The array isn't just observable if the array has RCn, but also if it is inside a
reference that is RCn. By-ref parameters are always RCn and as such always
observable.
Fixes GH-13279
Closes GH-13285
Bumps the minimum required libcurl version to 7.61.0.
Please also see #4917, which bumped minimum libcurl version to the current >= 7.29.0.
This bumps the minimum requirement to Curl 7.61.0 (released 2018 Sept).
Ubuntu, Debian, RHEL, and RHEL derivatives have major and LTS version bumps this year. Following are the
libcurl-dev/libcurl-devel versions available in the oldest supported (LTS or otherwise) in major OSs.
- Debian buster: [7.64](https://packages.debian.org/buster/libcurl4-openssl-dev)
- Ubuntu 20.04: [7.68](https://packages.ubuntu.com/focal/libcurl-dev)
- CentOS/RHEL 7: 7.29
- RHEL 8/Rocky 8/EL 8: 7.61
- Fedora 38: 7.87
RHEL/CentOS 7 reaches EOL mid 2024, so for PHP 8.4 scheduled towards the end of this year, we can safely
bump the minimum libcurl version.
7.61.0 was selected as the new minimum because RHEL and derivatives have libcurl-devel version 7.61. RHEL 8 is
a current and supported RHEL version.
The `sync_constants.php` file uncovers constants present in libcurl source, but\
not present in PHP ext/curl source. There is a regular expression to match
Curl constants, but to it did not previously include `CURLE_*` and `CURLINFO_*`
constants, which PHP should expose as constants.
This updates the `sync_constants.php` file's constant filter regex to expose those
constants patterns as well. The new missing constants will be added in a later PR.
This also fixes skipped tests due to different naming "zend-test"
instead of "zend_test" and "PDO" instead of "pdo":
- ext/dom/tests/libxml_global_state_entity_loader_bypass.phpt
- ext/simplexml/tests/libxml_global_state_entity_loader_bypass.phpt
- ext/xmlreader/tests/libxml_global_state_entity_loader_bypass.phpt
- ext/zend_test/tests/observer_sqlite_create_function.phpt
EXTENSIONS section is used for the Windows build to load the non-static
extensions.
Closes GH-13276
As the `__construct()` implementation is engine-specific anyway, we know what
engine were dealing with and can just call the seeding function directly
instead of going through a function pointer.
This likely improves construction performance a little, but I did not measure.
These internal-only functions accepted a `php_random_status`, just to extract
the internal state from the `state` pointer. Make them take the state struct
directly to improve type safety.
bug#75721 patch from jonathan@tangential.ca.
MCAST_JOIN_GROUP/MCAST_LEAVE_GROUP socket option for the RFC 3678
support does not work on freebsd, using IP_ADD_MEMBERSHIP instead.
Since PHP 8.3, object handlers may be changed by setting
ce->default_object_handlers, rather than in ce->create_object. Some checks need
to be extended to check for the default handlers.
Closes GH-13272
* Fix GH-13193: Significant performance degradation in 'foreach' starting from PHP 8.2.13 (caused by garbage collection)
* Don't run zend_gc_remove_root_tmpvars() if GC is not active or GC buffer is empty
This syncs the installed sapi and extension headers on *nix and Windows
systems by installing only what is intended outside of php-src.
- ext/gd: without gd_arginfo.h and gd_compat.h
- ext/hash: php_hash_joaat.h and php_hash_fnv.h added also on Windows
installation; xxhash/xxhash.h added on both installations as it is
included in php_hash_xxhash.h; Include path for xxhash.h changed to
relative so the php_hash_xxhash.h can be included outside of php-src;
Redundant include flags removed
- ext/iconv: without iconv_arginfo.h
- ext/mysqli: mysqli_mysqlnd.h was missing on Windows
- ext/phar: php_phar.h was missing on Windows
- ext/sodium: php_libsodium.h was missing on *nix
- ext/xml: without xml_arginfo.h
- sapi/cli: cli.h was missing on Windows
Closes GH-13210
Closes GH-13213
libgd uses an incorrect absolute path check in gdft.c.
It checks if either the path starts with a '/' (only valid on Posix
btw), or whether it contains something of the form C:\ or C:/.
However, this overlooks the possibility of using UNC paths on Windows.
As we already do PHP-specific stuff with VCWD_ macros, use
IS_ABSOLUTE_PATH to check for an absolute path which will take into
account UNC paths as well.
Closes GH-13241.
The code currently assumes that the extra field length of the central
directory entry and the local entry are the same, but that's not the
case. For example, the "Extended Timestamp extra field" differs in size
for local vs central directory entries. This causes the file contents
offset to be incorrect because it is based on the central directory
length instead of the local entry length. Fix it by reading the local
entry and getting the size from there as well as checking consistency
for the file name length.
Closes GH-13045.
Add various tests showcasing the behavioural variations of different offset types used on various container types in all possible operations:
- Read
- Write
- Read Write
- Appending
- Unsetting
- Existence checks with isset()/empty/null coalesce operator
- Behaviour of nesting dimensions (e.g. $container[$offset1][$offset2])
Add a test to ensure compile time and runtime behaviour is identical for offsets.
Add an internal class that overloads the dimension object handlers to zend_test
When mbstring.encoding_translation=1, and PHP receives an (RFC1867)
form-based file upload, and the Content-Disposition HTTP header contains
a filename for the uploaded file, PHP will internally invoke mbstring
code to 1) try to auto-detect the text encoding of the filename, and if
that succeeds, 2) convert the filename to internal text encoding.
In such cases, the candidate text encodings which are considered during
"auto-detection" are those listed in the INI parameter
mbstring.http_input. Further, mbstring.http_input is one of the few
contexts where mbstring allows the magic string "pass" to appear in
place of an actual text encoding name.
Before mbstring's encoding auto-detection function was reimplemented,
the old implementation would never return "pass", even if "pass" was the
only candidate it was given to choose from. It is not clear if this was
intended by the original developers or not. This behavior was the result
of some rather subtle details of the implementation.
After mbstring's auto-detection function was reimplemented, if the new
implementation was given only one candidate to choose, and it was not
running in 'strict' mode, it would always return that candidate, even
if the candidate was the non-encoding "pass".
The upshot of all of this: Previously, if
mbstring.encoding_translation=1 and mbstring.http_input=pass, encoding
conversion of RFC1867 filenames would never be attempted. But after
the reimplementation, encoding 'conversion' would occur (uselessly).
Further, in December 2022, I reimplemented the relevant bit of
encoding conversion code. When doing this, I never bothered to
implement encoding/decoding routines for the non-encoding "pass",
because I thought that they would never be used. Well, in the one case
described above, those routines *would* have been used, had they
actually existed. Because they didn't exist, we get a nice NULL pointer
dereference and ensuing segfault instead.
Instead of 'fixing' this by adding encoding/decoding routines for the
non-encoding "pass", I have modified the function which the RFC1867
form-handling code invokes to auto-detect input encoding. This function
will never return "pass" now, just like the previous implementation.
Thanks to the GitHub user 'tstangner' for reporting this bug.
