The stream context inside `mysqlnd_vio::enable_ssl()` is leaking.
In particular: when `php_stream_context_set()` get called the refcount
of `context` is increased by 1, which means that `context` will now
have a refcount of 2. Later on we remove the context from the stream
by calling `php_stream_context_set(stream, NULL)` but that leaves our
`context` with a refcount of 1, and therefore it's never destroyed.
In my test case this yielded a leak of 1456 bytes per connection
(but could be more depending on your settings ofc).
Annoyingly, Valgrind doesn't find it because the context is still
in the `EG(regular_list)` and will thus be destroyed at the end of
the request. However, I still think this bug needs to be fixed because
as the users in the issue report already mentioned:
there can be long-running PHP scripts.
Fix it by decreasing the refcount to transfer the ownership.
Closes GH-10909.
The fix for bug 63327[1] changed the extra size of mysqlnd allocations
from `sizeof(size_t)` to the properly aligned values; however, the
allocation in `_mysqlnd_pestrdup()` has apparently been overlooked,
which (currently) causes detectable heap corruption when running
mysqli_get_client_stats.phpt on 32bit Windows versions.
[1] <338a47bb85>
Closes GH-9724.
Unless stringified results are requested, we need to parse large
bigints as unsigned, to avoid wrap-around behavior.
Co-authored-by: Christoph M. Becker <cmbecker69@gmx.de>
Closes GH-7837.
Use the proper error reporting mechanism rather than throwing a
warning. This requires something of a hack because we don't have
direct access to the connection object at this point.
This functionality is not used productively in PHP and it's not used in
any of the extensions to my knowledge. Since it looks like this functionality
isn't required by anyone, let's clean up mysqlnd and drop it.
Use ZEND_MM_ALIGNED_SIZE for the extra size information.
I don't have a relevant system to test, but this should fix the
issue as long as required alignment is detected correctly.
When row data split across multiple packets, allocate a temporary
buffer that can be reallocated, and only copy into the row buffer
pool arena once we know the final size. This avoids quadratic
memory usage for very large results.
(cherry picked from commit 1fc4c89214)
1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https.
2. Update few license 3.0 to 3.01 as 3.0 states "php 5.1.1, 4.1.1, and earlier".
3. In some license comments is "at through the world-wide-web" while most is without "at", so deleted.
4. fixed indentation in some files before |
