Commit 0fbd1043daa for php.net
commit 0fbd1043daaaf59e1bc27e9bfdd6210c2afe7173
Merge: 923814caf1a f3c50bfb1bc
Author: Ilija Tovilo <ilija.tovilo@me.com>
Date: Wed Jul 15 20:40:15 2026 +0200
Merge branch 'PHP-8.3' into PHP-8.4
* PHP-8.3:
Fix leak on double DatePeriod::__construct() call
diff --cc NEWS
index 96bd6d1e922,03a3f4f89f7..8a94a173afd
--- a/NEWS
+++ b/NEWS
@@@ -1,174 -1,15 +1,176 @@@
PHP NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
-?? ??? ????, PHP 8.3.33
+?? ??? ????, PHP 8.4.24
+ - Date:
+ . Fixed leak on double DatePeriod::__construct() call. (ilutov)
-02 Jul 2026, PHP 8.3.32
+30 Jul 2026, PHP 8.4.24
+
+- Calendar:
+ . Fixed bug GH-22602 (gregoriantojd() and juliantojd() integer overflow with
+ INT_MAX year). (arshidkv12)
+
+- Date:
+ . Update timelib to 2022.17. (Derick)
+ . Fixed bug GH-19803 (Parsing a string with a single white space does create
+ an error). (Derick)
+ . Fixed Unix timestamps in February of the year 0 are misparsed with
+ @-notation. (LukasGelbmann)
+ . Fixed bug GH-11310 (__debugInfo does nothing on userland classes extending
+ Date classes). (Derick)
+
+- DBA:
+ . Fixed OOB read on malformed length field in dba flatfile handler. (alhudz)
+
+- DOM:
+ . Fixed bug GH-22570 (Stack overflow when serializing a deeply nested
+ Dom\XMLDocument). (iliaal)
+
+- Exif:
+ . Fixed bug GH-11020 (exif_read_data() emits a spurious "Illegal IFD size"
+ warning when an IFD is not followed by a next-IFD offset). (Eyüp Can Akman)
+
+- Hash:
+ . Fixed bug GH-18173 (ext/hash relies on implementation-defined malloc
+ alignment). (iliaal)
+
+- Intl:
+ . Fixed Locale::lookup() and locale_lookup() to return NULL instead of the
+ fallback locale when a language tag cannot be canonicalized. (Weilin Du)
+ . Fixed memory leaks when calling Collator::__construct() or
+ Spoofchecker::__construct() twice. (Weilin Du)
+ . Fixed IntlChar methods leaving stale global error state after successful
+ calls. (Xuyang Zhang)
+
+- ODBC:
+ . Fixed bug GH-22668 (Heap buffer over-read when a column value exceeds the
+ driver-reported display size). (iliaal)
+
+- OpenSSL:
+ . Fixed timeout for supplemental read at end of a blocking stream in SSL
+ stream wrapper. (ilutov)
+
+- PDO_ODBC:
+ . Fixed bug GH-20726 (Crash with ODBC connection pooling when the DSN
+ carries no credentials). (iliaal)
+ . Fixed bug GH-22667 (Heap buffer over-read when a column value exceeds the
+ driver-reported display size). (iliaal)
+ . Fixed bug GH-22666 (Heap buffer overflow when an output parameter value is
+ longer than the declared maxlen). (iliaal)
+ . Fixed bug GH-22665 (Out-of-bounds write when the ODBC driver reports a
+ diagnostic message length beyond the error buffer). (iliaal)
+
+- Phar:
+ . Fixed inconsistent handling of the magic ".phar" directory. Paths such as
+ "/.phar" remain protected, while non-magic paths that merely start with
+ ".phar" are handled consistently across file and directory creation,
+ copying, ArrayAccess, stream lookup, directory iteration and extraction.
+ (Weilin Du)
+
+- PHPDBG:
+ . Fixed bug GH-17387 (Trivial crash in phpdbg lexer). (iliaal)
+ . Fixed fleaked lowercased lookup keys in phpdbg_resolve_opline_break.
+ (jorgsowa)
+ . Fixed off-by-one in phpdbg_safe_class_lookup() causing class lookups to
+ always fail during phpdbg's signal-safe interruption path. (jorgsowa)
+
+- Reflection:
+ . Fixed bug GH-22324 (Ignore leading namespace separator in
+ ReflectionParameter::__construct()). (jorgsowa)
+ . Fixed bug GH-22441 (ReflectionClass::hasProperty() and getProperty() ignore
+ dynamic properties shadowing a private parent property). (iliaal)
+ . Fixed bug GH-22658 (ReflectionConstant::__toString() with a string value
+ with null bytes truncates output). (DanielEScherzer)
+ . Fixed bug GH-22681 (Reflection*::__toString() truncates on null bytes).
+ (DanielEScherzer)
+
+- Session:
+ . Fixed bug GH-21314 (Different session garbage collector behavior between
+ PHP 8.3 and PHP 8.5). (jorgsowa)
+
+- SPL:
+ . Fix class_parents for classes with leading slash in non-autoload mode.
+ (jorgsowa)
+ . Ignore leading back-slash in class_parents(), class_implements(), and
+ class_uses(). (jorgsowa)
+ . Fixed bug GH-16217 (SplFileObject::fputcsv() on an uninitialized object
+ segfaults). (iliaal)
+
+- Standard:
+ . Fixed bug GH-22360 (convert.base64-encode corruption on
+ incremental flush). (David Carlier)
+ . Fixed bug GH-22395 (base_convert() outputs at most 64 characters).
+ (Weilin Du)
+ . Fixed integer overflow in getimagesize() and getimagesizefromstring()
+ when parsing an IFF chunk with a size of INT_MAX. (David Carlier, Weilin Du)
+ . Fixed bug GH-22678 (Use-after-free in array_multisort() when the comparator
+ mutates the array being sorted). (azchin, iliaal)
- Streams:
- . Fixed bug GH-21468 (Segfault in file_get_contents w/ a https URL
- and a proxy set). (CVE-2026-12184) (ndossche)
+ . Fixed bug GH-22617 (persistent stream keys truncated at null bytes, causing
+ distinct abstract unix domain sockets to share a resource). (David Carlier)
+
+- Zip:
+ . Fixed bug GH-22649 (ZipArchive::setCommentName() and setCommentIndex()
+ could crash after overwriting an entry and resetting its inherited
+ unchanged comment). (Weilin Du)
+ . Fixed bug GH-21705 (ZipArchive::getFromIndex() ignores
+ ZipArchive::FL_UNCHANGED for deleted entries). (Weilin Du)
+
+02 Jul 2026, PHP 8.4.23
+
+- Core:
+ . Fixed bug GH-22280 (Incorrect compile error for goto to label preceding
+ try/finally block). (Pratik Bhujel)
+ . Fixed bug GH-22290 (AST pretty printing does not correctly handle strings
+ containing NUL). (iliaal)
+
+- BCMath:
+ . Fixed issues with oversized allocations and signed overflow in bcround()
+ and BcMath\Number::round(). (edorian)
+
+- Date:
+ . Fix incorrect recurrence check of DatePeriod::createFromISO8601String().
+ (ndossche)
+
+- DOM:
+ . Fix GH-22219 (Dom\XMLDocument::schemaValidate fails to resolve
+ xs:QName with prefix from imported schema). (David Carlier)
+
+- Exif:
+ . Read correct value for single and double tags. (ndossche)
+
+- GD:
+ . Fixed bug GH-22121 (Double free in gdImageSetStyle() after
+ overflow-triggered early return). (iliaal)
+ . Fixed bug GH-19666 (imageconvolution() unexpected nan filter value).
+ (David Carlier)
+ . Fixed bug GH-19739 (imageellipse/imagefilledellipse overflow).
+ (David Carlier)
+ . Fixed bug GH-19730 (imageaffine overflow).
+ (David Carlier)
+
+- Intl:
+ . Fix incorrect argument positions for uninitialized calendar arguments in
+ IntlCalendar::equals(), ::before(), ::after(), and ::isEquivalentTo(), and
+ for invalid start/end arguments in transliterator_transliterate().
+ (Weilin Du)
+ . Fixed IntlTimeZone::getDisplayName() to synchronize object error state
+ for invalid display types. (Weilin Du)
+ . Fixed Spoofchecker restriction-level APIs to only be exposed with ICU 53
+ and later. (Graham Campbell)
+
+- mysqli:
+ . Fix stmt->query leak in mysqli_execute_query() validation errors.
+ (David Carlier)
+
+- Opcache:
+ . Fixed bug GH-20469 (Unsafe inheritance cache replay with reentrant
+ autoloading). (Levi Morrison)
+ . Fixed bug GH-22158 (Tracing JIT dispatches the observer begin handler
+ through the wrong run_time_cache slot on megamorphic calls). (ptondereau,
+ iliaal)
- OpenSSL:
. Fixed bug GH-22187 (Memory corruption (zend_mm_heap corrupted) in
diff --cc ext/date/php_date.c
index e16a61035c5,a74317bd95c..6773fa939e6
--- a/ext/date/php_date.c
+++ b/ext/date/php_date.c
@@@ -5247,15 -5018,9 +5264,15 @@@ PHP_METHOD(DatePeriod, __construct
}
dpobj = Z_PHPPERIOD_P(ZEND_THIS);
- dpobj->current = NULL;
+ date_period_reset(dpobj);
if (isostr) {
+ zend_error(E_DEPRECATED, "Calling DatePeriod::__construct(string $isostr, int $options = 0) is deprecated, "
+ "use DatePeriod::createFromISO8601String() instead");
+ if (UNEXPECTED(EG(exception))) {
+ RETURN_THROWS();
+ }
+
if (!date_period_init_iso8601_string(dpobj, date_ce_date, isostr, isostr_len, options, &recurrences)) {
RETURN_THROWS();
}