I'm not sure where the security issue is here. If you allow arbitrary externally-controlled strings as your filenames then of course those can use filters and maybe a lot more. Secure code just shouldn't allow external parties to send it php:// URLs to open. It should verify whatever it tries to open, if it is externally controlled, is a valid safe filename.

Update NEWS

Bumb versions

Fix #81740: PDO::quote() may return unquoted string

sqlite3_snprintf() expects its first parameter to be int; we need to avoid overflow.

Skip newly added test on 32bit platforms

That bug didn't affect 32bit platforms, and besides, it is rather unlikely that allocating a 2GB string works on such platforms.

Update NEWS file with latest release information

Enable Travis jobs

Fix test

crypt: Fix validation of malformed BCrypt hashes

PHP’s implementation of crypt_blowfish differs from the upstream Openwall version by adding a “PHP Hack”, which allows one to cut short the BCrypt salt by including a $ character within the characters that represent the salt.

Hashes that are affected by the “PHP Hack” may erroneously validate any password as valid when used with password_verify and when comparing the return value of crypt() against the input.

The PHP Hack exists since the first version of PHP’s own crypt_blowfish implementation that was added in 1e820eca02dcf322b41fd2fe4ed2a6b8309f8ab5.

No clear reason is given for the PHP Hack’s existence. This commit removes it, because BCrypt hashes containing a $ character in their salt are not valid BCrypt hashes.

crypt: Fix possible buffer overread in php_crypt()

Fix array overrun when appending slash to paths

Fix it by extending the array sizes by one character. As the input is limited to the maximum path length, there will always be place to append the slash. As the php_check_specific_open_basedir() simply uses the strings to compare against each other, no new failures related to too long paths are introduced. We'll let the DOM and XML case handle a potentially too long path in the library code.

Fix repeated warning for file uploads limit exceeding

Introduce max_multipart_body_parts INI

This fixes GHSA-54hq-v5wp-fqgv DOS vulnerabality by limitting number of parsed multipart body parts as currently all parts were always parsed.

more config for new FPM tests

crypt: Fix validation of malformed BCrypt hashes

PHP’s implementation of crypt_blowfish differs from the upstream Openwall version by adding a “PHP Hack”, which allows one to cut short the BCrypt salt by including a $ character within the characters that represent the salt.

Hashes that are affected by the “PHP Hack” may erroneously validate any password as valid when used with password_verify and when comparing the return value of crypt() against the input.

The PHP Hack exists since the first version of PHP’s own crypt_blowfish implementation that was added in 1e820eca02dcf322b41fd2fe4ed2a6b8309f8ab5.

No clear reason is given for the PHP Hack’s existence. This commit removes it, because BCrypt hashes containing a $ character in their salt are not valid BCrypt hashes.

crypt: Fix possible buffer overread in php_crypt()

Update NEWS

Fix array overrun when appending slash to paths

Fix it by extending the array sizes by one character. As the input is limited to the maximum path length, there will always be place to append the slash. As the php_check_specific_open_basedir() simply uses the strings to compare against each other, no new failures related to too long paths are introduced. We'll let the DOM and XML case handle a potentially too long path in the library code.

Update NEWS

Merge branch 'PHP-8.0' into PHP-8.1

Merge branch 'PHP-8.1' into PHP-8.2

Merge branch 'PHP-8.2'

crypt: Fix validation of malformed BCrypt hashes

PHP’s implementation of crypt_blowfish differs from the upstream Openwall version by adding a “PHP Hack”, which allows one to cut short the BCrypt salt by including a $ character within the characters that represent the salt.

Hashes that are affected by the “PHP Hack” may erroneously validate any password as valid when used with password_verify and when comparing the return value of crypt() against the input.

The PHP Hack exists since the first version of PHP’s own crypt_blowfish implementation that was added in 1e820eca02dcf322b41fd2fe4ed2a6b8309f8ab5.

No clear reason is given for the PHP Hack’s existence. This commit removes it, because BCrypt hashes containing a $ character in their salt are not valid BCrypt hashes.

crypt: Fix possible buffer overread in php_crypt()

Update NEWS

Fix array overrun when appending slash to paths

Fix it by extending the array sizes by one character. As the input is limited to the maximum path length, there will always be place to append the slash. As the php_check_specific_open_basedir() simply uses the strings to compare against each other, no new failures related to too long paths are introduced. We'll let the DOM and XML case handle a potentially too long path in the library code.

Update NEWS

Merge branch 'PHP-8.0' into PHP-8.1

crypt: Fix validation of malformed BCrypt hashes

PHP’s implementation of crypt_blowfish differs from the upstream Openwall version by adding a “PHP Hack”, which allows one to cut short the BCrypt salt by including a $ character within the characters that represent the salt.

Hashes that are affected by the “PHP Hack” may erroneously validate any password as valid when used with password_verify and when comparing the return value of crypt() against the input.

The PHP Hack exists since the first version of PHP’s own crypt_blowfish implementation that was added in 1e820eca02dcf322b41fd2fe4ed2a6b8309f8ab5.

No clear reason is given for the PHP Hack’s existence. This commit removes it, because BCrypt hashes containing a $ character in their salt are not valid BCrypt hashes.

crypt: Fix possible buffer overread in php_crypt()

Update NEWS

Fix array overrun when appending slash to paths

Fix it by extending the array sizes by one character. As the input is limited to the maximum path length, there will always be place to append the slash. As the php_check_specific_open_basedir() simply uses the strings to compare against each other, no new failures related to too long paths are introduced. We'll let the DOM and XML case handle a potentially too long path in the library code.

Update NEWS

crypt: Fix validation of malformed BCrypt hashes

PHP’s implementation of crypt_blowfish differs from the upstream Openwall version by adding a “PHP Hack”, which allows one to cut short the BCrypt salt by including a $ character within the characters that represent the salt.

Hashes that are affected by the “PHP Hack” may erroneously validate any password as valid when used with password_verify and when comparing the return value of crypt() against the input.

The PHP Hack exists since the first version of PHP’s own crypt_blowfish implementation that was added in 1e820eca02dcf322b41fd2fe4ed2a6b8309f8ab5.

No clear reason is given for the PHP Hack’s existence. This commit removes it, because BCrypt hashes containing a $ character in their salt are not valid BCrypt hashes.

crypt: Fix possible buffer overread in php_crypt()

Update NEWS

Fix array overrun when appending slash to paths

Fix it by extending the array sizes by one character. As the input is limited to the maximum path length, there will always be place to append the slash. As the php_check_specific_open_basedir() simply uses the strings to compare against each other, no new failures related to too long paths are introduced. We'll let the DOM and XML case handle a potentially too long path in the library code.

Update NEWS

Merge branch 'PHP-8.0' into PHP-8.1

Merge branch 'PHP-8.1' into PHP-8.2

Fix array overrun when appending slash to paths

Fix it by extending the array sizes by one character. As the input is limited to the maximum path length, there will always be place to append the slash. As the php_check_specific_open_basedir() simply uses the strings to compare against each other, no new failures related to too long paths are introduced. We'll let the DOM and XML case handle a potentially too long path in the library code.

Update NEWS

crypt: Fix validation of malformed BCrypt hashes

PHP’s implementation of crypt_blowfish differs from the upstream Openwall version by adding a “PHP Hack”, which allows one to cut short the BCrypt salt by including a $ character within the characters that represent the salt.

Hashes that are affected by the “PHP Hack” may erroneously validate any password as valid when used with password_verify and when comparing the return value of crypt() against the input.

The PHP Hack exists since the first version of PHP’s own crypt_blowfish implementation that was added in 1e820eca02dcf322b41fd2fe4ed2a6b8309f8ab5.

No clear reason is given for the PHP Hack’s existence. This commit removes it, because BCrypt hashes containing a $ character in their salt are not valid BCrypt hashes.

crypt: Fix possible buffer overread in php_crypt()

Update NEWS

Fix signedness confusion in php_filter_validate_domain()

As is, there is the possibility that integer underflow occurs, making _php_filter_validate_domain() succeed for very long domain names.

Cf. https://pwning.systems/posts/php_filter_var_shenanigans/.

Fix result_type related stack corruption on LLP64 architectures

Integer parameters are stored in zend_long values, which have 64 bits on LLP64, but long has only 32 bits there.

Adding a test might be overkill, because the broken behavior could already be observed when running pg_select_001.phpt on Windows debug builds, which report the stack corruption.

Closes GH-8263.

Don't try to access memory outside string

run-tests.php: fix TypeError: Unsupported operand types: string * int is mandatory for --show-slow and --set-timeout use in help message instead of confusing [n]

typo

Fix GH-8253: pg_insert() fails for references

We need to deref the values.

Closes GH-8262.

Fix regression from #8058

Closes GH-8181

Re-enable i386 tests on Azure Pipelines

Fix GH-8289: Exceptions thrown within a yielded from iterator are not rethrown into the generator

This also fixes the fact that exception traces were not including the generator frame when thrown in a yielded from iterator.

JIT: Fixed incorrect code generation

Fixes oss-fuzz #46328

Ensure correct target opline for exceptions thrown during yield from

Also appends the exception during a yield from values dtor instead of prepending it

Fixing regression introduced in 13649451c201361b438ca0f762cfb33dfc3fca39.

Fixed reference counting inference

Fixes oss-fuzz #46084

JIT: Fix array clobbering by user error handler

Fixes oss-fuzz #46336

Bump version

Apparently, this has been forgotten when PHP 8.0.17RC1 and 8.0.18RC1 had been tagged.

We also fix the version of the fix for GH-8253, which didn't make it into PHP 8.0.18RC1.

Fix #81714: segfault when serializing finalized HashContext

We must not allow to serialize already finalized HashContexts, since the internal context is already freed. Since there is not much point in serializing finalized HashContexts, we just bail out in that case.

Closes GH-8265.

Updated to version 2022.1 (2022a)

Empty merge

Updated to version 2022.1 (2022a)

Fix GH-8267: MySQLi uses unsupported format specifier on Windows

Instead of using the unsupported %I64u and %I64d format specifiers on Windows, we use the portable PRIu64 and PRId64 specifiers.

The L64() macro and the my_longlong typedef should be adapted as well, as the i64 literal suffix is still supported by MSVC, but using LL or ll is recommended[1], and the standard int64_t is available there anyway. This is not urgent, though.

[1] https://docs.microsoft.com/en-us/cpp/cpp/numeric-boolean-and-pointer-literals-cpp?view=msvc-170#integer-literals

Closes GH-8268.

Add nightly for GitHub actions