From e7623f470f3c43396db4adcceeb63bd7029bc5ff Mon Sep 17 00:00:00 2001 From: Nikita Popov Date: Fri, 3 Oct 2014 21:06:26 +0200 Subject: [PATCH 01/10] Fix bug #68133 and bug #68135 --- Zend/zend_vm_def.h | 3 +-- Zend/zend_vm_execute.h | 12 ++++-------- 2 files changed, 5 insertions(+), 10 deletions(-) diff --git a/Zend/zend_vm_def.h b/Zend/zend_vm_def.h index b843f42c418..7fa544b5796 100644 --- a/Zend/zend_vm_def.h +++ b/Zend/zend_vm_def.h @@ -4037,8 +4037,7 @@ ZEND_VM_HANDLER(73, ZEND_INCLUDE_OR_EVAL, CONST|TMP|VAR|CV, ANY) ZVAL_UNDEF(&tmp_inc_filename); if (Z_TYPE_P(inc_filename) != IS_STRING) { - ZVAL_DUP(&tmp_inc_filename, inc_filename); - convert_to_string(&tmp_inc_filename); + ZVAL_STR(&tmp_inc_filename, zval_get_string(inc_filename)); inc_filename = &tmp_inc_filename; } diff --git a/Zend/zend_vm_execute.h b/Zend/zend_vm_execute.h index 82676436b17..9f7d4c3a1a2 100644 --- a/Zend/zend_vm_execute.h +++ b/Zend/zend_vm_execute.h @@ -2908,8 +2908,7 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_CONST_HANDLER(ZEND_OPCODE_HA ZVAL_UNDEF(&tmp_inc_filename); if (Z_TYPE_P(inc_filename) != IS_STRING) { - ZVAL_DUP(&tmp_inc_filename, inc_filename); - convert_to_string(&tmp_inc_filename); + ZVAL_STR(&tmp_inc_filename, zval_get_string(inc_filename)); inc_filename = &tmp_inc_filename; } @@ -9647,8 +9646,7 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_TMP_HANDLER(ZEND_OPCODE_HAND ZVAL_UNDEF(&tmp_inc_filename); if (Z_TYPE_P(inc_filename) != IS_STRING) { - ZVAL_DUP(&tmp_inc_filename, inc_filename); - convert_to_string(&tmp_inc_filename); + ZVAL_STR(&tmp_inc_filename, zval_get_string(inc_filename)); inc_filename = &tmp_inc_filename; } @@ -16236,8 +16234,7 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_VAR_HANDLER(ZEND_OPCODE_HAND ZVAL_UNDEF(&tmp_inc_filename); if (Z_TYPE_P(inc_filename) != IS_STRING) { - ZVAL_DUP(&tmp_inc_filename, inc_filename); - convert_to_string(&tmp_inc_filename); + ZVAL_STR(&tmp_inc_filename, zval_get_string(inc_filename)); inc_filename = &tmp_inc_filename; } @@ -33518,8 +33515,7 @@ static int ZEND_FASTCALL ZEND_INCLUDE_OR_EVAL_SPEC_CV_HANDLER(ZEND_OPCODE_HANDL ZVAL_UNDEF(&tmp_inc_filename); if (Z_TYPE_P(inc_filename) != IS_STRING) { - ZVAL_DUP(&tmp_inc_filename, inc_filename); - convert_to_string(&tmp_inc_filename); + ZVAL_STR(&tmp_inc_filename, zval_get_string(inc_filename)); inc_filename = &tmp_inc_filename; } From 93288d0095cc27f8df88832e479e25ea5b00b5fd Mon Sep 17 00:00:00 2001 From: Nikita Popov Date: Fri, 3 Oct 2014 21:24:28 +0200 Subject: [PATCH 02/10] Fix bug #68188 --- NEWS | 3 +++ Zend/tests/bug68118.phpt | 21 +++++++++++++++++++++ Zend/zend_object_handlers.c | 9 ++++++--- 3 files changed, 30 insertions(+), 3 deletions(-) create mode 100644 Zend/tests/bug68118.phpt diff --git a/NEWS b/NEWS index d4f6c3e9fb8..00bc1106226 100644 --- a/NEWS +++ b/NEWS @@ -2,6 +2,9 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? ??? 2014, PHP 5.5.19 +- Core: + . Fixed bug #68188 ($a->foo .= 'test'; can leave $a->foo undefined). (Nikita) + ?? ??? 2014, PHP 5.5.18 diff --git a/Zend/tests/bug68118.phpt b/Zend/tests/bug68118.phpt new file mode 100644 index 00000000000..c56e70a112d --- /dev/null +++ b/Zend/tests/bug68118.phpt @@ -0,0 +1,21 @@ +--TEST-- +Bug #68118: $a->foo .= 'test'; can leave $a->foo undefined +--FILE-- +test = 'meow'; + return true; +}); + +$a = new stdClass; +$a->undefined .= 'test'; +var_dump($a); + +?> +--EXPECT-- +object(stdClass)#2 (1) { + ["undefined"]=> + string(4) "test" +} diff --git a/Zend/zend_object_handlers.c b/Zend/zend_object_handlers.c index 093951eecaf..a7b761fa384 100644 --- a/Zend/zend_object_handlers.c +++ b/Zend/zend_object_handlers.c @@ -754,9 +754,6 @@ static zval **zend_std_get_property_ptr_ptr(zval *object, zval *member, int type /* we don't have access controls - will just add it */ new_zval = &EG(uninitialized_zval); - if(UNEXPECTED(type == BP_VAR_RW || type == BP_VAR_R)) { - zend_error(E_NOTICE, "Undefined property: %s::$%s", zobj->ce->name, Z_STRVAL_P(member)); - } Z_ADDREF_P(new_zval); if (EXPECTED((property_info->flags & ZEND_ACC_STATIC) == 0) && property_info->offset >= 0) { @@ -776,6 +773,12 @@ static zval **zend_std_get_property_ptr_ptr(zval *object, zval *member, int type } zend_hash_quick_update(zobj->properties, property_info->name, property_info->name_length+1, property_info->h, &new_zval, sizeof(zval *), (void **) &retval); } + + /* Notice is thrown after creation of the property, to avoid EG(std_property_info) + * being overwritten in an error handler. */ + if (UNEXPECTED(type == BP_VAR_RW || type == BP_VAR_R)) { + zend_error(E_NOTICE, "Undefined property: %s::$%s", zobj->ce->name, Z_STRVAL_P(member)); + } } else { /* we do have getter - fail and let it try again with usual get/set */ retval = NULL; From d67c05bb899f4db42dd568376112b9144de2b5f1 Mon Sep 17 00:00:00 2001 From: Nikita Popov Date: Fri, 3 Oct 2014 21:41:58 +0200 Subject: [PATCH 03/10] Fix bug number --- NEWS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/NEWS b/NEWS index 00bc1106226..8385d3e0126 100644 --- a/NEWS +++ b/NEWS @@ -3,7 +3,7 @@ PHP NEWS ?? ??? 2014, PHP 5.5.19 - Core: - . Fixed bug #68188 ($a->foo .= 'test'; can leave $a->foo undefined). (Nikita) + . Fixed bug #68118 ($a->foo .= 'test'; can leave $a->foo undefined). (Nikita) ?? ??? 2014, PHP 5.5.18 From d2161c8104df33adf8a3e20168cdf9af5f0ade88 Mon Sep 17 00:00:00 2001 From: Anatol Belski Date: Fri, 3 Oct 2014 21:45:51 +0200 Subject: [PATCH 04/10] reveal some newer libcurl features in MINFO --- ext/curl/interface.c | 6 ++++++ ext/curl/tests/check_win_config.phpt | 2 ++ 2 files changed, 8 insertions(+) diff --git a/ext/curl/interface.c b/ext/curl/interface.c index d7cacf54f9f..6caaa5258b8 100644 --- a/ext/curl/interface.c +++ b/ext/curl/interface.c @@ -556,6 +556,12 @@ PHP_MINFO_FUNCTION(curl) #endif #if LIBCURL_VERSION_NUM >= 0x071504 /* 7.21.4 */ {"TLS-SRP", CURL_VERSION_TLSAUTH_SRP}, +#endif +#if LIBCURL_VERSION_NUM >= 0x072100 /* 7.33.0 */ + {"HTTP2", CURL_VERSION_HTTP2}, +#endif +#if LIBCURL_VERSION_NUM >= 0x072600 /* 7.38.0 */ + {"GSSAPI", CURL_VERSION_GSSAPI}, #endif {NULL, 0} }; diff --git a/ext/curl/tests/check_win_config.phpt b/ext/curl/tests/check_win_config.phpt index d82fe6f41a7..3d13638f90d 100644 --- a/ext/curl/tests/check_win_config.phpt +++ b/ext/curl/tests/check_win_config.phpt @@ -40,6 +40,8 @@ SPNEGO => Yes SSL => Yes SSPI => Yes TLS-SRP => No +HTTP2 => No +GSSAPI => No Protocols => dict, file, ftp, ftps, gopher, http, https, imap, imaps, ldap, pop3, pop3s, rtsp, scp, sftp, smtp, smtps, telnet, tftp Host => %s-pc-win32 SSL Version => OpenSSL/%s From 5831cca9576f4e0d4daed75a9915d436dfc5f4e5 Mon Sep 17 00:00:00 2001 From: Nikita Popov Date: Fri, 3 Oct 2014 21:46:14 +0200 Subject: [PATCH 05/10] Mark three foreach tests as XFAIL A lot of work is needed to properly handle all foreach edge cases, which is not going to happen anytime soon. So marking these tests as XFAIL for now. --- tests/lang/foreachLoop.013.phpt | 2 ++ tests/lang/foreachLoop.014.phpt | 4 +++- tests/lang/foreachLoop.015.phpt | 2 ++ 3 files changed, 7 insertions(+), 1 deletion(-) diff --git a/tests/lang/foreachLoop.013.phpt b/tests/lang/foreachLoop.013.phpt index 3dec1194ff0..b0c5e8dcf51 100644 --- a/tests/lang/foreachLoop.013.phpt +++ b/tests/lang/foreachLoop.013.phpt @@ -1,5 +1,7 @@ --TEST-- Directly modifying an unreferenced array when foreach'ing over it while using &$value syntax. +--XFAIL-- +Needs major foreach changes to get sane behavior --FILE-- string(3) "v.3" -} \ No newline at end of file +} diff --git a/tests/lang/foreachLoop.015.phpt b/tests/lang/foreachLoop.015.phpt index dfba1591534..5b12a2b0c26 100644 --- a/tests/lang/foreachLoop.015.phpt +++ b/tests/lang/foreachLoop.015.phpt @@ -1,5 +1,7 @@ --TEST-- Directly modifying a REFERENCED array when foreach'ing over it while using &$value syntax. +--XFAIL-- +Needs major foreach changes to get sane behavior --FILE-- Date: Fri, 3 Oct 2014 21:49:44 +0200 Subject: [PATCH 06/10] Fix two date tests New behavior seems much more reasonable - nothing should be able to touch the $this value like that. --- ext/date/tests/bug67118.phpt | 3 ++- ext/date/tests/bug67118_2.phpt | 11 +++++++++-- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/ext/date/tests/bug67118.phpt b/ext/date/tests/bug67118.phpt index 19b5914aa3b..332142856e4 100644 --- a/ext/date/tests/bug67118.phpt +++ b/ext/date/tests/bug67118.phpt @@ -23,4 +23,5 @@ class mydt extends datetime new mydt("Funktionsansvarig rÄdgivning och juridik", "UTC"); ?> --EXPECTF-- -Fatal error: Call to a member function format() on null in %sbug67118.php on line %d +Warning: DateTime::format(): The DateTime object has not been correctly initialized by its constructor in %s on line %d +Bad date diff --git a/ext/date/tests/bug67118_2.phpt b/ext/date/tests/bug67118_2.phpt index 368d4d9401c..9b6f5455258 100644 --- a/ext/date/tests/bug67118_2.phpt +++ b/ext/date/tests/bug67118_2.phpt @@ -24,5 +24,12 @@ Done --EXPECTF-- First try Second try -NULL -Done \ No newline at end of file +object(Foo)#1 (3) { + ["date"]=> + string(26) "2007-09-12 15:49:12.000000" + ["timezone_type"]=> + int(3) + ["timezone"]=> + string(3) "UTC" +} +Done From b68886f7b531976e41b8a66baabebbabc79bd1f2 Mon Sep 17 00:00:00 2001 From: Nikita Popov Date: Fri, 3 Oct 2014 21:55:03 +0200 Subject: [PATCH 07/10] Mark test for full GC root buffer as XFAIL --- Zend/tests/gc_033.phpt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Zend/tests/gc_033.phpt b/Zend/tests/gc_033.phpt index bcd15412541..dee426a385f 100644 --- a/Zend/tests/gc_033.phpt +++ b/Zend/tests/gc_033.phpt @@ -1,5 +1,7 @@ --TEST-- GC 033: Crash in GC while run with phpspec +--XFAIL-- +Full GC root buffer not handled correctly yet --FILE-- Date: Fri, 3 Oct 2014 22:17:02 +0200 Subject: [PATCH 08/10] fix asinh delivering -0 when the arg is 0 --- ext/standard/math.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ext/standard/math.c b/ext/standard/math.c index 4185cd48f44..7014e6c9384 100644 --- a/ext/standard/math.c +++ b/ext/standard/math.c @@ -220,7 +220,7 @@ static double php_asinh(double z) return(asinh(z)); #else # ifdef _WIN64 - if (z > 0) { + if (z >= 0) { return log(z + sqrt(z * z + 1)); } else { From a7d2747890846ed68cc86c6e8d3fd005525ff0cc Mon Sep 17 00:00:00 2001 From: George Wang Date: Fri, 3 Oct 2014 16:41:32 -0400 Subject: [PATCH 09/10] Fixed a bug that causes crash when environment variable is access while parsing php.ini --- sapi/litespeed/lsapi_main.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sapi/litespeed/lsapi_main.c b/sapi/litespeed/lsapi_main.c index 3da98b16bc9..ae01893a7a0 100644 --- a/sapi/litespeed/lsapi_main.c +++ b/sapi/litespeed/lsapi_main.c @@ -69,7 +69,7 @@ #define SAPI_LSAPI_MAX_HEADER_LENGTH 2048 -static int lsapi_mode = 1; +static int lsapi_mode = 0; static char *php_self = ""; static char *script_filename = ""; static int source_highlight = 0; @@ -1053,6 +1053,7 @@ int main( int argc, char * argv[] ) LSAPI_Init(); LSAPI_Init_Env_Parameters( NULL ); + lsapi_mode = 1; slow_script_msec = LSAPI_Get_Slow_Req_Msecs(); From f1e21c4979f215112f9a30bc9e6e4a1ebd5a32de Mon Sep 17 00:00:00 2001 From: Nikita Popov Date: Sat, 4 Oct 2014 00:32:32 +0200 Subject: [PATCH 10/10] Fix test gc_029_zts.phpt In ZTS the default properties are duplicated (instead of copied), so the array has one lower RC than on NTS and as such gets destroyed during GC, increasing the cycle count by 3. PHP 5.6 didn't always copy default properties on ZTS, which is where the difference comes from. --- Zend/tests/gc_029_zts.phpt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Zend/tests/gc_029_zts.phpt b/Zend/tests/gc_029_zts.phpt index fc77e1f3bd9..5d16e833482 100644 --- a/Zend/tests/gc_029_zts.phpt +++ b/Zend/tests/gc_029_zts.phpt @@ -34,4 +34,4 @@ unset($bar); var_dump(gc_collect_cycles()); ?> --EXPECT-- -int(3) +int(6)