We prefer clean solutions (such as declaring the proper type in the
first place, or introducing a portable format specifier) where easily
possible, but resort to casts otherwise.
We also port f1480ab14b.
The two calls that MySQLnd does to this handler all pass a buffer the same size as the error_msg field
Thus, we know that we can just memcpy the error message into the buffer.
See https://nrk.neocities.org/articles/not-a-fan-of-strlcpy for a rationale against the usage of `strlcpy()`
Note that this function is similar to `SETUP_OPENSSL`, but since the
zlib headers are not necessarily required, we append `_LIB`.
We are also more liberal regarding zlib(_a).lib, because
extensions requiring zlib are looking only for zlib.lib if ext/zlib has
been built as shared extension. This is overly restrictive at best,
and actually makes no sense, since (a) we're not shipping shared zlib
builds for years, and (b) users could have a zlib.lib which is a static
build (they could even just rename zlib_a.lib to zlib.lib).
This fixes issues causing buffer over-read that leak heap content:
- RESP packet field default left over for COM_LIST
- RESP packet upsert filename
- OK packet message
- RESP packet for stmt row data
- ps_fetch_from_1_to_8_bytes
- ps_fetch_float
- ps_fetch_double
- ps_fetch_time
- ps_fetch_date
- ps_fetch_datetime
- ps_fetch_string
- ps_fetch_bit
- RESP packet for query row data (just possible overflow on 32bit)
It also adds various protocol tests using a new fake server.
The MYSQLND_HAVE_SSL indicate that mysqlnd has extended SSL support
enabled through either OpenSSL when building with Autotools, and through
crypt32 library on Windows.
Fixes https://github.com/php/php-src/pull/15164#discussion_r1803834585
Closes GH-16474.
Since the mysqlnd result set is arena allocated, we must not simply
free it, but rather call the appropriate `free_result` method.
Co-authored-by: Kamil Tekiela <tekiela246@gmail.com>
This feature was never implemented, and since the
beginning, using this constant with mysqlnd would
result in an error.
This feature was only available with libmysqlclient
which can no longer be used with mysqli.
There are no plans to implement it in the future.
`gettimeofday()` is supported by PHP on Windows for ages; and generally
`localtime()` is supported on Windows for a long time. As such, there
is no need for the Windows specific formatting code.
However, the general Windows caveat regarding `time_t` applies, namely
that it is usually `__time64_t`, unless `_USE_32BIT_TIME_T` is declared,
what we do for 32bit architectures, in which case it is `__time32_t`.
Now, `struct timeval` is imported from WinSock2.h, where the members are
declared as long (i.e. 32bit on both x86 and x64). That means passing
a pointer to `tv_sec` to `localtime()` likely fails on x64, or at least
doesn't yield the desired result. Therefore, we assign `tv_sec` to an
appropriate `time_t` variable, and also make sure that the `time_buffer`
is zero-terminated even if the `localtime()` call still fails.
Quoted m4_normalize will expand and change its argument later in the
macro call when M4 is processing the *.m4 sources. Without quotes the
already normalized string is passed to the macro directly. In these
specific cases generated configure script is the same. This is more for
consistency to have this synced and not repeat the pattern too much
in the future when copy/pasting. Note, that many AC_* macros require
similar behavior already (for example, AC_CHECK_FUNCS.)
* Include from build dir first
This fixes out of tree builds by ensuring that configure artifacts are included
from the build dir.
Before, out of tree builds would preferably include files from the src dir, as
the include path was defined as follows (ignoring includes from ext/ and sapi/) :
-I$(top_builddir)/main
-I$(top_srcdir)
-I$(top_builddir)/TSRM
-I$(top_builddir)/Zend
-I$(top_srcdir)/main
-I$(top_srcdir)/Zend
-I$(top_srcdir)/TSRM
-I$(top_builddir)/
As a result, an out of tree build would include configure artifacts such as
`main/php_config.h` from the src dir.
After this change, the include path is defined as follows:
-I$(top_builddir)/main
-I$(top_builddir)
-I$(top_srcdir)/main
-I$(top_srcdir)
-I$(top_builddir)/TSRM
-I$(top_builddir)/Zend
-I$(top_srcdir)/Zend
-I$(top_srcdir)/TSRM
* Fix extension include path for out of tree builds
* Include config.h with the brackets form
`#include "config.h"` searches in the directory containing the including-file
before any other include path. This can include the wrong config.h when building
out of tree and a config.h exists in the source tree.
Using `#include <config.h>` uses exclusively the include path, and gives
priority to the build dir.
The m4_normalize() can simplify the list argument. It removes leading
and trailing spaces and tabs, sequences of backslash-then-newline, and
replaces multiple spaces, tabs, and newlines with a single space.
This enables the zlib library (https://zlib.net/) from a single place to
match the minimum required version across the php-src. This provides a
possible simpler version bump in the future. Macro's 2nd and 3rd
arguments can pass additional actions whether zlib library is found or
not for the possible future adjustments in the ext/standard where also
zlib might be required.
Support for pkg-config was introduced in 1.2.3.1.
The minimum zlib version has been bumped to 1.2.3.1
* Bump minimum zlib version to 1.2.11
This is aligned with CentOS 8, which has 1.2.11 in the default packages.
* [skip ci] Move zlib version change to UPGRADING
This matches the OpenSSL style version change notice already done in
this file.
This partially backports that PR to stable branches as it has been in master
without reported problems so far.
It's only a partial backport because the stable branches don't have the
ZTS persistent resource fix that would fix shutdown crashes, i.e. the
code change in mysqlnd_vio's close_stream is not backported.
This is fully fixed on master.
Closes GH-14324.
Closes GH-10599.
This is used in Makefile when building mysqlnd as shared to get zlib and
crypto libraries linked in the mysqlnd.so (-lz -lcrypto). For static
build these are in the resulting binary like before.
This is a leftover from the refactoring of the --with-openssl-dir option
that once accepted the path to OpenSSL but wasn't renamed back then.
Instead of --with-openssl-dir, SSL support in ext/ftp and ext/mysqlnd
can be enabled implicitly when building with ext/openssl enabled
(--with-openssl) or explicitly by using new separate configure options
--with-ftp-ssl and --with-mysqlnd-ssl.
The code originally posted in GH-10599 triggers the bug for
non-persistent connections, but changing the host to `p:.` reveals that
there is also a crash bug for persistent connections.
What happens is that the persistent network stream resource gets freed, yet
stays inside EG(persistent_list). This causes a crash on shutdown when the
persistent list is getting cleared, as the engine will try to free the network
stream again.
The code in close_stream gets confused between persistent vs
non-persistent allocations when EG(active) is false.
This code was introduced in c3019a1 to fix crashes when the persistent list
gets destroyed before module shutdown is called. This is indeed a potential
problem that was fixed on the master branch in 5941cda.
This fixes the crash reason of GH-10599.
