Merge v2.3 into v2.x#2019
Merged
mongodb-drivers-pr-bot[bot] merged 1 commit intoMay 20, 2026
Merged
Conversation
* Guard field path pop against empty path Add an early return in phongo_field_path_pop when the path has no elements to decrement. The function previously assumed callers maintained push/pop balance, which makes the helper fragile under future error-recovery edits. * Match PHP semantics for Int64 bit-shift operators ZEND_SL and ZEND_SR previously delegated directly to the C shift operators without bounding the shift amount. Match the behaviour of PHP's native integer shift handlers: throw ArithmeticError on negative shift counts, return 0 (or -1 for arithmetic right-shift of a negative value) when the count is at or above the operand width, and use an unsigned cast for the left-shift to avoid relying on signed shift semantics. * Propagate failure from phongo_zval_to_bson_value_ex Have the helper return whether the conversion populated the destination bson_value_t and forward that result through phongo_zval_to_bson_value. The IS_ARRAY/IS_OBJECT branch previously returned true unconditionally, which is misleading when an exception was thrown inside the inner encoder. * Halt BSON traversal on exception during bsonUnserialize The document and array visitors call into userland bsonUnserialize() but did not consult EG(exception) before inserting the resulting object into the parent container. When bsonUnserialize() throws, abort the traversal cleanly and propagate the exception instead of attaching a partially-constructed object to the parent. * Use a digest of the URI in the persistent client cache key The cache key produced by phongo_manager_make_client_hash previously contained the raw connection string. Replace it with a SHA-1 digest of the URI so the key remains a stable per-URI identifier without embedding the connection string verbatim into long-lived process storage. * Handle empty field path in phongo_field_path_as_string When all entries in field_path->elements are NULL, the loop appends nothing and the trailing '.' overwrite would land before the start of the allocated buffer. Branch on whether the loop wrote anything before trimming the trailing separator. * Drop tautological sparsity upper-bound check The condition sparsity > INT64_MAX is always false because sparsity is declared as int64_t. Remove the dead branch and keep the meaningful sparsity < 0 guard. * Use size_t for BSON data lengths in zval converters Change phongo_bson_data_to_zval and phongo_bson_data_to_zval_ex to accept size_t lengths instead of int, matching the unsigned width expected by libbson's reader API. Existing callers pass uint32_t from bson_iter_document, so the widening is implicit. * Use size_t for pattern and flags lengths in phongo_regex_t Bring phongo_regex_t in line with the other string-carrying structs in this file, which already use size_t for length fields. Removes a silent narrowing of the size_t parameter accepted by phongo_regex_init. * Route phongo_regex_new through phongo_regex_init phongo_regex_new (used when decoding a Regex from BSON) previously copied the pattern and flags directly without sorting the flags alphabetically, while phongo_regex_init does. This caused two Regex instances representing the same pattern and flags to compare unequal depending on which path constructed them. Defer to phongo_regex_init to keep the canonicalisation in one place. * Validate UTF-8 in scalar phongo_zval_to_bson_value path The IS_STRING branch wrote the PHP string verbatim into the bson_value_t without checking that it was valid UTF-8, while the phongo_bson_append document-encoding path already validates. Match the existing pattern so that invalid UTF-8 is rejected with an exception in both code paths. * Surface scope encoding errors from phongo_javascript_init When phongo_zval_to_bson throws while encoding the scope, release the already-allocated code buffer and the partially-written scope BSON, and report failure to the caller. Previously the function returned true even though intern was left in an inconsistent state. * Free existing buffers before re-init in BSON value classes phongo_binary_init, phongo_regex_init, and phongo_javascript_init overwrote heap-owned struct members without freeing what was already there. Re-init the slots cleanly so a second call (e.g. from a subclass that invokes parent::__unserialize twice) does not leak the prior allocation. As part of this, hoist the regex flags null-byte check above the pattern allocation so a flag rejection can no longer leave a stray pattern buffer behind. * Address PR 2016 review feedback - Restructure phongo_javascript_init to stage the new code/scope buffers in temporaries and only swap them into the object once both steps have succeeded, so a failure during scope encoding no longer leaves the object with a freed code pointer and a stale code_len. - Declare hash as an extension dependency in config.m4 and config.w32 now that phongo_client.c uses ext/hash for SHA-256, so non-default and shared builds link cleanly. - Test coverage for the new Int64 shift-bound and bson_value UTF-8 validation paths is intentionally deferred to a follow-up. - Drop hex conversion in phongo_manager_make_client_hash: use the raw 32-byte SHA-256 digest directly as the uri key in the serialized args array — PHP strings are binary-safe so the serialization output is still a stable, unique cache key - Add tests for Int64 shift-by-negative (ArithmeticError) and shift-count-at-or-above-64 (clamp to 0 / -1) - Add test for invalid UTF-8 in a scalar comment string passed to BulkWrite::__construct(), covering the scalar path in phongo_zval_to_bson_value * Update regex for matching client hashes
mongodb-drivers-pr-bot
Bot
requested review from
paulinevos
and removed request for
a team
GromNaN
approved these changes
May 20, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Merge new changes from v2.3 into v2.x.
Commits
To resolve any conflicts, check out the temporary branch and run the following command:Resolving conflicts
To ignore from the remote branch, first reset the temporary branch to v2.x and manually merge using the `ours` merge strategy:Ignoring changes
Then, push the temporary branch to upate the pull request.