archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-16 05:58:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
131427 commits 526 branches 1434 tags 865 MiB
Commit graph

2316 commits

Author SHA1 Message Date
Dmitry Stogov
79fac32d6b Don't call zend_attach/detach_symbol_table() for op_arrays without local variables 2021-12-16 17:37:01 +03:00
Dmitry Stogov
faa143ca1b Merge branch 'PHP-8.1' 
* PHP-8.1:
  Fix array clobbering by user error handler
 2021-12-15 12:21:36 +03:00
Dmitry Stogov
75b2973974 Fix array clobbering by user error handler 
Fixes oss-fuzz #42363
 2021-12-15 12:20:37 +03:00
Dmitry Stogov
623b3fc83f Merge branch 'PHP-8.1' 
* PHP-8.1:
  Move common code into helper
 2021-12-14 15:32:20 +03:00
Dmitry Stogov
b16fc350a4 Move common code into helper 2021-12-14 15:31:53 +03:00
Dmitry Stogov
1959bbfc1b Merge branch 'PHP-8.1' 
* PHP-8.1:
  Combine ADDREF/DELREF
 2021-12-13 22:54:57 +03:00
Dmitry Stogov
1e56b64759 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Combine ADDREF/DELREF
 2021-12-13 22:54:45 +03:00
Dmitry Stogov
c787f42ceb Combine ADDREF/DELREF 2021-12-13 22:38:23 +03:00
Dmitry Stogov
d9926a109d Merge branch 'PHP-8.1' 
* PHP-8.1:
  Fix array clobering by user error handler
 2021-12-13 15:20:24 +03:00
Dmitry Stogov
76075823e7 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Fix array clobering by user error handler
 2021-12-13 15:20:16 +03:00
Dmitry Stogov
cbc0b1afeb Fix array clobering by user error handler 
Fixes oss-fuzz #42234
 2021-12-13 14:59:30 +03:00
George Peter Banyard
da684582d7
ZEND_INIT_FCALL is only produced when function exists at compile time (#7728) 2021-12-09 17:15:59 +00:00
Dmitry Stogov
90e5eed9db Merge branch 'PHP-8.1' 
* PHP-8.1:
  Separate "cold" code
 2021-12-07 11:47:01 +03:00
Dmitry Stogov
08f1d470fb Separate "cold" code 2021-12-07 11:46:32 +03:00
Dmitry Stogov
fe1f613b75 Merge branch 'PHP-8.1' 
* PHP-8.1:
  Fix use after free because of data clobbering by user error handler
 2021-12-06 13:09:26 +03:00
Dmitry Stogov
5459ed4c2f Fix use after free because of data clobbering by user error handler 
Fixes oss-fuzz #41692
 2021-12-06 13:08:27 +03:00
Dmitry Stogov
1195ab8969 Merge branch 'PHP-8.1' 
* PHP-8.1:
  Add test
  ws
  Fix array object clobbering by user error handler
 2021-12-03 13:41:12 +03:00
Dmitry Stogov
731ce6be01 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Fix array object clobbering by user error handler
 2021-12-03 13:36:33 +03:00
Dmitry Stogov
1d054b3fa7 Fix array object clobbering by user error handler 
Fixes oss-fuss #41605 and #41610
 2021-12-03 13:35:28 +03:00
Dmitry Stogov
c8dca00d15 Merge branch 'PHP-8.1' 
* PHP-8.1:
  Fix clobering of operand by error handler in assignment to string offset
 2021-12-02 01:22:15 +03:00
Dmitry Stogov
9786eac9a3 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Fix clobering of operand by error handler in assignment to string offset
 2021-12-02 00:46:27 +03:00
Dmitry Stogov
09547c64c2 Fix clobering of operand by error handler in assignment to string offset 
In some cases new code requires two reallocations insead of one.

Fixes oss-fuzz #31716, #36196, #39739 and #40002
 2021-12-02 00:24:05 +03:00
Tyson Andre
fbdded1ff1 Use interned string for calling count() in Zend VM 
Similar to f0dd79a7e4

Copied from GH-7695
 2021-11-28 14:09:54 -05:00
Nikita Popov
902d64390e Deprecate implicit dynamic properties 
Writing to a proprety that hasn't been declared is deprecated,
unless the class uses the #[AllowDynamicProperties] attribute or
defines __get()/__set().

RFC: https://wiki.php.net/rfc/deprecate_dynamic_properties
 2021-11-26 14:10:11 +01:00
Nikita Popov
976f5694d3 Merge branch 'PHP-8.1' 
* PHP-8.1:
  Fixed bug #81631
 2021-11-17 16:07:06 +01:00
Nikita Popov
70cb37243e Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Fixed bug #81631
 2021-11-17 16:06:50 +01:00
Nikita Popov
4d4fe7639f Fixed bug #81631 
We need to save the opline before fetching the operand, as it may
throw an undef var warning.
 2021-11-17 16:06:25 +01:00
Dmitry Stogov
47435d679c Merge branch 'PHP-8.1' 
* PHP-8.1:
  Partially fix handling of exceptions thrown in interrupt handlers
 2021-11-11 21:02:35 +03:00
Dmitry Stogov
271cbe527c Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Partially fix handling of exceptions thrown in interrupt handlers
 2021-11-11 21:01:40 +03:00
Dmitry Stogov
fa0b84a06b Partially fix handling of exceptions thrown in interrupt handlers 2021-11-11 20:59:56 +03:00
Dmitry Stogov
90b7bde615 Use more compact representation for packed arrays. 
- for packed arrays we store just an array of zvals without keys.
- the elements of packed array are accessible throuf as ht->arPacked[i]
  instead of ht->arData[i]
- in addition to general ZEND_HASH_FOREACH_* macros, we introduced similar
  familied for packed (ZEND_HASH_PACKED_FORECH_*) and real hashes
  (ZEND_HASH_MAP_FOREACH_*)
- introduced an additional family of macros to access elements of array
  (packed or real hashes) ZEND_ARRAY_ELEMET_SIZE, ZEND_ARRAY_ELEMET_EX,
  ZEND_ARRAY_ELEMET, ZEND_ARRAY_NEXT_ELEMENT, ZEND_ARRAY_PREV_ELEMENT
- zend_hash_minmax() prototype was changed to compare only values

Because of smaller data set, this patch may show performance improvement
on some apps and benchmarks that use packed arrays. (~1% on PHP-Parser)

TODO:
    - sapi/phpdbg needs special support for packed arrays (WATCH_ON_BUCKET).
    - zend_hash_sort_ex() may require converting packed arrays to hash.
 2021-11-03 15:18:26 +03:00
Nikita Popov
ddbb51d622 Merge branch 'PHP-8.1' 
* PHP-8.1:
  Fix finally exception chaining on recursion
 2021-11-01 11:45:08 +01:00
Nikita Popov
e4f1083a6d Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Fix finally exception chaining on recursion
 2021-11-01 11:45:00 +01:00
Nikita Popov
1a2fb90bf4 Fix finally exception chaining on recursion 
In this case zend_exception_set_previous() would destroy the
fast_call exception and further accesses on ex would be invalid.
We should only update ex if we update EG(exception).

Fixes oss-fuzz #40464.
 2021-11-01 11:44:32 +01:00
Nikita Popov
da0d246e19 Drop FREE_OP_VAR_PTR() distinction 
FREE_OP_VAR_PTR() is like FREE_OP(), but only frees VAR, rather
than VARs and TMPs. I don't think this distinction makes sense
anymore, as opcodes using FREE_OP_VAR_PTR() generally only accept
VAR or CV. For the cases where other op types are accepted and
only freeing VAR is desired we already have FREE_OP_IF_VAR().

This drops FREE_OP_VAR_PTR(), leaving only FREE_OP() and
FREE_OP_IF_VAR().
 2021-10-20 12:02:09 +02:00
Nikita Popov
08cbb99451 Merge branch 'PHP-8.1' 
* PHP-8.1:
  Fix inc/dec of undef var with error handler
 2021-10-19 14:19:41 +02:00
Nikita Popov
22b6aac66f Fix inc/dec of undef var with error handler 
Set the variable to null after emitting the undef var notice
rather than before. This avoids an assertion failure if the var
is unset by the error handler.

The flip side is that this may cause a leak instead, but that's
the more harmless outcome.

Fixes oss-fuzz #36604.
 2021-10-19 14:19:22 +02:00
Nikita Popov
ebaed43473 Merge branch 'PHP-8.1' 
* PHP-8.1:
  Don't free FETCH_W operand if GLOBAL_LOCK
 2021-10-12 12:46:03 +02:00
Nikita Popov
7b0710695b Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Don't free FETCH_W operand if GLOBAL_LOCK
 2021-10-12 12:45:49 +02:00
Nikita Popov
a2e3ca1f5b Don't free FETCH_W operand if GLOBAL_LOCK 
The error path performed the free unconditionally, while we should
not do it for GLOBAL_LOCK.

Fixes oss-fuzz #39868.
 2021-10-12 12:44:35 +02:00
Nikita Popov
be323b89cd Merge branch 'PHP-8.1' 
* PHP-8.1:
  Fix duplicate undef warning in assign_dim_op
 2021-10-05 15:51:35 +02:00
Nikita Popov
02c5f7f927 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Fix duplicate undef warning in assign_dim_op
 2021-10-05 15:51:30 +02:00
Nikita Popov
11a9b036a8 Fix duplicate undef warning in assign_dim_op 
In case of auto-vivification we were fetching dim twice and as
such also emitting the undef var warning twice.
 2021-10-05 15:51:11 +02:00
Nikita Popov
f4e06ea562 Merge branch 'PHP-8.1' 
* PHP-8.1:
  Create reference wrappers in SEND_UNPACK if necessary
 2021-09-30 14:56:53 +02:00
Nikita Popov
02244d5ee6 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Create reference wrappers in SEND_UNPACK if necessary
 2021-09-30 14:56:44 +02:00
Nikita Popov
e11faad233 Create reference wrappers in SEND_UNPACK if necessary 
Even if we can't actually pass by reference, we still need to
create the REFERENCE wrapper to satisfy the calling convention.
The particular test case would crash with JIT, because the existence
of the reference was assumed.

Fixes oss-fuzz #39440.
 2021-09-30 14:55:48 +02:00
Nikita Popov
e1f98447d9 Merge branch 'PHP-8.1' 
* PHP-8.1:
  Handle throwing destructor in BIND_STATIC
 2021-09-29 10:17:27 +02:00
Nikita Popov
9346da8964 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Handle throwing destructor in BIND_STATIC
 2021-09-29 10:17:22 +02:00
Nikita Popov
ec54ffad1e Handle throwing destructor in BIND_STATIC 
Fixes oss-fuzz #39406.
 2021-09-29 10:17:05 +02:00
Nikita Popov
5ce32368f2 Merge branch 'PHP-8.1' 
* PHP-8.1:
  Fix SEND_USER with ref arg
 2021-09-17 12:18:27 +02:00