diff --git a/.github/matrix.php b/.github/matrix.php index dec8c7d249c6..18c2ef1269b7 100644 --- a/.github/matrix.php +++ b/.github/matrix.php @@ -144,12 +144,15 @@ function select_jobs($repository, $trigger, $nightly, $labels, $php_version, $re $jobs['SOLARIS'] = true; } if ($all_jobs || !$no_jobs || $test_windows) { - $jobs['WINDOWS']['matrix'] = $all_variations - ? ['include' => [ - ['asan' => true, 'opcache' => true, 'x64' => true, 'zts' => true], - ['asan' => false, 'opcache' => false, 'x64' => false, 'zts' => false], - ]] - : ['include' => [['asan' => false, 'opcache' => true, 'x64' => true, 'zts' => true]]]; + $matrix = [['asan' => false, 'opcache' => true, 'x64' => true, 'zts' => true]]; + if ($all_variations) { + $matrix[] = ['asan' => true, 'opcache' => true, 'x64' => true, 'zts' => true]; + $matrix[] = ['asan' => false, 'opcache' => false, 'x64' => false, 'zts' => false]; + if (version_compare($php_version, '8.5', '>=')) { + $matrix[] = ['asan' => false, 'opcache' => true, 'x64' => true, 'zts' => true, 'clang' => true]; + } + } + $jobs['WINDOWS']['matrix'] = ['include' => $matrix]; $jobs['WINDOWS']['config'] = version_compare($php_version, '8.4', '>=') ? ['vs_crt_version' => 'vs17'] : ['vs_crt_version' => 'vs16']; diff --git a/.github/scripts/windows/build_task.bat b/.github/scripts/windows/build_task.bat index b65479451849..1177cef3be4d 100644 --- a/.github/scripts/windows/build_task.bat +++ b/.github/scripts/windows/build_task.bat @@ -26,12 +26,18 @@ if %errorlevel% neq 0 exit /b 3 if "%THREAD_SAFE%" equ "0" set ADD_CONF=%ADD_CONF% --disable-zts if "%INTRINSICS%" neq "" set ADD_CONF=%ADD_CONF% --enable-native-intrinsics=%INTRINSICS% if "%ASAN%" equ "1" set ADD_CONF=%ADD_CONF% --enable-sanitizer --enable-debug-pack +if "%CLANG_TOOLSET%" equ "1" set ADD_CONF=%ADD_CONF% --with-toolset=clang rem C4018: comparison: signed/unsigned mismatch rem C4146: unary minus operator applied to unsigned type rem C4244: type conversion, possible loss of data rem C4267: 'size_t' type conversion, possible loss of data -set CFLAGS=/W3 /WX /wd4018 /wd4146 /wd4244 /wd4267 +if "%CLANG_TOOLSET%" equ "1" ( + rem Clang is much stricter than MSVC, produces too many warnings that would fail the build with /WX + set CFLAGS=/W3 /wd4018 /wd4146 /wd4244 /wd4267 +) else ( + set CFLAGS=/W3 /WX /wd4018 /wd4146 /wd4244 /wd4267 +) cmd /c configure.bat ^ --enable-snapshot-build ^ diff --git a/.github/workflows/test-suite.yml b/.github/workflows/test-suite.yml index 90bcafd16307..4905dcb9ccbc 100644 --- a/.github/workflows/test-suite.yml +++ b/.github/workflows/test-suite.yml @@ -940,7 +940,7 @@ jobs: strategy: fail-fast: false matrix: ${{ fromJson(inputs.branch).jobs.WINDOWS.matrix }} - name: "WINDOWS_${{ matrix.x64 && 'X64' || 'X86' }}_${{ matrix.zts && 'ZTS' || 'NTS' }}${{ matrix.asan && '_ASAN' || ''}}" + name: "WINDOWS_${{ matrix.x64 && 'X64' || 'X86' }}_${{ matrix.zts && 'ZTS' || 'NTS' }}${{ matrix.asan && '_ASAN' || ''}}${{ matrix.clang && '_CLANG' || ''}}" runs-on: windows-2022 env: PHP_BUILD_CACHE_BASE_DIR: C:\build-cache @@ -954,6 +954,7 @@ jobs: PARALLEL: -j2 OPCACHE: "${{ matrix.opcache && '1' || '0' }}" ASAN: "${{ matrix.asan && '1' || '0' }}" + CLANG_TOOLSET: "${{ matrix.clang && '1' || '0' }}" steps: - name: git config run: git config --global core.autocrlf false && git config --global core.eol lf diff --git a/NEWS b/NEWS index 8c2b185d328f..73a2b3d6637c 100644 --- a/NEWS +++ b/NEWS @@ -43,6 +43,8 @@ PHP NEWS - GMP: . gmp_fact() reject values larger than unsigned long. (David Carlier) + . gmp_pow/binomial/root/rootrem and shift/pow operators reject values + larger than unsigned long. (David Carlier) - Hash: . Upgrade xxHash to 0.8.2. (timwolla) @@ -166,6 +168,8 @@ PHP NEWS throw a ValueError. (alexandre-daubois) . array_change_key_case() now raises a ValueError when an invalid $case argument value is passed. (Girgias) + . linkinfo() now raises a ValueError when the argument is an empty string. + (Weilin Du) - Streams: . Added so_keepalive, tcp_keepidle, tcp_keepintvl and tcp_keepcnt stream diff --git a/TSRM/TSRM.h b/TSRM/TSRM.h index 80d6cbad0443..ea13552c8374 100644 --- a/TSRM/TSRM.h +++ b/TSRM/TSRM.h @@ -175,9 +175,14 @@ TSRM_API bool tsrm_is_managed_thread(void); #define TSRMG_BULK_STATIC(id, type) ((type) (*((void ***) TSRMLS_CACHE))[TSRM_UNSHUFFLE_RSRC_ID(id)]) #define TSRMG_FAST_STATIC(offset, type, element) (TSRMG_FAST_BULK_STATIC(offset, type)->element) #define TSRMG_FAST_BULK_STATIC(offset, type) ((type) (((char*) TSRMLS_CACHE)+(offset))) +#ifdef __cplusplus +#define TSRMLS_MAIN_CACHE_EXTERN() extern "C" { extern TSRM_TLS void *TSRMLS_CACHE TSRM_TLS_MODEL_ATTR; } +#define TSRMLS_CACHE_EXTERN() extern "C" { extern TSRM_TLS void *TSRMLS_CACHE; } +#else #define TSRMLS_MAIN_CACHE_EXTERN() extern TSRM_TLS void *TSRMLS_CACHE TSRM_TLS_MODEL_ATTR; -#define TSRMLS_MAIN_CACHE_DEFINE() TSRM_TLS void *TSRMLS_CACHE TSRM_TLS_MODEL_ATTR = NULL; #define TSRMLS_CACHE_EXTERN() extern TSRM_TLS void *TSRMLS_CACHE; +#endif +#define TSRMLS_MAIN_CACHE_DEFINE() TSRM_TLS void *TSRMLS_CACHE TSRM_TLS_MODEL_ATTR = NULL; #define TSRMLS_CACHE_DEFINE() TSRM_TLS void *TSRMLS_CACHE = NULL; #define TSRMLS_CACHE_UPDATE() TSRMLS_CACHE = tsrm_get_ls_cache() #define TSRMLS_CACHE _tsrm_ls_cache diff --git a/UPGRADING b/UPGRADING index f7874c2d3472..9c3d5a2b29a7 100644 --- a/UPGRADING +++ b/UPGRADING @@ -88,6 +88,7 @@ PHP 8.6 UPGRADE NOTES argument value is passed. . array_change_key_case() now raises a ValueError when an invalid $case argument value is passed. + . linkinfo() now raises a ValueError when the $path argument is empty. . pathinfo() now raises a ValueError when an invalid $flag argument value is passed. . scandir() now raises a ValueError when an invalid $sorting_order @@ -154,6 +155,13 @@ PHP 8.6 UPGRADE NOTES - GMP: . gmp_fact() now throws a ValueError() if $num does not fit into a unsigned long. + . gmp_pow(), gmp_binomial(), gmp_root() and gmp_rootrem() now throw a + ValueError if their second argument does not fit into an unsigned long. + . The shift (<<, >>) and exponentiation (**) operators on GMP objects + now throw a ValueError if the right operand does not fit into an + unsigned long. + . gmp_powm() modulo-by-zero now raises a DivisionByZeroError whose + message includes the function name and argument index ($modulus). - mysqli: . The return structure of mysqli_get_charset() no longer contains diff --git a/ext/gmp/gmp.c b/ext/gmp/gmp.c index a20974580904..b04fc9f5c1ba 100644 --- a/ext/gmp/gmp.c +++ b/ext/gmp/gmp.c @@ -356,10 +356,10 @@ static zend_result shift_operator_helper(gmp_binary_ui_op_t op, zval *return_val shift = Z_LVAL_P(op2); } - if (shift < 0) { + if (shift < 0 || shift > ULONG_MAX) { zend_throw_error( - zend_ce_value_error, "%s must be greater than or equal to 0", - opcode == ZEND_POW ? "Exponent" : "Shift" + zend_ce_value_error, "%s must be between 0 and %lu", + opcode == ZEND_POW ? "Exponent" : "Shift", ULONG_MAX ); ZVAL_UNDEF(return_value); return FAILURE; @@ -1087,11 +1087,6 @@ ZEND_FUNCTION(gmp_fact) GMP_Z_PARAM_INTO_MPZ_PTR(gmpnum) ZEND_PARSE_PARAMETERS_END(); - if (mpz_sgn(gmpnum) < 0) { - zend_argument_value_error(1, "must be greater than or equal to 0"); - RETURN_THROWS(); - } - if (!mpz_fits_ulong_p(gmpnum)) { zend_argument_value_error(1, "must be between 0 and %lu", ULONG_MAX); RETURN_THROWS(); @@ -1114,8 +1109,8 @@ ZEND_FUNCTION(gmp_binomial) Z_PARAM_LONG(k) ZEND_PARSE_PARAMETERS_END(); - if (k < 0) { - zend_argument_value_error(2, "must be greater than or equal to 0"); + if (k < 0 || k > ULONG_MAX) { + zend_argument_value_error(2, "must be between 0 and %lu", ULONG_MAX); RETURN_THROWS(); } @@ -1136,8 +1131,8 @@ ZEND_FUNCTION(gmp_pow) Z_PARAM_LONG(exp) ZEND_PARSE_PARAMETERS_END(); - if (exp < 0) { - zend_argument_value_error(2, "must be greater than or equal to 0"); + if (exp < 0 || exp > ULONG_MAX) { + zend_argument_value_error(2, "must be between 0 and %lu", ULONG_MAX); RETURN_THROWS(); } @@ -1163,7 +1158,7 @@ ZEND_FUNCTION(gmp_powm) } if (!mpz_cmp_ui(gmpnum_mod, 0)) { - zend_throw_exception_ex(zend_ce_division_by_zero_error, 0, "Modulo by zero"); + zend_argument_error(zend_ce_division_by_zero_error, 3, "Modulo by zero"); RETURN_THROWS(); } @@ -1226,8 +1221,8 @@ ZEND_FUNCTION(gmp_root) Z_PARAM_LONG(nth) ZEND_PARSE_PARAMETERS_END(); - if (nth <= 0) { - zend_argument_value_error(2, "must be greater than 0"); + if (nth <= 0 || nth > ULONG_MAX) { + zend_argument_value_error(2, "must be between 1 and %lu", ULONG_MAX); RETURN_THROWS(); } @@ -1253,8 +1248,8 @@ ZEND_FUNCTION(gmp_rootrem) Z_PARAM_LONG(nth) ZEND_PARSE_PARAMETERS_END(); - if (nth <= 0) { - zend_argument_value_error(2, "must be greater than or equal to 1"); + if (nth <= 0 || nth > ULONG_MAX) { + zend_argument_value_error(2, "must be between 1 and %lu", ULONG_MAX); RETURN_THROWS(); } diff --git a/ext/gmp/tests/gmp_binomial.phpt b/ext/gmp/tests/gmp_binomial.phpt index 4598a4c47ee8..1bf371e68a14 100644 --- a/ext/gmp/tests/gmp_binomial.phpt +++ b/ext/gmp/tests/gmp_binomial.phpt @@ -26,7 +26,7 @@ try { echo $e->getMessage() . \PHP_EOL; } ?> ---EXPECT-- +--EXPECTF-- object(GMP)#1 (1) { ["num"]=> string(3) "252" @@ -67,4 +67,4 @@ object(GMP)#2 (1) { ["num"]=> string(1) "7" } -gmp_binomial(): Argument #2 ($k) must be greater than or equal to 0 +gmp_binomial(): Argument #2 ($k) must be between 0 and %d diff --git a/ext/gmp/tests/gmp_fact.phpt b/ext/gmp/tests/gmp_fact.phpt index e03931454940..b28f572c6975 100644 --- a/ext/gmp/tests/gmp_fact.phpt +++ b/ext/gmp/tests/gmp_fact.phpt @@ -45,17 +45,17 @@ try { echo "Done\n"; ?> ---EXPECT-- +--EXPECTF-- string(1) "1" gmp_fact(): Argument #1 ($num) is not an integer string string(1) "1" -gmp_fact(): Argument #1 ($num) must be greater than or equal to 0 -gmp_fact(): Argument #1 ($num) must be greater than or equal to 0 +gmp_fact(): Argument #1 ($num) must be between 0 and %d +gmp_fact(): Argument #1 ($num) must be between 0 and %d string(19) "2432902008176640000" string(65) "30414093201713378043612608166064768844377641568960512000000000000" string(7) "3628800" string(1) "1" string(9) "479001600" -gmp_fact(): Argument #1 ($num) must be greater than or equal to 0 +gmp_fact(): Argument #1 ($num) must be between 0 and %d gmp_fact(): Argument #1 ($num) must be of type GMP|string|int, array given Done diff --git a/ext/gmp/tests/gmp_overflow_llp64.phpt b/ext/gmp/tests/gmp_overflow_llp64.phpt new file mode 100644 index 000000000000..ea242bc52155 --- /dev/null +++ b/ext/gmp/tests/gmp_overflow_llp64.phpt @@ -0,0 +1,58 @@ +--TEST-- +GMP functions reject values larger than unsigned long on LLP64 +--EXTENSIONS-- +gmp +--SKIPIF-- + +--FILE-- +getMessage() . PHP_EOL; +} + +try { + gmp_binomial(10, PHP_INT_MAX); +} catch (ValueError $e) { + echo $e->getMessage() . PHP_EOL; +} + +try { + gmp_root(10, PHP_INT_MAX); +} catch (ValueError $e) { + echo $e->getMessage() . PHP_EOL; +} + +try { + gmp_rootrem(10, PHP_INT_MAX); +} catch (ValueError $e) { + echo $e->getMessage() . PHP_EOL; +} + +$n = gmp_init(2); +try { + $n << PHP_INT_MAX; +} catch (ValueError $e) { + echo $e->getMessage() . PHP_EOL; +} + +try { + $n ** PHP_INT_MAX; +} catch (ValueError $e) { + echo $e->getMessage() . PHP_EOL; +} + +echo "Done\n"; +?> +--EXPECTF-- +gmp_pow(): Argument #2 ($exponent) must be between 0 and %d +gmp_binomial(): Argument #2 ($k) must be between 0 and %d +gmp_root(): Argument #2 ($nth) must be between 1 and %d +gmp_rootrem(): Argument #2 ($nth) must be between 1 and %d +Shift must be between 0 and %d +Exponent must be between 0 and %d +Done diff --git a/ext/gmp/tests/gmp_pow.phpt b/ext/gmp/tests/gmp_pow.phpt index f42e44e31abe..36d0d16d8ccc 100644 --- a/ext/gmp/tests/gmp_pow.phpt +++ b/ext/gmp/tests/gmp_pow.phpt @@ -43,17 +43,17 @@ try { echo "Done\n"; ?> ---EXPECT-- +--EXPECTF-- string(4) "1024" string(4) "1024" string(5) "-2048" string(4) "1024" string(1) "1" -gmp_pow(): Argument #2 ($exponent) must be greater than or equal to 0 +gmp_pow(): Argument #2 ($exponent) must be between 0 and %d string(4) "1024" string(14) "10240000000000" string(17) "97656250000000000" -gmp_pow(): Argument #2 ($exponent) must be greater than or equal to 0 +gmp_pow(): Argument #2 ($exponent) must be between 0 and %d string(14) "10240000000000" string(14) "10240000000000" gmp_pow(): Argument #2 ($exponent) must be of type int, array given diff --git a/ext/gmp/tests/gmp_pow2.phpt b/ext/gmp/tests/gmp_pow2.phpt index 43bf9bb5aaa5..96f33e8c25ca 100644 --- a/ext/gmp/tests/gmp_pow2.phpt +++ b/ext/gmp/tests/gmp_pow2.phpt @@ -31,5 +31,5 @@ object(GMP)#%d (1) { ["num"]=> string(4) "1024" } -Exponent must be greater than or equal to 0 -Exponent must be greater than or equal to 0 +Exponent must be between 0 and %d +Exponent must be between 0 and %d diff --git a/ext/gmp/tests/gmp_pown.phpt b/ext/gmp/tests/gmp_pown.phpt index 0e7b3bd1fa5d..79709f272715 100644 --- a/ext/gmp/tests/gmp_pown.phpt +++ b/ext/gmp/tests/gmp_pown.phpt @@ -63,7 +63,7 @@ var_dump(gmp_powm(10, $n, 10)); echo "Done\n"; ?> ---EXPECT-- +--EXPECTF-- string(1) "0" string(1) "5" string(1) "5" @@ -73,8 +73,8 @@ string(3) "533" string(3) "331" string(3) "171" string(3) "371" -Modulo by zero -Modulo by zero +gmp_powm(): Argument #3 ($modulus) Modulo by zero +gmp_powm(): Argument #3 ($modulus) Modulo by zero gmp_powm(): Argument #1 ($num) must be of type GMP|string|int, array given gmp_powm(): Argument #2 ($exponent) must be of type GMP|string|int, array given gmp_powm(): Argument #2 ($exponent) must be of type GMP|string|int, TypeError given diff --git a/ext/gmp/tests/gmp_remroot.phpt b/ext/gmp/tests/gmp_remroot.phpt index 8e53858c6047..de54d0e91c3e 100644 --- a/ext/gmp/tests/gmp_remroot.phpt +++ b/ext/gmp/tests/gmp_remroot.phpt @@ -105,5 +105,5 @@ array(2) { string(1) "0" } } -gmp_rootrem(): Argument #2 ($nth) must be greater than or equal to 1 -gmp_rootrem(): Argument #2 ($nth) must be greater than or equal to 1 +gmp_rootrem(): Argument #2 ($nth) must be between 1 and %d +gmp_rootrem(): Argument #2 ($nth) must be between 1 and %d diff --git a/ext/gmp/tests/gmp_root.phpt b/ext/gmp/tests/gmp_root.phpt index 2313b207cc8d..36793e249721 100644 --- a/ext/gmp/tests/gmp_root.phpt +++ b/ext/gmp/tests/gmp_root.phpt @@ -58,5 +58,5 @@ object(GMP)#%d (1) { ["num"]=> string(1) "0" } -gmp_root(): Argument #2 ($nth) must be greater than 0 -gmp_root(): Argument #2 ($nth) must be greater than 0 +gmp_root(): Argument #2 ($nth) must be between 1 and %d +gmp_root(): Argument #2 ($nth) must be between 1 and %d diff --git a/ext/gmp/tests/overloading.phpt b/ext/gmp/tests/overloading.phpt index 14c35ea8470c..f55a83f0bd5f 100644 --- a/ext/gmp/tests/overloading.phpt +++ b/ext/gmp/tests/overloading.phpt @@ -123,7 +123,7 @@ $a .= '17'; var_dump($a); ?> ---EXPECT-- +--EXPECTF-- object(GMP)#3 (1) { ["num"]=> string(2) "59" @@ -254,8 +254,8 @@ object(GMP)#5 (1) { ["num"]=> string(3) "-11" } -Shift must be greater than or equal to 0 -Shift must be greater than or equal to 0 +Shift must be between 0 and %d +Shift must be between 0 and %d object(GMP)#5 (1) { ["num"]=> string(3) "-43" diff --git a/ext/phar/func_interceptors.c b/ext/phar/func_interceptors.c index ae52e7189bd1..297de62231fd 100644 --- a/ext/phar/func_interceptors.c +++ b/ext/phar/func_interceptors.c @@ -893,6 +893,7 @@ void phar_intercept_functions_shutdown(void) PHAR_RELEASE(fopen); PHAR_RELEASE(file_get_contents); PHAR_RELEASE(is_file); + PHAR_RELEASE(is_link); PHAR_RELEASE(is_dir); PHAR_RELEASE(opendir); PHAR_RELEASE(file_exists); diff --git a/ext/phar/phar_object.c b/ext/phar/phar_object.c index 0af02748407a..377f35832910 100644 --- a/ext/phar/phar_object.c +++ b/ext/phar/phar_object.c @@ -639,6 +639,9 @@ PHP_METHOD(Phar, webPhar) } else { char *testit = sapi_getenv("SCRIPT_NAME", sizeof("SCRIPT_NAME")-1); + if (!testit) { + goto finish; + } if (!(pt = strstr(testit, basename))) { efree(testit); goto finish; @@ -3513,6 +3516,11 @@ PHP_METHOD(Phar, offsetGet) if (!(entry = phar_get_entry_info_dir(phar_obj->archive, ZSTR_VAL(file_name), ZSTR_LEN(file_name), 1, &error, false))) { zend_throw_exception_ex(spl_ce_BadMethodCallException, 0, "Entry %s does not exist%s%s", ZSTR_VAL(file_name), error?", ":"", error?error:""); } else { + if (entry->is_temp_dir) { + zend_string_efree(entry->filename); + efree(entry); + } + if (zend_string_equals_literal(file_name, ".phar/stub.php")) { zend_throw_exception_ex(spl_ce_BadMethodCallException, 0, "Cannot get stub \".phar/stub.php\" directly in phar \"%s\", use getStub", phar_obj->archive->fname); RETURN_THROWS(); @@ -3528,11 +3536,6 @@ PHP_METHOD(Phar, offsetGet) RETURN_THROWS(); } - if (entry->is_temp_dir) { - zend_string_efree(entry->filename); - efree(entry); - } - zend_string *sfname = strpprintf(0, "phar://%s/%s", phar_obj->archive->fname, ZSTR_VAL(file_name)); zval zfname; ZVAL_NEW_STR(&zfname, sfname); @@ -3603,11 +3606,13 @@ static void phar_add_file(phar_archive_data **pphar, zend_string *file_name, con size_t written_len = php_stream_write(data->fp, ZSTR_VAL(content), ZSTR_LEN(content)); if (written_len != contents_len) { zend_throw_exception_ex(spl_ce_BadMethodCallException, 0, "Entry %s could not be written to", filename); + phar_entry_delref(data); goto finish; } } else { if (!(php_stream_from_zval_no_verify(contents_file, zresource))) { zend_throw_exception_ex(spl_ce_BadMethodCallException, 0, "Entry %s could not be written to", filename); + phar_entry_delref(data); goto finish; } php_stream_copy_to_stream_ex(contents_file, data->fp, PHP_STREAM_COPY_ALL, &contents_len); diff --git a/ext/phar/stream.c b/ext/phar/stream.c index f929aef4fb98..7abb7e6422ea 100644 --- a/ext/phar/stream.c +++ b/ext/phar/stream.c @@ -351,11 +351,11 @@ static php_stream * phar_wrapper_open_url(php_stream_wrapper *wrapper, const cha static int phar_stream_close(php_stream *stream, int close_handle) /* {{{ */ { /* for some reasons phar needs to be flushed even if there is no write going on */ - phar_stream_flush(stream); + int ret = phar_stream_flush(stream); phar_entry_delref((phar_entry_data *)stream->abstract); - return 0; + return ret; } /* }}} */ diff --git a/ext/phar/tests/gh21797.phpt b/ext/phar/tests/gh21797.phpt new file mode 100644 index 000000000000..b24e30b7829a --- /dev/null +++ b/ext/phar/tests/gh21797.phpt @@ -0,0 +1,30 @@ +--TEST-- +GH-21797: Phar::webPhar() NULL dereference when SCRIPT_NAME absent from SAPI environment +--CGI-- +--EXTENSIONS-- +phar +--INI-- +phar.readonly=0 +phar.require_hash=0 +variables_order=EGPC +register_argc_argv=0 +cgi.fix_pathinfo=0 +--ENV-- +REQUEST_METHOD=GET +PATH_INFO=/gh21797.phar +--FILE-- +addFromString('index.php', ''); +$phar->setStub(''); +unset($phar); +include $fname; +?> +--CLEAN-- + +--EXPECT-- +no crash diff --git a/ext/phar/tests/gh21798-add-file-delref.phpt b/ext/phar/tests/gh21798-add-file-delref.phpt new file mode 100644 index 000000000000..fa893a1975e3 --- /dev/null +++ b/ext/phar/tests/gh21798-add-file-delref.phpt @@ -0,0 +1,29 @@ +--TEST-- +GH-21798: phar_add_file must call phar_entry_delref on write error paths +--EXTENSIONS-- +phar +--INI-- +phar.readonly=0 +phar.require_hash=0 +--FILE-- +addFromString('hello.txt', 'hello world'); +$phar->addFromString('empty.txt', ''); +unset($phar); + +$phar = new Phar($fname); +echo $phar['hello.txt']->getContent() . "\n"; +echo ($phar->offsetExists('empty.txt') ? 'empty exists' : 'missing') . "\n"; +echo "no crash\n"; +?> +--CLEAN-- + +--EXPECT-- +hello world +empty exists +no crash diff --git a/ext/phar/tests/gh21798-offsetget-temp-entry.phpt b/ext/phar/tests/gh21798-offsetget-temp-entry.phpt new file mode 100644 index 000000000000..b5b11ad43634 --- /dev/null +++ b/ext/phar/tests/gh21798-offsetget-temp-entry.phpt @@ -0,0 +1,39 @@ +--TEST-- +GH-21798: Phar::offsetGet() must free is_temp_dir entry before rejecting .phar/* paths +--EXTENSIONS-- +phar +--INI-- +phar.readonly=0 +phar.require_hash=0 +--FILE-- +addFromString('index.php', ''); +unset($phar); + +$phar = new Phar($fname); +try { + $phar->offsetGet('.phar/stub.php'); +} catch (BadMethodCallException $e) { + echo $e->getMessage() . "\n"; +} +try { + $phar->offsetGet('.phar/alias.txt'); +} catch (BadMethodCallException $e) { + echo $e->getMessage() . "\n"; +} +try { + $phar->offsetGet('.phar/internal'); +} catch (BadMethodCallException $e) { + echo $e->getMessage() . "\n"; +} +echo "no crash\n"; +?> +--CLEAN-- + +--EXPECT-- +Entry .phar/stub.php does not exist +Entry .phar/alias.txt does not exist +Entry .phar/internal does not exist +no crash diff --git a/ext/phar/tests/gh21799-stream-close-flush.phpt b/ext/phar/tests/gh21799-stream-close-flush.phpt new file mode 100644 index 000000000000..aaa6c17fac38 --- /dev/null +++ b/ext/phar/tests/gh21799-stream-close-flush.phpt @@ -0,0 +1,32 @@ +--TEST-- +GH-21799: phar_stream_close propagates phar_stream_flush return value +--EXTENSIONS-- +phar +--INI-- +phar.readonly=0 +phar.require_hash=0 +--FILE-- +addFromString('hello.txt', 'hello'); +unset($phar); + +$fp = fopen('phar://' . $fname . '/hello.txt', 'rb'); +$content = fread($fp, 1024); +$result = fclose($fp); + +echo $content . "\n"; +var_dump($result); +echo "no crash\n"; +?> +--CLEAN-- + +--EXPECT-- +hello +bool(true) +no crash diff --git a/ext/phar/tests/phar-is-link-intercept.phpt b/ext/phar/tests/phar-is-link-intercept.phpt new file mode 100644 index 000000000000..f81f1ae425d7 --- /dev/null +++ b/ext/phar/tests/phar-is-link-intercept.phpt @@ -0,0 +1,29 @@ +--TEST-- +phar: is_link() intercept correctly delegates for non-symlink phar entries +--EXTENSIONS-- +phar +--INI-- +phar.readonly=0 +phar.require_hash=0 +--FILE-- +addFromString('file.txt', 'hello'); +$phar->setStub(''); +include $fname; +?> +--CLEAN-- + +--EXPECT-- +regular entry (not a symlink): bool(false) +missing entry: bool(false) +absolute phar:// path (bypasses intercept): bool(false) diff --git a/ext/phar/util.c b/ext/phar/util.c index bbfcde8d868d..e0f4dc3da6c7 100644 --- a/ext/phar/util.c +++ b/ext/phar/util.c @@ -1576,6 +1576,7 @@ zend_result phar_verify_signature(php_stream *fp, size_t end_of_phar, uint32_t s if (md_ctx) { EVP_MD_CTX_destroy(md_ctx); } + EVP_PKEY_free(key); if (error) { *error = estrdup("openssl signature could not be verified"); } diff --git a/ext/session/session.c b/ext/session/session.c index 14b443bf4c6e..96e32ea7043f 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -704,12 +704,20 @@ static PHP_INI_MH(OnUpdateCookieLifetime) #else const zend_long maxcookie = ZEND_LONG_MAX / 2 - 1; #endif - zend_long v = (zend_long)atol(ZSTR_VAL(new_value)); - if (v < 0) { - php_error_docref(NULL, E_WARNING, "CookieLifetime cannot be negative"); + zend_long lval = 0; + int oflow = 0; + uint8_t type = is_numeric_string_ex(ZSTR_VAL(new_value), ZSTR_LEN(new_value), &lval, NULL, false, &oflow, NULL); + if (UNEXPECTED(type != IS_LONG)) { + if (oflow != 0) { + php_error_docref(NULL, E_WARNING, "session.cookie_lifetime must be between 0 and " ZEND_LONG_FMT, maxcookie); + } else { + php_error_docref(NULL, E_WARNING, "session.cookie_lifetime must be of type int"); + } + return FAILURE; + } + if (lval < 0 || lval > maxcookie) { + php_error_docref(NULL, E_WARNING, "session.cookie_lifetime must be between 0 and " ZEND_LONG_FMT, maxcookie); return FAILURE; - } else if (v > maxcookie) { - return SUCCESS; } return OnUpdateLongGEZero(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); diff --git a/ext/session/tests/gh16290.phpt b/ext/session/tests/gh16290.phpt index d341eb47471b..df57b129649d 100644 --- a/ext/session/tests/gh16290.phpt +++ b/ext/session/tests/gh16290.phpt @@ -6,8 +6,11 @@ session --FILE-- ---EXPECT-- +--EXPECTF-- +Warning: session_set_cookie_params(): session.cookie_lifetime must be between 0 and %d in %s on line %d DONE diff --git a/ext/session/tests/session_cookie_lifetime_invalid.phpt b/ext/session/tests/session_cookie_lifetime_invalid.phpt new file mode 100644 index 000000000000..8665a53447b9 --- /dev/null +++ b/ext/session/tests/session_cookie_lifetime_invalid.phpt @@ -0,0 +1,55 @@ +--TEST-- +session.cookie_lifetime rejects invalid values +--EXTENSIONS-- +session +--SKIPIF-- + +--FILE-- + +--EXPECTF-- +Warning: ini_set(): session.cookie_lifetime must be of type int in %s on line %d +string(3) "100" + +Warning: ini_set(): session.cookie_lifetime must be of type int in %s on line %d +string(3) "100" + +Warning: ini_set(): session.cookie_lifetime must be between 0 and %d in %s on line %d +string(3) "100" + +Warning: ini_set(): session.cookie_lifetime must be between 0 and %d in %s on line %d +string(3) "100" + +Warning: ini_set(): session.cookie_lifetime must be between 0 and %d in %s on line %d +string(3) "100" +string(3) "200" diff --git a/ext/session/tests/session_get_cookie_params_basic.phpt b/ext/session/tests/session_get_cookie_params_basic.phpt index 1c7cdf189fc9..73ffd4c94d1e 100644 --- a/ext/session/tests/session_get_cookie_params_basic.phpt +++ b/ext/session/tests/session_get_cookie_params_basic.phpt @@ -22,7 +22,7 @@ echo "*** Testing session_get_cookie_params() : basic functionality ***\n"; var_dump(session_get_cookie_params()); var_dump(session_set_cookie_params(3600, "/path", "blah", FALSE, FALSE)); var_dump(session_get_cookie_params()); -var_dump(session_set_cookie_params(1234567890, "/guff", "foo", TRUE, TRUE)); +var_dump(session_set_cookie_params(1000000000, "/guff", "foo", TRUE, TRUE)); var_dump(session_get_cookie_params()); var_dump(session_set_cookie_params([ "lifetime" => 123, @@ -40,7 +40,7 @@ var_dump(session_get_cookie_params()); echo "Done"; ob_end_flush(); ?> ---EXPECTF-- +--EXPECT-- *** Testing session_get_cookie_params() : basic functionality *** array(7) { ["lifetime"]=> @@ -78,7 +78,7 @@ array(7) { bool(true) array(7) { ["lifetime"]=> - int(%d) + int(1000000000) ["path"]=> string(5) "/guff" ["domain"]=> diff --git a/ext/session/tests/session_set_cookie_params_basic.phpt b/ext/session/tests/session_set_cookie_params_basic.phpt index 386280d17861..27cfd59b183e 100644 --- a/ext/session/tests/session_set_cookie_params_basic.phpt +++ b/ext/session/tests/session_set_cookie_params_basic.phpt @@ -15,7 +15,7 @@ var_dump(session_set_cookie_params(3600)); var_dump(session_start()); var_dump(session_set_cookie_params(1800)); var_dump(session_destroy()); -var_dump(session_set_cookie_params(1234567890)); +var_dump(session_set_cookie_params(1000000000)); echo "Done"; ob_end_flush(); diff --git a/ext/session/tests/session_set_cookie_params_variation1.phpt b/ext/session/tests/session_set_cookie_params_variation1.phpt index ed0b8dc9755d..ce4b98457bea 100644 --- a/ext/session/tests/session_set_cookie_params_variation1.phpt +++ b/ext/session/tests/session_set_cookie_params_variation1.phpt @@ -24,7 +24,7 @@ var_dump(ini_get("session.cookie_lifetime")); var_dump(session_destroy()); var_dump(ini_get("session.cookie_lifetime")); -var_dump(session_set_cookie_params(1234567890)); +var_dump(session_set_cookie_params(1000000000)); var_dump(ini_get("session.cookie_lifetime")); echo "Done"; @@ -44,5 +44,5 @@ string(4) "3600" bool(true) string(4) "3600" bool(true) -string(10) "1234567890" +string(10) "1000000000" Done diff --git a/ext/session/tests/session_set_cookie_params_variation8.phpt b/ext/session/tests/session_set_cookie_params_variation8.phpt index 891133b5b01e..1497ded69d5f 100644 --- a/ext/session/tests/session_set_cookie_params_variation8.phpt +++ b/ext/session/tests/session_set_cookie_params_variation8.phpt @@ -25,7 +25,7 @@ bool(true) string(1) "0" string(1) "0" -Warning: session_set_cookie_params(): CookieLifetime cannot be negative in %s on line %d +Warning: session_set_cookie_params(): session.cookie_lifetime must be between 0 and %d in %s on line %d bool(false) string(1) "0" Done diff --git a/ext/standard/link.c b/ext/standard/link.c index d92e74bb6743..dfd92a0a8709 100644 --- a/ext/standard/link.c +++ b/ext/standard/link.c @@ -84,7 +84,11 @@ PHP_FUNCTION(linkinfo) Z_PARAM_PATH(link, link_len) ZEND_PARSE_PARAMETERS_END(); - // TODO Check for empty string + if (UNEXPECTED(link_len == 0)) { + zend_argument_must_not_be_empty_error(1); + RETURN_THROWS(); + } + dirname = estrndup(link, link_len); zend_dirname(dirname, link_len); diff --git a/ext/standard/tests/file/symlink_link_linkinfo_is_link_error1.phpt b/ext/standard/tests/file/symlink_link_linkinfo_is_link_error1.phpt index f4035f8f40a2..c8420ea86fb2 100644 --- a/ext/standard/tests/file/symlink_link_linkinfo_is_link_error1.phpt +++ b/ext/standard/tests/file/symlink_link_linkinfo_is_link_error1.phpt @@ -27,8 +27,11 @@ var_dump( symlink($filename, false) ); // false as linkname echo "\n*** Testing linkinfo() for error conditions ***\n"; //invalid arguments -var_dump( linkinfo('') ); // empty string as linkname -var_dump( linkinfo(false) ); // boolean false as linkname +try { + var_dump(linkinfo('')); // empty string as linkname +} catch (ValueError $e) { + echo $e->getMessage() . "\n"; +} echo "Done\n"; ?> @@ -53,10 +56,5 @@ Warning: symlink(): %s in %s on line %d bool(false) *** Testing linkinfo() for error conditions *** - -Warning: linkinfo(): %s in %s on line %d -int(-1) - -Warning: linkinfo(): %s in %s on line %d -int(-1) +linkinfo(): Argument #1 ($path) must not be empty Done diff --git a/win32/build/confutils.js b/win32/build/confutils.js index 36484e71f8fb..fd1e9ce0be10 100644 --- a/win32/build/confutils.js +++ b/win32/build/confutils.js @@ -3361,7 +3361,7 @@ function toolset_setup_common_cflags() ADD_FLAG("CFLAGS", "/Zc:wchar_t"); } else if (CLANG_TOOLSET) { - ADD_FLAG("CFLAGS", "-Wno-deprecated-declarations"); + ADD_FLAG("CFLAGS", "-Wno-deprecated-declarations -Wno-microsoft-enum-forward-reference"); if (TARGET_ARCH == 'x86') { ADD_FLAG('CFLAGS', '-m32'); } else { @@ -3395,24 +3395,25 @@ function toolset_setup_intrinsic_cflags() /* From oldest to newest. */ var scale = new Array("sse", "sse2", "sse3", "ssse3", "sse4.1", "sse4.2", "avx", "avx2", "avx512"); - if (VS_TOOLSET) { - if ("disabled" == PHP_NATIVE_INTRINSICS) { - ERROR("Can't enable intrinsics, --with-codegen-arch passed with an incompatible option. ") - } + if ("disabled" == PHP_NATIVE_INTRINSICS) { + ERROR("Can't enable intrinsics, --with-codegen-arch passed with an incompatible option. ") + } - if (TARGET_ARCH == 'arm64') { - /* arm64 supports neon */ - configure_subst.Add("PHP_SIMD_SCALE", 'NEON'); - /* all officially supported arm64 cpu supports crc32 (TODO: to be confirmed) */ - AC_DEFINE('HAVE_ARCH64_CRC32', 1); - return; - } + if (TARGET_ARCH == 'arm64') { + /* arm64 supports neon */ + configure_subst.Add("PHP_SIMD_SCALE", 'NEON'); + /* all officially supported arm64 cpu supports crc32 (TODO: to be confirmed) */ + AC_DEFINE('HAVE_ARCH64_CRC32', 1); + return; + } - if ("no" == PHP_NATIVE_INTRINSICS || "yes" == PHP_NATIVE_INTRINSICS) { - PHP_NATIVE_INTRINSICS = default_enabled; - } + // if --enable-native-intrisics is not specified, it's "no" - enable default + if ("no" == PHP_NATIVE_INTRINSICS || "yes" == PHP_NATIVE_INTRINSICS) { + PHP_NATIVE_INTRINSICS = default_enabled; + } - if ("all" == PHP_NATIVE_INTRINSICS) { + if ("all" == PHP_NATIVE_INTRINSICS) { + if (VS_TOOLSET) { var list = (new VBArray(avail.Keys())).toArray(); for (var i in list) { @@ -3421,46 +3422,61 @@ function toolset_setup_intrinsic_cflags() /* All means all. __AVX__, __AVX2__, and __AVX512*__ are defined by compiler. */ ADD_FLAG("CFLAGS","/arch:AVX512"); - configure_subst.Add("PHP_SIMD_SCALE", "AVX512"); - } else { - var list = PHP_NATIVE_INTRINSICS.split(","); - var j = 0; - for (var k = 0; k < scale.length; k++) { - for (var i = 0; i < list.length; i++) { - var it = list[i].toLowerCase(); - if (scale[k] == it) { - j = k > j ? k : j; - } else if (!avail.Exists(it) && "avx512" != it && "avx2" != it && "avx" != it) { - WARNING("Unknown intrinsic name '" + it + "' ignored"); - } - } - } - if (TARGET_ARCH == 'x86') { - /* SSE2 is currently the default on 32-bit. It could change later, - for now no need to pass it. But, if SSE only was chosen, - /arch:SSE is required. */ - if ("sse" == scale[j]) { - ADD_FLAG("CFLAGS","/arch:SSE"); + } else if (CLANG_TOOLSET) { + ADD_FLAG("CFLAGS","-mavx512f -mavx512cd -mavx512bw -mavx512dq -mavx512vl"); + } + configure_subst.Add("PHP_SIMD_SCALE", "AVX512"); + } else { + var list = PHP_NATIVE_INTRINSICS.split(","); + var j = 0; + for (var k = 0; k < scale.length; k++) { + for (var i = 0; i < list.length; i++) { + var it = list[i].toLowerCase(); + if (scale[k] == it) { + j = k > j ? k : j; + } else if (!avail.Exists(it) && "avx512" != it && "avx2" != it && "avx" != it) { + WARNING("Unknown intrinsic name '" + it + "' ignored"); } } - configure_subst.Add("PHP_SIMD_SCALE", scale[j].toUpperCase()); - /* There is no explicit way to enable intrinsics between SSE3 and SSE4.2. - The declared macros therefore won't affect the code generation, - but will enable the guarded code parts. */ - if ("avx512" == scale[j]) { - ADD_FLAG("CFLAGS","/arch:AVX512"); - j -= 3; - } else if ("avx2" == scale[j]) { - ADD_FLAG("CFLAGS","/arch:AVX2"); - j -= 2; - } else if ("avx" == scale[j]) { - ADD_FLAG("CFLAGS","/arch:AVX"); - j -= 1; - } + } + if (TARGET_ARCH == 'x86') { + /* SSE2 is currently the default on 32-bit. It could change later, + for now no need to pass it. But, if SSE only was chosen, + /arch:SSE is required. */ + if ("sse" == scale[j]) { + ADD_FLAG("CFLAGS", VS_TOOLSET ? "/arch:SSE" : "-msse"); + } + } + configure_subst.Add("PHP_SIMD_SCALE", scale[j].toUpperCase()); + if ("avx512" == scale[j]) { + ADD_FLAG("CFLAGS", VS_TOOLSET ? "/arch:AVX512" : "-mavx512f -mavx512cd -mavx512bw -mavx512dq -mavx512vl"); + j -= 3; + } else if ("avx2" == scale[j]) { + ADD_FLAG("CFLAGS", VS_TOOLSET ? "/arch:AVX2" : "-mavx2"); + j -= 2; + } else if ("avx" == scale[j]) { + ADD_FLAG("CFLAGS", VS_TOOLSET ? "/arch:AVX" : "-mavx"); + j -= 1; + } + if (VS_TOOLSET) { + /* MSVC has no explicit way to enable intrinsics between SSE3 and SSE4.2. + The declared macros won't affect code generation, but will enable + the guarded code parts. */ for (var i = 0; i <= j; i++) { var it = scale[i]; AC_DEFINE(avail.Item(it), 1); } + } else if (CLANG_TOOLSET) { + /* clang supports -m flags for each SSE level and auto-defines + the corresponding __SSE*__ macros. Pass the highest requested + level; clang implicitly enables all lower levels. */ + var clang_flag_map = { + "sse": "-msse", "sse2": "-msse2", "sse3": "-msse3", + "ssse3": "-mssse3", "sse4.1": "-msse4.1", "sse4.2": "-msse4.2" + }; + if (clang_flag_map[scale[j]]) { + ADD_FLAG("CFLAGS", clang_flag_map[scale[j]]); + } } } }