Community changes

PHP version 8.4.4 changes

• Core

  • Fixed bug GH-17234: Numeric parent hook call fails with assertion
  • Fixed bug GH-16892: ini_parse_quantity() fails to parse inputs starting with 0x0b
  • Fixed bug GH-16886: ini_parse_quantity() fails to emit warning for 0x+0
  • Fixed bug GH-17222: __PROPERTY__ magic constant does not work in all constant expression contexts
  • Fixed bug GH-17214: Relax final+private warning for trait methods with inherited final
  • Fixed NULL arithmetic during system program execution on Windows
  • Fixed potential OOB when checking for trailing spaces on Windows
  • Fixed bug GH-17408: Assertion failure Zend/zend_exceptions.c
  • Fix may_have_extra_named_args flag for ZEND_AST_UNPACK
  • Fix NULL arithmetic in System V shared memory emulation for Windows
  • Fixed bug GH-17597: #[\Deprecated] does not work for __call() and __callStatic()

• DOM

  • Fixed bug GH-17397: Assertion failure ext/dom/php_dom.c
  • Fixed bug GH-17486: Incorrect error line numbers reported in Dom\HTMLDocument::createFromString
  • Fixed bug GH-17481: UTF-8 corruption in Dom\HTMLDocument
  • Fixed bug GH-17500: Segfault with requesting nodeName on nameless doctype
  • Fixed bug GH-17485: Self-closing tag on void elements shouldn't be a parse error/warning in Dom\HTMLDocument
  • Fixed bug GH-17572: getElementsByTagName returns collections with tagName-based indexing

• Enchant

  • Fix crashes in enchant when passing null bytes

• FTP

  • Fixed bug GH-16800: ftp functions can abort with EINTR

• GD

  • Fixed bug GH-17349: Tiled truecolor filling loses single color transparency
  • Fixed bug GH-17373: imagefttext() ignores clipping rect for palette images
  • Ported fix for libgd 223: gdImageRotateGeneric() does not properly interpolate
  • Added support for reading GIFs without colormap to bundled libgd

• Gettext

  • Fixed bug GH-17400: bindtextdomain SEGV on invalid domain

• Intl

  • Fixed bug GH-11874: intl causing segfault in docker images

• Opcache

  • Fixed bug GH-15981: Segfault with frameless jumps and minimal JIT
  • Fixed bug GH-17307: Internal closure causes JIT failure
  • Fixed bug GH-17428: Assertion failure ext/opcache/jit/zend_jit_ir.c:8940
  • Fixed bug GH-17564: Potential UB when reading from/writing to struct padding

• PCNTL

  • Fixed pcntl_setcpuaffinity exception type from ValueError to TypeError for the cpu mask argument with entries type different than int/string

• PCRE

  • Fixed bug GH-17122: memory leak in regex

• PDO

  • Fixed a memory leak when the GC is used to free a PDOStatement
  • Fixed a crash in the PDO Firebird Statement destructor
  • Fixed UAFs when changing default fetch class ctor args

• PgSql

  • Fixed build failure when the constant PGRES_TUPLES_CHUNK is not present in the system

• Phar

  • Fixed bug GH-17518: offset overflow phar extractTo()

• PHPDBG

  • Fix crashes in function registration + test

• Session

  • Fix type confusion with session SID constant
  • Fixed bug GH-17541: ext/session NULL pointer dereferencement during ID reset

• SimpleXML

  • Fixed bug GH-17409: Assertion failure Zend/zend_hash.c:1730

• SNMP

  • Fixed bug GH-17330: SNMP::setSecurity segfault on closed session

• SPL

  • Fixed bug GH-15833: Segmentation fault (access null pointer) in ext/spl/spl_array.c
  • Fixed bug GH-17516: SplFileTempObject::getPathInfo() Undefined behavior on invalid class

• Standard

  • Fixed bug GH-17447: Assertion failure when array popping a self-addressing variable

• Windows

  • Fixed clang compiler detection

• Zip

  • Fixed bug GH-17139: Fix zip_entry_name() crash on invalid entry

PHP version 8.3.17 changes

• Core

  • Fixed bug GH-16892: ini_parse_quantity() fails to parse inputs starting with 0x0b
  • Fixed bug GH-16886: ini_parse_quantity() fails to emit warning for 0x+0
  • Fixed bug GH-17214: Relax final+private warning for trait methods with inherited final
  • Fixed NULL arithmetic during system program execution on Windows
  • Fixed potential OOB when checking for trailing spaces on Windows
  • Fixed bug GH-17408: Assertion failure Zend/zend_exceptions.c
  • Fix may_have_extra_named_args flag for ZEND_AST_UNPACK
  • Fix NULL arithmetic in System V shared memory emulation for Windows

• DOM

  • Fixed bug GH-17500: Segfault with requesting nodeName on nameless doctype

• Enchant

  • Fix crashes in enchant when passing null bytes

• FTP

  • Fixed bug GH-16800: ftp functions can abort with EINTR

• GD

  • Fixed bug GH-17349: Tiled truecolor filling loses single color transparency
  • Fixed bug GH-17373: imagefttext() ignores clipping rect for palette images
  • Ported fix for libgd 223: gdImageRotateGeneric() does not properly interpolate

• Intl

  • Fixed bug GH-11874: intl causing segfault in docker images
  • Fixed bug GH-17469: UConverter::transcode always emit E_WARNING on invalid encoding

• Opcache

  • Fixed bug GH-17307: Internal closure causes JIT failure
  • Fixed bug GH-17564: Potential UB when reading from/writing to struct padding

• PDO

  • Fixed a memory leak when the GC is used to free a PDOStatement
  • Fixed a crash in the PDO Firebird Statement destructor
  • Fixed UAFs when changing default fetch class ctor args

• Phar

  • Fixed bug GH-17518: offset overflow phar extractTo()

• PHPDBG

  • Fix crashes in function registration + test

• Session

  • Fix type confusion with session SID constant
  • Fixed bug GH-17541: ext/session NULL pointer dereferencement during ID reset

• SimpleXML

  • Fixed bug GH-17409: Assertion failure Zend/zend_hash.c:1730

• SNMP

  • Fixed bug GH-17330: SNMP::setSecurity segfault on closed session

• SPL

  • Fixed bug GH-17463: crash on SplTempFileObject::ftruncate with negative value

• Zip

  • Fixed bug GH-17139: Fix zip_entry_name() crash on invalid entry

ZendPHP Changes

PHP version 8.0.30.5, 7.4.33.9, 7.3.33.15 and 7.2.34.23 changes

• OpenSSL
  • Fixed bug #79589: error:14095126:SSL routines:ssl3_read_n:unexpected eof while reading.

PHP version 7.3.33.14 and 7.2.34.22 changes

• OPcache
  • Fixed bug: Backport "Avoid UB in overflow checks"