Merge branch 'upstream/PHP-7.4'

Author: theodorejb

NEWS

@@ -8,6 +8,7 @@ PHP                                                                        NEWS
     (Nikita)
   . Fixed bug #78066 (PHP eats the first byte of a program that comes from
     process substitution). (Nikita)
+  . Fixed bug #52752 (Crash when lexing). (Nikita)
 
 - Libxml:
   . Fixed bug #78279 (libxml_disable_entity_loader settings is shared between

UPGRADING

@@ -34,6 +34,10 @@ PHP 7.4 UPGRADE NOTES
   . Passing the result of a (non-reference) list() assignment by reference is
     consistently disallowed now. Previously this worked if the right hand side
     was a simple (CV) variable and did not occur as part of the list().
+  . `<?php` at the end of the file (without trailing newline) will now be
+    interpreted as an opening PHP tag. Previously it was interpreted either as
+    `<? php` and resulted in a syntax error (with short_open_tag=1) or was
+    interpreted as a literal `<?php` string (with short_open_tag=0).
 
 - BCMath:
   . BCMath functions will now warn if a non well-formed number is passed, such

UPGRADING.INTERNALS

@@ -289,7 +289,9 @@ PHP 7.4 INTERNALS UPGRADE NOTES
     - Removed unused check for dev/arandom and the HAVE_DEV_ARANDOM symbol.
     - Remove unused functions checks: HAVE_MBSINIT, HAVE_MEMPCPY, HAVE_SETPGID,
       HAVE_STRPNCPY, HAVE_STRTOULL, HAVE_VSNPRINTF, HAVE_CUSERID, HAVE_LRAND48,
-      HAVE_RANDOM, HAVE_SRAND48, HAVE_SRANDOM, HAVE_STRDUP.
+      HAVE_RANDOM, HAVE_SRAND48, HAVE_SRANDOM, HAVE_STRDUP, HAVE_GCVT,
+      HAVE_ISASCII, HAVE_LINK, HAVE_LOCKF, HAVE_SOCKOPT, HAVE_SETVBUF, HAVE_SIN,
+      HAVE_TEMPNAM.
     - Unused check for struct cmsghdr and symbol HAVE_CMSGHDR have been removed.
     - Unused ApplicationServices/ApplicationServices.h headers check and
       HAVE_APPLICATIONSERVICES_APPLICATIONSERVICES_H symbol have been removed.
@@ -301,6 +303,7 @@ PHP 7.4 INTERNALS UPGRADE NOTES
   c. Windows build system changes
 
     . Visual Studio 2019 is utilized for the Windows builds
+    . Removed unused defined symbol HAVE_LIBBIND.
 
 ========================
 3. Module changes

Zend/Zend.m4

@@ -306,10 +306,8 @@ AC_ARG_ENABLE([zend-signals],
   [ZEND_SIGNALS=$enableval],
   [ZEND_SIGNALS=yes])
 
-AC_CHECK_FUNC(sigaction, [
-	AC_DEFINE(HAVE_SIGACTION, 1, [Whether sigaction() is available])
-], [
-	ZEND_SIGNALS=no
+AC_CHECK_FUNCS([sigaction], [], [
+  ZEND_SIGNALS=no
 ])
 if test "$ZEND_SIGNALS" = "yes"; then
 	AC_DEFINE(ZEND_SIGNALS, 1, [Use zend signal handling])

Zend/tests/php_tag_only.inc

@@ -0,0 +1 @@
+<?php

Zend/tests/php_tag_only.phpt

@@ -0,0 +1,5 @@
+--TEST--
+File with just a <?php tag should be valid
+--FILE_EXTERNAL--
+php_tag_only.inc
+--EXPECT--

Zend/zend_execute.c

@@ -364,16 +364,6 @@ static zend_always_inline zval *_get_zval_ptr_cv_deref_BP_VAR_R(uint32_t var EXE
 	return ret;
 }
 
-static zend_always_inline zval *_get_zval_ptr_cv_BP_VAR_UNSET(uint32_t var EXECUTE_DATA_DC)
-{
-	zval *ret = EX_VAR(var);
-
-	if (UNEXPECTED(Z_TYPE_P(ret) == IS_UNDEF)) {
-		return zval_undefined_cv(var EXECUTE_DATA_CC);
-	}
-	return ret;
-}
-
 static zend_always_inline zval *_get_zval_ptr_cv_BP_VAR_IS(uint32_t var EXECUTE_DATA_DC)
 {
 	zval *ret = EX_VAR(var);
@@ -1323,11 +1313,14 @@ static zend_always_inline int zend_binary_op(zval *ret, zval *op1, zval *op2 OPL
 	return zend_binary_ops[opcode - ZEND_ADD](ret, op1, op2);
 }
 
-static zend_never_inline void zend_binary_assign_op_obj_dim(zval *object, zval *property, zval *value OPLINE_DC EXECUTE_DATA_DC)
+static zend_never_inline void zend_binary_assign_op_obj_dim(zval *object, zval *property OPLINE_DC EXECUTE_DATA_DC)
 {
+	zend_free_op free_op_data1;
+	zval *value;
 	zval *z;
 	zval rv, res;
 
+	value = get_op_data_zval_ptr_r((opline+1)->op1_type, (opline+1)->op1, &free_op_data1);
 	if ((z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_R, &rv)) != NULL) {
 
 		if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get) {
@@ -1355,6 +1348,7 @@ static zend_never_inline void zend_binary_assign_op_obj_dim(zval *object, zval *
 			ZVAL_NULL(EX_VAR(opline->result.var));
 		}
 	}
+	FREE_OP(free_op_data1);
 }
 
 static zend_never_inline void zend_binary_assign_op_typed_ref(zend_reference *ref, zval *value OPLINE_DC EXECUTE_DATA_DC)
@@ -2015,6 +2009,24 @@ static zend_never_inline ZEND_COLD void ZEND_FASTCALL zend_use_new_element_for_s
 	zend_throw_error(NULL, "[] operator not supported for strings");
 }
 
+static ZEND_COLD void zend_binary_assign_op_dim_slow(zval *container, zval *dim OPLINE_DC EXECUTE_DATA_DC)
+{
+	zend_free_op free_op_data1;
+
+	if (UNEXPECTED(Z_TYPE_P(container) == IS_STRING)) {
+		if (opline->op2_type == IS_UNUSED) {
+			zend_use_new_element_for_string();
+		} else {
+			zend_check_string_offset(dim, BP_VAR_RW EXECUTE_DATA_CC);
+			zend_wrong_string_offset(EXECUTE_DATA_C);
+		}
+	} else if (EXPECTED(!Z_ISERROR_P(container))) {
+		zend_use_scalar_as_array();
+	}
+	get_op_data_zval_ptr_r((opline+1)->op1_type, (opline+1)->op1, &free_op_data1);
+	FREE_OP(free_op_data1);
+}
+
 static zend_never_inline zend_uchar slow_index_convert(const zval *dim, zend_value *value EXECUTE_DATA_DC)
 {
 	switch (Z_TYPE_P(dim)) {
@@ -2739,6 +2751,12 @@ static zend_always_inline void zend_fetch_property_address(zval *result, zval *c
 				break;
 			}
 
+			if (container_op_type == IS_CV
+			 && type != BP_VAR_W
+			 && UNEXPECTED(Z_TYPE_P(container) == IS_UNDEF)) {
+				container = ZVAL_UNDEFINED_OP1();
+			}
+
 			/* this should modify object only if it's empty */
 			if (type == BP_VAR_UNSET) {
 				return;

Zend/zend_language_scanner.l

@@ -292,9 +292,6 @@ ZEND_API void zend_destroy_file_handle(zend_file_handle *file_handle)
 	zend_llist_del_element(&CG(open_files), file_handle, (int (*)(void *, void *)) zend_compare_file_handles);
 	/* zend_file_handle_dtor() operates on the copy, so we have to NULLify the original here */
 	file_handle->opened_path = NULL;
-	if (file_handle->free_filename) {
-		file_handle->filename = NULL;
-	}
 }
 
 ZEND_API void zend_lex_tstring(zval *zv)
@@ -659,11 +656,7 @@ zend_op_array *compile_filename(int type, zval *filename)
 		ZVAL_STR(&tmp, zval_get_string(filename));
 		filename = &tmp;
 	}
-	file_handle.filename = Z_STRVAL_P(filename);
-	file_handle.free_filename = 0;
-	file_handle.type = ZEND_HANDLE_FILENAME;
-	file_handle.opened_path = NULL;
-	file_handle.handle.fp = NULL;
+	zend_stream_init_filename(&file_handle, Z_STRVAL_P(filename));
 
 	retval = zend_compile_file(&file_handle, type);
 	if (retval && file_handle.handle.stream.handle) {
@@ -789,10 +782,7 @@ int highlight_file(char *filename, zend_syntax_highlighter_ini *syntax_highlight
 	zend_lex_state original_lex_state;
 	zend_file_handle file_handle;
 
-	file_handle.type = ZEND_HANDLE_FILENAME;
-	file_handle.filename = filename;
-	file_handle.free_filename = 0;
-	file_handle.opened_path = NULL;
+	zend_stream_init_filename(&file_handle, filename);
 	zend_save_lexical_state(&original_lex_state);
 	if (open_file_for_scanning(&file_handle)==FAILURE) {
 		zend_message_dispatcher(ZMSG_FAILED_HIGHLIGHT_FOPEN, filename);
@@ -2031,6 +2021,20 @@ string:
 	RETURN_OR_SKIP_TOKEN(T_OPEN_TAG);
 }
 
+<INITIAL>"<?php" {
+	/* Allow <?php followed by end of file. */
+	if (YYCURSOR == YYLIMIT) {
+		BEGIN(ST_IN_SCRIPTING);
+		RETURN_OR_SKIP_TOKEN(T_OPEN_TAG);
+	}
+	/* Degenerate case: <?phpX is interpreted as <? phpX with short tags. */
+	if (CG(short_tags)) {
+		yyless(2);
+		BEGIN(ST_IN_SCRIPTING);
+		RETURN_OR_SKIP_TOKEN(T_OPEN_TAG);
+	}
+	goto inline_char_handler;
+}
 
 <INITIAL>"<?" {
 	if (CG(short_tags)) {