Merge branch 'master' of https://git.php.net/repository/php-src

* 'master' of https://git.php.net/repository/php-src: (27 commits)
  final bits
  we need to use the full stream wrapper for filters
  let the libsqlite3 symbols be exported in dll
  NEWS/UPGRADING{,.INTERNALS} notes about temp POST stream
  Exclude bison 3.0 by Mike
  NEWS for added reserved ip addresses according to RFC 6598
  Add RFC 6598 IPs to reserved addresses
  upload2G note
  NEWS for #60577
  NEWS for bug #64441
  Fix bug #64441 (FILTER_VALIDATE_URL rejects fully qualified domain names)
  EmptyIterator now implements Countable; fixes bug 60577
  News for bugfix #64157
  Bug 64157 Changed error message to make sense
  remove unused code
  tests
  make reading php://input JIT if enable_post_data_reading=0
  revert stream cast
  fix ZTS build
  slim post data
  ...

Author: cjbj

NEWS

@@ -9,6 +9,11 @@ PHP                                                                        NEWS
   . Made calls from incompatible context issue an E_DEPRECATED warning instead
     of E_STRICT (phase 1 of RFC: https://wiki.php.net/rfc/incompat_ctx).
 	(Gustavo)
+  . Uploads equal or greater than 2GB in size are now accepted.
+    (Ralf Lang, Mike)
+  . Reduced POST data memory usage by 200-300%. Removed INI setting
+    always_populate_raw_post_data and the $HTTP_RAW_POST_DATA global
+    variable. (Mike)
 
 - cURL:
   . Implemented FR #65646 (re-enable CURLOPT_FOLLOWLOCATION with open_basedir

UPGRADING

@@ -20,11 +20,23 @@ PHP X.Y UPGRADE NOTES
 1. Backward Incompatible Changes
 ========================================
 
+- Core:
+  Removed $HTTP_RAW_POST_DATA global variable. Restore backwards compatibility 
+  by:
+  <?php
+  global $HTTP_RAW_POST_DATA;
+  if (!isset($HTTP_RAW_POST_DATA)) {
+      $HTTP_ROW_POST_DATA = file_get_contents("php://input");
+  }
+  ?>
 
 ========================================
 2. New Features
 ========================================
 
+- Core:
+  The php://input stream is now re-usable and can be used concurrently with 
+  enable_post_data_reading=0.
 
 ========================================
 2. Changes in SAPI modules
@@ -91,6 +103,8 @@ PHP X.Y UPGRADE NOTES
 10. Changes to INI File Handling
 ========================================
 
+- Core:
+  Removed always_populate_raw_post_data.
 
 ========================================
 11. Other Changes

UPGRADING.INTERNALS

@@ -5,6 +5,7 @@ UPGRADE NOTES - PHP X.Y
 1. Internal API changes
   a. Addition of do_operation and compare object handlers
   b. return_value_ptr now always available, RETVAL_ZVAL_FAST macros
+  c. POST data handling
 
 2. Build system changes
   a. Unix build system changes
@@ -57,6 +58,15 @@ UPGRADE NOTES - PHP X.Y
   The macros behave similarly to the non-FAST variants with copy=1 and
   dtor=0, but will try to return the zval without making a copy by utilizing
   return_value_ptr.
+  
+  c. POST data handling
+  
+  The sapi_request_info's members post_data, post_data_len and raw_post_data as 
+  well as raw_post_data_len have been replaced with a temp PHP stream 
+  request_body.
+  
+  The recommended way to access raw POST data is to open and use a php://input 
+  stream wrapper.  It is safe to be used concurrently and more than once. 
 
 ========================
 2. Build system changes

Zend/acinclude.m4

@@ -9,7 +9,7 @@ AC_DEFUN([LIBZEND_BISON_CHECK],[
   # non-working versions, e.g. "3.0 3.2";
   # remove "none" when introducing the first incompatible bison version an 
   # separate any following additions by spaces
-  bison_version_exclude="none"
+  bison_version_exclude="3.0"
 
   # for standalone build of Zend Engine
   test -z "$SED" && SED=sed

ext/date/lib/parse_date.c

@@ -25002,7 +25002,7 @@ timelib_time *timelib_parse_from_format(char *format, char *string, int len, tim
 					TIMELIB_CHECK_NUMBER;
 					sec = timelib_get_nr_ex((char **) &ptr, 2, &length);
 					if (sec == TIMELIB_UNSET || length != 2) {
-						add_pbf_error(s, "A two second minute could not be found", string, begin);
+						add_pbf_error(s, "A two digit second could not be found", string, begin);
 					} else {
 						s->time->s = sec;
 					}

ext/date/lib/parse_date.re

@@ -2009,7 +2009,7 @@ timelib_time *timelib_parse_from_format(char *format, char *string, int len, tim
 					TIMELIB_CHECK_NUMBER;
 					sec = timelib_get_nr_ex((char **) &ptr, 2, &length);
 					if (sec == TIMELIB_UNSET || length != 2) {
-						add_pbf_error(s, "A two second minute could not be found", string, begin);
+						add_pbf_error(s, "A two digit second could not be found", string, begin);
 					} else {
 						s->time->s = sec;
 					}

ext/date/tests/bug64157.phpt

@@ -0,0 +1,14 @@
+--TEST--
+Test for bug #64157: DateTime::createFromFormat() reports confusing error message
+--CREDITS--
+Boro Sitnikovski <[email protected]>
+--INI--
+date.timezone = UTC
+--FILE--
+<?php
+DateTime::createFromFormat('s', '0');
+$lastErrors = DateTime::getLastErrors();
+print_r($lastErrors['errors'][0]);
+?>
+--EXPECT--
+A two digit second could not be found

ext/filter/logical_filters.c

@@ -484,10 +484,6 @@ void php_filter_validate_url(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */
 			}
 			s++;
 		}
-
-		if (*(e - 1) == '.') {
-			goto bad_url;
-		}
 	}
 
 	if (
@@ -718,6 +714,7 @@ void php_filter_validate_ip(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */
 			if (flags & FILTER_FLAG_NO_RES_RANGE) {
 				if (
 					(ip[0] == 0) ||
+					(ip[0] == 100 && (ip[1] == 0 || ip[1] <= 127)) ||
 					(ip[0] == 128 && ip[1] == 0) ||
 					(ip[0] == 191 && ip[1] == 255) ||
 					(ip[0] == 169 && ip[1] == 254) ||

ext/filter/tests/018.phpt

@@ -15,6 +15,8 @@ var_dump(filter_var("192.168.0.1", FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE
 var_dump(filter_var("192.0.34.166", FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE));
 var_dump(filter_var("127.0.0.1", FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE));
 var_dump(filter_var("192.0.0.1", FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE));
+var_dump(filter_var("100.0.0.0", FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE));
+var_dump(filter_var("100.127.255.255", FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE));
 var_dump(filter_var("192.0.34.166", FILTER_VALIDATE_IP));
 var_dump(filter_var("256.1237.123.1", FILTER_VALIDATE_IP));
 var_dump(filter_var("255.255.255.255", FILTER_VALIDATE_IP));
@@ -40,6 +42,8 @@ bool(false)
 string(12) "192.0.34.166"
 bool(false)
 string(9) "192.0.0.1"
+bool(false)
+bool(false)
 string(12) "192.0.34.166"
 bool(false)
 string(15) "255.255.255.255"

ext/filter/tests/bug64441.phpt

@@ -0,0 +1,11 @@
+--TEST--
+bug 64441, FILTER_VALIDATE_URL will invalidate a hostname that ended by dot
+--SKIPIF--
+<?php if (!extension_loaded("filter")) die("skip"); ?>
+--FILE--
+<?php
+var_dump(filter_var('http://example.com./', FILTER_VALIDATE_URL));
+var_dump(filter_var('http://example.com/', FILTER_VALIDATE_URL));
+--EXPECT--
+string(20) "http://example.com./"
+string(19) "http://example.com/"

ext/mbstring/mb_gpc.c

@@ -364,6 +364,7 @@ SAPI_POST_HANDLER_FUNC(php_mb_post_handler)
 {
 	const mbfl_encoding *detected;
 	php_mb_encoding_handler_info_t info;
+	char *post_data_str = NULL;
 
 	MBSTRG(http_input_identify_post) = NULL;
 
@@ -376,7 +377,10 @@ SAPI_POST_HANDLER_FUNC(php_mb_post_handler)
 	info.num_from_encodings     = MBSTRG(http_input_list_size); 
 	info.from_language          = MBSTRG(language);
 
-	detected = _php_mb_encoding_handler_ex(&info, arg, SG(request_info).post_data TSRMLS_CC);
+	php_stream_rewind(SG(request_info).request_body);
+	php_stream_copy_to_mem(SG(request_info).request_body, &post_data_str, PHP_STREAM_COPY_ALL, 0);
+	detected = _php_mb_encoding_handler_ex(&info, arg, post_data_str TSRMLS_CC);
+	STR_FREE(post_data_str);
 
 	MBSTRG(http_input_identify) = detected;
 	if (detected) {

ext/soap/soap.c

@@ -1560,48 +1560,45 @@ PHP_METHOD(SoapServer, handle)
 	}
 
 	if (ZEND_NUM_ARGS() == 0) {
-		if (SG(request_info).raw_post_data) {
-			char *post_data = SG(request_info).raw_post_data;
-			int post_data_length = SG(request_info).raw_post_data_length;
+		if (SG(request_info).request_body && 0 == php_stream_rewind(SG(request_info).request_body)) {
 			zval **server_vars, **encoding;
+			php_stream_filter *zf = NULL;
 
 			zend_is_auto_global("_SERVER", sizeof("_SERVER")-1 TSRMLS_CC);
 			if (zend_hash_find(&EG(symbol_table), "_SERVER", sizeof("_SERVER"), (void **) &server_vars) == SUCCESS &&
 			    Z_TYPE_PP(server_vars) == IS_ARRAY &&
 			    zend_hash_find(Z_ARRVAL_PP(server_vars), "HTTP_CONTENT_ENCODING", sizeof("HTTP_CONTENT_ENCODING"), (void **) &encoding)==SUCCESS &&
 			    Z_TYPE_PP(encoding) == IS_STRING) {
-				zval func;
-				zval retval;
-				zval param;
-				zval *params[1];
-
-				if ((strcmp(Z_STRVAL_PP(encoding),"gzip") == 0 ||
-				     strcmp(Z_STRVAL_PP(encoding),"x-gzip") == 0) &&
-				    zend_hash_exists(EG(function_table), "gzinflate", sizeof("gzinflate"))) {
-					ZVAL_STRING(&func, "gzinflate", 0);
-					params[0] = &param;
-					ZVAL_STRINGL(params[0], post_data+10, post_data_length-10, 0);
-					INIT_PZVAL(params[0]);
-				} else if (strcmp(Z_STRVAL_PP(encoding),"deflate") == 0 &&
-		           zend_hash_exists(EG(function_table), "gzuncompress", sizeof("gzuncompress"))) {
-					ZVAL_STRING(&func, "gzuncompress", 0);
-					params[0] = &param;
-					ZVAL_STRINGL(params[0], post_data, post_data_length, 0);
-					INIT_PZVAL(params[0]);
+
+				if (strcmp(Z_STRVAL_PP(encoding),"gzip") == 0
+				||  strcmp(Z_STRVAL_PP(encoding),"x-gzip") == 0
+				||  strcmp(Z_STRVAL_PP(encoding),"deflate") == 0
+				) {
+					zval filter_params;
+
+					INIT_PZVAL(&filter_params);
+					array_init_size(&filter_params, 1);
+					add_assoc_long_ex(&filter_params, ZEND_STRS("window"), 0x2f); /* ANY WBITS */
+
+					zf = php_stream_filter_create("zlib.inflate", &filter_params, 0 TSRMLS_CC);
+					zval_dtor(&filter_params);
+
+					if (zf) {
+						php_stream_filter_append(&SG(request_info).request_body->readfilters, zf);
+					} else {
+						php_error_docref(NULL TSRMLS_CC, E_WARNING,"Can't uncompress compressed request");
+						return;
+					}
 				} else {
 					php_error_docref(NULL TSRMLS_CC, E_WARNING,"Request is compressed with unknown compression '%s'",Z_STRVAL_PP(encoding));
 					return;
 				}
-				if (call_user_function(CG(function_table), (zval**)NULL, &func, &retval, 1, params TSRMLS_CC) == SUCCESS &&
-				    Z_TYPE(retval) == IS_STRING) {
-					doc_request = soap_xmlParseMemory(Z_STRVAL(retval),Z_STRLEN(retval));
-					zval_dtor(&retval);
-				} else {
-					php_error_docref(NULL TSRMLS_CC, E_WARNING,"Can't uncompress compressed request");
-					return;
-				}
-			} else {
-				doc_request = soap_xmlParseMemory(post_data, post_data_length);
+			}
+
+			doc_request = soap_xmlParseFile("php://input" TSRMLS_CC);
+
+			if (zf) {
+				php_stream_filter_remove(zf, 1 TSRMLS_CC);
 			}
 		} else {
 			zval_ptr_dtor(&retval);

ext/spl/internal/emptyiterator.inc

@@ -15,7 +15,7 @@
  * @version 1.0
  * @since PHP 5.1
  */
-class EmptyIterator implements Iterator
+class EmptyIterator implements Iterator, Countable
 {
 	/** No operation.
 	 * @return void
@@ -57,6 +57,15 @@ class EmptyIterator implements Iterator
 	{
 		// nothing to do
 	}
+
+	/**
+	 * @return int
+	 */
+	function count()
+	{
+		return 0;
+	}
+
 }
 
-?>
+?>

ext/spl/spl_iterators.c

@@ -3241,12 +3241,23 @@ SPL_METHOD(EmptyIterator, next)
 	}
 } /* }}} */
 
+/* {{{ proto int EmptyIterator::count()
+   Does nothing */
+SPL_METHOD(EmptyIterator, count)
+{
+	if (zend_parse_parameters_none() == FAILURE) {
+		return;
+	}
+	RETURN_LONG(0);
+} /* }}} */
+
 static const zend_function_entry spl_funcs_EmptyIterator[] = {
 	SPL_ME(EmptyIterator, rewind,           arginfo_recursive_it_void, ZEND_ACC_PUBLIC)
 	SPL_ME(EmptyIterator, valid,            arginfo_recursive_it_void, ZEND_ACC_PUBLIC)
 	SPL_ME(EmptyIterator, key,              arginfo_recursive_it_void, ZEND_ACC_PUBLIC)
 	SPL_ME(EmptyIterator, current,          arginfo_recursive_it_void, ZEND_ACC_PUBLIC)
 	SPL_ME(EmptyIterator, next,             arginfo_recursive_it_void, ZEND_ACC_PUBLIC)
+	SPL_ME(EmptyIterator, count,            arginfo_recursive_it_void, ZEND_ACC_PUBLIC)
 	PHP_FE_END
 };
 
@@ -3707,6 +3718,7 @@ PHP_MINIT_FUNCTION(spl_iterators)
 
 	REGISTER_SPL_STD_CLASS_EX(EmptyIterator, NULL, spl_funcs_EmptyIterator);
 	REGISTER_SPL_ITERATOR(EmptyIterator);
+	REGISTER_SPL_IMPLEMENTS(EmptyIterator, Countable);
 
 	REGISTER_SPL_SUB_CLASS_EX(RecursiveTreeIterator, RecursiveIteratorIterator, spl_RecursiveTreeIterator_new, spl_funcs_RecursiveTreeIterator);
 	REGISTER_SPL_CLASS_CONST_LONG(RecursiveTreeIterator, "BYPASS_CURRENT",      RTIT_BYPASS_CURRENT);

ext/spl/tests/bug60577.phpt

@@ -0,0 +1,8 @@
+--TEST--
+count(new EmptyIterator) should return zero
+--FILE--
+<?php
+$it = new EmptyIterator;
+var_dump(count($it));
+--EXPECT--
+int(0)

ext/sqlite3/config.w32

@@ -4,7 +4,7 @@
 ARG_WITH("sqlite3", "SQLite 3 support", "no");
 
 if (PHP_SQLITE3 != "no") {
-	ADD_FLAG("CFLAGS_SQLITE3", "/D SQLITE_THREADSAFE=" + (PHP_ZTS == "yes" ? "1" : "0") + " /D SQLITE_ENABLE_FTS3=1 /D SQLITE_ENABLE_COLUMN_METADATA=1 /D SQLITE_CORE=1 ");
+	ADD_FLAG("CFLAGS_SQLITE3", "/D SQLITE_THREADSAFE=" + (PHP_ZTS == "yes" ? "1" : "0") + " /D SQLITE_ENABLE_FTS3=1 /D SQLITE_ENABLE_COLUMN_METADATA=1 /D SQLITE_CORE=1 /D SQLITE_API=__declspec(dllexport) ");
 	EXTENSION("sqlite3", "sqlite3.c", null, "/I" + configure_module_dirname + "/libsqlite /I" + configure_module_dirname);
 
 	ADD_SOURCES(configure_module_dirname + "/libsqlite", "sqlite3.c", "sqlite3");