Software 42763 Published by

Jakub Zelenka has announced the release of PHP 8.3.0's first alpha version.



php-8.3.0alpha1

- CLI:
. Added pdeathsig to builtin server to terminate workers when the master process is killed. (ilutov)
. Fixed bug GH-11104 (STDIN/STDOUT/STDERR is not available for CLI without a script). (nielsdos)

- Core:
. Fixed bug GH-9388 (Improve unset property and __get type incompatibility error message). (ilutov)
. SA_ONSTACK is now set for signal handlers to be friendlier to other in-process code such as Go's cgo. (Kévin Dunglas)
. SA_ONSTACK is now set when signals are disabled. (Kévin Dunglas)
. Fix GH-9649: Signal handlers now do a no-op instead of crashing when executed on threads not managed by TSRM. (Kévin Dunglas)
. Fixed potential NULL pointer dereference Windows shm*() functions. (cmb)
. Added shadow stack support for fibers. (Chen Hu)
. Fix bug GH-9965 (Fix accidental caching of default arguments with side effects). (ilutov)
. Implement GH-10217 (Use strlen() for determining the class_name length). (Dennis Buteyn)
. Fix bug GH-8821 (Improve line numbers for errors in constant expressions). (ilutov)
. Fix bug GH-10083 (Allow comments between & and parameter). (ilutov)
. Zend Max Execution Timers is now enabled by default for ZTS builds on Linux. (Kévin Dunglas)
. Fix bug GH-10469 (Disallow .. in open_basedir paths set at runtime). (ilutov)
. Fix bug GH-10168, GH-10582 (Various segfaults with destructors and VM return values). (dstogov, nielsdos, ilutov)
. Fix bug GH-10935 (Use of trait doesn't redeclare static property if class has inherited it from its parent). (ilutov)
. Fix bug GH-11154 (Negative indices on empty array don't affect next chosen index). (ColinHDev)
. Fix bug GH-8846 (Implement delayed early binding for classes without parents). (ilutov)
. Fix bug #79836 (Segfault in concat_function). (nielsdos)
. Fix bug #81705 (type confusion/UAF on set_error_handler with concat operation). (nielsdos)
. Fix GH-11348 (Closure created from magic method does not accept named arguments). (nielsdos)

- Date:
. Implement More Appropriate Date/Time Exceptions RFC. (Derick)

- DOM:
. Fix bug GH-8388 (DOMAttr unescapes character reference). (Tim Starling)
. Fix bug GH-11308 (getElementsByTagName() is O(N^2)). (nielsdos)

- Exif:
. Removed unneeded codepaths in exif_process_TIFF_in_JPEG(). (nielsdos)

- Fileinfo:
. Upgrade bundled libmagic to 5.43. (Anatol)

- FPM:
. The status.listen shared pool now uses the same php_values (including expose_php) and php_admin_value as the pool it is shared with. (dwxh)

- GD:
. Fixed bug #81739: OOB read due to insufficient input validation in imageloadfont(). (CVE-2022-31630) (cmb)

- Hash:
. Fixed bug #81738: buffer overflow in hash_update() on long parameter. (CVE-2022-37454) (nicky at mouha dot be)

- Intl:
. Added pattern format error infos for numfmt_set_pattern. (David Carlier)
. Added MIXED_NUMBERS and HIDDEN_OVERLAY constants for the Spoofchecker's class. (David Carlier)
. Updated datefmt_set_timezone/IntlDateformatter::setTimezone returns type. (David Carlier).
. Updated IntlBreakInterator::setText return type. (David Carlier)
. Updated IntlChar::enumCharNames return type. (David Carlier)

- JSON:
. Added json_validate(). (Juan Morales)

- MBString:
. mb_detect_encoding is better able to identify the correct encoding for Turkish text. (Alex Dowad)
. mb_detect_encoding's "non-strict" mode now behaves as described in the documentation. Previously, it would return false if the same byte (for example, the first byte) of the input string was invalid in all candidate encodings. More generally, it would eliminate candidate encodings from consideration when an invalid byte was seen, and if the same input byte eliminated all remaining encodings still under consideration, it would return false. On the other hand, if all candidate encodings but one were eliminated from consideration, it would return the last remaining one without regard for how many encoding errors might be encountered later in the string. This is different from the behavior described in the documentation, which says: "If strict is set to false, the closest matching encoding will be returned." (Alex Dowad)
. mb_strtolower, mb_strtotitle, and mb_convert_case implement conditional casing rules for the Greek letter sigma. For mb_convert_case, conditional casing only applies to MB_CASE_LOWER and MB_CASE_TITLE modes, not to MB_CASE_LOWER_SIMPLE and MB_CASE_TITLE_SIMPLE. (Alex Dowad)
. mb_detect_encoding is better able to identify UTF-8 and UTF-16 strings with a byte-order mark. (Alex Dowad)
. mb_decode_mimeheader interprets underscores in QPrint-encoded MIME encoded words as required by RFC 2047; they are converted to spaces. Underscores must be encoded as "=5F" in such MIME encoded words. (Alex Dowad)
. mb_encode_mimeheader no longer drops NUL (zero) bytes when QPrint-encoding the input string. This previously caused strings in certain text encodings, especially UTF-16 and UTF-32, to be corrupted by mb_encode_mimeheader. (Alex Dowad)

- mysqli:
. mysqli_fetch_object raises a ValueError instead of an Exception. (David Carlier)

- Opcache:
. Added start, restart and force restart time to opcache's phpinfo section. (Mikhail Galanin)
. Fix GH-9139: Allow FFI in opcache.preload when opcache.preload_user=root. (Arnaud, Kapitan Oczywisty)
. Made opcache.preload_user always optional in the cli and phpdbg SAPIs. (Arnaud)
. Allows W/X bits on page creation on FreeBSD despite system settings. (David Carlier)
. Added memfd api usage, on Linux, for zend_shared_alloc_create_lock() to create an abstract anonymous file for the opcache's lock. (Max Kellermann)

- OpenSSL:
. Added OPENSSL_CMS_OLDMIMETYPE and PKCS7_NOOLDMIMETYPE contants to switch between mime content types. (Daniel Kesselberg)
. Fixed GH-11054: Reset OpenSSL errors when using a PEM public key. (Florian Moser)

- PCNTL:
. SA_ONSTACK is now set for pcntl_signal. (Kévin Dunglas)
. Added SIGINFO constant. (David Carlier)

- PGSQL:
. pg_fetch_object raises a ValueError instead of an Exception. (David Carlier)
. Added GH-9344, pipeline mode support. (David Carlier)
. pg_cancel use thread safe PQcancel api instead. (David Carlier)
. pg_trace new PGSQL_TRACE_SUPPRESS_TIMESTAMPS/PGSQL_TRACE_REGRESS_MODE contants support. (David Carlier)
. pg_set_error_verbosity adding PGSQL_ERRORS_STATE constant. (David Carlier)
. pg_convert/pg_insert E_WARNING on type errors had been converted to ValueError/TypeError exceptions. (David Carlier)

- Phar:
. Fix memory leak in phar_rename_archive(). (stkeke)

- Posix:
. Added posix_sysconf. (David Carlier)
. Added posix_pathconf. (David Carlier)
. Added posix_fpathconf. (David Carlier)
. Fixed zend_parse_arg_long's bool pointer argument assignment. (Cristian Rodriguez)
. Added posix_eaccess. (David Carlier)

- Random:
. Added Randomizer::getBytesFromString(). (Joshua Rüsweg)
. Added Randomizer::nextFloat(), ::getFloat(), and IntervalBoundary. (timwolla)
. Fix GH-10292 (Made the default value of the first param of srand() and
mt_srand() nullable). (kocsismate)
. Enable getrandom() for NetBSD (from 10.x). (David Carlier)

- Reflection:
. Fix GH-9470 (ReflectionMethod constructor should not find private parent method). (ilutov)
. Fix GH-10259 (ReflectionClass::getStaticProperties doesn't need null return type). (kocsismate)
. Fix Segfault when using ReflectionFiber suspended by an internal function. (danog)

- SAPI:
. Fixed GH-11141 (Could not open input file: should be sent to stderr). (nielsdos)

- Sockets:
. Added SO_ATTACH_REUSEPORT_CBPF socket option, to give tighter control over socket binding for a cpu core. (David Carlier)
. Added SKF_AD_QUEUE for cbpf filters. (David Carlier)
. Added socket_atmark if send/recv needs using MSG_OOB. (David Carlier)
. Added TCP_QUICKACK constant, to give tigher control over ACK delays. (David Carlier)
. Added DONTFRAGMENT support for path MTU discovery purpose. (David Carlier)
. Added AF_DIVERT for raw socket for divert ports. (David Carlier)
. Added SOL_UPDLITE, UDPLITE_RECV_CSCOV and UDPLITE_SEND_CSCOV for updlite protocol support. (David Carlier)
. Added SO_RERROR, SO_ZEROIZE and SO_SPLICE netbsd and openbsd constants. (David Carlier)
. Added TCP_REPAIR for quietly close a connection. (David Carlier)
. Added SO_REUSEPORT_LB freebsd constant. (David Carlier)
. Added IP_BIND_ADDRESS_NO_PORT. (David Carlier)

- Standard:
. E_NOTICEs emitted by unserialize() have been promoted to E_WARNING. (timwolla)
. unserialize() now emits a new E_WARNING if the input contains unconsumed bytes. (timwolla)
. Make array_pad's $length warning less confusing. (nielsdos)
. E_WARNING emitted by strtok in the caase both arguments are not provided when starting tokenisation. (David Carlier)
. password_hash() will now chain the original RandomException to the ValueError on salt generation failure. (timwolla)
. Fix GH-10239 (proc_close after proc_get_status always returns -1). (nielsdos) . Improve the warning message for unpack() in case not enough values were
provided. (nielsdos)
. Fix GH-11010 (parse_ini_string() now preserves formatting of unquoted strings starting with numbers when the INI_SCANNER_TYPED flag is specified). (ilutov)
. Fix GH-10742 (http_response_code emits no error when headers were already sent). (NattyNarwhal)

- Streams:
. Fixed bug #51056: blocking fread() will block even if data is available. (Jakub Zelenka)
. Added storing of the original path used to open xport stream. (Luc Vieillescazes)

- XSLTProcessor:
. Fixed bug #69168 (DomNode::getNodePath() returns invalid path). (nielsdos)



Release php-8.3.0alpha1 · php/php-src