archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-15 21:48:51 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
142310 commits 526 branches 1434 tags 864 MiB
Commit graph

1021 commits

Author SHA1 Message Date
George Peter Banyard
c40231afbf
Mark various functions with void arguments. 
This fixes a bunch of [-Wstrict-prototypes] warning,
because in C func() and func(void) have different semantics.
 2021-05-12 14:55:53 +01:00
George Peter Banyard
a9695cc615
Refactor register shutdown function mechanism 
Use FCI/FCC structure instead of custom implementation which does the same.
This also fixes the "bug" which prevented static methods from being shutdown functions.

Closes GH-5829

Co-authored-by: Aaron Piotrowski <aaron@trowski.com>
 2021-05-10 15:54:59 +01:00
KsaR
01b3fc03c3
Update http->https in license (#6945) 
1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https.
2. Update few license 3.0 to 3.01 as 3.0 states "php 5.1.1, 4.1.1, and earlier".
3. In some license comments is "at through the world-wide-web" while most is without "at", so deleted.
4. fixed indentation in some files before |
 2021-05-06 12:16:35 +02:00
Nikita Popov
4ce5d2ea88 Add known strings for jit autoglobals 
We always create interned strings for all autoglobals anyway, so
we might as well add known strings to make them more widely usable.
 2021-04-09 15:37:59 +02:00
George Peter Banyard
09efad615b
Use zend_string_equals_(literal_)ci() API more often 
Also drive-by usage of zend_ini_parse_bool()

Closes GH-6844
 2021-04-09 02:34:50 +01:00
George Peter Banyard
5caaf40b43
Introduce pseudo-keyword ZEND_FALLTHROUGH 
And use it instead of comments
 2021-04-07 00:46:29 +01:00
Christoph M. Becker
f4412f56a2 Merge branch 'PHP-8.0' 
* PHP-8.0:
  Properly initialize PS(mod) on RINIT
 2021-03-23 13:14:49 +01:00
Christoph M. Becker
733b514326 Merge branch 'PHP-7.4' into PHP-8.0 
* PHP-7.4:
  Properly initialize PS(mod) on RINIT
 2021-03-23 13:13:43 +01:00
Christoph M. Becker
688e56d0ac Properly initialize PS(mod) on RINIT 
We need to do that in case a user handler has been set.  However, we
can't do that in `php_rinit_session_globals()` since that function is
called by PHP function `session_destroy()` too, but in that case we
don't want to reset PS(mod).

Closes GH-6795.
 2021-03-23 13:12:19 +01:00
Christoph M. Becker
fd62917730 Merge branch 'PHP-8.0' 
* PHP-8.0:
  Fix #80889: amendment
 2021-03-22 22:51:12 +01:00
Christoph M. Becker
90be86fc91 Merge branch 'PHP-7.4' into PHP-8.0 
* PHP-7.4:
  Fix #80889: amendment
 2021-03-22 22:49:46 +01:00
Christoph M. Becker
838951c2d6 Fix #80889: amendment 
`session_set_save_handler()` may be called with callables instead of an
object; we need to cater to that as well.

We also extract a set_user_save_handler_ini() function to avoid code
duplication.

Closes GH-6796.
 2021-03-22 22:17:35 +01:00
Christoph M. Becker
64e589cab6 Merge branch 'PHP-8.0' 
* PHP-8.0:
  Fix #80889: Cannot set save handler when save_handler is invalid
 2021-03-19 17:05:32 +01:00
Christoph M. Becker
2a1ed81ffc Merge branch 'PHP-7.4' into PHP-8.0 
* PHP-7.4:
  Fix #80889: Cannot set save handler when save_handler is invalid
 2021-03-19 17:03:54 +01:00
Christoph M. Becker
06bfada99b Fix #80889: Cannot set save handler when save_handler is invalid 
There is no need to require a (valid) save_handler to be set, when a
user handler is supposed to be set.  We just have to make sure, that
no user handler is already set in this case.

Closes GH-6788.
 2021-03-19 16:59:54 +01:00
Christoph M. Becker
59d030c55b Merge branch 'PHP-8.0' 
* PHP-8.0:
  Fix #80774: session_name() problem with backslash
 2021-02-22 12:36:43 +01:00
Christoph M. Becker
6dcd640f35 Merge branch 'PHP-7.4' into PHP-8.0 
* PHP-7.4:
  Fix #80774: session_name() problem with backslash
 2021-02-22 12:35:23 +01:00
Christoph M. Becker
d7c98ca1ac Fix #80774: session_name() problem with backslash 
Since we do no longer URL decode cookie names[1], we must not URL
encode the session name.  We need to prevent broken Set-Cookie headers,
by rejecting names which contain invalid characters.

[1] <http://git.php.net/?p=php-src.git;a=commit;h=6559fe912661ca5ce5f0eeeb591d928451428ed0>

Closes GH-6711.
 2021-02-22 12:32:56 +01:00
Máté Kocsis
5b5bfd6be4
Generate class entries from stubs for phar, posix, pspell, readline, reflection, session, shmop 
Closes GH-6692
 2021-02-15 00:11:22 +01:00
Nikita Popov
3e01f5afb1 Replace zend_bool uses with bool 
We're starting to see a mix between uses of zend_bool and bool.
Replace all usages with the standard bool type everywhere.

Of course, zend_bool is retained as an alias.
 2021-01-15 12:33:06 +01:00
Nikita Popov
8067cf4752 Use callable type in register_shutdown_function() 
To make things a bit less weird, split off the function name into
a zval stored separately from the arguments. This allows us to
use normal zpp and get standard behavior.
 2020-09-25 14:48:33 +02:00
George Peter Banyard
82e14ff8e7 Drop usage of E_RECOVERABLE_ERROR in Session extension 2020-09-22 19:11:30 +01:00
Máté Kocsis
46c0c82a0f
Declare array|int and object-of-class|int types in stubs 
Closes GH-6081

Co-Authored-By: Nikita Popov <nikic@php.net>
 2020-09-14 11:59:32 +02:00
Máté Kocsis
f293e6b920
Clean up ext/session errors 
Closes GH-6111
 2020-09-11 11:59:04 +02:00
Dmitry Stogov
4a2ae84188 Add "const". Move constant strings to read-only memory. 2020-09-07 21:35:48 +03:00
Max Semenik
2b5de6f839
Remove proto comments from C files 
Closes GH-5758
 2020-07-06 21:13:34 +02:00
Nikita Popov
344c077400 Use zend_string_equals API in a couple places 2020-07-03 17:02:28 +02:00
Máté Kocsis
b981662855
Fix a couple of UNKNOWN default values in ext/session 
Closes GH-5752
 2020-06-23 15:42:59 +02:00
Christoph M. Becker
92c4b06513 Use ZEND_UNREACHABLE() instead of ZEND_ASSERT(0) 
Instead of marking unreachable code with `ZEND_ASSERT(0)`, we introduce
`ZEND_UNREACHABLE()`, so that MSVC which does not consider `assert(0)`
to mark unreachable code does no longer trigger C4715[1] warnings in
debug builds.  This may be useful for other compilers as well.

[1] <https://docs.microsoft.com/de-de/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4715?view=vs-2019>
 2020-06-16 18:39:09 +02:00
Christoph M. Becker
08858e7cca Fix #73529: session_decode() silently fails on wrong input 
The `php_serialize` decode function has to return `FAILURE`, if the
unserialization failed on anything but an empty string.

The `php` decode function has also to return `FAILURE`, if there is
trailing garbage in the string.
 2020-06-10 16:48:49 +02:00
twosee
88355dd338 Constify char * arguments of APIs 
Closes GH-5676.
 2020-06-08 10:38:45 +02:00
Máté Kocsis
aa9b0ccda8
Add tests to check mismatching function signatures 
Closes GH-5666
 2020-06-06 09:23:34 +02:00
Christoph M. Becker
5a04796f76 Fix MSVC level 1 (severe) warnings 
We fix (hopefully) all instances of:

* <https://docs.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4005>
* <https://docs.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4024>
* <https://docs.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4028>
* <https://docs.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4047>
* <https://docs.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4087>
* <https://docs.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4090>
* <https://docs.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4273>
* <https://docs.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-1-c4312>

`zend_llist_add_element()` and `zend_llist_prepend_element()` now
explicitly expect a *const* pointer.

We use the macro `ZEND_VOIDP()` instead of a `(void*)` cast to suppress
C4090; this should prevent accidential removal of the cast by
clarifying the intention, and makes it easier to remove the casts if
the issue[1] will be resolved sometime.

[1] <https://developercommunity.visualstudio.com/content/problem/390711/c-compiler-incorrect-propagation-of-const-qualifie.html>
 2020-06-05 11:17:05 +02:00
Alex Dowad
af67b06995 SessionUpdateTimestampHandler class was never implemented 
It seems that in 2015, work was being done so that users could add their own custom
session handlers. The implementer intended to add a class called
SessionUpdateTimestampHandler, but never did so. The variable which was intended to point
to its class entry is never initialized.

The implementer also coded two methods for this class. Strangely, the method bodies
are declared with PHP_METHOD(SessionHandler, ...) rather than
PHP(SessionUpdateTimestampHandler, ...). However, these method implementations are not
added to the method table of any class or interface. They are just dead code.
 2020-04-27 14:51:33 +02:00
Máté Kocsis
1bba691ecc
Generate method entries for ext/session and ext/reflection 
Closes GH-5376
 2020-04-13 13:04:06 +02:00
Máté Kocsis
21cfa03f17
Generate function entries for another batch of extensions 
Closes GH-5352
 2020-04-05 21:15:30 +02:00
Christoph M. Becker
12ca4fe65d Merge branch 'PHP-7.4' 
* PHP-7.4:
  Fix #79413: session_create_id() fails for active sessions
 2020-03-31 08:41:08 +02:00
Christoph M. Becker
d533fa15e6 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Fix #79413: session_create_id() fails for active sessions
 2020-03-31 08:39:54 +02:00
Christoph M. Becker
b510250b8e Fix #79413: session_create_id() fails for active sessions 
The comment on `PS_VALIDATE_SID_FUNC(files)` is very clear that the
function is supposed to return `SUCCESS` if the session already exists.
So to detect a collision, we have to check for `SUCCESS`, not
`FAILURE`.

We also fix the wrong condition in session_regenerate_id() as well.
 2020-03-31 08:38:23 +02:00
Stanislav Malyshev
90ae1818d5 Fix bug #79221 - Null Pointer Dereference in PHP Session Upload Progress 2020-02-17 00:20:31 -08:00
Stanislav Malyshev
282bfb109e Fix bug #79221 - Null Pointer Dereference in PHP Session Upload Progress 2020-02-17 00:20:17 -08:00
Stanislav Malyshev
409965fe1c Fix bug #79221 - Null Pointer Dereference in PHP Session Upload Progress 2020-02-17 00:19:30 -08:00
Stanislav Malyshev
545f77d313 Merge branch 'PHP-7.4' 
* PHP-7.4:
  Update NEWS
  Fix bug #79037 (global buffer-overflow in `mbfl_filt_conv_big5_wchar`)
  Fix #79099: OOB read in php_strip_tags_ex
  Fix #79091: heap use-after-free in session_create_id()
 2020-01-20 22:47:28 -08:00
Stanislav Malyshev
a29c793381 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Update NEWS
  Fix bug #79037 (global buffer-overflow in `mbfl_filt_conv_big5_wchar`)
  Fix #79099: OOB read in php_strip_tags_ex
  Fix #79091: heap use-after-free in session_create_id()
 2020-01-20 22:47:01 -08:00
Stanislav Malyshev
25ec7eb346 Merge branch 'PHP-7.2' into PHP-7.3 
* PHP-7.2:
  Update NEWS
  Fix bug #79037 (global buffer-overflow in `mbfl_filt_conv_big5_wchar`)
  Fix #79099: OOB read in php_strip_tags_ex
  Fix #79091: heap use-after-free in session_create_id()
 2020-01-20 22:46:29 -08:00
Christoph M. Becker
f79c774274 Fix #79091: heap use-after-free in session_create_id() 
If the `new_id` is released, we must not use it again.
 2020-01-20 21:43:42 -08:00
Máté Kocsis
349a286461
Use RETURN_THROWS() after zend_throw_error() 2020-01-01 16:42:30 +01:00
Máté Kocsis
345703724c
Use RETURN_THROWS() during ZPP in most of the extensions 
Except for some bigger ones: reflection, sodium, spl
 2019-12-31 11:46:11 +01:00
Nikita Popov
d8bd113b51 Merge branch 'PHP-7.4' 
* PHP-7.4:
  Add test for bug #79031
  Revert "Increase serialize_lock while decoding session"
 2019-12-30 11:31:56 +01:00
Nikita Popov
ed3811e781 Revert "Increase serialize_lock while decoding session" 
This reverts commit b8ef7c35ab.

See bug #79031. The semantics of serialize locking aren't quite
correct right now, and the use of the lock in this particular
place makes us hit the issue in a common case. I'm reverting this
commit for PHP 7.4 and will try to fix this properly for PHP 8,
as I believe it will require ABI breakage.
 2019-12-30 11:27:13 +01:00