Merge remote-tracking branch 'php/master'

Author: danog

.github/scripts/windows/build_task.bat

@@ -36,7 +36,6 @@ set CFLAGS=/W1 /WX
 cmd /c configure.bat ^
 	--enable-snapshot-build ^
 	--disable-debug-pack ^
-	--enable-com-dotnet=shared ^
 	--without-analyzer ^
 	--enable-object-out-dir=%PHP_BUILD_OBJ_DIR% ^
 	--with-php-build=%DEPS_DIR% ^

.github/workflows/labeler.yml

@@ -7,6 +7,7 @@ permissions:
 
 jobs:
   triage:
+    if: github.repository == 'php/php-src'
     permissions:
       pull-requests: write
     runs-on: ubuntu-latest

NEWS

@@ -8,6 +8,7 @@ PHP                                                                        NEWS
 - Core:
   . Fixed bug GH-16665 (\array and \callable should not be usable in
     class_alias). (nielsdos)
+  . Added PHP_BUILD_DATE constant. (cmb)
 
 - Curl:
   . Added curl_multi_get_handles(). (timwolla)

UPGRADING

@@ -129,6 +129,9 @@ PHP 8.5 UPGRADE NOTES
 10. New Global Constants
 ========================================
 
+- Core:
+  . PHP_BUILD_DATE.
+
 - POSIX:
   . POSIX_SC_OPEN_MAX.
 
@@ -147,6 +150,11 @@ PHP 8.5 UPGRADE NOTES
   PHP_RELEASE_VERSION are now always numbers.  Previously, they have been
   strings for buildconf builds.
 
+* COM:
+  . The extension is now build shared by default; previously it defaulted to a
+    static extension, although the official Windows binaries built a shared
+    extension.
+
 * FFI:
   . It is no longer necessary to specify the library when using FFI::cdef()
     and FFI::load(). However, this convenience feature should not be used in

Zend/tests/gh16630.phpt

@@ -0,0 +1,19 @@
+--TEST--
+GH-16630 (UAF in lexer with encoding translation and heredocs)
+--EXTENSIONS--
+mbstring
+--INI--
+zend.multibyte=On
+zend.script_encoding=ISO-8859-1
+internal_encoding=EUC-JP
+--FILE--
+<?php
+$data3 = <<<CODE
+heredoc
+text
+CODE;
+echo $data3;
+?>
+--EXPECT--
+heredoc
+text

Zend/tests/gh16725.phpt

@@ -0,0 +1,27 @@
+--TEST--
+GH-16725: Incorrect access check for non-hooked props in hooked object iterator
+--FILE--
+<?php
+
+class C implements JsonSerializable
+{
+    private string $prop1 { get => 'bar'; }
+
+    public function __construct(
+        private string $prop2,
+    ) {}
+
+    public function jsonSerialize(): mixed {
+        return get_object_vars($this);
+    }
+}
+
+$obj = new C('foo');
+var_dump(get_object_vars($obj));
+echo json_encode($obj);
+
+?>
+--EXPECT--
+array(0) {
+}
+{"prop1":"bar","prop2":"foo"}

Zend/zend_hash.h

@@ -30,12 +30,13 @@
 #define HASH_KEY_IS_LONG 2
 #define HASH_KEY_NON_EXISTENT 3
 
-#define HASH_UPDATE 			(1<<0)
-#define HASH_ADD				(1<<1)
-#define HASH_UPDATE_INDIRECT	(1<<2)
-#define HASH_ADD_NEW			(1<<3)
-#define HASH_ADD_NEXT			(1<<4)
-#define HASH_LOOKUP				(1<<5)
+#define HASH_UPDATE 			(1<<0) /* Create new entry, or update the existing one. */
+#define HASH_ADD				(1<<1) /* Create new entry, or fail if it exists. */
+#define HASH_UPDATE_INDIRECT	(1<<2) /* If the given ht entry is an indirect zval, unwrap it before writing to it. \
+										* When used with HASH_ADD, writing is allowed if the target zval is IS_UNDEF. */
+#define HASH_ADD_NEW			(1<<3) /* Used when the offset is known not to exist. */
+#define HASH_ADD_NEXT			(1<<4) /* Append to an array. (e.g. $array[] = 42;) */
+#define HASH_LOOKUP				(1<<5) /* Look up an existing entry, or create one with a NULL value. */
 
 #define HASH_FLAG_CONSISTENCY      ((1<<0) | (1<<1))
 #define HASH_FLAG_PACKED           (1<<2)

Zend/zend_language_scanner.l

@@ -275,7 +275,7 @@ ZEND_API void zend_restore_lexical_state(zend_lex_state *lex_state)
 	CG(zend_lineno) = lex_state->lineno;
 	zend_restore_compiled_filename(lex_state->filename);
 
-	if (SCNG(script_filtered)) {
+	if (SCNG(script_filtered) && SCNG(script_filtered) != lex_state->script_filtered) {
 		efree(SCNG(script_filtered));
 		SCNG(script_filtered) = NULL;
 	}

Zend/zend_property_hooks.c

@@ -89,7 +89,8 @@ static zend_array *zho_build_properties_ex(zend_object *zobj, bool check_access,
 				if (UNEXPECTED(Z_TYPE_P(OBJ_PROP(zobj, prop_info->offset)) == IS_UNDEF)) {
 					HT_FLAGS(properties) |= HASH_FLAG_HAS_EMPTY_IND;
 				}
-				zend_hash_update_ind(properties, property_name, OBJ_PROP(zobj, prop_info->offset));
+				zval *tmp = zend_hash_lookup(properties, property_name);
+				ZVAL_INDIRECT(tmp, OBJ_PROP(zobj, prop_info->offset));
 			}
 skip_property:
 			if (property_name != prop_info->name) {

ext/bcmath/bcmath.c

@@ -615,7 +615,10 @@ PHP_FUNCTION(bcpow)
 		goto cleanup;
 	}
 
-	bc_raise(first, exponent, &result, scale);
+	if (!bc_raise(first, exponent, &result, scale)) {
+		zend_throw_exception_ex(zend_ce_division_by_zero_error, 0, "Negative power of zero");
+		goto cleanup;
+	}
 
 	RETVAL_NEW_STR(bc_num2str_ex(result, scale));
 
@@ -1141,7 +1144,10 @@ static zend_result bcmath_number_pow_internal(
 		}
 		return FAILURE;
 	}
-	bc_raise(n1, exponent, ret, *scale);
+	if (!bc_raise(n1, exponent, ret, *scale)) {
+		zend_throw_exception_ex(zend_ce_division_by_zero_error, 0, "Negative power of zero");
+		return FAILURE;
+	}
 	bc_rm_trailing_zeros(*ret);
 	if (scale_expand) {
 		size_t diff = *scale - (*ret)->n_scale;