From ac508301c95a7e9afa23f0729852f5902ef6975f Mon Sep 17 00:00:00 2001 From: Sara Golemon Date: Tue, 8 Nov 2022 22:10:24 +0000 Subject: [PATCH 01/16] Bump for 8.0.27 --- NEWS | 4 +++- Zend/zend.h | 2 +- configure.ac | 2 +- main/php_version.h | 6 +++--- 4 files changed, 8 insertions(+), 6 deletions(-) diff --git a/NEWS b/NEWS index 0d1a9fd187218..9ab144052f52e 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,8 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| -?? ??? 2022, PHP 8.0.26 +?? ??? 2022, PHP 8.0.27 + +24 Nov 2022, PHP 8.0.26 - CLI: . Fixed bug GH-9709 (Null pointer dereference with -w/-s options). (Adam Saponara) diff --git a/Zend/zend.h b/Zend/zend.h index 924b2003a53f1..11bf4fc29f1af 100644 --- a/Zend/zend.h +++ b/Zend/zend.h @@ -20,7 +20,7 @@ #ifndef ZEND_H #define ZEND_H -#define ZEND_VERSION "4.0.25-dev" +#define ZEND_VERSION "4.0.27-dev" #define ZEND_ENGINE_3 diff --git a/configure.ac b/configure.ac index da56c4653697e..23d46ae8d10a6 100644 --- a/configure.ac +++ b/configure.ac @@ -17,7 +17,7 @@ dnl Basic autoconf initialization, generation of config.nice. dnl ---------------------------------------------------------------------------- AC_PREREQ([2.68]) -AC_INIT([PHP],[8.0.25-dev],[https://bugs.php.net],[php],[https://www.php.net]) +AC_INIT([PHP],[8.0.27-dev],[https://bugs.php.net],[php],[https://www.php.net]) AC_CONFIG_SRCDIR([main/php_version.h]) AC_CONFIG_AUX_DIR([build]) AC_PRESERVE_HELP_ORDER diff --git a/main/php_version.h b/main/php_version.h index fd4b0c6c06922..22111976ccb97 100644 --- a/main/php_version.h +++ b/main/php_version.h @@ -2,7 +2,7 @@ /* edit configure.ac to change version number */ #define PHP_MAJOR_VERSION 8 #define PHP_MINOR_VERSION 0 -#define PHP_RELEASE_VERSION 25 +#define PHP_RELEASE_VERSION 27 #define PHP_EXTRA_VERSION "-dev" -#define PHP_VERSION "8.0.25-dev" -#define PHP_VERSION_ID 80025 +#define PHP_VERSION "8.0.27-dev" +#define PHP_VERSION_ID 80027 From da54664186123a431d67319e0bfd56f81f19c15d Mon Sep 17 00:00:00 2001 From: Ilija Tovilo Date: Fri, 11 Nov 2022 19:54:05 +0100 Subject: [PATCH 02/16] [skip ci] Skip function JIT in nightly for ASAN This avoids the 6h timeout. --- .github/nightly_matrix.php | 2 +- .github/workflows/nightly.yml | 6 ++++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/nightly_matrix.php b/.github/nightly_matrix.php index 0add3816cfc88..fcdf7681a7f6d 100644 --- a/.github/nightly_matrix.php +++ b/.github/nightly_matrix.php @@ -52,7 +52,7 @@ function get_matrix_include(array $branches) { 'zts' => true, 'configuration_parameters' => "CFLAGS='-fsanitize=undefined,address -DZEND_TRACK_ARENA_ALLOC' LDFLAGS='-fsanitize=undefined,address'", 'run_tests_parameters' => '--asan', - 'timeout_minutes' => 480, + 'test_function_jit' => false, ]; } return $jobs; diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 4e8162c7b6990..529f8ebd72db5 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -41,12 +41,11 @@ jobs: debug: [true, false] name: [''] run_tests_parameters: [''] - timeout_minutes: [360] + test_function_jit: [true] zts: [true, false] include: ${{ fromJson(needs.GENERATE_MATRIX.outputs.matrix-include) }} name: "${{ matrix.branch.name }}_LINUX_X64${{ matrix.name }}_${{ matrix.debug && 'DEBUG' || 'RELEASE' }}_${{ matrix.zts && 'ZTS' || 'NTS' }}" runs-on: ubuntu-20.04 - timeout-minutes: ${{ matrix.timeout_minutes }} steps: - name: git checkout uses: actions/checkout@v3 @@ -92,6 +91,9 @@ jobs: -d zend_extension=opcache.so -d opcache.enable_cli=1 - name: Test Function JIT + # ASAN frequently timeouts. Each test run takes ~90 minutes, we can + # avoid running into the 6 hour timeout by skipping the function JIT. + if: matrix.test_function_jit uses: ./.github/actions/test-linux with: runTestsParameters: >- From db2d32f476b09a640616ad111999cb33e3fc9cf3 Mon Sep 17 00:00:00 2001 From: Jakub Zelenka Date: Sun, 30 Oct 2022 16:36:58 +0000 Subject: [PATCH 03/16] Introduce TEST_FPM_EXTENSION_DIR for FPM tests with shared extensions --- sapi/fpm/tests/bug77780-header-sent-error.phpt | 2 +- sapi/fpm/tests/tester.inc | 17 +++++++++++++++-- 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/sapi/fpm/tests/bug77780-header-sent-error.phpt b/sapi/fpm/tests/bug77780-header-sent-error.phpt index b5e76918547f1..017a2aa513c2a 100644 --- a/sapi/fpm/tests/bug77780-header-sent-error.phpt +++ b/sapi/fpm/tests/bug77780-header-sent-error.phpt @@ -24,7 +24,7 @@ echo str_repeat('asdfghjkl', 150000) . "\n"; EOT; $tester = new FPM\Tester($cfg, $code); -$tester->start(); +$tester->start(extensions: ['session']); $tester->expectLogStartNotices(); $tester ->request( diff --git a/sapi/fpm/tests/tester.inc b/sapi/fpm/tests/tester.inc index 2c4b81bd5903f..6197cdba53f5c 100644 --- a/sapi/fpm/tests/tester.inc +++ b/sapi/fpm/tests/tester.inc @@ -379,12 +379,17 @@ class Tester * @param array $extraArgs Command extra arguments. * @param bool $forceStderr Whether to output to stderr so error log is used. * @param bool $daemonize Whether to start FPM daemonized + * @param array $extensions List of extension to add if shared build used. * * @return bool * @throws \Exception */ - public function start(array $extraArgs = [], bool $forceStderr = true, bool $daemonize = false) - { + public function start( + array $extraArgs = [], + bool $forceStderr = true, + bool $daemonize = false, + array $extensions = [] + ) { $configFile = $this->createConfig(); $desc = $this->outDesc ? [] : [1 => array('pipe', 'w'), 2 => array('redirect', 1)]; @@ -399,6 +404,14 @@ class Tester $cmd[] = '-F'; } + $extensionDir = getenv('TEST_FPM_EXTENSION_DIR'); + if ($extensionDir) { + $cmd[] = '-dextension_dir=' . $extensionDir; + foreach ($extensions as $extension) { + $cmd[] = '-dextension=' . $extension; + } + } + if (getenv('TEST_FPM_RUN_AS_ROOT')) { $cmd[] = '--allow-to-run-as-root'; } From cdc0a8b06be591437e863ecd8aec2c4f62d8b951 Mon Sep 17 00:00:00 2001 From: Ilija Tovilo Date: Sun, 13 Nov 2022 13:53:02 +0100 Subject: [PATCH 04/16] Add wordpress to community build Closes GH-9942 --- .github/workflows/nightly.yml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 529f8ebd72db5..5c15c43a500b6 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -366,6 +366,22 @@ jobs: git rev-parse HEAD sed -i 's/PHP_SAPI/"cli-server"/g' var/cache/dev/App_KernelDevDebugContainer.preload.php php -d opcache.preload=var/cache/dev/App_KernelDevDebugContainer.preload.php public/index.php + - name: Test Wordpress + if: always() + run: | + git clone https://github.com/WordPress/wordpress-develop.git wordpress --depth=1 + cd wordpress + git rev-parse HEAD + export ASAN_OPTIONS=exitcode=139 + php /usr/bin/composer install --no-progress --ignore-platform-reqs + cp wp-tests-config-sample.php wp-tests-config.php + sed -i 's/youremptytestdbnamehere/test/g' wp-tests-config.php + sed -i 's/yourusernamehere/root/g' wp-tests-config.php + sed -i 's/yourpasswordhere/root/g' wp-tests-config.php + php vendor/bin/phpunit || EXIT_CODE=$? + if [ $EXIT_CODE -gt 128 ]; then + exit 1 + fi OPCACHE_VARIATION: needs: GENERATE_MATRIX if: ${{ needs.GENERATE_MATRIX.outputs.branches != '[]' }} From 4bdfce6c1a852e931987262a2eede501a7f7992a Mon Sep 17 00:00:00 2001 From: George Wang Date: Sun, 20 Nov 2022 19:30:07 -0500 Subject: [PATCH 05/16] Use __atomic_xxxx() instead of __sync_xxxx() for lsapi. --- sapi/litespeed/lsapilib.c | 78 +++++++++++++++++++++------------------ 1 file changed, 43 insertions(+), 35 deletions(-) diff --git a/sapi/litespeed/lsapilib.c b/sapi/litespeed/lsapilib.c index 444872de7f697..3cce4911e18b5 100644 --- a/sapi/litespeed/lsapilib.c +++ b/sapi/litespeed/lsapilib.c @@ -431,9 +431,10 @@ static void lsapi_close_connection(LSAPI_Request *pReq) lsapi_close(pReq->m_fd); pReq->m_fd = -1; if (s_busy_workers) - __sync_fetch_and_sub(s_busy_workers, 1); + __atomic_fetch_sub(s_busy_workers, 1, __ATOMIC_SEQ_CST); if (s_worker_status) - __sync_lock_test_and_set(&s_worker_status->m_state, LSAPI_STATE_IDLE); + __atomic_store_n(&s_worker_status->m_state, LSAPI_STATE_IDLE, + __ATOMIC_SEQ_CST); } @@ -1577,10 +1578,10 @@ int LSAPI_Accept_r( LSAPI_Request * pReq ) else { if (s_worker_status) - __sync_lock_test_and_set(&s_worker_status->m_state, - LSAPI_STATE_CONNECTED); + __atomic_store_n(&s_worker_status->m_state, + LSAPI_STATE_CONNECTED, __ATOMIC_SEQ_CST); if (s_busy_workers) - __sync_fetch_and_add(s_busy_workers, 1); + __atomic_fetch_add(s_busy_workers, 1, __ATOMIC_SEQ_CST); lsapi_set_nblock( pReq->m_fd , 0 ); if (((struct sockaddr *)&achPeer)->sa_family == AF_INET ) { @@ -2870,9 +2871,9 @@ void LSAPI_reset_server_state( void ) ++pStatus; } if (s_busy_workers) - __sync_lock_release(s_busy_workers); + __atomic_store_n(s_busy_workers, 0, __ATOMIC_SEQ_CST); if (s_accepting_workers) - __sync_lock_release(s_accepting_workers); + __atomic_store_n(s_accepting_workers, 0, __ATOMIC_SEQ_CST); } @@ -2880,6 +2881,8 @@ void LSAPI_reset_server_state( void ) static void lsapi_sigchild( int signal ) { int status, pid; + char expect_connected = LSAPI_STATE_CONNECTED; + char expect_accepting = LSAPI_STATE_ACCEPTING; lsapi_child_status * child_status; if (g_prefork_server == NULL) return; @@ -2916,19 +2919,23 @@ static void lsapi_sigchild( int signal ) child_status = find_child_status( pid ); if ( child_status ) { - if (__sync_bool_compare_and_swap(&child_status->m_state, - LSAPI_STATE_CONNECTED, - LSAPI_STATE_IDLE)) + if (__atomic_compare_exchange_n(&child_status->m_state, + &expect_connected, + LSAPI_STATE_IDLE, 1, + __ATOMIC_SEQ_CST, + __ATOMIC_SEQ_CST)) { if (s_busy_workers) - __sync_fetch_and_sub(s_busy_workers, 1); + __atomic_fetch_sub(s_busy_workers, 1, __ATOMIC_SEQ_CST); } - else if (__sync_bool_compare_and_swap(&child_status->m_state, - LSAPI_STATE_ACCEPTING, - LSAPI_STATE_IDLE)) + else if (__atomic_compare_exchange_n(&child_status->m_state, + &expect_accepting, + LSAPI_STATE_IDLE, 1, + __ATOMIC_SEQ_CST, + __ATOMIC_SEQ_CST)) { if (s_accepting_workers) - __sync_fetch_and_sub(s_accepting_workers, 1); + __atomic_fetch_sub(s_accepting_workers, 1, __ATOMIC_SEQ_CST); } child_status->m_pid = 0; --g_prefork_server->m_iCurChildren; @@ -3201,7 +3208,7 @@ static int lsapi_prefork_server_accept( lsapi_prefork_server * pServer, { int accepting = 0; if (s_accepting_workers) - accepting = __sync_add_and_fetch(s_accepting_workers, 0); + accepting = __atomic_load_n(s_accepting_workers, __ATOMIC_SEQ_CST); if (pServer->m_iCurChildren > 0 && accepting > 0) @@ -3267,10 +3274,10 @@ static int lsapi_prefork_server_accept( lsapi_prefork_server * pServer, if (pthread_atfork_func) (*pthread_atfork_func)(NULL, NULL, set_skip_write); - __sync_lock_test_and_set(&s_worker_status->m_state, - LSAPI_STATE_CONNECTED); + __atomic_store_n(&s_worker_status->m_state, + LSAPI_STATE_CONNECTED, __ATOMIC_SEQ_CST); if (s_busy_workers) - __sync_add_and_fetch(s_busy_workers, 1); + __atomic_add_fetch(s_busy_workers, 1, __ATOMIC_SEQ_CST); lsapi_set_nblock( pReq->m_fd, 0 ); //keep it open if busy_count is used. if (!s_keep_listener && s_busy_workers @@ -3342,7 +3349,7 @@ int LSAPI_Postfork_Child(LSAPI_Request * pReq) { int max_children = g_prefork_server->m_iMaxChildren; s_pid = getpid(); - __sync_lock_test_and_set(&pReq->child_status->m_pid, s_pid); + __atomic_store_n(&pReq->child_status->m_pid, s_pid, __ATOMIC_SEQ_CST); s_worker_status = pReq->child_status; setsid(); @@ -3354,10 +3361,10 @@ int LSAPI_Postfork_Child(LSAPI_Request * pReq) if (pthread_atfork_func) (*pthread_atfork_func)(NULL, NULL, set_skip_write); - __sync_lock_test_and_set(&s_worker_status->m_state, - LSAPI_STATE_CONNECTED); + __atomic_store_n(&s_worker_status->m_state, + LSAPI_STATE_CONNECTED, __ATOMIC_SEQ_CST); if (s_busy_workers) - __sync_add_and_fetch(s_busy_workers, 1); + __atomic_add_fetch(s_busy_workers, 1, __ATOMIC_SEQ_CST); lsapi_set_nblock( pReq->m_fd, 0 ); //keep it open if busy_count is used. if (!s_keep_listener && s_busy_workers @@ -3474,7 +3481,7 @@ int LSAPI_Accept_Before_Fork(LSAPI_Request * pReq) { int accepting = 0; if (s_accepting_workers) - accepting = __sync_add_and_fetch(s_accepting_workers, 0); + accepting = __atomic_load_n(s_accepting_workers, __ATOMIC_SEQ_CST); if (pServer->m_iCurChildren > 0 && accepting > 0) @@ -3559,7 +3566,7 @@ int LSAPI_Prefork_Accept_r( LSAPI_Request * pReq ) } else if (s_req_processed > 0 && s_max_busy_workers > 0 && s_busy_workers) { - ret = __sync_fetch_and_add(s_busy_workers, 0); + ret = __atomic_load_n(s_busy_workers, __ATOMIC_SEQ_CST); if (ret >= s_max_busy_workers) { send_conn_close_notification(pReq->m_fd); @@ -3603,19 +3610,19 @@ int LSAPI_Prefork_Accept_r( LSAPI_Request * pReq ) if (fd == pReq->m_fdListen) { if (s_worker_status) - __sync_lock_test_and_set(&s_worker_status->m_state, - LSAPI_STATE_ACCEPTING); + __atomic_store_n(&s_worker_status->m_state, + LSAPI_STATE_ACCEPTING, __ATOMIC_SEQ_CST); if (s_accepting_workers) - __sync_fetch_and_add(s_accepting_workers, 1); + __atomic_fetch_add(s_accepting_workers, 1, __ATOMIC_SEQ_CST); } ret = (*g_fnSelect)(fd+1, &readfds, NULL, NULL, &timeout); if (fd == pReq->m_fdListen) { if (s_accepting_workers) - __sync_fetch_and_sub(s_accepting_workers, 1); + __atomic_fetch_sub(s_accepting_workers, 1, __ATOMIC_SEQ_CST); if (s_worker_status) - __sync_lock_test_and_set(&s_worker_status->m_state, - LSAPI_STATE_IDLE); + __atomic_store_n(&s_worker_status->m_state, + LSAPI_STATE_IDLE, __ATOMIC_SEQ_CST); } if ( ret == 0 ) @@ -3663,10 +3670,11 @@ int LSAPI_Prefork_Accept_r( LSAPI_Request * pReq ) if ( pReq->m_fd != -1 ) { if (s_worker_status) - __sync_lock_test_and_set(&s_worker_status->m_state, - LSAPI_STATE_CONNECTED); + __atomic_store_n(&s_worker_status->m_state, + LSAPI_STATE_CONNECTED, + __ATOMIC_SEQ_CST); if (s_busy_workers) - __sync_fetch_and_add(s_busy_workers, 1); + __atomic_fetch_add(s_busy_workers, 1, __ATOMIC_SEQ_CST); fd = pReq->m_fd; @@ -4337,5 +4345,5 @@ int LSAPI_Set_Restored_Parent_Pid(int pid) int LSAPI_Inc_Req_Processed(int cnt) { - return __sync_add_and_fetch(s_global_counter, cnt); + return __atomic_add_fetch(s_global_counter, cnt, __ATOMIC_SEQ_CST); } From 72da2b02e24fc3c5b7fd34744d9cb1c864753895 Mon Sep 17 00:00:00 2001 From: Petr Sumbera Date: Tue, 22 Nov 2022 15:44:05 +0100 Subject: [PATCH 06/16] php-fpm: fix Solaris port events.mechanism Closes GH-9959. --- NEWS | 2 ++ sapi/fpm/fpm/events/port.c | 8 +++++++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/NEWS b/NEWS index 9ab144052f52e..0874b812f83cf 100644 --- a/NEWS +++ b/NEWS @@ -23,6 +23,8 @@ PHP NEWS - FPM: . Fixed bug GH-9754 (SaltStack (using Python subprocess) hangs when running php-fpm 8.1.11). (Jakub Zelenka) + . Fixed bug GH-9959 (Solaris port event mechanism is still broken after bug + #66694). (Petr Sumbera) - mysqli: . Fixed bug GH-9841 (mysqli_query throws warning despite using diff --git a/sapi/fpm/fpm/events/port.c b/sapi/fpm/fpm/events/port.c index 5266973c4aa13..6af7c91015248 100644 --- a/sapi/fpm/fpm/events/port.c +++ b/sapi/fpm/fpm/events/port.c @@ -144,14 +144,20 @@ static int fpm_event_port_wait(struct fpm_event_queue_s *queue, unsigned long in } for (i = 0; i < nget; i++) { + struct fpm_event_s *ev; /* do we have a ptr to the event ? */ if (!events[i].portev_user) { continue; } + ev = (struct fpm_event_s *)events[i].portev_user; + + /* re-associate for next event */ + fpm_event_port_add(ev); + /* fire the event */ - fpm_event_fire((struct fpm_event_s *)events[i].portev_user); + fpm_event_fire(ev); /* sanity check */ if (fpm_globals.parent_pid != getpid()) { From 921b6813da3237a83e908998483f46ae3d8bacba Mon Sep 17 00:00:00 2001 From: "Christoph M. Becker" Date: Mon, 31 Oct 2022 17:20:23 +0100 Subject: [PATCH 07/16] Fix #81740: PDO::quote() may return unquoted string `sqlite3_snprintf()` expects its first parameter to be `int`; we need to avoid overflow. --- ext/pdo_sqlite/sqlite_driver.c | 3 +++ ext/pdo_sqlite/tests/bug81740.phpt | 17 +++++++++++++++++ 2 files changed, 20 insertions(+) create mode 100644 ext/pdo_sqlite/tests/bug81740.phpt diff --git a/ext/pdo_sqlite/sqlite_driver.c b/ext/pdo_sqlite/sqlite_driver.c index 4233ff10ff2ee..5a72a1eda23f4 100644 --- a/ext/pdo_sqlite/sqlite_driver.c +++ b/ext/pdo_sqlite/sqlite_driver.c @@ -232,6 +232,9 @@ static char *pdo_sqlite_last_insert_id(pdo_dbh_t *dbh, const char *name, size_t /* NB: doesn't handle binary strings... use prepared stmts for that */ static int sqlite_handle_quoter(pdo_dbh_t *dbh, const char *unquoted, size_t unquotedlen, char **quoted, size_t *quotedlen, enum pdo_param_type paramtype ) { + if (unquotedlen > (INT_MAX - 3) / 2) { + return 0; + } *quoted = safe_emalloc(2, unquotedlen, 3); sqlite3_snprintf(2*unquotedlen + 3, *quoted, "'%q'", unquoted); *quotedlen = strlen(*quoted); diff --git a/ext/pdo_sqlite/tests/bug81740.phpt b/ext/pdo_sqlite/tests/bug81740.phpt new file mode 100644 index 0000000000000..99fb07c3048b0 --- /dev/null +++ b/ext/pdo_sqlite/tests/bug81740.phpt @@ -0,0 +1,17 @@ +--TEST-- +Bug #81740 (PDO::quote() may return unquoted string) +--SKIPIF-- + +--INI-- +memory_limit=-1 +--FILE-- +quote($string)); +?> +--EXPECT-- +bool(false) From 5f90134bb69a345c7edb5013e6461e84caa32dbc Mon Sep 17 00:00:00 2001 From: Stanislav Malyshev Date: Sun, 18 Dec 2022 22:52:30 -0700 Subject: [PATCH 08/16] Make build work with newer OpenSSL --- ext/openssl/openssl.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index 45a7e794400d0..9827c75871668 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -1325,7 +1325,9 @@ PHP_MINIT_FUNCTION(openssl) REGISTER_LONG_CONSTANT("OPENSSL_CMS_NOSIGS", CMS_NOSIGS, CONST_CS|CONST_PERSISTENT); REGISTER_LONG_CONSTANT("OPENSSL_PKCS1_PADDING", RSA_PKCS1_PADDING, CONST_CS|CONST_PERSISTENT); +#ifdef RSA_SSLV23_PADDING REGISTER_LONG_CONSTANT("OPENSSL_SSLV23_PADDING", RSA_SSLV23_PADDING, CONST_CS|CONST_PERSISTENT); +#endif REGISTER_LONG_CONSTANT("OPENSSL_NO_PADDING", RSA_NO_PADDING, CONST_CS|CONST_PERSISTENT); REGISTER_LONG_CONSTANT("OPENSSL_PKCS1_OAEP_PADDING", RSA_PKCS1_OAEP_PADDING, CONST_CS|CONST_PERSISTENT); From 05c35137cd9eba8950249f62b86212af24cbfb33 Mon Sep 17 00:00:00 2001 From: Stanislav Malyshev Date: Sun, 18 Dec 2022 23:24:53 -0700 Subject: [PATCH 09/16] Add NEWS --- NEWS | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/NEWS b/NEWS index 0874b812f83cf..c6b0036b600b9 100644 --- a/NEWS +++ b/NEWS @@ -2,6 +2,10 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? ??? 2022, PHP 8.0.27 +- PDO/SQLite: + . Fixed bug #81740 (PDO::quote() may return unquoted string). (CVE-2022-31631) + (cmb) + 24 Nov 2022, PHP 8.0.26 - CLI: From cf5dac07d248b8cdd082d6b327d3b4c91900bd1e Mon Sep 17 00:00:00 2001 From: "Christoph M. Becker" Date: Mon, 19 Dec 2022 15:56:56 +0100 Subject: [PATCH 10/16] Skip newly added test on 32bit platforms That bug didn't affect 32bit platforms, and besides, it is rather unlikely that allocating a 2GB string works on such platforms. --- ext/pdo_sqlite/tests/bug81740.phpt | 1 + 1 file changed, 1 insertion(+) diff --git a/ext/pdo_sqlite/tests/bug81740.phpt b/ext/pdo_sqlite/tests/bug81740.phpt index 99fb07c3048b0..dc33641ae864e 100644 --- a/ext/pdo_sqlite/tests/bug81740.phpt +++ b/ext/pdo_sqlite/tests/bug81740.phpt @@ -3,6 +3,7 @@ Bug #81740 (PDO::quote() may return unquoted string) --SKIPIF-- --INI-- From 4ce48e9a39073444d526960dd954db28e9a1164a Mon Sep 17 00:00:00 2001 From: Gabriel Caruso Date: Tue, 3 Jan 2023 11:36:20 -0300 Subject: [PATCH 11/16] [ci skip] Prepare for PHP 8.0.27 GA --- NEWS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/NEWS b/NEWS index c6b0036b600b9..3be34b3bfd752 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,6 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| -?? ??? 2022, PHP 8.0.27 +05 Jan 2023, PHP 8.0.27 - PDO/SQLite: . Fixed bug #81740 (PDO::quote() may return unquoted string). (CVE-2022-31631) From c2737b40d72c323ec51a6b026b720e1b196be85b Mon Sep 17 00:00:00 2001 From: Gabriel Caruso Date: Tue, 3 Jan 2023 11:39:21 -0300 Subject: [PATCH 12/16] [ci skip] Next release will be 8.0.28 --- NEWS | 3 +++ 1 file changed, 3 insertions(+) diff --git a/NEWS b/NEWS index 3be34b3bfd752..907a06b90ec97 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,8 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| +?? ??? ????, PHP 8.0.28 + + 05 Jan 2023, PHP 8.0.27 - PDO/SQLite: From 255e08ac56539f07cdbfa2f32922f20f7d21de5c Mon Sep 17 00:00:00 2001 From: Gabriel Caruso Date: Tue, 3 Jan 2023 13:00:44 -0300 Subject: [PATCH 13/16] Revert "Make build work with newer OpenSSL" This reverts commit 5f90134bb69a345c7edb5013e6461e84caa32dbc. --- ext/openssl/openssl.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index 9827c75871668..45a7e794400d0 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -1325,9 +1325,7 @@ PHP_MINIT_FUNCTION(openssl) REGISTER_LONG_CONSTANT("OPENSSL_CMS_NOSIGS", CMS_NOSIGS, CONST_CS|CONST_PERSISTENT); REGISTER_LONG_CONSTANT("OPENSSL_PKCS1_PADDING", RSA_PKCS1_PADDING, CONST_CS|CONST_PERSISTENT); -#ifdef RSA_SSLV23_PADDING REGISTER_LONG_CONSTANT("OPENSSL_SSLV23_PADDING", RSA_SSLV23_PADDING, CONST_CS|CONST_PERSISTENT); -#endif REGISTER_LONG_CONSTANT("OPENSSL_NO_PADDING", RSA_NO_PADDING, CONST_CS|CONST_PERSISTENT); REGISTER_LONG_CONSTANT("OPENSSL_PKCS1_OAEP_PADDING", RSA_PKCS1_OAEP_PADDING, CONST_CS|CONST_PERSISTENT); From 5ab3a1cada5a9958a7ad4bc00d0a12ec48b9b231 Mon Sep 17 00:00:00 2001 From: Gabriel Caruso Date: Tue, 3 Jan 2023 16:15:40 +0000 Subject: [PATCH 14/16] Update NEWS for PHP 8.0.27 --- NEWS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/NEWS b/NEWS index 907a06b90ec97..3f934c13b7262 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,6 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| -?? ??? ????, PHP 8.0.28 +05 Jan 2023, PHP 8.0.27 05 Jan 2023, PHP 8.0.27 From 8ebdfc4a263b5593a21de9f78f9a48020b842899 Mon Sep 17 00:00:00 2001 From: Gabriel Caruso Date: Tue, 3 Jan 2023 16:15:43 +0000 Subject: [PATCH 15/16] Update versions for PHP 8.0.27 --- Zend/zend.h | 2 +- configure.ac | 2 +- main/php_version.h | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Zend/zend.h b/Zend/zend.h index 11bf4fc29f1af..2fdf12fe44705 100644 --- a/Zend/zend.h +++ b/Zend/zend.h @@ -20,7 +20,7 @@ #ifndef ZEND_H #define ZEND_H -#define ZEND_VERSION "4.0.27-dev" +#define ZEND_VERSION "4.0.27" #define ZEND_ENGINE_3 diff --git a/configure.ac b/configure.ac index 23d46ae8d10a6..7684744f370ec 100644 --- a/configure.ac +++ b/configure.ac @@ -17,7 +17,7 @@ dnl Basic autoconf initialization, generation of config.nice. dnl ---------------------------------------------------------------------------- AC_PREREQ([2.68]) -AC_INIT([PHP],[8.0.27-dev],[https://bugs.php.net],[php],[https://www.php.net]) +AC_INIT([PHP],[8.0.27],[https://bugs.php.net],[php],[https://www.php.net]) AC_CONFIG_SRCDIR([main/php_version.h]) AC_CONFIG_AUX_DIR([build]) AC_PRESERVE_HELP_ORDER diff --git a/main/php_version.h b/main/php_version.h index 22111976ccb97..e3ece89ade4aa 100644 --- a/main/php_version.h +++ b/main/php_version.h @@ -3,6 +3,6 @@ #define PHP_MAJOR_VERSION 8 #define PHP_MINOR_VERSION 0 #define PHP_RELEASE_VERSION 27 -#define PHP_EXTRA_VERSION "-dev" -#define PHP_VERSION "8.0.27-dev" +#define PHP_EXTRA_VERSION "" +#define PHP_VERSION "8.0.27" #define PHP_VERSION_ID 80027 From f325ad215d0c9d1cc5cc533ca0819b0d57fe42a3 Mon Sep 17 00:00:00 2001 From: Gabriel Caruso Date: Tue, 3 Jan 2023 13:29:06 -0300 Subject: [PATCH 16/16] [ci skip] Remove duplicated entries --- NEWS | 3 --- 1 file changed, 3 deletions(-) diff --git a/NEWS b/NEWS index 3f934c13b7262..3be34b3bfd752 100644 --- a/NEWS +++ b/NEWS @@ -2,9 +2,6 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| 05 Jan 2023, PHP 8.0.27 - -05 Jan 2023, PHP 8.0.27 - - PDO/SQLite: . Fixed bug #81740 (PDO::quote() may return unquoted string). (CVE-2022-31631) (cmb)