, prop_info->h,
(void**)&zobj->properties_table[prop_info->offset], sizeof(zval*),
(void**)&zobj->properties_table[prop_info->offset]);
Modified: php/php-src/trunk/Zend/zend_object_handlers.c
===
--- php/php-src/trunk/Zend/zend_object_handlers.c 2011-12-19 09:57:38 UTC
(rev 321157)
+++ php/php-src/trunk/Zend/zend_object_handlers.c 2011-12-19 09:58:29 UTC
(rev 321158)
@@ -85,6 +85,7 @@
prop_info->offset >= 0 &&
zobj->properties_table[prop_info->offset]) {
if
(UNEXPECTED(flags[prop_info->offset])) {
+ Z_ADDREF_P(*(zval
**)zobj->properties_table[prop_info->offset]);
zend_hash_quick_add(zobj->properties, prop_info->name,
prop_info->name_length+1, prop_info->h,
(void**)zobj->properties_table[prop_info->offset], sizeof(zval*),
(void**)&zobj->properties_table[prop_info->offset]);
} else {
zend_hash_quick_add(zobj->properties, prop_info->name,
prop_info->name_length+1, prop_info->h,
(void**)&zobj->properties_table[prop_info->offset], sizeof(zval*),
(void**)&zobj->properties_table[prop_info->offset]);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/sapi/cli/php_cli_server.c branches/PHP_5_4/sapi/cli/tests/php_cli_server_015.phpt trunk/sapi/cli/php_cli_server.c trunk/sapi/cli/tes
laruence Fri, 16 Dec 2011 19:25:03 +
Revision: http://svn.php.net/viewvc?view=revision&revision=321074
Log:
Fixed bug #60523 (PHP Errors are not reported in browsers using built-in SAPI)
Bug: https://bugs.php.net/60523 (Assigned) PHP Errors are not reported in
browsers using built-in SAPI
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c
A php/php-src/branches/PHP_5_4/sapi/cli/tests/php_cli_server_015.phpt
U php/php-src/trunk/sapi/cli/php_cli_server.c
A php/php-src/trunk/sapi/cli/tests/php_cli_server_015.phpt
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2011-12-16 19:02:52 UTC (rev 321073)
+++ php/php-src/branches/PHP_5_4/NEWS 2011-12-16 19:25:03 UTC (rev 321074)
@@ -8,8 +8,11 @@
- CLI SAPI:
. Fixed bug #60477 (Segfault after two multipart/form-data POST requests,
one 200 RQ and one 404). (Laruence)
+ . Fixed bug #60523 (PHP Errors are not reported in browsers using built-in
+SAPI). (Laruence, Derick)
- Pdo Firebird:
- . Fixed bug #48877 ("bindValue" and "bindParam" do not work for PDO
Firebird).(Mariuz)
+ . Fixed bug #48877 ("bindValue" and "bindParam" do not work for PDO
Firebird).
+(Mariuz)
08 Dec 2011, PHP 5.4.0 RC3
- Core:
Modified: php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c
===
--- php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c 2011-12-16
19:02:52 UTC (rev 321073)
+++ php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c 2011-12-16
19:25:03 UTC (rev 321074)
@@ -1913,6 +1913,7 @@
destroy_request_info(&SG(request_info));
return FAILURE;
}
+ PG(during_request_startup) = 0;
return SUCCESS;
}
Added: php/php-src/branches/PHP_5_4/sapi/cli/tests/php_cli_server_015.phpt
===
--- php/php-src/branches/PHP_5_4/sapi/cli/tests/php_cli_server_015.phpt
(rev 0)
+++ php/php-src/branches/PHP_5_4/sapi/cli/tests/php_cli_server_015.phpt
2011-12-16 19:25:03 UTC (rev 321074)
@@ -0,0 +1,49 @@
+--TEST--
+Bug #60523 (PHP Errors are not reported in browsers using built-in SAPI)
+--SKIPIF--
+
+--INI--
+display_errors=1
+--FILE--
+");
+
+list($host, $port) = explode(':', PHP_CLI_SERVER_ADDRESS);
+$port = intval($port)?:80;
+$output = '';
+
+$fp = fsockopen($host, $port, $errno, $errstr, 0.5);
+if (!$fp) {
+ die("connect failed");
+}
+
+if(fwrite($fp, <<
+--EXPECTF--
+HTTP/1.1 200 OK
+Host: %s
+Connection: closed
+X-Powered-By: PHP/%s
+Content-type: text/html
+
+
+Fatal error: Call to undefined function non_exists_function() in
%ssyntax_error.php on line %s
Modified: php/php-src/trunk/sapi/cli/php_cli_server.c
===
--- php/php-src/trunk/sapi/cli/php_cli_server.c 2011-12-16 19:02:52 UTC (rev
321073)
+++ php/php-src/trunk/sapi/cli/php_cli_server.c 2011-12-16 19:25:03 UTC (rev
321074)
@@ -1913,6 +1913,7 @@
destroy_request_info(&SG(request_info));
return FAILURE;
}
+ PG(during_request_startup) = 0;
return SUCCESS;
}
Added: php/php-src/trunk/sapi/cli/tests/php_cli_server_015.phpt
===
--- php/php-src/trunk/sapi/cli/tests/php_cli_server_015.phpt
(rev 0)
+++ php/php-src/trunk/sapi/cli/tests/php_cli_server_015.phpt2011-12-16
19:25:03 UTC (rev 321074)
@@ -0,0 +1,49 @@
+--TEST--
+Bug #60523 (PHP Errors are not reported in browsers using built-in SAPI)
+--SKIPIF--
+
+--INI--
+display_errors=1
+--FILE--
+");
+
+list($host, $port) = explode(':', PHP_CLI_SERVER_ADDRESS);
+$port = intval($port)?:80;
+$output = '';
+
+$fp = fsockopen($host, $port, $errno, $errstr, 0.5);
+if (!$fp) {
+ die("connect failed");
+}
+
+if(fwrite($fp, <<
+--EXPECTF--
+HTTP/1.1 200 OK
+Host: %s
+Connection: closed
+X-Powered-By: PHP/%s
+Content-type: text/html
+
+
+Fatal error: Call to undefined function non_exists_function() in
%ssyntax_error.php on line %s
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/tests/bug60536_001.phpt branches/PHP_5_4/Zend/tests/bug60536_002.phpt branches/PHP_5_4/Zend/tests/bug60536_003.phpt branches/PH
laruence Fri, 16 Dec 2011 19:02:52 +
Revision: http://svn.php.net/viewvc?view=revision&revision=321073
Log:
Fixed bug #60536 (Traits Segfault)
# this is a tough one, I think I should explain
# Zend use zend_object->properties_table both as zval ** and zval ***
# if a zend_object->properties is not initialized, the properties_table is zval
**
# while in rebuild_object_properties, zend will store the zval ** to
zend_object->properties
# then stash the zval ***(ie, zobj->properties_table[0] is zval ** now) to
zobj->properties_table[0]
# so when a zend_object inherit form multi parent and these parent have a same
property_info->offset
# properties, will result in a repeat zval **->zval ** transform, which will
lead to a segmentfault
# *may be* this fix is not the best fix, we should not use this tricky way, and
rewrite this mechanism.
Bug: https://bugs.php.net/60536 (Analyzed) Traits Segfault
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
A php/php-src/branches/PHP_5_4/Zend/tests/bug60536_001.phpt
A php/php-src/branches/PHP_5_4/Zend/tests/bug60536_002.phpt
A php/php-src/branches/PHP_5_4/Zend/tests/bug60536_003.phpt
A php/php-src/branches/PHP_5_4/Zend/tests/bug60536_004.phpt
A php/php-src/branches/PHP_5_4/Zend/tests/bug60536_005.phpt
U php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c
A php/php-src/trunk/Zend/tests/bug60536_001.phpt
A php/php-src/trunk/Zend/tests/bug60536_002.phpt
A php/php-src/trunk/Zend/tests/bug60536_003.phpt
A php/php-src/trunk/Zend/tests/bug60536_004.phpt
A php/php-src/trunk/Zend/tests/bug60536_005.phpt
U php/php-src/trunk/Zend/zend_object_handlers.c
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2011-12-16 18:48:28 UTC (rev 321072)
+++ php/php-src/branches/PHP_5_4/NEWS 2011-12-16 19:02:52 UTC (rev 321073)
@@ -4,6 +4,7 @@
- Core:
. Added max_input_vars directive to prevent attacks based on hash collisions
(Dmitry).
+ . Fixed bug #60536 (Traits Segfault). (Laruence)
- CLI SAPI:
. Fixed bug #60477 (Segfault after two multipart/form-data POST requests,
one 200 RQ and one 404). (Laruence)
Added: php/php-src/branches/PHP_5_4/Zend/tests/bug60536_001.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/bug60536_001.phpt (rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/bug60536_001.phpt 2011-12-16 19:02:52 UTC (rev 321073)
@@ -0,0 +1,26 @@
+--TEST--
+Bug #60536 (Traits Segfault)
+--FILE--
+x;
+ }
+}
+class Z extends Y {
+ function z() {
+ return ++$this->x;
+ }
+}
+$a = new Z();
+$a->x();
+echo "DONE";
+?>
+--EXPECTF--
+Strict Standards: X and T define the same property ($x) in the composition of Y. This might be incompatible, to improve maintainability consider using accessor methods in traits instead. Class was composed in %sbug60536_001.php on line %d
+DONE
Added: php/php-src/branches/PHP_5_4/Zend/tests/bug60536_002.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/bug60536_002.phpt (rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/bug60536_002.phpt 2011-12-16 19:02:52 UTC (rev 321073)
@@ -0,0 +1,40 @@
+--TEST--
+The same rules are applied for properties that are defined in the class hierarchy. Thus, if the properties are compatible, a notice is issued, if not a fatal error occures. (relevant with #60536)
+--FILE--
+hello = "foo";
+?>
+--EXPECTF--
+PRE-CLASS-GUARD
+
+Strict Standards: Notice and THello1 define the same property ($hello) in the composition of Notice. This might be incompatible, to improve maintainability consider using accessor methods in traits instead. Class was composed in %s on line %d
+POST-CLASS-GUARD
+
+Fatal error: TraitsTest and THello1 define the same property ($hello) in the composition of TraitsTest. However, the definition differs and is considered incompatible. Class was composed in %s on line %d
Added: php/php-src/branches/PHP_5_4/Zend/tests/bug60536_003.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/bug60536_003.phpt (rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/bug60536_003.phpt 2011-12-16 19:02:52 UTC (rev 321073)
@@ -0,0 +1,49 @@
+--TEST--
+Private (relevant to #60536)
+--FILE--
+
+--EXPECTF--
+Strict Standards: BaseWithPropA and AHelloProperty define the same property ($hello) in the composition of SubclassA. This might be incompatible, to improve maintainability consider using accessor methods in traits instead. Class was composed in %sbug60536_003.php on line %d
+
+Strict Standards: BaseWithTPropB and AHelloProperty define the same property ($hello) in the composition of SubclassB. This might be incom
Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/main/main.c branches/PHP_5_4/main/php_globals.h branches/PHP_5_4/main/php_variables.c trunk/main/main.c trunk/main/php_globals.h
Dmitry,
Please update php.ini-*.
Thanks,
Chris
On 12/14/2011 12:56 AM, Dmitry Stogov wrote:
dmitry Wed, 14 Dec 2011 08:56:35 +
Revision: http://svn.php.net/viewvc?view=revision&revision=321003
Log:
Added max_input_vars directive to prevent attacks based on hash collisions
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/main/main.c
U php/php-src/branches/PHP_5_4/main/php_globals.h
U php/php-src/branches/PHP_5_4/main/php_variables.c
U php/php-src/trunk/main/main.c
U php/php-src/trunk/main/php_globals.h
U php/php-src/trunk/main/php_variables.c
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2011-12-14 04:02:56 UTC (rev 321002)
+++ php/php-src/branches/PHP_5_4/NEWS 2011-12-14 08:56:35 UTC (rev 321003)
@@ -1,6 +1,9 @@
PHP
NEWS
|||
?? Dec 2011, PHP 5.4.0 RC4
+- Core:
+ . Added max_input_vars directive to prevent attacks based on hash collisions
+(Dmitry).
- CLI SAPI:
. Fixed bug #60477 (Segfault after two multipart/form-data POST requests,
one 200 RQ and one 404). (Laruence)
@@ -9,6 +12,8 @@
08 Dec 2011, PHP 5.4.0 RC3
- Core:
+ . Fixed bug #60444 (Segmentation fault with include& class extending).
+(Laruence, Dmitry).
. Fixed bug #60350 (No string escape code for ESC (ascii 27), normally \e).
(php at mickweiss dot com)
. Fixed bug #60240 (invalid read/writes when unserializing specially crafted
Modified: php/php-src/branches/PHP_5_4/main/main.c
===
--- php/php-src/branches/PHP_5_4/main/main.c2011-12-14 04:02:56 UTC (rev
321002)
+++ php/php-src/branches/PHP_5_4/main/main.c2011-12-14 08:56:35 UTC (rev
321003)
@@ -531,6 +531,7 @@
STD_PHP_INI_ENTRY("post_max_size","8M",
PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateLong, post_max_size,
sapi_globals_struct,sapi_globals)
STD_PHP_INI_ENTRY("upload_tmp_dir", NULL,
PHP_INI_SYSTEM, OnUpdateStringUnempty, upload_tmp_dir,
php_core_globals, core_globals)
STD_PHP_INI_ENTRY("max_input_nesting_level", "64",
PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateLongGEZero, max_input_nesting_level,
php_core_globals, core_globals)
+ STD_PHP_INI_ENTRY("max_input_vars", "1000",
PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateLongGEZero, max_input_vars,
php_core_globals, core_globals)
STD_PHP_INI_ENTRY("user_dir", NULL,
PHP_INI_SYSTEM, OnUpdateString, user_dir,
php_core_globals, core_globals)
STD_PHP_INI_ENTRY("variables_order", "EGPCS",
PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateStringUnempty, variables_order,
php_core_globals, core_globals)
Modified: php/php-src/branches/PHP_5_4/main/php_globals.h
===
--- php/php-src/branches/PHP_5_4/main/php_globals.h 2011-12-14 04:02:56 UTC
(rev 321002)
+++ php/php-src/branches/PHP_5_4/main/php_globals.h 2011-12-14 08:56:35 UTC
(rev 321003)
@@ -146,6 +146,7 @@
zend_bool com_initialized;
#endif
long max_input_nesting_level;
+ long max_input_vars;
zend_bool in_user_include;
char *user_ini_filename;
Modified: php/php-src/branches/PHP_5_4/main/php_variables.c
===
--- php/php-src/branches/PHP_5_4/main/php_variables.c 2011-12-14 04:02:56 UTC
(rev 321002)
+++ php/php-src/branches/PHP_5_4/main/php_variables.c 2011-12-14 08:56:35 UTC
(rev 321003)
@@ -179,6 +179,9 @@
escaped_index = index;
if (zend_symtable_find(symtable1, escaped_index,
index_len + 1, (void **)&gpc_element_p) == FAILURE
|| Z_TYPE_PP(gpc_element_p) !=
IS_ARRAY) {
+ if (zend_hash_num_elements(symtable1)>=
PG(max_input_vars)) {
+ php_error_docref(NULL TSRMLS_CC, E_ERROR,
"Input variables exceeded %ld. To increase the limit change max_input_vars in
php.ini.", PG(max_input_vars));
+ }
MAKE_STD_ZVAL(gpc_element);
array_init(gpc_element);
z
Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/main/main.c branches/PHP_5_4/main/php_globals.h branches/PHP_5_4/main/php_variables.c trunk/main/main.c trunk/main/php_globals.h
hi Dmitry,
Please add a note to the UPGRADING guide as well.
Thanks,
On Wed, Dec 14, 2011 at 9:56 AM, Dmitry Stogov wrote:
> dmitry Wed, 14 Dec 2011 08:56:35 +
>
> Revision: http://svn.php.net/viewvc?view=revision&revision=321003
>
> Log:
> Added max_input_vars directive to prevent attacks based on hash collisions
>
> Changed paths:
> U php/php-src/branches/PHP_5_4/NEWS
> U php/php-src/branches/PHP_5_4/main/main.c
> U php/php-src/branches/PHP_5_4/main/php_globals.h
> U php/php-src/branches/PHP_5_4/main/php_variables.c
> U php/php-src/trunk/main/main.c
> U php/php-src/trunk/main/php_globals.h
> U php/php-src/trunk/main/php_variables.c
>
> Modified: php/php-src/branches/PHP_5_4/NEWS
> ===
> --- php/php-src/branches/PHP_5_4/NEWS 2011-12-14 04:02:56 UTC (rev 321002)
> +++ php/php-src/branches/PHP_5_4/NEWS 2011-12-14 08:56:35 UTC (rev 321003)
> @@ -1,6 +1,9 @@
> PHP
> NEWS
> |||
> ?? Dec 2011, PHP 5.4.0 RC4
> +- Core:
> + . Added max_input_vars directive to prevent attacks based on hash
> collisions
> + (Dmitry).
> - CLI SAPI:
> . Fixed bug #60477 (Segfault after two multipart/form-data POST requests,
> one 200 RQ and one 404). (Laruence)
> @@ -9,6 +12,8 @@
>
> 08 Dec 2011, PHP 5.4.0 RC3
> - Core:
> + . Fixed bug #60444 (Segmentation fault with include & class extending).
> + (Laruence, Dmitry).
> . Fixed bug #60350 (No string escape code for ESC (ascii 27), normally \e).
> (php at mickweiss dot com)
> . Fixed bug #60240 (invalid read/writes when unserializing specially crafted
>
> Modified: php/php-src/branches/PHP_5_4/main/main.c
> ===
> --- php/php-src/branches/PHP_5_4/main/main.c 2011-12-14 04:02:56 UTC (rev
> 321002)
> +++ php/php-src/branches/PHP_5_4/main/main.c 2011-12-14 08:56:35 UTC (rev
> 321003)
> @@ -531,6 +531,7 @@
> STD_PHP_INI_ENTRY("post_max_size", "8M",
> PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateLong,
> post_max_size, sapi_globals_struct,sapi_globals)
> STD_PHP_INI_ENTRY("upload_tmp_dir", NULL,
> PHP_INI_SYSTEM, OnUpdateStringUnempty, upload_tmp_dir,
> php_core_globals, core_globals)
> STD_PHP_INI_ENTRY("max_input_nesting_level", "64",
> PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateLongGEZero,
> max_input_nesting_level, php_core_globals,
> core_globals)
> + STD_PHP_INI_ENTRY("max_input_vars", "1000",
> PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateLongGEZero,
> max_input_vars, php_core_globals,
> core_globals)
>
> STD_PHP_INI_ENTRY("user_dir", NULL,
> PHP_INI_SYSTEM, OnUpdateString, user_dir,
> php_core_globals, core_globals)
> STD_PHP_INI_ENTRY("variables_order", "EGPCS",
> PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateStringUnempty,
> variables_order, php_core_globals, core_globals)
>
> Modified: php/php-src/branches/PHP_5_4/main/php_globals.h
> ===
> --- php/php-src/branches/PHP_5_4/main/php_globals.h 2011-12-14 04:02:56
> UTC (rev 321002)
> +++ php/php-src/branches/PHP_5_4/main/php_globals.h 2011-12-14 08:56:35
> UTC (rev 321003)
> @@ -146,6 +146,7 @@
> zend_bool com_initialized;
> #endif
> long max_input_nesting_level;
> + long max_input_vars;
> zend_bool in_user_include;
>
> char *user_ini_filename;
>
> Modified: php/php-src/branches/PHP_5_4/main/php_variables.c
> ===
> --- php/php-src/branches/PHP_5_4/main/php_variables.c 2011-12-14 04:02:56
> UTC (rev 321002)
> +++ php/php-src/branches/PHP_5_4/main/php_variables.c 2011-12-14 08:56:35
> UTC (rev 321003)
> @@ -179,6 +179,9 @@
> escaped_index = index;
> if (zend_symtable_find(symtable1,
> escaped_index, index_len + 1, (void **) &gpc_element_p) == FAILURE
> || Z_TYPE_PP(gpc_element_p) !=
> IS_ARRAY) {
> + if (zend_hash_num_elements(symtable1)
> >= PG(max_input_vars)) {
> + php_error_docref(NULL
> TSRMLS_CC, E_ERROR, "Input variables exceeded %ld. To increase the limit
> change max_input_vars in php.ini.", PG(max_input_vars));
> +
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/main/main.c branches/PHP_5_4/main/php_globals.h branches/PHP_5_4/main/php_variables.c trunk/main/main.c trunk/main/php_globals.h tru
dmitry Wed, 14 Dec 2011 08:56:35 +
Revision: http://svn.php.net/viewvc?view=revision&revision=321003
Log:
Added max_input_vars directive to prevent attacks based on hash collisions
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/main/main.c
U php/php-src/branches/PHP_5_4/main/php_globals.h
U php/php-src/branches/PHP_5_4/main/php_variables.c
U php/php-src/trunk/main/main.c
U php/php-src/trunk/main/php_globals.h
U php/php-src/trunk/main/php_variables.c
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2011-12-14 04:02:56 UTC (rev 321002)
+++ php/php-src/branches/PHP_5_4/NEWS 2011-12-14 08:56:35 UTC (rev 321003)
@@ -1,6 +1,9 @@
PHPNEWS
|||
?? Dec 2011, PHP 5.4.0 RC4
+- Core:
+ . Added max_input_vars directive to prevent attacks based on hash collisions
+(Dmitry).
- CLI SAPI:
. Fixed bug #60477 (Segfault after two multipart/form-data POST requests,
one 200 RQ and one 404). (Laruence)
@@ -9,6 +12,8 @@
08 Dec 2011, PHP 5.4.0 RC3
- Core:
+ . Fixed bug #60444 (Segmentation fault with include & class extending).
+(Laruence, Dmitry).
. Fixed bug #60350 (No string escape code for ESC (ascii 27), normally \e).
(php at mickweiss dot com)
. Fixed bug #60240 (invalid read/writes when unserializing specially crafted
Modified: php/php-src/branches/PHP_5_4/main/main.c
===
--- php/php-src/branches/PHP_5_4/main/main.c2011-12-14 04:02:56 UTC (rev
321002)
+++ php/php-src/branches/PHP_5_4/main/main.c2011-12-14 08:56:35 UTC (rev
321003)
@@ -531,6 +531,7 @@
STD_PHP_INI_ENTRY("post_max_size", "8M",
PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateLong,
post_max_size, sapi_globals_struct,sapi_globals)
STD_PHP_INI_ENTRY("upload_tmp_dir", NULL,
PHP_INI_SYSTEM, OnUpdateStringUnempty, upload_tmp_dir,
php_core_globals, core_globals)
STD_PHP_INI_ENTRY("max_input_nesting_level", "64",
PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateLongGEZero,
max_input_nesting_level,php_core_globals,
core_globals)
+ STD_PHP_INI_ENTRY("max_input_vars", "1000",
PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateLongGEZero, max_input_vars,
php_core_globals, core_globals)
STD_PHP_INI_ENTRY("user_dir", NULL,
PHP_INI_SYSTEM, OnUpdateString, user_dir,
php_core_globals, core_globals)
STD_PHP_INI_ENTRY("variables_order","EGPCS",
PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateStringUnempty,
variables_order,php_core_globals, core_globals)
Modified: php/php-src/branches/PHP_5_4/main/php_globals.h
===
--- php/php-src/branches/PHP_5_4/main/php_globals.h 2011-12-14 04:02:56 UTC
(rev 321002)
+++ php/php-src/branches/PHP_5_4/main/php_globals.h 2011-12-14 08:56:35 UTC
(rev 321003)
@@ -146,6 +146,7 @@
zend_bool com_initialized;
#endif
long max_input_nesting_level;
+ long max_input_vars;
zend_bool in_user_include;
char *user_ini_filename;
Modified: php/php-src/branches/PHP_5_4/main/php_variables.c
===
--- php/php-src/branches/PHP_5_4/main/php_variables.c 2011-12-14 04:02:56 UTC
(rev 321002)
+++ php/php-src/branches/PHP_5_4/main/php_variables.c 2011-12-14 08:56:35 UTC
(rev 321003)
@@ -179,6 +179,9 @@
escaped_index = index;
if (zend_symtable_find(symtable1,
escaped_index, index_len + 1, (void **) &gpc_element_p) == FAILURE
|| Z_TYPE_PP(gpc_element_p) !=
IS_ARRAY) {
+ if (zend_hash_num_elements(symtable1)
>= PG(max_input_vars)) {
+ php_error_docref(NULL
TSRMLS_CC, E_ERROR, "Input variables exceeded %ld. To increase the limit change
max_input_vars in php.ini.", PG(max_input_vars));
+ }
MAKE_STD_ZVAL(gpc_element);
array_init(gpc_element);
zend_symtable_update(symtable1,
escaped_index, index_len + 1, &gpc_element, sizeof(zval *), (void **)
&g
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS
mariuz Mon, 12 Dec 2011 06:33:43 +
Revision: http://svn.php.net/viewvc?view=revision&revision=320877
Log:
bug fixed #48877 - bindValue and bindParam do not work for PDO Firebird
Bug: https://bugs.php.net/48877 (Closed) "bindValue" and "bindParam" do not
work for PDO Firebird
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2011-12-11 21:08:15 UTC (rev 320876)
+++ php/php-src/branches/PHP_5_4/NEWS 2011-12-12 06:33:43 UTC (rev 320877)
@@ -4,6 +4,8 @@
- CLI SAPI:
. Fixed bug #60477 (Segfault after two multipart/form-data POST requests,
one 200 RQ and one 404). (Laruence)
+- Pdo Firebird:
+ . Fixed bug #48877 ("bindValue" and "bindParam" do not work for PDO
Firebird).(Mariuz)
08 Dec 2011, PHP 5.4.0 RC3
- Core:
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/sapi/cli/php_cli_server.c branches/PHP_5_4/sapi/cli/tests/php_cli_server_014.phpt trunk/sapi/cli/php_cli_server.c trunk/sapi/cli
Hi:
this fix should be a suboptimal fix, the problem is for static
file, builtin server bypass the sapi_activate (in the
send_error_page), call sapi_activate_header_only instead.
then when it call the sapi_deactivate, crashed.
I have tried to make a optimize fix , but failed.
I will have another try later, in this weekend maybe.
thanks.
On Fri, Dec 9, 2011 at 1:37 PM, Xinchen Hui wrote:
> laruence Fri, 09 Dec 2011 05:37:41 +
>
> Revision: http://svn.php.net/viewvc?view=revision&revision=320716
>
> Log:
> Fixed bug #60477 (Segfault after two multipart/form-data POST requests)
>
> Bug: https://bugs.php.net/60477 (Assigned) Segfault after two
> multipart/form-data POST requestes, one 200 RQ and one 404
>
> Changed paths:
> U php/php-src/branches/PHP_5_4/NEWS
> U php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c
> A php/php-src/branches/PHP_5_4/sapi/cli/tests/php_cli_server_014.phpt
> U php/php-src/trunk/sapi/cli/php_cli_server.c
> A php/php-src/trunk/sapi/cli/tests/php_cli_server_014.phpt
>
> Modified: php/php-src/branches/PHP_5_4/NEWS
> ===
> --- php/php-src/branches/PHP_5_4/NEWS 2011-12-09 05:25:05 UTC (rev 320715)
> +++ php/php-src/branches/PHP_5_4/NEWS 2011-12-09 05:37:41 UTC (rev 320716)
> @@ -1,6 +1,9 @@
> PHP
> NEWS
> |||
> ?? Dec 2011, PHP 5.4.0 RC4
> +- CLI SAPI:
> + . Fixed bug #60477 (Segfault after two multipart/form-data POST requests).
> + (Laruence)
>
> 08 Dec 2011, PHP 5.4.0 RC3
> - Core:
>
> Modified: php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c
> ===
> --- php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c 2011-12-09
> 05:25:05 UTC (rev 320715)
> +++ php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c 2011-12-09
> 05:37:41 UTC (rev 320716)
> @@ -1921,6 +1921,7 @@
> php_cli_server_close_connection(server, client TSRMLS_CC);
> destroy_request_info(&SG(request_info));
> SG(server_context) = NULL;
> + SG(rfc1867_uploaded_files) = NULL;
> return SUCCESS;
> }
> /* }}} */
>
> Added: php/php-src/branches/PHP_5_4/sapi/cli/tests/php_cli_server_014.phpt
> ===
> --- php/php-src/branches/PHP_5_4/sapi/cli/tests/php_cli_server_014.phpt
> (rev 0)
> +++ php/php-src/branches/PHP_5_4/sapi/cli/tests/php_cli_server_014.phpt
> 2011-12-09 05:37:41 UTC (rev 320716)
> @@ -0,0 +1,76 @@
> +--TEST--
> +Bug #60477: Segfault after two multipart/form-data POST requestes
> +--SKIPIF--
> + +include "skipif.inc";
> +?>
> +--FILE--
> + +include "php_cli_server.inc";
> +php_cli_server_start('echo done, "\n";', TRUE);
> +
> +list($host, $port) = explode(':', PHP_CLI_SERVER_ADDRESS);
> +$port = intval($port)?:80;
> +$output = '';
> +
> +$fp = fsockopen($host, $port, $errno, $errstr, 0.5);
> +if (!$fp) {
> + die("connect failed");
> +}
> +
> +if(fwrite($fp, << +POST /index.php HTTP/1.1
> +Host: {$host}
> +Content-Type: multipart/form-data; boundary=-123456789
> +Content-Length: 70
> +
> +-123456789
> +Content-Type: application/x-www-form-urlencoded
> +a=b
> +HEADER
> +)) {
> + while (!feof($fp)) {
> + $output .= fgets($fp);
> + }
> +}
> +
> +fclose($fp);
> +
> +$fp = fsockopen($host, $port, $errno, $errstr, 0.5);
> +if(fwrite($fp, << +POST /main/no-exists.php HTTP/1.1
> +Host: {$host}
> +Content-Type: multipart/form-data; boundary=-123456789
> +Content-Length: 70
> +
> +-123456789
> +Content-Type: application/x-www-form-urlencoded
> +a=b
> +HEADER
> +)) {
> + while (!feof($fp)) {
> + $output .= fgets($fp);
> + }
> +}
> +
> +echo preg_replace("/(.*?)<\/style>/s", "