- Upgraded bundled sqlite to version 3.6.22. (Ilia)
- Upgraded bundled libmagic to version 5.03. (Mikko)
+- Fixed a possible open_basedir/safe_mode bypass in session extension
+ identified by Grzegorz Stachowiak. (Ilia)
- Improved LCG entropy. (Rasmus, Samy Kamkar)
- Added libpng 1.4.0 support. (Pierre)
return FAILURE;
}
- if ((p = zend_memrchr(new_value, ';', new_value_length))) {
+ /* we do not use zend_memrchr() since path can contain ; itself */
+ if ((p = strchr(new_value, ';'))) {
+ char *p2;
p++;
+ if ((p2 = strchr(p, ';'))) {
+ p = p2 + 1;
+ }
} else {
p = new_value;
}
projects / php / commitdiff