Version in base suite: 8.2.26-1~deb12u1 Base version: php8.2_8.2.26-1~deb12u1 Target version: php8.2_8.2.28-1~deb12u1 Base file: /srv/ftp-master.debian.org/ftp/pool/main/p/php8.2/php8.2_8.2.26-1~deb12u1.dsc Target file: /srv/ftp-master.debian.org/policy/pool/main/p/php8.2/php8.2_8.2.28-1~deb12u1.dsc .circleci/config.yml | 1 .cirrus.yml | 29 .github/CODEOWNERS | 5 .github/actions/configure-gentoo/action.yml | 81 .github/actions/freebsd/action.yml | 104 + .github/actions/setup-windows/action.yml | 8 .github/actions/test-gentoo/action.yml | 34 .github/lsan-suppressions.txt | 1 .github/scripts/setup-slapd.sh | 6 .github/scripts/windows/test_task.bat | 3 .github/workflows/labeler.yml | 1 .github/workflows/nightly.yml | 101 - .github/workflows/push.yml | 10 .github/workflows/root.yml | 11 .github/workflows/windows-builds.yml | 23 NEWS | 111 + Zend/tests/gh16630.phpt | 19 Zend/tests/gh16799.phpt | 21 Zend/zend.h | 2 Zend/zend_API.c | 9 Zend/zend_alloc.c | 4 Zend/zend_compile.c | 14 Zend/zend_language_scanner.c | 2 Zend/zend_language_scanner.l | 2 Zend/zend_portability.h | 24 Zend/zend_strtod.c | 15 Zend/zend_virtual_cwd.h | 5 Zend/zend_vm_def.h | 10 Zend/zend_vm_execute.h | 30 build/genif.sh | 2 buildconf | 4 configure | 20 configure.ac | 2 debian/changelog | 16 debian/patches/0001-libtool_fixes.patch | 2 debian/patches/0002-debian_quirks.patch | 2 debian/patches/0004-extension_api.patch | 2 debian/patches/0024-php-5.4.9-fixheader.patch | 2 debian/patches/0030-Really-expand-libdir-datadir-into-EXPANDED_LIBDIR-DA.patch | 2 debian/patches/0041-Lower-the-OpenSSL-requirement-to-1.0.1.patch | 2 debian/patches/0043-Override-result-of-AC_PROG_LN_S-to-fix-FTBFS-on-ppc6.patch | 2 debian/patches/0046-Remove-timestamps-from-phar.patch | 2 debian/patches/0048-Revert-ext-gmp-gmp_pow-fix-FPE-with-large-values-pat.patch | 181 - debian/patches/series | 1 ext/calendar/gregor.c | 11 ext/calendar/tests/gh16235.phpt | 11 ext/calendar/tests/gh16834.phpt | 31 ext/com_dotnet/com_typeinfo.c | 2 ext/com_dotnet/tests/gh16991.phpt | 10 ext/curl/interface.c | 39 ext/curl/tests/curl_basic_022.phpt | 6 ext/date/tests/DatePeriod_no_advance_on_valid.phpt | 4 ext/dba/tests/dba_flatfile.phpt | 4 ext/dba/tests/dba_gdbm.phpt | 12 ext/dba/tests/dba_inifile.phpt | 8 ext/dba/tests/dba_ndbm.phpt | 12 ext/dba/tests/dba_qdbm.phpt | 8 ext/dba/tests/dba_tcadb.phpt | 4 ext/dba/tests/setup/setup_dba_tests.inc | 19 ext/dl_test/dl_test.c | 18 ext/dl_test/dl_test.stub.php | 4 ext/dl_test/dl_test_arginfo.h | 21 ext/dom/tests/DOMDocument_loadHTMLfile_variation1.phpt | 4 ext/dom/tests/bug69679.phpt | 4 ext/dom/tests/bug78025.phpt | 3 ext/dom/tests/bug80268_2.phpt | 7 ext/dom/tests/gh16535.phpt | 2 ext/dom/tests/ghsa-p3x9-6h7p-cgfc_001.phpt | 60 ext/dom/tests/ghsa-p3x9-6h7p-cgfc_002.phpt | 60 ext/dom/tests/ghsa-p3x9-6h7p-cgfc_003.phpt | 60 ext/fileinfo/tests/cve-2014-3538-mb.phpt | 2 ext/fileinfo/tests/cve-2014-3538-nojit.phpt | 6 ext/filter/logical_filters.c | 45 ext/gd/gd.c | 2 ext/gd/tests/gh16771.phpt | 10 ext/gmp/gmp.c | 13 ext/gmp/tests/gmp_pow.phpt | 2 ext/gmp/tests/gmp_pow_32bits.phpt | 77 ext/gmp/tests/gmp_pow_fpe.phpt | 35 ext/hash/hash.c | 4 ext/hash/tests/gh16711_1.phpt | 98 + ext/hash/tests/gh16711_2.phpt | 98 + ext/imap/php_imap.c | 16 ext/imap/php_imap.h | 2 ext/intl/tests/timezone_IDforWindowsID_basic2.phpt | 4 ext/ldap/tests/ldap_set_rebind_proc_basic.phpt | 5 ext/ldap/tests/ldap_unbind_variation.phpt | 5 ext/libxml/libxml.c | 71 ext/mysqli/tests/063.phpt | 4 ext/mysqli/tests/bug71863.phpt | 2 ext/mysqli/tests/bug73462.phpt | 7 ext/mysqli/tests/fake_server.inc | 38 ext/mysqli/tests/ghsa-h35g-vwh6-m678-auth-message.phpt | 9 ext/mysqli/tests/ghsa-h35g-vwh6-m678-def.phpt | 8 ext/mysqli/tests/ghsa-h35g-vwh6-m678-filename.phpt | 7 ext/mysqli/tests/ghsa-h35g-vwh6-m678-query-len-overflow.phpt | 7 ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-bit.phpt | 7 ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-date.phpt | 7 ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-datetime.phpt | 7 ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-double.phpt | 7 ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-float.phpt | 7 ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-int.phpt | 7 ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-no-space.phpt | 7 ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-string.phpt | 9 ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-time.phpt | 7 ext/mysqli/tests/mysqli_stmt_datatype_change.phpt | 4 ext/mysqli/tests/protocol_query_row_fetch_data.phpt | 9 ext/mysqli/tests/protocol_stmt_row_fetch_data.phpt | 7 ext/oci8/php_oci8_int.h | 2 ext/opcache/ZendAccelerator.c | 2 ext/opcache/jit/dynasm/dasm_x86.h | 7 ext/opcache/jit/zend_jit.c | 19 ext/opcache/jit/zend_jit.h | 2 ext/opcache/jit/zend_jit_arm64.dasc | 30 ext/opcache/jit/zend_jit_trace.c | 18 ext/opcache/jit/zend_jit_vm_helpers.c | 10 ext/opcache/jit/zend_jit_x86.dasc | 76 ext/opcache/tests/jit/assign_obj_005.phpt | 38 ext/opcache/tests/jit/gh16770.phpt | 39 ext/opcache/tests/jit/gh16829.phpt | 14 ext/opcache/tests/jit/gh16829_1.inc | 16 ext/opcache/tests/jit/gh16829_2.inc | 23 ext/opcache/tests/jit/gh9011.phpt | 27 ext/openssl/openssl.c | 38 ext/openssl/tests/ServerClientTestCase.inc | 65 ext/openssl/tests/bug46127.phpt | 7 ext/openssl/tests/bug48182.phpt | 7 ext/openssl/tests/bug54992.phpt | 9 ext/openssl/tests/bug62890.phpt | 8 ext/openssl/tests/bug65538_001.phpt | 7 ext/openssl/tests/bug65538_003.phpt | 7 ext/openssl/tests/bug65729.phpt | 12 ext/openssl/tests/bug68265.phpt | 8 ext/openssl/tests/bug68879.phpt | 8 ext/openssl/tests/bug68920.phpt | 8 ext/openssl/tests/bug69215.phpt | 8 ext/openssl/tests/bug72333.phpt | 7 ext/openssl/tests/bug73072.phpt | 8 ext/openssl/tests/bug74159.phpt | 8 ext/openssl/tests/bug76705.phpt | 7 ext/openssl/tests/bug77390.phpt | 18 ext/openssl/tests/capture_peer_cert_001.phpt | 7 ext/openssl/tests/gh10495.phpt | 18 ext/openssl/tests/gh13860.phpt | 7 ext/openssl/tests/gh9310.phpt | 23 ext/openssl/tests/openssl_csr_export_to_file_leak.phpt | 14 ext/openssl/tests/openssl_peer_fingerprint_basic.phpt | 10 ext/openssl/tests/openssl_pkey_export_to_file_leak.phpt | 15 ext/openssl/tests/openssl_pkey_export_to_file_object_to_string.phpt | 27 ext/openssl/tests/openssl_x509_export_to_file_leak.phpt | 14 ext/openssl/tests/peer_verification.phpt | 8 ext/openssl/tests/php_openssl_pkey_from_zval_leak.phpt | 23 ext/openssl/tests/san_ipv6_peer_matching.phpt | 10 ext/openssl/tests/san_peer_matching.phpt | 10 ext/openssl/tests/session_meta_capture.phpt | 8 ext/openssl/tests/session_meta_capture_tlsv13.phpt | 13 ext/openssl/tests/sni_server.phpt | 12 ext/openssl/tests/sni_server_key_cert.phpt | 12 ext/openssl/tests/stream_crypto_flags_001.phpt | 8 ext/openssl/tests/stream_crypto_flags_002.phpt | 8 ext/openssl/tests/stream_crypto_flags_003.phpt | 8 ext/openssl/tests/stream_crypto_flags_004.phpt | 8 ext/openssl/tests/stream_security_level.phpt | 9 ext/openssl/tests/stream_server_reneg_limit.phpt | 2 ext/openssl/tests/stream_verify_peer_name_001.phpt | 7 ext/openssl/tests/stream_verify_peer_name_002.phpt | 7 ext/openssl/tests/stream_verify_peer_name_003.phpt | 9 ext/openssl/tests/streams_crypto_method.phpt | 7 ext/openssl/tests/tls_min_v1.0_max_v1.1_wrapper.phpt | 18 ext/openssl/tests/tls_wrapper.phpt | 18 ext/openssl/tests/tls_wrapper_with_tls_v1.3.phpt | 20 ext/openssl/tests/tlsv1.0_wrapper.phpt | 12 ext/openssl/tests/tlsv1.1_wrapper.phpt | 12 ext/openssl/tests/tlsv1.2_wrapper.phpt | 12 ext/openssl/tests/tlsv1.3_wrapper.phpt | 12 ext/pdo/pdo_stmt.c | 18 ext/pdo/tests/gh16703.phpt | 48 ext/pdo_oci/php_pdo_oci_int.h | 9 ext/pgsql/tests/80_bug14383.phpt | 4 ext/phar/phar.c | 2 ext/phar/tar.c | 10 ext/phar/tests/033.phpt | 6 ext/phar/tests/tar/033.phpt | 6 ext/phar/tests/tar/gh16695_1.phpt | 28 ext/phar/tests/tar/gh16695_2.phpt | 26 ext/phar/tests/tar/gh16695_3.phpt | 26 ext/phar/tests/zip/033.phpt | 6 ext/simplexml/simplexml.c | 6 ext/simplexml/tests/bug51615.phpt | 7 ext/simplexml/tests/gh16808.phpt | 12 ext/snmp/snmp.c | 80 ext/snmp/tests/gh16959.phpt | 70 ext/snmp/tests/snmp-object-errno-errstr.phpt | 1 ext/snmp/tests/snmp-object-error.phpt | 1 ext/snmp/tests/snmp2_get.phpt | 1 ext/snmp/tests/snmp2_set-nomib.phpt | 1 ext/snmp/tests/snmp2_walk.phpt | 1 ext/snmp/tests/snmp3-error.phpt | 1 ext/snmp/tests/snmp_getvalue.phpt | 1 ext/snmp/tests/snmpget.phpt | 1 ext/snmp/tests/snmpset-nomib.phpt | 1 ext/snmp/tests/snmpwalk.phpt | 1 ext/soap/php_encoding.c | 9 ext/standard/array.c | 100 - ext/standard/http_fopen_wrapper.c | 443 +++- ext/standard/tests/array/gh16905.phpt | 92 ext/standard/tests/file/copy_variation5-win32.phpt | 16 ext/standard/tests/file/file_put_contents_variation7.phpt | 5 ext/standard/tests/file/parse_ini_file_variation6.phpt | 4 ext/standard/tests/file/rename_variation12-win32.phpt | 8 ext/standard/tests/file/rename_variation12.phpt | 8 ext/standard/tests/general_functions/gh17211.phpt | 42 ext/standard/tests/http/bug47021.phpt | 22 ext/standard/tests/http/bug75535.phpt | 4 ext/standard/tests/http/ghsa-52jp-hrpf-2jff-001.phpt | 58 ext/standard/tests/http/ghsa-52jp-hrpf-2jff-002.phpt | 55 ext/standard/tests/http/ghsa-hgf5-96fm-v528-001.phpt | 65 ext/standard/tests/http/ghsa-hgf5-96fm-v528-002.phpt | 62 ext/standard/tests/http/ghsa-hgf5-96fm-v528-003.phpt | 64 ext/standard/tests/http/ghsa-pcmh-g36c-qc44-001.phpt | 51 ext/standard/tests/http/ghsa-pcmh-g36c-qc44-002.phpt | 51 ext/standard/tests/http/ghsa-v8xr-gpvj-cx9g-001.phpt | 49 ext/standard/tests/http/ghsa-v8xr-gpvj-cx9g-002.phpt | 51 ext/standard/tests/http/ghsa-v8xr-gpvj-cx9g-003.phpt | 49 ext/standard/tests/http/ghsa-v8xr-gpvj-cx9g-004.phpt | 48 ext/standard/tests/http/ghsa-v8xr-gpvj-cx9g-005.phpt | 48 ext/standard/tests/http/http_response_header_05.phpt | 30 ext/standard/tests/network/bug20134.phpt | 2 ext/standard/tests/streams/gh15937.phpt | 12 ext/standard/tests/streams/stream_context_tcp_nodelay_server.phpt | 41 ext/xml/tests/toffset_bounds.phpt | 42 ext/xml/xml.c | 12 ext/zend_test/test.c | 7 ext/zend_test/tests/gh16908.phpt | 20 main/main.c | 3 main/network.c | 108 - main/php_version.h | 6 main/rfc1867.c | 2 pear/install-pear-nozlib.phar | 934 +++++----- sapi/fpm/fpm/fpm_status.c | 5 sapi/fpm/tests/gh16432-status-high-nprocs.phpt | 46 sapi/fpm/tests/gh16628.phpt | 2 sapi/phpdbg/phpdbg.c | 1 sapi/phpdbg/tests/gh15208.phpt | 15 scripts/dev/credits | 2 scripts/dev/genfiles | 2 scripts/dev/makedist | 2 tests/basic/gh16998.phpt | 49 win32/build/phpize.js.in | 1 249 files changed, 4410 insertions(+), 1697 deletions(-) diff -Nru php8.2-8.2.26/.circleci/config.yml php8.2-8.2.28/.circleci/config.yml --- php8.2-8.2.26/.circleci/config.yml 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/.circleci/config.yml 2025-03-11 17:58:12.000000000 +0000 @@ -166,6 +166,7 @@ `#--enable-werror` - run: name: make + no_output_timeout: 30m command: make -j2 > /dev/null - run: name: make install diff -Nru php8.2-8.2.26/.cirrus.yml php8.2-8.2.28/.cirrus.yml --- php8.2-8.2.26/.cirrus.yml 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/.cirrus.yml 1970-01-01 00:00:00.000000000 +0000 @@ -1,29 +0,0 @@ -env: - CIRRUS_CLONE_DEPTH: 1 - -freebsd_task: - name: FREEBSD_DEBUG_NTS - skip: "changesIncludeOnly('NEWS', 'EXTENSIONS', 'UPGRADING', 'UPGRADING.INTERNALS', '**.md', 'docs/*', 'docs-old/*', '**/README.*', 'CONTRIBUTING.md', 'CODING_STANDARDS.md')" - freebsd_instance: - image_family: freebsd-13-3 - env: - ARCH: amd64 - install_script: - #- sed -i -e 's/quarterly/latest/g' /etc/pkg/FreeBSD.conf - #- pkg upgrade -y - - kldload accf_http - - pkg install -y autoconf bison gmake re2c icu libiconv png freetype2 enchant2 bzip2 krb5 t1lib gmp tidyp libsodium libzip libxml2 libxslt openssl oniguruma pkgconf webp libavif - script: - - ./buildconf -f - - ./configure --prefix=/usr/local --enable-debug --enable-option-checking=fatal --enable-fpm --with-pdo-sqlite --without-pear --with-bz2 --with-avif --with-jpeg --with-webp --with-freetype --enable-gd --enable-exif --with-zip --with-zlib --enable-soap --enable-xmlreader --with-xsl --with-libxml --enable-shmop --enable-pcntl --enable-mbstring --with-curl --enable-sockets --with-openssl --with-iconv=/usr/local --enable-bcmath --enable-calendar --enable-ftp --with-kerberos --with-ffi --enable-zend-test --enable-dl-test=shared --enable-intl --with-mhash --with-sodium --with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d - - gmake -j2 - - mkdir /etc/php.d - - gmake install - - echo opcache.enable_cli=1 > /etc/php.d/opcache.ini - - echo opcache.protect_memory=1 >> /etc/php.d/opcache.ini - # Specify opcache.preload_user as we're running as root. - - echo opcache.preload_user=root >> /etc/php.d/opcache.ini - tests_script: - - export SKIP_IO_CAPTURE_TESTS=1 - - export CI_NO_IPV6=1 - - sapi/cli/php run-tests.php -P -q -j2 -g FAIL,BORK,LEAK,XLEAK --no-progress --offline --show-diff --show-slow 1000 --set-timeout 120 -d zend_extension=opcache.so diff -Nru php8.2-8.2.26/.github/CODEOWNERS php8.2-8.2.28/.github/CODEOWNERS --- php8.2-8.2.26/.github/CODEOWNERS 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/.github/CODEOWNERS 2025-03-11 17:58:12.000000000 +0000 @@ -30,7 +30,8 @@ /ext/json @bukka /ext/libxml @nielsdos /ext/mbstring @alexdowad @youkidearitai -/ext/mysqlnd @SakiTakamachi +/ext/mysqli @bukka @kamil-tekiela +/ext/mysqlnd @bukka @kamil-tekiela @SakiTakamachi /ext/odbc @NattyNarwhal /ext/opcache @dstogov /ext/openssl @bukka @@ -38,7 +39,7 @@ /ext/pdo @SakiTakamachi /ext/pdo_dblib @SakiTakamachi /ext/pdo_firebird @SakiTakamachi -/ext/pdo_mysql @SakiTakamachi +/ext/pdo_mysql @kamil-tekiela @SakiTakamachi /ext/pdo_odbc @NattyNarwhal @SakiTakamachi /ext/pdo_pgsql @devnexen @SakiTakamachi /ext/pdo_sqlite @SakiTakamachi diff -Nru php8.2-8.2.26/.github/actions/configure-gentoo/action.yml php8.2-8.2.28/.github/actions/configure-gentoo/action.yml --- php8.2-8.2.26/.github/actions/configure-gentoo/action.yml 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/.github/actions/configure-gentoo/action.yml 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,81 @@ +name: ./configure +inputs: + configurationParameters: + default: '' + required: false + skipSlow: + default: false + required: false +runs: + using: composite + steps: + - shell: bash + run: | + set -x + ./buildconf --force + ./configure \ + --enable-option-checking=fatal \ + --prefix=/usr \ + --with-libdir=lib64 \ + --enable-phpdbg \ + --enable-fpm \ + --with-pdo-mysql=mysqlnd \ + --with-mysqli=mysqlnd \ + ${{ inputs.skipSlow == 'false' && '--with-pgsql' || '' }} \ + ${{ inputs.skipSlow == 'false' && '--with-pdo-pgsql' || '' }} \ + ${{ inputs.skipSlow == 'false' && '--with-pdo-sqlite' || '' }} \ + --enable-intl \ + --without-pear \ + --enable-gd \ + --with-jpeg \ + --with-webp \ + --with-freetype \ + --with-xpm \ + --enable-exif \ + --with-zip \ + --with-zlib \ + --enable-soap \ + --enable-xmlreader \ + --with-xsl \ + ${{ inputs.skipSlow == 'false' && '--with-tidy' || '' }} \ + --enable-sysvsem \ + --enable-sysvshm \ + --enable-shmop \ + --enable-pcntl \ + --with-readline \ + --enable-mbstring \ + --with-iconv \ + --with-curl \ + --with-gettext \ + --enable-sockets \ + --with-bz2 \ + --with-openssl \ + --with-gmp \ + --enable-bcmath \ + --enable-calendar \ + --enable-ftp \ + ${{ inputs.skipSlow == 'false' && '--with-enchant=/usr' || '' }} \ + --enable-sysvmsg \ + --with-ffi \ + --enable-zend-test \ + ${{ inputs.skipSlow == 'false' && '--enable-dl-test=shared' || '' }} \ + ${{ inputs.skipSlow == 'false' && '--with-ldap' || '' }} \ + ${{ inputs.skipSlow == 'false' && '--with-ldap-sasl' || '' }} \ + --with-password-argon2 \ + --with-mhash \ + --with-sodium \ + --enable-dba \ + --with-cdb \ + --enable-flatfile \ + --enable-inifile \ + --with-tcadb \ + --with-lmdb \ + --with-qdbm \ + ${{ inputs.skipSlow == 'false' && '--with-snmp' || '' }} \ + ${{ inputs.skipSlow == 'false' && '--with-unixODBC' || '' }} \ + ${{ inputs.skipSlow == 'false' && '--with-pdo-odbc=unixODBC,/usr' || '' }} \ + --with-config-file-path=/etc \ + --with-config-file-scan-dir=/etc/php.d \ + ${{ inputs.skipSlow == 'false' && '--with-pdo-dblib' || '' }} \ + --enable-werror \ + ${{ inputs.configurationParameters }} || cat config.log diff -Nru php8.2-8.2.26/.github/actions/freebsd/action.yml php8.2-8.2.28/.github/actions/freebsd/action.yml --- php8.2-8.2.26/.github/actions/freebsd/action.yml 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/.github/actions/freebsd/action.yml 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,104 @@ +name: FreeBSD +runs: + using: composite + steps: + - name: FreeBSD + uses: vmactions/freebsd-vm@v1 + with: + release: '13.3' + usesh: true + copyback: false + # Temporarily disable sqlite, as FreeBSD ships it with disabled double quotes. We'll need to fix our tests. + # https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=269889 + prepare: | + cd $GITHUB_WORKSPACE + + kldload accf_http + pkg install -y \ + autoconf \ + bison \ + gmake \ + re2c \ + icu \ + libiconv \ + png \ + freetype2 \ + enchant2 \ + bzip2 \ + t1lib \ + gmp \ + tidyp \ + libsodium \ + libzip \ + libxml2 \ + libxslt \ + openssl \ + oniguruma \ + pkgconf \ + webp \ + libavif \ + `#sqlite3` \ + curl + + ./buildconf -f + ./configure \ + --prefix=/usr/local \ + --enable-debug \ + --enable-option-checking=fatal \ + --enable-fpm \ + `#--with-pdo-sqlite` \ + --without-sqlite3 \ + --without-pdo-sqlite \ + --without-pear \ + --with-bz2 \ + --with-avif \ + --with-jpeg \ + --with-webp \ + --with-freetype \ + --enable-gd \ + --enable-exif \ + --with-zip \ + --with-zlib \ + --enable-soap \ + --enable-xmlreader \ + --with-xsl \ + --with-libxml \ + --enable-shmop \ + --enable-pcntl \ + --enable-mbstring \ + --with-curl \ + --enable-sockets \ + --with-openssl \ + --with-iconv=/usr/local \ + --enable-bcmath \ + --enable-calendar \ + --enable-ftp \ + --with-ffi \ + --enable-zend-test \ + --enable-dl-test=shared \ + --enable-intl \ + --with-mhash \ + --with-sodium \ + --with-config-file-path=/etc \ + --with-config-file-scan-dir=/etc/php.d + gmake -j2 + mkdir /etc/php.d + gmake install > /dev/null + echo opcache.enable_cli=1 > /etc/php.d/opcache.ini + echo opcache.protect_memory=1 >> /etc/php.d/opcache.ini + echo opcache.preload_user=root >> /etc/php.d/opcache.ini + run: | + cd $GITHUB_WORKSPACE + + export SKIP_IO_CAPTURE_TESTS=1 + export CI_NO_IPV6=1 + export STACK_LIMIT_DEFAULTS_CHECK=1 + sapi/cli/php run-tests.php \ + -P -q -j2 \ + -g FAIL,BORK,LEAK,XLEAK \ + --no-progress \ + --offline \ + --show-diff \ + --show-slow 1000 \ + --set-timeout 120 \ + -d zend_extension=opcache.so diff -Nru php8.2-8.2.26/.github/actions/setup-windows/action.yml php8.2-8.2.28/.github/actions/setup-windows/action.yml --- php8.2-8.2.26/.github/actions/setup-windows/action.yml 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/.github/actions/setup-windows/action.yml 2025-03-11 17:58:12.000000000 +0000 @@ -3,10 +3,12 @@ using: composite steps: - name: Setup MySQL - shell: pwsh + shell: cmd run: | - choco install mysql -y --no-progress --params="/port:3306" - mysql.exe --port=3306 --user=root --password="" -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'Password12!'; FLUSH PRIVILEGES;" + mysqld --initialize-insecure + mysqld --install + net start MySQL + mysql --port=3306 --user=root --password="" -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'Password12!'; FLUSH PRIVILEGES;" - name: Setup MSSQL shell: pwsh run: | diff -Nru php8.2-8.2.26/.github/actions/test-gentoo/action.yml php8.2-8.2.28/.github/actions/test-gentoo/action.yml --- php8.2-8.2.26/.github/actions/test-gentoo/action.yml 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/.github/actions/test-gentoo/action.yml 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,34 @@ +name: Test +inputs: + runTestsParameters: + default: '' + required: false +runs: + using: composite + steps: + - shell: bash + run: | + set -x + # XXX: Set up other database tests? + # XXX: These tests are not running containerized + export MYSQL_TEST_USER=ci + export MYSQL_TEST_PASSWD=ci + if [[ -z "$PDO_MYSQL_TEST_DSN" ]]; then + export PDO_MYSQL_TEST_DSN="mysql:host=localhost;dbname=test" + fi + export PDO_MYSQL_TEST_USER=ci + export PDO_MYSQL_TEST_PASS=ci + export PGSQL_TEST_CONNSTR="host=localhost dbname=test port=5432 user=ci password=ci" + if [[ -z "$PDO_PGSQL_TEST_DSN" ]]; then + export PDO_PGSQL_TEST_DSN="pgsql:host=localhost port=5432 dbname=test user=ci password=ci" + fi + # Slow tests criteron is doubled because this runner isn't as fast as others + export SKIP_IO_CAPTURE_TESTS=1 + export STACK_LIMIT_DEFAULTS_CHECK=1 + sapi/cli/php run-tests.php -P -q ${{ inputs.runTestsParameters }} \ + -j$(nproc) \ + -g FAIL,BORK,LEAK,XLEAK \ + --no-progress \ + --show-diff \ + --show-slow 2000 \ + --set-timeout 120 diff -Nru php8.2-8.2.26/.github/lsan-suppressions.txt php8.2-8.2.28/.github/lsan-suppressions.txt --- php8.2-8.2.26/.github/lsan-suppressions.txt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/.github/lsan-suppressions.txt 2025-03-11 17:58:12.000000000 +0000 @@ -1 +1,2 @@ leak:acommon::DictInfoList::elements +leak:netsnmp_init_mib_internals diff -Nru php8.2-8.2.26/.github/scripts/setup-slapd.sh php8.2-8.2.28/.github/scripts/setup-slapd.sh --- php8.2-8.2.26/.github/scripts/setup-slapd.sh 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/.github/scripts/setup-slapd.sh 2025-03-11 17:58:12.000000000 +0000 @@ -1,5 +1,5 @@ #!/bin/sh -set -ex +set -e # Create TLS certificate sudo mkdir -p /etc/ldap/ssl @@ -42,7 +42,9 @@ # Configure LDAP database. DBDN=`sudo ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=config '(&(olcRootDN=*)(olcSuffix=*))' dn | grep -i '^dn:' | sed -e 's/^dn:\s*//'`; -sudo ldapadd -Q -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/ppolicy.ldif +if test -f "/etc/ldap/schema/ppolicy.ldif"; then + sudo ldapadd -Q -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/ppolicy.ldif +fi sudo ldapmodify -Q -Y EXTERNAL -H ldapi:/// << EOF dn: $DBDN diff -Nru php8.2-8.2.26/.github/scripts/windows/test_task.bat php8.2-8.2.28/.github/scripts/windows/test_task.bat --- php8.2-8.2.26/.github/scripts/windows/test_task.bat 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/.github/scripts/windows/test_task.bat 2025-03-11 17:58:12.000000000 +0000 @@ -126,8 +126,9 @@ echo extension_dir=%PHP_BUILD_DIR% > %PHP_BUILD_DIR%\php.ini echo opcache.file_cache=%PHP_BUILD_DIR%\test_file_cache >> %PHP_BUILD_DIR%\php.ini if "%OPCACHE%" equ "1" echo zend_extension=php_opcache.dll >> %PHP_BUILD_DIR%\php.ini -rem work-around for some spawned PHP processes requiring OpenSSL +rem work-around for some spawned PHP processes requiring OpenSSL and sockets echo extension=php_openssl.dll >> %PHP_BUILD_DIR%\php.ini +echo extension=php_sockets.dll >> %PHP_BUILD_DIR%\php.ini rem remove ext dlls for which tests are not supported for %%i in (ldap oci8_12c pdo_oci) do ( diff -Nru php8.2-8.2.26/.github/workflows/labeler.yml php8.2-8.2.28/.github/workflows/labeler.yml --- php8.2-8.2.26/.github/workflows/labeler.yml 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/.github/workflows/labeler.yml 2025-03-11 17:58:12.000000000 +0000 @@ -4,6 +4,7 @@ jobs: triage: + if: github.repository == 'php/php-src' permissions: contents: read pull-requests: write diff -Nru php8.2-8.2.26/.github/workflows/nightly.yml php8.2-8.2.28/.github/workflows/nightly.yml --- php8.2-8.2.26/.github/workflows/nightly.yml 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/.github/workflows/nightly.yml 2025-03-11 17:58:12.000000000 +0000 @@ -17,6 +17,9 @@ run_alpine: required: true type: boolean + run_linux_ppc64: + required: true + type: boolean run_macos_arm64: required: true type: boolean @@ -26,9 +29,53 @@ windows_version: required: true type: string + skip_symfony: + required: true + type: boolean + skip_wordpress: + required: true + type: boolean permissions: contents: read jobs: + LINUX_PPC64: + if: inputs.run_linux_ppc64 + name: LINUX_PPC64_ASAN_UBSAN_DEBUG_ZTS + # This runs on a self-hosted runner; see https://wiki.php.net/systems/ci + runs-on: [self-hosted, gentoo, ppc64] + steps: + - name: git checkout + uses: actions/checkout@v4 + with: + ref: ${{ inputs.branch }} + - name: System info + run: | + echo "::group::Show host CPU info" + lscpu + echo "::endgroup::" + echo "::group::Show installed packages" + cat /var/lib/portage/world + echo "::endgroup::" + - name: ./configure + uses: ./.github/actions/configure-gentoo + with: + configurationParameters: >- + CFLAGS="-fsanitize=undefined,address -fno-sanitize=function -DZEND_TRACK_ARENA_ALLOC" + LDFLAGS="-fsanitize=undefined,address -fno-sanitize=function" + CC=clang-17 + CXX=clang++-17 + --enable-debug + --enable-zts + skipSlow: false # FIXME: This should likely include slow extensions + - name: make + run: make -j$(/usr/bin/nproc) >/dev/null + # Skip an install action for now + - name: Tests + uses: ./.github/actions/test-gentoo + # There is no PPC JIT, so rip this out + with: + runTestsParameters: >- + --asan -x ALPINE: if: inputs.run_alpine name: ALPINE_X64_ASAN_UBSAN_DEBUG_ZTS @@ -227,6 +274,8 @@ runs-on: ubuntu-latest container: image: ubuntu:${{ inputs.ubuntu_version }} + env: + PDO_FIREBIRD_TEST_DSN: firebird:dbname=firebird:test.fdb services: mysql: image: mysql:8.3 @@ -235,6 +284,15 @@ env: MYSQL_DATABASE: test MYSQL_ROOT_PASSWORD: root + firebird: + image: jacobalberty/firebird + ports: + - 3050:3050 + env: + ISC_PASSWORD: test + FIREBIRD_DATABASE: test.fdb + FIREBIRD_USER: test + FIREBIRD_PASSWORD: test steps: - name: git checkout uses: actions/checkout@v4 @@ -410,7 +468,7 @@ -d zend_extension=opcache.so -d opcache.enable_cli=1 - uses: codecov/codecov-action@v4 - if: always() + if: ${{ !cancelled() }} with: fail_ci_if_error: true token: ${{ secrets.CODECOV_TOKEN }} @@ -483,7 +541,7 @@ echo opcache.jit_hot_side_exit=1 >> /etc/php.d/opcache.ini php -v - name: Test AMPHP - if: always() + if: ${{ !cancelled() }} run: | repositories="amp cache dns file http parallel parser pipeline process serialization socket sync websocket-client websocket-server" X=0 @@ -501,9 +559,9 @@ done exit $X - name: Test Laravel - if: always() + if: ${{ !cancelled() }} run: | - git clone https://github.com/laravel/framework.git --branch=master --depth=1 + git clone https://github.com/laravel/framework.git --depth=1 cd framework git rev-parse HEAD php /usr/bin/composer install --no-progress --ignore-platform-reqs @@ -514,7 +572,7 @@ exit 1 fi - name: Test ReactPHP - if: always() + if: ${{ !cancelled() }} run: | repositories="async cache child-process datagram dns event-loop promise promise-stream promise-timer stream" X=0 @@ -532,7 +590,7 @@ done exit $X - name: Test Revolt PHP - if: always() + if: ${{ !cancelled() }} run: | git clone https://github.com/revoltphp/event-loop.git --depth=1 cd event-loop @@ -543,7 +601,7 @@ exit 1 fi - name: Test Symfony - if: always() + if: ${{ !cancelled() && !inputs.skip_symfony }} run: | git clone https://github.com/symfony/symfony.git --depth=1 cd symfony @@ -564,7 +622,7 @@ done exit $X - name: Test PHPUnit - if: always() + if: ${{ !cancelled() }} run: | git clone https://github.com/sebastianbergmann/phpunit.git --branch=main --depth=1 cd phpunit @@ -575,7 +633,7 @@ exit 1 fi - name: 'Symfony Preloading' - if: always() + if: ${{ !cancelled() && !inputs.skip_symfony }} run: | php /usr/bin/composer create-project symfony/symfony-demo symfony_demo --no-progress --ignore-platform-reqs cd symfony_demo @@ -583,7 +641,7 @@ sed -i 's/PHP_SAPI/"cli-server"/g' var/cache/dev/App_KernelDevDebugContainer.preload.php php -d opcache.preload=var/cache/dev/App_KernelDevDebugContainer.preload.php public/index.php - name: Test Wordpress - if: always() + if: ${{ !cancelled() && !inputs.skip_wordpress }} run: | git clone https://github.com/WordPress/wordpress-develop.git wordpress --depth=1 cd wordpress @@ -814,12 +872,14 @@ with: withMysqli: ${{ inputs.libmysqlclient_with_mysqli }} - name: Build mysql-8.4 + if: ${{ !inputs.libmysqlclient_with_mysqli }} uses: ./.github/actions/build-libmysqlclient with: configurationParameters: ${{ !inputs.libmysqlclient_with_mysqli && '--enable-werror' || '' }} libmysql: mysql-8.4.0-linux-glibc2.28-x86_64.tar.xz withMysqli: ${{ inputs.libmysqlclient_with_mysqli }} - name: Test mysql-8.4 + if: ${{ !inputs.libmysqlclient_with_mysqli }} uses: ./.github/actions/test-libmysqlclient with: withMysqli: ${{ inputs.libmysqlclient_with_mysqli }} @@ -950,10 +1010,18 @@ - x64: true zts: true opcache: true + asan: false - x64: false zts: false opcache: false - name: "WINDOWS_${{ matrix.x64 && 'X64' || 'X86' }}_${{ matrix.zts && 'ZTS' || 'NTS' }}" + asan: false + - x64: true + zts: true + opcache: true + asan: true + branch: 'master' + timeout: 120 + name: "WINDOWS_${{ matrix.x64 && 'X64' || 'X86' }}_${{ matrix.zts && 'ZTS' || 'NTS' }}${{ matrix.asan && '_ASAN' || ''}}" runs-on: windows-${{ inputs.windows_version }} env: PHP_BUILD_CACHE_BASE_DIR: C:\build-cache @@ -966,6 +1034,7 @@ INTRINSICS: "${{ matrix.zts && 'AVX2' || '' }}" PARALLEL: -j2 OPCACHE: "${{ matrix.opcache && '1' || '0' }}" + ASAN: "${{ matrix.asan && '1' || '0' }}" steps: - name: git config run: git config --global core.autocrlf false && git config --global core.eol lf @@ -979,3 +1048,13 @@ run: .github/scripts/windows/build.bat - name: Test run: .github/scripts/windows/test.bat + FREEBSD: + name: FREEBSD + runs-on: ubuntu-latest + steps: + - name: git checkout + uses: actions/checkout@v4 + with: + ref: ${{ inputs.branch }} + - name: FreeBSD + uses: ./.github/actions/freebsd diff -Nru php8.2-8.2.26/.github/workflows/push.yml php8.2-8.2.28/.github/workflows/push.yml --- php8.2-8.2.26/.github/workflows/push.yml 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/.github/workflows/push.yml 2025-03-11 17:58:12.000000000 +0000 @@ -69,7 +69,7 @@ - debug: false zts: true name: "LINUX_X64_${{ matrix.debug && 'DEBUG' || 'RELEASE' }}_${{ matrix.zts && 'ZTS' || 'NTS' }}" - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 steps: - name: git checkout uses: actions/checkout@v4 @@ -217,3 +217,11 @@ run: .github/scripts/windows/build.bat - name: Test run: .github/scripts/windows/test.bat + FREEBSD: + name: FREEBSD + runs-on: ubuntu-latest + steps: + - name: git checkout + uses: actions/checkout@v4 + - name: FreeBSD + uses: ./.github/actions/freebsd diff -Nru php8.2-8.2.26/.github/workflows/root.yml php8.2-8.2.28/.github/workflows/root.yml --- php8.2-8.2.26/.github/workflows/root.yml 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/.github/workflows/root.yml 2025-03-11 17:58:12.000000000 +0000 @@ -46,12 +46,19 @@ matrix: branch: ${{ fromJson(needs.GENERATE_MATRIX.outputs.branches) }} with: - asan_ubuntu_version: '20.04' + asan_ubuntu_version: ${{ + (((matrix.branch.version[0] == 8 && matrix.branch.version[1] >= 5) || matrix.branch.version[0] >= 9) && '24.04') + || '22.04' }} branch: ${{ matrix.branch.ref }} community_verify_type_inference: ${{ (matrix.branch.version[0] == 8 && matrix.branch.version[1] >= 4) || matrix.branch.version[0] >= 9 }} libmysqlclient_with_mysqli: ${{ (matrix.branch.version[0] == 8 && matrix.branch.version[1] == 1) }} run_alpine: ${{ (matrix.branch.version[0] == 8 && matrix.branch.version[1] >= 4) || matrix.branch.version[0] >= 9 }} + run_linux_ppc64: ${{ (matrix.branch.version[0] == 8 && matrix.branch.version[1] >= 4) || matrix.branch.version[0] >= 9 }} run_macos_arm64: ${{ (matrix.branch.version[0] == 8 && matrix.branch.version[1] >= 4) || matrix.branch.version[0] >= 9 }} - ubuntu_version: ${{ ((matrix.branch.version[0] == 8 && matrix.branch.version[1] >= 3) || matrix.branch.version[0] >= 9) && '22.04' || '20.04' }} + ubuntu_version: ${{ + (((matrix.branch.version[0] == 8 && matrix.branch.version[1] >= 5) || matrix.branch.version[0] >= 9) && '24.04') + || '22.04' }} windows_version: ${{ ((matrix.branch.version[0] == 8 && matrix.branch.version[1] >= 4) || matrix.branch.version[0] >= 9) && '2022' || '2019' }} + skip_symfony: ${{ matrix.branch.version[0] == 8 && matrix.branch.version[1] == 1 }} + skip_wordpress: ${{ matrix.branch.version[0] == 8 && matrix.branch.version[1] == 1 }} secrets: inherit diff -Nru php8.2-8.2.26/.github/workflows/windows-builds.yml php8.2-8.2.28/.github/workflows/windows-builds.yml --- php8.2-8.2.26/.github/workflows/windows-builds.yml 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/.github/workflows/windows-builds.yml 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,23 @@ +name: Windows builds +run-name: Windows builds for ${{ inputs.tag || github.ref_name }} +on: + push: + tags: + - 'php-*' + workflow_dispatch: + inputs: + tag: + description: 'Tag version' + required: true + +jobs: + publish: + runs-on: ubuntu-latest + name: Build + steps: + - name: Build + env: + GITHUB_TOKEN: ${{ secrets.WINDOWS_BUILDS_TOKEN }} + run: | + TAG="${{ inputs.tag || github.ref_name }}" + gh workflow run php.yml -R php/php-windows-builder -f php-version="${TAG#php-}" diff -Nru php8.2-8.2.26/NEWS php8.2-8.2.28/NEWS --- php8.2-8.2.26/NEWS 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/NEWS 2025-03-11 17:58:12.000000000 +0000 @@ -1,5 +1,110 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| +13 Mar 2025, PHP 8.2.28 + +- Core: + . Fixed bug GH-17211 (observer segfault on function loaded with dl()). + (Arnaud) + +- LibXML: + . Fixed GHSA-wg4p-4hqh-c3g9 (Reocurrence of #72714). (nielsdos) + . Fixed GHSA-p3x9-6h7p-cgfc (libxml streams use wrong `content-type` header + when requesting a redirected resource). (CVE-2025-1219) (timwolla) + +- Streams: + . Fixed GHSA-hgf54-96fm-v528 (Stream HTTP wrapper header check might omit + basic auth header). (CVE-2025-1736) (Jakub Zelenka) + . Fixed GHSA-52jp-hrpf-2jff (Stream HTTP wrapper truncate redirect location + to 1024 bytes). (CVE-2025-1861) (Jakub Zelenka) + . Fixed GHSA-pcmh-g36c-qc44 (Streams HTTP wrapper does not fail for headers + without colon). (CVE-2025-1734) (Jakub Zelenka) + . Fixed GHSA-v8xr-gpvj-cx9g (Header parser of `http` stream wrapper does not + handle folded headers). (CVE-2025-1217) (Jakub Zelenka) + +- Windows: + . Fixed phpize for Windows 11 (24H2). (bwoebi) + +19 Dec 2024, PHP 8.2.27 + +- Calendar: + . Fixed jdtogregorian overflow. (David Carlier) + . Fixed cal_to_jd julian_days argument overflow. (David Carlier) + +- COM: + . Fixed bug GH-16991 (Getting typeinfo of non DISPATCH variant segfaults). + (cmb) + +- Core: + . Fail early in *nix configuration build script. (hakre) + . Fixed bug GH-16727 (Opcache bad signal 139 crash in ZTS bookworm + (frankenphp)). (nielsdos) + . Fixed bug GH-16799 (Assertion failure at Zend/zend_vm_execute.h:7469). + (nielsdos) + . Fixed bug GH-16630 (UAF in lexer with encoding translation and heredocs). + (nielsdos) + . Fix is_zend_ptr() huge block comparison. (nielsdos) + . Fixed potential OOB read in zend_dirname() on Windows. (cmb) + +- Curl: + . Fix various memory leaks in curl mime handling. (nielsdos) + +- FPM: + . Fixed GH-16432 (PHP-FPM 8.2 SIGSEGV in fpm_get_status). (Jakub Zelenka) + +- GD: + . Fixed GH-16776 (imagecreatefromstring overflow). (David Carlier) + +- GMP: + . Revert gmp_pow() overly restrictive overflow checks. + (David Carlier) + +- Hash: + . Fixed GH-16711: Segfault in mhash(). (Girgias) + +- Opcache: + . Fixed bug GH-16770 (Tracing JIT type mismatch when returning UNDEF). + (nielsdos, Dmitry) + . Fixed bug GH-16851 (JIT_G(enabled) not set correctly on other threads). + (dktapps) + . Fixed bug GH-16902 (Set of opcache tests fail zts+aarch64). (nielsdos) + +- OpenSSL: + . Prevent unexpected array entry conversion when reading key. (nielsdos) + . Fix various memory leaks related to openssl exports. (nielsdos) + . Fix memory leak in php_openssl_pkey_from_zval(). (nielsdos) + +- PDO: + . Fixed memory leak of `setFetchMode()`. (SakiTakamachi) + +- Phar: + . Fixed bug GH-16695 (phar:// tar parser and zero-length file header blocks). + (nielsdos, Hans Krentel) + +- PHPDBG: + . Fixed bug GH-15208 (Segfault with breakpoint map and phpdbg_clear()). + (nielsdos) + +- SAPI: + . Fixed bug GH-16998 (UBSAN warning in rfc1867). (nielsdos) + +- SimpleXML: + . Fixed bug GH-16808 (Segmentation fault in RecursiveIteratorIterator + ->current() with a xml element input). (nielsdos) + +- SNMP: + . Fixed bug GH-16959 (snmget modifies the object_id array). + (David Carlier) + +- Standard: + . Fixed bug GH-16905 (Internal iterator functions can't handle UNDEF + properties). (nielsdos) + +- Streams: + . Fixed network connect poll interuption handling. (Jakub Zelenka) + +- Windows: + . Fixed bug GH-16849 (Error dialog causes process to hang). (cmb) + 21 Nov 2024, PHP 8.2.26 - CLI: @@ -22,6 +127,8 @@ . Fixed bug GH-16508 (Incorrect line number in inheritance errors of delayed early bound classes). (ilutov) . Fixed bug GH-16648 (Use-after-free during array sorting). (ilutov) + . Fixed bug GH-15915 (overflow with a high value for precision INI). + (David Carlier / cmb) - Curl: . Fixed bug GH-16302 (CurlMultiHandle holds a reference to CurlHandle if @@ -69,13 +176,9 @@ (nielsdos) - GMP: - . Fixed floating point exception bug with gmp_pow when using - large exposant values. (David Carlier). . Fixed bug GH-16411 (gmp_export() can cause overflow). (cmb) . Fixed bug GH-16501 (gmp_random_bits() can cause overflow). (David Carlier) - . Fixed gmp_pow() overflow bug with large base/exponents. - (David Carlier) . Fixed segfaults and other issues related to operator overloading with GMP objects. (Girgias) diff -Nru php8.2-8.2.26/Zend/tests/gh16630.phpt php8.2-8.2.28/Zend/tests/gh16630.phpt --- php8.2-8.2.26/Zend/tests/gh16630.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/Zend/tests/gh16630.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,19 @@ +--TEST-- +GH-16630 (UAF in lexer with encoding translation and heredocs) +--EXTENSIONS-- +mbstring +--INI-- +zend.multibyte=On +zend.script_encoding=ISO-8859-1 +internal_encoding=EUC-JP +--FILE-- + +--EXPECT-- +heredoc +text diff -Nru php8.2-8.2.26/Zend/tests/gh16799.phpt php8.2-8.2.28/Zend/tests/gh16799.phpt --- php8.2-8.2.26/Zend/tests/gh16799.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/Zend/tests/gh16799.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,21 @@ +--TEST-- +GH-16799 (Assertion failure at Zend/zend_vm_execute.h) +--FILE-- + +--EXPECTF-- +Fatal error: Uncaught Exception: Use of "static" in callables is deprecated in %s:%d +Stack trace: +#0 %s(%d): {closure}(%d, 'Use of "static"...', %s, %d) +#1 %s(%d): Test::test() +#2 {main} + thrown in %s on line %d diff -Nru php8.2-8.2.26/Zend/zend.h php8.2-8.2.28/Zend/zend.h --- php8.2-8.2.26/Zend/zend.h 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/Zend/zend.h 2025-03-11 17:58:12.000000000 +0000 @@ -20,7 +20,7 @@ #ifndef ZEND_H #define ZEND_H -#define ZEND_VERSION "4.2.26" +#define ZEND_VERSION "4.2.28" #define ZEND_ENGINE_3 diff -Nru php8.2-8.2.26/Zend/zend_API.c php8.2-8.2.28/Zend/zend_API.c --- php8.2-8.2.26/Zend/zend_API.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/Zend/zend_API.c 2025-03-11 17:58:12.000000000 +0000 @@ -2718,7 +2718,14 @@ } internal_function->type = ZEND_INTERNAL_FUNCTION; internal_function->module = EG(current_module); - internal_function->T = 0; + if (EG(active) && ZEND_OBSERVER_ENABLED) { + /* Add an observer temporary to store previous observed frames. This is + * normally handled by zend_observer_post_startup(), except for + * functions registered at runtime (EG(active)). */ + internal_function->T = 1; + } else { + internal_function->T = 0; + } memset(internal_function->reserved, 0, ZEND_MAX_RESERVED_RESOURCES * sizeof(void*)); while (ptr->fname) { diff -Nru php8.2-8.2.26/Zend/zend_alloc.c php8.2-8.2.28/Zend/zend_alloc.c --- php8.2-8.2.26/Zend/zend_alloc.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/Zend/zend_alloc.c 2025-03-11 17:58:12.000000000 +0000 @@ -2457,8 +2457,8 @@ zend_mm_huge_list *block = AG(mm_heap)->huge_list; while (block) { - if (ptr >= (void*)block - && ptr < (void*)((char*)block + block->size)) { + if (ptr >= block->ptr + && ptr < (void*)((char*)block->ptr + block->size)) { return 1; } block = block->next; diff -Nru php8.2-8.2.26/Zend/zend_compile.c php8.2-8.2.28/Zend/zend_compile.c --- php8.2-8.2.26/Zend/zend_compile.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/Zend/zend_compile.c 2025-03-11 17:58:12.000000000 +0000 @@ -1997,7 +1997,7 @@ } /* Strip trailing slashes */ - while (end >= path && IS_SLASH_P(end)) { + while (end >= path && IS_SLASH_P_EX(end, end == path)) { end--; } if (end < path) { @@ -2008,7 +2008,7 @@ } /* Strip filename */ - while (end >= path && !IS_SLASH_P(end)) { + while (end >= path && !IS_SLASH_P_EX(end, end == path)) { end--; } if (end < path) { @@ -2019,7 +2019,7 @@ } /* Strip slashes which came before the file name */ - while (end >= path && IS_SLASH_P(end)) { + while (end >= path && IS_SLASH_P_EX(end, end == path)) { end--; } if (end < path) { @@ -8043,7 +8043,13 @@ } opline->op1_type = IS_CONST; - LITERAL_STR(opline->op1, lcname); + /* It's possible that `lcname` is not an interned string because it was not yet in the interned string table. + * However, by this point another thread may have caused `lcname` to be added in the interned string table. + * This will cause `lcname` to get freed once it is found in the interned string table. If we were to use + * LITERAL_STR() here we would not change the `lcname` pointer to the new value, and it would point to the + * now-freed string. This will cause issues when we use `lcname` in the code below. We solve this by using + * zend_add_literal_string() which gives us the new value. */ + opline->op1.constant = zend_add_literal_string(&lcname); if (decl->flags & ZEND_ACC_ANON_CLASS) { opline->opcode = ZEND_DECLARE_ANON_CLASS; diff -Nru php8.2-8.2.26/Zend/zend_language_scanner.c php8.2-8.2.28/Zend/zend_language_scanner.c --- php8.2-8.2.26/Zend/zend_language_scanner.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/Zend/zend_language_scanner.c 2025-03-11 17:58:12.000000000 +0000 @@ -277,7 +277,7 @@ CG(zend_lineno) = lex_state->lineno; zend_restore_compiled_filename(lex_state->filename); - if (SCNG(script_filtered)) { + if (SCNG(script_filtered) && SCNG(script_filtered) != lex_state->script_filtered) { efree(SCNG(script_filtered)); SCNG(script_filtered) = NULL; } diff -Nru php8.2-8.2.26/Zend/zend_language_scanner.l php8.2-8.2.28/Zend/zend_language_scanner.l --- php8.2-8.2.26/Zend/zend_language_scanner.l 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/Zend/zend_language_scanner.l 2025-03-11 17:58:12.000000000 +0000 @@ -275,7 +275,7 @@ CG(zend_lineno) = lex_state->lineno; zend_restore_compiled_filename(lex_state->filename); - if (SCNG(script_filtered)) { + if (SCNG(script_filtered) && SCNG(script_filtered) != lex_state->script_filtered) { efree(SCNG(script_filtered)); SCNG(script_filtered) = NULL; } diff -Nru php8.2-8.2.26/Zend/zend_portability.h php8.2-8.2.28/Zend/zend_portability.h --- php8.2-8.2.26/Zend/zend_portability.h 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/Zend/zend_portability.h 2025-03-11 17:58:12.000000000 +0000 @@ -698,4 +698,28 @@ # define ZEND_INDIRECT_RETURN #endif +#define __ZEND_DO_PRAGMA(x) _Pragma(#x) +#define _ZEND_DO_PRAGMA(x) __ZEND_DO_PRAGMA(x) +#if defined(__clang__) +# define ZEND_DIAGNOSTIC_IGNORED_START(warning) \ + _Pragma("clang diagnostic push") \ + _ZEND_DO_PRAGMA(clang diagnostic ignored warning) +# define ZEND_DIAGNOSTIC_IGNORED_END \ + _Pragma("clang diagnostic pop") +#elif defined(__GNUC__) +# define ZEND_DIAGNOSTIC_IGNORED_START(warning) \ + _Pragma("GCC diagnostic push") \ + _ZEND_DO_PRAGMA(GCC diagnostic ignored warning) +# define ZEND_DIAGNOSTIC_IGNORED_END \ + _Pragma("GCC diagnostic pop") +#else +# define ZEND_DIAGNOSTIC_IGNORED_START(warning) +# define ZEND_DIAGNOSTIC_IGNORED_END +#endif + +/** @deprecated */ +#define ZEND_CGG_DIAGNOSTIC_IGNORED_START ZEND_DIAGNOSTIC_IGNORED_START +/** @deprecated */ +#define ZEND_CGG_DIAGNOSTIC_IGNORED_END ZEND_DIAGNOSTIC_IGNORED_END + #endif /* ZEND_PORTABILITY_H */ diff -Nru php8.2-8.2.26/Zend/zend_strtod.c php8.2-8.2.28/Zend/zend_strtod.c --- php8.2-8.2.26/Zend/zend_strtod.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/Zend/zend_strtod.c 2025-03-11 17:58:12.000000000 +0000 @@ -3613,13 +3613,20 @@ rv_alloc(int i) #endif { - int k, *r; - size_t j = sizeof(ULong); + int j, k, *r; + size_t rem; + + rem = sizeof(Bigint) - sizeof(ULong) - sizeof(int); + + + j = sizeof(ULong); + if (i > ((INT_MAX >> 2) + rem)) + i = (INT_MAX >> 2) + rem; for(k = 0; - sizeof(Bigint) - sizeof(ULong) - sizeof(int) + j <= (size_t)i; - j <<= 1) + rem + j <= (size_t)i; j <<= 1) k++; + r = (int*)Balloc(k); *r = k; return diff -Nru php8.2-8.2.26/Zend/zend_virtual_cwd.h php8.2-8.2.28/Zend/zend_virtual_cwd.h --- php8.2-8.2.26/Zend/zend_virtual_cwd.h 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/Zend/zend_virtual_cwd.h 2025-03-11 17:58:12.000000000 +0000 @@ -73,8 +73,11 @@ #define DEFAULT_SLASH '\\' #define DEFAULT_DIR_SEPARATOR ';' #define IS_SLASH(c) ((c) == '/' || (c) == '\\') +// IS_SLASH_P() may read the previous char on Windows, which may be OOB; use IS_SLASH_P_EX() instead #define IS_SLASH_P(c) (*(c) == '/' || \ (*(c) == '\\' && !IsDBCSLeadByte(*(c-1)))) +#define IS_SLASH_P_EX(c, first_byte) (*(c) == '/' || \ + (*(c) == '\\' && ((first_byte) || !IsDBCSLeadByte(*(c-1))))) /* COPY_WHEN_ABSOLUTE is 2 under Win32 because by chance both regular absolute paths in the file system and UNC paths need copying of two characters */ @@ -98,7 +101,9 @@ #endif #define IS_SLASH(c) ((c) == '/') +// IS_SLASH_P() may read the previous char on Windows, which may be OOB; use IS_SLASH_P_EX() instead #define IS_SLASH_P(c) (*(c) == '/') +#define IS_SLASH_P_EX(c, first_byte) IS_SLASH_P(c) #endif diff -Nru php8.2-8.2.26/Zend/zend_vm_def.h php8.2-8.2.28/Zend/zend_vm_def.h --- php8.2-8.2.26/Zend/zend_vm_def.h 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/Zend/zend_vm_def.h 2025-03-11 17:58:12.000000000 +0000 @@ -3807,6 +3807,16 @@ function_name = GET_OP2_ZVAL_PTR(BP_VAR_R); if (zend_is_callable_ex(function_name, NULL, 0, NULL, &fcc, &error)) { ZEND_ASSERT(!error); + + /* Deprecation can be emitted from zend_is_callable_ex(), which can + * invoke a user error handler and throw an exception. + * For the CONST and CV case we reuse the same exception block below + * to make sure we don't increase VM size too much. */ + if (!(OP2_TYPE & (IS_TMP_VAR|IS_VAR)) && UNEXPECTED(EG(exception))) { + FREE_OP2(); + HANDLE_EXCEPTION(); + } + func = fcc.function_handler; object_or_called_scope = fcc.called_scope; if (func->common.fn_flags & ZEND_ACC_CLOSURE) { diff -Nru php8.2-8.2.26/Zend/zend_vm_execute.h php8.2-8.2.28/Zend/zend_vm_execute.h --- php8.2-8.2.26/Zend/zend_vm_execute.h 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/Zend/zend_vm_execute.h 2025-03-11 17:58:12.000000000 +0000 @@ -7023,6 +7023,16 @@ function_name = RT_CONSTANT(opline, opline->op2); if (zend_is_callable_ex(function_name, NULL, 0, NULL, &fcc, &error)) { ZEND_ASSERT(!error); + + /* Deprecation can be emitted from zend_is_callable_ex(), which can + * invoke a user error handler and throw an exception. + * For the CONST and CV case we reuse the same exception block below + * to make sure we don't increase VM size too much. */ + if (!(IS_CONST & (IS_TMP_VAR|IS_VAR)) && UNEXPECTED(EG(exception))) { + + HANDLE_EXCEPTION(); + } + func = fcc.function_handler; object_or_called_scope = fcc.called_scope; if (func->common.fn_flags & ZEND_ACC_CLOSURE) { @@ -9368,6 +9378,16 @@ function_name = _get_zval_ptr_var(opline->op2.var EXECUTE_DATA_CC); if (zend_is_callable_ex(function_name, NULL, 0, NULL, &fcc, &error)) { ZEND_ASSERT(!error); + + /* Deprecation can be emitted from zend_is_callable_ex(), which can + * invoke a user error handler and throw an exception. + * For the CONST and CV case we reuse the same exception block below + * to make sure we don't increase VM size too much. */ + if (!((IS_TMP_VAR|IS_VAR) & (IS_TMP_VAR|IS_VAR)) && UNEXPECTED(EG(exception))) { + zval_ptr_dtor_nogc(EX_VAR(opline->op2.var)); + HANDLE_EXCEPTION(); + } + func = fcc.function_handler; object_or_called_scope = fcc.called_scope; if (func->common.fn_flags & ZEND_ACC_CLOSURE) { @@ -11742,6 +11762,16 @@ function_name = _get_zval_ptr_cv_BP_VAR_R(opline->op2.var EXECUTE_DATA_CC); if (zend_is_callable_ex(function_name, NULL, 0, NULL, &fcc, &error)) { ZEND_ASSERT(!error); + + /* Deprecation can be emitted from zend_is_callable_ex(), which can + * invoke a user error handler and throw an exception. + * For the CONST and CV case we reuse the same exception block below + * to make sure we don't increase VM size too much. */ + if (!(IS_CV & (IS_TMP_VAR|IS_VAR)) && UNEXPECTED(EG(exception))) { + + HANDLE_EXCEPTION(); + } + func = fcc.function_handler; object_or_called_scope = fcc.called_scope; if (func->common.fn_flags & ZEND_ACC_CLOSURE) { diff -Nru php8.2-8.2.26/build/genif.sh php8.2-8.2.28/build/genif.sh --- php8.2-8.2.26/build/genif.sh 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/build/genif.sh 2025-03-11 17:58:12.000000000 +0000 @@ -32,7 +32,7 @@ olddir=$(pwd) # Go to project root. -cd $(CDPATH= cd -- "$(dirname -- "$0")/../" && pwd -P) +cd "$(CDPATH='' cd -- "$(dirname -- "$0")/../" && pwd -P)" || exit module_ptrs="$(echo $extensions | $AWK -f ./build/order_by_dep.awk)" diff -Nru php8.2-8.2.26/buildconf php8.2-8.2.28/buildconf --- php8.2-8.2.26/buildconf 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/buildconf 2025-03-11 17:58:12.000000000 +0000 @@ -8,9 +8,9 @@ debug=0 # Go to project root. -cd $(CDPATH= cd -- "$(dirname -- "$0")" && pwd -P) +cd "$(CDPATH='' cd -- "$(dirname -- "$0")" && pwd -P)" || exit -php_extra_version=$(grep '^AC_INIT(' configure.ac) +php_extra_version=$(grep '^AC_INIT(' configure.ac) || exit case "$php_extra_version" in *-dev*) dev=1 diff -Nru php8.2-8.2.26/configure php8.2-8.2.28/configure --- php8.2-8.2.26/configure 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/configure 2025-03-11 17:58:12.000000000 +0000 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for PHP 8.2.26. +# Generated by GNU Autoconf 2.69 for PHP 8.2.28. # # Report bugs to . # @@ -732,8 +732,8 @@ # Identity of this package. PACKAGE_NAME='PHP' PACKAGE_TARNAME='php' -PACKAGE_VERSION='8.2.26' -PACKAGE_STRING='PHP 8.2.26' +PACKAGE_VERSION='8.2.28' +PACKAGE_STRING='PHP 8.2.28' PACKAGE_BUGREPORT='https://github.com/php/php-src/issues' PACKAGE_URL='https://www.php.net' @@ -1779,7 +1779,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures PHP 8.2.26 to adapt to many kinds of systems. +\`configure' configures PHP 8.2.28 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1851,7 +1851,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of PHP 8.2.26:";; + short | recursive ) echo "Configuration of PHP 8.2.28:";; esac cat <<\_ACEOF @@ -2314,7 +2314,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -PHP configure 8.2.26 +PHP configure 8.2.28 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -3098,7 +3098,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by PHP $as_me 8.2.26, which was +It was created by PHP $as_me 8.2.28, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3879,7 +3879,7 @@ ac_IFS=$IFS; IFS="." -set $(echo 8.2.26 | "${SED}" 's/\([0-9\.]*\)\(.*\)/\1\.\2/') +set $(echo 8.2.28 | "${SED}" 's/\([0-9\.]*\)\(.*\)/\1\.\2/') IFS=$ac_IFS PHP_MAJOR_VERSION=$1 PHP_MINOR_VERSION=$2 @@ -97706,7 +97706,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by PHP $as_me 8.2.26, which was +This file was extended by PHP $as_me 8.2.28, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -97773,7 +97773,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -PHP config.status 8.2.26 +PHP config.status 8.2.28 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -Nru php8.2-8.2.26/configure.ac php8.2-8.2.28/configure.ac --- php8.2-8.2.26/configure.ac 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/configure.ac 2025-03-11 17:58:12.000000000 +0000 @@ -17,7 +17,7 @@ dnl ---------------------------------------------------------------------------- AC_PREREQ([2.68]) -AC_INIT([PHP],[8.2.26],[https://github.com/php/php-src/issues],[php],[https://www.php.net]) +AC_INIT([PHP],[8.2.28],[https://github.com/php/php-src/issues],[php],[https://www.php.net]) AC_CONFIG_SRCDIR([main/php_version.h]) AC_CONFIG_AUX_DIR([build]) AC_PRESERVE_HELP_ORDER diff -Nru php8.2-8.2.26/debian/changelog php8.2-8.2.28/debian/changelog --- php8.2-8.2.26/debian/changelog 2024-11-25 17:21:51.000000000 +0000 +++ php8.2-8.2.28/debian/changelog 2025-03-13 18:21:38.000000000 +0000 @@ -1,3 +1,19 @@ +php8.2 (8.2.28-1~deb12u1) bookworm-security; urgency=high + + * New upstream version 8.2.28 + - [CVE-2025-1219]: libxml streams use wrong `content-type` header + when requesting a redirected resource. + - [CVE-2025-1736]: Stream HTTP wrapper header check might omit + basic auth header. + - [CVE-2025-1861]: Stream HTTP wrapper truncate redirect location + to 1024 bytes. + - [CVE-2025-1734]: Streams HTTP wrapper does not fail for headers + without colon. + - [CVE-2025-1217]: Header parser of `http` stream wrapper does not + handle folded headers. + + -- Ondřej Surý Thu, 13 Mar 2025 19:21:38 +0100 + php8.2 (8.2.26-1~deb12u1) bookworm-security; urgency=high * New upstream version 8.2.26 diff -Nru php8.2-8.2.26/debian/patches/0001-libtool_fixes.patch php8.2-8.2.28/debian/patches/0001-libtool_fixes.patch --- php8.2-8.2.26/debian/patches/0001-libtool_fixes.patch 2024-11-25 17:21:51.000000000 +0000 +++ php8.2-8.2.28/debian/patches/0001-libtool_fixes.patch 2025-03-13 18:21:38.000000000 +0000 @@ -7,7 +7,7 @@ 1 file changed, 2 deletions(-) diff --git a/configure.ac b/configure.ac -index 00f1b7f..4c93593 100644 +index 6fa2fbf..4978b1a 100644 --- a/configure.ac +++ b/configure.ac @@ -1642,8 +1642,6 @@ AC_PROVIDE_IFELSE([PHP_REQUIRE_CXX], [], [ diff -Nru php8.2-8.2.26/debian/patches/0002-debian_quirks.patch php8.2-8.2.28/debian/patches/0002-debian_quirks.patch --- php8.2-8.2.26/debian/patches/0002-debian_quirks.patch 2024-11-25 17:21:51.000000000 +0000 +++ php8.2-8.2.28/debian/patches/0002-debian_quirks.patch 2025-03-13 18:21:38.000000000 +0000 @@ -13,7 +13,7 @@ 7 files changed, 21 insertions(+), 16 deletions(-) diff --git a/configure.ac b/configure.ac -index 4c93593..ad3be5f 100644 +index 4978b1a..5fb8cb9 100644 --- a/configure.ac +++ b/configure.ac @@ -1215,7 +1215,7 @@ fi diff -Nru php8.2-8.2.26/debian/patches/0004-extension_api.patch php8.2-8.2.28/debian/patches/0004-extension_api.patch --- php8.2-8.2.26/debian/patches/0004-extension_api.patch 2024-11-25 17:21:51.000000000 +0000 +++ php8.2-8.2.28/debian/patches/0004-extension_api.patch 2025-03-13 18:21:38.000000000 +0000 @@ -8,7 +8,7 @@ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac -index ad3be5f..a0258f9 100644 +index 5fb8cb9..e2778f7 100644 --- a/configure.ac +++ b/configure.ac @@ -1391,8 +1391,10 @@ ZEND_MODULE_API_NO=`$EGREP '#define ZEND_MODULE_API_NO ' $srcdir/Zend/zend_modul diff -Nru php8.2-8.2.26/debian/patches/0024-php-5.4.9-fixheader.patch php8.2-8.2.28/debian/patches/0024-php-5.4.9-fixheader.patch --- php8.2-8.2.26/debian/patches/0024-php-5.4.9-fixheader.patch 2024-11-25 17:21:51.000000000 +0000 +++ php8.2-8.2.28/debian/patches/0024-php-5.4.9-fixheader.patch 2025-03-13 18:21:38.000000000 +0000 @@ -8,7 +8,7 @@ 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac -index a0258f9..23c6f0d 100644 +index e2778f7..f5cc8d0 100644 --- a/configure.ac +++ b/configure.ac @@ -1468,7 +1468,7 @@ PHP_REMOVE_USR_LIB(LDFLAGS) diff -Nru php8.2-8.2.26/debian/patches/0030-Really-expand-libdir-datadir-into-EXPANDED_LIBDIR-DA.patch php8.2-8.2.28/debian/patches/0030-Really-expand-libdir-datadir-into-EXPANDED_LIBDIR-DA.patch --- php8.2-8.2.26/debian/patches/0030-Really-expand-libdir-datadir-into-EXPANDED_LIBDIR-DA.patch 2024-11-25 17:21:51.000000000 +0000 +++ php8.2-8.2.28/debian/patches/0030-Really-expand-libdir-datadir-into-EXPANDED_LIBDIR-DA.patch 2025-03-13 18:21:38.000000000 +0000 @@ -7,7 +7,7 @@ 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/configure.ac b/configure.ac -index 23c6f0d..de7dcb8 100644 +index f5cc8d0..60fd5fd 100644 --- a/configure.ac +++ b/configure.ac @@ -1436,9 +1436,9 @@ EXPANDED_LOCALSTATEDIR=`eval echo $localstatedir` diff -Nru php8.2-8.2.26/debian/patches/0041-Lower-the-OpenSSL-requirement-to-1.0.1.patch php8.2-8.2.28/debian/patches/0041-Lower-the-OpenSSL-requirement-to-1.0.1.patch --- php8.2-8.2.26/debian/patches/0041-Lower-the-OpenSSL-requirement-to-1.0.1.patch 2024-11-25 17:21:51.000000000 +0000 +++ php8.2-8.2.28/debian/patches/0041-Lower-the-OpenSSL-requirement-to-1.0.1.patch 2025-03-13 18:21:38.000000000 +0000 @@ -37,7 +37,7 @@ PHP_ARG_WITH([kerberos], [for Kerberos support], diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c -index a50a307..0fd0573 100644 +index 9e703f7..48cdb4e 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -95,7 +95,7 @@ diff -Nru php8.2-8.2.26/debian/patches/0043-Override-result-of-AC_PROG_LN_S-to-fix-FTBFS-on-ppc6.patch php8.2-8.2.28/debian/patches/0043-Override-result-of-AC_PROG_LN_S-to-fix-FTBFS-on-ppc6.patch --- php8.2-8.2.26/debian/patches/0043-Override-result-of-AC_PROG_LN_S-to-fix-FTBFS-on-ppc6.patch 2024-11-25 17:21:51.000000000 +0000 +++ php8.2-8.2.28/debian/patches/0043-Override-result-of-AC_PROG_LN_S-to-fix-FTBFS-on-ppc6.patch 2025-03-13 18:21:38.000000000 +0000 @@ -7,7 +7,7 @@ 1 file changed, 5 insertions(+) diff --git a/configure.ac b/configure.ac -index de7dcb8..72c2e4f 100644 +index 60fd5fd..0a4f6db 100644 --- a/configure.ac +++ b/configure.ac @@ -135,6 +135,11 @@ AC_PROG_CPP diff -Nru php8.2-8.2.26/debian/patches/0046-Remove-timestamps-from-phar.patch php8.2-8.2.28/debian/patches/0046-Remove-timestamps-from-phar.patch --- php8.2-8.2.26/debian/patches/0046-Remove-timestamps-from-phar.patch 2024-11-25 17:21:51.000000000 +0000 +++ php8.2-8.2.28/debian/patches/0046-Remove-timestamps-from-phar.patch 2025-03-13 18:21:38.000000000 +0000 @@ -11,7 +11,7 @@ 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ext/phar/phar.c b/ext/phar/phar.c -index e3d6ea7..51eae5d 100644 +index 01a3d54..958a4fe 100644 --- a/ext/phar/phar.c +++ b/ext/phar/phar.c @@ -3002,7 +3002,7 @@ int phar_flush(phar_archive_data *phar, char *user_stub, zend_long len, int conv diff -Nru php8.2-8.2.26/debian/patches/0048-Revert-ext-gmp-gmp_pow-fix-FPE-with-large-values-pat.patch php8.2-8.2.28/debian/patches/0048-Revert-ext-gmp-gmp_pow-fix-FPE-with-large-values-pat.patch --- php8.2-8.2.26/debian/patches/0048-Revert-ext-gmp-gmp_pow-fix-FPE-with-large-values-pat.patch 2024-11-25 17:21:51.000000000 +0000 +++ php8.2-8.2.28/debian/patches/0048-Revert-ext-gmp-gmp_pow-fix-FPE-with-large-values-pat.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,181 +0,0 @@ -From: =?utf-8?b?T25kxZllaiBTdXLDvQ==?= -Date: Mon, 25 Nov 2024 18:21:34 +0100 -Subject: Revert "ext/gmp: gmp_pow fix FPE with large values" patch - ---- - ext/gmp/gmp.c | 13 ------- - ext/gmp/tests/gmp_pow.phpt | 2 - - ext/gmp/tests/gmp_pow_32bits.phpt | 77 --------------------------------------- - ext/gmp/tests/gmp_pow_fpe.phpt | 35 ------------------ - 4 files changed, 127 deletions(-) - delete mode 100644 ext/gmp/tests/gmp_pow_32bits.phpt - delete mode 100644 ext/gmp/tests/gmp_pow_fpe.phpt - -diff --git a/ext/gmp/gmp.c b/ext/gmp/gmp.c -index c9603c8..f31d6ab 100644 ---- a/ext/gmp/gmp.c -+++ b/ext/gmp/gmp.c -@@ -1350,26 +1350,13 @@ ZEND_FUNCTION(gmp_pow) - RETURN_THROWS(); - } - -- double powmax = log((double)ZEND_LONG_MAX); -- - if (Z_TYPE_P(base_arg) == IS_LONG && Z_LVAL_P(base_arg) >= 0) { - INIT_GMP_RETVAL(gmpnum_result); -- if ((log(Z_LVAL_P(base_arg)) * exp) > powmax) { -- zend_value_error("base and exponent overflow"); -- RETURN_THROWS(); -- } - mpz_ui_pow_ui(gmpnum_result, Z_LVAL_P(base_arg), exp); - } else { - mpz_ptr gmpnum_base; -- zend_ulong gmpnum; - FETCH_GMP_ZVAL(gmpnum_base, base_arg, temp_base, 1); - INIT_GMP_RETVAL(gmpnum_result); -- gmpnum = mpz_get_ui(gmpnum_base); -- if ((log(gmpnum) * exp) > powmax) { -- FREE_GMP_TEMP(temp_base); -- zend_value_error("base and exponent overflow"); -- RETURN_THROWS(); -- } - mpz_pow_ui(gmpnum_result, gmpnum_base, exp); - FREE_GMP_TEMP(temp_base); - } -diff --git a/ext/gmp/tests/gmp_pow.phpt b/ext/gmp/tests/gmp_pow.phpt -index 1d77bd5..f42e44e 100644 ---- a/ext/gmp/tests/gmp_pow.phpt -+++ b/ext/gmp/tests/gmp_pow.phpt -@@ -2,8 +2,6 @@ - gmp_pow() basic tests - --EXTENSIONS-- - gmp ----SKIPIF-- -- - --FILE-- - ----FILE-- --getMessage() . "\n"; --} --var_dump(gmp_strval(gmp_pow("-2",10))); --try { -- gmp_pow(20,10); --} catch (ValueError $exception) { -- echo $exception->getMessage() . "\n"; --} --try { -- gmp_pow(50,10); --} catch (ValueError $exception) { -- echo $exception->getMessage() . "\n"; --} --try { -- gmp_pow(50,-5); --} catch (ValueError $exception) { -- echo $exception->getMessage() . "\n"; --} --try { -- $n = gmp_init("20"); -- gmp_pow($n,10); --} catch (ValueError $exception) { -- echo $exception->getMessage() . "\n"; --} --try { -- $n = gmp_init("-20"); -- gmp_pow($n,10); --} catch (ValueError $exception) { -- echo $exception->getMessage() . "\n"; --} --try { -- var_dump(gmp_pow(2,array())); --} catch (TypeError $e) { -- echo $e->getMessage(), "\n"; --} -- --try { -- var_dump(gmp_pow(array(),10)); --} catch (\TypeError $e) { -- echo $e->getMessage() . \PHP_EOL; --} -- --echo "Done\n"; --?> ----EXPECT-- --string(4) "1024" --string(4) "1024" --string(5) "-2048" --string(4) "1024" --string(1) "1" --gmp_pow(): Argument #2 ($exponent) must be greater than or equal to 0 --string(4) "1024" --base and exponent overflow --base and exponent overflow --gmp_pow(): Argument #2 ($exponent) must be greater than or equal to 0 --base and exponent overflow --base and exponent overflow --gmp_pow(): Argument #2 ($exponent) must be of type int, array given --gmp_pow(): Argument #1 ($num) must be of type GMP|string|int, array given --Done -diff --git a/ext/gmp/tests/gmp_pow_fpe.phpt b/ext/gmp/tests/gmp_pow_fpe.phpt -deleted file mode 100644 -index 248922e..0000000 ---- a/ext/gmp/tests/gmp_pow_fpe.phpt -+++ /dev/null -@@ -1,35 +0,0 @@ ----TEST-- --gmp_pow() floating point exception ----EXTENSIONS-- --gmp ----FILE-- --getMessage() . PHP_EOL; --} --try { -- gmp_pow(256, PHP_INT_MAX); --} catch (\ValueError $e) { -- echo $e->getMessage() . PHP_EOL; --} -- --try { -- gmp_pow(gmp_add(gmp_mul(gmp_init(PHP_INT_MAX), gmp_init(PHP_INT_MAX)), 3), 256); --} catch (\ValueError $e) { -- echo $e->getMessage() . PHP_EOL; --} --try { -- gmp_pow(gmp_init(PHP_INT_MAX), 256); --} catch (\ValueError $e) { -- echo $e->getMessage(); --} --?> ----EXPECTF-- --base and exponent overflow --base and exponent overflow --base and exponent overflow --base and exponent overflow diff -Nru php8.2-8.2.26/debian/patches/series php8.2-8.2.28/debian/patches/series --- php8.2-8.2.26/debian/patches/series 2024-11-25 17:21:51.000000000 +0000 +++ php8.2-8.2.28/debian/patches/series 2025-03-13 18:21:38.000000000 +0000 @@ -45,4 +45,3 @@ 0045-scripts-php-.in-Explicitly-define-the-path-to-sed.patch 0046-Remove-timestamps-from-phar.patch 0047-fix-implicit-function-declaration.patch -0048-Revert-ext-gmp-gmp_pow-fix-FPE-with-large-values-pat.patch diff -Nru php8.2-8.2.26/ext/calendar/gregor.c php8.2-8.2.28/ext/calendar/gregor.c --- php8.2-8.2.26/ext/calendar/gregor.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/calendar/gregor.c 2025-03-11 17:58:12.000000000 +0000 @@ -148,16 +148,25 @@ int dayOfYear; if (sdn <= 0 || - sdn > (LONG_MAX - 4 * GREGOR_SDN_OFFSET) / 4) { + sdn > (ZEND_LONG_MAX - 4 * GREGOR_SDN_OFFSET) / 4) { goto fail; } temp = (sdn + GREGOR_SDN_OFFSET) * 4 - 1; + if (temp < 0 || (temp / DAYS_PER_400_YEARS) > INT_MAX) { + goto fail; + } + /* Calculate the century (year/100). */ century = temp / DAYS_PER_400_YEARS; /* Calculate the year and day of year (1 <= dayOfYear <= 366). */ temp = ((temp % DAYS_PER_400_YEARS) / 4) * 4 + 3; + + if (century > ((INT_MAX / 100) - (temp / DAYS_PER_4_YEARS))) { + goto fail; + } + year = (century * 100) + (temp / DAYS_PER_4_YEARS); dayOfYear = (temp % DAYS_PER_4_YEARS) / 4 + 1; diff -Nru php8.2-8.2.26/ext/calendar/tests/gh16235.phpt php8.2-8.2.28/ext/calendar/tests/gh16235.phpt --- php8.2-8.2.26/ext/calendar/tests/gh16235.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/calendar/tests/gh16235.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,11 @@ +--TEST-- +GH-16235 (jdtogregorian overflow on argument) +--EXTENSIONS-- +calendar +--FILE-- + +--EXPECT-- +DONE diff -Nru php8.2-8.2.26/ext/calendar/tests/gh16834.phpt php8.2-8.2.28/ext/calendar/tests/gh16834.phpt --- php8.2-8.2.26/ext/calendar/tests/gh16834.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/calendar/tests/gh16834.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,31 @@ +--TEST-- +GH-16834 (cal_from_jd from julian_day argument) +--EXTENSIONS-- +calendar +--SKIPIF-- + +--FILE-- + +--EXPECTF-- +array(9) { + ["date"]=> + string(5) "0/0/0" + ["month"]=> + int(0) + ["day"]=> + int(0) + ["year"]=> + int(0) + ["dow"]=> + int(%d) + ["abbrevdayname"]=> + string(3) "%s" + ["dayname"]=> + string(9) "%s" + ["abbrevmonth"]=> + string(0) "" + ["monthname"]=> + string(0) "" +} diff -Nru php8.2-8.2.26/ext/com_dotnet/com_typeinfo.c php8.2-8.2.28/ext/com_dotnet/com_typeinfo.c --- php8.2-8.2.26/ext/com_dotnet/com_typeinfo.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/com_dotnet/com_typeinfo.c 2025-03-11 17:58:12.000000000 +0000 @@ -331,7 +331,7 @@ if (obj->typeinfo) { ITypeInfo_AddRef(obj->typeinfo); return obj->typeinfo; - } else { + } else if (V_VT(&obj->v) == VT_DISPATCH) { IDispatch_GetTypeInfo(V_DISPATCH(&obj->v), 0, LANG_NEUTRAL, &typeinfo); if (typeinfo) { return typeinfo; diff -Nru php8.2-8.2.26/ext/com_dotnet/tests/gh16991.phpt php8.2-8.2.28/ext/com_dotnet/tests/gh16991.phpt --- php8.2-8.2.26/ext/com_dotnet/tests/gh16991.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/com_dotnet/tests/gh16991.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,10 @@ +--TEST-- +GH-16991 (Getting typeinfo of non DISPATCH variant segfaults) +--EXTENSIONS-- +com_dotnet +--FILE-- + +--EXPECTF-- +Warning: com_print_typeinfo(): Unable to find typeinfo using the parameters supplied in %s on line %d diff -Nru php8.2-8.2.26/ext/curl/interface.c php8.2-8.2.28/ext/curl/interface.c --- php8.2-8.2.26/ext/curl/interface.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/curl/interface.c 2025-03-11 17:58:12.000000000 +0000 @@ -1381,7 +1381,7 @@ postval = Z_STR_P(prop); if (php_check_open_basedir(ZSTR_VAL(postval))) { - return FAILURE; + goto out_string; } prop = zend_read_property(curl_CURLFile_class, Z_OBJ_P(current), "mime", sizeof("mime")-1, 0, &rv); @@ -1407,15 +1407,18 @@ seekfunc = NULL; } + part = curl_mime_addpart(mime); + if (part == NULL) { + if (stream) { + php_stream_close(stream); + } + goto out_string; + } + cb_arg = emalloc(sizeof *cb_arg); cb_arg->filename = zend_string_copy(postval); cb_arg->stream = stream; - part = curl_mime_addpart(mime); - if (part == NULL) { - zend_string_release_ex(string_key, 0); - return FAILURE; - } if ((form_error = curl_mime_name(part, ZSTR_VAL(string_key))) != CURLE_OK || (form_error = curl_mime_data_cb(part, filesize, read_cb, seekfunc, free_cb, cb_arg)) != CURLE_OK || (form_error = curl_mime_filename(part, filename ? filename : ZSTR_VAL(postval))) != CURLE_OK @@ -1449,8 +1452,7 @@ prop = zend_read_property(curl_CURLStringFile_class, Z_OBJ_P(current), "postname", sizeof("postname")-1, 0, &rv); if (EG(exception)) { - zend_string_release_ex(string_key, 0); - return FAILURE; + goto out_string; } ZVAL_DEREF(prop); ZEND_ASSERT(Z_TYPE_P(prop) == IS_STRING); @@ -1459,8 +1461,7 @@ prop = zend_read_property(curl_CURLStringFile_class, Z_OBJ_P(current), "mime", sizeof("mime")-1, 0, &rv); if (EG(exception)) { - zend_string_release_ex(string_key, 0); - return FAILURE; + goto out_string; } ZVAL_DEREF(prop); ZEND_ASSERT(Z_TYPE_P(prop) == IS_STRING); @@ -1469,8 +1470,7 @@ prop = zend_read_property(curl_CURLStringFile_class, Z_OBJ_P(current), "data", sizeof("data")-1, 0, &rv); if (EG(exception)) { - zend_string_release_ex(string_key, 0); - return FAILURE; + goto out_string; } ZVAL_DEREF(prop); ZEND_ASSERT(Z_TYPE_P(prop) == IS_STRING); @@ -1483,8 +1483,7 @@ part = curl_mime_addpart(mime); if (part == NULL) { - zend_string_release_ex(string_key, 0); - return FAILURE; + goto out_string; } if ((form_error = curl_mime_name(part, ZSTR_VAL(string_key))) != CURLE_OK || (form_error = curl_mime_data(part, ZSTR_VAL(postval), ZSTR_LEN(postval))) != CURLE_OK @@ -1540,7 +1539,7 @@ SAVE_CURL_ERROR(ch, error); if (error != CURLE_OK) { - return FAILURE; + goto out_mime; } if ((*ch->clone) == 1) { @@ -1556,6 +1555,16 @@ SAVE_CURL_ERROR(ch, error); return error == CURLE_OK ? SUCCESS : FAILURE; + +out_string: + zend_string_release_ex(string_key, false); +out_mime: +#if LIBCURL_VERSION_NUM >= 0x073800 /* 7.56.0 */ + curl_mime_free(mime); +#else + curl_formfree(first); +#endif + return FAILURE; } /* }}} */ diff -Nru php8.2-8.2.26/ext/curl/tests/curl_basic_022.phpt php8.2-8.2.28/ext/curl/tests/curl_basic_022.phpt --- php8.2-8.2.26/ext/curl/tests/curl_basic_022.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/curl/tests/curl_basic_022.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -11,10 +11,10 @@ var_dump(curl_getinfo($ch, CURLINFO_COOKIELIST)); ?> ---EXPECT-- +--EXPECTF-- array(2) { [0]=> - string(38) ".php.net TRUE / FALSE 2145916799 C1 v1" + string(38) ".php.net TRUE / FALSE %d C1 v1" [1]=> - string(38) ".php.net TRUE / FALSE 2145916799 C2 v2" + string(38) ".php.net TRUE / FALSE %d C2 v2" } diff -Nru php8.2-8.2.26/ext/date/tests/DatePeriod_no_advance_on_valid.phpt php8.2-8.2.28/ext/date/tests/DatePeriod_no_advance_on_valid.phpt --- php8.2-8.2.26/ext/date/tests/DatePeriod_no_advance_on_valid.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/date/tests/DatePeriod_no_advance_on_valid.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -3,8 +3,8 @@ --FILE-- getIterator(); diff -Nru php8.2-8.2.26/ext/dba/tests/dba_flatfile.phpt php8.2-8.2.28/ext/dba/tests/dba_flatfile.phpt --- php8.2-8.2.26/ext/dba/tests/dba_flatfile.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/dba/tests/dba_flatfile.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -29,12 +29,12 @@ bool(true) Try to remove key 1 again bool(false) +[key10]name10: Content String 10 +[key30]name30: Content String 30 key2: Content String 2 key4: Another Content String key5: The last content string name9: Content String 9 -[key10]name10: Content String 10 -[key30]name30: Content String 30 Total keys: 6 Key 1 exists? N Key 2 exists? Y diff -Nru php8.2-8.2.26/ext/dba/tests/dba_gdbm.phpt php8.2-8.2.28/ext/dba/tests/dba_gdbm.phpt --- php8.2-8.2.26/ext/dba/tests/dba_gdbm.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/dba/tests/dba_gdbm.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -35,12 +35,12 @@ bool(true) Try to remove key 1 again bool(false) -key4: Another Content String +[key10]name10: Content String 10 +[key30]name30: Content String 30 key2: Content String 2 +key4: Another Content String key5: The last content string -[key10]name10: Content String 10 name9: Content String 9 -[key30]name30: Content String 30 Total keys: 6 Key 1 exists? N Key 2 exists? Y @@ -81,12 +81,12 @@ bool(true) Try to remove key 1 again bool(false) -key4: Another Content String +[key10]name10: Content String 10 +[key30]name30: Content String 30 key2: Content String 2 +key4: Another Content String key5: The last content string -[key10]name10: Content String 10 name9: Content String 9 -[key30]name30: Content String 30 Total keys: 6 Key 1 exists? N Key 2 exists? Y diff -Nru php8.2-8.2.26/ext/dba/tests/dba_inifile.phpt php8.2-8.2.28/ext/dba/tests/dba_inifile.phpt --- php8.2-8.2.26/ext/dba/tests/dba_inifile.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/dba/tests/dba_inifile.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -30,14 +30,14 @@ bool(true) Try to remove key 1 again bool(false) -key2: Content String 2 -key4: Another Content String -key5: The last content string -name9: Content String 9 [key10]: [key10]name10: Content String 10 [key30]: [key30]name30: Content String 30 +key2: Content String 2 +key4: Another Content String +key5: The last content string +name9: Content String 9 Total keys: 8 Key 1 exists? N Key 2 exists? Y diff -Nru php8.2-8.2.26/ext/dba/tests/dba_ndbm.phpt php8.2-8.2.28/ext/dba/tests/dba_ndbm.phpt --- php8.2-8.2.26/ext/dba/tests/dba_ndbm.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/dba/tests/dba_ndbm.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -36,12 +36,12 @@ bool(true) Try to remove key 1 again bool(false) -key4: Another Content String +[key10]name10: Content String 10 +[key30]name30: Content String 30 key2: Content String 2 +key4: Another Content String key5: The last content string -[key10]name10: Content String 10 name9: Content String 9 -[key30]name30: Content String 30 Total keys: 6 Key 1 exists? N Key 2 exists? Y @@ -82,12 +82,12 @@ bool(true) Try to remove key 1 again bool(false) -key4: Another Content String +[key10]name10: Content String 10 +[key30]name30: Content String 30 key2: Content String 2 +key4: Another Content String key5: The last content string -[key10]name10: Content String 10 name9: Content String 9 -[key30]name30: Content String 30 Total keys: 6 Key 1 exists? N Key 2 exists? Y diff -Nru php8.2-8.2.26/ext/dba/tests/dba_qdbm.phpt php8.2-8.2.28/ext/dba/tests/dba_qdbm.phpt --- php8.2-8.2.26/ext/dba/tests/dba_qdbm.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/dba/tests/dba_qdbm.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -35,12 +35,12 @@ bool(true) Try to remove key 1 again bool(false) +[key10]name10: Content String 10 +[key30]name30: Content String 30 key2: Content String 2 key4: Another Content String key5: The last content string name9: Content String 9 -[key10]name10: Content String 10 -[key30]name30: Content String 30 Total keys: 6 Key 1 exists? N Key 2 exists? Y @@ -81,12 +81,12 @@ bool(true) Try to remove key 1 again bool(false) +[key10]name10: Content String 10 +[key30]name30: Content String 30 key2: Content String 2 key4: Another Content String key5: The last content string name9: Content String 9 -[key10]name10: Content String 10 -[key30]name30: Content String 30 Total keys: 6 Key 1 exists? N Key 2 exists? Y diff -Nru php8.2-8.2.26/ext/dba/tests/dba_tcadb.phpt php8.2-8.2.28/ext/dba/tests/dba_tcadb.phpt --- php8.2-8.2.26/ext/dba/tests/dba_tcadb.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/dba/tests/dba_tcadb.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -30,12 +30,12 @@ bool(true) Try to remove key 1 again bool(false) +[key10]name10: Content String 10 +[key30]name30: Content String 30 key2: Content String 2 key4: Another Content String key5: The last content string name9: Content String 9 -[key10]name10: Content String 10 -[key30]name30: Content String 30 Total keys: 6 Key 1 exists? N Key 2 exists? Y diff -Nru php8.2-8.2.26/ext/dba/tests/setup/setup_dba_tests.inc php8.2-8.2.28/ext/dba/tests/setup/setup_dba_tests.inc --- php8.2-8.2.26/ext/dba/tests/setup/setup_dba_tests.inc 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/dba/tests/setup/setup_dba_tests.inc 2025-03-11 17:58:12.000000000 +0000 @@ -102,14 +102,29 @@ echo 'Try to remove key 1 again', \PHP_EOL; var_dump(dba_delete("key1", $db_writer)); - // Fetch data + // Fetch and sort data. We sort to guarantee that the output is + // consistent across invocations and architectures. When iterating + // with firstkey() and nextkey(), several engines (GDBM, LMDB, + // QDBM) make no promise about the iteration order. Others (TCADB, + // DBM) explicitly state that the order is arbitrary. With GDBM at + // least, the order appears platform-dependent -- we have a report + // in Github issue 14786. GDBM's own test suite sorts this output, + // suggesting that sorting is a reasonable workaround for the issue. + $output = []; + $key = dba_firstkey($db_writer); $total_keys = 0; while ($key) { - echo $key, ': ', dba_fetch($key, $db_writer), \PHP_EOL; + $output[] = $key . ': ' . dba_fetch($key, $db_writer) . \PHP_EOL; $key = dba_nextkey($db_writer); $total_keys++; } + + sort($output, SORT_STRING); + foreach ($output as $line) { + echo $line; + } + echo 'Total keys: ', $total_keys, \PHP_EOL; for ($i = 1; $i < 6; $i++) { echo "Key $i exists? ", dba_exists("key$i", $db_writer) ? 'Y' : 'N', \PHP_EOL; diff -Nru php8.2-8.2.26/ext/dl_test/dl_test.c php8.2-8.2.28/ext/dl_test/dl_test.c --- php8.2-8.2.26/ext/dl_test/dl_test.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/dl_test/dl_test.c 2025-03-11 17:58:12.000000000 +0000 @@ -76,9 +76,27 @@ PHP_INI_END() /* }}} */ +PHP_METHOD(DlTest, test) +{ + char *var = "World"; + size_t var_len = sizeof("World") - 1; + zend_string *retval; + + ZEND_PARSE_PARAMETERS_START(0, 1) + Z_PARAM_OPTIONAL + Z_PARAM_STRING(var, var_len) + ZEND_PARSE_PARAMETERS_END(); + + retval = strpprintf(0, "Hello %s", var); + + RETURN_STR(retval); +} + /* {{{ PHP_MINIT_FUNCTION */ PHP_MINIT_FUNCTION(dl_test) { + register_class_DlTest(); + /* Test backwards compatibility */ if (getenv("PHP_DL_TEST_USE_OLD_REGISTER_INI_ENTRIES")) { zend_register_ini_entries(ini_entries, module_number); diff -Nru php8.2-8.2.26/ext/dl_test/dl_test.stub.php php8.2-8.2.28/ext/dl_test/dl_test.stub.php --- php8.2-8.2.26/ext/dl_test/dl_test.stub.php 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/dl_test/dl_test.stub.php 2025-03-11 17:58:12.000000000 +0000 @@ -8,3 +8,7 @@ function dl_test_test1(): void {} function dl_test_test2(string $str = ""): string {} + +class DlTest { + public function test(string $str = ""): string {} +} diff -Nru php8.2-8.2.26/ext/dl_test/dl_test_arginfo.h php8.2-8.2.28/ext/dl_test/dl_test_arginfo.h --- php8.2-8.2.26/ext/dl_test/dl_test_arginfo.h 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/dl_test/dl_test_arginfo.h 2025-03-11 17:58:12.000000000 +0000 @@ -1,5 +1,5 @@ /* This is a generated file, edit the .stub.php file instead. - * Stub hash: 547ddbc21e9aa853b491cb17e902bbbb9cc2df00 */ + * Stub hash: 2dbacf5282b0f8e53923ac70495c2da43c7237e3 */ ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_dl_test_test1, 0, 0, IS_VOID, 0) ZEND_END_ARG_INFO() @@ -8,9 +8,12 @@ ZEND_ARG_TYPE_INFO_WITH_DEFAULT_VALUE(0, str, IS_STRING, 0, "\"\"") ZEND_END_ARG_INFO() +#define arginfo_class_DlTest_test arginfo_dl_test_test2 + ZEND_FUNCTION(dl_test_test1); ZEND_FUNCTION(dl_test_test2); +ZEND_METHOD(DlTest, test); static const zend_function_entry ext_functions[] = { @@ -18,3 +21,19 @@ ZEND_FE(dl_test_test2, arginfo_dl_test_test2) ZEND_FE_END }; + + +static const zend_function_entry class_DlTest_methods[] = { + ZEND_ME(DlTest, test, arginfo_class_DlTest_test, ZEND_ACC_PUBLIC) + ZEND_FE_END +}; + +static zend_class_entry *register_class_DlTest(void) +{ + zend_class_entry ce, *class_entry; + + INIT_CLASS_ENTRY(ce, "DlTest", class_DlTest_methods); + class_entry = zend_register_internal_class_ex(&ce, NULL); + + return class_entry; +} diff -Nru php8.2-8.2.26/ext/dom/tests/DOMDocument_loadHTMLfile_variation1.phpt php8.2-8.2.28/ext/dom/tests/DOMDocument_loadHTMLfile_variation1.phpt --- php8.2-8.2.26/ext/dom/tests/DOMDocument_loadHTMLfile_variation1.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/dom/tests/DOMDocument_loadHTMLfile_variation1.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -8,6 +8,10 @@ assert.bail=true --EXTENSIONS-- dom +--SKIPIF-- += 21400) die("skip libxml >= 2.14 no longer has this non-standard warning"); +?> --FILE-- loadHTML($html); print($doc->saveHTML()); ?> ---EXPECT-- +--EXPECTF-- -U+0000 +U+0000 %r(�|)%r diff -Nru php8.2-8.2.26/ext/dom/tests/bug78025.phpt php8.2-8.2.28/ext/dom/tests/bug78025.phpt --- php8.2-8.2.26/ext/dom/tests/bug78025.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/dom/tests/bug78025.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -6,9 +6,8 @@ "; $dom = new DOMDocument; -$dom->loadHTML($htm); +$dom->loadHTML($htm, LIBXML_NOERROR); var_dump($dom->doctype->name); ?> --EXPECTF-- -Warning: DOMDocument::loadHTML(): htmlParseDocTypeDecl : no DOCTYPE name ! in Entity, line: 1 in %s on line %d string(0) "" diff -Nru php8.2-8.2.26/ext/dom/tests/bug80268_2.phpt php8.2-8.2.28/ext/dom/tests/bug80268_2.phpt --- php8.2-8.2.26/ext/dom/tests/bug80268_2.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/dom/tests/bug80268_2.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -9,13 +9,13 @@ --FILE-- loadHTML("

foo\0bar

"); +$doc->loadHTML("

foo\0bar

", LIBXML_NOERROR); $html = $doc->saveHTML(); var_dump(strpos($html, '

foo

') !== false); file_put_contents(__DIR__ . '/80268.html', "

foo\0bar

"); $doc = new DOMDocument; -$doc->loadHTMLFile(__DIR__ . '/80268.html'); +$doc->loadHTMLFile(__DIR__ . '/80268.html', LIBXML_NOERROR); $html = $doc->saveHTML(); var_dump(strpos($html, '

foo

') !== false); ?> @@ -24,8 +24,5 @@ unlink(__DIR__ . '/80268.html'); ?> --EXPECTF-- -Warning: DOMDocument::loadHTML(): Char 0x0 out of allowed range in Entity, line: 1 in %s on line %d bool(false) - -Warning: DOMDocument::loadHTMLFile(): Char 0x0 out of allowed range in %s on line %d bool(false) diff -Nru php8.2-8.2.26/ext/dom/tests/gh16535.phpt php8.2-8.2.28/ext/dom/tests/gh16535.phpt --- php8.2-8.2.26/ext/dom/tests/gh16535.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/dom/tests/gh16535.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -14,7 +14,7 @@ } catch (DOMException $e) { echo $e->getMessage(), "\n"; } -$v2->loadHTML("oU"); +$v2->loadHTML("

oU

"); echo $v2->saveXML(); ?> diff -Nru php8.2-8.2.26/ext/dom/tests/ghsa-p3x9-6h7p-cgfc_001.phpt php8.2-8.2.28/ext/dom/tests/ghsa-p3x9-6h7p-cgfc_001.phpt --- php8.2-8.2.26/ext/dom/tests/ghsa-p3x9-6h7p-cgfc_001.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/dom/tests/ghsa-p3x9-6h7p-cgfc_001.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,60 @@ +--TEST-- +GHSA-p3x9-6h7p-cgfc: libxml streams use wrong `content-type` header when requesting a redirected resource (Basic) +--EXTENSIONS-- +dom +--SKIPIF-- + +--FILE-- + + + + GHSA-p3x9-6h7p-cgfc + + + + + + +

GHSA-p3x9-6h7p-cgfc

+ + + EOT; + // Intentionally using non-standard casing for content-type to verify it is matched not case sensitively. + yield "data://text/plain,HTTP/1.1 200 OK\r\nconteNt-tyPe: text/html; charset=utf-8\r\n\r\n{$xml}"; +} + +['pid' => $pid, 'uri' => $uri] = http_server('genResponses', $output); +$document = new \DOMDocument(); +$document->loadHTMLFile($uri); + +$h1 = $document->getElementsByTagName('h1'); +var_dump($h1->length); +var_dump($document->saveHTML()); +http_server_kill($pid); +?> +--EXPECT-- +int(1) +string(266) " + + + GHSA-p3x9-6h7p-cgfc + + + + + + +

GHSA-p3x9-6h7p-cgfc

+ + +" diff -Nru php8.2-8.2.26/ext/dom/tests/ghsa-p3x9-6h7p-cgfc_002.phpt php8.2-8.2.28/ext/dom/tests/ghsa-p3x9-6h7p-cgfc_002.phpt --- php8.2-8.2.26/ext/dom/tests/ghsa-p3x9-6h7p-cgfc_002.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/dom/tests/ghsa-p3x9-6h7p-cgfc_002.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,60 @@ +--TEST-- +GHSA-p3x9-6h7p-cgfc: libxml streams use wrong `content-type` header when requesting a redirected resource (Missing content-type) +--EXTENSIONS-- +dom +--SKIPIF-- + +--FILE-- + + + + GHSA-p3x9-6h7p-cgfc + + + + + + +

GHSA-p3x9-6h7p-cgfc

+ + + EOT; + // Missing content-type in actual response. + yield "data://text/plain,HTTP/1.1 200 OK\r\n\r\n{$xml}"; +} + +['pid' => $pid, 'uri' => $uri] = http_server('genResponses', $output); +$document = new \DOMDocument(); +$document->loadHTMLFile($uri); + +$h1 = $document->getElementsByTagName('h1'); +var_dump($h1->length); +var_dump($document->saveHTML()); +http_server_kill($pid); +?> +--EXPECT-- +int(1) +string(266) " + + + GHSA-p3x9-6h7p-cgfc + + + + + + +

GHSA-p3x9-6h7p-cgfc

+ + +" diff -Nru php8.2-8.2.26/ext/dom/tests/ghsa-p3x9-6h7p-cgfc_003.phpt php8.2-8.2.28/ext/dom/tests/ghsa-p3x9-6h7p-cgfc_003.phpt --- php8.2-8.2.26/ext/dom/tests/ghsa-p3x9-6h7p-cgfc_003.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/dom/tests/ghsa-p3x9-6h7p-cgfc_003.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,60 @@ +--TEST-- +GHSA-p3x9-6h7p-cgfc: libxml streams use wrong `content-type` header when requesting a redirected resource (Reason with colon) +--EXTENSIONS-- +dom +--SKIPIF-- + +--FILE-- + + + + GHSA-p3x9-6h7p-cgfc + + + + + + +

GHSA-p3x9-6h7p-cgfc

+ + + EOT; + // Missing content-type in actual response. + yield "data://text/plain,HTTP/1.1 200 OK: This is fine\r\n\r\n{$xml}"; +} + +['pid' => $pid, 'uri' => $uri] = http_server('genResponses', $output); +$document = new \DOMDocument(); +$document->loadHTMLFile($uri); + +$h1 = $document->getElementsByTagName('h1'); +var_dump($h1->length); +var_dump($document->saveHTML()); +http_server_kill($pid); +?> +--EXPECT-- +int(1) +string(266) " + + + GHSA-p3x9-6h7p-cgfc + + + + + + +

GHSA-p3x9-6h7p-cgfc

+ + +" diff -Nru php8.2-8.2.26/ext/fileinfo/tests/cve-2014-3538-mb.phpt php8.2-8.2.28/ext/fileinfo/tests/cve-2014-3538-mb.phpt --- php8.2-8.2.26/ext/fileinfo/tests/cve-2014-3538-mb.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/fileinfo/tests/cve-2014-3538-mb.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -32,7 +32,7 @@ Done --CLEAN-- --EXPECTF-- string(%d) "%s" diff -Nru php8.2-8.2.26/ext/fileinfo/tests/cve-2014-3538-nojit.phpt php8.2-8.2.28/ext/fileinfo/tests/cve-2014-3538-nojit.phpt --- php8.2-8.2.26/ext/fileinfo/tests/cve-2014-3538-nojit.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/fileinfo/tests/cve-2014-3538-nojit.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -13,7 +13,7 @@ pcre.jit=0 --FILE-- --EXPECTF-- string(%d) "%s" diff -Nru php8.2-8.2.26/ext/filter/logical_filters.c php8.2-8.2.28/ext/filter/logical_filters.c --- php8.2-8.2.26/ext/filter/logical_filters.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/filter/logical_filters.c 2025-03-11 17:58:12.000000000 +0000 @@ -925,13 +925,13 @@ if (flags & FILTER_FLAG_GLOBAL_RANGE) { if ( - (ip[0] == 100 && ip[1] >= 64 && ip[1] <= 127 ) || - (ip[0] == 192 && ip[1] == 0 && ip[2] == 0 ) || - (ip[0] == 192 && ip[1] == 0 && ip[2] == 2 ) || - (ip[0] == 198 && ip[1] >= 18 && ip[1] <= 19 ) || - (ip[0] == 198 && ip[1] == 51 && ip[2] == 100 ) || - (ip[0] == 203 && ip[1] == 0 && ip[2] == 113 ) - ) { + (ip[0] == 100 && ip[1] >= 64 && ip[1] <= 127 ) || + (ip[0] == 192 && ip[1] == 0 && ip[2] == 0 ) || + (ip[0] == 192 && ip[1] == 0 && ip[2] == 2 ) || + (ip[0] == 198 && ip[1] >= 18 && ip[1] <= 19 ) || + (ip[0] == 198 && ip[1] == 51 && ip[2] == 100 ) || + (ip[0] == 203 && ip[1] == 0 && ip[2] == 113 ) + ) { RETURN_VALIDATION_FAILED } } @@ -952,23 +952,24 @@ } } if (flags & FILTER_FLAG_NO_RES_RANGE || flags & FILTER_FLAG_GLOBAL_RANGE) { - if ((ip[0] == 0 && ip[1] == 0 && ip[2] == 0 && ip[3] == 0 - && ip[4] == 0 && ip[5] == 0 && ip[6] == 0 && (ip[7] == 0 || ip[7] == 1)) - || (ip[0] == 0x5f) - || (ip[0] >= 0xfe80 && ip[0] <= 0xfebf) - || (ip[0] == 0x2001 && (ip[1] == 0x0db8 || (ip[1] >= 0x0010 && ip[1] <= 0x001f))) - || (ip[0] == 0x3ff3) - ) { - RETURN_VALIDATION_FAILED - } + if ( + (ip[0] == 0 && ip[1] == 0 && ip[2] == 0 && ip[3] == 0 && ip[4] == 0 && ip[5] == 0 && ip[6] == 0 && (ip[7] == 0 || ip[7] == 1)) || + (ip[0] == 0x5f) || + (ip[0] >= 0xfe80 && ip[0] <= 0xfebf) || + (ip[0] == 0x2001 && (ip[1] == 0x0db8 || (ip[1] >= 0x0010 && ip[1] <= 0x001f))) || + (ip[0] == 0x3ff3) + ) { + RETURN_VALIDATION_FAILED + } } if (flags & FILTER_FLAG_GLOBAL_RANGE) { - if ((ip[0] == 0 && ip[1] == 0 && ip[2] == 0 && ip[3] == 0 && ip[4] == 0 && ip[5] == 0xffff) || - (ip[0] == 0x0100 && ip[1] == 0 && ip[2] == 0 && ip[3] == 0) || - (ip[0] == 0x2001 && ip[1] <= 0x01ff) || - (ip[0] == 0x2001 && ip[1] == 0x0002 && ip[2] == 0) || - (ip[0] >= 0xfc00 && ip[0] <= 0xfdff) - ) { + if ( + (ip[0] == 0 && ip[1] == 0 && ip[2] == 0 && ip[3] == 0 && ip[4] == 0 && ip[5] == 0xffff) || + (ip[0] == 0x0100 && ip[1] == 0 && ip[2] == 0 && ip[3] == 0) || + (ip[0] == 0x2001 && ip[1] <= 0x01ff) || + (ip[0] == 0x2001 && ip[1] == 0x0002 && ip[2] == 0) || + (ip[0] >= 0xfc00 && ip[0] <= 0xfdff) + ) { RETURN_VALIDATION_FAILED } } diff -Nru php8.2-8.2.26/ext/gd/gd.c php8.2-8.2.28/ext/gd/gd.c --- php8.2-8.2.26/ext/gd/gd.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/gd/gd.c 2025-03-11 17:58:12.000000000 +0000 @@ -1323,7 +1323,7 @@ do { i = (ctx->getC)(ctx); - if (i < 0) { + if (i < 0 || mbi > (INT_MAX >> 7)) { return -1; } mbi = (mbi << 7) | (i & 0x7f); diff -Nru php8.2-8.2.26/ext/gd/tests/gh16771.phpt php8.2-8.2.28/ext/gd/tests/gh16771.phpt --- php8.2-8.2.26/ext/gd/tests/gh16771.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/gd/tests/gh16771.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,10 @@ +--TEST-- +GH-16771 (UBSan abort in ext/gd/libgd/gd.c:1372) +--EXTENSIONS-- +gd +--FILE-- += 0) { INIT_GMP_RETVAL(gmpnum_result); - if ((log(Z_LVAL_P(base_arg)) * exp) > powmax) { - zend_value_error("base and exponent overflow"); - RETURN_THROWS(); - } mpz_ui_pow_ui(gmpnum_result, Z_LVAL_P(base_arg), exp); } else { mpz_ptr gmpnum_base; - zend_ulong gmpnum; FETCH_GMP_ZVAL(gmpnum_base, base_arg, temp_base, 1); INIT_GMP_RETVAL(gmpnum_result); - gmpnum = mpz_get_ui(gmpnum_base); - if ((log(gmpnum) * exp) > powmax) { - FREE_GMP_TEMP(temp_base); - zend_value_error("base and exponent overflow"); - RETURN_THROWS(); - } mpz_pow_ui(gmpnum_result, gmpnum_base, exp); FREE_GMP_TEMP(temp_base); } diff -Nru php8.2-8.2.26/ext/gmp/tests/gmp_pow.phpt php8.2-8.2.28/ext/gmp/tests/gmp_pow.phpt --- php8.2-8.2.26/ext/gmp/tests/gmp_pow.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/gmp/tests/gmp_pow.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -2,8 +2,6 @@ gmp_pow() basic tests --EXTENSIONS-- gmp ---SKIPIF-- - --FILE-- ---FILE-- -getMessage() . "\n"; -} -var_dump(gmp_strval(gmp_pow("-2",10))); -try { - gmp_pow(20,10); -} catch (ValueError $exception) { - echo $exception->getMessage() . "\n"; -} -try { - gmp_pow(50,10); -} catch (ValueError $exception) { - echo $exception->getMessage() . "\n"; -} -try { - gmp_pow(50,-5); -} catch (ValueError $exception) { - echo $exception->getMessage() . "\n"; -} -try { - $n = gmp_init("20"); - gmp_pow($n,10); -} catch (ValueError $exception) { - echo $exception->getMessage() . "\n"; -} -try { - $n = gmp_init("-20"); - gmp_pow($n,10); -} catch (ValueError $exception) { - echo $exception->getMessage() . "\n"; -} -try { - var_dump(gmp_pow(2,array())); -} catch (TypeError $e) { - echo $e->getMessage(), "\n"; -} - -try { - var_dump(gmp_pow(array(),10)); -} catch (\TypeError $e) { - echo $e->getMessage() . \PHP_EOL; -} - -echo "Done\n"; -?> ---EXPECT-- -string(4) "1024" -string(4) "1024" -string(5) "-2048" -string(4) "1024" -string(1) "1" -gmp_pow(): Argument #2 ($exponent) must be greater than or equal to 0 -string(4) "1024" -base and exponent overflow -base and exponent overflow -gmp_pow(): Argument #2 ($exponent) must be greater than or equal to 0 -base and exponent overflow -base and exponent overflow -gmp_pow(): Argument #2 ($exponent) must be of type int, array given -gmp_pow(): Argument #1 ($num) must be of type GMP|string|int, array given -Done diff -Nru php8.2-8.2.26/ext/gmp/tests/gmp_pow_fpe.phpt php8.2-8.2.28/ext/gmp/tests/gmp_pow_fpe.phpt --- php8.2-8.2.26/ext/gmp/tests/gmp_pow_fpe.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/gmp/tests/gmp_pow_fpe.phpt 1970-01-01 00:00:00.000000000 +0000 @@ -1,35 +0,0 @@ ---TEST-- -gmp_pow() floating point exception ---EXTENSIONS-- -gmp ---FILE-- -getMessage() . PHP_EOL; -} -try { - gmp_pow(256, PHP_INT_MAX); -} catch (\ValueError $e) { - echo $e->getMessage() . PHP_EOL; -} - -try { - gmp_pow(gmp_add(gmp_mul(gmp_init(PHP_INT_MAX), gmp_init(PHP_INT_MAX)), 3), 256); -} catch (\ValueError $e) { - echo $e->getMessage() . PHP_EOL; -} -try { - gmp_pow(gmp_init(PHP_INT_MAX), 256); -} catch (\ValueError $e) { - echo $e->getMessage(); -} -?> ---EXPECTF-- -base and exponent overflow -base and exponent overflow -base and exponent overflow -base and exponent overflow diff -Nru php8.2-8.2.26/ext/hash/hash.c php8.2-8.2.28/ext/hash/hash.c --- php8.2-8.2.26/ext/hash/hash.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/hash/hash.c 2025-03-11 17:58:12.000000000 +0000 @@ -1213,7 +1213,11 @@ struct mhash_bc_entry algorithm_lookup = mhash_to_hash[algorithm]; if (algorithm_lookup.hash_name) { algo = zend_string_init(algorithm_lookup.hash_name, strlen(algorithm_lookup.hash_name), 0); + } else { + RETURN_FALSE; } + } else { + RETURN_FALSE; } if (key) { diff -Nru php8.2-8.2.26/ext/hash/tests/gh16711_1.phpt php8.2-8.2.28/ext/hash/tests/gh16711_1.phpt --- php8.2-8.2.26/ext/hash/tests/gh16711_1.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/hash/tests/gh16711_1.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,98 @@ +--TEST-- +GH-16711: Segmentation fault in mhash() +--SKIPIF-- + +--FILE-- +getConstants()); + +var_dump(mhash(133, 1086849124, 133)); +?> +--EXPECTF-- +array(40) { + ["HASH_HMAC"]=> + int(1) + ["MHASH_CRC32"]=> + int(0) + ["MHASH_MD5"]=> + int(1) + ["MHASH_SHA1"]=> + int(2) + ["MHASH_HAVAL256"]=> + int(3) + ["MHASH_RIPEMD160"]=> + int(5) + ["MHASH_TIGER"]=> + int(7) + ["MHASH_GOST"]=> + int(8) + ["MHASH_CRC32B"]=> + int(9) + ["MHASH_HAVAL224"]=> + int(10) + ["MHASH_HAVAL192"]=> + int(11) + ["MHASH_HAVAL160"]=> + int(12) + ["MHASH_HAVAL128"]=> + int(13) + ["MHASH_TIGER128"]=> + int(14) + ["MHASH_TIGER160"]=> + int(15) + ["MHASH_MD4"]=> + int(16) + ["MHASH_SHA256"]=> + int(17) + ["MHASH_ADLER32"]=> + int(18) + ["MHASH_SHA224"]=> + int(19) + ["MHASH_SHA512"]=> + int(20) + ["MHASH_SHA384"]=> + int(21) + ["MHASH_WHIRLPOOL"]=> + int(22) + ["MHASH_RIPEMD128"]=> + int(23) + ["MHASH_RIPEMD256"]=> + int(24) + ["MHASH_RIPEMD320"]=> + int(25) + ["MHASH_SNEFRU256"]=> + int(27) + ["MHASH_MD2"]=> + int(28) + ["MHASH_FNV132"]=> + int(29) + ["MHASH_FNV1A32"]=> + int(30) + ["MHASH_FNV164"]=> + int(31) + ["MHASH_FNV1A64"]=> + int(32) + ["MHASH_JOAAT"]=> + int(33) + ["MHASH_CRC32C"]=> + int(34) + ["MHASH_MURMUR3A"]=> + int(35) + ["MHASH_MURMUR3C"]=> + int(36) + ["MHASH_MURMUR3F"]=> + int(37) + ["MHASH_XXH32"]=> + int(38) + ["MHASH_XXH64"]=> + int(39) + ["MHASH_XXH3"]=> + int(40) + ["MHASH_XXH128"]=> + int(41) +} + +Deprecated: Function mhash() is deprecated in %s on line %d +bool(false) diff -Nru php8.2-8.2.26/ext/hash/tests/gh16711_2.phpt php8.2-8.2.28/ext/hash/tests/gh16711_2.phpt --- php8.2-8.2.26/ext/hash/tests/gh16711_2.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/hash/tests/gh16711_2.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,98 @@ +--TEST-- +GH-16711: Segmentation fault in mhash() +--SKIPIF-- + +--FILE-- +getConstants()); + +var_dump(mhash(4, 1086849124, 133)); +?> +--EXPECTF-- +array(40) { + ["HASH_HMAC"]=> + int(1) + ["MHASH_CRC32"]=> + int(0) + ["MHASH_MD5"]=> + int(1) + ["MHASH_SHA1"]=> + int(2) + ["MHASH_HAVAL256"]=> + int(3) + ["MHASH_RIPEMD160"]=> + int(5) + ["MHASH_TIGER"]=> + int(7) + ["MHASH_GOST"]=> + int(8) + ["MHASH_CRC32B"]=> + int(9) + ["MHASH_HAVAL224"]=> + int(10) + ["MHASH_HAVAL192"]=> + int(11) + ["MHASH_HAVAL160"]=> + int(12) + ["MHASH_HAVAL128"]=> + int(13) + ["MHASH_TIGER128"]=> + int(14) + ["MHASH_TIGER160"]=> + int(15) + ["MHASH_MD4"]=> + int(16) + ["MHASH_SHA256"]=> + int(17) + ["MHASH_ADLER32"]=> + int(18) + ["MHASH_SHA224"]=> + int(19) + ["MHASH_SHA512"]=> + int(20) + ["MHASH_SHA384"]=> + int(21) + ["MHASH_WHIRLPOOL"]=> + int(22) + ["MHASH_RIPEMD128"]=> + int(23) + ["MHASH_RIPEMD256"]=> + int(24) + ["MHASH_RIPEMD320"]=> + int(25) + ["MHASH_SNEFRU256"]=> + int(27) + ["MHASH_MD2"]=> + int(28) + ["MHASH_FNV132"]=> + int(29) + ["MHASH_FNV1A32"]=> + int(30) + ["MHASH_FNV164"]=> + int(31) + ["MHASH_FNV1A64"]=> + int(32) + ["MHASH_JOAAT"]=> + int(33) + ["MHASH_CRC32C"]=> + int(34) + ["MHASH_MURMUR3A"]=> + int(35) + ["MHASH_MURMUR3C"]=> + int(36) + ["MHASH_MURMUR3F"]=> + int(37) + ["MHASH_XXH32"]=> + int(38) + ["MHASH_XXH64"]=> + int(39) + ["MHASH_XXH3"]=> + int(40) + ["MHASH_XXH128"]=> + int(41) +} + +Deprecated: Function mhash() is deprecated in %s on line %d +bool(false) diff -Nru php8.2-8.2.26/ext/imap/php_imap.c php8.2-8.2.28/ext/imap/php_imap.c --- php8.2-8.2.26/ext/imap/php_imap.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/imap/php_imap.c 2025-03-11 17:58:12.000000000 +0000 @@ -525,11 +525,9 @@ } /* }}} */ -/* {{{ PHP_RSHUTDOWN_FUNCTION */ -PHP_RSHUTDOWN_FUNCTION(imap) +static void free_errorlist(void) { ERRORLIST *ecur = NIL; - STRINGLIST *acur = NIL; if (IMAPG(imap_errorstack) != NIL) { /* output any remaining errors at their original error level */ @@ -545,6 +543,11 @@ mail_free_errorlist(&IMAPG(imap_errorstack)); IMAPG(imap_errorstack) = NIL; } +} + +static void free_stringlist(void) +{ + STRINGLIST *acur = NIL; if (IMAPG(imap_alertstack) != NIL) { /* output any remaining alerts at E_NOTICE level */ @@ -560,6 +563,13 @@ mail_free_stringlist(&IMAPG(imap_alertstack)); IMAPG(imap_alertstack) = NIL; } +} + +/* {{{ PHP_RSHUTDOWN_FUNCTION */ +PHP_RSHUTDOWN_FUNCTION(imap) +{ + free_errorlist(); + free_stringlist(); return SUCCESS; } /* }}} */ diff -Nru php8.2-8.2.26/ext/imap/php_imap.h php8.2-8.2.28/ext/imap/php_imap.h --- php8.2-8.2.26/ext/imap/php_imap.h 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/imap/php_imap.h 2025-03-11 17:58:12.000000000 +0000 @@ -47,7 +47,9 @@ # endif /* these are used for quota support */ + ZEND_DIAGNOSTIC_IGNORED_START("-Wstrict-prototypes") # include "c-client.h" /* includes mail.h and rfc822.h */ + ZEND_DIAGNOSTIC_IGNORED_END # include "imap4r1.h" /* location of c-client quota functions */ #else # include "mail.h" diff -Nru php8.2-8.2.26/ext/intl/tests/timezone_IDforWindowsID_basic2.phpt php8.2-8.2.28/ext/intl/tests/timezone_IDforWindowsID_basic2.phpt --- php8.2-8.2.26/ext/intl/tests/timezone_IDforWindowsID_basic2.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/intl/tests/timezone_IDforWindowsID_basic2.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -25,7 +25,7 @@ } } ?> ---EXPECT-- +--EXPECTF-- ** Gnomeregan bool(false) Error: intltz_get_windows_id: Unknown windows timezone: U_ILLEGAL_ARGUMENT_ERROR @@ -36,7 +36,7 @@ string(17) "America/Vancouver" string(19) "America/Los_Angeles" string(19) "America/Los_Angeles" -string(7) "PST8PDT" +string(%d) "%r(PST8PDT|America\/Los_Angeles)%r" ** Romance Standard Time string(12) "Europe/Paris" string(15) "Europe/Brussels" diff -Nru php8.2-8.2.26/ext/ldap/tests/ldap_set_rebind_proc_basic.phpt php8.2-8.2.28/ext/ldap/tests/ldap_set_rebind_proc_basic.phpt --- php8.2-8.2.26/ext/ldap/tests/ldap_set_rebind_proc_basic.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/ldap/tests/ldap_set_rebind_proc_basic.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -6,7 +6,10 @@ --EXTENSIONS-- ldap --SKIPIF-- - + --FILE-- + --FILE-- wrapperdata) == IS_ARRAY) { zval *header; - ZEND_HASH_FOREACH_VAL_IND(Z_ARRVAL(s->wrapperdata), header) { + /* Scan backwards: The header array might contain the headers for multiple responses, if + * a redirect was followed. + */ + ZEND_HASH_REVERSE_FOREACH_VAL_IND(Z_ARRVAL(s->wrapperdata), header) { const char buf[] = "Content-Type:"; - if (Z_TYPE_P(header) == IS_STRING && - !zend_binary_strncasecmp(Z_STRVAL_P(header), Z_STRLEN_P(header), buf, sizeof(buf)-1, sizeof(buf)-1)) { - char needle[] = "charset="; - char *haystack = estrndup(Z_STRVAL_P(header), Z_STRLEN_P(header)); - char *encoding = php_stristr(haystack, needle, Z_STRLEN_P(header), strlen(needle)); + if (Z_TYPE_P(header) == IS_STRING) { + /* If no colon is found in the header, we assume it's the HTTP status line and bail out. */ + char *colon = memchr(Z_STRVAL_P(header), ':', Z_STRLEN_P(header)); + char *space = memchr(Z_STRVAL_P(header), ' ', Z_STRLEN_P(header)); + if (colon == NULL || space < colon) { + break; + } - if (encoding) { - char *end; + if (!zend_binary_strncasecmp(Z_STRVAL_P(header), Z_STRLEN_P(header), buf, sizeof(buf)-1, sizeof(buf)-1)) { + char needle[] = "charset="; + char *haystack = estrndup(Z_STRVAL_P(header), Z_STRLEN_P(header)); + char *encoding = php_stristr(haystack, needle, Z_STRLEN_P(header), sizeof("charset=")-1); - encoding += sizeof("charset=")-1; - if (*encoding == '"') { - encoding++; - } - end = strchr(encoding, ';'); - if (end == NULL) { - end = encoding + strlen(encoding); - } - end--; /* end == encoding-1 isn't a buffer underrun */ - while (*end == ' ' || *end == '\t') { - end--; - } - if (*end == '"') { - end--; - } - if (encoding >= end) continue; - *(end+1) = '\0'; - enc = xmlParseCharEncoding(encoding); - if (enc <= XML_CHAR_ENCODING_NONE) { - enc = XML_CHAR_ENCODING_NONE; + if (encoding) { + char *end; + + encoding += sizeof("charset=")-1; + if (*encoding == '"') { + encoding++; + } + end = strchr(encoding, ';'); + if (end == NULL) { + end = encoding + strlen(encoding); + } + end--; /* end == encoding-1 isn't a buffer underrun */ + while (*end == ' ' || *end == '\t') { + end--; + } + if (*end == '"') { + end--; + } + if (encoding >= end) continue; + *(end+1) = '\0'; + enc = xmlParseCharEncoding(encoding); + if (enc <= XML_CHAR_ENCODING_NONE) { + enc = XML_CHAR_ENCODING_NONE; + } } + efree(haystack); + break; /* found content-type */ } - efree(haystack); - break; /* found content-type */ } } ZEND_HASH_FOREACH_END(); } diff -Nru php8.2-8.2.26/ext/mysqli/tests/063.phpt php8.2-8.2.28/ext/mysqli/tests/063.phpt --- php8.2-8.2.26/ext/mysqli/tests/063.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/mysqli/tests/063.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -29,6 +29,6 @@ $mysql->close(); ?> ---EXPECT-- +--EXPECTF-- string(3) "foo" -Unknown column 'invalid' in 'field list' +Unknown column 'invalid' in '%r(SELECT|field list)%r' diff -Nru php8.2-8.2.26/ext/mysqli/tests/bug71863.phpt php8.2-8.2.28/ext/mysqli/tests/bug71863.phpt --- php8.2-8.2.26/ext/mysqli/tests/bug71863.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/mysqli/tests/bug71863.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -30,4 +30,4 @@ mysqli_close($link); ?> --EXPECTF-- -%AUnknown column 'owner_id' in 'where clause' +%AUnknown column 'owner_id' in '%r(WHERE|where clause)%r' diff -Nru php8.2-8.2.26/ext/mysqli/tests/bug73462.phpt php8.2-8.2.28/ext/mysqli/tests/bug73462.phpt --- php8.2-8.2.26/ext/mysqli/tests/bug73462.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/mysqli/tests/bug73462.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -5,6 +5,13 @@ --SKIPIF-- --FILE-- conn, $bytes_len); if ($data) { fprintf(STDERR, "[*] Received: %s\n", bin2hex($data)); @@ -615,9 +615,11 @@ class my_mysqli_fake_server_process { + private int $port; + public function __construct(private $process, private array $pipes) {} - public function terminate(bool $wait = false) + public function terminate(bool $wait = false): void { if ($wait) { $this->wait(); @@ -625,9 +627,18 @@ proc_terminate($this->process); } - public function wait() + public function wait(): void { - echo fgets($this->pipes[1]); + $line = fgets($this->pipes[1]); + if (preg_match('/\[\*\] Server started on \d+\.\d+\.\d+\.\d+:(\d+)/', $line, $matches)) { + $this->port = (int)$matches[1]; + } + echo $line; + } + + public function getPort(): int + { + return $this->port ?? throw new RuntimeException("Port not set"); } } @@ -807,15 +818,20 @@ } } -function run_fake_server(string $test_function, $port = 33305): void +function run_fake_server(string $test_function, int|string $port = 0): int { - $address = '127.0.0.1'; + $host = '127.0.0.1'; - $socket = @stream_socket_server("tcp://$address:$port", $errno, $errstr); + $socket = @stream_socket_server("tcp://$host:$port", $errno, $errstr); if (!$socket) { die("Failed to create socket: $errstr ($errno)\n"); } - echo "[*] Server started\n"; + if (intval($port) === 0) { + $address = stream_socket_get_name($socket, false); + list($host, $port) = explode(":", $address); + } + + echo "[*] Server started on $host:$port\n"; try { $conn = new my_mysqli_fake_server_conn($socket); @@ -832,7 +848,7 @@ } -function run_fake_server_in_background($test_function, $port = 33305): my_mysqli_fake_server_process +function run_fake_server_in_background($test_function, $port = 0): my_mysqli_fake_server_process { $command = [PHP_BINARY, '-n', __FILE__, 'mysqli_fake_server', $test_function, $port]; @@ -852,5 +868,5 @@ } if (isset($argv) && $argc > 2 && $argv[1] == 'mysqli_fake_server') { - run_fake_server($argv[2], $argv[3] ?? '33305'); + run_fake_server($argv[2], $argv[3] ?? 0); } diff -Nru php8.2-8.2.26/ext/mysqli/tests/ghsa-h35g-vwh6-m678-auth-message.phpt php8.2-8.2.28/ext/mysqli/tests/ghsa-h35g-vwh6-m678-auth-message.phpt --- php8.2-8.2.26/ext/mysqli/tests/ghsa-h35g-vwh6-m678-auth-message.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/mysqli/tests/ghsa-h35g-vwh6-m678-auth-message.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -6,16 +6,15 @@ wait(); try { - $conn = new mysqli( $servername, $username, $password, "", $port ); + $conn = new mysqli( $servername, $username, $password, "", $process->getPort()); $info = mysqli_info($conn); var_dump($info); } catch (Exception $e) { @@ -27,12 +26,12 @@ print "done!"; ?> --EXPECTF-- -[*] Server started +[*] Server started on 127.0.0.1:%d [*] Connection established [*] Sending - Server Greeting: 580000000a352e352e352d31302e352e31382d4d6172696144420003000000473e3f6047257c6700fef7080200ff81150000000000000f0000006c6b55463f49335f686c6431006d7973716c5f6e61746976655f70617373776f7264 [*] Received: 6900000185a21a00000000c0080000000000000000000000000000000000000000000000726f6f7400006d7973716c5f6e61746976655f70617373776f7264002c0c5f636c69656e745f6e616d65076d7973716c6e640c5f7365727665725f686f7374093132372e302e302e31 [*] Sending - Malicious OK Auth Response [Extract heap through buffer over-read]: 0900000200000002000000fcff Warning: mysqli::__construct(): OK packet message length is past the packet size in %s on line %d -Unknown error while trying to connect via tcp://127.0.0.1:50001 +Unknown error while trying to connect via tcp://127.0.0.1:%d done! diff -Nru php8.2-8.2.26/ext/mysqli/tests/ghsa-h35g-vwh6-m678-def.phpt php8.2-8.2.28/ext/mysqli/tests/ghsa-h35g-vwh6-m678-def.phpt --- php8.2-8.2.26/ext/mysqli/tests/ghsa-h35g-vwh6-m678-def.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/mysqli/tests/ghsa-h35g-vwh6-m678-def.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -6,16 +6,14 @@ wait(); -$conn = new mysqli($servername, $username, $password, "", $port); +$conn = new mysqli($servername, $username, $password, "", $process->getPort()); echo "[*] Running query on the fake server...\n"; @@ -34,7 +32,7 @@ print "done!"; ?> --EXPECTF-- -[*] Server started +[*] Server started on 127.0.0.1:%d [*] Connection established [*] Sending - Server Greeting: 580000000a352e352e352d31302e352e31382d4d6172696144420003000000473e3f6047257c6700fef7080200ff81150000000000000f0000006c6b55463f49335f686c6431006d7973716c5f6e61746976655f70617373776f7264 [*] Received: 6900000185a21a00000000c0080000000000000000000000000000000000000000000000726f6f7400006d7973716c5f6e61746976655f70617373776f7264002c0c5f636c69656e745f6e616d65076d7973716c6e640c5f7365727665725f686f7374093132372e302e302e31 diff -Nru php8.2-8.2.26/ext/mysqli/tests/ghsa-h35g-vwh6-m678-filename.phpt php8.2-8.2.28/ext/mysqli/tests/ghsa-h35g-vwh6-m678-filename.phpt --- php8.2-8.2.26/ext/mysqli/tests/ghsa-h35g-vwh6-m678-filename.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/mysqli/tests/ghsa-h35g-vwh6-m678-filename.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -6,15 +6,14 @@ wait(); -$conn = new mysqli($servername, $username, $password, "", $port); +$conn = new mysqli($servername, $username, $password, "", $process->getPort()); echo "[*] Running query on the fake server...\n"; $result = $conn->query("SELECT * from users"); @@ -27,7 +26,7 @@ print "done!"; ?> --EXPECTF-- -[*] Server started +[*] Server started on 127.0.0.1:%d [*] Connection established [*] Sending - Server Greeting: 580000000a352e352e352d31302e352e31382d4d6172696144420003000000473e3f6047257c6700fef7080200ff81150000000000000f0000006c6b55463f49335f686c6431006d7973716c5f6e61746976655f70617373776f7264 [*] Received: 6900000185a21a00000000c0080000000000000000000000000000000000000000000000726f6f7400006d7973716c5f6e61746976655f70617373776f7264002c0c5f636c69656e745f6e616d65076d7973716c6e640c5f7365727665725f686f7374093132372e302e302e31 diff -Nru php8.2-8.2.26/ext/mysqli/tests/ghsa-h35g-vwh6-m678-query-len-overflow.phpt php8.2-8.2.28/ext/mysqli/tests/ghsa-h35g-vwh6-m678-query-len-overflow.phpt --- php8.2-8.2.26/ext/mysqli/tests/ghsa-h35g-vwh6-m678-query-len-overflow.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/mysqli/tests/ghsa-h35g-vwh6-m678-query-len-overflow.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -6,15 +6,14 @@ wait(); -$conn = new mysqli($servername, $username, $password, "", $port); +$conn = new mysqli($servername, $username, $password, "", $process->getPort()); echo "[*] Query the fake server...\n"; $sql = "SELECT strval, strval FROM data"; @@ -33,7 +32,7 @@ print "done!"; ?> --EXPECTF-- -[*] Server started +[*] Server started on 127.0.0.1:%d [*] Connection established [*] Sending - Server Greeting: 580000000a352e352e352d31302e352e31382d4d6172696144420003000000473e3f6047257c6700fef7080200ff81150000000000000f0000006c6b55463f49335f686c6431006d7973716c5f6e61746976655f70617373776f7264 [*] Received: 6900000185a21a00000000c0080000000000000000000000000000000000000000000000726f6f7400006d7973716c5f6e61746976655f70617373776f7264002c0c5f636c69656e745f6e616d65076d7973716c6e640c5f7365727665725f686f7374093132372e302e302e31 diff -Nru php8.2-8.2.26/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-bit.phpt php8.2-8.2.28/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-bit.phpt --- php8.2-8.2.26/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-bit.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-bit.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -6,15 +6,14 @@ wait(); -$conn = new mysqli($servername, $username, $password, "", $port); +$conn = new mysqli($servername, $username, $password, "", $process->getPort()); echo "[*] Preparing statement on the fake server...\n"; $stmt = $conn->prepare("SELECT bitval, timval FROM data"); @@ -36,7 +35,7 @@ print "done!"; ?> --EXPECTF-- -[*] Server started +[*] Server started on 127.0.0.1:%d [*] Connection established [*] Sending - Server Greeting: 580000000a352e352e352d31302e352e31382d4d6172696144420003000000473e3f6047257c6700fef7080200ff81150000000000000f0000006c6b55463f49335f686c6431006d7973716c5f6e61746976655f70617373776f7264 [*] Received: 6900000185a21a00000000c0080000000000000000000000000000000000000000000000726f6f7400006d7973716c5f6e61746976655f70617373776f7264002c0c5f636c69656e745f6e616d65076d7973716c6e640c5f7365727665725f686f7374093132372e302e302e31 diff -Nru php8.2-8.2.26/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-date.phpt php8.2-8.2.28/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-date.phpt --- php8.2-8.2.26/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-date.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-date.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -6,15 +6,14 @@ wait(); -$conn = new mysqli($servername, $username, $password, "", $port); +$conn = new mysqli($servername, $username, $password, "", $process->getPort()); echo "[*] Preparing statement on the fake server...\n"; $stmt = $conn->prepare("SELECT strval, datval FROM data"); @@ -36,7 +35,7 @@ print "done!"; ?> --EXPECTF-- -[*] Server started +[*] Server started on 127.0.0.1:%d [*] Connection established [*] Sending - Server Greeting: 580000000a352e352e352d31302e352e31382d4d6172696144420003000000473e3f6047257c6700fef7080200ff81150000000000000f0000006c6b55463f49335f686c6431006d7973716c5f6e61746976655f70617373776f7264 [*] Received: 6900000185a21a00000000c0080000000000000000000000000000000000000000000000726f6f7400006d7973716c5f6e61746976655f70617373776f7264002c0c5f636c69656e745f6e616d65076d7973716c6e640c5f7365727665725f686f7374093132372e302e302e31 diff -Nru php8.2-8.2.26/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-datetime.phpt php8.2-8.2.28/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-datetime.phpt --- php8.2-8.2.26/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-datetime.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-datetime.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -6,15 +6,14 @@ wait(); -$conn = new mysqli($servername, $username, $password, "", $port); +$conn = new mysqli($servername, $username, $password, "", $process->getPort()); echo "[*] Preparing statement on the fake server...\n"; $stmt = $conn->prepare("SELECT strval, dtival FROM data"); @@ -36,7 +35,7 @@ print "done!"; ?> --EXPECTF-- -[*] Server started +[*] Server started on 127.0.0.1:%d [*] Connection established [*] Sending - Server Greeting: 580000000a352e352e352d31302e352e31382d4d6172696144420003000000473e3f6047257c6700fef7080200ff81150000000000000f0000006c6b55463f49335f686c6431006d7973716c5f6e61746976655f70617373776f7264 [*] Received: 6900000185a21a00000000c0080000000000000000000000000000000000000000000000726f6f7400006d7973716c5f6e61746976655f70617373776f7264002c0c5f636c69656e745f6e616d65076d7973716c6e640c5f7365727665725f686f7374093132372e302e302e31 diff -Nru php8.2-8.2.26/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-double.phpt php8.2-8.2.28/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-double.phpt --- php8.2-8.2.26/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-double.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-double.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -6,15 +6,14 @@ wait(); -$conn = new mysqli($servername, $username, $password, "", $port); +$conn = new mysqli($servername, $username, $password, "", $process->getPort()); echo "[*] Preparing statement on the fake server...\n"; $stmt = $conn->prepare("SELECT strval, dblval FROM data"); @@ -36,7 +35,7 @@ print "done!"; ?> --EXPECTF-- -[*] Server started +[*] Server started on 127.0.0.1:%d [*] Connection established [*] Sending - Server Greeting: 580000000a352e352e352d31302e352e31382d4d6172696144420003000000473e3f6047257c6700fef7080200ff81150000000000000f0000006c6b55463f49335f686c6431006d7973716c5f6e61746976655f70617373776f7264 [*] Received: 6900000185a21a00000000c0080000000000000000000000000000000000000000000000726f6f7400006d7973716c5f6e61746976655f70617373776f7264002c0c5f636c69656e745f6e616d65076d7973716c6e640c5f7365727665725f686f7374093132372e302e302e31 diff -Nru php8.2-8.2.26/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-float.phpt php8.2-8.2.28/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-float.phpt --- php8.2-8.2.26/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-float.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-float.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -6,15 +6,14 @@ wait(); -$conn = new mysqli($servername, $username, $password, "", $port); +$conn = new mysqli($servername, $username, $password, "", $process->getPort()); echo "[*] Preparing statement on the fake server...\n"; $stmt = $conn->prepare("SELECT strval, fltval FROM data"); @@ -36,7 +35,7 @@ print "done!"; ?> --EXPECTF-- -[*] Server started +[*] Server started on 127.0.0.1:%d [*] Connection established [*] Sending - Server Greeting: 580000000a352e352e352d31302e352e31382d4d6172696144420003000000473e3f6047257c6700fef7080200ff81150000000000000f0000006c6b55463f49335f686c6431006d7973716c5f6e61746976655f70617373776f7264 [*] Received: 6900000185a21a00000000c0080000000000000000000000000000000000000000000000726f6f7400006d7973716c5f6e61746976655f70617373776f7264002c0c5f636c69656e745f6e616d65076d7973716c6e640c5f7365727665725f686f7374093132372e302e302e31 diff -Nru php8.2-8.2.26/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-int.phpt php8.2-8.2.28/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-int.phpt --- php8.2-8.2.26/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-int.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-int.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -6,15 +6,14 @@ wait(); -$conn = new mysqli($servername, $username, $password, "", $port); +$conn = new mysqli($servername, $username, $password, "", $process->getPort()); echo "[*] Preparing statement on the fake server...\n"; $stmt = $conn->prepare("SELECT strval, intval FROM data"); @@ -36,7 +35,7 @@ print "done!"; ?> --EXPECTF-- -[*] Server started +[*] Server started on 127.0.0.1:%d [*] Connection established [*] Sending - Server Greeting: 580000000a352e352e352d31302e352e31382d4d6172696144420003000000473e3f6047257c6700fef7080200ff81150000000000000f0000006c6b55463f49335f686c6431006d7973716c5f6e61746976655f70617373776f7264 [*] Received: 6900000185a21a00000000c0080000000000000000000000000000000000000000000000726f6f7400006d7973716c5f6e61746976655f70617373776f7264002c0c5f636c69656e745f6e616d65076d7973716c6e640c5f7365727665725f686f7374093132372e302e302e31 diff -Nru php8.2-8.2.26/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-no-space.phpt php8.2-8.2.28/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-no-space.phpt --- php8.2-8.2.26/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-no-space.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-no-space.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -6,15 +6,14 @@ wait(); -$conn = new mysqli($servername, $username, $password, "", $port); +$conn = new mysqli($servername, $username, $password, "", $process->getPort()); echo "[*] Preparing statement on the fake server...\n"; $stmt = $conn->prepare("SELECT strval, strval FROM data"); @@ -36,7 +35,7 @@ print "done!"; ?> --EXPECTF-- -[*] Server started +[*] Server started on 127.0.0.1:%d [*] Connection established [*] Sending - Server Greeting: 580000000a352e352e352d31302e352e31382d4d6172696144420003000000473e3f6047257c6700fef7080200ff81150000000000000f0000006c6b55463f49335f686c6431006d7973716c5f6e61746976655f70617373776f7264 [*] Received: 6900000185a21a00000000c0080000000000000000000000000000000000000000000000726f6f7400006d7973716c5f6e61746976655f70617373776f7264002c0c5f636c69656e745f6e616d65076d7973716c6e640c5f7365727665725f686f7374093132372e302e302e31 diff -Nru php8.2-8.2.26/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-string.phpt php8.2-8.2.28/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-string.phpt --- php8.2-8.2.26/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-string.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-string.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -6,15 +6,14 @@ wait(); -$conn = new mysqli($servername, $username, $password, "", $port); +$conn = new mysqli($servername, $username, $password, "", $process->getPort()); echo "[*] Preparing statement on the fake server...\n"; $stmt = $conn->prepare("SELECT item FROM items"); @@ -36,7 +35,7 @@ print "done!"; ?> --EXPECTF-- -[*] Server started +[*] Server started on 127.0.0.1:%d [*] Connection established [*] Sending - Server Greeting: 580000000a352e352e352d31302e352e31382d4d6172696144420003000000473e3f6047257c6700fef7080200ff81150000000000000f0000006c6b55463f49335f686c6431006d7973716c5f6e61746976655f70617373776f7264 [*] Received: 6900000185a21a00000000c0080000000000000000000000000000000000000000000000726f6f7400006d7973716c5f6e61746976655f70617373776f7264002c0c5f636c69656e745f6e616d65076d7973716c6e640c5f7365727665725f686f7374093132372e302e302e31 @@ -48,6 +47,6 @@ [*] Sending - Malicious Stmt Response for items [Extract heap through buffer over-read]: 01000001013000000203646566087068705f74657374056974656d73056974656d73046974656d046974656d0ce000c8000000fd011000000005000003fe00002200070000040000fa7465737405000005fe00002200 Warning: mysqli_result::fetch_assoc(): Malformed server packet. Field length pointing after the end of packet in %s on line %d -[*] Received: 0500000019010000000100000001 +[*] Received: 05000000190100000%d [*] Server finished done! diff -Nru php8.2-8.2.26/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-time.phpt php8.2-8.2.28/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-time.phpt --- php8.2-8.2.26/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-time.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/mysqli/tests/ghsa-h35g-vwh6-m678-stmt-row-time.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -6,15 +6,14 @@ wait(); -$conn = new mysqli($servername, $username, $password, "", $port); +$conn = new mysqli($servername, $username, $password, "", $process->getPort()); echo "[*] Preparing statement on the fake server...\n"; $stmt = $conn->prepare("SELECT strval, timval FROM data"); @@ -36,7 +35,7 @@ print "done!"; ?> --EXPECTF-- -[*] Server started +[*] Server started on 127.0.0.1:%d [*] Connection established [*] Sending - Server Greeting: 580000000a352e352e352d31302e352e31382d4d6172696144420003000000473e3f6047257c6700fef7080200ff81150000000000000f0000006c6b55463f49335f686c6431006d7973716c5f6e61746976655f70617373776f7264 [*] Received: 6900000185a21a00000000c0080000000000000000000000000000000000000000000000726f6f7400006d7973716c5f6e61746976655f70617373776f7264002c0c5f636c69656e745f6e616d65076d7973716c6e640c5f7365727665725f686f7374093132372e302e302e31 diff -Nru php8.2-8.2.26/ext/mysqli/tests/mysqli_stmt_datatype_change.phpt php8.2-8.2.28/ext/mysqli/tests/mysqli_stmt_datatype_change.phpt --- php8.2-8.2.26/ext/mysqli/tests/mysqli_stmt_datatype_change.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/mysqli/tests/mysqli_stmt_datatype_change.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -65,7 +65,7 @@ mysqli_close($link); ?> ---EXPECT-- +--EXPECTF-- bool(true) bool(true) ---- Row 1 @@ -80,7 +80,7 @@ ALTER bool(true) bool(false) -string(34) "Unknown column 'a' in 'field list'" +string(%d) "Unknown column 'a' in '%r(SELECT|field list)%r'" ---- Row 1 bool(false) int(2) diff -Nru php8.2-8.2.26/ext/mysqli/tests/protocol_query_row_fetch_data.phpt php8.2-8.2.28/ext/mysqli/tests/protocol_query_row_fetch_data.phpt --- php8.2-8.2.26/ext/mysqli/tests/protocol_query_row_fetch_data.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/mysqli/tests/protocol_query_row_fetch_data.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -6,15 +6,14 @@ wait(); -$conn = new mysqli($servername, $username, $password, "", $port); +$conn = new mysqli($servername, $username, $password, "", $process->getPort()); function my_query($conn, $field) { @@ -39,8 +38,8 @@ print "done!"; ?> ---EXPECT-- -[*] Server started +--EXPECTF-- +[*] Server started on 127.0.0.1:%d [*] Connection established [*] Sending - Server Greeting: 580000000a352e352e352d31302e352e31382d4d6172696144420003000000473e3f6047257c6700fef7080200ff81150000000000000f0000006c6b55463f49335f686c6431006d7973716c5f6e61746976655f70617373776f7264 [*] Received: 6900000185a21a00000000c0080000000000000000000000000000000000000000000000726f6f7400006d7973716c5f6e61746976655f70617373776f7264002c0c5f636c69656e745f6e616d65076d7973716c6e640c5f7365727665725f686f7374093132372e302e302e31 diff -Nru php8.2-8.2.26/ext/mysqli/tests/protocol_stmt_row_fetch_data.phpt php8.2-8.2.28/ext/mysqli/tests/protocol_stmt_row_fetch_data.phpt --- php8.2-8.2.26/ext/mysqli/tests/protocol_stmt_row_fetch_data.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/mysqli/tests/protocol_stmt_row_fetch_data.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -6,15 +6,14 @@ wait(); -$conn = new mysqli($servername, $username, $password, "", $port); +$conn = new mysqli($servername, $username, $password, "", $process->getPort()); function my_query($conn, $field) { @@ -41,7 +40,7 @@ print "done!"; ?> --EXPECTF-- -[*] Server started +[*] Server started on 127.0.0.1:%d [*] Connection established [*] Sending - Server Greeting: 580000000a352e352e352d31302e352e31382d4d6172696144420003000000473e3f6047257c6700fef7080200ff81150000000000000f0000006c6b55463f49335f686c6431006d7973716c5f6e61746976655f70617373776f7264 [*] Received: 6900000185a21a00000000c0080000000000000000000000000000000000000000000000726f6f7400006d7973716c5f6e61746976655f70617373776f7264002c0c5f636c69656e745f6e616d65076d7973716c6e640c5f7365727665725f686f7374093132372e302e302e31 diff -Nru php8.2-8.2.26/ext/oci8/php_oci8_int.h php8.2-8.2.28/ext/oci8/php_oci8_int.h --- php8.2-8.2.26/ext/oci8/php_oci8_int.h 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/oci8/php_oci8_int.h 2025-03-11 17:58:12.000000000 +0000 @@ -53,7 +53,9 @@ /* }}} */ #include "ext/standard/php_string.h" +ZEND_DIAGNOSTIC_IGNORED_START("-Wstrict-prototypes") #include +ZEND_DIAGNOSTIC_IGNORED_END #if !defined(OCI_MAJOR_VERSION) || OCI_MAJOR_VERSION < 11 || ((OCI_MAJOR_VERSION == 11) && (OCI_MINOR_VERSION < 2)) #error This version of PHP OCI8 requires Oracle Client libraries from 11.2 or later. diff -Nru php8.2-8.2.26/ext/opcache/ZendAccelerator.c php8.2-8.2.28/ext/opcache/ZendAccelerator.c --- php8.2-8.2.26/ext/opcache/ZendAccelerator.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/opcache/ZendAccelerator.c 2025-03-11 17:58:12.000000000 +0000 @@ -3283,6 +3283,8 @@ if (JIT_G(buffer_size) != 0) { zend_accel_error(ACCEL_LOG_WARNING, "Could not enable JIT!"); } + } else { + zend_jit_startup_ok = true; } } #endif diff -Nru php8.2-8.2.26/ext/opcache/jit/dynasm/dasm_x86.h php8.2-8.2.28/ext/opcache/jit/dynasm/dasm_x86.h --- php8.2-8.2.26/ext/opcache/jit/dynasm/dasm_x86.h 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/opcache/jit/dynasm/dasm_x86.h 2025-03-11 17:58:12.000000000 +0000 @@ -124,7 +124,14 @@ void dasm_setupglobal(Dst_DECL, void **gl, unsigned int maxgl) { dasm_State *D = Dst_REF; +#ifdef __GNUC__ +# pragma GCC diagnostic push +# pragma GCC diagnostic ignored "-Warray-bounds" +#endif D->globals = gl - 10; /* Negative bias to compensate for locals. */ +#ifdef __GNUC__ +# pragma GCC diagnostic pop +#endif DASM_M_GROW(Dst, int, D->lglabels, D->lgsize, (10+maxgl)*sizeof(int)); } diff -Nru php8.2-8.2.26/ext/opcache/jit/zend_jit.c php8.2-8.2.28/ext/opcache/jit/zend_jit.c --- php8.2-8.2.26/ext/opcache/jit/zend_jit.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/opcache/jit/zend_jit.c 2025-03-11 17:58:12.000000000 +0000 @@ -103,6 +103,8 @@ #define JIT_STUB(name, offset, adjustment) \ {JIT_STUB_PREFIX #name, zend_jit_ ## name ## _stub, offset, adjustment} +bool zend_jit_startup_ok = false; + zend_ulong zend_jit_profile_counter = 0; int zend_jit_profile_counter_rid = -1; @@ -3169,7 +3171,7 @@ if (opline->op1_type == IS_UNUSED) { op1_info = MAY_BE_OBJECT|MAY_BE_RC1|MAY_BE_RCN; ce = op_array->scope; - ce_is_instanceof = (ce->ce_flags & ZEND_ACC_FINAL) != 0; + ce_is_instanceof = !(ce->ce_flags & ZEND_ACC_FINAL); op1_addr = 0; on_this = 1; } else { @@ -3217,7 +3219,7 @@ if (opline->op1_type == IS_UNUSED) { op1_info = MAY_BE_OBJECT|MAY_BE_RC1|MAY_BE_RCN; ce = op_array->scope; - ce_is_instanceof = (ce->ce_flags & ZEND_ACC_FINAL) != 0; + ce_is_instanceof = !(ce->ce_flags & ZEND_ACC_FINAL); op1_addr = 0; on_this = 1; } else { @@ -3258,7 +3260,7 @@ if (opline->op1_type == IS_UNUSED) { op1_info = MAY_BE_OBJECT|MAY_BE_RC1|MAY_BE_RCN; ce = op_array->scope; - ce_is_instanceof = (ce->ce_flags & ZEND_ACC_FINAL) != 0; + ce_is_instanceof = !(ce->ce_flags & ZEND_ACC_FINAL); op1_addr = 0; on_this = 1; } else { @@ -3761,7 +3763,7 @@ op1_info = MAY_BE_OBJECT|MAY_BE_RC1|MAY_BE_RCN; op1_addr = 0; ce = op_array->scope; - ce_is_instanceof = (ce->ce_flags & ZEND_ACC_FINAL) != 0; + ce_is_instanceof = !(ce->ce_flags & ZEND_ACC_FINAL); on_this = 1; } else { op1_info = OP1_INFO(); @@ -3912,7 +3914,7 @@ op1_info = MAY_BE_OBJECT|MAY_BE_RC1|MAY_BE_RCN; op1_addr = 0; ce = op_array->scope; - ce_is_instanceof = (ce->ce_flags & ZEND_ACC_FINAL) != 0; + ce_is_instanceof = !(ce->ce_flags & ZEND_ACC_FINAL); on_this = 1; } else { op1_info = OP1_INFO(); @@ -5096,6 +5098,13 @@ ZEND_EXT_API void zend_jit_activate(void) { +#ifdef ZTS + if (!zend_jit_startup_ok) { + JIT_G(enabled) = 0; + JIT_G(on) = 0; + return; + } +#endif zend_jit_profile_counter = 0; if (JIT_G(on)) { if (JIT_G(trigger) == ZEND_JIT_ON_HOT_COUNTERS) { diff -Nru php8.2-8.2.26/ext/opcache/jit/zend_jit.h php8.2-8.2.28/ext/opcache/jit/zend_jit.h --- php8.2-8.2.26/ext/opcache/jit/zend_jit.h 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/opcache/jit/zend_jit.h 2025-03-11 17:58:12.000000000 +0000 @@ -91,6 +91,8 @@ typedef struct _zend_jit_trace_stack_frame zend_jit_trace_stack_frame; typedef struct _sym_node zend_sym_node; +extern bool zend_jit_startup_ok; + typedef struct _zend_jit_globals { bool enabled; bool on; diff -Nru php8.2-8.2.26/ext/opcache/jit/zend_jit_arm64.dasc php8.2-8.2.28/ext/opcache/jit/zend_jit_arm64.dasc --- php8.2-8.2.26/ext/opcache/jit/zend_jit_arm64.dasc 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/opcache/jit/zend_jit_arm64.dasc 2025-03-11 17:58:12.000000000 +0000 @@ -504,7 +504,11 @@ ||#else | .long 0xd53bd051 // TODO: hard-coded: mrs TMP3, tpidr_el0 || if (tsrm_ls_cache_tcb_offset == 0) { +||#ifdef __MUSL__ +| ldr TMP3, [TMP3, #-8] +||#else | ldr TMP3, [TMP3, #0] +||#endif | MEM_ACCESS_64_WITH_UOFFSET_64 ldr, TMP3, TMP3, tsrm_tls_index, TMP1 | MEM_ACCESS_64_WITH_UOFFSET_64 ldr, reg, TMP3, tsrm_tls_offset, TMP1 || } else { @@ -1548,6 +1552,9 @@ || } | IF_GC_MAY_NOT_LEAK FCARG1x, >4, Rw(tmp_reg1), Rw(tmp_reg2) | // gc_possible_root(Z_COUNTED_P(z)) +|| if (opline) { +| SET_EX_OPLINE opline, TMP1 +|| } | EXT_CALL gc_possible_root, Rx(tmp_reg1) || } || if (cold && ((op_info) & ((MAY_BE_ANY|MAY_BE_UNDEF|MAY_BE_INDIRECT|MAY_BE_GUARD)-(MAY_BE_OBJECT|MAY_BE_RESOURCE))) != 0) { @@ -2787,6 +2794,20 @@ /* Index is offset by 1 on FreeBSD (https://github.com/freebsd/freebsd-src/blob/22ca6db50f4e6bd75a141f57cf953d8de6531a06/lib/libc/gen/tls.c#L88) */ tsrm_tls_index = (tlsdesc->index + 1) * 8; } +# elif defined(__MUSL__) + if (tsrm_ls_cache_tcb_offset == 0) { + size_t **where; + + __asm__( + "adrp %0, :tlsdesc:_tsrm_ls_cache\n" + "add %0, %0, :tlsdesc_lo12:_tsrm_ls_cache\n" + : "=r" (where)); + /* See https://github.com/ARM-software/abi-aa/blob/2a70c42d62e9c3eb5887fa50b71257f20daca6f9/aaelf64/aaelf64.rst */ + size_t *tlsdesc = where[1]; + + tsrm_tls_offset = tlsdesc[1]; + tsrm_tls_index = tlsdesc[0] * 8; + } # else ZEND_ASSERT(tsrm_ls_cache_tcb_offset != 0); # endif @@ -5944,6 +5965,9 @@ if (RC_MAY_BE_N(var_info) && (var_info & (MAY_BE_ARRAY|MAY_BE_OBJECT)) != 0) { |4: | IF_GC_MAY_NOT_LEAK FCARG1x, >8, TMP1w, TMP2w + if (opline) { + | SET_EX_OPLINE opline, REG0 + } | EXT_CALL gc_possible_root, REG0 if (in_cold) { | b >8 @@ -5971,6 +5995,9 @@ | GET_ZVAL_PTR FCARG1x, var_use_addr, TMP1 | GC_DELREF FCARG1x, TMP1w | IF_GC_MAY_NOT_LEAK FCARG1x, >5, TMP1w, TMP2w + if (opline) { + | SET_EX_OPLINE opline, TMP1 + } | EXT_CALL gc_possible_root, TMP1 if (Z_REG(var_use_addr) != ZREG_FP) { | ldr Rx(Z_REG(var_use_addr)), T1 // restore @@ -11831,6 +11858,9 @@ |3: | // GC_ZVAL_CHECK_POSSIBLE_ROOT(variable_ptr) | IF_GC_MAY_NOT_LEAK FCARG1x, >5, TMP1w, TMP2w + if (opline) { + | SET_EX_OPLINE opline, REG0 + } | EXT_CALL gc_possible_root, REG0 | b >5 } diff -Nru php8.2-8.2.26/ext/opcache/jit/zend_jit_trace.c php8.2-8.2.28/ext/opcache/jit/zend_jit_trace.c --- php8.2-8.2.26/ext/opcache/jit/zend_jit_trace.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/opcache/jit/zend_jit_trace.c 2025-03-11 17:58:12.000000000 +0000 @@ -4648,7 +4648,7 @@ if (opline->op1_type == IS_UNUSED) { op1_info = MAY_BE_OBJECT|MAY_BE_RC1|MAY_BE_RCN; ce = op_array->scope; - ce_is_instanceof = (ce->ce_flags & ZEND_ACC_FINAL) != 0; + ce_is_instanceof = !(ce->ce_flags & ZEND_ACC_FINAL); op1_addr = 0; on_this = 1; } else { @@ -4739,7 +4739,7 @@ if (opline->op1_type == IS_UNUSED) { op1_info = MAY_BE_OBJECT|MAY_BE_RC1|MAY_BE_RCN; ce = op_array->scope; - ce_is_instanceof = (ce->ce_flags & ZEND_ACC_FINAL) != 0; + ce_is_instanceof = !(ce->ce_flags & ZEND_ACC_FINAL); op1_addr = 0; on_this = 1; } else { @@ -4819,7 +4819,7 @@ if (opline->op1_type == IS_UNUSED) { op1_info = MAY_BE_OBJECT|MAY_BE_RC1|MAY_BE_RCN; ce = op_array->scope; - ce_is_instanceof = (ce->ce_flags & ZEND_ACC_FINAL) != 0; + ce_is_instanceof = !(ce->ce_flags & ZEND_ACC_FINAL); op1_addr = 0; on_this = 1; } else { @@ -5404,6 +5404,9 @@ res_type = Z_TYPE_P(RT_CONSTANT(opline, opline->op1)); } else if (op1_type != IS_UNKNOWN) { res_type = op1_type; + if (res_type == IS_UNDEF) { + res_type = IS_NULL; + } } if (op_array->type == ZEND_EVAL_CODE // TODO: support for top-level code @@ -5839,7 +5842,7 @@ if (opline->op1_type == IS_UNUSED) { op1_info = MAY_BE_OBJECT|MAY_BE_RC1|MAY_BE_RCN; ce = op_array->scope; - ce_is_instanceof = (ce->ce_flags & ZEND_ACC_FINAL) != 0; + ce_is_instanceof = !(ce->ce_flags & ZEND_ACC_FINAL); op1_addr = 0; on_this = 1; } else { @@ -6118,7 +6121,7 @@ if (opline->op1_type == IS_UNUSED) { op1_info = MAY_BE_OBJECT|MAY_BE_RC1|MAY_BE_RCN; ce = op_array->scope; - ce_is_instanceof = (ce->ce_flags & ZEND_ACC_FINAL) != 0; + ce_is_instanceof = !(ce->ce_flags & ZEND_ACC_FINAL); op1_addr = 0; on_this = 1; } else { @@ -7164,6 +7167,11 @@ t->polymorphism = 0; t->jmp_table_size = 0; t->op_array = trace_buffer[0].op_array; + if (!(t->op_array->fn_flags & ZEND_ACC_IMMUTABLE)) { + zend_jit_op_array_trace_extension *jit_extension = + (zend_jit_op_array_trace_extension*)ZEND_FUNC_INFO(t->op_array); + t->op_array = jit_extension->op_array; + } t->opline = trace_buffer[1].opline; t->exit_info = exit_info; t->stack_map = NULL; diff -Nru php8.2-8.2.26/ext/opcache/jit/zend_jit_vm_helpers.c php8.2-8.2.28/ext/opcache/jit/zend_jit_vm_helpers.c --- php8.2-8.2.26/ext/opcache/jit/zend_jit_vm_helpers.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/opcache/jit/zend_jit_vm_helpers.c 2025-03-11 17:58:12.000000000 +0000 @@ -925,7 +925,15 @@ (zend_jit_op_array_trace_extension*)ZEND_FUNC_INFO(op_array); if (UNEXPECTED(!jit_extension) || UNEXPECTED(!(jit_extension->func_info.flags & ZEND_FUNC_JIT_ON_HOT_TRACE))) { - stop = ZEND_JIT_TRACE_STOP_INTERPRETER; +#ifdef HAVE_GCC_GLOBAL_REGS + if (execute_data->prev_execute_data != prev_execute_data) { +#else + if (rc < 0) { +#endif + stop = ZEND_JIT_TRACE_STOP_RETURN; + } else { + stop = ZEND_JIT_TRACE_STOP_INTERPRETER; + } break; } offset = jit_extension->offset; diff -Nru php8.2-8.2.26/ext/opcache/jit/zend_jit_x86.dasc php8.2-8.2.28/ext/opcache/jit/zend_jit_x86.dasc --- php8.2-8.2.26/ext/opcache/jit/zend_jit_x86.dasc 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/opcache/jit/zend_jit_x86.dasc 2025-03-11 17:58:12.000000000 +0000 @@ -1443,6 +1443,9 @@ |1: || } | IF_GC_MAY_NOT_LEAK FCARG1a, >4 +|| if (opline) { +| SET_EX_OPLINE opline, r0 +|| } | // gc_possible_root(Z_COUNTED_P(z)) | EXT_CALL gc_possible_root, r0 || } @@ -6488,6 +6491,9 @@ if (RC_MAY_BE_N(var_info) && (var_info & (MAY_BE_ARRAY|MAY_BE_OBJECT)) != 0) { |4: | IF_GC_MAY_NOT_LEAK FCARG1a, >8 + if (opline) { + | SET_EX_OPLINE opline, r0 + } | EXT_CALL gc_possible_root, r0 if (in_cold) { | jmp >8 @@ -6515,6 +6521,9 @@ | GET_ZVAL_PTR FCARG1a, var_use_addr | GC_DELREF FCARG1a | IF_GC_MAY_NOT_LEAK FCARG1a, >5 + if (opline) { + | SET_EX_OPLINE opline, r0 + } | EXT_CALL gc_possible_root, r0 if (Z_REG(var_use_addr) != ZREG_FP) { | mov Ra(Z_REG(var_use_addr)), T1 // restore @@ -9231,19 +9240,11 @@ int32_t exit_point; const void *exit_addr; - if (func->type == ZEND_INTERNAL_FUNCTION) { -#ifdef ZEND_WIN32 - // TODO: ASLR may cause different addresses in different workers ??? - return 0; -#endif - } else if (func->type == ZEND_USER_FUNCTION) { + if (func->type == ZEND_USER_FUNCTION) { if (!zend_accel_in_shm(func->op_array.opcodes)) { /* op_array and op_array->opcodes are not persistent. We can't link. */ return 0; } - } else { - ZEND_UNREACHABLE(); - return 0; } exit_point = zend_jit_trace_get_exit_point(to_opline, ZEND_JIT_EXIT_POLYMORPHISM); @@ -9277,6 +9278,22 @@ | cmp aword [r1 + offsetof(zend_op_array, opcodes)], opcodes | .endif | jne &exit_addr +#ifdef _WIN32 + } else if (func->type == ZEND_INTERNAL_FUNCTION) { + const zif_handler handler = func->internal_function.handler; + + | .if X64 + || if (!IS_SIGNED_32BIT(handler)) { + | mov64 r2, ((ptrdiff_t)handler) + | cmp aword [r1 + offsetof(zend_internal_function, handler)], r2 + || } else { + | cmp aword [r1 + offsetof(zend_internal_function, handler)], handler + || } + | .else + | cmp aword [r1 + offsetof(zend_internal_function, handler)], handler + | .endif + | jne &exit_addr +#endif } else { | .if X64 || if (!IS_SIGNED_32BIT(func)) { @@ -9423,6 +9440,22 @@ | cmp aword [r0 + offsetof(zend_op_array, opcodes)], opcodes | .endif | jz >3 +#ifdef _WIN32 + } else if (func->type == ZEND_INTERNAL_FUNCTION) { + const zif_handler handler = func->internal_function.handler; + + | .if X64 + || if (!IS_SIGNED_32BIT(handler)) { + | mov64 r1, ((ptrdiff_t)handler) + | cmp aword [r0 + offsetof(zend_internal_function, handler)], r1 + || } else { + | cmp aword [r0 + offsetof(zend_internal_function, handler)], handler + || } + | .else + | cmp aword [r0 + offsetof(zend_internal_function, handler)], handler + | .endif + | jz >3 +#endif } else { | .if X64 || if (!IS_SIGNED_32BIT(func)) { @@ -9609,11 +9642,7 @@ if ((!func || zend_jit_may_be_modified(func, op_array)) && trace && trace->op == ZEND_JIT_TRACE_INIT_CALL - && trace->func -#ifdef _WIN32 - && trace->func->type != ZEND_INTERNAL_FUNCTION -#endif - ) { + && trace->func) { int32_t exit_point; const void *exit_addr; @@ -9642,6 +9671,22 @@ | cmp aword [r0 + offsetof(zend_op_array, opcodes)], opcodes | .endif | jne &exit_addr +#ifdef _WIN32 + } else if (func->type == ZEND_INTERNAL_FUNCTION) { + const zif_handler handler = func->internal_function.handler; + + | .if X64 + || if (!IS_SIGNED_32BIT(handler)) { + | mov64 r1, ((ptrdiff_t)handler) + | cmp aword [r0 + offsetof(zend_internal_function, handler)], r1 + || } else { + | cmp aword [r0 + offsetof(zend_internal_function, handler)], handler + || } + | .else + | cmp aword [r0 + offsetof(zend_internal_function, handler)], handler + | .endif + | jne &exit_addr +#endif } else { | .if X64 || if (!IS_SIGNED_32BIT(func)) { @@ -12583,6 +12628,9 @@ |3: | // GC_ZVAL_CHECK_POSSIBLE_ROOT(variable_ptr) | IF_GC_MAY_NOT_LEAK FCARG1a, >5 + if (opline) { + | SET_EX_OPLINE opline, r0 + } | EXT_CALL gc_possible_root, r1 | jmp >5 } diff -Nru php8.2-8.2.26/ext/opcache/tests/jit/assign_obj_005.phpt php8.2-8.2.28/ext/opcache/tests/jit/assign_obj_005.phpt --- php8.2-8.2.26/ext/opcache/tests/jit/assign_obj_005.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/opcache/tests/jit/assign_obj_005.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,38 @@ +--TEST-- +JIT ASSIGN_OBJ: Typed & not-typed property +--INI-- +opcache.enable=1 +opcache.enable_cli=1 +opcache.file_update_protection=0 +opcache.jit_buffer_size=1M +--FILE-- +x = $x; + } +} +class C2 extends C1 { + public $x = 0; +} +class C3 extends C1 { + public int $x = 0; +} +$o = new C2("abcd"); +var_dump($o->x); +$o = new C3(42); +var_dump($o->x); +$o = new C3("abcd"); +var_dump($o->x); +?> +--EXPECTF-- +string(4) "abcd" +int(42) + +Fatal error: Uncaught TypeError: Cannot assign string to property C3::$x of type int in %sassign_obj_005.php:6 +Stack trace: +#0 %sassign_obj_005.php(19): C1->__construct('abcd') +#1 {main} + thrown in %sassign_obj_005.php on line 6 diff -Nru php8.2-8.2.26/ext/opcache/tests/jit/gh16770.phpt php8.2-8.2.28/ext/opcache/tests/jit/gh16770.phpt --- php8.2-8.2.26/ext/opcache/tests/jit/gh16770.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/opcache/tests/jit/gh16770.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,39 @@ +--TEST-- +GH-16770 (Tracing JIT type mismatch when returning UNDEF) +--INI-- +opcache.jit=1254 +opcache.jit_hot_loop=1 +opcache.jit_buffer_size=32M +--EXTENSIONS-- +opcache +--FILE-- + +--EXPECTF-- +Warning: Undefined variable $undefined in %s on line %d + +Warning: Undefined variable $undefined in %s on line %d + +Warning: Undefined variable $undefined in %s on line %d + +Warning: Undefined variable $undefined in %s on line %d + +Warning: Undefined variable $undefined in %s on line %d + +Warning: Undefined variable $undefined in %s on line %d + +Warning: Undefined variable $undefined in %s on line %d + +Warning: Undefined variable $undefined in %s on line %d + +Warning: Undefined variable $undefined in %s on line %d + +Warning: Undefined variable $undefined in %s on line %d +NULL diff -Nru php8.2-8.2.26/ext/opcache/tests/jit/gh16829.phpt php8.2-8.2.28/ext/opcache/tests/jit/gh16829.phpt --- php8.2-8.2.26/ext/opcache/tests/jit/gh16829.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/opcache/tests/jit/gh16829.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,14 @@ +--TEST-- +GH-16829 (Segmentation fault with opcache.jit=tracing enabled on aarch64) +--INI-- +opcache.jit_buffer_size=32M +--EXTENSIONS-- +opcache +--FILE-- + +DONE +--EXPECT-- +DONE diff -Nru php8.2-8.2.26/ext/opcache/tests/jit/gh16829_1.inc php8.2-8.2.28/ext/opcache/tests/jit/gh16829_1.inc --- php8.2-8.2.26/ext/opcache/tests/jit/gh16829_1.inc 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/opcache/tests/jit/gh16829_1.inc 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,16 @@ + \ No newline at end of file diff -Nru php8.2-8.2.26/ext/opcache/tests/jit/gh16829_2.inc php8.2-8.2.28/ext/opcache/tests/jit/gh16829_2.inc --- php8.2-8.2.26/ext/opcache/tests/jit/gh16829_2.inc 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/opcache/tests/jit/gh16829_2.inc 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,23 @@ + \ No newline at end of file diff -Nru php8.2-8.2.26/ext/opcache/tests/jit/gh9011.phpt php8.2-8.2.28/ext/opcache/tests/jit/gh9011.phpt --- php8.2-8.2.26/ext/opcache/tests/jit/gh9011.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/opcache/tests/jit/gh9011.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,27 @@ +--TEST-- +GH-9011: Assertion failure with tracing JIT +--INI-- +opcache.enable=1 +opcache.enable_cli=1 +opcache.file_update_protection=0 +--FILE-- +__toString(); + } +} +?> +DONE +--EXPECT-- +DONE \ No newline at end of file diff -Nru php8.2-8.2.26/ext/openssl/openssl.c php8.2-8.2.28/ext/openssl/openssl.c --- php8.2-8.2.26/ext/openssl/openssl.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/openssl.c 2025-03-11 17:58:12.000000000 +0000 @@ -1495,7 +1495,7 @@ } if (!php_openssl_check_path(filename, filename_len, file_path, 2)) { - return; + goto exit_cleanup_cert; } bio_out = BIO_new_file(file_path, PHP_OPENSSL_BIO_MODE_W(PKCS7_BINARY)); @@ -1513,13 +1513,14 @@ php_error_docref(NULL, E_WARNING, "Error opening file %s", file_path); } - if (cert_str) { - X509_free(cert); - } - if (!BIO_free(bio_out)) { php_openssl_store_errors(); } + +exit_cleanup_cert: + if (cert_str) { + X509_free(cert); + } } /* }}} */ @@ -3070,7 +3071,7 @@ } if (!php_openssl_check_path(filename, filename_len, file_path, 2)) { - return; + goto exit_cleanup; } bio_out = BIO_new_file(file_path, PHP_OPENSSL_BIO_MODE_W(PKCS7_BINARY)); @@ -3090,6 +3091,7 @@ php_error_docref(NULL, E_WARNING, "Error opening file %s", file_path); } +exit_cleanup: if (csr_str) { X509_REQ_free(csr); } @@ -3531,6 +3533,7 @@ } else { ZVAL_COPY(&tmp, zphrase); if (!try_convert_to_string(&tmp)) { + zval_ptr_dtor(&tmp); return NULL; } @@ -3577,19 +3580,21 @@ if (!(Z_TYPE_P(val) == IS_STRING || Z_TYPE_P(val) == IS_OBJECT)) { TMP_CLEAN; } - if (!try_convert_to_string(val)) { + zend_string *val_str = zval_try_get_string(val); + if (!val_str) { TMP_CLEAN; } - if (Z_STRLEN_P(val) > 7 && memcmp(Z_STRVAL_P(val), "file://", sizeof("file://") - 1) == 0) { - if (!php_openssl_check_path_str(Z_STR_P(val), file_path, arg_num)) { + if (ZSTR_LEN(val_str) > 7 && memcmp(ZSTR_VAL(val_str), "file://", sizeof("file://") - 1) == 0) { + if (!php_openssl_check_path_str(val_str, file_path, arg_num)) { + zend_string_release_ex(val_str, false); TMP_CLEAN; } is_file = true; } /* it's an X509 file/cert of some kind, and we need to extract the data from that */ if (public_key) { - cert = php_openssl_x509_from_str(Z_STR_P(val), arg_num, false, NULL); + cert = php_openssl_x509_from_str(val_str, arg_num, false, NULL); if (cert) { free_cert = 1; @@ -3599,10 +3604,11 @@ if (is_file) { in = BIO_new_file(file_path, PHP_OPENSSL_BIO_MODE_R(PKCS7_BINARY)); } else { - in = BIO_new_mem_buf(Z_STRVAL_P(val), (int)Z_STRLEN_P(val)); + in = BIO_new_mem_buf(ZSTR_VAL(val_str), (int)ZSTR_LEN(val_str)); } if (in == NULL) { php_openssl_store_errors(); + zend_string_release_ex(val_str, false); TMP_CLEAN; } key = PEM_read_bio_PUBKEY(in, NULL,NULL, NULL); @@ -3615,10 +3621,11 @@ if (is_file) { in = BIO_new_file(file_path, PHP_OPENSSL_BIO_MODE_R(PKCS7_BINARY)); } else { - in = BIO_new_mem_buf(Z_STRVAL_P(val), (int)Z_STRLEN_P(val)); + in = BIO_new_mem_buf(ZSTR_VAL(val_str), (int)ZSTR_LEN(val_str)); } if (in == NULL) { + zend_string_release_ex(val_str, false); TMP_CLEAN; } if (passphrase == NULL) { @@ -3631,6 +3638,8 @@ } BIO_free(in); } + + zend_string_release_ex(val_str, false); } if (key == NULL) { @@ -4561,7 +4570,7 @@ } if (!php_openssl_check_path(filename, filename_len, file_path, 2)) { - RETURN_FALSE; + goto clean_exit_key; } PHP_SSL_REQ_INIT(&req); @@ -4597,8 +4606,9 @@ clean_exit: PHP_SSL_REQ_DISPOSE(&req); - EVP_PKEY_free(key); BIO_free(bio_out); +clean_exit_key: + EVP_PKEY_free(key); } /* }}} */ diff -Nru php8.2-8.2.26/ext/openssl/tests/ServerClientTestCase.inc php8.2-8.2.28/ext/openssl/tests/ServerClientTestCase.inc --- php8.2-8.2.26/ext/openssl/tests/ServerClientTestCase.inc 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/ServerClientTestCase.inc 2025-03-11 17:58:12.000000000 +0000 @@ -4,14 +4,19 @@ const WORKER_DEFAULT_NAME = 'server'; -function phpt_notify($worker = WORKER_DEFAULT_NAME) +function phpt_notify(string $worker = WORKER_DEFAULT_NAME, string $message = ""): void { - ServerClientTestCase::getInstance()->notify($worker); + ServerClientTestCase::getInstance()->notify($worker, $message); } -function phpt_wait($worker = WORKER_DEFAULT_NAME, $timeout = null) +function phpt_wait($worker = WORKER_DEFAULT_NAME, $timeout = null): ?string { - ServerClientTestCase::getInstance()->wait($worker, $timeout); + return ServerClientTestCase::getInstance()->wait($worker, $timeout); +} + +function phpt_notify_server_start($server): void +{ + ServerClientTestCase::getInstance()->notify_server_start($server); } function phpt_has_sslv3() { @@ -148,43 +153,73 @@ eval($code); } - public function run($masterCode, $workerCode) + /** + * Run client and all workers + * + * @param string $clientCode The client PHP code + * @param string|array $workerCode + * @param bool $ephemeral Select whether automatic port selection and automatic awaiting is used + * @return void + * @throws Exception + */ + public function run(string $clientCode, string|array $workerCode, bool $ephemeral = true): void { if (!is_array($workerCode)) { $workerCode = [WORKER_DEFAULT_NAME => $workerCode]; } - foreach ($workerCode as $worker => $code) { + reset($workerCode); + $code = current($workerCode); + $worker = key($workerCode); + while ($worker != null) { $this->spawnWorkerProcess($worker, $this->stripPhpTagsFromCode($code)); + $code = next($workerCode); + if ($ephemeral) { + $addr = trim($this->wait($worker)); + if (empty($addr)) { + throw new \Exception("Failed server start"); + } + if ($code === false) { + $clientCode = preg_replace('/{{\s*ADDR\s*}}/', $addr, $clientCode); + } else { + $code = preg_replace('/{{\s*ADDR\s*}}/', $addr, $code); + } + } + $worker = key($workerCode); } - eval($this->stripPhpTagsFromCode($masterCode)); + + eval($this->stripPhpTagsFromCode($clientCode)); foreach ($workerCode as $worker => $code) { $this->cleanupWorkerProcess($worker); } } - public function wait($worker, $timeout = null) + public function wait($worker, $timeout = null): ?string { $handle = $this->isWorker ? STDIN : $this->workerStdOut[$worker]; if ($timeout === null) { - fgets($handle); - return true; + return fgets($handle); } stream_set_blocking($handle, false); $read = [$handle]; $result = stream_select($read, $write, $except, $timeout); if (!$result) { - return false; + return null; } - fgets($handle); + $result = fgets($handle); stream_set_blocking($handle, true); - return true; + return $result; + } + + public function notify(string $worker, string $message = ""): void + { + fwrite($this->isWorker ? STDOUT : $this->workerStdIn[$worker], "$message\n"); } - public function notify($worker) + public function notify_server_start($server): void { - fwrite($this->isWorker ? STDOUT : $this->workerStdIn[$worker], "\n"); + echo stream_socket_get_name($server, false) . "\n"; } } diff -Nru php8.2-8.2.26/ext/openssl/tests/bug46127.phpt php8.2-8.2.28/ext/openssl/tests/bug46127.phpt --- php8.2-8.2.26/ext/openssl/tests/bug46127.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/bug46127.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -11,14 +11,14 @@ $certFile = __DIR__ . DIRECTORY_SEPARATOR . 'bug46127.pem.tmp'; $serverCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://127.0.0.1:0"; $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; $serverCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s', ]]); $sock = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($sock); $link = stream_socket_accept($sock); fwrite($link, "Sending bug 46127\n"); @@ -26,7 +26,7 @@ $serverCode = sprintf($serverCode, $certFile); $clientCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://{{ ADDR }}"; $clientFlags = STREAM_CLIENT_CONNECT; $clientCtx = stream_context_create(['ssl' => [ @@ -34,7 +34,6 @@ 'verify_peer_name' => false ]]); - phpt_wait(); $sock = stream_socket_client($serverUri, $errno, $errstr, 2, $clientFlags, $clientCtx); echo fgets($sock); diff -Nru php8.2-8.2.26/ext/openssl/tests/bug48182.phpt php8.2-8.2.28/ext/openssl/tests/bug48182.phpt --- php8.2-8.2.26/ext/openssl/tests/bug48182.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/bug48182.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -12,14 +12,14 @@ $cacertFile = __DIR__ . DIRECTORY_SEPARATOR . 'bug48182-ca.pem.tmp'; $serverCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://127.0.0.1:0"; $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; $serverCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s' ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); $client = @stream_socket_accept($server, 1); @@ -30,14 +30,13 @@ $peerName = 'bug48182'; $clientCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://{{ ADDR }}"; $clientFlags = STREAM_CLIENT_CONNECT | STREAM_CLIENT_ASYNC_CONNECT; $clientCtx = stream_context_create(['ssl' => [ 'cafile' => '%s', 'peer_name' => '%s' ]]); - phpt_wait(); $client = stream_socket_client($serverUri, $errno, $errstr, 10, $clientFlags, $clientCtx); $data = "Sending data over to SSL server in async mode with contents like Hello World\n"; diff -Nru php8.2-8.2.26/ext/openssl/tests/bug54992.phpt php8.2-8.2.28/ext/openssl/tests/bug54992.phpt --- php8.2-8.2.26/ext/openssl/tests/bug54992.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/bug54992.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -12,14 +12,14 @@ $cacertFile = __DIR__ . DIRECTORY_SEPARATOR . 'bug54992-ca.pem.tmp'; $serverCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://127.0.0.1:0"; $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; $serverCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s', ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); @stream_socket_accept($server, 1); CODE; @@ -28,7 +28,7 @@ $peerName = 'bug54992_actual_peer_name'; $wrongPeerName = 'bug54992_expected_peer_name'; $clientCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://{{ ADDR }}"; $clientFlags = STREAM_CLIENT_CONNECT; $clientCtx = stream_context_create(['ssl' => [ 'verify_peer' => true, @@ -36,7 +36,6 @@ 'peer_name' => '%s', ]]); - phpt_wait(); $client = stream_socket_client($serverUri, $errno, $errstr, 2, $clientFlags, $clientCtx); var_dump($client); @@ -61,5 +60,5 @@ Warning: stream_socket_client(): Failed to enable crypto in %s on line %d -Warning: stream_socket_client(): Unable to connect to ssl://127.0.0.1:64321 (Unknown error) in %s on line %d +Warning: stream_socket_client(): Unable to connect to ssl://127.0.0.1:%d (Unknown error) in %s on line %d bool(false) diff -Nru php8.2-8.2.26/ext/openssl/tests/bug62890.phpt php8.2-8.2.28/ext/openssl/tests/bug62890.phpt --- php8.2-8.2.26/ext/openssl/tests/bug62890.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/bug62890.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -19,8 +19,8 @@ 'security_level' => 1, ]]); - $server = stream_socket_server('tls://127.0.0.1:64321', $errno, $errstr, $flags, $ctx); - phpt_notify(); + $server = stream_socket_server('tls://127.0.0.1:0', $errno, $errstr, $flags, $ctx); + phpt_notify_server_start($server); @stream_socket_accept($server, 3); CODE; $serverCode = sprintf($serverCode, $certFile); @@ -33,9 +33,7 @@ 'security_level' => 1, ]]); - phpt_wait(); - - $client = stream_socket_client("tls://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = stream_socket_client("tls://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); CODE; diff -Nru php8.2-8.2.26/ext/openssl/tests/bug65538_001.phpt php8.2-8.2.28/ext/openssl/tests/bug65538_001.phpt --- php8.2-8.2.26/ext/openssl/tests/bug65538_001.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/bug65538_001.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -12,14 +12,14 @@ $cacertFile = __DIR__ . DIRECTORY_SEPARATOR . 'bug65538_001-ca.pem.tmp'; $serverCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://127.0.0.1:0"; $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; $serverCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s', ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); $client = @stream_socket_accept($server); if ($client) { @@ -41,13 +41,12 @@ $peerName = 'bug65538_001'; $clientCode = <<<'CODE' - $serverUri = "https://127.0.0.1:64321/"; + $serverUri = "https://{{ ADDR }}/"; $clientCtx = stream_context_create(['ssl' => [ 'cafile' => 'file://%s', 'peer_name' => '%s', ]]); - phpt_wait(); $html = file_get_contents($serverUri, false, $clientCtx); var_dump($html); diff -Nru php8.2-8.2.26/ext/openssl/tests/bug65538_003.phpt php8.2-8.2.28/ext/openssl/tests/bug65538_003.phpt --- php8.2-8.2.26/ext/openssl/tests/bug65538_003.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/bug65538_003.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -17,14 +17,14 @@ $cacertPhar = __DIR__ . DIRECTORY_SEPARATOR . 'bug65538_003-ca.phar.tmp'; $serverCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://127.0.0.1:0"; $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; $serverCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s', ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); $client = @stream_socket_accept($server); if ($client) { @@ -46,13 +46,12 @@ $peerName = 'bug65538_003'; $clientCode = <<<'CODE' - $serverUri = "https://127.0.0.1:64321/"; + $serverUri = "https://{{ ADDR }}/"; $clientCtx = stream_context_create(['ssl' => [ 'cafile' => 'phar://%s/%s', 'peer_name' => '%s', ]]); - phpt_wait(); $html = file_get_contents($serverUri, false, $clientCtx); var_dump($html); diff -Nru php8.2-8.2.26/ext/openssl/tests/bug65729.phpt php8.2-8.2.28/ext/openssl/tests/bug65729.phpt --- php8.2-8.2.26/ext/openssl/tests/bug65729.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/bug65729.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -12,14 +12,14 @@ $cacertFile = __DIR__ . DIRECTORY_SEPARATOR . 'bug65729-ca.pem.tmp'; $serverCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://127.0.0.1:0"; $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; $serverCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s' ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); $expected_names = ['foo.test.com.sg', 'foo.test.com', 'FOO.TEST.COM', 'foo.bar.test.com']; foreach ($expected_names as $name) { @@ -29,11 +29,9 @@ $serverCode = sprintf($serverCode, $certFile); $clientCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://{{ ADDR }}"; $clientFlags = STREAM_CLIENT_CONNECT; - phpt_wait(); - $expected_names = ['foo.test.com.sg', 'foo.test.com', 'FOO.TEST.COM', 'foo.bar.test.com']; foreach ($expected_names as $expected_name) { $clientCtx = stream_context_create(['ssl' => [ @@ -65,7 +63,7 @@ Warning: stream_socket_client(): Failed to enable crypto in %s on line %d -Warning: stream_socket_client(): Unable to connect to ssl://127.0.0.1:64321 (Unknown error) in %s on line %d +Warning: stream_socket_client(): Unable to connect to ssl://127.0.0.1:%d (Unknown error) in %s on line %d bool(false) resource(%d) of type (stream) resource(%d) of type (stream) @@ -74,5 +72,5 @@ Warning: stream_socket_client(): Failed to enable crypto in %s on line %d -Warning: stream_socket_client(): Unable to connect to ssl://127.0.0.1:64321 (Unknown error) in %s on line %d +Warning: stream_socket_client(): Unable to connect to ssl://127.0.0.1:%d (Unknown error) in %s on line %d bool(false) diff -Nru php8.2-8.2.26/ext/openssl/tests/bug68265.phpt php8.2-8.2.28/ext/openssl/tests/bug68265.phpt --- php8.2-8.2.26/ext/openssl/tests/bug68265.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/bug68265.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -12,21 +12,21 @@ $san = 'DNS:debs.ak-online.be., DNS:debs.ak-online.net.'; $serverCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://127.0.0.1:0"; $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; $serverCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s', ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); stream_socket_accept($server, 30); CODE; $serverCode = sprintf($serverCode, $certFile); $clientCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://{{ ADDR }}"; $clientFlags = STREAM_CLIENT_CONNECT; $clientCtx = stream_context_create(['ssl' => [ 'verify_peer' => false, @@ -34,8 +34,6 @@ 'peer_name' => 'debs.ak-online.net', ]]); - phpt_wait(); - var_dump(stream_socket_client($serverUri, $errno, $errstr, 1, $clientFlags, $clientCtx)); CODE; diff -Nru php8.2-8.2.26/ext/openssl/tests/bug68879.phpt php8.2-8.2.28/ext/openssl/tests/bug68879.phpt --- php8.2-8.2.26/ext/openssl/tests/bug68879.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/bug68879.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -12,21 +12,21 @@ $san = 'DNS:test.com, DNS:www.test.com, DNS:subdomain.test.com, IP:0:0:0:0:0:FFFF:A02:1, IP:10.2.0.1'; $serverCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://127.0.0.1:0"; $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; $serverCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s', ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); stream_socket_accept($server, 30); CODE; $serverCode = sprintf($serverCode, $certFile); $clientCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://{{ ADDR }}"; $clientFlags = STREAM_CLIENT_CONNECT; $clientCtx = stream_context_create(['ssl' => [ 'verify_peer' => false, @@ -34,8 +34,6 @@ 'peer_name' => '10.2.0.1', ]]); - phpt_wait(); - var_dump(stream_socket_client($serverUri, $errno, $errstr, 30, $clientFlags, $clientCtx)); CODE; diff -Nru php8.2-8.2.26/ext/openssl/tests/bug68920.phpt php8.2-8.2.28/ext/openssl/tests/bug68920.phpt --- php8.2-8.2.26/ext/openssl/tests/bug68920.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/bug68920.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -11,14 +11,14 @@ $certFile = __DIR__ . DIRECTORY_SEPARATOR . 'bug68920.pem.tmp'; $serverCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://127.0.0.1:0"; $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; $serverCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s', ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); stream_socket_accept($server, 30); stream_socket_accept($server, 30); @@ -28,11 +28,9 @@ $serverCode = sprintf($serverCode, $certFile); $clientCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://{{ ADDR }}"; $clientFlags = STREAM_CLIENT_CONNECT; - phpt_wait(); - $ctx = stream_context_create(['ssl' => ['verify_peer'=> false, 'peer_fingerprint' => true]]); $sock = stream_socket_client($serverUri, $errno, $errstr, 30, $clientFlags, $ctx); var_dump($sock); diff -Nru php8.2-8.2.26/ext/openssl/tests/bug69215.phpt php8.2-8.2.28/ext/openssl/tests/bug69215.phpt --- php8.2-8.2.26/ext/openssl/tests/bug69215.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/bug69215.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -13,7 +13,7 @@ $serverCertFile = __DIR__ . DIRECTORY_SEPARATOR . 'bug69215-server.pem.tmp'; $serverCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://127.0.0.1:0"; $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; $serverCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s', @@ -24,14 +24,14 @@ ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); stream_socket_accept($server, 30); CODE; $serverCode = sprintf($serverCode, $serverCertFile, $caCertFile); $clientCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://{{ ADDR }}"; $clientFlags = STREAM_CLIENT_CONNECT; $clientCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s', @@ -41,8 +41,6 @@ 'peer_name' => 'bug69215-server', ]]); - phpt_wait(); - var_dump(stream_socket_client($serverUri, $errno, $errstr, 1, $clientFlags, $clientCtx)); CODE; $clientCode = sprintf($clientCode, $clientCertFile, $caCertFile); diff -Nru php8.2-8.2.26/ext/openssl/tests/bug72333.phpt php8.2-8.2.28/ext/openssl/tests/bug72333.phpt --- php8.2-8.2.26/ext/openssl/tests/bug72333.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/bug72333.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -14,8 +14,8 @@ $context = stream_context_create(['ssl' => ['local_cert' => '%s']]); $flags = STREAM_SERVER_BIND|STREAM_SERVER_LISTEN; - $fp = stream_socket_server("ssl://127.0.0.1:10011", $errornum, $errorstr, $flags, $context); - phpt_notify(); + $fp = stream_socket_server("ssl://127.0.0.1:0", $errornum, $errorstr, $flags, $context); + phpt_notify_server_start($fp); $conn = stream_socket_accept($fp); $total = 100000; $result = fread($conn, $total); @@ -40,8 +40,7 @@ $clientCode = <<<'CODE' $context = stream_context_create(['ssl' => ['verify_peer' => false, 'peer_name' => '%s']]); - phpt_wait(); - $fp = stream_socket_client("ssl://127.0.0.1:10011", $errornum, $errorstr, 3000, STREAM_CLIENT_CONNECT, $context); + $fp = stream_socket_client("ssl://{{ ADDR }}", $errornum, $errorstr, 3000, STREAM_CLIENT_CONNECT, $context); stream_set_blocking($fp, false); function blocking_fwrite($fp, $buf) { diff -Nru php8.2-8.2.26/ext/openssl/tests/bug73072.phpt php8.2-8.2.28/ext/openssl/tests/bug73072.phpt --- php8.2-8.2.26/ext/openssl/tests/bug73072.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/bug73072.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -18,9 +18,9 @@ ] ]]); - $server = stream_socket_server('tls://127.0.0.1:64322', $errno, $errstr, $flags, $ctx); + $server = stream_socket_server('tls://127.0.0.1:0', $errno, $errstr, $flags, $ctx); + phpt_notify_server_start($server); - phpt_notify(); @stream_socket_accept($server, 3); // if there is a segfault, this won't be called fwrite(STDERR, "done\n"); @@ -33,11 +33,9 @@ 'capture_peer_cert' => true ]; - phpt_wait(); - $ctxArr['peer_name'] = 'domain1.com'; $ctx = stream_context_create(['ssl' => $ctxArr]); - @stream_socket_client("tls://127.0.0.1:64322", $errno, $errstr, 1, $flags, $ctx); + @stream_socket_client("tls://{{ ADDR }}", $errno, $errstr, 1, $flags, $ctx); CODE; include 'ServerClientTestCase.inc'; diff -Nru php8.2-8.2.26/ext/openssl/tests/bug74159.phpt php8.2-8.2.28/ext/openssl/tests/bug74159.phpt --- php8.2-8.2.26/ext/openssl/tests/bug74159.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/bug74159.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -15,7 +15,7 @@ // not really reliable on more powerful machine but cover different // scenarios which might be useful. More reliable test is bug72333.phpt $serverCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:10012"; + $serverUri = "ssl://127.0.0.1:0"; $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; $serverCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s', @@ -23,7 +23,7 @@ ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); $client = stream_socket_accept($server, 1); @@ -73,7 +73,7 @@ exit("$errstr\n"); }); - $serverUri = "tcp://127.0.0.1:10012"; + $serverUri = "tcp://{{ ADDR }}"; $clientFlags = STREAM_CLIENT_CONNECT; $clientCtx = stream_context_create(['ssl' => [ 'verify_peer' => true, @@ -81,8 +81,6 @@ 'peer_name' => '%s', ]]); - phpt_wait(); - $fp = stream_socket_client($serverUri, $errno, $errstr, 1, $clientFlags, $clientCtx); stream_set_blocking($fp, false); diff -Nru php8.2-8.2.26/ext/openssl/tests/bug76705.phpt php8.2-8.2.28/ext/openssl/tests/bug76705.phpt --- php8.2-8.2.26/ext/openssl/tests/bug76705.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/bug76705.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -9,20 +9,20 @@ --FILE-- [ 'local_cert' => __DIR__ . '/bug76705.pem' ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); @stream_socket_accept($server, 1); CODE; $clientCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64323"; + $serverUri = "ssl://{{ ADDR }}"; $clientFlags = STREAM_CLIENT_CONNECT; $clientCtx = stream_context_create(['ssl' => [ 'verify_peer' => true, @@ -33,7 +33,6 @@ ] ]]); - phpt_wait(); var_dump(stream_socket_client($serverUri, $errno, $errstr, 2, $clientFlags, $clientCtx)); CODE; diff -Nru php8.2-8.2.26/ext/openssl/tests/bug77390.phpt php8.2-8.2.28/ext/openssl/tests/bug77390.phpt --- php8.2-8.2.26/ext/openssl/tests/bug77390.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/bug77390.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -15,11 +15,7 @@ $clientCode = <<<'CODE' $context = stream_context_create(['ssl' => ['verify_peer' => false, 'peer_name' => '%s']]); - phpt_wait('server'); - phpt_notify('proxy'); - - phpt_wait('proxy'); - $fp = stream_socket_client("ssl://127.0.0.1:10012", $errornum, $errorstr, 3000, STREAM_CLIENT_CONNECT, $context); + $fp = stream_socket_client("ssl://{{ ADDR }}", $errornum, $errorstr, 3000, STREAM_CLIENT_CONNECT, $context); stream_set_blocking($fp, false); $read = [$fp]; @@ -57,8 +53,8 @@ $context = stream_context_create(['ssl' => ['local_cert' => '%s']]); $flags = STREAM_SERVER_BIND|STREAM_SERVER_LISTEN; - $fp = stream_socket_server("ssl://127.0.0.1:10011", $errornum, $errorstr, $flags, $context); - phpt_notify(); + $fp = stream_socket_server("ssl://127.0.0.1:0", $errornum, $errorstr, $flags, $context); + phpt_notify_server_start($fp); $conn = stream_socket_accept($fp); fwrite($conn, 'warmup'); @@ -71,14 +67,12 @@ $serverCode = sprintf($serverCode, $certFile); $proxyCode = <<<'CODE' - phpt_wait(); - - $upstream = stream_socket_client("tcp://127.0.0.1:10011", $errornum, $errorstr, 3000, STREAM_CLIENT_CONNECT); + $upstream = stream_socket_client("tcp://{{ ADDR }}", $errornum, $errorstr, 3000, STREAM_CLIENT_CONNECT); stream_set_blocking($upstream, false); $flags = STREAM_SERVER_BIND|STREAM_SERVER_LISTEN; - $server = stream_socket_server("tcp://127.0.0.1:10012", $errornum, $errorstr, $flags); - phpt_notify(); + $server = stream_socket_server("tcp://127.0.0.1:0", $errornum, $errorstr, $flags); + phpt_notify_server_start($server); $conn = stream_socket_accept($server); stream_set_blocking($conn, false); diff -Nru php8.2-8.2.26/ext/openssl/tests/capture_peer_cert_001.phpt php8.2-8.2.28/ext/openssl/tests/capture_peer_cert_001.phpt --- php8.2-8.2.26/ext/openssl/tests/capture_peer_cert_001.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/capture_peer_cert_001.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -12,14 +12,14 @@ $cacertFile = __DIR__ . DIRECTORY_SEPARATOR . 'capture_peer_cert_001-ca.pem.tmp'; $serverCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://127.0.0.1:0"; $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; $serverCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s' ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); @stream_socket_accept($server, 1); CODE; @@ -27,14 +27,13 @@ $peerName = 'capture_peer_cert_001'; $clientCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://{{ ADDR }}"; $clientFlags = STREAM_CLIENT_CONNECT; $clientCtx = stream_context_create(['ssl' => [ 'capture_peer_cert' => true, 'cafile' => '%s' ]]); - phpt_wait(); $client = @stream_socket_client($serverUri, $errno, $errstr, 1, $clientFlags, $clientCtx); $cert = stream_context_get_options($clientCtx)['ssl']['peer_certificate']; var_dump(openssl_x509_parse($cert)['subject']['CN']); diff -Nru php8.2-8.2.26/ext/openssl/tests/gh10495.phpt php8.2-8.2.28/ext/openssl/tests/gh10495.phpt --- php8.2-8.2.26/ext/openssl/tests/gh10495.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/gh10495.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -15,11 +15,7 @@ $clientCode = <<<'CODE' $context = stream_context_create(['ssl' => ['verify_peer' => false, 'peer_name' => '%s']]); - phpt_wait('server'); - phpt_notify('proxy'); - - phpt_wait('proxy'); - $fp = stream_socket_client("tlsv1.2://127.0.0.1:10012", $errornum, $errorstr, 1, STREAM_CLIENT_CONNECT, $context); + $fp = stream_socket_client("tlsv1.2://{{ ADDR }}", $errornum, $errorstr, 1, STREAM_CLIENT_CONNECT, $context); phpt_wait('proxy'); @@ -38,8 +34,8 @@ $context = stream_context_create(['ssl' => ['local_cert' => '%s']]); $flags = STREAM_SERVER_BIND|STREAM_SERVER_LISTEN; - $fp = stream_socket_server("tlsv1.2://127.0.0.1:10011", $errornum, $errorstr, $flags, $context); - phpt_notify(); + $fp = stream_socket_server("tlsv1.2://127.0.0.1:0", $errornum, $errorstr, $flags, $context); + phpt_notify_server_start($fp); $conn = stream_socket_accept($fp); fwrite($conn, 'warmup'); @@ -50,14 +46,12 @@ $serverCode = sprintf($serverCode, $certFile); $proxyCode = <<<'CODE' - phpt_wait(); - - $upstream = stream_socket_client("tcp://127.0.0.1:10011", $errornum, $errorstr, 3000, STREAM_CLIENT_CONNECT); + $upstream = stream_socket_client("tcp://{{ ADDR }}", $errornum, $errorstr, 3000, STREAM_CLIENT_CONNECT); stream_set_blocking($upstream, false); $flags = STREAM_SERVER_BIND|STREAM_SERVER_LISTEN; - $server = stream_socket_server("tcp://127.0.0.1:10012", $errornum, $errorstr, $flags); - phpt_notify(); + $server = stream_socket_server("tcp://127.0.0.1:0", $errornum, $errorstr, $flags); + phpt_notify_server_start($server); $conn = stream_socket_accept($server); stream_set_blocking($conn, false); diff -Nru php8.2-8.2.26/ext/openssl/tests/gh13860.phpt php8.2-8.2.28/ext/openssl/tests/gh13860.phpt --- php8.2-8.2.26/ext/openssl/tests/gh13860.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/gh13860.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -9,12 +9,12 @@ --FILE-- [ 'local_cert' => '%s', @@ -37,13 +37,13 @@ ]]); $sock = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($sock); $link = stream_socket_accept($sock); CODE; $clientCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://{{ ADDR }}"; $clientFlags = STREAM_CLIENT_CONNECT; $clientCtx = stream_context_create(['ssl' => [ @@ -51,7 +51,6 @@ 'verify_peer_name' => false ]]); - phpt_wait(); @stream_socket_client($serverUri, $errno, $errstr, 2, $clientFlags, $clientCtx); CODE; @@ -65,8 +64,8 @@ ] ]]); - $server = stream_socket_server('tls://127.0.0.1:64321', $errno, $errstr, $flags, $ctx); - phpt_notify(); + $server = stream_socket_server('tls://127.0.0.1:0', $errno, $errstr, $flags, $ctx); + phpt_notify_server_start($server); stream_socket_accept($server); CODE; @@ -84,8 +83,8 @@ ] ]]); - $server = stream_socket_server('tls://127.0.0.1:64321', $errno, $errstr, $flags, $ctx); - phpt_notify(); + $server = stream_socket_server('tls://127.0.0.1:0', $errno, $errstr, $flags, $ctx); + phpt_notify_server_start($server); stream_socket_accept($server); CODE; @@ -103,8 +102,8 @@ ] ]]); - $server = stream_socket_server('tls://127.0.0.1:64321', $errno, $errstr, $flags, $ctx); - phpt_notify(); + $server = stream_socket_server('tls://127.0.0.1:0', $errno, $errstr, $flags, $ctx); + phpt_notify_server_start($server); stream_socket_accept($server); CODE; @@ -115,11 +114,9 @@ 'cafile' => __DIR__ . '/sni_server_ca.pem', ]; - phpt_wait(); - $ctxArr['peer_name'] = '%s'; $ctx = stream_context_create(['ssl' => $ctxArr]); - @stream_socket_client("tls://127.0.0.1:64321", $errno, $errstr, 1, $flags, $ctx); + @stream_socket_client("tls://{{ ADDR }}", $errno, $errstr, 1, $flags, $ctx); CODE; $serverCode = sprintf($serverCodeTemplate, $baseDirCertFile . "\0test", $baseDirPkFile); diff -Nru php8.2-8.2.26/ext/openssl/tests/openssl_csr_export_to_file_leak.phpt php8.2-8.2.28/ext/openssl/tests/openssl_csr_export_to_file_leak.phpt --- php8.2-8.2.26/ext/openssl/tests/openssl_csr_export_to_file_leak.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/openssl_csr_export_to_file_leak.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,14 @@ +--TEST-- +openssl_csr_export_to_file memory leak +--EXTENSIONS-- +openssl +--FILE-- + +--EXPECTF-- +Warning: openssl_csr_export_to_file(output_filename): must be a valid file path %s +bool(false) diff -Nru php8.2-8.2.26/ext/openssl/tests/openssl_peer_fingerprint_basic.phpt php8.2-8.2.28/ext/openssl/tests/openssl_peer_fingerprint_basic.phpt --- php8.2-8.2.26/ext/openssl/tests/openssl_peer_fingerprint_basic.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/openssl_peer_fingerprint_basic.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -12,14 +12,14 @@ $cacertFile = __DIR__ . DIRECTORY_SEPARATOR . 'openssl_peer_fingerprint_basic-ca.pem.tmp'; $serverCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://127.0.0.1:0"; $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; $serverCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s' ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); @stream_socket_accept($server, 1); @stream_socket_accept($server, 1); @@ -28,7 +28,7 @@ $peerName = 'openssl_peer_fingerprint_basic'; $clientCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://{{ ADDR }}"; $clientFlags = STREAM_CLIENT_CONNECT; $clientCtx = stream_context_create(['ssl' => [ 'verify_peer' => true, @@ -37,8 +37,6 @@ 'peer_name' => '%s', ]]); - phpt_wait(); - stream_context_set_option($clientCtx, 'ssl', 'peer_fingerprint', '%s'); var_dump(stream_socket_client($serverUri, $errno, $errstr, 2, $clientFlags, $clientCtx)); @@ -75,6 +73,6 @@ Warning: stream_socket_client(): Failed to enable crypto in %s on line %d -Warning: stream_socket_client(): Unable to connect to ssl://127.0.0.1:64321 (Unknown error) in %s on line %d +Warning: stream_socket_client(): Unable to connect to ssl://127.0.0.1:%d (Unknown error) in %s on line %d bool(false) resource(%d) of type (stream) diff -Nru php8.2-8.2.26/ext/openssl/tests/openssl_pkey_export_to_file_leak.phpt php8.2-8.2.28/ext/openssl/tests/openssl_pkey_export_to_file_leak.phpt --- php8.2-8.2.26/ext/openssl/tests/openssl_pkey_export_to_file_leak.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/openssl_pkey_export_to_file_leak.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,15 @@ +--TEST-- +openssl_pkey_export_to_file memory leak +--EXTENSIONS-- +openssl +--FILE-- + +--EXPECTF-- +Warning: openssl_pkey_export_to_file(output_filename): must be a valid file path %s +bool(false) diff -Nru php8.2-8.2.26/ext/openssl/tests/openssl_pkey_export_to_file_object_to_string.phpt php8.2-8.2.28/ext/openssl/tests/openssl_pkey_export_to_file_object_to_string.phpt --- php8.2-8.2.26/ext/openssl/tests/openssl_pkey_export_to_file_object_to_string.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/openssl_pkey_export_to_file_object_to_string.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,27 @@ +--TEST-- +openssl_pkey_export_to_file object to string conversion +--EXTENSIONS-- +openssl +--FILE-- + +--EXPECT-- +array(2) { + [0]=> + object(Test)#1 (0) { + } + [1]=> + string(0) "" +} diff -Nru php8.2-8.2.26/ext/openssl/tests/openssl_x509_export_to_file_leak.phpt php8.2-8.2.28/ext/openssl/tests/openssl_x509_export_to_file_leak.phpt --- php8.2-8.2.26/ext/openssl/tests/openssl_x509_export_to_file_leak.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/openssl_x509_export_to_file_leak.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,14 @@ +--TEST-- +openssl_x509_export_to_file memory leak +--EXTENSIONS-- +openssl +--FILE-- + +--EXPECTF-- +Warning: openssl_x509_export_to_file(output_filename): must be a valid file path %s +bool(false) diff -Nru php8.2-8.2.26/ext/openssl/tests/peer_verification.phpt php8.2-8.2.28/ext/openssl/tests/peer_verification.phpt --- php8.2-8.2.26/ext/openssl/tests/peer_verification.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/peer_verification.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -12,14 +12,14 @@ $cacertFile = __DIR__ . DIRECTORY_SEPARATOR . 'peer_verification-ca.pem.tmp'; $serverCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://127.0.0.1:0"; $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; $serverCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s' ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); for ($i = 0; $i < 5; $i++) { @stream_socket_accept($server, 1); @@ -29,12 +29,10 @@ $peerName = 'peer_verification'; $clientCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://{{ ADDR }}"; $clientFlags = STREAM_CLIENT_CONNECT; $caFile = '%s'; - phpt_wait(); - // Expected to fail -- untrusted server cert and no CA File present var_dump(@stream_socket_client($serverUri, $errno, $errstr, 1, $clientFlags)); diff -Nru php8.2-8.2.26/ext/openssl/tests/php_openssl_pkey_from_zval_leak.phpt php8.2-8.2.28/ext/openssl/tests/php_openssl_pkey_from_zval_leak.phpt --- php8.2-8.2.26/ext/openssl/tests/php_openssl_pkey_from_zval_leak.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/php_openssl_pkey_from_zval_leak.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,23 @@ +--TEST-- +php_openssl_pkey_from_zval memory leak +--EXTENSIONS-- +openssl +--FILE-- +getMessage(), "\n"; +} + +?> +--EXPECT-- +create a leak diff -Nru php8.2-8.2.26/ext/openssl/tests/san_ipv6_peer_matching.phpt php8.2-8.2.28/ext/openssl/tests/san_ipv6_peer_matching.phpt --- php8.2-8.2.26/ext/openssl/tests/san_ipv6_peer_matching.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/san_ipv6_peer_matching.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -17,14 +17,14 @@ $san = 'IP:2001:db8:85a3:8d3:1319:8a2e:370:7348'; $serverCode = <<<'CODE' - $serverUri = "ssl://[::1]:64324"; + $serverUri = "ssl://[::1]:0"; $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; $serverCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s', ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); @stream_socket_accept($server, 1); @stream_socket_accept($server, 1); @@ -32,14 +32,12 @@ $serverCode = sprintf($serverCode, $certFile); $clientCode = <<<'CODE' - $serverUri = "ssl://[::1]:64324"; + $serverUri = "ssl://{{ ADDR }}"; $clientFlags = STREAM_CLIENT_CONNECT; $clientCtx = stream_context_create(['ssl' => [ 'verify_peer' => false, ]]); - phpt_wait(); - stream_context_set_option($clientCtx, 'ssl', 'peer_name', '2001:db8:85a3:8d3:1319:8a2e:370:7348'); var_dump(stream_socket_client($serverUri, $errno, $errstr, 1, $clientFlags, $clientCtx)); @@ -65,5 +63,5 @@ Warning: stream_socket_client(): Failed to enable crypto in %s on line %d -Warning: stream_socket_client(): Unable to connect to ssl://[::1]:64324 (Unknown error) in %s on line %d +Warning: stream_socket_client(): Unable to connect to ssl://[::1]:%d (Unknown error) in %s on line %d bool(false) diff -Nru php8.2-8.2.26/ext/openssl/tests/san_peer_matching.phpt php8.2-8.2.28/ext/openssl/tests/san_peer_matching.phpt --- php8.2-8.2.26/ext/openssl/tests/san_peer_matching.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/san_peer_matching.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -12,14 +12,14 @@ $san = 'DNS:example.org, DNS:www.example.org, DNS:test.example.org'; $serverCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://127.0.0.1:0"; $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; $serverCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s', ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); @stream_socket_accept($server, 1); @stream_socket_accept($server, 1); @@ -27,14 +27,12 @@ $serverCode = sprintf($serverCode, $certFile); $clientCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://{{ ADDR }}"; $clientFlags = STREAM_CLIENT_CONNECT; $clientCtx = stream_context_create(['ssl' => [ 'verify_peer' => false, ]]); - phpt_wait(); - stream_context_set_option($clientCtx, 'ssl', 'peer_name', 'example.org'); var_dump(stream_socket_client($serverUri, $errno, $errstr, 1, $clientFlags, $clientCtx)); @@ -60,5 +58,5 @@ Warning: stream_socket_client(): Failed to enable crypto in %s on line %d -Warning: stream_socket_client(): Unable to connect to ssl://127.0.0.1:64321 (Unknown error) in %s on line %d +Warning: stream_socket_client(): Unable to connect to ssl://127.0.0.1:%d (Unknown error) in %s on line %d bool(false) diff -Nru php8.2-8.2.26/ext/openssl/tests/session_meta_capture.phpt php8.2-8.2.28/ext/openssl/tests/session_meta_capture.phpt --- php8.2-8.2.26/ext/openssl/tests/session_meta_capture.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/session_meta_capture.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -12,7 +12,7 @@ $cacertFile = __DIR__ . DIRECTORY_SEPARATOR . 'session_meta_capture-ca.pem.tmp'; $serverCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://127.0.0.1:0"; $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; $serverCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s', @@ -20,7 +20,7 @@ ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); @stream_socket_accept($server, 1); @stream_socket_accept($server, 1); @@ -31,7 +31,7 @@ $peerName = 'session_meta_capture'; $clientCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://{{ ADDR }}"; $clientFlags = STREAM_CLIENT_CONNECT; $clientCtx = stream_context_create(['ssl' => [ 'verify_peer' => true, @@ -40,8 +40,6 @@ 'security_level' => 0, ]]); - phpt_wait(); - stream_context_set_option($clientCtx, 'ssl', 'crypto_method', STREAM_CRYPTO_METHOD_TLSv1_0_CLIENT); $stream = stream_socket_client($serverUri, $errno, $errstr, 1, $clientFlags, $clientCtx); var_dump(stream_get_meta_data($stream)['crypto']['protocol']); diff -Nru php8.2-8.2.26/ext/openssl/tests/session_meta_capture_tlsv13.phpt php8.2-8.2.28/ext/openssl/tests/session_meta_capture_tlsv13.phpt --- php8.2-8.2.26/ext/openssl/tests/session_meta_capture_tlsv13.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/session_meta_capture_tlsv13.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -13,7 +13,7 @@ $cacertFile = __DIR__ . DIRECTORY_SEPARATOR . 'session_meta_capture_tlsv13-ca.pem.tmp'; $serverCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://127.0.0.1:0"; $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; $serverCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s', @@ -21,7 +21,7 @@ ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); @stream_socket_accept($server, 1); CODE; @@ -29,7 +29,7 @@ $peerName = 'session_meta_capture_tlsv13'; $clientCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://{{ ADDR }}"; $clientFlags = STREAM_CLIENT_CONNECT; $clientCtx = stream_context_create(['ssl' => [ 'verify_peer' => true, @@ -37,8 +37,6 @@ 'peer_name' => '%s' ]]); - phpt_wait(); - stream_context_set_option($clientCtx, 'ssl', 'crypto_method', STREAM_CRYPTO_METHOD_TLSv1_3_CLIENT); $stream = stream_socket_client($serverUri, $errno, $errstr, 1, $clientFlags, $clientCtx); var_dump(stream_get_meta_data($stream)['crypto']['protocol']); @@ -53,5 +51,10 @@ include 'ServerClientTestCase.inc'; ServerClientTestCase::getInstance()->run($clientCode, $serverCode); ?> +--CLEAN-- + --EXPECT-- string(7) "TLSv1.3" diff -Nru php8.2-8.2.26/ext/openssl/tests/sni_server.phpt php8.2-8.2.28/ext/openssl/tests/sni_server.phpt --- php8.2-8.2.26/ext/openssl/tests/sni_server.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/sni_server.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -18,8 +18,8 @@ ] ]]); - $server = stream_socket_server('tls://127.0.0.1:64321', $errno, $errstr, $flags, $ctx); - phpt_notify(); + $server = stream_socket_server('tls://127.0.0.1:0', $errno, $errstr, $flags, $ctx); + phpt_notify_server_start($server); for ($i=0; $i < 3; $i++) { @stream_socket_accept($server, 3); @@ -33,23 +33,21 @@ 'capture_peer_cert' => true ]; - phpt_wait(); - $ctxArr['peer_name'] = 'cs.php.net'; $ctx = stream_context_create(['ssl' => $ctxArr]); - $client = stream_socket_client("tls://127.0.0.1:64321", $errno, $errstr, 1, $flags, $ctx); + $client = stream_socket_client("tls://{{ ADDR }}", $errno, $errstr, 1, $flags, $ctx); $cert = stream_context_get_options($ctx)['ssl']['peer_certificate']; var_dump(openssl_x509_parse($cert)['subject']['CN']); $ctxArr['peer_name'] = 'uk.php.net'; $ctx = stream_context_create(['ssl' => $ctxArr]); - $client = @stream_socket_client("tls://127.0.0.1:64321", $errno, $errstr, 1, $flags, $ctx); + $client = @stream_socket_client("tls://{{ ADDR }}", $errno, $errstr, 1, $flags, $ctx); $cert = stream_context_get_options($ctx)['ssl']['peer_certificate']; var_dump(openssl_x509_parse($cert)['subject']['CN']); $ctxArr['peer_name'] = 'us.php.net'; $ctx = stream_context_create(['ssl' => $ctxArr]); - $client = @stream_socket_client("tls://127.0.0.1:64321", $errno, $errstr, 1, $flags, $ctx); + $client = @stream_socket_client("tls://{{ ADDR }}", $errno, $errstr, 1, $flags, $ctx); $cert = stream_context_get_options($ctx)['ssl']['peer_certificate']; var_dump(openssl_x509_parse($cert)['subject']['CN']); CODE; diff -Nru php8.2-8.2.26/ext/openssl/tests/sni_server_key_cert.phpt php8.2-8.2.28/ext/openssl/tests/sni_server_key_cert.phpt --- php8.2-8.2.26/ext/openssl/tests/sni_server_key_cert.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/sni_server_key_cert.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -27,8 +27,8 @@ ] ]]); - $server = stream_socket_server('tls://127.0.0.1:64321', $errno, $errstr, $flags, $ctx); - phpt_notify(); + $server = stream_socket_server('tls://127.0.0.1:0', $errno, $errstr, $flags, $ctx); + phpt_notify_server_start($server); for ($i=0; $i < 3; $i++) { @stream_socket_accept($server, 3); @@ -42,23 +42,21 @@ 'capture_peer_cert' => true ]; - phpt_wait(); - $ctxArr['peer_name'] = 'cs.php.net'; $ctx = stream_context_create(['ssl' => $ctxArr]); - $client = stream_socket_client("tls://127.0.0.1:64321", $errno, $errstr, 1, $flags, $ctx); + $client = stream_socket_client("tls://{{ ADDR }}", $errno, $errstr, 1, $flags, $ctx); $cert = stream_context_get_options($ctx)['ssl']['peer_certificate']; var_dump(openssl_x509_parse($cert)['subject']['CN']); $ctxArr['peer_name'] = 'uk.php.net'; $ctx = stream_context_create(['ssl' => $ctxArr]); - $client = @stream_socket_client("tls://127.0.0.1:64321", $errno, $errstr, 1, $flags, $ctx); + $client = @stream_socket_client("tls://{{ ADDR }}", $errno, $errstr, 1, $flags, $ctx); $cert = stream_context_get_options($ctx)['ssl']['peer_certificate']; var_dump(openssl_x509_parse($cert)['subject']['CN']); $ctxArr['peer_name'] = 'us.php.net'; $ctx = stream_context_create(['ssl' => $ctxArr]); - $client = @stream_socket_client("tls://127.0.0.1:64321", $errno, $errstr, 1, $flags, $ctx); + $client = @stream_socket_client("tls://{{ ADDR }}", $errno, $errstr, 1, $flags, $ctx); $cert = stream_context_get_options($ctx)['ssl']['peer_certificate']; var_dump(openssl_x509_parse($cert)['subject']['CN']); CODE; diff -Nru php8.2-8.2.26/ext/openssl/tests/stream_crypto_flags_001.phpt php8.2-8.2.28/ext/openssl/tests/stream_crypto_flags_001.phpt --- php8.2-8.2.26/ext/openssl/tests/stream_crypto_flags_001.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/stream_crypto_flags_001.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -12,7 +12,7 @@ $cacertFile = __DIR__ . DIRECTORY_SEPARATOR . 'stream_crypto_flags_001-ca.pem.tmp'; $serverCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://127.0.0.1:0"; $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; $serverCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s', @@ -20,7 +20,7 @@ ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); @stream_socket_accept($server, 1); @stream_socket_accept($server, 1); @@ -30,7 +30,7 @@ $peerName = 'stream_crypto_flags_001'; $clientCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://{{ ADDR }}"; $clientFlags = STREAM_CLIENT_CONNECT; $clientCtx = stream_context_create(['ssl' => [ 'verify_peer' => true, @@ -39,8 +39,6 @@ 'security_level' => 0, ]]); - phpt_wait(); - stream_context_set_option($clientCtx, 'ssl', 'crypto_method', STREAM_CRYPTO_METHOD_TLSv1_0_CLIENT); var_dump(stream_socket_client($serverUri, $errno, $errstr, 1, $clientFlags, $clientCtx)); diff -Nru php8.2-8.2.26/ext/openssl/tests/stream_crypto_flags_002.phpt php8.2-8.2.28/ext/openssl/tests/stream_crypto_flags_002.phpt --- php8.2-8.2.26/ext/openssl/tests/stream_crypto_flags_002.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/stream_crypto_flags_002.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -12,7 +12,7 @@ $cacertFile = __DIR__ . DIRECTORY_SEPARATOR . 'stream_crypto_flags_002-ca.pem.tmp'; $serverCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://127.0.0.1:0"; $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; $serverCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s', @@ -20,7 +20,7 @@ ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); @stream_socket_accept($server, 1); @stream_socket_accept($server, 1); @@ -31,7 +31,7 @@ $peerName = 'stream_crypto_flags_002'; $clientCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://{{ ADDR }}"; $clientFlags = STREAM_CLIENT_CONNECT; $clientCtx = stream_context_create(['ssl' => [ 'verify_peer' => true, @@ -40,8 +40,6 @@ 'security_level' => 0, ]]); - phpt_wait(); - stream_context_set_option($clientCtx, 'ssl', 'crypto_method', STREAM_CRYPTO_METHOD_TLSv1_0_CLIENT); var_dump(stream_socket_client($serverUri, $errno, $errstr, 2, $clientFlags, $clientCtx)); diff -Nru php8.2-8.2.26/ext/openssl/tests/stream_crypto_flags_003.phpt php8.2-8.2.28/ext/openssl/tests/stream_crypto_flags_003.phpt --- php8.2-8.2.26/ext/openssl/tests/stream_crypto_flags_003.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/stream_crypto_flags_003.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -13,7 +13,7 @@ $cacertFile = __DIR__ . DIRECTORY_SEPARATOR . 'stream_crypto_flags_003-ca.pem.tmp'; $serverCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://127.0.0.1:0"; $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; $serverCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s', @@ -24,7 +24,7 @@ ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); @stream_socket_accept($server, 1); @stream_socket_accept($server, 1); @@ -35,7 +35,7 @@ $peerName = 'stream_crypto_flags_003'; $clientCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://{{ ADDR }}"; $clientFlags = STREAM_CLIENT_CONNECT; $clientCtx = stream_context_create(['ssl' => [ 'verify_peer' => true, @@ -44,8 +44,6 @@ 'security_level' => 0, ]]); - phpt_wait(); - stream_context_set_option($clientCtx, 'ssl', 'crypto_method', STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT); var_dump(stream_socket_client($serverUri, $errno, $errstr, 1, $clientFlags, $clientCtx)); diff -Nru php8.2-8.2.26/ext/openssl/tests/stream_crypto_flags_004.phpt php8.2-8.2.28/ext/openssl/tests/stream_crypto_flags_004.phpt --- php8.2-8.2.26/ext/openssl/tests/stream_crypto_flags_004.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/stream_crypto_flags_004.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -12,7 +12,7 @@ $cacertFile = __DIR__ . DIRECTORY_SEPARATOR . 'stream_crypto_flags_004-ca.pem.tmp'; $serverCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://127.0.0.1:0"; $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; $serverCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s', @@ -21,7 +21,7 @@ ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); @stream_socket_accept($server, 1); @stream_socket_accept($server, 1); @@ -32,7 +32,7 @@ $peerName = 'stream_crypto_flags_004'; $clientCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://{{ ADDR }}"; $clientFlags = STREAM_CLIENT_CONNECT; $clientCtx = stream_context_create(['ssl' => [ 'verify_peer' => true, @@ -41,8 +41,6 @@ 'security_level' => 0, ]]); - phpt_wait(); - // Should succeed because the SSLv23 handshake here is compatible with the // TLSv1 hello method employed in the server var_dump(@stream_socket_client($serverUri, $errno, $errstr, 1, $clientFlags, $clientCtx)); diff -Nru php8.2-8.2.26/ext/openssl/tests/stream_security_level.phpt php8.2-8.2.28/ext/openssl/tests/stream_security_level.phpt --- php8.2-8.2.26/ext/openssl/tests/stream_security_level.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/stream_security_level.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -19,7 +19,7 @@ $cacertFile = __DIR__ . DIRECTORY_SEPARATOR . 'stream_security_level-ca.pem.tmp'; $serverCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64322"; + $serverUri = "ssl://127.0.0.1:0"; $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; $serverCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s', @@ -29,14 +29,14 @@ ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); @stream_socket_accept($server, 1); CODE; $serverCode = sprintf($serverCode, $certFile); $clientCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64322"; + $serverUri = "ssl://{{ ADDR }}"; $clientFlags = STREAM_CLIENT_CONNECT; $clientCtx = stream_context_create(['ssl' => [ 'security_level' => %d, @@ -45,7 +45,6 @@ 'verify_peer_name' => false ]]); - phpt_wait(); $client = stream_socket_client($serverUri, $errno, $errstr, 1, $clientFlags, $clientCtx); var_dump($client); @@ -71,5 +70,5 @@ Warning: stream_socket_client(): Failed to enable crypto in %s : eval()'d code on line %d -Warning: stream_socket_client(): Unable to connect to ssl://127.0.0.1:64322 (Unknown error) in %s : eval()'d code on line %d +Warning: stream_socket_client(): Unable to connect to ssl://127.0.0.1:%d (Unknown error) in %s : eval()'d code on line %d bool(false) diff -Nru php8.2-8.2.26/ext/openssl/tests/stream_server_reneg_limit.phpt php8.2-8.2.28/ext/openssl/tests/stream_server_reneg_limit.phpt --- php8.2-8.2.26/ext/openssl/tests/stream_server_reneg_limit.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/stream_server_reneg_limit.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -99,7 +99,7 @@ $certificateGenerator->saveNewCertAsFileWithKey('stream_security_level', $certFile); include 'ServerClientTestCase.inc'; -ServerClientTestCase::getInstance()->run($serverCode, $clientCode); +ServerClientTestCase::getInstance()->run($serverCode, $clientCode, false); ?> --CLEAN-- [ 'local_cert' => '%s' ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); @stream_socket_accept($server, 1); CODE; @@ -26,14 +26,13 @@ $peerName = 'stream_verify_peer_name_001'; $clientCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://{{ ADDR }}"; $clientFlags = STREAM_CLIENT_CONNECT; $clientCtx = stream_context_create(['ssl' => [ 'verify_peer' => false, 'peer_name' => '%s' ]]); - phpt_wait(); $client = stream_socket_client($serverUri, $errno, $errstr, 1, $clientFlags, $clientCtx); var_dump($client); diff -Nru php8.2-8.2.26/ext/openssl/tests/stream_verify_peer_name_002.phpt php8.2-8.2.28/ext/openssl/tests/stream_verify_peer_name_002.phpt --- php8.2-8.2.26/ext/openssl/tests/stream_verify_peer_name_002.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/stream_verify_peer_name_002.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -12,14 +12,14 @@ $cacertFile = __DIR__ . DIRECTORY_SEPARATOR . 'stream_verify_peer_name_002-ca.pem.tmp'; $serverCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://127.0.0.1:0"; $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; $serverCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s' ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); @stream_socket_accept($server, 1); CODE; @@ -27,7 +27,7 @@ $actualPeerName = 'stream_verify_peer_name_002'; $clientCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://{{ ADDR }}"; $clientFlags = STREAM_CLIENT_CONNECT; $clientCtx = stream_context_create(['ssl' => [ 'verify_peer' => true, @@ -35,7 +35,6 @@ 'verify_peer_name' => false ]]); - phpt_wait(); $client = stream_socket_client($serverUri, $errno, $errstr, 2, $clientFlags, $clientCtx); var_dump($client); diff -Nru php8.2-8.2.26/ext/openssl/tests/stream_verify_peer_name_003.phpt php8.2-8.2.28/ext/openssl/tests/stream_verify_peer_name_003.phpt --- php8.2-8.2.26/ext/openssl/tests/stream_verify_peer_name_003.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/stream_verify_peer_name_003.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -12,14 +12,14 @@ $cacertFile = __DIR__ . DIRECTORY_SEPARATOR . 'stream_verify_peer_name_003-ca.pem.tmp'; $serverCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://127.0.0.1:0"; $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; $serverCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s' ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); @stream_socket_accept($server, 1); CODE; @@ -27,14 +27,13 @@ $actualPeerName = 'stream_verify_peer_name_003'; $clientCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://{{ ADDR }}"; $clientFlags = STREAM_CLIENT_CONNECT; $clientCtx = stream_context_create(['ssl' => [ 'verify_peer' => true, 'cafile' => '%s' ]]); - phpt_wait(); $client = stream_socket_client($serverUri, $errno, $errstr, 1, $clientFlags, $clientCtx); var_dump($client); @@ -59,5 +58,5 @@ Warning: stream_socket_client(): Failed to enable crypto in %s on line %d -Warning: stream_socket_client(): Unable to connect to ssl://127.0.0.1:64321 (Unknown error) in %s on line %d +Warning: stream_socket_client(): Unable to connect to ssl://127.0.0.1:%d (Unknown error) in %s on line %d bool(false) diff -Nru php8.2-8.2.26/ext/openssl/tests/streams_crypto_method.phpt php8.2-8.2.28/ext/openssl/tests/streams_crypto_method.phpt --- php8.2-8.2.26/ext/openssl/tests/streams_crypto_method.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/streams_crypto_method.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -11,14 +11,14 @@ $certFile = __DIR__ . DIRECTORY_SEPARATOR . 'streams_crypto_method.pem.tmp'; $serverCode = <<<'CODE' - $serverUri = "ssl://127.0.0.1:64321"; + $serverUri = "ssl://127.0.0.1:0"; $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; $serverCtx = stream_context_create(['ssl' => [ 'local_cert' => '%s', ]]); $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); - phpt_notify(); + phpt_notify_server_start($server); $client = @stream_socket_accept($server); if ($client) { @@ -39,7 +39,7 @@ $serverCode = sprintf($serverCode, $certFile); $clientCode = <<<'CODE' - $serverUri = "https://127.0.0.1:64321/"; + $serverUri = "https://{{ ADDR }}/"; $clientFlags = STREAM_CLIENT_CONNECT; $clientCtx = stream_context_create(['ssl' => [ 'crypto_method' => STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT, @@ -47,7 +47,6 @@ 'verify_peer_name' => false ]]); - phpt_wait(); echo file_get_contents($serverUri, false, $clientCtx); CODE; diff -Nru php8.2-8.2.26/ext/openssl/tests/tls_min_v1.0_max_v1.1_wrapper.phpt php8.2-8.2.28/ext/openssl/tests/tls_min_v1.0_max_v1.1_wrapper.phpt --- php8.2-8.2.26/ext/openssl/tests/tls_min_v1.0_max_v1.1_wrapper.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/tls_min_v1.0_max_v1.1_wrapper.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -19,8 +19,8 @@ 'security_level' => 0, ]]); - $server = stream_socket_server('tls://127.0.0.1:64321', $errno, $errstr, $flags, $ctx); - phpt_notify(); + $server = stream_socket_server('tls://127.0.0.1:0', $errno, $errstr, $flags, $ctx); + phpt_notify_server_start($server); for ($i=0; $i < (phpt_has_sslv3() ? 6 : 5); $i++) { @stream_socket_accept($server, 3); @@ -36,24 +36,22 @@ 'security_level' => 0, ]]); - phpt_wait(); - - $client = stream_socket_client("tlsv1.0://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = stream_socket_client("tlsv1.0://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); - $client = @stream_socket_client("sslv3://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = @stream_socket_client("sslv3://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); - $client = @stream_socket_client("tlsv1.1://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = @stream_socket_client("tlsv1.1://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); - $client = @stream_socket_client("tlsv1.2://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = @stream_socket_client("tlsv1.2://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); - $client = @stream_socket_client("ssl://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = @stream_socket_client("ssl://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); - $client = @stream_socket_client("tls://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = @stream_socket_client("tls://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); CODE; diff -Nru php8.2-8.2.26/ext/openssl/tests/tls_wrapper.phpt php8.2-8.2.28/ext/openssl/tests/tls_wrapper.phpt --- php8.2-8.2.26/ext/openssl/tests/tls_wrapper.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/tls_wrapper.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -18,8 +18,8 @@ 'security_level' => 0, ]]); - $server = stream_socket_server('tls://127.0.0.1:64321', $errno, $errstr, $flags, $ctx); - phpt_notify(); + $server = stream_socket_server('tls://127.0.0.1:0', $errno, $errstr, $flags, $ctx); + phpt_notify_server_start($server); for ($i = 0; $i < (phpt_has_sslv3() ? 6 : 5); $i++) { @stream_socket_accept($server, 3); @@ -35,24 +35,22 @@ 'security_level' => 0, ]]); - phpt_wait(); - - $client = stream_socket_client("tlsv1.0://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = stream_socket_client("tlsv1.0://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); - $client = @stream_socket_client("sslv3://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = @stream_socket_client("sslv3://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); - $client = @stream_socket_client("tlsv1.1://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = @stream_socket_client("tlsv1.1://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); - $client = @stream_socket_client("tlsv1.2://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = @stream_socket_client("tlsv1.2://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); - $client = @stream_socket_client("ssl://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = @stream_socket_client("ssl://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); - $client = @stream_socket_client("tls://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = @stream_socket_client("tls://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); CODE; diff -Nru php8.2-8.2.26/ext/openssl/tests/tls_wrapper_with_tls_v1.3.phpt php8.2-8.2.28/ext/openssl/tests/tls_wrapper_with_tls_v1.3.phpt --- php8.2-8.2.26/ext/openssl/tests/tls_wrapper_with_tls_v1.3.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/tls_wrapper_with_tls_v1.3.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -18,8 +18,8 @@ 'security_level' => 0, ]]); - $server = stream_socket_server('tls://127.0.0.1:64321', $errno, $errstr, $flags, $ctx); - phpt_notify(); + $server = stream_socket_server('tls://127.0.0.1:0', $errno, $errstr, $flags, $ctx); + phpt_notify_server_start($server); for ($i = 0; $i < (phpt_has_sslv3() ? 7 : 6); $i++) { @stream_socket_accept($server, 3); @@ -35,27 +35,25 @@ 'security_level' => 0, ]]); - phpt_wait(); - - $client = stream_socket_client("tlsv1.0://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = stream_socket_client("tlsv1.0://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); - $client = @stream_socket_client("sslv3://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = @stream_socket_client("sslv3://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); - $client = @stream_socket_client("tlsv1.1://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = @stream_socket_client("tlsv1.1://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); - $client = @stream_socket_client("tlsv1.2://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = @stream_socket_client("tlsv1.2://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); - $client = @stream_socket_client("tlsv1.3://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = @stream_socket_client("tlsv1.3://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); - $client = @stream_socket_client("ssl://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = @stream_socket_client("ssl://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); - $client = @stream_socket_client("tls://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = @stream_socket_client("tls://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); CODE; diff -Nru php8.2-8.2.26/ext/openssl/tests/tlsv1.0_wrapper.phpt php8.2-8.2.28/ext/openssl/tests/tlsv1.0_wrapper.phpt --- php8.2-8.2.26/ext/openssl/tests/tlsv1.0_wrapper.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/tlsv1.0_wrapper.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -17,8 +17,8 @@ 'security_level' => 0, ]]); - $server = stream_socket_server('tlsv1.0://127.0.0.1:64321', $errno, $errstr, $flags, $ctx); - phpt_notify(); + $server = stream_socket_server('tlsv1.0://127.0.0.1:0', $errno, $errstr, $flags, $ctx); + phpt_notify_server_start($server); for ($i = 0; $i < (phpt_has_sslv3() ? 3 : 2); $i++) { @stream_socket_accept($server, 3); @@ -34,15 +34,13 @@ 'security_level' => 0, ]]); - phpt_wait(); - - $client = stream_socket_client("tlsv1.0://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = stream_socket_client("tlsv1.0://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); - $client = @stream_socket_client("sslv3://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = @stream_socket_client("sslv3://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); - $client = @stream_socket_client("tlsv1.2://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = @stream_socket_client("tlsv1.2://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); CODE; diff -Nru php8.2-8.2.26/ext/openssl/tests/tlsv1.1_wrapper.phpt php8.2-8.2.28/ext/openssl/tests/tlsv1.1_wrapper.phpt --- php8.2-8.2.26/ext/openssl/tests/tlsv1.1_wrapper.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/tlsv1.1_wrapper.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -17,8 +17,8 @@ 'security_level' => 0, ]]); - $server = stream_socket_server('tlsv1.1://127.0.0.1:64321', $errno, $errstr, $flags, $ctx); - phpt_notify(); + $server = stream_socket_server('tlsv1.1://127.0.0.1:0', $errno, $errstr, $flags, $ctx); + phpt_notify_server_start($server); for ($i = 0; $i < (phpt_has_sslv3() ? 3 : 2); $i++) { @stream_socket_accept($server, 3); @@ -34,15 +34,13 @@ 'security_level' => 0, ]]); - phpt_wait(); - - $client = stream_socket_client("tlsv1.1://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = stream_socket_client("tlsv1.1://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); - $client = @stream_socket_client("sslv3://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = @stream_socket_client("sslv3://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); - $client = @stream_socket_client("tlsv1.2://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = @stream_socket_client("tlsv1.2://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); CODE; diff -Nru php8.2-8.2.26/ext/openssl/tests/tlsv1.2_wrapper.phpt php8.2-8.2.28/ext/openssl/tests/tlsv1.2_wrapper.phpt --- php8.2-8.2.26/ext/openssl/tests/tlsv1.2_wrapper.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/tlsv1.2_wrapper.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -16,8 +16,8 @@ 'local_cert' => '%s', ]]); - $server = stream_socket_server('tlsv1.2://127.0.0.1:64321', $errno, $errstr, $flags, $ctx); - phpt_notify(); + $server = stream_socket_server('tlsv1.2://127.0.0.1:0', $errno, $errstr, $flags, $ctx); + phpt_notify_server_start($server); for ($i = 0; $i < (phpt_has_sslv3() ? 3 : 2); $i++) { @stream_socket_accept($server, 3); @@ -32,15 +32,13 @@ 'verify_peer_name' => false, ]]); - phpt_wait(); - - $client = stream_socket_client("tlsv1.2://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = stream_socket_client("tlsv1.2://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); - $client = @stream_socket_client("sslv3://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = @stream_socket_client("sslv3://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); - $client = @stream_socket_client("tlsv1.1://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = @stream_socket_client("tlsv1.1://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); CODE; diff -Nru php8.2-8.2.26/ext/openssl/tests/tlsv1.3_wrapper.phpt php8.2-8.2.28/ext/openssl/tests/tlsv1.3_wrapper.phpt --- php8.2-8.2.26/ext/openssl/tests/tlsv1.3_wrapper.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/openssl/tests/tlsv1.3_wrapper.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -17,8 +17,8 @@ 'local_cert' => '%s', ]]); - $server = stream_socket_server('tlsv1.3://127.0.0.1:64321', $errno, $errstr, $flags, $ctx); - phpt_notify(); + $server = stream_socket_server('tlsv1.3://127.0.0.1:0', $errno, $errstr, $flags, $ctx); + phpt_notify_server_start($server); for ($i=0; $i < 3; $i++) { @stream_socket_accept($server, 3); @@ -33,15 +33,13 @@ 'verify_peer_name' => false, ]]); - phpt_wait(); - - $client = stream_socket_client("tlsv1.3://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = stream_socket_client("tlsv1.3://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); - $client = @stream_socket_client("tlsv1.0://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = @stream_socket_client("tlsv1.0://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); - $client = @stream_socket_client("tlsv1.2://127.0.0.1:64321", $errno, $errstr, 3, $flags, $ctx); + $client = @stream_socket_client("tlsv1.2://{{ ADDR }}", $errno, $errstr, 3, $flags, $ctx); var_dump($client); CODE; diff -Nru php8.2-8.2.26/ext/pdo/pdo_stmt.c php8.2-8.2.28/ext/pdo/pdo_stmt.c --- php8.2-8.2.26/ext/pdo/pdo_stmt.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/pdo/pdo_stmt.c 2025-03-11 17:58:12.000000000 +0000 @@ -2077,6 +2077,23 @@ return fbc; } +static HashTable *dbstmt_get_gc(zend_object *object, zval **gc_data, int *gc_count) +{ + pdo_stmt_t *stmt = php_pdo_stmt_fetch_object(object); + *gc_data = &stmt->fetch.into; + *gc_count = 1; + + /** + * If there are no dynamic properties and the default property is 1 (that is, there is only one property + * of string that does not participate in GC), there is no need to call zend_std_get_properties(). + */ + if (object->properties == NULL && object->ce->default_properties_count <= 1) { + return NULL; + } else { + return zend_std_get_properties(object); + } +} + zend_object_handlers pdo_dbstmt_object_handlers; zend_object_handlers pdo_row_object_handlers; @@ -2495,6 +2512,7 @@ pdo_dbstmt_object_handlers.get_method = dbstmt_method_get; pdo_dbstmt_object_handlers.compare = zend_objects_not_comparable; pdo_dbstmt_object_handlers.clone_obj = NULL; + pdo_dbstmt_object_handlers.get_gc = dbstmt_get_gc; pdo_row_ce = register_class_PDORow(); pdo_row_ce->create_object = pdo_row_new; diff -Nru php8.2-8.2.26/ext/pdo/tests/gh16703.phpt php8.2-8.2.28/ext/pdo/tests/gh16703.phpt --- php8.2-8.2.26/ext/pdo/tests/gh16703.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/pdo/tests/gh16703.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,48 @@ +--TEST-- +GH-16703: Memory leak of setFetchMode() +--EXTENSIONS-- +pdo +--SKIPIF-- + +--FILE-- + PDO::CASE_LOWER, + PDO::ATTR_STATEMENT_CLASS => [TestStmt::class], + ], +); + +$db->exec('CREATE TABLE gh16703 (name varchar(255))'); +$db->exec("INSERT INTO gh16703 (name) VALUES ('test_name')"); + +$stmt = $db->query('SELECT name FROM gh16703'); +$t = $stmt; +$stmt->setFetchMode(PDO::FETCH_INTO, $stmt); +$stmt->fetch(); +echo "done!\n"; +?> +--CLEAN-- +exec('DROP TABLE gh16703'); +?> +--EXPECT-- +done! diff -Nru php8.2-8.2.26/ext/pdo_oci/php_pdo_oci_int.h php8.2-8.2.28/ext/pdo_oci/php_pdo_oci_int.h --- php8.2-8.2.26/ext/pdo_oci/php_pdo_oci_int.h 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/pdo_oci/php_pdo_oci_int.h 2025-03-11 17:58:12.000000000 +0000 @@ -14,7 +14,14 @@ +----------------------------------------------------------------------+ */ +#ifndef PHP_PDO_OCI_INT_H +#define PHP_PDO_OCI_INT_H + +#include "zend_portability.h" + +ZEND_DIAGNOSTIC_IGNORED_START("-Wstrict-prototypes") #include +ZEND_DIAGNOSTIC_IGNORED_END typedef struct { const char *file; @@ -105,3 +112,5 @@ PDO_OCI_ATTR_MODULE, PDO_OCI_ATTR_CALL_TIMEOUT }; + +#endif /* PHP_PDO_OCI_INT_H */ diff -Nru php8.2-8.2.26/ext/pgsql/tests/80_bug14383.phpt php8.2-8.2.28/ext/pgsql/tests/80_bug14383.phpt --- php8.2-8.2.26/ext/pgsql/tests/80_bug14383.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/pgsql/tests/80_bug14383.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -39,12 +39,12 @@ bool(true) Try to remove key 1 again bool(false) +[key10]name10: Content String 10 +[key30]name30: Content String 30 key2: Content String 2 key4: Another Content String key5: The last content string name9: Content String 9 -[key10]name10: Content String 10 -[key30]name30: Content String 30 Total keys: 6 Key 1 exists? N Key 2 exists? Y diff -Nru php8.2-8.2.26/ext/phar/phar.c php8.2-8.2.28/ext/phar/phar.c --- php8.2-8.2.26/ext/phar/phar.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/phar/phar.c 2025-03-11 17:58:12.000000000 +0000 @@ -1774,7 +1774,7 @@ return phar_parse_zipfile(fp, fname, fname_len, alias, alias_len, pphar, error); } - if (got > 512) { + if (got >= 512) { if (phar_is_tar(pos, fname)) { php_stream_rewind(fp); return phar_parse_tarfile(fp, fname, fname_len, alias, alias_len, pphar, is_data, compression, error); diff -Nru php8.2-8.2.26/ext/phar/tar.c php8.2-8.2.28/ext/phar/tar.c --- php8.2-8.2.26/ext/phar/tar.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/phar/tar.c 2025-03-11 17:58:12.000000000 +0000 @@ -254,9 +254,8 @@ entry.is_tar = 1; entry.is_crc_checked = 1; entry.phar = myphar; - pos += sizeof(buf); - do { + while (true) { phar_entry_info *newentry; pos = php_stream_tell(fp); @@ -597,6 +596,11 @@ } } + /* Only read next header if we're not yet at the end */ + if (php_stream_tell(fp) == totalsize) { + break; + } + read = php_stream_read(fp, buf, sizeof(buf)); if (read != sizeof(buf)) { @@ -607,7 +611,7 @@ phar_destroy_phar_data(myphar); return FAILURE; } - } while (!php_stream_eof(fp)); + } if (zend_hash_str_exists(&(myphar->manifest), ".phar/stub.php", sizeof(".phar/stub.php")-1)) { myphar->is_data = 0; diff -Nru php8.2-8.2.26/ext/phar/tests/033.phpt php8.2-8.2.28/ext/phar/tests/033.phpt --- php8.2-8.2.26/ext/phar/tests/033.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/phar/tests/033.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -5,6 +5,12 @@ --INI-- phar.readonly=0 phar.require_hash=0 +--SKIPIF-- + --FILE-- --FILE-- +--CLEAN-- + +--EXPECTF-- +int(512) + +Warning: file_get_contents(%stls): Failed to open stream: phar error: path "tls" is a directory in %s on line %d +bool(false) diff -Nru php8.2-8.2.26/ext/phar/tests/tar/gh16695_2.phpt php8.2-8.2.28/ext/phar/tests/tar/gh16695_2.phpt --- php8.2-8.2.26/ext/phar/tests/tar/gh16695_2.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/phar/tests/tar/gh16695_2.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,26 @@ +--TEST-- +GH-16695 (phar:// tar parser and zero-length file header blocks) +--CREDITS-- +hakre +--EXTENSIONS-- +phar +--INI-- +phar.require_hash=0 +--FILE-- + +--CLEAN-- + +--EXPECT-- +int(1024) +string(122) "{"Name":"default","Metadata":{},"Endpoints":{"docker":{"Host":"unix:///run/user/1000/docker.sock","SkipTLSVerify":false}}}" diff -Nru php8.2-8.2.26/ext/phar/tests/tar/gh16695_3.phpt php8.2-8.2.28/ext/phar/tests/tar/gh16695_3.phpt --- php8.2-8.2.26/ext/phar/tests/tar/gh16695_3.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/phar/tests/tar/gh16695_3.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,26 @@ +--TEST-- +GH-16695 (phar:// tar parser and zero-length file header blocks) +--CREDITS-- +hakre +--EXTENSIONS-- +phar +--INI-- +phar.require_hash=0 +--FILE-- + +--CLEAN-- + +--EXPECT-- +int(512) +string(0) "" diff -Nru php8.2-8.2.26/ext/phar/tests/zip/033.phpt php8.2-8.2.28/ext/phar/tests/zip/033.phpt --- php8.2-8.2.26/ext/phar/tests/zip/033.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/phar/tests/zip/033.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -5,6 +5,12 @@ --INI-- phar.readonly=0 phar.require_hash=0 +--SKIPIF-- + --FILE-- sxe->iter.data; + zval *data = &iterator->sxe->iter.data; + if (Z_ISUNDEF_P(data)) { + return NULL; + } + return data; } /* }}} */ diff -Nru php8.2-8.2.26/ext/simplexml/tests/bug51615.phpt php8.2-8.2.28/ext/simplexml/tests/bug51615.phpt --- php8.2-8.2.26/ext/simplexml/tests/bug51615.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/simplexml/tests/bug51615.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -7,7 +7,7 @@ loadHTML('xx'); +$dom->loadHTML('xx', LIBXML_NOERROR); $html = simplexml_import_dom($dom); var_dump($html->body->span); @@ -18,15 +18,12 @@ ?> --EXPECTF-- -Warning: DOMDocument::loadHTML(): error parsing attribute name in Entity, line: 1 in %s on line %d - -Warning: DOMDocument::loadHTML(): error parsing attribute name in Entity, line: 1 in %s on line %d object(SimpleXMLElement)#%d (3) { ["@attributes"]=> array(2) { ["title"]=> string(0) "" - ["y"]=> + [%r("y"{1,2})%r]=> string(0) "" } [0]=> diff -Nru php8.2-8.2.26/ext/simplexml/tests/gh16808.phpt php8.2-8.2.28/ext/simplexml/tests/gh16808.phpt --- php8.2-8.2.26/ext/simplexml/tests/gh16808.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/simplexml/tests/gh16808.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,12 @@ +--TEST-- +GH-16808 (Segmentation fault in RecursiveIteratorIterator->current() with a xml element input) +--EXTENSIONS-- +simplexml +--FILE-- +"); +$test = new RecursiveIteratorIterator($sxe); +var_dump($test->current()); +?> +--EXPECT-- +NULL diff -Nru php8.2-8.2.26/ext/snmp/snmp.c php8.2-8.2.28/ext/snmp/snmp.c --- php8.2-8.2.26/ext/snmp/snmp.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/snmp/snmp.c 2025-03-11 17:58:12.000000000 +0000 @@ -626,6 +626,31 @@ } /* }}} */ +static void php_snmp_zend_string_release_from_char_pointer(char *ptr) { + if (ptr) { + zend_string *pptr = (zend_string *)(ptr - XtOffsetOf(zend_string, val)); + zend_string_release(pptr); + } +} + +static void php_free_objid_query(struct objid_query *objid_query, HashTable* oid_ht, const HashTable *value_ht, int st) { + if (oid_ht) { + uint32_t count = zend_hash_num_elements(oid_ht); + + for (uint32_t i = 0; i < count; i ++) { + snmpobjarg *arg = &objid_query->vars[i]; + if (!arg->oid) { + break; + } + if (value_ht) { + php_snmp_zend_string_release_from_char_pointer(arg->value); + } + php_snmp_zend_string_release_from_char_pointer(arg->oid); + } + } + efree(objid_query->vars); +} + /* {{{ php_snmp_parse_oid * * OID parser (and type, value for SNMP_SET command) @@ -674,10 +699,15 @@ return false; } objid_query->vars = (snmpobjarg *)safe_emalloc(sizeof(snmpobjarg), zend_hash_num_elements(oid_ht), 0); + memset(objid_query->vars, 0, sizeof(snmpobjarg) * zend_hash_num_elements(oid_ht)); objid_query->array_output = (st & SNMP_CMD_SET) == 0; ZEND_HASH_FOREACH_VAL(oid_ht, tmp_oid) { - convert_to_string(tmp_oid); - objid_query->vars[objid_query->count].oid = Z_STRVAL_P(tmp_oid); + zend_string *tmp = zval_try_get_string(tmp_oid); + if (!tmp) { + php_free_objid_query(objid_query, oid_ht, value_ht, st); + return false; + } + objid_query->vars[objid_query->count].oid = ZSTR_VAL(tmp); if (st & SNMP_CMD_SET) { if (type_str) { pptr = ZSTR_VAL(type_str); @@ -701,18 +731,24 @@ } } if (idx_type < type_ht->nNumUsed) { - convert_to_string(tmp_type); - if (Z_STRLEN_P(tmp_type) != 1) { + zend_string *type = zval_try_get_string(tmp_type); + if (!type) { + php_free_objid_query(objid_query, oid_ht, value_ht, st); + return false; + } + size_t len = ZSTR_LEN(type); + char ptype = *ZSTR_VAL(type); + zend_string_release(type); + if (len != 1) { zend_value_error("Type must be a single character"); - efree(objid_query->vars); + php_free_objid_query(objid_query, oid_ht, value_ht, st); return false; } - pptr = Z_STRVAL_P(tmp_type); - objid_query->vars[objid_query->count].type = *pptr; + objid_query->vars[objid_query->count].type = ptype; idx_type++; } else { - php_error_docref(NULL, E_WARNING, "'%s': no type set", Z_STRVAL_P(tmp_oid)); - efree(objid_query->vars); + php_error_docref(NULL, E_WARNING, "'%s': no type set", ZSTR_VAL(tmp)); + php_free_objid_query(objid_query, oid_ht, value_ht, st); return false; } } @@ -738,12 +774,16 @@ } } if (idx_value < value_ht->nNumUsed) { - convert_to_string(tmp_value); - objid_query->vars[objid_query->count].value = Z_STRVAL_P(tmp_value); + zend_string *tmp = zval_try_get_string(tmp_value); + if (!tmp) { + php_free_objid_query(objid_query, oid_ht, value_ht, st); + return false; + } + objid_query->vars[objid_query->count].value = ZSTR_VAL(tmp); idx_value++; } else { - php_error_docref(NULL, E_WARNING, "'%s': no value set", Z_STRVAL_P(tmp_oid)); - efree(objid_query->vars); + php_error_docref(NULL, E_WARNING, "'%s': no value set", ZSTR_VAL(tmp)); + php_free_objid_query(objid_query, oid_ht, value_ht, st); return false; } } @@ -756,14 +796,14 @@ if (st & SNMP_CMD_WALK) { if (objid_query->count > 1) { php_snmp_error(object, PHP_SNMP_ERRNO_OID_PARSING_ERROR, "Multi OID walks are not supported!"); - efree(objid_query->vars); + php_free_objid_query(objid_query, oid_ht, value_ht, st); return false; } objid_query->vars[0].name_length = MAX_NAME_LEN; if (strlen(objid_query->vars[0].oid)) { /* on a walk, an empty string means top of tree - no error */ if (!snmp_parse_oid(objid_query->vars[0].oid, objid_query->vars[0].name, &(objid_query->vars[0].name_length))) { php_snmp_error(object, PHP_SNMP_ERRNO_OID_PARSING_ERROR, "Invalid object identifier: %s", objid_query->vars[0].oid); - efree(objid_query->vars); + php_free_objid_query(objid_query, oid_ht, value_ht, st); return false; } } else { @@ -775,7 +815,7 @@ objid_query->vars[objid_query->offset].name_length = MAX_OID_LEN; if (!snmp_parse_oid(objid_query->vars[objid_query->offset].oid, objid_query->vars[objid_query->offset].name, &(objid_query->vars[objid_query->offset].name_length))) { php_snmp_error(object, PHP_SNMP_ERRNO_OID_PARSING_ERROR, "Invalid object identifier: %s", objid_query->vars[objid_query->offset].oid); - efree(objid_query->vars); + php_free_objid_query(objid_query, oid_ht, value_ht, st); return false; } } @@ -1252,12 +1292,12 @@ if (session_less_mode) { if (!netsnmp_session_init(&session, version, a1, a2, timeout, retries)) { - efree(objid_query.vars); + php_free_objid_query(&objid_query, oid_ht, value_ht, st); netsnmp_session_free(&session); RETURN_FALSE; } if (version == SNMP_VERSION_3 && !netsnmp_session_set_security(session, a3, a4, a5, a6, a7, NULL, NULL)) { - efree(objid_query.vars); + php_free_objid_query(&objid_query, oid_ht, value_ht, st); netsnmp_session_free(&session); /* Warning message sent already, just bail out */ RETURN_FALSE; @@ -1268,7 +1308,7 @@ session = snmp_object->session; if (!session) { zend_throw_error(NULL, "Invalid or uninitialized SNMP object"); - efree(objid_query.vars); + php_free_objid_query(&objid_query, oid_ht, value_ht, st); RETURN_THROWS(); } @@ -1294,7 +1334,7 @@ php_snmp_internal(INTERNAL_FUNCTION_PARAM_PASSTHRU, st, session, &objid_query); - efree(objid_query.vars); + php_free_objid_query(&objid_query, oid_ht, value_ht, st); if (session_less_mode) { netsnmp_session_free(&session); diff -Nru php8.2-8.2.26/ext/snmp/tests/gh16959.phpt php8.2-8.2.28/ext/snmp/tests/gh16959.phpt --- php8.2-8.2.26/ext/snmp/tests/gh16959.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/snmp/tests/gh16959.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,70 @@ +--TEST-- +snmpget() modifies object_id array source +--EXTENSIONS-- +snmp +--SKIPIF-- + +--FILE-- + 077, -066 => -066, -0345 => -0345, 0 => 0 +); +var_dump($bad_object_ids); +var_dump(snmpget($hostname, "", $bad_object_ids) === false); +// The array should remain unmodified +var_dump($bad_object_ids); +try { + snmpget($hostname, "", [0 => new stdClass()]); +} catch (Throwable $e) { + echo $e->getMessage() . PHP_EOL; +} + +try { + snmp2_set($hostname, $communityWrite, $bad_object_ids, array(new stdClass()), array(null)); +} catch (Throwable $e) { + echo $e->getMessage() . PHP_EOL; +} +try { + snmp2_set($hostname, $communityWrite, $bad_object_ids, array("toolongtype"), array(null)); +} catch (Throwable $e) { + echo $e->getMessage() . PHP_EOL; +} +try { + snmp2_set($hostname, $communityWrite, $bad_object_ids, array(str_repeat("onetoomuch", random_int(1, 1))), array(null)); +} catch (Throwable $e) { + echo $e->getMessage(); +} +?> +--EXPECTF-- +array(4) { + [63]=> + int(63) + [-54]=> + int(-54) + [-229]=> + int(-229) + [0]=> + int(0) +} + +Warning: snmpget(): Invalid object identifier: -54 in %s on line %d +bool(true) +array(4) { + [63]=> + int(63) + [-54]=> + int(-54) + [-229]=> + int(-229) + [0]=> + int(0) +} +Object of class stdClass could not be converted to string +Object of class stdClass could not be converted to string +Type must be a single character +Type must be a single character diff -Nru php8.2-8.2.26/ext/snmp/tests/snmp-object-errno-errstr.phpt php8.2-8.2.28/ext/snmp/tests/snmp-object-errno-errstr.phpt --- php8.2-8.2.26/ext/snmp/tests/snmp-object-errno-errstr.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/snmp/tests/snmp-object-errno-errstr.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -7,6 +7,7 @@ --SKIPIF-- --FILE-- --FILE-- --FILE-- --ENV-- MIBS= diff -Nru php8.2-8.2.26/ext/snmp/tests/snmp2_walk.phpt php8.2-8.2.28/ext/snmp/tests/snmp2_walk.phpt --- php8.2-8.2.26/ext/snmp/tests/snmp2_walk.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/snmp/tests/snmp2_walk.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -7,6 +7,7 @@ --SKIPIF-- --FILE-- --FILE-- --FILE-- --FILE-- --ENV-- MIBS= diff -Nru php8.2-8.2.26/ext/snmp/tests/snmpwalk.phpt php8.2-8.2.28/ext/snmp/tests/snmpwalk.phpt --- php8.2-8.2.26/ext/snmp/tests/snmpwalk.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/snmp/tests/snmpwalk.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -7,6 +7,7 @@ --SKIPIF-- --FILE-- = 11 + ZEND_DIAGNOSTIC_IGNORED_START("-Wstringop-overread") +#endif + bool is_xsd_any_type = strcmp(ZSTR_VAL(array_type.s),"xsd:anyType") == 0; +#if defined(__GNUC__) && __GNUC__ >= 11 + ZEND_DIAGNOSTIC_IGNORED_END +#endif + if (is_xsd_any_type) { smart_str_free(&array_type); smart_str_appendl(&array_type,"xsd:ur-type",sizeof("xsd:ur-type")-1); } diff -Nru php8.2-8.2.26/ext/standard/array.c php8.2-8.2.28/ext/standard/array.c --- php8.2-8.2.26/ext/standard/array.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/standard/array.c 2025-03-11 17:58:12.000000000 +0000 @@ -1029,11 +1029,50 @@ return zobj->handlers->get_properties(zobj); } +static zval *php_array_iter_seek_current(HashTable *array, bool forward_direction) +{ + zval *entry; + + while (true) { + if ((entry = zend_hash_get_current_data(array)) == NULL) { + return NULL; + } + + ZVAL_DEINDIRECT(entry); + + /* Possible with an uninitialized typed property */ + if (UNEXPECTED(Z_TYPE_P(entry) == IS_UNDEF)) { + zend_result result; + if (forward_direction) { + result = zend_hash_move_forward(array); + } else { + result = zend_hash_move_backwards(array); + } + if (result != SUCCESS) { + return NULL; + } + } else { + break; + } + } + + return entry; +} + +static void php_array_iter_return_current(zval *return_value, HashTable *array, bool forward_direction) +{ + zval *entry = php_array_iter_seek_current(array, forward_direction); + if (EXPECTED(entry)) { + RETURN_COPY_DEREF(entry); + } else { + RETURN_FALSE; + } +} + /* {{{ Advances array argument's internal pointer to the last element and return it */ PHP_FUNCTION(end) { zval *array_zv; - zval *entry; ZEND_PARSE_PARAMETERS_START(1, 1) Z_PARAM_ARRAY_OR_OBJECT_EX(array_zv, 0, 1) @@ -1047,15 +1086,7 @@ zend_hash_internal_pointer_end(array); if (USED_RET()) { - if ((entry = zend_hash_get_current_data(array)) == NULL) { - RETURN_FALSE; - } - - if (Z_TYPE_P(entry) == IS_INDIRECT) { - entry = Z_INDIRECT_P(entry); - } - - RETURN_COPY_DEREF(entry); + php_array_iter_return_current(return_value, array, false); } } /* }}} */ @@ -1064,7 +1095,6 @@ PHP_FUNCTION(prev) { zval *array_zv; - zval *entry; ZEND_PARSE_PARAMETERS_START(1, 1) Z_PARAM_ARRAY_OR_OBJECT_EX(array_zv, 0, 1) @@ -1078,15 +1108,7 @@ zend_hash_move_backwards(array); if (USED_RET()) { - if ((entry = zend_hash_get_current_data(array)) == NULL) { - RETURN_FALSE; - } - - if (Z_TYPE_P(entry) == IS_INDIRECT) { - entry = Z_INDIRECT_P(entry); - } - - RETURN_COPY_DEREF(entry); + php_array_iter_return_current(return_value, array, false); } } /* }}} */ @@ -1095,7 +1117,6 @@ PHP_FUNCTION(next) { zval *array_zv; - zval *entry; ZEND_PARSE_PARAMETERS_START(1, 1) Z_PARAM_ARRAY_OR_OBJECT_EX(array_zv, 0, 1) @@ -1109,15 +1130,7 @@ zend_hash_move_forward(array); if (USED_RET()) { - if ((entry = zend_hash_get_current_data(array)) == NULL) { - RETURN_FALSE; - } - - if (Z_TYPE_P(entry) == IS_INDIRECT) { - entry = Z_INDIRECT_P(entry); - } - - RETURN_COPY_DEREF(entry); + php_array_iter_return_current(return_value, array, true); } } /* }}} */ @@ -1126,7 +1139,6 @@ PHP_FUNCTION(reset) { zval *array_zv; - zval *entry; ZEND_PARSE_PARAMETERS_START(1, 1) Z_PARAM_ARRAY_OR_OBJECT_EX(array_zv, 0, 1) @@ -1140,15 +1152,7 @@ zend_hash_internal_pointer_reset(array); if (USED_RET()) { - if ((entry = zend_hash_get_current_data(array)) == NULL) { - RETURN_FALSE; - } - - if (Z_TYPE_P(entry) == IS_INDIRECT) { - entry = Z_INDIRECT_P(entry); - } - - RETURN_COPY_DEREF(entry); + php_array_iter_return_current(return_value, array, true); } } /* }}} */ @@ -1157,22 +1161,13 @@ PHP_FUNCTION(current) { zval *array_zv; - zval *entry; ZEND_PARSE_PARAMETERS_START(1, 1) Z_PARAM_ARRAY_OR_OBJECT(array_zv) ZEND_PARSE_PARAMETERS_END(); HashTable *array = get_ht_for_iap(array_zv, /* separate */ false); - if ((entry = zend_hash_get_current_data(array)) == NULL) { - RETURN_FALSE; - } - - if (Z_TYPE_P(entry) == IS_INDIRECT) { - entry = Z_INDIRECT_P(entry); - } - - RETURN_COPY_DEREF(entry); + php_array_iter_return_current(return_value, array, true); } /* }}} */ @@ -1186,7 +1181,10 @@ ZEND_PARSE_PARAMETERS_END(); HashTable *array = get_ht_for_iap(array_zv, /* separate */ false); - zend_hash_get_current_key_zval(array, return_value); + zval *entry = php_array_iter_seek_current(array, true); + if (EXPECTED(entry)) { + zend_hash_get_current_key_zval(array, return_value); + } } /* }}} */ diff -Nru php8.2-8.2.26/ext/standard/http_fopen_wrapper.c php8.2-8.2.28/ext/standard/http_fopen_wrapper.c --- php8.2-8.2.26/ext/standard/http_fopen_wrapper.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/standard/http_fopen_wrapper.c 2025-03-11 17:58:12.000000000 +0000 @@ -67,15 +67,16 @@ #include "php_fopen_wrappers.h" -#define HTTP_HEADER_BLOCK_SIZE 1024 -#define PHP_URL_REDIRECT_MAX 20 -#define HTTP_HEADER_USER_AGENT 1 -#define HTTP_HEADER_HOST 2 -#define HTTP_HEADER_AUTH 4 -#define HTTP_HEADER_FROM 8 -#define HTTP_HEADER_CONTENT_LENGTH 16 -#define HTTP_HEADER_TYPE 32 -#define HTTP_HEADER_CONNECTION 64 +#define HTTP_HEADER_BLOCK_SIZE 1024 +#define HTTP_HEADER_MAX_LOCATION_SIZE 8182 /* 8192 - 10 (size of "Location: ") */ +#define PHP_URL_REDIRECT_MAX 20 +#define HTTP_HEADER_USER_AGENT 1 +#define HTTP_HEADER_HOST 2 +#define HTTP_HEADER_AUTH 4 +#define HTTP_HEADER_FROM 8 +#define HTTP_HEADER_CONTENT_LENGTH 16 +#define HTTP_HEADER_TYPE 32 +#define HTTP_HEADER_CONNECTION 64 #define HTTP_WRAPPER_HEADER_INIT 1 #define HTTP_WRAPPER_REDIRECTED 2 @@ -107,7 +108,7 @@ static bool check_has_header(const char *headers, const char *header) { const char *s = headers; while ((s = strstr(s, header))) { - if (s == headers || *(s-1) == '\n') { + if (s == headers || (*(s-1) == '\n' && *(s-2) == '\r')) { return 1; } s++; @@ -115,6 +116,214 @@ return 0; } +typedef struct _php_stream_http_response_header_info { + php_stream_filter *transfer_encoding; + size_t file_size; + bool error; + bool follow_location; + char *location; + size_t location_len; +} php_stream_http_response_header_info; + +static void php_stream_http_response_header_info_init( + php_stream_http_response_header_info *header_info) +{ + memset(header_info, 0, sizeof(php_stream_http_response_header_info)); + header_info->follow_location = 1; +} + +/* Trim white spaces from response header line and update its length */ +static bool php_stream_http_response_header_trim(char *http_header_line, + size_t *http_header_line_length) +{ + char *http_header_line_end = http_header_line + *http_header_line_length - 1; + while (http_header_line_end >= http_header_line && + (*http_header_line_end == '\n' || *http_header_line_end == '\r')) { + http_header_line_end--; + } + + /* The primary definition of an HTTP header in RFC 7230 states: + * > Each header field consists of a case-insensitive field name followed + * > by a colon (":"), optional leading whitespace, the field value, and + * > optional trailing whitespace. */ + + /* Strip trailing whitespace */ + bool space_trim = (*http_header_line_end == ' ' || *http_header_line_end == '\t'); + if (space_trim) { + do { + http_header_line_end--; + } while (http_header_line_end >= http_header_line && + (*http_header_line_end == ' ' || *http_header_line_end == '\t')); + } + http_header_line_end++; + *http_header_line_end = '\0'; + *http_header_line_length = http_header_line_end - http_header_line; + + return space_trim; +} + +/* Process folding headers of the current line and if there are none, parse last full response + * header line. It returns NULL if the last header is finished, otherwise it returns updated + * last header line. */ +static zend_string *php_stream_http_response_headers_parse(php_stream_wrapper *wrapper, + php_stream *stream, php_stream_context *context, int options, + zend_string *last_header_line_str, char *header_line, size_t *header_line_length, + int response_code, zval *response_header, + php_stream_http_response_header_info *header_info) +{ + char *last_header_line = ZSTR_VAL(last_header_line_str); + size_t last_header_line_length = ZSTR_LEN(last_header_line_str); + char *last_header_line_end = ZSTR_VAL(last_header_line_str) + ZSTR_LEN(last_header_line_str) - 1; + + /* Process non empty header line. */ + if (header_line && (*header_line != '\n' && *header_line != '\r')) { + /* Removing trailing white spaces. */ + if (php_stream_http_response_header_trim(header_line, header_line_length) && + *header_line_length == 0) { + /* Only spaces so treat as an empty folding header. */ + return last_header_line_str; + } + + /* Process folding headers if starting with a space or a tab. */ + if (header_line && (*header_line == ' ' || *header_line == '\t')) { + char *http_folded_header_line = header_line; + size_t http_folded_header_line_length = *header_line_length; + /* Remove the leading white spaces. */ + while (*http_folded_header_line == ' ' || *http_folded_header_line == '\t') { + http_folded_header_line++; + http_folded_header_line_length--; + } + /* It has to have some characters because it would get returned after the call + * php_stream_http_response_header_trim above. */ + ZEND_ASSERT(http_folded_header_line_length > 0); + /* Concatenate last header line, space and current header line. */ + zend_string *extended_header_str = zend_string_concat3( + last_header_line, last_header_line_length, + " ", 1, + http_folded_header_line, http_folded_header_line_length); + zend_string_efree(last_header_line_str); + last_header_line_str = extended_header_str; + /* Return new header line. */ + return last_header_line_str; + } + } + + /* Find header separator position. */ + char *last_header_value = memchr(last_header_line, ':', last_header_line_length); + if (last_header_value) { + /* Verify there is no space in header name */ + char *last_header_name = last_header_line + 1; + while (last_header_name < last_header_value) { + if (*last_header_name == ' ' || *last_header_name == '\t') { + header_info->error = true; + php_stream_wrapper_log_error(wrapper, options, + "HTTP invalid response format (space in header name)!"); + zend_string_efree(last_header_line_str); + return NULL; + } + ++last_header_name; + } + + last_header_value++; /* Skip ':'. */ + + /* Strip leading whitespace. */ + while (last_header_value < last_header_line_end + && (*last_header_value == ' ' || *last_header_value == '\t')) { + last_header_value++; + } + } else { + /* There is no colon which means invalid response so error. */ + header_info->error = true; + php_stream_wrapper_log_error(wrapper, options, + "HTTP invalid response format (no colon in header line)!"); + zend_string_efree(last_header_line_str); + return NULL; + } + + bool store_header = true; + zval *tmpzval = NULL; + + if (!strncasecmp(last_header_line, "Location:", sizeof("Location:")-1)) { + /* Check if the location should be followed. */ + if (context && (tmpzval = php_stream_context_get_option(context, "http", "follow_location")) != NULL) { + header_info->follow_location = zval_is_true(tmpzval); + } else if (!((response_code >= 300 && response_code < 304) + || 307 == response_code || 308 == response_code)) { + /* The redirection should not be automatic if follow_location is not set and + * response_code not in (300, 301, 302, 303 and 307) + * see http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.3.1 + * RFC 7238 defines 308: http://tools.ietf.org/html/rfc7238 */ + header_info->follow_location = 0; + } + size_t last_header_value_len = strlen(last_header_value); + if (last_header_value_len > HTTP_HEADER_MAX_LOCATION_SIZE) { + header_info->error = true; + php_stream_wrapper_log_error(wrapper, options, + "HTTP Location header size is over the limit of %d bytes", + HTTP_HEADER_MAX_LOCATION_SIZE); + zend_string_efree(last_header_line_str); + return NULL; + } + if (header_info->location_len == 0) { + header_info->location = emalloc(last_header_value_len + 1); + } else if (header_info->location_len <= last_header_value_len) { + header_info->location = erealloc(header_info->location, last_header_value_len + 1); + } + header_info->location_len = last_header_value_len; + memcpy(header_info->location, last_header_value, last_header_value_len + 1); + } else if (!strncasecmp(last_header_line, "Content-Type:", sizeof("Content-Type:")-1)) { + php_stream_notify_info(context, PHP_STREAM_NOTIFY_MIME_TYPE_IS, last_header_value, 0); + } else if (!strncasecmp(last_header_line, "Content-Length:", sizeof("Content-Length:")-1)) { + /* https://www.rfc-editor.org/rfc/rfc9110.html#name-content-length */ + const char *ptr = last_header_value; + /* must contain only digits, no + or - symbols */ + if (*ptr >= '0' && *ptr <= '9') { + char *endptr = NULL; + size_t parsed = ZEND_STRTOUL(ptr, &endptr, 10); + /* check whether there was no garbage in the header value and the conversion was successful */ + if (endptr && !*endptr) { + /* truncate for 32-bit such that no negative file sizes occur */ + header_info->file_size = MIN(parsed, ZEND_LONG_MAX); + php_stream_notify_file_size(context, header_info->file_size, last_header_line, 0); + } + } + } else if ( + !strncasecmp(last_header_line, "Transfer-Encoding:", sizeof("Transfer-Encoding:")-1) + && !strncasecmp(last_header_value, "Chunked", sizeof("Chunked")-1) + ) { + /* Create filter to decode response body. */ + if (!(options & STREAM_ONLY_GET_HEADERS)) { + zend_long decode = 1; + + if (context && (tmpzval = php_stream_context_get_option(context, "http", "auto_decode")) != NULL) { + decode = zend_is_true(tmpzval); + } + if (decode) { + if (header_info->transfer_encoding != NULL) { + /* Prevent a memory leak in case there are more transfer-encoding headers. */ + php_stream_filter_free(header_info->transfer_encoding); + } + header_info->transfer_encoding = php_stream_filter_create( + "dechunk", NULL, php_stream_is_persistent(stream)); + if (header_info->transfer_encoding != NULL) { + /* Do not store transfer-encoding header. */ + store_header = false; + } + } + } + } + + if (store_header) { + zval http_header; + ZVAL_NEW_STR(&http_header, last_header_line_str); + zend_hash_next_index_insert(Z_ARRVAL_P(response_header), &http_header); + } else { + zend_string_efree(last_header_line_str); + } + + return NULL; +} + static php_stream *php_stream_url_wrap_http_ex(php_stream_wrapper *wrapper, const char *path, const char *mode, int options, zend_string **opened_path, php_stream_context *context, int redirect_max, int flags, @@ -127,11 +336,12 @@ zend_string *tmp = NULL; char *ua_str = NULL; zval *ua_zval = NULL, *tmpzval = NULL, ssl_proxy_peer_name; - char location[HTTP_HEADER_BLOCK_SIZE]; int reqok = 0; char *http_header_line = NULL; + zend_string *last_header_line_str = NULL; + php_stream_http_response_header_info header_info; char tmp_line[128]; - size_t chunk_size = 0, file_size = 0; + size_t chunk_size = 0; int eol_detect = 0; zend_string *transport_string; zend_string *errstr = NULL; @@ -142,8 +352,6 @@ int header_init = ((flags & HTTP_WRAPPER_HEADER_INIT) != 0); int redirected = ((flags & HTTP_WRAPPER_REDIRECTED) != 0); int redirect_keep_method = ((flags & HTTP_WRAPPER_KEEP_METHOD) != 0); - bool follow_location = 1; - php_stream_filter *transfer_encoding = NULL; int response_code; smart_str req_buf = {0}; bool custom_request_method; @@ -353,6 +561,8 @@ } } + php_stream_http_response_header_info_init(&header_info); + if (stream == NULL) goto out; @@ -653,8 +863,6 @@ /* send it */ php_stream_write(stream, ZSTR_VAL(req_buf.s), ZSTR_LEN(req_buf.s)); - location[0] = '\0'; - if (Z_ISUNDEF_P(response_header)) { array_init(response_header); } @@ -737,140 +945,103 @@ } /* read past HTTP headers */ - while (!php_stream_eof(stream)) { size_t http_header_line_length; if (http_header_line != NULL) { efree(http_header_line); } - if ((http_header_line = php_stream_get_line(stream, NULL, 0, &http_header_line_length)) && *http_header_line != '\n' && *http_header_line != '\r') { - char *e = http_header_line + http_header_line_length - 1; - char *http_header_value; - - while (e >= http_header_line && (*e == '\n' || *e == '\r')) { - e--; - } - - /* The primary definition of an HTTP header in RFC 7230 states: - * > Each header field consists of a case-insensitive field name followed - * > by a colon (":"), optional leading whitespace, the field value, and - * > optional trailing whitespace. */ - - /* Strip trailing whitespace */ - while (e >= http_header_line && (*e == ' ' || *e == '\t')) { - e--; - } - - /* Terminate header line */ - e++; - *e = '\0'; - http_header_line_length = e - http_header_line; - - http_header_value = memchr(http_header_line, ':', http_header_line_length); - if (http_header_value) { - http_header_value++; /* Skip ':' */ - - /* Strip leading whitespace */ - while (http_header_value < e - && (*http_header_value == ' ' || *http_header_value == '\t')) { - http_header_value++; + if ((http_header_line = php_stream_get_line(stream, NULL, 0, &http_header_line_length))) { + bool last_line; + if (*http_header_line == '\r') { + if (http_header_line[1] != '\n') { + php_stream_close(stream); + stream = NULL; + php_stream_wrapper_log_error(wrapper, options, + "HTTP invalid header name (cannot start with CR character)!"); + goto out; } + last_line = true; + } else if (*http_header_line == '\n') { + last_line = true; } else { - /* There is no colon. Set the value to the end of the header line, which is - * effectively an empty string. */ - http_header_value = e; - } - - if (!strncasecmp(http_header_line, "Location:", sizeof("Location:")-1)) { - if (context && (tmpzval = php_stream_context_get_option(context, "http", "follow_location")) != NULL) { - follow_location = zval_is_true(tmpzval); - } else if (!((response_code >= 300 && response_code < 304) - || 307 == response_code || 308 == response_code)) { - /* we shouldn't redirect automatically - if follow_location isn't set and response_code not in (300, 301, 302, 303 and 307) - see http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.3.1 - RFC 7238 defines 308: http://tools.ietf.org/html/rfc7238 */ - follow_location = 0; - } - strlcpy(location, http_header_value, sizeof(location)); - } else if (!strncasecmp(http_header_line, "Content-Type:", sizeof("Content-Type:")-1)) { - php_stream_notify_info(context, PHP_STREAM_NOTIFY_MIME_TYPE_IS, http_header_value, 0); - } else if (!strncasecmp(http_header_line, "Content-Length:", sizeof("Content-Length:")-1)) { - /* https://www.rfc-editor.org/rfc/rfc9110.html#name-content-length */ - const char *ptr = http_header_value; - /* must contain only digits, no + or - symbols */ - if (*ptr >= '0' && *ptr <= '9') { - char *endptr = NULL; - size_t parsed = ZEND_STRTOUL(ptr, &endptr, 10); - /* check whether there was no garbage in the header value and the conversion was successful */ - if (endptr && !*endptr) { - /* truncate for 32-bit such that no negative file sizes occur */ - file_size = MIN(parsed, ZEND_LONG_MAX); - php_stream_notify_file_size(context, file_size, http_header_line, 0); + last_line = false; + } + + if (last_header_line_str != NULL) { + /* Parse last header line. */ + last_header_line_str = php_stream_http_response_headers_parse(wrapper, stream, + context, options, last_header_line_str, http_header_line, + &http_header_line_length, response_code, response_header, &header_info); + if (EXPECTED(last_header_line_str == NULL)) { + if (UNEXPECTED(header_info.error)) { + php_stream_close(stream); + stream = NULL; + goto out; } + } else { + /* Folding header present so continue. */ + continue; } - } else if ( - !strncasecmp(http_header_line, "Transfer-Encoding:", sizeof("Transfer-Encoding:")-1) - && !strncasecmp(http_header_value, "Chunked", sizeof("Chunked")-1) - ) { - - /* create filter to decode response body */ - if (!(options & STREAM_ONLY_GET_HEADERS)) { - zend_long decode = 1; - - if (context && (tmpzval = php_stream_context_get_option(context, "http", "auto_decode")) != NULL) { - decode = zend_is_true(tmpzval); - } - if (decode) { - transfer_encoding = php_stream_filter_create("dechunk", NULL, php_stream_is_persistent(stream)); - if (transfer_encoding) { - /* don't store transfer-encodeing header */ - continue; - } - } + } else if (!last_line) { + /* The first line cannot start with spaces. */ + if (*http_header_line == ' ' || *http_header_line == '\t') { + php_stream_close(stream); + stream = NULL; + php_stream_wrapper_log_error(wrapper, options, + "HTTP invalid response format (folding header at the start)!"); + goto out; } + /* Trim the first line if it is not the last line. */ + php_stream_http_response_header_trim(http_header_line, &http_header_line_length); } - - { - zval http_header; - ZVAL_STRINGL(&http_header, http_header_line, http_header_line_length); - zend_hash_next_index_insert(Z_ARRVAL_P(response_header), &http_header); + if (last_line) { + /* For the last line the last header line must be NULL. */ + ZEND_ASSERT(last_header_line_str == NULL); + break; } + /* Save current line as the last line so it gets parsed in the next round. */ + last_header_line_str = zend_string_init(http_header_line, http_header_line_length, 0); } else { break; } } - if (!reqok || (location[0] != '\0' && follow_location)) { - if (!follow_location || (((options & STREAM_ONLY_GET_HEADERS) || ignore_errors) && redirect_max <= 1)) { + /* If the stream was closed early, we still want to process the last line to keep BC. */ + if (last_header_line_str != NULL) { + php_stream_http_response_headers_parse(wrapper, stream, context, options, + last_header_line_str, NULL, NULL, response_code, response_header, &header_info); + } + + if (!reqok || (header_info.location != NULL && header_info.follow_location)) { + if (!header_info.follow_location || (((options & STREAM_ONLY_GET_HEADERS) || ignore_errors) && redirect_max <= 1)) { goto out; } - if (location[0] != '\0') - php_stream_notify_info(context, PHP_STREAM_NOTIFY_REDIRECTED, location, 0); + if (header_info.location != NULL) + php_stream_notify_info(context, PHP_STREAM_NOTIFY_REDIRECTED, header_info.location, 0); php_stream_close(stream); stream = NULL; - if (transfer_encoding) { - php_stream_filter_free(transfer_encoding); - transfer_encoding = NULL; + if (header_info.transfer_encoding) { + php_stream_filter_free(header_info.transfer_encoding); + header_info.transfer_encoding = NULL; } - if (location[0] != '\0') { + if (header_info.location != NULL) { - char new_path[HTTP_HEADER_BLOCK_SIZE]; - char loc_path[HTTP_HEADER_BLOCK_SIZE]; + char *new_path = NULL; - *new_path='\0'; - if (strlen(location)<8 || (strncasecmp(location, "http://", sizeof("http://")-1) && - strncasecmp(location, "https://", sizeof("https://")-1) && - strncasecmp(location, "ftp://", sizeof("ftp://")-1) && - strncasecmp(location, "ftps://", sizeof("ftps://")-1))) + if (strlen(header_info.location) < 8 || + (strncasecmp(header_info.location, "http://", sizeof("http://")-1) && + strncasecmp(header_info.location, "https://", sizeof("https://")-1) && + strncasecmp(header_info.location, "ftp://", sizeof("ftp://")-1) && + strncasecmp(header_info.location, "ftps://", sizeof("ftps://")-1))) { - if (*location != '/') { - if (*(location+1) != '\0' && resource->path) { + char *loc_path = NULL; + if (*header_info.location != '/') { + if (*(header_info.location+1) != '\0' && resource->path) { char *s = strrchr(ZSTR_VAL(resource->path), '/'); if (!s) { s = ZSTR_VAL(resource->path); @@ -886,29 +1057,35 @@ if (resource->path && ZSTR_VAL(resource->path)[0] == '/' && ZSTR_VAL(resource->path)[1] == '\0') { - snprintf(loc_path, sizeof(loc_path) - 1, "%s%s", ZSTR_VAL(resource->path), location); + spprintf(&loc_path, 0, "%s%s", ZSTR_VAL(resource->path), header_info.location); } else { - snprintf(loc_path, sizeof(loc_path) - 1, "%s/%s", ZSTR_VAL(resource->path), location); + spprintf(&loc_path, 0, "%s/%s", ZSTR_VAL(resource->path), header_info.location); } } else { - snprintf(loc_path, sizeof(loc_path) - 1, "/%s", location); + spprintf(&loc_path, 0, "/%s", header_info.location); } } else { - strlcpy(loc_path, location, sizeof(loc_path)); + loc_path = header_info.location; + header_info.location = NULL; } if ((use_ssl && resource->port != 443) || (!use_ssl && resource->port != 80)) { - snprintf(new_path, sizeof(new_path) - 1, "%s://%s:%d%s", ZSTR_VAL(resource->scheme), ZSTR_VAL(resource->host), resource->port, loc_path); + spprintf(&new_path, 0, "%s://%s:%d%s", ZSTR_VAL(resource->scheme), + ZSTR_VAL(resource->host), resource->port, loc_path); } else { - snprintf(new_path, sizeof(new_path) - 1, "%s://%s%s", ZSTR_VAL(resource->scheme), ZSTR_VAL(resource->host), loc_path); + spprintf(&new_path, 0, "%s://%s%s", ZSTR_VAL(resource->scheme), + ZSTR_VAL(resource->host), loc_path); } + efree(loc_path); } else { - strlcpy(new_path, location, sizeof(new_path)); + new_path = header_info.location; + header_info.location = NULL; } php_url_free(resource); /* check for invalid redirection URLs */ if ((resource = php_url_parse(new_path)) == NULL) { php_stream_wrapper_log_error(wrapper, options, "Invalid redirect URL! %s", new_path); + efree(new_path); goto out; } @@ -920,6 +1097,7 @@ while (s < e) { \ if (iscntrl(*s)) { \ php_stream_wrapper_log_error(wrapper, options, "Invalid redirect URL! %s", new_path); \ + efree(new_path); \ goto out; \ } \ s++; \ @@ -942,6 +1120,7 @@ stream = php_stream_url_wrap_http_ex( wrapper, new_path, mode, options, opened_path, context, --redirect_max, new_flags, response_header STREAMS_CC); + efree(new_path); } else { php_stream_wrapper_log_error(wrapper, options, "HTTP request failed! %s", tmp_line); } @@ -954,6 +1133,10 @@ efree(http_header_line); } + if (header_info.location != NULL) { + efree(header_info.location); + } + if (resource) { php_url_free(resource); } @@ -962,7 +1145,7 @@ if (header_init) { ZVAL_COPY(&stream->wrapperdata, response_header); } - php_stream_notify_progress_init(context, 0, file_size); + php_stream_notify_progress_init(context, 0, header_info.file_size); /* Restore original chunk size now that we're done with headers */ if (options & STREAM_WILL_CAST) @@ -978,8 +1161,8 @@ /* restore mode */ strlcpy(stream->mode, mode, sizeof(stream->mode)); - if (transfer_encoding) { - php_stream_filter_append(&stream->readfilters, transfer_encoding); + if (header_info.transfer_encoding) { + php_stream_filter_append(&stream->readfilters, header_info.transfer_encoding); } /* It's possible that the server already sent in more data than just the headers. diff -Nru php8.2-8.2.26/ext/standard/tests/array/gh16905.phpt php8.2-8.2.28/ext/standard/tests/array/gh16905.phpt --- php8.2-8.2.26/ext/standard/tests/array/gh16905.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/standard/tests/array/gh16905.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,92 @@ +--TEST-- +GH-16905 (Internal iterator functions can't handle UNDEF properties) +--FILE-- +b = 1; +$x->c = 2; + +var_dump(reset($x)); +var_dump(current($x)); +var_dump(end($x)); + +var_dump(reset($x)); +var_dump(next($x)); + +var_dump(end($x)); +var_dump(prev($x)); + +var_dump(key($x)); +var_dump(current($x)); + +$x = new TestAllUndef; +var_dump(key($x)); +var_dump(current($x)); + +$x->a = 1; +var_dump(key($x)); +var_dump(current($x)); +reset($x); +var_dump(key($x)); +var_dump(current($x)); + +?> +--EXPECTF-- +Deprecated: reset(): Calling reset() on an object is deprecated in %s on line %d +int(1) + +Deprecated: current(): Calling current() on an object is deprecated in %s on line %d +int(1) + +Deprecated: end(): Calling end() on an object is deprecated in %s on line %d +int(2) + +Deprecated: reset(): Calling reset() on an object is deprecated in %s on line %d +int(1) + +Deprecated: next(): Calling next() on an object is deprecated in %s on line %d +int(2) + +Deprecated: end(): Calling end() on an object is deprecated in %s on line %d +int(2) + +Deprecated: prev(): Calling prev() on an object is deprecated in %s on line %d +int(1) + +Deprecated: key(): Calling key() on an object is deprecated in %s on line %d +string(1) "b" + +Deprecated: current(): Calling current() on an object is deprecated in %s on line %d +int(1) + +Deprecated: key(): Calling key() on an object is deprecated in %s on line %d +NULL + +Deprecated: current(): Calling current() on an object is deprecated in %s on line %d +bool(false) + +Deprecated: key(): Calling key() on an object is deprecated in %s on line %d +NULL + +Deprecated: current(): Calling current() on an object is deprecated in %s on line %d +bool(false) + +Deprecated: reset(): Calling reset() on an object is deprecated in %s on line %d + +Deprecated: key(): Calling key() on an object is deprecated in %s on line %d +string(1) "a" + +Deprecated: current(): Calling current() on an object is deprecated in %s on line %d +int(1) diff -Nru php8.2-8.2.26/ext/standard/tests/file/copy_variation5-win32.phpt php8.2-8.2.28/ext/standard/tests/file/copy_variation5-win32.phpt --- php8.2-8.2.26/ext/standard/tests/file/copy_variation5-win32.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/standard/tests/file/copy_variation5-win32.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -22,9 +22,9 @@ $dest_files = array( /* Checking case sensitiveness */ - "COPY.tmp", - "COPY.TMP", - "CopY.TMP" + "COPY5.tmp", + "COPY5.TMP", + "CopY5.TMP" ); echo "Size of the source file before copy operation => "; @@ -80,25 +80,25 @@ -- Iteration 1 -- Copy operation => bool(true) Existence of destination file => bool(true) -Destination file name => %s/COPY.tmp +Destination file name => %s/COPY5.tmp Size of source file => int(1500) Size of destination file => int(1500) -- Iteration 2 -- Copy operation => bool(true) Existence of destination file => bool(true) -Destination file name => %s/COPY.TMP +Destination file name => %s/COPY5.TMP Size of source file => int(1500) Size of destination file => int(1500) -- Iteration 3 -- Copy operation => bool(true) Existence of destination file => bool(true) -Destination file name => %s/CopY.TMP +Destination file name => %s/CopY5.TMP Size of source file => int(1500) Size of destination file => int(1500) -Warning: unlink(%s/COPY.TMP): No such file or directory in %s on line %d +Warning: unlink(%s/COPY5.TMP): No such file or directory in %s on line %d -Warning: unlink(%s/CopY.TMP): No such file or directory in %s on line %d +Warning: unlink(%s/CopY5.TMP): No such file or directory in %s on line %d *** Done *** diff -Nru php8.2-8.2.26/ext/standard/tests/file/file_put_contents_variation7.phpt php8.2-8.2.28/ext/standard/tests/file/file_put_contents_variation7.phpt --- php8.2-8.2.26/ext/standard/tests/file/file_put_contents_variation7.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/standard/tests/file/file_put_contents_variation7.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -2,6 +2,11 @@ Test file_put_contents() function : usage variation - various absolute and relative paths --CREDITS-- Dave Kelsey +--SKIPIF-- + --FILE-- +--SKIPIF-- + --FILE-- +--INI-- +zend_test.observer.enabled=1 +zend_test.observer.observe_functions=1 +zend_test.observer.show_output=1 +--FILE-- +test("World!")); +?> +--EXPECTF-- + + +
+
+ + + + + +string(12) "Hello World!" + + + + + +string(12) "Hello World!" + diff -Nru php8.2-8.2.26/ext/standard/tests/http/bug47021.phpt php8.2-8.2.28/ext/standard/tests/http/bug47021.phpt --- php8.2-8.2.26/ext/standard/tests/http/bug47021.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/standard/tests/http/bug47021.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -70,23 +70,27 @@ echo "\n"; ?> ---EXPECT-- +--EXPECTF-- + Type='text/plain' Hello -Size=5 -World + +Warning: file_get_contents(http://%s:%d): Failed to open stream: HTTP invalid response format (no colon in header line)! in %s + Type='text/plain' Hello -Size=5 -World + +Warning: file_get_contents(http://%s:%d): Failed to open stream: HTTP invalid response format (no colon in header line)! in %s + Type='text/plain' Hello -Size=5 -World + +Warning: file_get_contents(http://%s:%d): Failed to open stream: HTTP invalid response format (no colon in header line)! in %s + Type='text/plain' Hello -Size=5 -World + +Warning: file_get_contents(http://%s:%d): Failed to open stream: HTTP invalid response format (no colon in header line)! in %s diff -Nru php8.2-8.2.26/ext/standard/tests/http/bug75535.phpt php8.2-8.2.28/ext/standard/tests/http/bug75535.phpt --- php8.2-8.2.26/ext/standard/tests/http/bug75535.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/standard/tests/http/bug75535.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -21,9 +21,7 @@ --EXPECT-- string(0) "" -array(2) { +array(1) { [0]=> string(15) "HTTP/1.0 200 Ok" - [1]=> - string(14) "Content-Length" } diff -Nru php8.2-8.2.26/ext/standard/tests/http/ghsa-52jp-hrpf-2jff-001.phpt php8.2-8.2.28/ext/standard/tests/http/ghsa-52jp-hrpf-2jff-001.phpt --- php8.2-8.2.26/ext/standard/tests/http/ghsa-52jp-hrpf-2jff-001.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/standard/tests/http/ghsa-52jp-hrpf-2jff-001.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,58 @@ +--TEST-- +GHSA-52jp-hrpf-2jff: HTTP stream wrapper truncate redirect location to 1024 bytes (success) +--FILE-- + [ + "tcp_nodelay" => true + ] + ]); + + $server = stream_socket_server( + "tcp://127.0.0.1:0", $errno, $errstr, STREAM_SERVER_BIND | STREAM_SERVER_LISTEN, $ctxt); + phpt_notify_server_start($server); + + $conn = stream_socket_accept($server); + + phpt_notify(message:"server-accepted"); + + $loc = str_repeat("y", 8000); + fwrite($conn, "HTTP/1.0 301 Ok\r\nContent-Type: text/html;\r\nLocation: $loc\r\n\r\nbody\r\n"); +CODE; + +$clientCode = <<<'CODE' + function stream_notification_callback($notification_code, $severity, $message, $message_code, $bytes_transferred, $bytes_max) { + switch($notification_code) { + case STREAM_NOTIFY_MIME_TYPE_IS: + echo "Found the mime-type: ", $message, PHP_EOL; + break; + case STREAM_NOTIFY_REDIRECTED: + echo "Redirected: "; + var_dump($message); + } + } + + $ctx = stream_context_create(); + stream_context_set_params($ctx, array("notification" => "stream_notification_callback")); + var_dump(trim(file_get_contents("http://{{ ADDR }}", false, $ctx))); + var_dump($http_response_header); +CODE; + +include sprintf("%s/../../../openssl/tests/ServerClientTestCase.inc", __DIR__); +ServerClientTestCase::getInstance()->run($clientCode, $serverCode); +?> +--EXPECTF-- +Found the mime-type: text/html; +Redirected: string(8000) "%s" + +Warning: file_get_contents(http://127.0.0.1:%d): Failed to open stream: %s +string(0) "" +array(3) { + [0]=> + string(15) "HTTP/1.0 301 Ok" + [1]=> + string(24) "Content-Type: text/html;" + [2]=> + string(8010) "Location: %s" +} diff -Nru php8.2-8.2.26/ext/standard/tests/http/ghsa-52jp-hrpf-2jff-002.phpt php8.2-8.2.28/ext/standard/tests/http/ghsa-52jp-hrpf-2jff-002.phpt --- php8.2-8.2.26/ext/standard/tests/http/ghsa-52jp-hrpf-2jff-002.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/standard/tests/http/ghsa-52jp-hrpf-2jff-002.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,55 @@ +--TEST-- +GHSA-52jp-hrpf-2jff: HTTP stream wrapper truncate redirect location to 1024 bytes (over limit) +--FILE-- + [ + "tcp_nodelay" => true + ] + ]); + + $server = stream_socket_server( + "tcp://127.0.0.1:0", $errno, $errstr, STREAM_SERVER_BIND | STREAM_SERVER_LISTEN, $ctxt); + phpt_notify_server_start($server); + + $conn = stream_socket_accept($server); + + phpt_notify(message:"server-accepted"); + + $loc = str_repeat("y", 9000); + fwrite($conn, "HTTP/1.0 301 Ok\r\nContent-Type: text/html;\r\nLocation: $loc\r\n\r\nbody\r\n"); +CODE; + +$clientCode = <<<'CODE' + function stream_notification_callback($notification_code, $severity, $message, $message_code, $bytes_transferred, $bytes_max) { + switch($notification_code) { + case STREAM_NOTIFY_MIME_TYPE_IS: + echo "Found the mime-type: ", $message, PHP_EOL; + break; + case STREAM_NOTIFY_REDIRECTED: + echo "Redirected: "; + var_dump($message); + } + } + + $ctx = stream_context_create(); + stream_context_set_params($ctx, array("notification" => "stream_notification_callback")); + var_dump(trim(file_get_contents("http://{{ ADDR }}", false, $ctx))); + var_dump($http_response_header); +CODE; + +include sprintf("%s/../../../openssl/tests/ServerClientTestCase.inc", __DIR__); +ServerClientTestCase::getInstance()->run($clientCode, $serverCode); +?> +--EXPECTF-- +Found the mime-type: text/html; + +Warning: file_get_contents(http://127.0.0.1:%d): Failed to open stream: HTTP Location header size is over the limit of 8182 bytes in %s +string(0) "" +array(2) { + [0]=> + string(15) "HTTP/1.0 301 Ok" + [1]=> + string(24) "Content-Type: text/html;" +} diff -Nru php8.2-8.2.26/ext/standard/tests/http/ghsa-hgf5-96fm-v528-001.phpt php8.2-8.2.28/ext/standard/tests/http/ghsa-hgf5-96fm-v528-001.phpt --- php8.2-8.2.26/ext/standard/tests/http/ghsa-hgf5-96fm-v528-001.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/standard/tests/http/ghsa-hgf5-96fm-v528-001.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,65 @@ +--TEST-- +GHSA-hgf5-96fm-v528: Stream HTTP wrapper header check might omit basic auth header (incorrect inside pos) +--FILE-- + [ + "tcp_nodelay" => true + ] + ]); + + $server = stream_socket_server( + "tcp://127.0.0.1:0", $errno, $errstr, STREAM_SERVER_BIND | STREAM_SERVER_LISTEN, $ctxt); + phpt_notify_server_start($server); + + $conn = stream_socket_accept($server); + + phpt_notify(message:"server-accepted"); + + $result = fread($conn, 1024); + $encoded_result = base64_encode($result); + + fwrite($conn, "HTTP/1.0 200 Ok\r\nContent-Type: text/html; charset=utf-8\r\n\r\n$encoded_result\r\n"); + +CODE; + +$clientCode = <<<'CODE' + $opts = [ + "http" => [ + "method" => "GET", + "header" => "Cookie: foo=bar\nauthorization:x\r\n" + ] + ]; + $ctx = stream_context_create($opts); + var_dump(explode("\r\n", base64_decode(file_get_contents("http://user:pwd@{{ ADDR }}", false, $ctx)))); + var_dump($http_response_header); +CODE; + +include sprintf("%s/../../../openssl/tests/ServerClientTestCase.inc", __DIR__); +ServerClientTestCase::getInstance()->run($clientCode, $serverCode); +?> +--EXPECTF-- +array(7) { + [0]=> + string(14) "GET / HTTP/1.1" + [1]=> + string(33) "Authorization: Basic dXNlcjpwd2Q=" + [2]=> + string(21) "Host: 127.0.0.1:%d" + [3]=> + string(17) "Connection: close" + [4]=> + string(31) "Cookie: foo=bar +authorization:x" + [5]=> + string(0) "" + [6]=> + string(0) "" +} +array(2) { + [0]=> + string(15) "HTTP/1.0 200 Ok" + [1]=> + string(38) "Content-Type: text/html; charset=utf-8" +} diff -Nru php8.2-8.2.26/ext/standard/tests/http/ghsa-hgf5-96fm-v528-002.phpt php8.2-8.2.28/ext/standard/tests/http/ghsa-hgf5-96fm-v528-002.phpt --- php8.2-8.2.26/ext/standard/tests/http/ghsa-hgf5-96fm-v528-002.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/standard/tests/http/ghsa-hgf5-96fm-v528-002.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,62 @@ +--TEST-- +GHSA-hgf5-96fm-v528: Header parser of http stream wrapper does not handle folded headers (correct start pos) +--FILE-- + [ + "tcp_nodelay" => true + ] + ]); + + $server = stream_socket_server( + "tcp://127.0.0.1:0", $errno, $errstr, STREAM_SERVER_BIND | STREAM_SERVER_LISTEN, $ctxt); + phpt_notify_server_start($server); + + $conn = stream_socket_accept($server); + + phpt_notify(message:"server-accepted"); + + $result = fread($conn, 1024); + $encoded_result = base64_encode($result); + + fwrite($conn, "HTTP/1.0 200 Ok\r\nContent-Type: text/html; charset=utf-8\r\n\r\n$encoded_result\r\n"); + +CODE; + +$clientCode = <<<'CODE' + $opts = [ + "http" => [ + "method" => "GET", + "header" => "Authorization: Bearer x\r\n" + ] + ]; + $ctx = stream_context_create($opts); + var_dump(explode("\r\n", base64_decode(file_get_contents("http://user:pwd@{{ ADDR }}", false, $ctx)))); + var_dump($http_response_header); +CODE; + +include sprintf("%s/../../../openssl/tests/ServerClientTestCase.inc", __DIR__); +ServerClientTestCase::getInstance()->run($clientCode, $serverCode); +?> +--EXPECTF-- +array(6) { + [0]=> + string(14) "GET / HTTP/1.1" + [1]=> + string(21) "Host: 127.0.0.1:%d" + [2]=> + string(17) "Connection: close" + [3]=> + string(23) "Authorization: Bearer x" + [4]=> + string(0) "" + [5]=> + string(0) "" +} +array(2) { + [0]=> + string(15) "HTTP/1.0 200 Ok" + [1]=> + string(38) "Content-Type: text/html; charset=utf-8" +} diff -Nru php8.2-8.2.26/ext/standard/tests/http/ghsa-hgf5-96fm-v528-003.phpt php8.2-8.2.28/ext/standard/tests/http/ghsa-hgf5-96fm-v528-003.phpt --- php8.2-8.2.26/ext/standard/tests/http/ghsa-hgf5-96fm-v528-003.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/standard/tests/http/ghsa-hgf5-96fm-v528-003.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,64 @@ +--TEST-- +GHSA-hgf5-96fm-v528: Header parser of http stream wrapper does not handle folded headers (correct middle pos) +--FILE-- + [ + "tcp_nodelay" => true + ] + ]); + + $server = stream_socket_server( + "tcp://127.0.0.1:0", $errno, $errstr, STREAM_SERVER_BIND | STREAM_SERVER_LISTEN, $ctxt); + phpt_notify_server_start($server); + + $conn = stream_socket_accept($server); + + phpt_notify(message:"server-accepted"); + + $result = fread($conn, 1024); + $encoded_result = base64_encode($result); + + fwrite($conn, "HTTP/1.0 200 Ok\r\nContent-Type: text/html; charset=utf-8\r\n\r\n$encoded_result\r\n"); + +CODE; + +$clientCode = <<<'CODE' + $opts = [ + "http" => [ + "method" => "GET", + "header" => "Cookie: x=y\r\nAuthorization: Bearer x\r\n" + ] + ]; + $ctx = stream_context_create($opts); + var_dump(explode("\r\n", base64_decode(file_get_contents("http://user:pwd@{{ ADDR }}", false, $ctx)))); + var_dump($http_response_header); +CODE; + +include sprintf("%s/../../../openssl/tests/ServerClientTestCase.inc", __DIR__); +ServerClientTestCase::getInstance()->run($clientCode, $serverCode); +?> +--EXPECTF-- +array(7) { + [0]=> + string(14) "GET / HTTP/1.1" + [1]=> + string(21) "Host: 127.0.0.1:%d" + [2]=> + string(17) "Connection: close" + [3]=> + string(11) "Cookie: x=y" + [4]=> + string(23) "Authorization: Bearer x" + [5]=> + string(0) "" + [6]=> + string(0) "" +} +array(2) { + [0]=> + string(15) "HTTP/1.0 200 Ok" + [1]=> + string(38) "Content-Type: text/html; charset=utf-8" +} diff -Nru php8.2-8.2.26/ext/standard/tests/http/ghsa-pcmh-g36c-qc44-001.phpt php8.2-8.2.28/ext/standard/tests/http/ghsa-pcmh-g36c-qc44-001.phpt --- php8.2-8.2.26/ext/standard/tests/http/ghsa-pcmh-g36c-qc44-001.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/standard/tests/http/ghsa-pcmh-g36c-qc44-001.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,51 @@ +--TEST-- +GHSA-pcmh-g36c-qc44: Header parser of http stream wrapper does not verify header name and colon (colon) +--FILE-- + [ + "tcp_nodelay" => true + ] + ]); + + $server = stream_socket_server( + "tcp://127.0.0.1:0", $errno, $errstr, STREAM_SERVER_BIND | STREAM_SERVER_LISTEN, $ctxt); + phpt_notify_server_start($server); + + $conn = stream_socket_accept($server); + + phpt_notify(message:"server-accepted"); + + fwrite($conn, "HTTP/1.0 200 Ok\r\nContent-Type: text/html\r\nWrong-Header\r\nGood-Header: test\r\n\r\nbody\r\n"); +CODE; + +$clientCode = <<<'CODE' + function stream_notification_callback($notification_code, $severity, $message, $message_code, $bytes_transferred, $bytes_max) { + switch($notification_code) { + case STREAM_NOTIFY_MIME_TYPE_IS: + echo "Found the mime-type: ", $message, PHP_EOL; + break; + } + } + + $ctx = stream_context_create(); + stream_context_set_params($ctx, array("notification" => "stream_notification_callback")); + var_dump(file_get_contents("http://{{ ADDR }}", false, $ctx)); + var_dump($http_response_header); +CODE; + +include sprintf("%s/../../../openssl/tests/ServerClientTestCase.inc", __DIR__); +ServerClientTestCase::getInstance()->run($clientCode, $serverCode); +?> +--EXPECTF-- +Found the mime-type: text/html + +Warning: file_get_contents(http://127.0.0.1:%d): Failed to open stream: HTTP invalid response format (no colon in header line)! in %s +bool(false) +array(2) { + [0]=> + string(15) "HTTP/1.0 200 Ok" + [1]=> + string(23) "Content-Type: text/html" +} diff -Nru php8.2-8.2.26/ext/standard/tests/http/ghsa-pcmh-g36c-qc44-002.phpt php8.2-8.2.28/ext/standard/tests/http/ghsa-pcmh-g36c-qc44-002.phpt --- php8.2-8.2.26/ext/standard/tests/http/ghsa-pcmh-g36c-qc44-002.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/standard/tests/http/ghsa-pcmh-g36c-qc44-002.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,51 @@ +--TEST-- +GHSA-pcmh-g36c-qc44: Header parser of http stream wrapper does not verify header name and colon (name) +--FILE-- + [ + "tcp_nodelay" => true + ] + ]); + + $server = stream_socket_server( + "tcp://127.0.0.1:0", $errno, $errstr, STREAM_SERVER_BIND | STREAM_SERVER_LISTEN, $ctxt); + phpt_notify_server_start($server); + + $conn = stream_socket_accept($server); + + phpt_notify(message:"server-accepted"); + + fwrite($conn, "HTTP/1.0 200 Ok\r\nContent-Type: text/html\r\nWrong-Header : test\r\nGood-Header: test\r\n\r\nbody\r\n"); +CODE; + +$clientCode = <<<'CODE' + function stream_notification_callback($notification_code, $severity, $message, $message_code, $bytes_transferred, $bytes_max) { + switch($notification_code) { + case STREAM_NOTIFY_MIME_TYPE_IS: + echo "Found the mime-type: ", $message, PHP_EOL; + break; + } + } + + $ctx = stream_context_create(); + stream_context_set_params($ctx, array("notification" => "stream_notification_callback")); + var_dump(file_get_contents("http://{{ ADDR }}", false, $ctx)); + var_dump($http_response_header); +CODE; + +include sprintf("%s/../../../openssl/tests/ServerClientTestCase.inc", __DIR__); +ServerClientTestCase::getInstance()->run($clientCode, $serverCode); +?> +--EXPECTF-- +Found the mime-type: text/html + +Warning: file_get_contents(http://127.0.0.1:%d): Failed to open stream: HTTP invalid response format (space in header name)! in %s +bool(false) +array(2) { + [0]=> + string(15) "HTTP/1.0 200 Ok" + [1]=> + string(23) "Content-Type: text/html" +} diff -Nru php8.2-8.2.26/ext/standard/tests/http/ghsa-v8xr-gpvj-cx9g-001.phpt php8.2-8.2.28/ext/standard/tests/http/ghsa-v8xr-gpvj-cx9g-001.phpt --- php8.2-8.2.26/ext/standard/tests/http/ghsa-v8xr-gpvj-cx9g-001.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/standard/tests/http/ghsa-v8xr-gpvj-cx9g-001.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,49 @@ +--TEST-- +GHSA-v8xr-gpvj-cx9g: Header parser of http stream wrapper does not handle folded headers (single) +--FILE-- + [ + "tcp_nodelay" => true + ] + ]); + + $server = stream_socket_server( + "tcp://127.0.0.1:0", $errno, $errstr, STREAM_SERVER_BIND | STREAM_SERVER_LISTEN, $ctxt); + phpt_notify_server_start($server); + + $conn = stream_socket_accept($server); + + phpt_notify(message:"server-accepted"); + + fwrite($conn, "HTTP/1.0 200 Ok\r\nContent-Type: text/html;\r\n charset=utf-8\r\n\r\nbody\r\n"); +CODE; + +$clientCode = <<<'CODE' + function stream_notification_callback($notification_code, $severity, $message, $message_code, $bytes_transferred, $bytes_max) { + switch($notification_code) { + case STREAM_NOTIFY_MIME_TYPE_IS: + echo "Found the mime-type: ", $message, PHP_EOL; + break; + } + } + + $ctx = stream_context_create(); + stream_context_set_params($ctx, array("notification" => "stream_notification_callback")); + var_dump(trim(file_get_contents("http://{{ ADDR }}", false, $ctx))); + var_dump($http_response_header); +CODE; + +include sprintf("%s/../../../openssl/tests/ServerClientTestCase.inc", __DIR__); +ServerClientTestCase::getInstance()->run($clientCode, $serverCode); +?> +--EXPECTF-- +Found the mime-type: text/html; charset=utf-8 +string(4) "body" +array(2) { + [0]=> + string(15) "HTTP/1.0 200 Ok" + [1]=> + string(38) "Content-Type: text/html; charset=utf-8" +} diff -Nru php8.2-8.2.26/ext/standard/tests/http/ghsa-v8xr-gpvj-cx9g-002.phpt php8.2-8.2.28/ext/standard/tests/http/ghsa-v8xr-gpvj-cx9g-002.phpt --- php8.2-8.2.26/ext/standard/tests/http/ghsa-v8xr-gpvj-cx9g-002.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/standard/tests/http/ghsa-v8xr-gpvj-cx9g-002.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,51 @@ +--TEST-- +GHSA-v8xr-gpvj-cx9g: Header parser of http stream wrapper does not handle folded headers (multiple) +--FILE-- + [ + "tcp_nodelay" => true + ] + ]); + + $server = stream_socket_server( + "tcp://127.0.0.1:0", $errno, $errstr, STREAM_SERVER_BIND | STREAM_SERVER_LISTEN, $ctxt); + phpt_notify_server_start($server); + + $conn = stream_socket_accept($server); + + phpt_notify(message:"server-accepted"); + + fwrite($conn, "HTTP/1.0 200 Ok\r\nContent-Type: text/html;\r\nCustom-Header: somevalue;\r\n param1=value1; \r\n param2=value2\r\n\r\nbody\r\n"); +CODE; + +$clientCode = <<<'CODE' + function stream_notification_callback($notification_code, $severity, $message, $message_code, $bytes_transferred, $bytes_max) { + switch($notification_code) { + case STREAM_NOTIFY_MIME_TYPE_IS: + echo "Found the mime-type: ", $message, PHP_EOL; + break; + } + } + + $ctx = stream_context_create(); + stream_context_set_params($ctx, array("notification" => "stream_notification_callback")); + var_dump(trim(file_get_contents("http://{{ ADDR }}", false, $ctx))); + var_dump($http_response_header); +CODE; + +include sprintf("%s/../../../openssl/tests/ServerClientTestCase.inc", __DIR__); +ServerClientTestCase::getInstance()->run($clientCode, $serverCode); +?> +--EXPECTF-- +Found the mime-type: text/html; +string(4) "body" +array(3) { + [0]=> + string(15) "HTTP/1.0 200 Ok" + [1]=> + string(24) "Content-Type: text/html;" + [2]=> + string(54) "Custom-Header: somevalue; param1=value1; param2=value2" +} diff -Nru php8.2-8.2.26/ext/standard/tests/http/ghsa-v8xr-gpvj-cx9g-003.phpt php8.2-8.2.28/ext/standard/tests/http/ghsa-v8xr-gpvj-cx9g-003.phpt --- php8.2-8.2.26/ext/standard/tests/http/ghsa-v8xr-gpvj-cx9g-003.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/standard/tests/http/ghsa-v8xr-gpvj-cx9g-003.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,49 @@ +--TEST-- +GHSA-v8xr-gpvj-cx9g: Header parser of http stream wrapper does not handle folded headers (empty) +--FILE-- + [ + "tcp_nodelay" => true + ] + ]); + + $server = stream_socket_server( + "tcp://127.0.0.1:0", $errno, $errstr, STREAM_SERVER_BIND | STREAM_SERVER_LISTEN, $ctxt); + phpt_notify_server_start($server); + + $conn = stream_socket_accept($server); + + phpt_notify(message:"server-accepted"); + + fwrite($conn, "HTTP/1.0 200 Ok\r\nContent-Type: text/html;\r\n \r\n charset=utf-8\r\n\r\nbody\r\n"); +CODE; + +$clientCode = <<<'CODE' + function stream_notification_callback($notification_code, $severity, $message, $message_code, $bytes_transferred, $bytes_max) { + switch($notification_code) { + case STREAM_NOTIFY_MIME_TYPE_IS: + echo "Found the mime-type: ", $message, PHP_EOL; + break; + } + } + + $ctx = stream_context_create(); + stream_context_set_params($ctx, array("notification" => "stream_notification_callback")); + var_dump(trim(file_get_contents("http://{{ ADDR }}", false, $ctx))); + var_dump($http_response_header); +CODE; + +include sprintf("%s/../../../openssl/tests/ServerClientTestCase.inc", __DIR__); +ServerClientTestCase::getInstance()->run($clientCode, $serverCode); +?> +--EXPECTF-- +Found the mime-type: text/html; charset=utf-8 +string(4) "body" +array(2) { + [0]=> + string(15) "HTTP/1.0 200 Ok" + [1]=> + string(38) "Content-Type: text/html; charset=utf-8" +} diff -Nru php8.2-8.2.26/ext/standard/tests/http/ghsa-v8xr-gpvj-cx9g-004.phpt php8.2-8.2.28/ext/standard/tests/http/ghsa-v8xr-gpvj-cx9g-004.phpt --- php8.2-8.2.26/ext/standard/tests/http/ghsa-v8xr-gpvj-cx9g-004.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/standard/tests/http/ghsa-v8xr-gpvj-cx9g-004.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,48 @@ +--TEST-- +GHSA-v8xr-gpvj-cx9g: Header parser of http stream wrapper does not handle folded headers (first line) +--FILE-- + [ + "tcp_nodelay" => true + ] + ]); + + $server = stream_socket_server( + "tcp://127.0.0.1:0", $errno, $errstr, STREAM_SERVER_BIND | STREAM_SERVER_LISTEN, $ctxt); + phpt_notify_server_start($server); + + $conn = stream_socket_accept($server); + + phpt_notify(message:"server-accepted"); + + fwrite($conn, "HTTP/1.0 200 Ok\r\n Content-Type: text/html;\r\n \r\n charset=utf-8\r\n\r\nbody\r\n"); +CODE; + +$clientCode = <<<'CODE' + function stream_notification_callback($notification_code, $severity, $message, $message_code, $bytes_transferred, $bytes_max) { + switch($notification_code) { + case STREAM_NOTIFY_MIME_TYPE_IS: + echo "Found the mime-type: ", $message, PHP_EOL; + break; + } + } + + $ctx = stream_context_create(); + stream_context_set_params($ctx, array("notification" => "stream_notification_callback")); + var_dump(file_get_contents("http://{{ ADDR }}", false, $ctx)); + var_dump($http_response_header); +CODE; + +include sprintf("%s/../../../openssl/tests/ServerClientTestCase.inc", __DIR__); +ServerClientTestCase::getInstance()->run($clientCode, $serverCode); +?> +--EXPECTF-- + +Warning: file_get_contents(http://127.0.0.1:%d): Failed to open stream: HTTP invalid response format (folding header at the start)! in %s +bool(false) +array(1) { + [0]=> + string(15) "HTTP/1.0 200 Ok" +} diff -Nru php8.2-8.2.26/ext/standard/tests/http/ghsa-v8xr-gpvj-cx9g-005.phpt php8.2-8.2.28/ext/standard/tests/http/ghsa-v8xr-gpvj-cx9g-005.phpt --- php8.2-8.2.26/ext/standard/tests/http/ghsa-v8xr-gpvj-cx9g-005.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/standard/tests/http/ghsa-v8xr-gpvj-cx9g-005.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,48 @@ +--TEST-- +GHSA-v8xr-gpvj-cx9g: Header parser of http stream wrapper does not handle folded headers (CR before header name) +--FILE-- + [ + "tcp_nodelay" => true + ] + ]); + + $server = stream_socket_server( + "tcp://127.0.0.1:0", $errno, $errstr, STREAM_SERVER_BIND | STREAM_SERVER_LISTEN, $ctxt); + phpt_notify_server_start($server); + + $conn = stream_socket_accept($server); + + phpt_notify(message:"server-accepted"); + + fwrite($conn, "HTTP/1.0 200 Ok\r\n\rIgnored: ignored\r\n\r\nbody\r\n"); +CODE; + +$clientCode = <<<'CODE' + function stream_notification_callback($notification_code, $severity, $message, $message_code, $bytes_transferred, $bytes_max) { + switch($notification_code) { + case STREAM_NOTIFY_MIME_TYPE_IS: + echo "Found the mime-type: ", $message, PHP_EOL; + break; + } + } + + $ctx = stream_context_create(); + stream_context_set_params($ctx, array("notification" => "stream_notification_callback")); + var_dump(file_get_contents("http://{{ ADDR }}", false, $ctx)); + var_dump($http_response_header); +CODE; + +include sprintf("%s/../../../openssl/tests/ServerClientTestCase.inc", __DIR__); +ServerClientTestCase::getInstance()->run($clientCode, $serverCode); +?> +--EXPECTF-- + +Warning: file_get_contents(http://127.0.0.1:%d): Failed to open stream: HTTP invalid header name (cannot start with CR character)! in %s +bool(false) +array(1) { + [0]=> + string(15) "HTTP/1.0 200 Ok" +} diff -Nru php8.2-8.2.26/ext/standard/tests/http/http_response_header_05.phpt php8.2-8.2.28/ext/standard/tests/http/http_response_header_05.phpt --- php8.2-8.2.26/ext/standard/tests/http/http_response_header_05.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/standard/tests/http/http_response_header_05.phpt 1970-01-01 00:00:00.000000000 +0000 @@ -1,30 +0,0 @@ ---TEST-- -$http_reponse_header (whitespace-only "header") ---SKIPIF-- - ---INI-- -allow_url_fopen=1 ---FILE-- - $pid, 'uri' => $uri] = http_server($responses, $output); - -$f = file_get_contents($uri); -var_dump($f); -var_dump($http_response_header); - -http_server_kill($pid); - ---EXPECT-- -string(4) "Body" -array(2) { - [0]=> - string(15) "HTTP/1.0 200 Ok" - [1]=> - string(0) "" -} diff -Nru php8.2-8.2.26/ext/standard/tests/network/bug20134.phpt php8.2-8.2.28/ext/standard/tests/network/bug20134.phpt --- php8.2-8.2.26/ext/standard/tests/network/bug20134.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/standard/tests/network/bug20134.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -2,6 +2,8 @@ Bug #20134 (UDP reads from invalid ports) --INI-- default_socket_timeout=1 +--CONFLICTS-- +all --FILE-- --FILE-- [ 'timeout' => PHP_INT_MAX, ], ]; $ctx = stream_context_create($config); -var_dump(fopen("http://www.example.com", "r", false, $ctx)); +var_dump(fopen("http://" . PHP_CLI_SERVER_ADDRESS . "/test", "r", false, $ctx)); ?> --EXPECTF-- resource(%d) of type (stream) diff -Nru php8.2-8.2.26/ext/standard/tests/streams/stream_context_tcp_nodelay_server.phpt php8.2-8.2.28/ext/standard/tests/streams/stream_context_tcp_nodelay_server.phpt --- php8.2-8.2.26/ext/standard/tests/streams/stream_context_tcp_nodelay_server.phpt 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/standard/tests/streams/stream_context_tcp_nodelay_server.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -2,6 +2,10 @@ stream context tcp_nodelay server --EXTENSIONS-- sockets +--SKIPIF-- + --FILE-- 0); + $conn = stream_socket_accept($server); - var_dump(socket_get_option( - socket_import_stream($client), - SOL_TCP, TCP_NODELAY) > 0); + $si = socket_get_option(socket_import_stream($server), SOL_TCP, TCP_NODELAY) > 0 ? "nodelay": "delay"; + $ci = socket_get_option(socket_import_stream($conn), SOL_TCP, TCP_NODELAY) > 0 ? "nodelay": "delay"; - fclose($client); - fclose($server); + phpt_notify(message:"server-$si:conn-$ci"); CODE; $clientCode = <<<'CODE' - $test = stream_socket_client( - "tcp://127.0.0.1:9099", $errno, $errstr, 10); - - sleep(1); - - fclose($test); + $test = stream_socket_client("tcp://{{ ADDR }}", $errno, $errstr, 10); + echo phpt_wait(); CODE; -include sprintf( - "%s/../../../openssl/tests/ServerClientTestCase.inc", - __DIR__); -ServerClientTestCase::getInstance()->run($serverCode, $clientCode); +include sprintf("%s/../../../openssl/tests/ServerClientTestCase.inc", __DIR__); +ServerClientTestCase::getInstance()->run($clientCode, $serverCode); ?> ---EXPECT-- -bool(false) -bool(true) +--EXPECTF-- +server-delay:conn-nodelay + diff -Nru php8.2-8.2.26/ext/xml/tests/toffset_bounds.phpt php8.2-8.2.28/ext/xml/tests/toffset_bounds.phpt --- php8.2-8.2.26/ext/xml/tests/toffset_bounds.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/xml/tests/toffset_bounds.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,42 @@ +--TEST-- +XML_OPTION_SKIP_TAGSTART bounds +--EXTENSIONS-- +xml +--FILE-- +"; +$parser = xml_parser_create(); +xml_parser_set_option($parser, XML_OPTION_SKIP_TAGSTART, 100); +$res = xml_parse_into_struct($parser,$sample,$vals,$index); +var_dump($vals); +?> +--EXPECT-- +array(3) { + [0]=> + array(3) { + ["tag"]=> + string(0) "" + ["type"]=> + string(4) "open" + ["level"]=> + int(1) + } + [1]=> + array(3) { + ["tag"]=> + string(0) "" + ["type"]=> + string(8) "complete" + ["level"]=> + int(2) + } + [2]=> + array(3) { + ["tag"]=> + string(0) "" + ["type"]=> + string(5) "close" + ["level"]=> + int(1) + } +} diff -Nru php8.2-8.2.26/ext/xml/xml.c php8.2-8.2.28/ext/xml/xml.c --- php8.2-8.2.26/ext/xml/xml.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/xml/xml.c 2025-03-11 17:58:12.000000000 +0000 @@ -636,9 +636,11 @@ array_init(&tag); array_init(&atr); - _xml_add_to_info(parser, ZSTR_VAL(tag_name) + parser->toffset); + char *skipped_tag_name = SKIP_TAGSTART(ZSTR_VAL(tag_name)); - add_assoc_string(&tag, "tag", SKIP_TAGSTART(ZSTR_VAL(tag_name))); /* cast to avoid gcc-warning */ + _xml_add_to_info(parser, skipped_tag_name); + + add_assoc_string(&tag, "tag", skipped_tag_name); add_assoc_string(&tag, "type", "open"); add_assoc_long(&tag, "level", parser->level); @@ -707,9 +709,11 @@ } else { array_init(&tag); - _xml_add_to_info(parser, ZSTR_VAL(tag_name) + parser->toffset); + char *skipped_tag_name = SKIP_TAGSTART(ZSTR_VAL(tag_name)); + + _xml_add_to_info(parser, skipped_tag_name); - add_assoc_string(&tag, "tag", SKIP_TAGSTART(ZSTR_VAL(tag_name))); /* cast to avoid gcc-warning */ + add_assoc_string(&tag, "tag", skipped_tag_name); add_assoc_string(&tag, "type", "close"); add_assoc_long(&tag, "level", parser->level); diff -Nru php8.2-8.2.26/ext/zend_test/test.c php8.2-8.2.28/ext/zend_test/test.c --- php8.2-8.2.26/ext/zend_test/test.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/ext/zend_test/test.c 2025-03-11 17:58:12.000000000 +0000 @@ -902,9 +902,12 @@ ZEND_IGNORE_VALUE(arguments); - zval func; + zval func, rv; ZVAL_STR(&func, name); - call_user_function(NULL, NULL, &func, return_value, 0, NULL); + call_user_function(NULL, NULL, &func, &rv, 0, NULL); + + ZVAL_COPY_DEREF(return_value, &rv); + zval_ptr_dtor(&rv); } PHP_INI_BEGIN() diff -Nru php8.2-8.2.26/ext/zend_test/tests/gh16908.phpt php8.2-8.2.28/ext/zend_test/tests/gh16908.phpt --- php8.2-8.2.26/ext/zend_test/tests/gh16908.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php8.2-8.2.28/ext/zend_test/tests/gh16908.phpt 2025-03-11 17:58:12.000000000 +0000 @@ -0,0 +1,20 @@ +--TEST-- +GH-16908 (_ZendTestMagicCallForward does not handle references well) +--EXTENSIONS-- +zend_test +--FILE-- +foo()->x ??= 42; +?> +--EXPECTF-- +Notice: Only variable references should be returned by reference in %s on line %d + +Notice: Only variable references should be returned by reference in %s on line %d + +Fatal error: Uncaught Error: Attempt to assign property "x" on null in %s:%d +Stack trace: +#0 {main} + thrown in %s on line %d diff -Nru php8.2-8.2.26/main/main.c php8.2-8.2.28/main/main.c --- php8.2-8.2.26/main/main.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/main/main.c 2025-03-11 17:58:12.000000000 +0000 @@ -2070,8 +2070,9 @@ _set_invalid_parameter_handler(old_invalid_parameter_handler); } - /* Disable the message box for assertions.*/ + /* Disable the message box for assertions and errors.*/ _CrtSetReportMode(_CRT_ASSERT, 0); + _CrtSetReportMode(_CRT_ERROR, 0); #else php_os = PHP_OS; #endif diff -Nru php8.2-8.2.26/main/network.c php8.2-8.2.28/main/network.c --- php8.2-8.2.26/main/network.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/main/network.c 2025-03-11 17:58:12.000000000 +0000 @@ -299,6 +299,35 @@ fcntl(sock, F_SETFL, save) #endif +#if HAVE_GETTIMEOFDAY +/* Subtract times */ +static inline void sub_times(struct timeval a, struct timeval b, struct timeval *result) +{ + result->tv_usec = a.tv_usec - b.tv_usec; + if (result->tv_usec < 0L) { + a.tv_sec--; + result->tv_usec += 1000000L; + } + result->tv_sec = a.tv_sec - b.tv_sec; + if (result->tv_sec < 0L) { + result->tv_sec++; + result->tv_usec -= 1000000L; + } +} + +static inline void php_network_set_limit_time(struct timeval *limit_time, + struct timeval *timeout) +{ + gettimeofday(limit_time, NULL); + limit_time->tv_sec += timeout->tv_sec; + limit_time->tv_usec += timeout->tv_usec; + if (limit_time->tv_usec >= 1000000) { + limit_time->tv_usec -= 1000000; + limit_time->tv_sec++; + } +} +#endif + /* Connect to a socket using an interruptible connect with optional timeout. * Optionally, the connect can be made asynchronously, which will implicitly * enable non-blocking mode on the socket. @@ -351,25 +380,53 @@ * expected when a connection is actively refused. This way, * php_pollfd_for will return a mask with POLLOUT if the connection * is successful and with POLLPRI otherwise. */ - if ((n = php_pollfd_for(sockfd, POLLOUT|POLLPRI, timeout)) == 0) { + int events = POLLOUT|POLLPRI; #else - if ((n = php_pollfd_for(sockfd, PHP_POLLREADABLE|POLLOUT, timeout)) == 0) { + int events = PHP_POLLREADABLE|POLLOUT; +#endif + struct timeval working_timeout; +#if HAVE_GETTIMEOFDAY + struct timeval limit_time, time_now; +#endif + if (timeout) { + memcpy(&working_timeout, timeout, sizeof(working_timeout)); +#if HAVE_GETTIMEOFDAY + php_network_set_limit_time(&limit_time, &working_timeout); #endif - error = PHP_TIMEOUT_ERROR_VALUE; } - if (n > 0) { - len = sizeof(error); - /* - BSD-derived systems set errno correctly - Solaris returns -1 from getsockopt in case of error - */ - if (getsockopt(sockfd, SOL_SOCKET, SO_ERROR, (char*)&error, &len) != 0) { + while (true) { + n = php_pollfd_for(sockfd, events, timeout ? &working_timeout : NULL); + if (n < 0) { + if (errno == EINTR) { +#if HAVE_GETTIMEOFDAY + if (timeout) { + gettimeofday(&time_now, NULL); + + if (!timercmp(&time_now, &limit_time, <)) { + /* time limit expired; no need for another poll */ + error = PHP_TIMEOUT_ERROR_VALUE; + break; + } else { + /* work out remaining time */ + sub_times(limit_time, time_now, &working_timeout); + } + } +#endif + continue; + } ret = -1; + } else if (n == 0) { + error = PHP_TIMEOUT_ERROR_VALUE; + } else { + len = sizeof(error); + /* BSD-derived systems set errno correctly. + * Solaris returns -1 from getsockopt in case of error. */ + if (getsockopt(sockfd, SOL_SOCKET, SO_ERROR, (char*)&error, &len) != 0) { + ret = -1; + } } - } else { - /* whoops: sockfd has disappeared */ - ret = -1; + break; } ok: @@ -392,22 +449,6 @@ } /* }}} */ -/* {{{ sub_times */ -static inline void sub_times(struct timeval a, struct timeval b, struct timeval *result) -{ - result->tv_usec = a.tv_usec - b.tv_usec; - if (result->tv_usec < 0L) { - a.tv_sec--; - result->tv_usec += 1000000L; - } - result->tv_sec = a.tv_sec - b.tv_sec; - if (result->tv_sec < 0L) { - result->tv_sec++; - result->tv_usec -= 1000000L; - } -} -/* }}} */ - /* Bind to a local IP address. * Returns the bound socket, or -1 on failure. * */ @@ -777,7 +818,6 @@ } /* }}} */ - /* Connect to a remote host using an interruptible connect with optional timeout. * Optionally, the connect can be made asynchronously, which will implicitly * enable non-blocking mode on the socket. @@ -809,13 +849,7 @@ if (timeout) { memcpy(&working_timeout, timeout, sizeof(working_timeout)); #if HAVE_GETTIMEOFDAY - gettimeofday(&limit_time, NULL); - limit_time.tv_sec += working_timeout.tv_sec; - limit_time.tv_usec += working_timeout.tv_usec; - if (limit_time.tv_usec >= 1000000) { - limit_time.tv_usec -= 1000000; - limit_time.tv_sec++; - } + php_network_set_limit_time(&limit_time, &working_timeout); #endif } diff -Nru php8.2-8.2.26/main/php_version.h php8.2-8.2.28/main/php_version.h --- php8.2-8.2.26/main/php_version.h 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/main/php_version.h 2025-03-11 17:58:12.000000000 +0000 @@ -2,7 +2,7 @@ /* edit configure.ac to change version number */ #define PHP_MAJOR_VERSION 8 #define PHP_MINOR_VERSION 2 -#define PHP_RELEASE_VERSION 26 +#define PHP_RELEASE_VERSION 28 #define PHP_EXTRA_VERSION "" -#define PHP_VERSION "8.2.26" -#define PHP_VERSION_ID 80226 +#define PHP_VERSION "8.2.28" +#define PHP_VERSION_ID 80228 diff -Nru php8.2-8.2.26/main/rfc1867.c php8.2-8.2.28/main/rfc1867.c --- php8.2-8.2.26/main/rfc1867.c 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/main/rfc1867.c 2025-03-11 17:58:12.000000000 +0000 @@ -341,8 +341,8 @@ } /* return entire buffer as a partial line */ line[self->bufsize] = 0; - self->buf_begin = ptr; self->bytes_in_buffer = 0; + /* Let fill_buffer() handle the reset of self->buf_begin */ } return line; diff -Nru php8.2-8.2.26/pear/install-pear-nozlib.phar php8.2-8.2.28/pear/install-pear-nozlib.phar --- php8.2-8.2.26/pear/install-pear-nozlib.phar 2024-11-19 17:11:09.000000000 +0000 +++ php8.2-8.2.28/pear/install-pear-nozlib.phar 2025-03-11 17:58:12.000000000 +0000 @@ -1282,11 +1282,10 @@ require_once 'phar://install-pear-nozlib.phar/index.php'; -__HALT_COMPILER();Finstall-pear-nozlib.pharArchive/Tar.php-Yºìe-Yµ~úmArchive_Tar-1.4.14.tarþºìeþÈ1(]mConsole/Getopt.phph5ºìeh5¡¤¥mConsole_Getopt-1.4.3.tarzºìezÀUÚ/m index.php]+ºìe]+fÞ}¬m OS/Guess.php#-ºìe#-©ÆžmPEAR-1.10.15.tarLºìeLWÕjlmPEAR.phpmºìem‰¥ñ‡mPEAR/ChannelFile.phpŸÇºìeŸÇFÉÅÉmPEAR/ChannelFile/Parser.phpöºìeöª‚mPEAR/Command.phpú0ºìeú0‰ãöÊmPEAR/Command/Common.php; ºìe; Sýˆ¿mPEAR/Command/Install.phpÏǺìeÏÇlÿ4©mPEAR/Command/Install.xmló!ºìeó!jÇ¢mPEAR/Common.phpÔhºìeÔhNmPEAR/Config.phpκìeΚå’mPEAR/Dependency2.phpÇźìeÇÅ°ïš@mPEAR/DependencyDB.php³^ºìe³^ÐÕ mPEAR/Downloader.phpºìeË,TLmPEAR/Downloader/Package.php²*ºìe²*Å÷ubmPEAR/ErrorStack.php1„ºìe1„“@ûEmPEAR/Frontend.phpºìe´D'mPEAR/Frontend/CLI.phprdºìerd¯Œ]ÔmPEAR/Installer.php…ºìe…þª -ûmPEAR/Installer/Role.php+ºìe+ëϱœmPEAR/Installer/Role/Common.phpGºìeG&ÐZÆmPEAR/Installer/Role/Data.phpºìeÚÕ}mPEAR/Installer/Role/Data.xml’ºìe’fszmPEAR/Installer/Role/Doc.php ºìe ý†ïmPEAR/Installer/Role/Doc.xml‘ºìe‘h&P*mPEAR/Installer/Role/Php.php ºìe Ùdí mPEAR/Installer/Role/Php.xml­ºìe­zqmPEAR/Installer/Role/Script.phpºìe¨-ùvmPEAR/Installer/Role/Script.xml°ºìe°@v§ÐmPEAR/Installer/Role/Test.phpºìeŠÎmPEAR/Installer/Role/Test.xml’ºìe’B] mPEAR/PackageFile.phpŸ>ºìeŸ>ïÝ(âm!PEAR/PackageFile/Generator/v1.phpEźìeEÅ!ò¿m!PEAR/PackageFile/Generator/v2.php8‚ºìe8‚=B -mPEAR/PackageFile/Parser/v1.php©@ºìe©@—­QmPEAR/PackageFile/Parser/v2.php ºìe KÈÉ"mPEAR/PackageFile/v1.php"ƺìe"ÆH5ümPEAR/PackageFile/v2.phpdºìed„(åm!PEAR/PackageFile/v2/Validator.php€Lºìe€Lo¼/ŠmPEAR/Proxy.phpêºìeê(PzÖmPEAR/Registry.php+ºìe+=T×Vm PEAR/REST.php´Aºìe´A :OØmPEAR/REST/10.php€ºìe€MúVümPEAR/Start.php :ºìe :—¥ncmPEAR/Start/CLI.phpTSºìeTS¿øc‡mPEAR/Task/Common.phpDºìeDmÕ˜¨mPEAR/Task/Postinstallscript.phpÂ9ºìeÂ9Àé•pm"PEAR/Task/Postinstallscript/rw.phpAºìeA›E¸mPEAR/Task/Replace.phpºìeü²ýmPEAR/Task/Replace/rw.php<ºìe<  LwmPEAR/Task/Unixeol.php$ ºìe$ ‰€Ž -mPEAR/Task/Unixeol/rw.phpAºìeA$CˆmPEAR/Task/Windowseol.php ºìe AÑ4mPEAR/Task/Windowseol/rw.phpNºìeN‚‰…mPEAR/Validate.php?Vºìe?V e5òmPEAR/Validator/PECL.php^ºìe^Ê)÷mPEAR/XMLParser.phpIºìeIÓñmStructures/Graph.phpiºìeiC}Ÿãm,Structures/Graph/Manipulator/AcyclicTest.phpðºìeð1ôÈÂm2Structures/Graph/Manipulator/TopologicalSorter.phpºìe¬v°?mStructures/Graph/Node.phpj+ºìej+]#imStructures_Graph-1.1.1.tar6ºìe6ïŽjám -System.php Qºìe Q<»Ó`m XML/Util.phpÕ}ºìeÕ}Æ|­mXML_Util-1.4.5.tar@ºìe@*B¡kmZ¥CgŸ>ÅäOm!PEAR/PackageFile/Generator/v1.phpEÅZ¥CgEÅ­Hóöm!PEAR/PackageFile/Generator/v2.php8‚Z¥Cg8‚\§;mPEAR/PackageFile/Parser/v1.php©@Z¥Cg©@¦±!ümPEAR/PackageFile/Parser/v2.php Z¥Cg ª¯•mPEAR/PackageFile/v1.php"ÆZ¥Cg"Æ0‘mPEAR/PackageFile/v2.phpdZ¥Cgd%Ewm!PEAR/PackageFile/v2/Validator.php€LZ¥Cg€LCø8mPEAR/Proxy.phpêZ¥Cgê(PzÖmPEAR/Registry.phpœ+Z¥Cgœ+F‰W5m PEAR/REST.php´AZ¥Cg´A•¶-mPEAR/REST/10.php€Z¥Cg€ï ½ÝmPEAR/Start.php :Z¥Cg :—¥ncmPEAR/Start/CLI.phpTSZ¥CgTS¿øc‡mPEAR/Task/Common.phpDZ¥CgD .mPEAR/Task/Postinstallscript.phpÂ9Z¥CgÂ9Lóévm"PEAR/Task/Postinstallscript/rw.phpAZ¥CgA’‘j+mPEAR/Task/Replace.phpZ¥CgLpK_mPEAR/Task/Replace/rw.php<Z¥Cg<ü‡7AmPEAR/Task/Unixeol.php$ Z¥Cg$ Àj®mPEAR/Task/Unixeol/rw.phpAZ¥CgAÃoymPEAR/Task/Windowseol.php Z¥Cg {MðPmPEAR/Task/Windowseol/rw.phpNZ¥CgNj¡¥mPEAR/Validate.php?VZ¥Cg?Vá,ntmPEAR/Validator/PECL.php^Z¥Cg^§ÔÄ_mPEAR/XMLParser.phpIZ¥CgIùÍ°hmStructures/Graph.phpiZ¥CgiC}Ÿãm,Structures/Graph/Manipulator/AcyclicTest.phpðZ¥Cgð1ôÈÂm2Structures/Graph/Manipulator/TopologicalSorter.phpZ¥Cg¬v°?mStructures/Graph/Node.phpj+Z¥Cgj+]#imStructures_Graph-1.2.0.tar8Z¥Cg8(ò¯ßm +System.php QZ¥Cg QðêXBm XML/Util.phpÕ}Z¥CgÕ}Æ|­mXML_Util-1.4.5.tar@Z¥Cg@*B¡km the group ID of the file * (default = 0 = root) * - * @return true on success, false on error. + * @return bool true on success, false on error. */ public function addString($p_filename, $p_string, $p_datetime = false, $p_params = array()) { @@ -1910,7 +1909,7 @@ * @param boolean $p_preserve Preserve user/group ownership of files * @param boolean $p_symlinks Allow symlinks. * - * @return true on success, false on error. + * @return bool true on success, false on error. * @see extractModify() */ public function extractList($p_filelist, $p_path = '', $p_remove_path = '', $p_preserve = false, $p_symlinks = true) @@ -1948,7 +1947,7 @@ * list of parameters, in the format attribute code + attribute values : * $arch->setAttribute(ARCHIVE_TAR_ATT_SEPARATOR, ','); * - * @return true on success, false on error. + * @return bool true on success, false on error. */ public function setAttribute() { @@ -3403,7 +3402,7 @@ if ($v_extract_file) { if ($v_header['typeflag'] == "5") { if (!@file_exists($v_header['filename'])) { - if (!@mkdir($v_header['filename'], 0777)) { + if (!@mkdir($v_header['filename'], 0775)) { $this->_error( 'Unable to create directory {' . $v_header['filename'] . '}' @@ -3736,7 +3735,7 @@ return false; } - if (!@mkdir($p_dir, 0777)) { + if (!@mkdir($p_dir, 0775)) { $this->_error("Unable to create directory '$p_dir'"); return false; } @@ -3816,8 +3815,8 @@ return $p_path; } } -package.xml0000644000076500000240000004632114075622601012216 0ustar mrookstaff - +package.xml0000664000175000017500000005035014575343342013062 0ustar ashnazgashnazg + Archive_Tar pear.php.net Tar file management class @@ -3842,6 +3841,12 @@ Michiel Rook mrook mrook@php.net + no + + + Drew Webber + mcdruid + drew@mcdruid.co.uk yes @@ -3850,11 +3855,11 @@ stig@php.net no - 2021-07-20 - + 2024-03-16 + - 1.4.14 - 1.4.0 + 1.5.0 + 1.5.0 stable @@ -3862,11 +3867,12 @@ New BSD License -* Properly fix symbolic link path traversal (CVE-2021-32610) +* PR #42: fix @return true... to @return bool true... on some functions +* PR #46: use 775 default for mkdirs, to avoid world-write - + @@ -3890,6 +3896,37 @@ + 1.5.0 + 1.5.0 + + + stable + stable + + 2024-03-16 + New BSD License + +* PR #42: fix @return true... to @return bool true... on some functions +* PR #46: use 775 default for mkdirs, to avoid world-write + + + + + 1.4.14 + 1.4.0 + + + stable + stable + + 2021-02-16 + New BSD License + +* Properly fix symbolic link path traversal (CVE-2021-32610) + + + + 1.4.13 1.4.0 @@ -4524,7 +4561,7 @@ -Archive_Tar-1.4.14/Archive/Tar.php0000644000076500000240000025441014075622601015633 0ustar mrookstaff the group ID of the file * (default = 0 = root) * - * @return true on success, false on error. + * @return bool true on success, false on error. */ public function addString($p_filename, $p_string, $p_datetime = false, $p_params = array()) { @@ -5148,7 +5185,7 @@ * @param boolean $p_preserve Preserve user/group ownership of files * @param boolean $p_symlinks Allow symlinks. * - * @return true on success, false on error. + * @return bool true on success, false on error. * @see extractModify() */ public function extractList($p_filelist, $p_path = '', $p_remove_path = '', $p_preserve = false, $p_symlinks = true) @@ -5186,7 +5223,7 @@ * list of parameters, in the format attribute code + attribute values : * $arch->setAttribute(ARCHIVE_TAR_ATT_SEPARATOR, ','); * - * @return true on success, false on error. + * @return bool true on success, false on error. */ public function setAttribute() { @@ -6641,7 +6678,7 @@ if ($v_extract_file) { if ($v_header['typeflag'] == "5") { if (!@file_exists($v_header['filename'])) { - if (!@mkdir($v_header['filename'], 0777)) { + if (!@mkdir($v_header['filename'], 0775)) { $this->_error( 'Unable to create directory {' . $v_header['filename'] . '}' @@ -6974,7 +7011,7 @@ return false; } - if (!@mkdir($p_dir, 0777)) { + if (!@mkdir($p_dir, 0775)) { $this->_error("Unable to create directory '$p_dir'"); return false; } @@ -7054,7 +7091,7 @@ return $p_path; } } -Archive_Tar-1.4.14/docs/Archive_Tar.txt0000644000076500000240000004524614075622601016700 0ustar mrookstaffDocumentation for class Archive_Tar +Archive_Tar-1.5.0/docs/Archive_Tar.txt0000644000175000017500000004524614575343342017461 0ustar ashnazgashnazgDocumentation for class Archive_Tar =================================== Last update : 2001-08-15 @@ -7529,7 +7566,13 @@ Go through the archive and extract only the files present in the list. - 'phar://install-pear-nozlib.phar/Archive_Tar-1.4.14.tar', +$install_files = array('Archive_Tar' => 'phar://install-pear-nozlib.phar/Archive_Tar-1.5.0.tar', 'Console_Getopt' => 'phar://install-pear-nozlib.phar/Console_Getopt-1.4.3.tar', -'Structures_Graph' => 'phar://install-pear-nozlib.phar/Structures_Graph-1.1.1.tar', +'Structures_Graph' => 'phar://install-pear-nozlib.phar/Structures_Graph-1.2.0.tar', 'XML_Util' => 'phar://install-pear-nozlib.phar/XML_Util-1.4.5.tar', -'PEAR' => 'phar://install-pear-nozlib.phar/PEAR-1.10.15.tar', +'PEAR' => 'phar://install-pear-nozlib.phar/PEAR-1.10.16.tar', ); array_shift($argv); $debug = false; @@ -9188,7 +9231,7 @@ * @author Gregory Beaver * @copyright 1997-2020 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 */ @@ -9495,8 +9538,8 @@ * c-basic-offset: 4 * End: */ -package.xml0000664000175000017500000016741514573135002013063 0ustar ashnazgashnazg - +package.xml0000664000175000017500000017051714720722517013067 0ustar ashnazgashnazg + PEAR pear.php.net PEAR Base System @@ -9590,10 +9633,10 @@ mj@php.net no - 2024-03-09 - + 2024-11-24 + - 1.10.15 + 1.10.16 1.10.1 @@ -9602,42 +9645,43 @@ New BSD License -* PR #132: cleanup uneeded test -* PR #135: Fix PHP Deprecated: Calling get_class() without arguments +* PR #141: Fix bug #27796: "Array to string" conversion warnings on installs/other actions +* PR #145: Never reference E_STRICT on PHP 8.4+ +* PR #147: Fix tests 8.1+ - + - + - + - + - + - + - + - + - + @@ -9646,77 +9690,77 @@ - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + @@ -9725,115 +9769,115 @@ - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + @@ -9875,7 +9919,7 @@ - + @@ -9890,11 +9934,11 @@ - + - + @@ -10840,9 +10884,26 @@ * PR #135: Fix PHP Deprecated: Calling get_class() without arguments + + 2024-11-24 + + 1.10.16 + 1.10.1 + + + stable + stable + + New BSD License + +* PR #141: Fix bug #27796: "Array to string" conversion warnings on installs/other actions +* PR #145: Never reference E_STRICT on PHP 8.4+ +* PR #147: Fix tests 8.1+ + + -PEAR-1.10.15/OS/Guess.php0000664000175000017500000002637614573135002014416 0ustar ashnazgashnazg * @copyright 1997-2020 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 */ @@ -11237,7 +11298,7 @@ * c-basic-offset: 4 * End: */ -PEAR-1.10.15/PEAR/ChannelFile/Parser.php0000644000175000017500000000325414573135002017126 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -11303,7 +11364,7 @@ $ret->setPackagefile($file, $archive); return $ret; } -}PEAR-1.10.15/PEAR/Command/Auth.xml0000644000175000017500000000231414573135002016006 0ustar ashnazgashnazg +}PEAR-1.10.16/PEAR/Command/Auth.xml0000644000175000017500000000231414720722517016016 0ustar ashnazgashnazg Connects and authenticates to remote server [Deprecated in favor of channel-login] doLogin @@ -11332,7 +11393,7 @@ connect to the remote server, it only deletes the stored username and password from your user configuration. -PEAR-1.10.15/PEAR/Command/Auth.php0000644000175000017500000000501314573135002015774 0ustar ashnazgashnazgPEAR-1.10.16/PEAR/Command/Auth.php0000644000175000017500000000501314720722517016004 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 * @deprecated since 1.8.0alpha1 @@ -11412,7 +11473,7 @@ parent::__construct($ui, $config); } } -PEAR-1.10.15/PEAR/Command/Build.xml0000664000175000017500000000060414573135002016146 0ustar ashnazgashnazg +PEAR-1.10.16/PEAR/Command/Build.xml0000664000175000017500000000060414720722517016156 0ustar ashnazgashnazg Build an Extension From C Source doBuild @@ -11426,7 +11487,7 @@ [package.xml] Builds one or more extensions contained in a package. -PEAR-1.10.15/PEAR/Command/Build.php0000664000175000017500000000512314573135002016136 0ustar ashnazgashnazgPEAR-1.10.16/PEAR/Command/Build.php0000664000175000017500000000512314720722517016146 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 */ @@ -11517,7 +11578,7 @@ } } } -PEAR-1.10.15/PEAR/Command/Channels.xml0000644000175000017500000001017214573135002016641 0ustar ashnazgashnazg +PEAR-1.10.16/PEAR/Command/Channels.xml0000644000175000017500000001017214720722517016651 0ustar ashnazgashnazg List Available Channels doList @@ -11639,7 +11700,7 @@ remote server, it only deletes the stored username and password from your user configuration. -PEAR-1.10.15/PEAR/Command/Channels.php0000664000175000017500000010124514573135002016634 0ustar ashnazgashnazgPEAR-1.10.16/PEAR/Command/Channels.php0000664000175000017500000010124514720722517016644 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -12521,7 +12582,7 @@ return true; } } -PEAR-1.10.15/PEAR/Command/Common.php0000664000175000017500000002002614573135002016326 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 */ @@ -12793,7 +12854,7 @@ return $this->$func($command, $options, $params); } } -PEAR-1.10.15/PEAR/Command/Config.xml0000644000175000017500000000646614573135002016326 0ustar ashnazgashnazg +PEAR-1.10.16/PEAR/Command/Config.xml0000644000175000017500000000646614720722517016336 0ustar ashnazgashnazg Show All Settings doConfigShow @@ -12884,7 +12945,7 @@ and uninstall). -PEAR-1.10.15/PEAR/Command/Config.php0000664000175000017500000003615314573135002016313 0ustar ashnazgashnazgPEAR-1.10.16/PEAR/Command/Config.php0000664000175000017500000003615314720722517016323 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 */ @@ -13298,7 +13359,7 @@ return false; } } -PEAR-1.10.15/PEAR/Command/Install.xml0000664000175000017500000002076314573135002016525 0ustar ashnazgashnazg +PEAR-1.10.16/PEAR/Command/Install.xml0000664000175000017500000002076314720722517016535 0ustar ashnazgashnazg Install Package doInstall @@ -13577,7 +13638,7 @@ Run post-installation scripts in package <package>, if any exist. -PEAR-1.10.15/PEAR/Command/Install.php0000664000175000017500000014347314573135002016520 0ustar ashnazgashnazgPEAR-1.10.16/PEAR/Command/Install.php0000664000175000017500000014347314720722517016530 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 */ @@ -14850,7 +14911,7 @@ return $ret; } } -PEAR-1.10.15/PEAR/Command/Mirror.xml0000644000175000017500000000115114573135002016355 0ustar ashnazgashnazg +PEAR-1.10.16/PEAR/Command/Mirror.xml0000644000175000017500000000115114720722517016365 0ustar ashnazgashnazg Downloads each available package from the default channel doDownloadAll @@ -14867,7 +14928,7 @@ and downloads them to current working directory. Note: only packages within preferred_state ({config preferred_state}) will be downloaded -PEAR-1.10.15/PEAR/Command/Mirror.php0000644000175000017500000001063614573135002016354 0ustar ashnazgashnazgPEAR-1.10.16/PEAR/Command/Mirror.php0000644000175000017500000001063614720722517016364 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.2.0 */ @@ -15005,7 +15066,7 @@ return true; } } -PEAR-1.10.15/PEAR/Command/Package.xml0000644000175000017500000001606614573135002016451 0ustar ashnazgashnazg +PEAR-1.10.16/PEAR/Command/Package.xml0000644000175000017500000001606614720722517016461 0ustar ashnazgashnazg Build Package doPackage @@ -15241,7 +15302,7 @@ used for automated conversion or learning the format. -PEAR-1.10.15/PEAR/Command/Package.php0000664000175000017500000011633414573135002016441 0ustar ashnazgashnazgPEAR-1.10.16/PEAR/Command/Package.php0000664000175000017500000011633414720722517016451 0ustar ashnazgashnazg +PEAR-1.10.16/PEAR/Command/Pickle.xml0000644000175000017500000000223314720722517016324 0ustar ashnazgashnazg Build PECL Package doPackage @@ -16398,7 +16459,7 @@ generate both package.xml. -PEAR-1.10.15/PEAR/Command/Pickle.php0000644000175000017500000003702714573135002016314 0ustar ashnazgashnazgPEAR-1.10.16/PEAR/Command/Pickle.php0000644000175000017500000003702714720722517016324 0ustar ashnazgashnazg * @copyright 2005-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.1 */ @@ -16818,7 +16879,7 @@ $gen->toPackageFile('.'); } } -PEAR-1.10.15/PEAR/Command/Registry.xml0000644000175000017500000000337614573135002016726 0ustar ashnazgashnazg +PEAR-1.10.16/PEAR/Command/Registry.xml0000644000175000017500000000337614720722517016736 0ustar ashnazgashnazg List Installed Packages In The Default Channel doList @@ -16875,7 +16936,7 @@ local package file, an URL to a package file, or the name of an installed package. -PEAR-1.10.15/PEAR/Command/Registry.php0000664000175000017500000013231514573135002016713 0ustar ashnazgashnazgPEAR-1.10.16/PEAR/Command/Registry.php0000664000175000017500000013231514720722517016723 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 */ @@ -18020,7 +18081,7 @@ $this->ui->outputData($data, 'package-info'); } } -PEAR-1.10.15/PEAR/Command/Remote.xml0000644000175000017500000000635714573135002016353 0ustar ashnazgashnazg +PEAR-1.10.16/PEAR/Command/Remote.xml0000644000175000017500000000635714720722517016363 0ustar ashnazgashnazg Information About Remote Packages doRemoteInfo @@ -18128,7 +18189,7 @@ parameter. -PEAR-1.10.15/PEAR/Command/Remote.php0000664000175000017500000007244214573135002016342 0ustar ashnazgashnazgPEAR-1.10.16/PEAR/Command/Remote.php0000664000175000017500000007244214720722517016352 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 */ @@ -18937,7 +18998,7 @@ return $num; } } -PEAR-1.10.15/PEAR/Command/Test.xml0000644000175000017500000000315114573135002016024 0ustar ashnazgashnazg +PEAR-1.10.16/PEAR/Command/Test.xml0000644000175000017500000000315114720722517016034 0ustar ashnazgashnazg Run Regression Tests doRunTests @@ -18990,7 +19051,7 @@ [testfile|dir ...] Run regression tests with PHP's regression testing script (run-tests.php). -PEAR-1.10.15/PEAR/Command/Test.php0000644000175000017500000002755014573135002016024 0ustar ashnazgashnazgPEAR-1.10.16/PEAR/Command/Test.php0000644000175000017500000002755014720722517016034 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 */ @@ -19333,7 +19394,7 @@ return $this->raiseError('Some tests failed'); } } -PEAR-1.10.15/PEAR/Downloader/Package.php0000664000175000017500000022465714573135002017171 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -21314,7 +21375,7 @@ return $info; } } -PEAR-1.10.15/PEAR/Frontend/CLI.php0000644000175000017500000006211514573135002015711 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 */ @@ -22064,7 +22125,7 @@ print $text; } } -PEAR-1.10.15/PEAR/Installer/Role/Common.php0000644000175000017500000001410714573135002017607 0ustar ashnazgashnazg * @copyright 1997-2006 The PHP Group * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -22237,7 +22298,7 @@ } } ?> -PEAR-1.10.15/PEAR/Installer/Role/Cfg.xml0000644000175000017500000000064514573135002017071 0ustar ashnazgashnazg +PEAR-1.10.16/PEAR/Installer/Role/Cfg.xml0000644000175000017500000000064514720722517017101 0ustar ashnazgashnazg php extsrc extbin @@ -22251,7 +22312,7 @@ -PEAR-1.10.15/PEAR/Installer/Role/Cfg.php0000644000175000017500000000757714573135002017073 0ustar ashnazgashnazgPEAR-1.10.16/PEAR/Installer/Role/Cfg.php0000644000175000017500000000757714720722517017103 0ustar ashnazgashnazg * @copyright 2007-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.7.0 */ @@ -22355,7 +22416,7 @@ return $test; } -}PEAR-1.10.15/PEAR/Installer/Role/Data.xml0000644000175000017500000000062214573135002017236 0ustar ashnazgashnazg +}PEAR-1.10.16/PEAR/Installer/Role/Data.xml0000644000175000017500000000062214720722517017246 0ustar ashnazgashnazg php extsrc extbin @@ -22369,7 +22430,7 @@ -PEAR-1.10.15/PEAR/Installer/Role/Data.php0000644000175000017500000000141714573135002017230 0ustar ashnazgashnazgPEAR-1.10.16/PEAR/Installer/Role/Data.php0000644000175000017500000000141714720722517017240 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ class PEAR_Installer_Role_Data extends PEAR_Installer_Role_Common {} -?>PEAR-1.10.15/PEAR/Installer/Role/Doc.xml0000644000175000017500000000062114573135002017071 0ustar ashnazgashnazg +?>PEAR-1.10.16/PEAR/Installer/Role/Doc.xml0000644000175000017500000000062114720722517017101 0ustar ashnazgashnazg php extsrc extbin @@ -22409,7 +22470,7 @@ -PEAR-1.10.15/PEAR/Installer/Role/Doc.php0000644000175000017500000000141514573135002017062 0ustar ashnazgashnazgPEAR-1.10.16/PEAR/Installer/Role/Doc.php0000644000175000017500000000141514720722517017072 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ class PEAR_Installer_Role_Doc extends PEAR_Installer_Role_Common {} -?>PEAR-1.10.15/PEAR/Installer/Role/Ext.xml0000644000175000017500000000050214573135002017122 0ustar ashnazgashnazg +?>PEAR-1.10.16/PEAR/Installer/Role/Ext.xml0000644000175000017500000000050214720722517017132 0ustar ashnazgashnazg extbin zendextbin 1 @@ -22446,7 +22507,7 @@ 1 -PEAR-1.10.15/PEAR/Installer/Role/Ext.php0000644000175000017500000000141514573135002017115 0ustar ashnazgashnazgPEAR-1.10.16/PEAR/Installer/Role/Ext.php0000644000175000017500000000141514720722517017125 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ class PEAR_Installer_Role_Ext extends PEAR_Installer_Role_Common {} -?>PEAR-1.10.15/PEAR/Installer/Role/Man.xml0000644000175000017500000000064514573135002017105 0ustar ashnazgashnazg +?>PEAR-1.10.16/PEAR/Installer/Role/Man.xml0000644000175000017500000000064514720722517017115 0ustar ashnazgashnazg php extsrc extbin @@ -22487,7 +22548,7 @@ -PEAR-1.10.15/PEAR/Installer/Role/Man.php0000644000175000017500000000144514573135002017073 0ustar ashnazgashnazg * @copyright 2011 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.10.0 */ class PEAR_Installer_Role_Man extends PEAR_Installer_Role_Common {} ?> -PEAR-1.10.15/PEAR/Installer/Role/Php.xml0000644000175000017500000000065514573135002017122 0ustar ashnazgashnazg +PEAR-1.10.16/PEAR/Installer/Role/Php.xml0000644000175000017500000000065514720722517017132 0ustar ashnazgashnazg php extsrc extbin @@ -22529,7 +22590,7 @@ -PEAR-1.10.15/PEAR/Installer/Role/Php.php0000644000175000017500000000141514573135002017104 0ustar ashnazgashnazgPEAR-1.10.16/PEAR/Installer/Role/Php.php0000644000175000017500000000141514720722517017114 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ class PEAR_Installer_Role_Php extends PEAR_Installer_Role_Common {} -?>PEAR-1.10.15/PEAR/Installer/Role/Script.xml0000644000175000017500000000066014573135002017633 0ustar ashnazgashnazg +?>PEAR-1.10.16/PEAR/Installer/Role/Script.xml0000644000175000017500000000066014720722517017643 0ustar ashnazgashnazg php extsrc extbin @@ -22569,7 +22630,7 @@ 1 -PEAR-1.10.15/PEAR/Installer/Role/Script.php0000644000175000017500000000142314573135002017620 0ustar ashnazgashnazgPEAR-1.10.16/PEAR/Installer/Role/Script.php0000644000175000017500000000142314720722517017630 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ class PEAR_Installer_Role_Script extends PEAR_Installer_Role_Common {} -?>PEAR-1.10.15/PEAR/Installer/Role/Src.xml0000644000175000017500000000044214573135002017114 0ustar ashnazgashnazg +?>PEAR-1.10.16/PEAR/Installer/Role/Src.xml0000644000175000017500000000044214720722517017124 0ustar ashnazgashnazg extsrc zendextsrc 1 @@ -22606,7 +22667,7 @@ -PEAR-1.10.15/PEAR/Installer/Role/Src.php0000644000175000017500000000156214573135002017107 0ustar ashnazgashnazgPEAR-1.10.16/PEAR/Installer/Role/Src.php0000644000175000017500000000156214720722517017117 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -22638,7 +22699,7 @@ $installer->source_files++; } } -?>PEAR-1.10.15/PEAR/Installer/Role/Test.xml0000644000175000017500000000062214573135002017304 0ustar ashnazgashnazg +?>PEAR-1.10.16/PEAR/Installer/Role/Test.xml0000644000175000017500000000062214720722517017314 0ustar ashnazgashnazg php extsrc extbin @@ -22652,7 +22713,7 @@ -PEAR-1.10.15/PEAR/Installer/Role/Test.php0000644000175000017500000000141714573135002017276 0ustar ashnazgashnazgPEAR-1.10.16/PEAR/Installer/Role/Test.php0000644000175000017500000000141714720722517017306 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ class PEAR_Installer_Role_Test extends PEAR_Installer_Role_Common {} -?>PEAR-1.10.15/PEAR/Installer/Role/Www.xml0000644000175000017500000000064414573135002017155 0ustar ashnazgashnazg +?>PEAR-1.10.16/PEAR/Installer/Role/Www.xml0000644000175000017500000000064414720722517017165 0ustar ashnazgashnazg php extsrc extbin @@ -22692,7 +22753,7 @@ -PEAR-1.10.15/PEAR/Installer/Role/Www.php0000644000175000017500000000141114573135002017135 0ustar ashnazgashnazgPEAR-1.10.16/PEAR/Installer/Role/Www.php0000644000175000017500000000141114720722517017145 0ustar ashnazgashnazg * @copyright 2007-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.7.0 */ class PEAR_Installer_Role_Www extends PEAR_Installer_Role_Common {} -?>PEAR-1.10.15/PEAR/Installer/Role.php0000664000175000017500000001727414573135002016371 0ustar ashnazgashnazgPEAR-1.10.16/PEAR/Installer/Role.php0000664000175000017500000001727414720722517016401 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -22983,7 +23044,7 @@ PEAR_Installer_Role::getValidRoles('****', true); return true; } -}PEAR-1.10.15/PEAR/PackageFile/Generator/v1.php0000664000175000017500000014226114573135002020135 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -23030,7 +23091,7 @@ function getPackagerVersion() { - return '1.10.15'; + return '1.10.16'; } /** @@ -23181,7 +23242,7 @@ ); $ret = "\n"; $ret .= "\n"; - $ret .= "\n" . + $ret .= "\n" . " $pkginfo[package]"; if (isset($pkginfo['extends'])) { $ret .= "\n$pkginfo[extends]"; @@ -24269,7 +24330,7 @@ } } ?> -PEAR-1.10.15/PEAR/PackageFile/Generator/v2.php0000664000175000017500000010071114573135002020130 0ustar ashnazgashnazgoptions['beautifyFilelist'] = true; } - $arr['attribs']['packagerversion'] = '1.10.15'; + $arr['attribs']['packagerversion'] = '1.10.16'; if ($this->serialize($arr, $options)) { return $this->_serializedData . "\n"; } @@ -25155,7 +25216,7 @@ return $tag; } } -PEAR-1.10.15/PEAR/PackageFile/Parser/v1.php0000644000175000017500000004020714573135002017436 0ustar ashnazgashnazgPEAR-1.10.15/PEAR/PackageFile/Parser/v2.php0000644000175000017500000000611014573135002017432 0ustar ashnazgashnazgPEAR-1.10.16/PEAR/PackageFile/Parser/v2.php0000644000175000017500000000611014720722517017442 0ustar ashnazgashnazgsetPackagefile($file, $archive); return $ret; } -}PEAR-1.10.15/PEAR/PackageFile/v2/rw.php0000644000175000017500000017313714573135002016644 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a8 */ @@ -27325,7 +27386,7 @@ { unset($this->_packageInfo['changelog']); } -}PEAR-1.10.15/PEAR/PackageFile/v2/Validator.php0000664000175000017500000024620014573135002020133 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a8 * @access private @@ -27438,8 +27499,8 @@ isset($test['dependencies']['required']) && isset($test['dependencies']['required']['pearinstaller']) && isset($test['dependencies']['required']['pearinstaller']['min']) && - '1.10.15' != '@package' . '_version@' && - version_compare('1.10.15', + '1.10.16' != '@package' . '_version@' && + version_compare('1.10.16', $test['dependencies']['required']['pearinstaller']['min'], '<') ) { $this->_pearVersionTooLow($test['dependencies']['required']['pearinstaller']['min']); @@ -28677,7 +28738,7 @@ $this->_stack->push(__FUNCTION__, 'error', array('version' => $version), 'This package.xml requires PEAR version %version% to parse properly, we are ' . - 'version 1.10.15'); + 'version 1.10.16'); } function _invalidTagOrder($oktags, $actual, $root) @@ -29460,7 +29521,7 @@ return $providesret; } } -PEAR-1.10.15/PEAR/PackageFile/v1.php0000664000175000017500000014266314573135002016215 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -31062,7 +31123,7 @@ // }}} } ?> -PEAR-1.10.15/PEAR/PackageFile/v2.php0000664000175000017500000021050014573135002016200 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -33121,7 +33182,7 @@ } } ?> -PEAR-1.10.15/PEAR/REST/10.php0000644000175000017500000007762114573135002014530 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a12 */ @@ -33991,7 +34052,7 @@ } } } -PEAR-1.10.15/PEAR/REST/11.php0000644000175000017500000002575114573135002014526 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.3 */ @@ -34331,7 +34392,7 @@ } } ?> -PEAR-1.10.15/PEAR/REST/13.php0000644000175000017500000003542714573135002014531 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a12 */ @@ -34726,7 +34787,7 @@ return $ret; } -}PEAR-1.10.15/PEAR/Task/Postinstallscript/rw.php0000644000175000017500000001403414573135002020613 0ustar ashnazgashnazg - read/write version * @@ -34751,7 +34812,7 @@ * @author Greg Beaver * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a10 */ @@ -34908,7 +34969,7 @@ ); } } -PEAR-1.10.15/PEAR/Task/Replace/rw.php0000644000175000017500000000302714573135002016425 0ustar ashnazgashnazg - read/write version * @@ -34933,7 +34994,7 @@ * @author Greg Beaver * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a10 */ @@ -34967,7 +35028,7 @@ return $this->_params; } } -PEAR-1.10.15/PEAR/Task/Unixeol/rw.php0000644000175000017500000000243414573135002016476 0ustar ashnazgashnazg - read/write version * @@ -34992,7 +35053,7 @@ * @author Greg Beaver * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a10 */ @@ -35022,7 +35083,7 @@ } } ?> -PEAR-1.10.15/PEAR/Task/Windowseol/rw.php0000644000175000017500000000245114573135002017204 0ustar ashnazgashnazg - read/write version * @@ -35048,7 +35109,7 @@ * @author Greg Beaver * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a10 */ @@ -35078,7 +35139,7 @@ } } ?> -PEAR-1.10.15/PEAR/Task/Common.php0000644000175000017500000001403714573135002015655 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 * @abstract @@ -35285,7 +35346,7 @@ return PEAR::raiseError($msg, $code); } } -PEAR-1.10.15/PEAR/Task/Postinstallscript.php0000644000175000017500000003457014573135002020172 0ustar ashnazgashnazg * @@ -35314,7 +35375,7 @@ * @author Greg Beaver * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -35635,7 +35696,7 @@ { } } -PEAR-1.10.15/PEAR/Task/Replace.php0000644000175000017500000001537114573135002016002 0ustar ashnazgashnazg * @@ -35660,7 +35721,7 @@ * @author Greg Beaver * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -35821,7 +35882,7 @@ return $contents; } } -PEAR-1.10.15/PEAR/Task/Unixeol.php0000644000175000017500000000437714573135002016056 0ustar ashnazgashnazg * @@ -35846,7 +35907,7 @@ * @author Greg Beaver * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -35900,7 +35961,7 @@ return preg_replace("/\r\n|\n\r|\r|\n/", "\n", $contents); } } -PEAR-1.10.15/PEAR/Task/Windowseol.php0000644000175000017500000000436314573135002016560 0ustar ashnazgashnazg * @@ -35926,7 +35987,7 @@ * @author Greg Beaver * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -35980,7 +36041,7 @@ return preg_replace("/\r\n|\n\r|\r|\n/", "\r\n", $contents); } } -PEAR-1.10.15/PEAR/Validator/PECL.php0000644000175000017500000000407114573135002016170 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a5 */ @@ -36041,7 +36102,7 @@ return $ret; } } -?>PEAR-1.10.15/PEAR/Builder.php0000664000175000017500000004477314573135002015125 0ustar ashnazgashnazgPEAR-1.10.16/PEAR/Builder.php0000664000175000017500000004477314720722517015135 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since PHP 4.0.2 * @see http://pear.php.net/manual/en/core.ppm.pear-builder.php @@ -36488,7 +36549,7 @@ if (!file_exists($build_dir) || !is_dir($build_dir) || !chdir($build_dir)) { return $this->raiseError("could not chdir to $build_dir"); } - putenv('PHP_PEAR_VERSION=1.10.15'); + putenv('PHP_PEAR_VERSION=1.10.16'); foreach ($to_run as $cmd) { $err = $this->_runCommand($cmd, $callback); if (PEAR::isError($err)) { @@ -36600,7 +36661,7 @@ return parent::log($level, $msg, $append_crlf); } } -PEAR-1.10.15/PEAR/ChannelFile.php0000644000175000017500000014323414573135002015675 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -38160,7 +38221,7 @@ return time(); } } -PEAR-1.10.15/PEAR/Command.php0000664000175000017500000003021314573135002015075 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 */ @@ -38548,7 +38609,7 @@ return false; } // }}} -}PEAR-1.10.15/PEAR/Common.php0000664000175000017500000006354214573135002014762 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 * @deprecated This class will disappear, and its components will be spread @@ -39386,7 +39447,7 @@ require_once 'PEAR/Config.php'; require_once 'PEAR/PackageFile.php'; -PEAR-1.10.15/PEAR/Config.php0000664000175000017500000020731314573135002014733 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 */ @@ -40458,10 +40519,7 @@ } if ($version && version_compare("$version", '1', '<')) { - // no '@', it is possible that unserialize - // raises a notice but it seems to block IO to - // STDOUT if a '@' is used and a notice is raise - $data = unserialize($contents); + $data = @unserialize($contents); if (!is_array($data) && !$data) { if ($contents == serialize(false)) { @@ -41513,7 +41571,7 @@ } } } -PEAR-1.10.15/PEAR/DependencyDB.php0000664000175000017500000005715114573135002016015 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -42016,7 +42074,11 @@ } if (!is_resource($this->_lockFp)) { - $last_errormsg = error_get_last(); + $last_errormsg = ''; + $last_error = error_get_last(); + if (!empty($last_error['message'])) { + $last_errormsg = $last_error['message']; + } return PEAR::raiseError("could not create Dependency lock file" . (isset($last_errormsg) ? ": " . $last_errormsg : "")); } @@ -42071,7 +42133,7 @@ clearstatcache(); fclose($fp); - $data = unserialize(file_get_contents($this->_depdb)); + $data = @unserialize(file_get_contents($this->_depdb)); $this->_cache = $data; return $data; } @@ -42280,7 +42342,7 @@ } } } -PEAR-1.10.15/PEAR/Dependency2.php0000664000175000017500000014241614573135002015670 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -42822,7 +42884,7 @@ */ function getPEARVersion() { - return '1.10.15'; + return '1.10.16'; } function validatePearinstallerDependency($dep) @@ -43637,7 +43699,7 @@ $this->_currentPackage, true))); } } -PEAR-1.10.15/PEAR/Downloader.php0000664000175000017500000020073114573135002015621 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.3.0 */ @@ -45275,7 +45337,7 @@ } $request .= $ifmodifiedsince . - "User-Agent: PEAR/1.10.15/PHP/" . PHP_VERSION . "\r\n"; + "User-Agent: PEAR/1.10.16/PHP/" . PHP_VERSION . "\r\n"; if ($object !== null) { // only pass in authentication for non-static calls $username = $config->get('username', null, $channel); @@ -45404,7 +45466,7 @@ return $dest_file; } } -PEAR-1.10.15/PEAR/ErrorStack.php0000664000175000017500000010201414573135002015575 0ustar ashnazgashnazg * @author Greg Beaver - * @version 1.10.15 + * @version 1.10.16 * @package PEAR_ErrorStack * @category Debugging * @copyright 2004-2008 Greg Beaver @@ -46383,7 +46445,7 @@ $stack = &PEAR_ErrorStack::singleton('PEAR_ErrorStack'); $stack->pushCallback(array('PEAR_ErrorStack', '_handleError')); ?> -PEAR-1.10.15/PEAR/Exception.php0000644000175000017500000003315514573135002015463 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.3.3 * @@ -46770,7 +46832,7 @@ } return $causeMsg . $this->getTraceAsString(); } -}PEAR-1.10.15/PEAR/Frontend.php0000664000175000017500000001477214573135002015312 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -46993,7 +47055,7 @@ { } } -PEAR-1.10.15/PEAR/Installer.php0000664000175000017500000021071114573135002015457 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 */ @@ -48800,7 +48862,7 @@ // }}} } -PEAR-1.10.15/PEAR/PackageFile.php0000664000175000017500000003674614573135002015673 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -49291,7 +49353,7 @@ return $info; } } -PEAR-1.10.15/PEAR/Packager.php0000644000175000017500000001704014573135002015235 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 */ @@ -49490,7 +49552,7 @@ return $dest_package; } -}PEAR-1.10.15/PEAR/Proxy.php0000664000175000017500000001275214573135002014650 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -50463,7 +50525,11 @@ $fp = @fopen($this->filemap, 'r'); if (!$fp) { - $last_errormsg = error_get_last(); + $last_errormsg = ''; + $last_error = error_get_last(); + if (!empty($last_error['message'])) { + $last_errormsg = $last_error['message']; + } return $this->raiseError('PEAR_Registry: could not open filemap "' . $this->filemap . '"', PEAR_REGISTRY_ERROR_FILE, null, null, $last_errormsg); } @@ -50822,7 +50888,7 @@ clearstatcache(); $this->_closePackageFile($fp); $data = file_get_contents($this->_packageFileName($package, $channel)); - $data = unserialize($data); + $data = @unserialize($data); if ($key === null) { return $data; } @@ -52071,7 +52137,7 @@ return $ret; } } -PEAR-1.10.15/PEAR/REST.php0000664000175000017500000004050514573135002014301 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -52456,7 +52522,7 @@ } $request .= $ifmodifiedsince . - "User-Agent: PEAR/1.10.15/PHP/" . PHP_VERSION . "\r\n"; + "User-Agent: PEAR/1.10.16/PHP/" . PHP_VERSION . "\r\n"; $username = $this->config->get('username', null, $channel); $password = $this->config->get('password', null, $channel); @@ -52545,7 +52611,7 @@ return $data; } } -PEAR-1.10.15/PEAR/RunTest.php0000664000175000017500000010634714573135002015137 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.3.3 */ @@ -52635,7 +52701,11 @@ if (!defined('E_STRICT')) { define('E_STRICT', 0); } - $this->ini_overwrites[] = 'error_reporting=' . (E_ALL & ~(E_DEPRECATED | E_STRICT)); + $excluded_error_reporting = E_DEPRECATED; + if (!defined('PHP_VERSION_ID') || PHP_VERSION_ID < 80400) { + $excluded_error_reporting |= E_STRICT; + } + $this->ini_overwrites[] = 'error_reporting=' . (E_ALL & ~$excluded_error_reporting); if (is_null($logger)) { require_once 'PEAR/Common.php'; $logger = new PEAR_Common; @@ -53518,7 +53588,7 @@ } } } -PEAR-1.10.15/PEAR/Validate.php0000664000175000017500000005276514573135002015270 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.15 + * @version Release: 1.10.16 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -54142,7 +54212,7 @@ { return true; } -}PEAR-1.10.15/PEAR/XMLParser.php0000644000175000017500000001537714573135002015350 0ustar ashnazgashnazg_dataStack[$this->_depth] .= $cdata; } -}PEAR-1.10.15/scripts/pear.bat0000755000175000017500000001036114573135002015370 0ustar ashnazgashnazg@ECHO OFF +}PEAR-1.10.16/scripts/pear.bat0000755000175000017500000001036114720722517015400 0ustar ashnazgashnazg@ECHO OFF REM ---------------------------------------------------------------------- REM PHP version 5 @@ -54498,7 +54568,7 @@ :RUN "%PHP_PEAR_PHP_BIN%" -C -d date.timezone=UTC -d output_buffering=1 -d safe_mode=0 -d open_basedir="" -d auto_prepend_file="" -d auto_append_file="" -d variables_order=EGPCS -d register_argc_argv="On" -d "include_path='%PHP_PEAR_INSTALL_DIR%'" -f "%PHP_PEAR_INSTALL_DIR%\pearcmd.php" -- %1 %2 %3 %4 %5 %6 %7 %8 %9 :END -@ECHO ONPEAR-1.10.15/scripts/peardev.bat0000664000175000017500000001105014573135002016062 0ustar ashnazgashnazg@ECHO OFF +@ECHO ONPEAR-1.10.16/scripts/peardev.bat0000664000175000017500000001105014720722517016072 0ustar ashnazgashnazg@ECHO OFF REM ---------------------------------------------------------------------- REM PHP version 5 @@ -54612,7 +54682,7 @@ "%PHP_PEAR_PHP_BIN%" -C -d date.timezone=UTC -d memory_limit="-1" -d safe_mode=0 -d register_argc_argv="On" -d auto_prepend_file="" -d auto_append_file="" -d variables_order=EGPCS -d open_basedir="" -d output_buffering=1 -d "include_path='%PHP_PEAR_INSTALL_DIR%'" -f "%PHP_PEAR_INSTALL_DIR%\pearcmd.php" -- %1 %2 %3 %4 %5 %6 %7 %8 %9 :END @ECHO ON -PEAR-1.10.15/scripts/pecl.bat0000664000175000017500000001072114573135002015363 0ustar ashnazgashnazg@ECHO OFF +PEAR-1.10.16/scripts/pecl.bat0000664000175000017500000001072114720722517015373 0ustar ashnazgashnazg@ECHO OFF REM ---------------------------------------------------------------------- REM PHP version 5 @@ -54726,7 +54796,7 @@ "%PHP_PEAR_PHP_BIN%" -C -d date.timezone=UTC -d output_buffering=1 -d safe_mode=0 -d "include_path='%PHP_PEAR_INSTALL_DIR%'" -d register_argc_argv="On" -d variables_order=EGPCS -f "%PHP_PEAR_INSTALL_DIR%\peclcmd.php" -- %1 %2 %3 %4 %5 %6 %7 %8 %9 :END @ECHO ON -PEAR-1.10.15/scripts/pear.sh0000775000175000017500000000140414573135002015234 0ustar ashnazgashnazg#!/bin/sh +PEAR-1.10.16/scripts/pear.sh0000775000175000017500000000140414720722517015244 0ustar ashnazgashnazg#!/bin/sh # first find which PHP binary to use if test "x$PHP_PEAR_PHP_BIN" != "x"; then @@ -54754,7 +54824,7 @@ fi exec $PHP -C -q $INCARG -d date.timezone=UTC -d output_buffering=1 -d variables_order=EGPCS -d open_basedir="" -d safe_mode=0 -d register_argc_argv="On" -d auto_prepend_file="" -d auto_append_file="" $INCDIR/pearcmd.php "$@" -PEAR-1.10.15/scripts/peardev.sh0000755000175000017500000000143114573135002015731 0ustar ashnazgashnazg#!/bin/sh +PEAR-1.10.16/scripts/peardev.sh0000755000175000017500000000143114720722517015741 0ustar ashnazgashnazg#!/bin/sh # first find which PHP binary to use if test "x$PHP_PEAR_PHP_BIN" != "x"; then @@ -54782,7 +54852,7 @@ fi exec $PHP -d date.timezone=UTC -d memory_limit="-1" -C -q $INCARG -d output_buffering=1 -d open_basedir="" -d safe_mode=0 -d register_argc_argv="On" -d auto_prepend_file="" -d variables_order=EGPCS -d auto_append_file="" $INCDIR/pearcmd.php "$@" -PEAR-1.10.15/scripts/pecl.sh0000755000175000017500000000130214573135002015223 0ustar ashnazgashnazg#!/bin/sh +PEAR-1.10.16/scripts/pecl.sh0000755000175000017500000000130214720722517015233 0ustar ashnazgashnazg#!/bin/sh # first find which PHP binary to use if test "x$PHP_PEAR_PHP_BIN" != "x"; then @@ -54810,7 +54880,7 @@ fi exec $PHP -C -q $INCARG -d date.timezone=UTC -d output_buffering=1 -d variables_order=EGPCS -d safe_mode=0 -d register_argc_argv="On" $INCDIR/peclcmd.php "$@" -PEAR-1.10.15/scripts/pearcmd.php0000664000175000017500000003476014573135002016105 0ustar ashnazgashnazg "Error", E_WARNING => "Warning", E_PARSE => "Parsing Error", - E_STRICT => 'Strict Warning', E_NOTICE => "Notice", E_CORE_ERROR => "Core Error", E_CORE_WARNING => "Core Warning", @@ -55277,6 +55346,9 @@ E_USER_WARNING => "User Warning", E_USER_NOTICE => "User Notice" ); + if (!defined('PHP_VERSION_ID') || PHP_VERSION_ID < 80400) { + $errortype[E_STRICT] = 'Strict Warning'; + } $prefix = $errortype[$errno]; global $_PEAR_PHPDIR; if (stristr($file, $_PEAR_PHPDIR)) { @@ -55298,7 +55370,7 @@ * End: */ // vim600:syn=php -PEAR-1.10.15/scripts/peclcmd.php0000664000175000017500000000210514573135002016065 0ustar ashnazgashnazg -PEAR-1.10.15/LICENSE0000644000175000017500000000270514573135002013267 0ustar ashnazgashnazgCopyright (c) 1997-2009, +PEAR-1.10.16/LICENSE0000644000175000017500000000270514720722517013277 0ustar ashnazgashnazgCopyright (c) 1997-2009, Stig Bakken , Gregory Beaver , Helgi Þormar Þorbjörnsson , @@ -55368,7 +55440,7 @@ CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -PEAR-1.10.15/INSTALL0000644000175000017500000000417014573135002013311 0ustar ashnazgashnazgPEAR - The PEAR Installer +PEAR-1.10.16/INSTALL0000644000175000017500000000417014720722517013321 0ustar ashnazgashnazgPEAR - The PEAR Installer ========================= Installing the PEAR Installer. @@ -55420,7 +55492,7 @@ related issues. Happy PHPing, we hope PEAR will be a great tool for your development work! -PEAR-1.10.15/package.dtd0000664000175000017500000000640414573135002014354 0ustar ashnazgashnazg