Skip to content

Commit ebbccb3

Browse files
ramseyramsey
committed
Merge branch 'PHP-8.0' into PHP-8.1
2 parents 93b43ac + d8f2584 commit ebbccb3

7 files changed

+16
-5
lines changed

NEWS

+6
Original file line numberDiff line numberDiff line change
@@ -72,6 +72,10 @@ PHP NEWS
7272
- Intl:
7373
. Fix memory leak in MessageFormatter::format() on failure. (Girgias)
7474

75+
- Libxml:
76+
. Fixed bug GHSA-3qrf-m4j2-pcrr (Security issue with external entity loading
77+
in XML without enabling it). (CVE-2023-3823) (nielsdos, ilutov)
78+
7579
- MBString:
7680
. Fix GH-11300 (license issue: restricted unicode license headers).
7781
(nielsdos)
@@ -100,6 +104,8 @@ PHP NEWS
100104

101105
- Phar:
102106
. Add missing check on EVP_VerifyUpdate() in phar util. (nielsdos)
107+
. Fixed bug GHSA-jqcx-ccgc-xwhv (Buffer mismanagement in phar_dir_read()).
108+
(CVE-2023-3824) (nielsdos)
103109

104110
- PHPDBG:
105111
. Fixed bug GH-9669 (phpdbg -h options doesn't list the -z option). (adsr)

ext/dom/tests/libxml_global_state_entity_loader_bypass.phpt

+1
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ GHSA-3qrf-m4j2-pcrr (libxml global state entity loader bypass)
55
if (!extension_loaded('libxml')) die('skip libxml extension not available');
66
if (!extension_loaded('dom')) die('skip dom extension not available');
77
if (!extension_loaded('zend-test')) die('skip zend-test extension not available');
8+
if (!function_exists('zend_test_override_libxml_global_state')) die('skip not for Windows');
89
?>
910
--FILE--
1011
<?php

ext/simplexml/tests/libxml_global_state_entity_loader_bypass.phpt

+1
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ GHSA-3qrf-m4j2-pcrr (libxml global state entity loader bypass)
55
if (!extension_loaded('libxml')) die('skip libxml extension not available');
66
if (!extension_loaded('simplexml')) die('skip simplexml extension not available');
77
if (!extension_loaded('zend-test')) die('skip zend-test extension not available');
8+
if (!function_exists('zend_test_override_libxml_global_state')) die('skip not for Windows');
89
?>
910
--FILE--
1011
<?php

ext/xmlreader/tests/libxml_global_state_entity_loader_bypass.phpt

+1
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ GHSA-3qrf-m4j2-pcrr (libxml global state entity loader bypass)
55
if (!extension_loaded('libxml')) die('skip libxml extension not available');
66
if (!extension_loaded('xmlreader')) die('skip xmlreader extension not available');
77
if (!extension_loaded('zend-test')) die('skip zend-test extension not available');
8+
if (!function_exists('zend_test_override_libxml_global_state')) die('skip not for Windows');
89
?>
910
--FILE--
1011
<?php

ext/zend_test/test.c

+3-1
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@
3131
#include "Zend/Optimizer/zend_optimizer.h"
3232
#include "test_arginfo.h"
3333

34-
#ifdef HAVE_LIBXML
34+
#if defined(HAVE_LIBXML) && !defined(PHP_WIN32)
3535
# include <libxml/globals.h>
3636
# include <libxml/parser.h>
3737
#endif
@@ -271,6 +271,7 @@ static ZEND_FUNCTION(zend_get_current_func_name)
271271
RETURN_STR(function_name);
272272
}
273273

274+
#if defined(HAVE_LIBXML) && !defined(PHP_WIN32)
274275
static ZEND_FUNCTION(zend_test_override_libxml_global_state)
275276
{
276277
ZEND_PARSE_PARAMETERS_NONE();
@@ -282,6 +283,7 @@ static ZEND_FUNCTION(zend_test_override_libxml_global_state)
282283
(void) xmlLineNumbersDefault(1);
283284
(void) xmlKeepBlanksDefault(0);
284285
}
286+
#endif
285287

286288
/* TESTS Z_PARAM_ITERABLE and Z_PARAM_ITERABLE_OR_NULL */
287289
static ZEND_FUNCTION(zend_iterable)

ext/zend_test/test.stub.php

+1-1
Original file line numberDiff line numberDiff line change
@@ -122,7 +122,7 @@ function zend_get_map_ptr_last(): int {}
122122

123123
function zend_test_crash(?string $message = null): void {}
124124

125-
#ifdef HAVE_LIBXML
125+
#if defined(HAVE_LIBXML) && !defined(PHP_WIN32)
126126
function zend_test_override_libxml_global_state(): void {}
127127
#endif
128128
}

ext/zend_test/test_arginfo.h

+3-3
Original file line numberDiff line numberDiff line change
@@ -86,7 +86,7 @@ ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_zend_test_crash, 0, 0, IS_VOID,
8686
ZEND_ARG_TYPE_INFO_WITH_DEFAULT_VALUE(0, message, IS_STRING, 1, "null")
8787
ZEND_END_ARG_INFO()
8888

89-
#if defined(HAVE_LIBXML)
89+
#if defined(HAVE_LIBXML) && !defined(PHP_WIN32)
9090
ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_zend_test_override_libxml_global_state, 0, 0, IS_VOID, 0)
9191
ZEND_END_ARG_INFO()
9292
#endif
@@ -153,7 +153,7 @@ static ZEND_FUNCTION(zend_get_current_func_name);
153153
static ZEND_FUNCTION(zend_call_method);
154154
static ZEND_FUNCTION(zend_get_map_ptr_last);
155155
static ZEND_FUNCTION(zend_test_crash);
156-
#if defined(HAVE_LIBXML)
156+
#if defined(HAVE_LIBXML) && !defined(PHP_WIN32)
157157
static ZEND_FUNCTION(zend_test_override_libxml_global_state);
158158
#endif
159159
static ZEND_FUNCTION(namespaced_func);
@@ -196,7 +196,7 @@ static const zend_function_entry ext_functions[] = {
196196
ZEND_FE(zend_call_method, arginfo_zend_call_method)
197197
ZEND_FE(zend_get_map_ptr_last, arginfo_zend_get_map_ptr_last)
198198
ZEND_FE(zend_test_crash, arginfo_zend_test_crash)
199-
#if defined(HAVE_LIBXML)
199+
#if defined(HAVE_LIBXML) && !defined(PHP_WIN32)
200200
ZEND_FE(zend_test_override_libxml_global_state, arginfo_zend_test_override_libxml_global_state)
201201
#endif
202202
ZEND_NS_FE("ZendTestNS2\\ZendSubNS", namespaced_func, arginfo_ZendTestNS2_ZendSubNS_namespaced_func)

0 commit comments

Comments
 (0)