If we create separate listening sockets in each worker using
SO_REUSEADDR, then an incoming connection may be load-balanced
to a process that is already busy, either due to a long-running
request, or because it is a recursive request (in which case we
would deadlock).
Instead, only create one listening socket, and only create worker
forks afterwards. This way the incoming request will be served
by one of the workers that is currently listening for an incoming
connection.
CentOS 7 ships with re2c 0.13.5 by default, so we should not have
bumped the required re2c version to 0.13.7. However, 0.13.5 does not
support default rules, so we cannot use them to fix bug 76813.
This reverts commit 420184ad52 and
5e15c9c41f.
Closes GH-6593.
We avoid `YYCURSOR` becoming `NULL` by initializing `YYMARKER`, and add
a default rule for `<NORMAL>` where we catch unexpected input.
We also fix the only superficially related issue regarding empty input
followed by `T_SEPARATOR` and command, which caused another segfault.
Closes GH-6464.
This is an annoying edge case that regularly gets broken. As we're
not aware of significant users of this API, and there are other
ways to hook this, remove support for EXT_NOP.
Otherwise the assignment will have the same number as the default arm
which will 1. mis-trigger a breakpoint and 2. mark the line as covered
even when it isn't.
Closes GH-6083
While we limit the size of the main compilation input, the size
of eval inputs was not limited. This could result in stack
overflows, e.g. oss-fuzz #25464.
To perform fast shutdown without full table cleanup we need all
internal functions to be in one continuous chunk. This was
violated when functions were deleted via disable_functions.
This drops the zend_disable_function() API in favor of
zend_disable_functions(), which disables the given list of
functions and performs the necessary rehash afterwards.
Also drop PG(disabled_functions), which is no longer used.
This is an end-to-end fuzzer that executes arbitrary PHP code.
We replace the executor with a finite-step executor to avoid
getting stuck in loops or recursion.
The fpm code actually uses aa_change_profile(), not change_hat(). Test
for the correct function. (libapparmor always has both, so this is just
a correctness fix.)
Closes GH-6037.
The Apache MIME type map is not actively maintained anymore, so
this switches to jshttp/mime-db, which seems to be the de-facto
standard in this area now. This avoid the need to patch in our
own MIME types over time.
The preference algorithm is based on:
47b62ac45e/index.js (L154)
Closes GH-5764.
We might just want to drop this completely, but at least don't
enable it by default. It already gets disabled by a number of
SAPIs, but we should make that the default state.
