From 663efacb91060d3ae3b0f0eb0980c3cb396cd02d Mon Sep 17 00:00:00 2001 From: Gina Peter Banyard Date: Fri, 10 Apr 2026 19:38:41 +0100 Subject: [PATCH 1/5] Update UPGRADING/NEWS for ValueErrors Also move the new ValueErrors into the correct section --- NEWS | 2 ++ UPGRADING | 60 +++++++++++++++++++++++++++---------------------------- 2 files changed, 32 insertions(+), 30 deletions(-) diff --git a/NEWS b/NEWS index f39dd0954a50..a7ad6778875b 100644 --- a/NEWS +++ b/NEWS @@ -154,6 +154,8 @@ PHP NEWS (David Carlier) . Passing an invalid flag value to the second argument of scandir() will now throw a ValueError. (alexandre-daubois) + . array_change_key_case() now raises a ValueError when an invalid $case + argument value is passed. (Girgias) - Streams: . Added so_keepalive, tcp_keepidle, tcp_keepintvl and tcp_keepcnt stream diff --git a/UPGRADING b/UPGRADING index 33717ac1ed57..e9944d8eeeb8 100644 --- a/UPGRADING +++ b/UPGRADING @@ -19,14 +19,29 @@ PHP 8.6 UPGRADE NOTES 1. Backward Incompatible Changes ======================================== +- GD: + . imagesetstyle(), imagefilter() and imagecrop() filter their + array arguments types/values and raise a TypeError/ValueError + accordingly. + - PCRE: . preg_grep() now returns false instead of a partial array when a PCRE execution error occurs (e.g. malformed UTF-8 input with the /u modifier). This is consistent with other preg_* functions. +- PCNTL: + . pcntl_alarm() now raises a ValueError if the seconds argument is + lower than zero or greater than platform's UINT_MAX. + - Phar: - . Invalid values now throw in Phar::mungServer() instead of being silently - ignored. + . Phar::mungServer() now raises a ValueError when an invalid + argument value is passed instead of being silently ignored. + +- Posix: + . posix_access() now raises a ValueError when an invalid $flags + argument value is passed. + . posix_mkfifo() now raises a ValueError when an invalid $permissions + argument value is passed. - Session: . A ValueError is not thrown if $name is a string containing null bytes in @@ -45,10 +60,21 @@ PHP 8.6 UPGRADE NOTES logic in their updateTimestamp() method. - Standard: - . Invalid mode values now throw in array_filter() instead of being silently - defaulted to 0. . Form feed (\f) is now added in the default trimmed characters of trim(), rtrim() and ltrim(). RFC: https://wiki.php.net/rfc/trim_form_feed + . array_filter() now raises a ValueError when an invalid $mode + argument value is passed. + . array_change_key_case() now raises a ValueError when an invalid $case + argument value is passed. + . pathinfo() now raises a ValueError when an invalid $flag + argument value is passed. + . scandir() now raises a ValueError when an invalid $sorting_order + argument value is passed. + +- Zip: + . ZipArchive::extractTo now raises a TypeError for the + files argument if one or more of the entries is not + a string. ======================================== 2. New Features @@ -103,11 +129,6 @@ PHP 8.6 UPGRADE NOTES 5. Changed Functions ======================================== -- GD: - . imagesetstyle(), imagefilter() and imagecrop() filter their - array arguments types/values and raise a TypeError/ValueError - accordingly. - - mysqli: . The return structure of mysqli_get_charset() no longer contains the undocumented "comment" element. The value of "charsetnr" is @@ -118,35 +139,14 @@ PHP 8.6 UPGRADE NOTES . Output of openssl_x509_parse() contains criticalExtensions listing all critical certificate extensions. -- PCNTL: - . pcntl_alarm() now throws a ValueError if the seconds argument is - lower than zero or greater than platform's UINT_MAX. - - Phar: . Phar::mungServer() now supports reference values. -- Posix: - . posix_access() now throws a ValueError exception if the flags - argument is invalid. - . posix_mkfifo() now throws a ValueError exception if the permissions - argument is invalid. - - Sockets: . socket_addrinfo_lookup() now has an additional optional argument $error when not null, and on failure, gives the error code (one of the EAI_* constants). -- Standard: - . pathinfo() now raises a ValueError when an invalid $flag argument - value is passed. - . scandir() now raises a ValueError when an invalid $sorting_order - argument value is passed. - -- Zip: - . ZipArchive::extractTo now raises a TypeError for the - files argument if one or more of the entries is not - a string. - ======================================== 6. New Functions ======================================== From 605301ce79a622ca518ce614a445123bbae52077 Mon Sep 17 00:00:00 2001 From: Daniel Scherzer Date: Fri, 10 Apr 2026 11:51:02 -0700 Subject: [PATCH 2/5] UPGRADING: order extensions alphabetically [skip ci] --- UPGRADING | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/UPGRADING b/UPGRADING index e9944d8eeeb8..a6e2e9f1d68a 100644 --- a/UPGRADING +++ b/UPGRADING @@ -24,15 +24,15 @@ PHP 8.6 UPGRADE NOTES array arguments types/values and raise a TypeError/ValueError accordingly. +- PCNTL: + . pcntl_alarm() now raises a ValueError if the seconds argument is + lower than zero or greater than platform's UINT_MAX. + - PCRE: . preg_grep() now returns false instead of a partial array when a PCRE execution error occurs (e.g. malformed UTF-8 input with the /u modifier). This is consistent with other preg_* functions. -- PCNTL: - . pcntl_alarm() now raises a ValueError if the seconds argument is - lower than zero or greater than platform's UINT_MAX. - - Phar: . Phar::mungServer() now raises a ValueError when an invalid argument value is passed instead of being silently ignored. @@ -228,6 +228,13 @@ PHP 8.6 UPGRADE NOTES 11. Changes to INI File Handling ======================================== +- Mbstring: + . The mbstring.detect_order INI directive now updates the internal detection + order when changed at runtime via ini_set(). Previously, runtime changes + using ini_set() did not take effect for mb_detect_order(). Setting the + directive to NULL or an empty string at runtime now leaves the previously + configured detection order unchanged. + - Mysqli: . mysqli.default_port now checks the validity of the value which should be between 0 and 65535 included. @@ -237,13 +244,6 @@ PHP 8.6 UPGRADE NOTES When used along with ZEND_JIT_DEBUG_TRACE_EXIT_INFO, the source of exit points is printed in exit info output, in debug builds. -- Mbstring: - . The mbstring.detect_order INI directive now updates the internal detection - order when changed at runtime via ini_set(). Previously, runtime changes - using ini_set() did not take effect for mb_detect_order(). Setting the - directive to NULL or an empty string at runtime now leaves the previously - configured detection order unchanged. - ======================================== 12. Windows Support ======================================== From 9e8dbc1d1c60dd13a80fc01dd1dd2f496ca44ade Mon Sep 17 00:00:00 2001 From: Ayesh Karunaratne Date: Sat, 11 Apr 2026 00:16:54 +0530 Subject: [PATCH 3/5] ext/standard: fix wrong array_filter() default value Follow-up to GH-21100, that mistakenly set the default value of the `array_filter()` as `ARRAY_FILTER_USE_KEY`, when it should be `ARRAY_FILTER_USE_VALUE`, which is the newly defined constant. --- ext/standard/basic_functions.stub.php | 2 +- ext/standard/basic_functions_arginfo.h | 4 ++-- ext/standard/basic_functions_decl.h | 8 ++++---- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/ext/standard/basic_functions.stub.php b/ext/standard/basic_functions.stub.php index 1f3d5617f8df..c437f0d7f6c2 100644 --- a/ext/standard/basic_functions.stub.php +++ b/ext/standard/basic_functions.stub.php @@ -1879,7 +1879,7 @@ function array_product(array $array): int|float {} function array_reduce(array $array, callable $callback, mixed $initial = null): mixed {} -function array_filter(array $array, ?callable $callback = null, int $mode = ARRAY_FILTER_USE_KEY): array {} +function array_filter(array $array, ?callable $callback = null, int $mode = ARRAY_FILTER_USE_VALUE): array {} function array_find(array $array, callable $callback): mixed {} diff --git a/ext/standard/basic_functions_arginfo.h b/ext/standard/basic_functions_arginfo.h index 991d76d91fc1..1ba20c6b26cc 100644 --- a/ext/standard/basic_functions_arginfo.h +++ b/ext/standard/basic_functions_arginfo.h @@ -1,5 +1,5 @@ /* This is a generated file, edit basic_functions.stub.php instead. - * Stub hash: 749c71a6220260eb3fb593b982a9d97821e0539b + * Stub hash: a846d7e3dd1f1cebd8c6257132c97b3758067127 * Has decl header: yes */ ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_set_time_limit, 0, 1, _IS_BOOL, 0) @@ -346,7 +346,7 @@ ZEND_END_ARG_INFO() ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_array_filter, 0, 1, IS_ARRAY, 0) ZEND_ARG_TYPE_INFO(0, array, IS_ARRAY, 0) ZEND_ARG_TYPE_INFO_WITH_DEFAULT_VALUE(0, callback, IS_CALLABLE, 1, "null") - ZEND_ARG_TYPE_INFO_WITH_DEFAULT_VALUE(0, mode, IS_LONG, 0, "ARRAY_FILTER_USE_KEY") + ZEND_ARG_TYPE_INFO_WITH_DEFAULT_VALUE(0, mode, IS_LONG, 0, "ARRAY_FILTER_USE_VALUE") ZEND_END_ARG_INFO() ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_array_find, 0, 2, IS_MIXED, 0) diff --git a/ext/standard/basic_functions_decl.h b/ext/standard/basic_functions_decl.h index fce41100fc79..ab27bb64f0c7 100644 --- a/ext/standard/basic_functions_decl.h +++ b/ext/standard/basic_functions_decl.h @@ -1,8 +1,8 @@ /* This is a generated file, edit basic_functions.stub.php instead. - * Stub hash: 749c71a6220260eb3fb593b982a9d97821e0539b */ + * Stub hash: a846d7e3dd1f1cebd8c6257132c97b3758067127 */ -#ifndef ZEND_BASIC_FUNCTIONS_DECL_749c71a6220260eb3fb593b982a9d97821e0539b_H -#define ZEND_BASIC_FUNCTIONS_DECL_749c71a6220260eb3fb593b982a9d97821e0539b_H +#ifndef ZEND_BASIC_FUNCTIONS_DECL_a846d7e3dd1f1cebd8c6257132c97b3758067127_H +#define ZEND_BASIC_FUNCTIONS_DECL_a846d7e3dd1f1cebd8c6257132c97b3758067127_H typedef enum zend_enum_SortDirection { ZEND_ENUM_SortDirection_Ascending = 1, @@ -20,4 +20,4 @@ typedef enum zend_enum_RoundingMode { ZEND_ENUM_RoundingMode_PositiveInfinity = 8, } zend_enum_RoundingMode; -#endif /* ZEND_BASIC_FUNCTIONS_DECL_749c71a6220260eb3fb593b982a9d97821e0539b_H */ +#endif /* ZEND_BASIC_FUNCTIONS_DECL_a846d7e3dd1f1cebd8c6257132c97b3758067127_H */ From 3c68fa9adc2b2989483738980d47052b03d82420 Mon Sep 17 00:00:00 2001 From: Ayesh Karunaratne Date: Sat, 11 Apr 2026 00:28:38 +0530 Subject: [PATCH 4/5] UPGRADING: Fix `ARRAY_FILTER_USE_VALUE` const addition --- UPGRADING | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/UPGRADING b/UPGRADING index a6e2e9f1d68a..e64b65e7b0b8 100644 --- a/UPGRADING +++ b/UPGRADING @@ -222,7 +222,7 @@ PHP 8.6 UPGRADE NOTES . EAI_IDN_ENCODE. - Standard - . ARRAY_FILTER_USE_KEY. + . ARRAY_FILTER_USE_VALUE. ======================================== 11. Changes to INI File Handling From 7744eab93367e0af560fcfa1b8a82cf9fdc90916 Mon Sep 17 00:00:00 2001 From: David Carlier Date: Sat, 21 Mar 2026 07:46:13 +0000 Subject: [PATCH 5/5] ext/sqlite3: fix wrong pointer types passed to the free list comparator. SQLite3Stmt::close() and SQLite3Result::finalize() passed php_sqlite3_stmt pointer types instead of sqlite3_stmt pointers to zend_llist_del_element, causing the comparator to never match and both methods to silently become no-ops. Regression introduced in 5eae6d14052 ("Don't store the object zval directly"). close GH-21483 --- NEWS | 3 +++ ext/sqlite3/sqlite3.c | 10 +++++----- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/NEWS b/NEWS index 77a509ba2621..338e14bee080 100644 --- a/NEWS +++ b/NEWS @@ -39,6 +39,9 @@ PHP NEWS . Fix concurrent iteration and deletion issues in SplObjectStorage. (ndossche) +- Sqlite3: + . Fixed wrong free list comparator pointer type. (David Carlier) + - Streams: . Fixed bug GH-21468 (Segfault in file_get_contents w/ a https URL and a proxy set). (ndossche) diff --git a/ext/sqlite3/sqlite3.c b/ext/sqlite3/sqlite3.c index cea3ca0e3fb0..7aef25bf73b5 100644 --- a/ext/sqlite3/sqlite3.c +++ b/ext/sqlite3/sqlite3.c @@ -38,7 +38,7 @@ ZEND_DECLARE_MODULE_GLOBALS(sqlite3) static PHP_GINIT_FUNCTION(sqlite3); static int php_sqlite3_authorizer(void *autharg, int action, const char *arg1, const char *arg2, const char *arg3, const char *arg4); static void sqlite3_param_dtor(zval *data); -static int php_sqlite3_compare_stmt_free(php_sqlite3_stmt **stmt_obj_ptr, sqlite3_stmt *statement); +static int php_sqlite3_compare_stmt_free(php_sqlite3_stmt **stmt_obj_ptr, php_sqlite3_stmt *statement); static zend_always_inline void php_sqlite3_fetch_one(int n_cols, php_sqlite3_result *result_obj, zend_long mode, zval *result); #define SQLITE3_CHECK_INITIALIZED(db_obj, member, class_name) \ @@ -2145,7 +2145,7 @@ PHP_METHOD(SQLite3Result, finalize) /* We need to finalize an internal statement */ if (!result_obj->is_prepared_statement) { - zend_llist_del_element(&(result_obj->db_obj->free_list), &result_obj->stmt_obj, + zend_llist_del_element(&(result_obj->db_obj->free_list), result_obj->stmt_obj, (int (*)(void *, void *)) php_sqlite3_compare_stmt_free); } else { sqlite3_reset(result_obj->stmt_obj->stmt); @@ -2260,9 +2260,9 @@ static void php_sqlite3_free_list_dtor(void **item) } /* }}} */ -static int php_sqlite3_compare_stmt_free(php_sqlite3_stmt **stmt_obj_ptr, sqlite3_stmt *statement ) /* {{{ */ +static int php_sqlite3_compare_stmt_free(php_sqlite3_stmt **stmt_obj_ptr, php_sqlite3_stmt *statement ) /* {{{ */ { - return ((*stmt_obj_ptr)->initialised && statement == (*stmt_obj_ptr)->stmt); + return ((*stmt_obj_ptr)->initialised && statement == *stmt_obj_ptr); } /* }}} */ @@ -2376,7 +2376,7 @@ static void php_sqlite3_stmt_object_free_storage(zend_object *object) /* {{{ */ } if (intern->initialised) { - zend_llist_del_element(&(intern->db_obj->free_list), intern->stmt, + zend_llist_del_element(&(intern->db_obj->free_list), intern, (int (*)(void *, void *)) php_sqlite3_compare_stmt_free); }