From: Stanislav Malyshev Date: Mon, 19 Dec 2011 02:05:03 +0000 (+0000) Subject: implement the solution for isset/string offsets, fix bug #60362 X-Git-Tag: php-5.4.0RC4~10 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=622412d8e6e3c9d8ab87a3ae5d507eb83406d338;p=php implement the solution for isset/string offsets, fix bug #60362 --- diff --git a/NEWS b/NEWS index 5f542ebcf0..8ae70e81eb 100644 --- a/NEWS +++ b/NEWS @@ -5,11 +5,13 @@ PHP NEWS . Added max_input_vars directive to prevent attacks based on hash collisions (Dmitry). . Fixed bug #60536 (Traits Segfault). (Laruence) + . Fixed bug #60362 (non-existent sub-sub keys should not have values). + (Laruence, alan_k, Stas) - CLI SAPI: . Fixed bug #60477 (Segfault after two multipart/form-data POST requests, one 200 RQ and one 404). (Laruence) - . Fixed bug #60523 (PHP Errors are not reported in browsers using built-in + . Fixed bug #60523 (PHP Errors are not reported in browsers using built-in SAPI). (Laruence, Derick) - OpenSSL: @@ -17,7 +19,7 @@ PHP NEWS - Pdo Firebird: . Fixed bug #48877 ("bindValue" and "bindParam" do not work for PDO Firebird). - (Mariuz) + (Mariuz) 08 Dec 2011, PHP 5.4.0 RC3 - Core: @@ -27,7 +29,7 @@ PHP NEWS (php at mickweiss dot com) . Fixed bug #60240 (invalid read/writes when unserializing specially crafted strings). (Mike) - . Implement FR #54514 (Get php binary path during script execution). + . Implement FR #54514 (Get php binary path during script execution). (Laruence) - CLI SAPI: @@ -39,7 +41,7 @@ PHP NEWS - Intl: . Added support for UTS #46. (Gustavo) - + - OpenSSL: . On error in openssl_random_pseudo_bytes() make sure we set strong result to false. (Scott) @@ -50,17 +52,17 @@ PHP NEWS 24 Nov 2011, PHP 5.4.0 RC2 - Core: - . Fixed bug #60227 (header() cannot detect the multi-line header with + . Fixed bug #60227 (header() cannot detect the multi-line header with CR(0x0D)). (rui) . Fixed bug #60099 (__halt_compiler() works in braced namespaces). (Felipe) . Fixed bug #55874 (GCC does not provide __sync_fetch_and_add on some archs). (klightspeed at netspace dot net dot au) . Fixed bug #52624 (tempnam() by-pass open_basedir with nonexistent directory). (Felipe) - . Fixed bug #55748 (multiple NULL Pointer Dereference with zend_strndup()) + . Fixed bug #55748 (multiple NULL Pointer Dereference with zend_strndup()) (CVE-2011-4153). (Stas) . Fixed invalid free in call_user_method() function. (Felipe) - + - Zend Engine: . Fixed bug #43200 (Interface implementation / inheritence not possible in abstract classes). (Felipe) @@ -77,19 +79,19 @@ PHP NEWS - BCmath: . Fixed bug #60377 (bcscale related crashes on 64bits platforms) (shm) - + - Fileinfo: . Fixed possible memory leak in finfo_open(). (Felipe) . Fixed memory leak when calling the Finfo constructor twice. (Felipe) - + - Intl: . Fixed memory leak in several Intl locale functions. (Felipe) - + - Mbstring . Fixed bug #60306 (Characters lost while converting from cp936 to utf8). (Laruence) . Fixed possible crash in mb_ereg_search_init() using empty pattern. (Felipe) - + - MS SQL: . Fixed bug #60267 (Compile failure with freetds 0.91). (Felipe) @@ -103,18 +105,18 @@ PHP NEWS (Chris Jones) - Output: - . Fixed bug #60321 (ob_get_status(true) no longer returns an array when + . Fixed bug #60321 (ob_get_status(true) no longer returns an array when buffer is empty). (Pierrick) . Fixed bug #60282 (Segfault when using ob_gzhandler() with open buffers). (Laruence) - + - Reflection: - . Fixed bug #60357 (__toString() method triggers E_NOTICE "Array to string + . Fixed bug #60357 (__toString() method triggers E_NOTICE "Array to string conversion"). (Laruence) - + - SOAP extension: . Added new SoapClient option "keep_alive". FR #60329. (Pierrick) - + - Tidy: . Fixed bug #54682 (Tidy::diagnose() NULL pointer dereference). (Maksymilian Arciemowicz, Felipe) @@ -134,17 +136,17 @@ PHP NEWS . Fixed bug #60189 (php logo can not be displayed). (Laruence) - Core: - . Fixed bug #60120 (proc_open's streams may hang with stdin/out/err when + . Fixed bug #60120 (proc_open's streams may hang with stdin/out/err when the data exceeds or is equal to 2048 bytes). (Pierre, Pascal Borreli) . Fixed bug #60174 (Notice when array in method prototype error). (Laruence) - . Fixed bug #60169 (Conjunction of ternary and list crashes PHP). + . Fixed bug #60169 (Conjunction of ternary and list crashes PHP). (Laruence) . Fixed bug #55475 (is_a() triggers autoloader, new optional 3rd argument to - is_a and is_subclass_of). (alan_k) - + is_a and is_subclass_of). (alan_k) + - Oracle Database extension (OCI8): - . Increased maximum Oracle error message buffer length for new 11.2.0.3 size + . Increased maximum Oracle error message buffer length for new 11.2.0.3 size (Chris Jones) . Improve internal initalization failure error messages (Chris Jones) @@ -156,7 +158,7 @@ PHP NEWS argument via Reflection). (Peter) - Tokenizer extension - . Fixed bug #54089 (token_get_all with regards to __halt_compiler is + . Fixed bug #54089 (token_get_all with regards to __halt_compiler is not binary safe). (Nikita Popov) - SAPI: @@ -164,7 +166,7 @@ PHP NEWS 20 Oct 2011, PHP 5.4.0 beta2 - General improvements: - . Improve the warning message of incompatible arguments. (Laruence) + . Improve the warning message of incompatible arguments. (Laruence) . Improve ternary operator performance when returning arrays. (Arnaud, Dmitry) - Core: @@ -183,7 +185,7 @@ PHP NEWS - Openssl . Revert r313616 (When we have a blocking SSL socket, respect the timeout option, scottmac), breaks ssl support as described in bugs #55283 and #55848 - + - PDO DBlib driver: . Fixed bug #60033 (Incorrectly merged PDO dblib patches break uniqueidentifier column type). (warezthebeef at gmail dot com) @@ -193,7 +195,7 @@ PHP NEWS (Ilia, jeffhuang9999 at gmail dot com) - Zlib: - . Fixed bug #55544 (ob_gzhandler always conflicts with + . Fixed bug #55544 (ob_gzhandler always conflicts with zlib.output_compression). (Mike) - SPL: @@ -226,7 +228,7 @@ PHP NEWS . Added support for SORT_NATURAL and SORT_FLAG_CASE in array sort functions (sort, rsort, ksort, krsort, asort, arsort and array_multisort). FR#55158 (Arpad) - . Disable windows CRT warning by default, can be enabled again using the ini + . Disable windows CRT warning by default, can be enabled again using the ini directive windows_show_crt_warnings. (Pierre) . Removed support for putenv("TZ=..") for setting the timezone. (Derick) . Removed the timezone guessing algorithm in case the timezone isn't set with @@ -336,7 +338,7 @@ PHP NEWS . Added the ability to pass options to loadHTML (Chregu, fxmulder at gmail dot com) - OpenSSL extension: - . Use php's implementation for Windows Crypto API in + . Use php's implementation for Windows Crypto API in openssl_random_pseudo_bytes. (Pierre) 20 Jun 2011, PHP 5.4.0 Alpha 1 @@ -354,7 +356,7 @@ PHP NEWS . highlight.bg ini option. (Kalle) . Session bug compatibility mode (session.bug_compat_42 and session.bug_compat_warn ini options). (Kalle) - . session_is_registered(), session_register() and session_unregister() + . session_is_registered(), session_register() and session_unregister() functions. (Kalle) . y2k_compliance ini option. (Kalle) @@ -365,7 +367,7 @@ PHP NEWS - Changed $_SERVER['REQUEST_TIME'] to include microsecond precision. (Ilia) - Changed default value of "default_charset" php.ini option from ISO-8859-1 to UTF-8. (Rasmus) -- Changed array_combine() to return empty array instead of FALSE when both +- Changed array_combine() to return empty array instead of FALSE when both parameter arrays are empty. FR #34857. (joel.perras@gmail.com) - Changed third parameter of preg_match_all() to optional. FR #53238. (Adam) - Changed silent casting of null/''/false into an Object when adding @@ -401,7 +403,7 @@ PHP NEWS to truncation, e.g. through ftruncate(). FR #53888. (Gustavo) - Improved Zend Engine memory usage: (Dmitry) - . Replaced zend_function.pass_rest_by_reference by + . Replaced zend_function.pass_rest_by_reference by ZEND_ACC_PASS_REST_BY_REFERENCE in zend_function.fn_flags. . Replaced zend_function.return_reference by ZEND_ACC_RETURN_REFERENCE in zend_function.fn_flags. @@ -410,7 +412,7 @@ PHP NEWS meaning) is represented by zend_internal_function_info structure. . Moved zend_op_array.size, size_var, size_literal, current_brk_cont, backpatch_count into CG(context) as they are used only during compilation. - . Moved zend_op_array.start_op into EG(start_op) as it's used only for + . Moved zend_op_array.start_op into EG(start_op) as it's used only for 'interactive' execution of single top-level op-array. . Replaced zend_op_array.done_pass_two by ZEND_ACC_DONE_PASS_TWO in zend_op_array.fn_flags. @@ -419,7 +421,7 @@ PHP NEWS in zend_class_entry.ce_flags. . Reduced the size of zend_class_entry by sharing the same memory space by different information for internal and user classes. - See zend_class_entry.info union. + See zend_class_entry.info union. . Reduced size of temp_variable. - Changed the structure of op_array.opcodes. The constant values are moved from @@ -503,7 +505,7 @@ PHP NEWS . Added JsonSerializable interface. (Sara) . Added JSON_BIGINT_AS_STRING, extended json_decode() sig with $options. (Sara) - . Added support for JSON_NUMERIC_CHECK option in json_encode() that converts + . Added support for JSON_NUMERIC_CHECK option in json_encode() that converts numeric strings to integers. (Ilia) . Added new json_encode() option JSON_PRETTY_PRINT. FR #44331. (Adam) . Added new json_encode() option JSON_UNESCAPED_SLASHES. FR #49366. (Adam) @@ -515,7 +517,7 @@ PHP NEWS - Improved MySQL extensions: . MySQL: Deprecated mysql_list_dbs(). FR #50667. (Andrey) . mysqlnd: Added named pipes support. FR #48082. (Andrey) - . MySQLi: Added iterator support in MySQLi. mysqli_result implements + . MySQLi: Added iterator support in MySQLi. mysqli_result implements Traversable. (Andrey, Johannes) . PDO_mysql: Removed support for linking with MySQL client libraries older than 4.1. (Johannes) @@ -551,15 +553,15 @@ PHP NEWS . Added CallbackFilterIterator and RecursiveCallbackFilterIterator. (Arnaud) - Improved XSL extension: - . Added XsltProcessor::setSecurityPrefs($options) and getSecurityPrefs() to - define forbidden operations within XSLT stylesheets, default is not to + . Added XsltProcessor::setSecurityPrefs($options) and getSecurityPrefs() to + define forbidden operations within XSLT stylesheets, default is not to enable write operations from XSLT. Bug #54446 (Chregu, Nicolas Gregoire) - Improved ZLIB extension: . Re-implemented non-file related functionality. (Mike) - Improved SNMP extension (Boris Lytochkin): - . Added OO API. FR #53594 (php-snmp rewrite). + . Added OO API. FR #53594 (php-snmp rewrite). . Sanitized return values of existing functions. Now it returns FALSE on failure. . Allow ~infinite OIDs in GET/GETNEXT/SET queries. Autochunk them to max_oids @@ -601,7 +603,7 @@ PHP NEWS . Fixed bug #55509 (segfault on x86_64 using more than 2G memory). (Laruence) . Fixed bug #55504 (Content-Type header is not parsed correctly on HTTP POST request). (Hannes) - . Fixed bug #52461 (Incomplete doctype and missing xmlns). + . Fixed bug #52461 (Incomplete doctype and missing xmlns). (virsacer at web dot de, Pierre) - Curl: @@ -643,11 +645,11 @@ PHP NEWS - SimpleXML: . Reverted the SimpleXML->query() behaviour to returning empty arrays - instead of false when no nodes are found as it was since 5.3.3 + instead of false when no nodes are found as it was since 5.3.3 (bug #48601). (chregu, rrichards) - + - String: - . Fixed bug #55674 (fgetcsv & str_getcsv skip empty fields in some tab-separated + . Fixed bug #55674 (fgetcsv & str_getcsv skip empty fields in some tab-separated records). (Laruence) 23 Aug 2011, PHP 5.3.8 @@ -674,7 +676,7 @@ PHP NEWS (Pierrick, Felipe) . Fixed bug #54624 (class_alias and type hint). (Felipe) . Fixed bug #54585 (track_errors causes segfault). (Dmitry) - . Fixed bug #54423 (classes from dl()'ed extensions are not destroyed). + . Fixed bug #54423 (classes from dl()'ed extensions are not destroyed). (Tony, Dmitry) . Fixed bug #54372 (Crash accessing global object itself returned from its __get() handle). (Dmitry) @@ -687,13 +689,13 @@ PHP NEWS - Core . Updated crypt_blowfish to 1.2. ((CVE-2011-2483) (Solar Designer) - . Removed warning when argument of is_a() or is_subclass_of() is not + . Removed warning when argument of is_a() or is_subclass_of() is not a known class. (Stas) . Fixed crash in error_log(). (Felipe) Reported by Mateusz Kocielski. . Added PHP_MANDIR constant telling where the manpages were installed into, and an --man-dir argument to php-config. (Hannes) . Fixed a crash inside dtor for error handling. (Ilia) - . Fixed buffer overflow on overlog salt in crypt(). (Clément LECIGNE, Stas) + . Fixed buffer overflow on overlog salt in crypt(). (Clément LECIGNE, Stas) . Implemented FR #54459 (Range function accuracy). (Adam) . Fixed bug #55399 (parse_url() incorrectly treats ':' as a valid path). @@ -702,7 +704,7 @@ PHP NEWS (Dmitry) . Fixed bug #55295 [NEW]: popen_ex on windows, fixed possible heap overflow (Pierre) - . Fixed bug #55258 (Windows Version Detecting Error). + . Fixed bug #55258 (Windows Version Detecting Error). ( xiaomao5 at live dot com, Pierre) . Fixed bug #55187 (readlink returns weird characters when false result). (Pierre) @@ -746,7 +748,7 @@ PHP NEWS (Pierrick, Dmitry) . Fixed bug #50363 (Invalid parsing in convert.quoted-printable-decode filter). (slusarz at curecanti dot org) - . Fixed bug #48465 (sys_get_temp_dir() possibly inconsistent when using + . Fixed bug #48465 (sys_get_temp_dir() possibly inconsistent when using TMPDIR on Windows). (Pierre) - Apache2 Handler SAPI: @@ -759,7 +761,7 @@ PHP NEWS - cURL extension: . Added ini option curl.cainfo (support for custom cert db). (Pierre) . Added CURLINFO_REDIRECT_URL support. (Daniel Stenberg, Pierre) - . Added support for CURLOPT_MAX_RECV_SPEED_LARGE and + . Added support for CURLOPT_MAX_RECV_SPEED_LARGE and CURLOPT_MAX_SEND_SPEED_LARGE. FR #51815. (Pierrick) - DateTime extension: @@ -786,10 +788,10 @@ PHP NEWS . Added 3rd parameter to filter_var_array() and filter_input_array() functions that allows disabling addition of empty elements. (Ilia) . Fixed bug #53037 (FILTER_FLAG_EMPTY_STRING_NULL is not implemented). (Ilia) - + - Interbase extension: . Fixed bug #54269 (Short exception message buffer causes crash). (Felipe) - + - intl extension: . Implemented FR #54561 (Expose ICU version info). (David Zuelke, Ilia) . Implemented FR #54540 (Allow loading of arbitrary resource bundles when @@ -800,7 +802,7 @@ PHP NEWS (kevin at kevinlocke dot name) - json extension: - . Fixed bug #54484 (Empty string in json_decode doesn't reset + . Fixed bug #54484 (Empty string in json_decode doesn't reset json_last_error()). (Ilia) - LDAP extension: @@ -817,7 +819,7 @@ PHP NEWS - MCrypt extension: . Change E_ERROR to E_WARNING in mcrypt_create_iv when not enough data has been fetched (Windows). (Pierre) - . Fixed bug #55169 (mcrypt_create_iv always fails to gather sufficient random + . Fixed bug #55169 (mcrypt_create_iv always fails to gather sufficient random data on Windows). (Pierre) - mysqlnd @@ -849,7 +851,7 @@ PHP NEWS - PDO extension: . Fixed bug #54929 (Parse error with single quote in sql comment). (Felipe) - . Fixed bug #52104 (bindColumn creates Warning regardless of ATTR_ERRMODE + . Fixed bug #52104 (bindColumn creates Warning regardless of ATTR_ERRMODE settings). (Ilia) - PDO DBlib driver: @@ -972,7 +974,7 @@ PHP NEWS . Fixed bug #48607 (fwrite() doesn't check reply from ftp server before exiting). (Ilia) - + - Calendar extension: . Fixed bug #53574 (Integer overflow in SdnToJulian, sometimes leading to segfault). (Gustavo) @@ -980,18 +982,18 @@ PHP NEWS - DOM extension: . Implemented FR #39771 (Made DOMDocument::saveHTML accept an optional DOMNode like DOMDocument::saveXML). (Gustavo) - + - DateTime extension: . Fixed a bug in DateTime->modify() where absolute date/time statements had no effect. (Derick) . Fixed bug #53729 (DatePeriod fails to initialize recurrences on 64bit big-endian systems). (Derick, rein@basefarm.no) . Fixed bug #52808 (Segfault when specifying interval as two dates). (Stas) - . Fixed bug #52738 (Can't use new properties in class extended from + . Fixed bug #52738 (Can't use new properties in class extended from DateInterval). (Stas) . Fixed bug #52290 (setDate, setISODate, setTime works wrong when DateTime created from timestamp). (Stas) - . Fixed bug #52063 (DateTime constructor's second argument doesn't have a + . Fixed bug #52063 (DateTime constructor's second argument doesn't have a null default value). (Gustavo, Stas) - Exif extension: @@ -1012,20 +1014,20 @@ PHP NEWS (Hannes) - Gettext - . Fixed bug #53837 (_() crashes on Windows when no LANG or LANGUAGE + . Fixed bug #53837 (_() crashes on Windows when no LANG or LANGUAGE environment variable are set). (Pierre) - IMAP extension: . Implemented FR #53812 (get MIME headers of the part of the email). (Stas) . Fixed bug #53377 (imap_mime_header_decode() doesn't ignore \t during long MIME header unfolding). (Adam) - + - Intl extension: . Fixed bug #53612 (Segmentation fault when using cloned several intl objects). (Gustavo) . Fixed bug #53512 (NumberFormatter::setSymbol crash on bogus $attr values). (Felipe) - . Implemented clone functionality for number, date & message formatters. + . Implemented clone functionality for number, date & message formatters. (Stas). - JSON extension: @@ -1033,20 +1035,20 @@ PHP NEWS decodings). (Scott) - mysqlnd - . Fixed problem with always returning 0 as num_rows for unbuffered sets. + . Fixed problem with always returning 0 as num_rows for unbuffered sets. (Andrey, Ulf) - MySQL Improved extension: - . Added 'db' and 'catalog' keys to the field fetching functions (FR #39847). + . Added 'db' and 'catalog' keys to the field fetching functions (FR #39847). (Kalle) . Fixed buggy counting of affected rows when using the text protocol. The collected statistics were wrong when multi_query was used with mysqlnd (Andrey) - . Fixed bug #53795 (Connect Error from MySqli (mysqlnd) when using SSL). + . Fixed bug #53795 (Connect Error from MySqli (mysqlnd) when using SSL). (Kalle) - . Fixed bug #53503 (mysqli::query returns false after successful LOAD DATA + . Fixed bug #53503 (mysqli::query returns false after successful LOAD DATA query). (Kalle, Andrey) - . Fixed bug #53425 (mysqli_real_connect() ignores client flags when built to + . Fixed bug #53425 (mysqli_real_connect() ignores client flags when built to call libmysql). (Kalle, tre-php-net at crushedhat dot com) - OpenSSL extension: @@ -1063,13 +1065,13 @@ PHP NEWS - PDO MySQL driver: . Fixed bug #53551 (PDOStatement execute segfaults for pdo_mysql driver). (Johannes) - . Implemented FR #47802 (Support for setting character sets in DSN strings). + . Implemented FR #47802 (Support for setting character sets in DSN strings). (Kalle) - PDO Oracle driver: . Fixed bug #39199 (Cannot load Lob data with more than 4000 bytes on ORACLE 10). (spatar at mail dot nnov dot ru) - + - PDO PostgreSQL driver: . Fixed bug #53517 (segfault in pgsql_stmt_execute() when postgres is down). (gyp at balabit dot hu) @@ -1079,7 +1081,7 @@ PHP NEWS (CVE-2011-1153) . Fixed bug #53541 (format string bug in ext/phar). (crrodriguez at opensuse dot org, Ilia) - . Fixed bug #53898 (PHAR reports invalid error message, when the directory + . Fixed bug #53898 (PHAR reports invalid error message, when the directory does not exist). (Ilia) - PHP-FPM SAPI: @@ -1110,7 +1112,7 @@ PHP NEWS (Mateusz Kocielski, Pierre) - SPL extension: - . Fixed memory leak in DirectoryIterator::getExtension() and + . Fixed memory leak in DirectoryIterator::getExtension() and SplFileInfo::getExtension(). (Felipe) . Fixed bug #53914 (SPL assumes HAVE_GLOB is defined). (Chris Jones) . Fixed bug #53515 (property_exists incorrect on ArrayObject null and 0 @@ -1160,13 +1162,13 @@ PHP NEWS (Hannes) . Fixed bug #53568 (swapped memset arguments in struct initialization). (crrodriguez at opensuse dot org) - . Fixed bug #53166 (Missing parameters in docs and reflection definition). + . Fixed bug #53166 (Missing parameters in docs and reflection definition). (Richard) . Fixed bug #49072 (feof never returns true for damaged file in zip). (Gustavo, Richard Quadling) 06 Jan 2011, PHP 5.3.5 -- Fixed Bug #53632 (infinite loop with x87 fpu). (CVE-2010-4645) (Scott, +- Fixed Bug #53632 (infinite loop with x87 fpu). (CVE-2010-4645) (Scott, Rasmus) 09 Dec 2010, PHP 5.3.4 @@ -1174,11 +1176,11 @@ PHP NEWS - Upgraded bundled PCRE to version 8.10. (Ilia) - Security enhancements: - . Fixed crash in zip extract method (possible CWE-170). + . Fixed crash in zip extract method (possible CWE-170). (Maksymilian Arciemowicz, Pierre) . Paths with NULL in them (foo\0bar.txt) are now considered as invalid. (Rasmus) - . Fixed a possible double free in imap extension (Identified by Mateusz + . Fixed a possible double free in imap extension (Identified by Mateusz Kocielski). (CVE-2010-4150). (Ilia) . Fixed NULL pointer dereference in ZipArchive::getArchiveComment. (CVE-2010-3709). (Maksymilian Arciemowicz) @@ -1190,23 +1192,23 @@ PHP NEWS - General improvements: . Added stat support for zip stream. (Pierre) - . Added follow_location (enabled by default) option for the http stream + . Added follow_location (enabled by default) option for the http stream support. (Pierre) . Improved support for is_link and related functions on Windows. (Pierre) . Added a 3rd parameter to get_html_translation_table. It now takes a charset hint, like htmlentities et al. (Gustavo) - + - Implemented feature requests: . Implemented FR #52348, added new constant ZEND_MULTIBYTE to detect zend multibyte at runtime. (Kalle) - . Implemented FR #52173, added functions pcntl_get_last_error() and + . Implemented FR #52173, added functions pcntl_get_last_error() and pcntl_strerror(). (nick dot telford at gmail dot com, Arnaud) . Implemented symbolic links support for open_basedir checks. (Pierre) . Implemented FR #51804, SplFileInfo::getLinkTarget on Windows. (Pierre) . Implemented FR #50692, not uploaded files don't count towards max_file_uploads limit. As a side improvement, temporary files are not opened for empty uploads and, in debug mode, 0-length uploads. (Gustavo) - + - Improved MySQLnd: . Added new character sets to mysqlnd, which are available in MySQL 5.5 (Andrey) @@ -1218,7 +1220,7 @@ PHP NEWS . Added '-t/--test' to php-fpm to check and validate FPM conf file. (fat) . Added statistics about listening socket queue length for FPM. (andrei dot nigmatulin at gmail dot com, fat) - + - Core: . Fixed extract() to do not overwrite $GLOBALS and $this when using EXTR_OVERWRITE. (jorto at redhat dot com) @@ -1232,7 +1234,7 @@ PHP NEWS . Fixed bug #53304 (quot_print_decode does not handle lower-case hex digits). (Ilia, daniel dot mueller at inexio dot net) . Fixed bug #53248 (rawurlencode RFC 3986 EBCDIC support misses tilde char). - (Justin Martin) + (Justin Martin) . Fixed bug #53226 (file_exists fails on big filenames). (Adam) . Fixed bug #53198 (changing INI setting "from" with ini_set did not have any effect). (Gustavo) @@ -1248,7 +1250,7 @@ PHP NEWS decode " if ENT_NOQUOTES is given. (Gustavo) . Fixed bug #52931 (strripos not overloaded with function overloading enabled). (Felipe) - . Fixed bug #52772 (var_dump() doesn't check for the existence of + . Fixed bug #52772 (var_dump() doesn't check for the existence of get_class_name before calling it). (Kalle, Gustavo) . Fixed bug #52534 (var_export array with negative key). (Felipe) . Fixed bug #52327 (base64_decode() improper handling of leading padding in @@ -1263,22 +1265,22 @@ PHP NEWS of reported malformed sequences). (CVE-2010-3870) (Gustavo) . Fixed bug #49407 (get_html_translation_table doesn't handle UTF-8). (Gustavo) - . Fixed bug #48831 (php -i has different output to php --ini). (Richard, + . Fixed bug #48831 (php -i has different output to php --ini). (Richard, Pierre) . Fixed bug #47643 (array_diff() takes over 3000 times longer than php 5.2.4). (Felipe) - . Fixed bug #47168 (printf of floating point variable prints maximum of 40 + . Fixed bug #47168 (printf of floating point variable prints maximum of 40 decimal places). (Ilia) . Fixed bug #46587 (mt_rand() does not check that max is greater than min). (Ilia) . Fixed bug #29085 (bad default include_path on Windows). (Pierre) . Fixed bug #25927 (get_html_translation_table calls the ' ' instead of '). (Gustavo) - + - Zend engine: . Reverted fix for bug #51176 (Static calling in non-static method behaves like $this->). (Felipe) - . Changed deprecated ini options on startup from E_WARNING to E_DEPRECATED. + . Changed deprecated ini options on startup from E_WARNING to E_DEPRECATED. (Kalle) . Fixed NULL dereference in lex_scan on zend multibyte builds where the script had a flex incompatible encoding and there was no converter. (Gustavo) @@ -1298,7 +1300,7 @@ PHP NEWS . Fixed bug #52361 (Throwing an exception in a destructor causes invalid catching). (Dmitry) . Fixed bug #51008 (Zend/tests/bug45877.phpt fails). (Dmitry) - + - Build issues: . Fixed bug #52436 (Compile error if systems do not have stdint.h) (Sriram Natarajan) @@ -1309,7 +1311,7 @@ PHP NEWS - Calendar extension: . Fixed bug #52744 (cal_days_in_month incorrect for December 1 BCE). (gpap at internet dot gr, Adam) - + - cURL extension: . Fixed bug #52828 (curl_setopt does not accept persistent streams). (Gustavo, Ilia) @@ -1317,7 +1319,7 @@ PHP NEWS (CURLOPT_STDERR)). (Gustavo) . Fixed bug #52202 (CURLOPT_PRIVATE gets corrupted). (Ilia) . Fixed bug #50410 (curl extension slows down PHP on Windows). (Pierre) - + - DateTime extension: . Fixed bug #53297 (gettimeofday implementation in php/win32/time.c can return 1 million microsecs). (ped at 7gods dot org) @@ -1346,7 +1348,7 @@ PHP NEWS . Fixed bug #53492 (fix crash if anti-aliasing steps are invalid). (Pierre) - GMP extension: - . Fixed bug #52906 (gmp_mod returns negative result when non-negative is + . Fixed bug #52906 (gmp_mod returns negative result when non-negative is expected). (Stas) . Fixed bug #52849 (GNU MP invalid version match). (Adam) @@ -1359,7 +1361,7 @@ PHP NEWS headers). (Adam) . Fixed bug #52599 (iconv output handler outputs incorrect content type when flags are used). (Ilia) - . Fixed bug #51250 (iconv_mime_decode() does not ignore malformed Q-encoded + . Fixed bug #51250 (iconv_mime_decode() does not ignore malformed Q-encoded words). (Ilia) - Intl extension: @@ -1369,7 +1371,7 @@ PHP NEWS (Stas) . Fixed bug #50590 (IntlDateFormatter::parse result is limited to the integer range). (Stas) - + - Mbstring extension: . Fixed bug #53273 (mb_strcut() returns garbage with the excessive length parameter). (CVE-2010-4156) (Mateusz Kocielski, Pierre, Moriyoshi) @@ -1378,16 +1380,16 @@ PHP NEWS with the distribution) (Gustavo). . Fixed bug #52681 (mb_send_mail() appends an extra MIME-Version header). (Adam) - + - MSSQL extension: . Fixed possible crash in mssql_fetch_batch(). (Kalle) . Fixed bug #52843 (Segfault when optional parameters are not passed in to mssql_connect). (Felipe) - + - MySQL extension: - . Fixed bug #52636 (php_mysql_fetch_hash writes long value into int). + . Fixed bug #52636 (php_mysql_fetch_hash writes long value into int). (Kalle, rein at basefarm dot no) - + - MySQLi extension: . Fixed bug #52891 (Wrong data inserted with mysqli/mysqlnd when using mysqli_stmt_bind_param and value> PHP_INT_MAX). (Andrey) @@ -1404,10 +1406,10 @@ PHP NEWS (Andrey) . Fixed bug #52221 (Misbehaviour of magic_quotes_runtime (get/set)). (Andrey) . Fixed bug #45921 (Can't initialize character set hebrew). (Andrey) - + - MySQLnd: . Fixed bug #52613 (crash in mysqlnd after hitting memory limit). (Andrey) - + - ODBC extension: - Fixed bug #52512 (Broken error handling in odbc_execute). (mkoegler at auto dot tuwien dot ac dot at) @@ -1424,11 +1426,11 @@ PHP NEWS . Fixed bug #51610 (Using oci_connect causes PHP to take a long time to exit). Requires Oracle 11.2.0.2 client libraries (or Oracle bug fix 9891199) for this patch to have an effect. (Oracle Corp.) - + - PCNTL extension: . Fixed bug #52784 (Race condition when handling many concurrent signals). (nick dot telford at gmail dot com, Arnaud) - + - PCRE extension: . Fixed bug #52971 (PCRE-Meta-Characters not working with utf-8). (Felipe) . Fixed bug #52732 (Docs say preg_match() returns FALSE on error, but it @@ -1452,27 +1454,27 @@ PHP NEWS - PDO: . Fixed bug #52699 (PDO bindValue writes long int 32bit enum). - (rein at basefarm dot no) + (rein at basefarm dot no) . Fixed bug #52487 (PDO::FETCH_INTO leaks memory). (Felipe) - + - PDO DBLib driver: . Fixed bug #52546 (pdo_dblib segmentation fault when iterating MONEY values). (Felipe) - + - PDO Firebird driver: . Restored firebird support (VC9 builds only). (Pierre) . Fixed bug #53335 (pdo_firebird did not implement rowCount()). (preeves at ibphoenix dot com) . Fixed bug #53323 (pdo_firebird getAttribute() crash). (preeves at ibphoenix dot com) - + - PDO MySQL driver: . Fixed bug #52745 (Binding params doesn't work when selecting a date inside a CASE-WHEN). (Andrey) - + - PostgreSQL extension: . Fixed bug #47199 (pg_delete() fails on NULL). (ewgraf at gmail dot com) - + - Reflection extension: . Fixed ReflectionProperty::isDefault() giving a wrong result for properties obtained with ReflectionClass::getProperties(). (Gustavo) @@ -1481,11 +1483,11 @@ PHP NEWS getProperty()). (Felipe) . Fixed bug #52854 (ReflectionClass::newInstanceArgs does not work for classes without constructors). (Johannes) - + - SOAP extension: . Fixed bug #44248 (RFC2616 transgression while HTTPS request through proxy with SoapClient object). (Dmitry) - + - SPL extension: . Fixed bug #53362 (Segmentation fault when extending SplFixedArray). (Felipe) . Fixed bug #53279 (SplFileObject doesn't initialise default CSV escape @@ -1493,7 +1495,7 @@ PHP NEWS . Fixed bug #53144 (Segfault in SplObjectStorage::removeAll()). (Felipe) . Fixed bug #53071 (SPLObjectStorage defeats gc_collect_cycles). (Gustavo) . Fixed bug #52573 (SplFileObject::fscanf Segmentation fault). (Felipe) - . Fixed bug #51763 (SplFileInfo::getType() does not work symbolic link + . Fixed bug #51763 (SplFileInfo::getType() does not work symbolic link and directory). (Pierre) . Fixed bug #50481 (Storing many SPLFixedArray in an array crashes). (Felipe) . Fixed bug #50579 (RegexIterator::REPLACE doesn't work). (Felipe) @@ -1501,7 +1503,7 @@ PHP NEWS - SQLite3 extension: . Fixed bug #53463 (sqlite3 columnName() segfaults on bad column_number). (Felipe) - + - Streams: . Fixed forward stream seeking emulation in streams that don't support seeking in situations where the read operation gives back less data than requested @@ -1520,7 +1522,7 @@ PHP NEWS - WDDX extension: . Fixed bug #52468 (wddx_deserialize corrupts integer field value when left empty). (Felipe) - + - Zlib extension: . Fixed bug #52926 (zlib fopen wrapper does not use context). (Gustavo) @@ -1528,11 +1530,11 @@ PHP NEWS - Upgraded bundled sqlite to version 3.6.23.1. (Ilia) - Upgraded bundled PCRE to version 8.02. (Ilia) -- Added support for JSON_NUMERIC_CHECK option in json_encode() that converts +- Added support for JSON_NUMERIC_CHECK option in json_encode() that converts numeric strings to integers. (Ilia) - Added stream_set_read_buffer, allows to set the buffer for read operation. (Pierre) -- Added stream filter support to mcrypt extension (ported from +- Added stream filter support to mcrypt extension (ported from mcrypt_filter). (Stas) - Added full_special_chars filter to ext/filter. (Rasmus) - Added backlog socket context option for stream_socket_server(). (Mike) @@ -1541,10 +1543,10 @@ PHP NEWS Made implicit use of NULL IV a warning. (Sara) - Added openssl_cipher_iv_length(). (Sara) - Added FastCGI Process Manager (FPM) SAPI. (Tony) -- Added recent Windows versions to php_uname and fix undefined windows +- Added recent Windows versions to php_uname and fix undefined windows version support. (Pierre) - Added Berkeley DB 5 support to the DBA extension. (Johannes, Chris Jones) -- Added support for copy to/from array/file for pdo_pgsql extension. +- Added support for copy to/from array/file for pdo_pgsql extension. (Denis Gasparin, Ilia) - Added inTransaction() method to PDO, with specialized support for Postgres. (Ilia, Denis Gasparin) @@ -1564,7 +1566,7 @@ PHP NEWS Reported by Stefan Esser. (Andrey) - Fixed very rare memory leak in mysqlnd, when binding thousands of columns. (Andrey) -- Fixed a crash when calling an inexistent method of a class that inherits +- Fixed a crash when calling an inexistent method of a class that inherits PDOStatement if instantiated directly instead of doing by the PDO methods. (Felipe) @@ -1583,15 +1585,15 @@ PHP NEWS (Dmitry) - Fixed a possible memory corruption in pack(). Reported by Stefan Esser. (Dmitry) -- Fixed a possible memory corruption in substr_replace(). Reported by Stefan +- Fixed a possible memory corruption in substr_replace(). Reported by Stefan Esser. (Dmitry) -- Fixed a possible memory corruption in addcslashes(). Reported by Stefan +- Fixed a possible memory corruption in addcslashes(). Reported by Stefan Esser. (Dmitry) -- Fixed a possible stack exhaustion inside fnmatch(). Reported by Stefan +- Fixed a possible stack exhaustion inside fnmatch(). Reported by Stefan Esser. (Ilia) - Fixed a possible dechunking filter buffer overflow. Reported by Stefan Esser. (Pierre) -- Fixed a possible arbitrary memory access inside sqlite extension. Reported +- Fixed a possible arbitrary memory access inside sqlite extension. Reported by Mateusz Kocielski. (Ilia) - Fixed string format validation inside phar extension. Reported by Stefan Esser. (Ilia) @@ -1614,7 +1616,7 @@ PHP NEWS - Fixed bug #52193 (converting closure to array yields empty array). (Felipe) - Fixed bug #52183 (Reflectionfunction reports invalid number of arguments for function aliases). (Felipe) -- Fixed bug #52162 (custom request header variables with numbers are removed). +- Fixed bug #52162 (custom request header variables with numbers are removed). (Sriram Natarajan) - Fixed bug #52160 (Invalid E_STRICT redefined constructor error). (Felipe) - Fixed bug #52138 (Constants are parsed into the ini file for section names). @@ -1626,15 +1628,15 @@ PHP NEWS - Fixed bug #52082 (character_set_client & character_set_connection reset after mysqli_change_user()). (Andrey) - Fixed bug #52043 (GD doesn't recognize latest libJPEG versions). - (php at group dot apple dot com, Pierre) + (php at group dot apple dot com, Pierre) - Fixed bug #52041 (Memory leak when writing on uninitialized variable returned from function). (Dmitry) - Fixed bug #52060 (Memory leak when passing a closure to method_exists()). (Felipe) - Fixed bug #52057 (ReflectionClass fails on Closure class). (Felipe) -- Fixed bug #52051 (handling of case sensitivity of old-style constructors +- Fixed bug #52051 (handling of case sensitivity of old-style constructors changed in 5.3+). (Felipe) -- Fixed bug #52037 (Concurrent builds fail in install-programs). (seanius at +- Fixed bug #52037 (Concurrent builds fail in install-programs). (seanius at debian dot org, Kalle) - Fixed bug #52019 (make lcov doesn't support TESTS variable anymore). (Patrick) - Fixed bug #52010 (open_basedir restrictions mismatch on vacuum command). @@ -1642,7 +1644,7 @@ PHP NEWS - Fixed bug #52001 (Memory allocation problems after using variable variables). (Dmitry) - Fixed bug #51991 (spl_autoload and *nix support with namespace). (Felipe) -- Fixed bug #51943 (AIX: Several files are out of ANSI spec). (Kalle, +- Fixed bug #51943 (AIX: Several files are out of ANSI spec). (Kalle, coreystup at gmail dot com) - Fixed bug #51911 (ReflectionParameter::getDefaultValue() memory leaks with constant array). (Felipe) @@ -1707,7 +1709,7 @@ PHP NEWS - Fixed bug #51435 (Missing ifdefs / logic bug in crypt code cause compile errors). (Felipe) - Fixed bug #51424 (crypt() function hangs after 3rd call). (Pierre, Sriram) -- Fixed bug #51394 (Error line reported incorrectly if error handler throws an +- Fixed bug #51394 (Error line reported incorrectly if error handler throws an exception). (Stas) - Fixed bug #51393 (DateTime::createFromFormat() fails if format string contains timezone). (Adam) @@ -1726,15 +1728,15 @@ PHP NEWS - Fixed bug #51242 (Empty mysql.default_port does not default to 3306 anymore, but 0). (Adam) - Fixed bug #51237 (milter SAPI crash on startup). (igmar at palsenberg dot com) -- Fixed bug #51213 (pdo_mssql is trimming value of the money column). (Ilia, +- Fixed bug #51213 (pdo_mssql is trimming value of the money column). (Ilia, alexr at oplot dot com) -- Fixed bug #51190 (ftp_put() returns false when transfer was successful). +- Fixed bug #51190 (ftp_put() returns false when transfer was successful). (Ilia) - Fixed bug #51183 (ext/date/php_date.c fails to compile with Sun Studio). (Sriram Natarajan) - Fixed bug #51176 (Static calling in non-static method behaves like $this->). (Felipe) -- Fixed bug #51171 (curl_setopt() doesn't output any errors or warnings when +- Fixed bug #51171 (curl_setopt() doesn't output any errors or warnings when an invalid option is provided). (Ilia) - Fixed bug #51128 (imagefill() doesn't work with large images). (Pierre) - Fixed bug #51096 ('last day' and 'first day' are handled incorrectly when @@ -1754,7 +1756,7 @@ PHP NEWS if defined in WSDL). (mephius at gmail dot com) - Fixed bug #50731 (Inconsistent namespaces sent to functions registered with spl_autoload_register). (Felipe) -- Fixed bug #50563 (removing E_WARNING from parse_url). (ralph at smashlabs dot +- Fixed bug #50563 (removing E_WARNING from parse_url). (ralph at smashlabs dot com, Pierre) - Fixed bug #50578 (incorrect shebang in phar.phar). (Fedora at FamilleCollet dot com) @@ -1803,7 +1805,7 @@ PHP NEWS (vincent at optilian dot com) - Fixed bug #43233 (sasl support for ldap on Windows). (Pierre) - Fixed bug #35673 (formatOutput does not work with saveHTML). (Rob) -- Fixed bug #33210 (getimagesize() fails to detect width/height on certain +- Fixed bug #33210 (getimagesize() fails to detect width/height on certain JPEGs). (Ilia) 04 Mar 2010, PHP 5.3.2 @@ -1826,7 +1828,7 @@ PHP NEWS setting it to 0. (Rasmus) - Changed tidyNode class to disallow manual node creation. (Pierrick) -- Removed automatic file descriptor unlocking happening on shutdown and/or +- Removed automatic file descriptor unlocking happening on shutdown and/or stream close (on all OSes). (Tony, Ilia) - Added libpng 1.4.0 support. (Pierre) @@ -1884,7 +1886,7 @@ PHP NEWS versions). (Derick) - Fixed bug #50907 (X-PHP-Originating-Script adding two new lines in *NIX). (Ilia) -- Fixed bug #50859 (build fails with openssl 1.0 due to md2 deprecation). +- Fixed bug #50859 (build fails with openssl 1.0 due to md2 deprecation). (Ilia, hanno at hboeck dot de) - Fixed bug #50847 (strip_tags() removes all tags greater then 1023 bytes long). (Ilia) @@ -1919,7 +1921,7 @@ PHP NEWS and DomDocument). (Dmitry) - Fixed bug #50508 (compile failure: Conflicting HEADER type declarations). (Jani) -- Fixed bug #50496 (Use of is valid only in a c99 compilation +- Fixed bug #50496 (Use of is valid only in a c99 compilation environment. (Sriram) - Fixed bug #50464 (declare encoding doesn't work within an included file). (Felipe) @@ -1941,7 +1943,7 @@ PHP NEWS (Ilia, Pierrick) - Fixed bug #50285 (xmlrpc does not preserve keys in encoded indexed arrays). (Felipe) -- Fixed bug #50282 (xmlrpc_encode_request() changes object into array in +- Fixed bug #50282 (xmlrpc_encode_request() changes object into array in calling function). (Felipe) - Fixed bug #50267 (get_browser(null) does not use HTTP_USER_AGENT). (Jani) - Fixed bug #50266 (conflicting types for llabs). (Jani) @@ -1961,7 +1963,7 @@ PHP NEWS (tcallawa at redhat dot com) - Fixed bug #50207 (segmentation fault when concatenating very large strings on 64bit linux). (Ilia) -- Fixed bug #50196 (stream_copy_to_stream() produces warning when source is +- Fixed bug #50196 (stream_copy_to_stream() produces warning when source is not file). (Stas) - Fixed bug #50195 (pg_copy_to() fails when table name contains schema. (Ilia) - Fixed bug #50185 (ldap_get_entries() return false instead of an empty array @@ -1989,7 +1991,7 @@ PHP NEWS - Fixed bug #49990 (SNMP3 warning message about security level printed twice). (Jani) - Fixed bug #49985 (pdo_pgsql prepare() re-use previous aborted - transaction). (ben dot pineau at gmail dot com, Ilia, Matteo) + transaction). (ben dot pineau at gmail dot com, Ilia, Matteo) - Fixed bug #49938 (Phar::isBuffering() returns inverted value). (Greg) - Fixed bug #49936 (crash with ftp stream in php_stream_context_get_option()). (Pierrick) @@ -1997,7 +1999,7 @@ PHP NEWS - Fixed bug #49866 (Making reference on string offsets crashes PHP). (Dmitry) - Fixed bug #49855 (import_request_variables() always returns NULL). (Ilia, sjoerd at php dot net) -- Fixed bug #49851, #50451 (http wrapper breaks on 1024 char long headers). +- Fixed bug #49851, #50451 (http wrapper breaks on 1024 char long headers). (Ilia) - Fixed bug #49800 (SimpleXML allow (un)serialize() calls without warning). (Ilia, wmeler at wp-sa dot pl) @@ -2047,7 +2049,7 @@ PHP NEWS - Upgraded bundled sqlite to version 3.6.19. (Scott) - Updated timezone database to version 2009.17 (2009q). (Derick) -- Changed ini file directives [PATH=](on Win32) and [HOST=](on all) to be case +- Changed ini file directives [PATH=](on Win32) and [HOST=](on all) to be case insensitive. (garretts) - Restored shebang line check to CGI sapi (not checked by scanner anymore). @@ -2062,7 +2064,7 @@ PHP NEWS - Added support for ACL on Windows for thread safe SAPI (Apache2 for example) and fix its support on NTS. (Pierre) -- Improved symbolic, mounted volume and junctions support for realpath on +- Improved symbolic, mounted volume and junctions support for realpath on Windows. (Pierre) - Improved readlink on Windows, suppress \??\ and use the drive syntax only. (Pierre) @@ -2074,9 +2076,9 @@ PHP NEWS API. (Scott) - Fixed crash in com_print_typeinfo when an invalid typelib is given. (Pierre) -- Fixed a safe_mode bypass in tempnam() identified by Grzegorz Stachowiak. +- Fixed a safe_mode bypass in tempnam() identified by Grzegorz Stachowiak. (Rasmus) -- Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz +- Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz Stachowiak. (Rasmus) - Fixed certificate validation inside php_openssl_apply_verification_policy (Ryan Sleevi, Ilia) @@ -2098,7 +2100,7 @@ PHP NEWS (Maksymilian Arciemowicz, Stas) - Fixed signature generation/validation for zip archives in ext/phar. (Greg) - Fixed memory leak in stream_is_local(). (Felipe, Tony) -- Fixed BC break in mime_content_type(), removes the content encoding. (Scott) +- Fixed BC break in mime_content_type(), removes the content encoding. (Scott) - Fixed PECL bug #16842 (oci_error return false when NO_DATA_FOUND is raised). (Chris Jones) @@ -2131,7 +2133,7 @@ PHP NEWS fclose). (Ilia) - Fixed bug #49470 (FILTER_SANITIZE_EMAIL allows disallowed characters). (Ilia) -- Fixed bug #49447 (php engine need to correctly check for socket API +- Fixed bug #49447 (php engine need to correctly check for socket API return status on windows). (Sriram Natarajan) - Fixed bug #49391 (ldap.c utilizing deprecated ldap_modify_s). (Ilia) - Fixed bug #49372 (segfault in php_curl_option_curl). (Pierre) @@ -2166,7 +2168,7 @@ PHP NEWS - Fixed bug #49074 (private class static fields can be modified by using reflection). (Jani) - Fixed bug #49072 (feof never returns true for damaged file in zip). (Pierre) -- Fixed bug #49065 ("disable_functions" php.ini option does not work on +- Fixed bug #49065 ("disable_functions" php.ini option does not work on Zend extensions). (Stas) - Fixed bug #49064 (--enable-session=shared does not work: undefined symbol: php_url_scanner_reset_vars). (Jani) @@ -2189,7 +2191,7 @@ PHP NEWS in a chunk). (andreas dot streichardt at globalpark dot com, Ilia) - Fixed bug #49012 (phar tar signature algorithm reports as Unknown (0) in getSignature() call). (Greg) -- Fixed bug #49000 (PHP CLI in Interactive mode (php -a) crashes +- Fixed bug #49000 (PHP CLI in Interactive mode (php -a) crashes when including files from function). (Stas) - Fixed bug #48994 (zlib.output_compression does not output HTTP headers when set to a string value). (Jani) @@ -2218,10 +2220,10 @@ PHP NEWS - Fixed bug #48783 (make install will fail saying phar file exists). (Greg) - Fixed bug #48774 (SIGSEGVs when using curl_copy_handle()). (Sriram Natarajan) -- Fixed bug #48771 (rename() between volumes fails and reports no error on +- Fixed bug #48771 (rename() between volumes fails and reports no error on Windows). (Pierre) - Fixed bug #48768 (parse_ini_*() crash with INI_SCANNER_RAW). (Jani) -- Fixed bug #48763 (ZipArchive produces corrupt archive). (dani dot church at +- Fixed bug #48763 (ZipArchive produces corrupt archive). (dani dot church at gmail dot com, Pierre) - Fixed bug #48762 (IPv6 address filter still rejects valid address). (Felipe) - Fixed bug #48757 (ReflectionFunction::invoke() parameter issues). (Kalle) @@ -2238,7 +2240,7 @@ PHP NEWS files that have been opened with r+). (Ilia) - Fixed bug #48719 (parse_ini_*(): scanner_mode parameter is not checked for sanity). (Jani) -- Fixed bug #48718 (FILTER_VALIDATE_EMAIL does not allow numbers in domain +- Fixed bug #48718 (FILTER_VALIDATE_EMAIL does not allow numbers in domain components). (Ilia) - Fixed bug #48681 (openssl signature verification for tar archives broken). (Greg) @@ -2261,7 +2263,7 @@ PHP NEWS - Fixed bug #48189 (ibase_execute error in return param). (Kalle) - Fixed bug #48182 (ssl handshake fails during asynchronous socket connection). (Sriram Natarajan) -- Fixed bug #48116 (Fixed build with Openssl 1.0). (Pierre, +- Fixed bug #48116 (Fixed build with Openssl 1.0). (Pierre, Al dot Smith at aeschi dot ch dot eu dot org) - Fixed bug #48057 (Only the date fields of the first row are fetched, others are empty). (info at programmiernutte dot net) @@ -2286,10 +2288,10 @@ PHP NEWS com, Kalle) - Fixed bug #40013 (php_uname() does not return nodename on Netware (Guenter Knauf) -- Fixed bug #38091 (Mail() does not use FQDN when sending SMTP helo). +- Fixed bug #38091 (Mail() does not use FQDN when sending SMTP helo). (Kalle, Rick Yorgason) - Fixed bug #28038 (Sent incorrect RCPT TO commands to SMTP server) (Garrett) -- Fixed bug #27051 (Impersonation with FastCGI does not exec process as +- Fixed bug #27051 (Impersonation with FastCGI does not exec process as impersonated user). (Pierre) @@ -2413,17 +2415,17 @@ PHP NEWS value. (Hannes) - Improved Windows support: - . Update all libraries to their latest stable version. (Pierre, Rob, Liz, + . Update all libraries to their latest stable version. (Pierre, Rob, Liz, Garrett). . Added Windows support for stat(), touch(), filemtime(), filesize() and related functions. (Pierre) . Re-added socket_create_pair() for Windows in sockets extension. (Kalle) - . Added inet_pton() and inet_ntop() also for Windows platforms. + . Added inet_pton() and inet_ntop() also for Windows platforms. (Kalle, Pierre) . Added mcrypt_create_iv() for Windows platforms. (Pierre) . Added ACL Cache support on Windows. (Kanwaljeet Singla, Pierre, Venkat Raman Don) - . Added constants based on Windows' GetVersionEx information. + . Added constants based on Windows' GetVersionEx information. PHP_WINDOWS_VERSION_* and PHP_WINDOWS_NT_*. (Pierre) . Added support for ACL (is_writable, is_readable, reports now correct results) on Windows. (Pierre, Venkat Raman Don, Kanwaljeet Singla) @@ -2611,7 +2613,7 @@ PHP NEWS DateInterval on each iteration, up to an end date or limited by maximum number of occurences. -- Added compatibility mode in GD, imagerotate, image(filled)ellipse +- Added compatibility mode in GD, imagerotate, image(filled)ellipse imagefilter, imageconvolution and imagecolormatch are now always enabled. (Pierre) - Added array_replace() and array_replace_recursive() functions. (Matt) @@ -2653,12 +2655,12 @@ PHP NEWS - Added support for CP850 encoding in mbstring extension. (Denis Giffeler, Moriyoshi) - Added stream_cast() and stream_set_options() to user-space stream wrappers, - allowing stream_select(), stream_set_blocking(), stream_set_timeout() and + allowing stream_select(), stream_set_blocking(), stream_set_timeout() and stream_set_write_buffer() to work with user-space stream wrappers. (Arnaud) - Added header_remove() function. (chsc at peytz dot dk, Arnaud) - Added stream_context_get_params() function. (Arnaud) - Added optional parameter "new" to sybase_connect(). (Timm) -- Added parse_ini_string() function. (grange at lemonde dot fr, Arnaud) +- Added parse_ini_string() function. (grange at lemonde dot fr, Arnaud) - Added str_getcsv() function. (Sara) - Added openssl_random_pseudo_bytes() function. (Scott) - Added ability to send user defined HTTP headers with SOAP request. @@ -2735,7 +2737,7 @@ PHP NEWS prepending functions). (Scott) - Fixed bug #48215 (Calling a method with the same name as the parent class calls the constructor). (Scott) -- Fixed bug #48200 (compile failure with mbstring.c when +- Fixed bug #48200 (compile failure with mbstring.c when --enable-zend-multibyte is used). (Jani) - Fixed bug #48188 (Cannot execute a scrollable cursors twice with PDO_PGSQL). (Matteo) @@ -2867,7 +2869,7 @@ PHP NEWS - Fixed bug #46042 (memory leaks with reflection of mb_convert_encoding()). (Ilia) - Fixed bug #46039 (ArrayObject iteration is slow). (Arnaud) -- Fixed bug #46033 (Direct instantiation of SQLite3stmt and SQLite3result cause +- Fixed bug #46033 (Direct instantiation of SQLite3stmt and SQLite3result cause a segfault.) (Scott) - Fixed bug #45991 (Ini files with the UTF-8 BOM are treated as invalid). (Scott) @@ -2943,7 +2945,7 @@ PHP NEWS - Added support for Sun CC (FR #46595 and FR #46513). (David Soria Parra) - Changed default value of array_unique()'s optional sorting type parameter - back to SORT_STRING to fix backwards compatibility breakage introduced in + back to SORT_STRING to fix backwards compatibility breakage introduced in PHP 5.2.9. (Moriyoshi) - Fixed memory corruptions while reading properties of zip files. (Ilia) @@ -2976,7 +2978,7 @@ PHP NEWS files). (Pierre) - Fixed bug #48359 (Script hangs on snmprealwalk if OID is not increasing). (Ilia, simonov at gmail dot com) -- Fixed bug #48336 (ReflectionProperty::getDeclaringClass() does not work +- Fixed bug #48336 (ReflectionProperty::getDeclaringClass() does not work with redeclared property). (patch by Markus dot Lidel at shadowconnect dot com) - Fixed bug #48326 (constant MSG_DONTWAIT not defined). (Arnaud) @@ -3021,7 +3023,7 @@ PHP NEWS - Fixed bug #47969 (ezmlm_hash() returns different values depend on OS). (Ilia) - Fixed bug #47946 (ImageConvolution overwrites background). (Ilia) - Fixed bug #47940 (memory leaks in imap_body). (Pierre, Jake Levitt) -- Fixed bug #47937 (system() calls sapi_flush() regardless of output +- Fixed bug #47937 (system() calls sapi_flush() regardless of output buffering). (Ilia) - Fixed bug #47903 ("@" operator does not work with string offsets). (Felipe) - Fixed bug #47893 (CLI aborts on non blocking stdout). (Arnaud) @@ -3095,7 +3097,7 @@ PHP NEWS - Fixed bug #45092 (header HTTP context option not being used when compiled using --with-curlwrappers). (Jani) - Fixed bug #44996 (xmlrpc_decode() ignores time zone on iso8601.datetime). - (Ilia, kawai at apache dot org) + (Ilia, kawai at apache dot org) - Fixed bug #44827 (define() is missing error checks for class constants). (Ilia) - Fixed bug #44214 (Crash using preg_replace_callback() and global variables). @@ -3120,7 +3122,7 @@ PHP NEWS - Added optional sorting type flag parameter to array_unique(). Default is SORT_REGULAR. (Andrei) -- Fixed a crash on extract in zip when files or directories entry names contain +- Fixed a crash on extract in zip when files or directories entry names contain a relative path. (Pierre) - Fixed error conditions handling in stream_filter_append(). (Arnaud) - Fixed zip filename property read. (Pierre) @@ -3222,11 +3224,11 @@ PHP NEWS - Added logging option for error_log to send directly to SAPI. (Stas) - Added PHP_MAJOR_VERSION, PHP_MINOR_VERSION, PHP_RELEASE_VERSION, PHP_EXTRA_VERSION, PHP_VERSION_ID, PHP_ZTS and PHP_DEBUG constants. (Pierre) -- Added "PHP_INI_SCAN_DIR" environment variable which can be used to +- Added "PHP_INI_SCAN_DIR" environment variable which can be used to either disable or change the compile time ini scan directory (FR #45114). (Jani) -- Fixed missing initialization of BG(page_uid) and BG(page_gid), +- Fixed missing initialization of BG(page_uid) and BG(page_gid), reported by Maksymilian Arciemowicz. (Stas) - Fixed memory leak inside sqlite_create_aggregate(). (Felipe) - Fixed memory leak inside PDO sqlite's sqliteCreateAggregate() method. @@ -3242,7 +3244,7 @@ PHP NEWS - Fixed a bug inside dba_replace() that could cause file truncation withinvalid keys. (Ilia) - Fixed memory leak inside readline_callback_handler_install() function.(Ilia) -- Fixed memory leak inside readline_completion_function() function. (Felipe) +- Fixed memory leak inside readline_completion_function() function. (Felipe) - Fixed stream_get_contents() when using $maxlength and socket is notclosed. indeyets [at] php [dot] net on #46049. (Arnaud) - Fixed stream_get_line() to behave as documented on non-blocking streams. @@ -3371,7 +3373,7 @@ PHP NEWS - Fixed bug #45765 (ReflectionObject with default parameters of self::xxx cause an error). (Felipe) - Fixed bug #45751 (Using auto_prepend_file crashes (out of scope stack address - use)). (basant dot kukreja at sun dot com) + use)). (basant dot kukreja at sun dot com) - Fixed bug #45722 (mb_check_encoding() crashes). (Moriyoshi) - Fixed bug #45705 (rfc822_parse_adrlist() modifies passed address parameter). (Jani) @@ -3521,7 +3523,7 @@ PHP NEWS 01 May 2008, PHP 5.2.6 - Fixed two possible crashes inside posix extension (Tony) -- Fixed incorrect heredoc handling when label is used within the block. +- Fixed incorrect heredoc handling when label is used within the block. (Matt) - Fixed possible stack buffer overflow in FastCGI SAPI. (Andrei Nigmatulin) - Fixed sending of uninitialized paddings which may contain some information. (Andrei Nigmatulin) diff --git a/UPGRADING b/UPGRADING index 00acc27423..17873b339c 100755 --- a/UPGRADING +++ b/UPGRADING @@ -30,7 +30,7 @@ UPGRADE NOTES - PHP 5.4 ======================================== - The default_charset setting now defaults to UTF-8. - It was ISO-88590-1 before, so if you were relying + It was ISO-88590-1 before, so if you were relying on the default, you will need to add: default_charset = iso-8859-1 @@ -49,7 +49,7 @@ UPGRADE NOTES - PHP 5.4 to your php.ini to preserve pre-PHP5.4 behavior. -- Deprecated ini directives will now throw an E_CORE_WARNING's +- Deprecated ini directives will now throw an E_CORE_WARNING's instead of the previous E_WARNING's. The following directives are marked as deprecated: @@ -57,8 +57,8 @@ UPGRADE NOTES - PHP 5.4 - magic_quotes_runtime - magic_quotes_sybase -- The following directives, which indicates a removed feature - in PHP will now throw an E_CORE_ERROR upon startup like the +- The following directives, which indicates a removed feature + in PHP will now throw an E_CORE_ERROR upon startup like the deprecation warnings. The following directives are no longer available: @@ -78,7 +78,7 @@ UPGRADE NOTES - PHP 5.4 - the following new directives were added - max_input_vars - specifies how many GET/POST/COOKIE input variables may be - accepted. default value 1000. + accepted. default value 1000. ============================= 2. Reserved words and classes @@ -101,7 +101,7 @@ UPGRADE NOTES - PHP 5.4 { public function __construct($bar) {} } - + Now emits a Fatal error due the incompatible declaration. - In previous versions, names of superglobals could be used for parameter @@ -118,12 +118,18 @@ UPGRADE NOTES - PHP 5.4 $test = new StdClass; $test->baz = 1; -- Converting array to string now will cause E_NOTICE warning. +- Converting array to string now will cause E_NOTICE warning. + +- Chained string offsets - e.g. $a[0][0] where $a is a string - now work. -- Chained string offsets - e.g. $a[0][0] where $a is a string - now work, which -means isset($a['foo']['bar']) now will return true due to automatic type conversion. +- Non-numeric string offsets - e.g. $a['foo'] where $a is a string - now return + false on isset() and true on empty(), and produce warning if trying to use them. + Offsets of types double, bool and null produce notice. Numeric strings ($a['2']) + still work as before. + Note that offsets like '12.3' and '5 and a half' are considered non-numeric + and produce warning, but are converted to 12 and 5 respectively for BC reasons. -- Changed E_ALL to include E_STRICT. +- Changed E_ALL to include E_STRICT. - Closures now support scopes and $this and can be rebound to objects using Closure::bind() and Closure::bindTo(). @@ -133,7 +139,7 @@ means isset($a['foo']['bar']) now will return true due to automatic type convers - which shows information of the +- Added command line option --rz which shows information of the named Zend extension. - PHP-FPM now supports syslog value for error_log. @@ -400,10 +406,10 @@ means isset($a['foo']['bar']) now will return true due to automatic type convers 11. Changes in INI directives ============================= -- Recommended production value for error_reporting changed to +- Recommended production value for error_reporting changed to E_ALL & ~E_DEPRECATED & ~E_STRICT. -- Added session.upload_progress.enabled, session.upload_progress.cleanup, - session.upload_progress.prefix, session.upload_progress.name, +- Added session.upload_progress.enabled, session.upload_progress.cleanup, + session.upload_progress.prefix, session.upload_progress.name, session.upload_progress.freq, session.upload_progress.min_freq. - Added zend.multibyte directive as a replacement of PHP compile time configuration option --enable-zend-multibyte. Now ZE always contains code for @@ -418,7 +424,7 @@ means isset($a['foo']['bar']) now will return true due to automatic type convers three times. - A new directive, called windows_show_crt_warning, has been introduced. This directive shows the CRT warnings when enabled. These warnings were - displayed by default until now. It is disabled by default. + displayed by default until now. It is disabled by default. - Added cli.pager php.ini setting to set a pager for CLI output. - Added cli.prompt php.ini setting to configure the CLI shell prompt. - Added process.max to control the number of process FPM can fork. @@ -434,12 +440,12 @@ means isset($a['foo']['bar']) now will return true due to automatic type convers } class CanIGetHello { - use HelloWorld; + use HelloWorld; } - + $hello = new CanIGetHello(); $hello->sayHello(); - + - Function call result array access: e.g. foo()[0] @@ -464,17 +470,17 @@ means isset($a['foo']['bar']) now will return true due to automatic type convers - $str[1][0] where $str is a string is now a legal construct. -- Anonymous functions now support using $this and class scope. +- Anonymous functions now support using $this and class scope. Anonymous function can be declared as "static" to ignore the scope. - Class::{expr}() syntax is now supported: - class A { - static function foo() { + class A { + static function foo() { echo "Hello world!\n"; } - } - $x = "f"; - $y = "o"; + } + $x = "f"; + $y = "o"; A::{$x.$y.$y}(); - Class member access on instantiation: @@ -486,7 +492,7 @@ means isset($a['foo']['bar']) now will return true due to automatic type convers 13. Windows support =================== -- is_link now works properly for symbolic links on Windows Vista +- is_link now works properly for symbolic links on Windows Vista or later. Earlier systems do not support symbolic links. =================== @@ -513,22 +519,22 @@ means isset($a['foo']['bar']) now will return true due to automatic type convers - transliterator_get_error_message() - transliterator_list_ids() - transliterator_transliterate() - + - LDAP: - ldap_control_paged_results() - ldap_control_paged_results_response() - libxml: - libxml_set_external_entity_loader() - + - mysqli: - mysqli_error_list() - mysqli_stmt_error_list() - + - Session: - session_register_shutdown() - session_status() - + - SPL - class_uses() @@ -627,17 +633,17 @@ means isset($a['foo']['bar']) now will return true due to automatic type convers - Reflection: - ReflectionZendExtension - + - Intl: - Transliterator - Spoofchecker - + - JSON: - JsonSerializable - - Session: + - Session: - SessionHandler - + - SNMP: - SNMP @@ -647,9 +653,9 @@ means isset($a['foo']['bar']) now will return true due to automatic type convers d. New methods - - Closure: + - Closure: - Closure::bind() - - Closure::bindTo() + - Closure::bindTo() - Reflection: - ReflectionClass::getTraitAliases() @@ -714,5 +720,5 @@ means isset($a['foo']['bar']) now will return true due to automatic type convers - joaat - - + + diff --git a/Zend/tests/bug31098.phpt b/Zend/tests/bug31098.phpt index 3038636bab..23cec9bbf4 100644 --- a/Zend/tests/bug31098.phpt +++ b/Zend/tests/bug31098.phpt @@ -17,7 +17,7 @@ var_dump(isset($a['b'])); $simpleString = "Bogus String Text"; echo isset($simpleString->wrong)?"bug\n":"ok\n"; -echo isset($simpleString["wrong"])?"ok\n":"bug\n"; +echo isset($simpleString["wrong"])?"bug\n":"ok\n"; echo isset($simpleString[-1])?"bug\n":"ok\n"; echo isset($simpleString[0])?"ok\n":"bug\n"; echo isset($simpleString["0"])?"ok\n":"bug\n"; @@ -34,8 +34,8 @@ bool(false) bool(false) bool(false) bool(false) -bool(true) -bool(true) +bool(false) +bool(false) ok ok ok @@ -44,8 +44,12 @@ ok ok ok -Notice: Trying to get property of non-object in %sbug31098.php on line %d -ok +Notice: Trying to get property of non-object in %s on line %d ok + +Warning: Illegal string offset 'wrong' in %s on line %d ok ok + +Warning: Illegal string offset 'wrong' in %s on line %d +ok \ No newline at end of file diff --git a/Zend/tests/bug39018.phpt b/Zend/tests/bug39018.phpt index 1c67eb2989..e1968ad041 100644 --- a/Zend/tests/bug39018.phpt +++ b/Zend/tests/bug39018.phpt @@ -6,7 +6,7 @@ Bug #39018 (Error control operator '@' fails to suppress "Uninitialized string o error_reporting(E_ALL); $a = 'foo'; -$a[11111111111]; +$a[111111111111111111111]; $a = ''; @@ -62,31 +62,42 @@ print "\nDone\n"; ?> --EXPECTF-- +Notice: String offset cast occured in %s on line %d -Notice: Uninitialized string offset: %i in %s on line 6 +Notice: Uninitialized string offset: 0 in %s on line %d -Notice: Uninitialized string offset: 0 in %s on line 10 +Notice: Uninitialized string offset: 0 in %s on line %d -Notice: Uninitialized string offset: 0 in %s on line 12 +Notice: String offset cast occured in %s on line %d -Notice: Uninitialized string offset: %i in %s on line 14 +Notice: Uninitialized string offset: %i in %s on line %d -Notice: Uninitialized string offset: %i in %s on line 16 +Notice: String offset cast occured in %s on line %d -Notice: Uninitialized string offset: 0 in %s on line 18 +Notice: Uninitialized string offset: %i in %s on line %d -Notice: Uninitialized string offset: 4 in %s on line 28 +Notice: Uninitialized string offset: 0 in %s on line %d -Notice: Uninitialized string offset: 4 in %s on line 34 +Notice: Uninitialized string offset: 4 in %s on line %d -Notice: Uninitialized string offset: 4 in %s on line 38 +Notice: Uninitialized string offset: 4 in %s on line %d -Notice: Uninitialized string offset: 4 in %s on line 42 +Notice: Uninitialized string offset: 4 in %s on line %d -Notice: Uninitialized string offset: 4 in %s on line 46 +Notice: Uninitialized string offset: 4 in %s on line %d -Notice: Uninitialized string offset: 12 in %s on line 50 +Notice: Uninitialized string offset: 4 in %s on line %d -Notice: Uninitialized string offset: 12 in %s on line 52 +Notice: String offset cast occured in %s on line %d + +Notice: Uninitialized string offset: 12 in %s on line %d + +Notice: String offset cast occured in %s on line %d + +Notice: Uninitialized string offset: 12 in %s on line %d + +Notice: String offset cast occured in %s on line %d + +Notice: String offset cast occured in %s on line %d b Done diff --git a/Zend/tests/bug39304.phpt b/Zend/tests/bug39304.phpt index ea068df75d..8303b82573 100755 --- a/Zend/tests/bug39304.phpt +++ b/Zend/tests/bug39304.phpt @@ -7,10 +7,10 @@ Bug #39304 (Segmentation fault with list unpacking of string offset) echo "I am alive"; ?> --EXPECTF-- -Notice: Uninitialized string offset: 0 in %sbug39304.php on line 3 +Notice: Uninitialized string offset: 0 in %sbug39304.php on line %d -Notice: Uninitialized string offset: 1 in %sbug39304.php on line 3 +Notice: Uninitialized string offset: 1 in %sbug39304.php on line %d -Notice: Uninitialized string offset: 0 in %sbug39304.php on line 3 +Notice: Uninitialized string offset: 0 in %sbug39304.php on line %d I am alive diff --git a/Zend/tests/bug39304_2_4.phpt b/Zend/tests/bug39304_2_4.phpt index e4863d6fcb..b0e6ddc72c 100644 --- a/Zend/tests/bug39304_2_4.phpt +++ b/Zend/tests/bug39304_2_4.phpt @@ -9,10 +9,10 @@ Bug #39304 (Segmentation fault with list unpacking of string offset) var_dump($a,$b); ?> --EXPECTF-- -Notice: Uninitialized string offset: 0 in %sbug39304_2_4.php on line 3 +Notice: Uninitialized string offset: 0 in %sbug39304_2_4.php on line %d -Notice: Uninitialized string offset: 1 in %sbug39304_2_4.php on line 3 +Notice: Uninitialized string offset: 1 in %sbug39304_2_4.php on line %d -Notice: Uninitialized string offset: 0 in %sbug39304_2_4.php on line 3 +Notice: Uninitialized string offset: 0 in %sbug39304_2_4.php on line %d string(0) "" string(0) "" diff --git a/Zend/tests/bug54262.phpt b/Zend/tests/bug54262.phpt index 1b9d3513cc..17a6ea6381 100644 --- a/Zend/tests/bug54262.phpt +++ b/Zend/tests/bug54262.phpt @@ -9,7 +9,7 @@ $simpleString["wrong"] = "f"; echo "ok\n"; ?> --EXPECTF-- -bool(true) +bool(false) Warning: Attempt to modify property of non-object in %sbug54262.php on line 4 diff --git a/Zend/tests/bug60362.phpt b/Zend/tests/bug60362.phpt new file mode 100644 index 0000000000..e8d16ea4cb --- /dev/null +++ b/Zend/tests/bug60362.phpt @@ -0,0 +1,74 @@ +--TEST-- +Bug #60362: non-existent sub-sub keys should not have values +--FILE-- + 'foz'); + +if (isset($arr['exists']['non_existent'])) { + echo "sub-key 'non_existent' is set: "; + var_dump($arr['exists']['non_existent']); +} else { + echo "sub-key 'non_existent' is not set.\n"; +} +if (isset($arr['exists'][1])) { + echo "sub-key 1 is set: "; + var_dump($arr['exists'][1]); +} else { + echo "sub-key 1 is not set.\n"; +} + +echo "-------------------\n"; +if (isset($arr['exists']['non_existent']['sub_sub'])) { + echo "sub-key 'sub_sub' is set: "; + var_dump($arr['exists']['non_existent']['sub_sub']); +} else { + echo "sub-sub-key 'sub_sub' is not set.\n"; +} +if (isset($arr['exists'][1][0])) { + echo "sub-sub-key 0 is set: "; + var_dump($arr['exists'][1][0]); +} else { + echo "sub-sub-key 0 is not set.\n"; +} + +echo "-------------------\n"; +if (empty($arr['exists']['non_existent'])) { + echo "sub-key 'non_existent' is empty.\n"; +} else { + echo "sub-key 'non_existent' is not empty: "; + var_dump($arr['exists']['non_existent']); +} +if (empty($arr['exists'][1])) { + echo "sub-key 1 is empty.\n"; +} else { + echo "sub-key 1 is not empty: "; + var_dump($arr['exists'][1]); +} + +echo "-------------------\n"; +if (empty($arr['exists']['non_existent']['sub_sub'])) { + echo "sub-sub-key 'sub_sub' is empty.\n"; +} else { + echo "sub-sub-key 'sub_sub' is not empty: "; + var_dump($arr['exists']['non_existent']['sub_sub']); +} +if (empty($arr['exists'][1][0])) { + echo "sub-sub-key 0 is empty.\n"; +} else { + echo "sub-sub-key 0 is not empty: "; + var_dump($arr['exists'][1][0]); +} +echo "DONE"; +--EXPECT-- +sub-key 'non_existent' is not set. +sub-key 1 is set: string(1) "o" +------------------- +sub-sub-key 'sub_sub' is not set. +sub-sub-key 0 is set: string(1) "o" +------------------- +sub-key 'non_existent' is empty. +sub-key 1 is not empty: string(1) "o" +------------------- +sub-sub-key 'sub_sub' is empty. +sub-sub-key 0 is not empty: string(1) "o" +DONE diff --git a/Zend/tests/empty_str_offset.phpt b/Zend/tests/empty_str_offset.phpt new file mode 100644 index 0000000000..09e8d010ff --- /dev/null +++ b/Zend/tests/empty_str_offset.phpt @@ -0,0 +1,91 @@ +--TEST-- +Testing empty() with string offsets +--FILE-- + +--EXPECTF-- +- empty --- +bool(true) +bool(false) +bool(false) +bool(true) +bool(false) +bool(true) +bool(true) +- string --- +bool(true) +bool(false) +bool(false) +bool(true) +bool(true) +bool(true) + +Notice: A non well formed numeric value encountered in %s line %d +bool(false) +- bool --- +bool(false) +bool(false) +bool(true) +- null --- +bool(false) +- double --- +bool(true) +bool(false) +bool(false) +bool(false) +bool(false) +bool(false) +bool(true) +- array --- +bool(true) +bool(true) +- object --- +bool(true) +- resource --- +bool(true) +done diff --git a/Zend/tests/indexing_001.phpt b/Zend/tests/indexing_001.phpt index 83c2c8d528..0e466ab8ce 100644 --- a/Zend/tests/indexing_001.phpt +++ b/Zend/tests/indexing_001.phpt @@ -71,6 +71,8 @@ array(1) { } } +Warning: Illegal string offset 'foo' in %s on line %d + Notice: Array to string conversion in %s on line %d string(1) "A" diff --git a/Zend/tests/isset_str_offset.phpt b/Zend/tests/isset_str_offset.phpt new file mode 100644 index 0000000000..66b025ccec --- /dev/null +++ b/Zend/tests/isset_str_offset.phpt @@ -0,0 +1,91 @@ +--TEST-- +Testing isset with string offsets +--FILE-- + +--EXPECTF-- +- isset --- +bool(false) +bool(true) +bool(true) +bool(true) +bool(true) +bool(false) +bool(false) +- string --- +bool(false) +bool(true) +bool(true) +bool(true) +bool(false) +bool(false) + +Notice: A non well formed numeric value encountered in %s line %d +bool(true) +- bool --- +bool(true) +bool(true) +bool(false) +- null --- +bool(true) +- double --- +bool(false) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +bool(false) +- array --- +bool(false) +bool(false) +- object --- +bool(false) +- resource --- +bool(false) +done diff --git a/Zend/tests/offset_assign.phpt b/Zend/tests/offset_assign.phpt index eebf63c4f3..6a00591095 100644 --- a/Zend/tests/offset_assign.phpt +++ b/Zend/tests/offset_assign.phpt @@ -3,9 +3,11 @@ Crash on $x['x']['y'] += 1 when $x is string --FILE-- ---EXPECTF-- -Fatal error: Cannot use string offset as an array in %s on line %d +--EXPECTF-- +Warning: Illegal string offset 'x' in %soffset_assign.php on line %d + +Fatal error: Cannot use string offset as an array in %soffset_assign.php on line %d diff --git a/Zend/tests/offset_string.phpt b/Zend/tests/offset_string.phpt index 63d8abe8dd..34604d6347 100644 --- a/Zend/tests/offset_string.phpt +++ b/Zend/tests/offset_string.phpt @@ -9,6 +9,9 @@ var_dump($str[1]); var_dump($str[0.0836]); var_dump($str[NULL]); var_dump($str["run away"]); +var_dump($str["13"]); +var_dump($str["14.5"]); +var_dump($str["15 and then some"]); var_dump($str[TRUE]); var_dump($str[FALSE]); @@ -24,12 +27,29 @@ var_dump($str[$arr]); echo "Done\n"; ?> ---EXPECTF-- +--EXPECTF-- string(1) "i" + +Notice: String offset cast occured in %s on line %d string(1) "S" + +Notice: String offset cast occured in %s on line %d string(1) "S" + +Warning: Illegal string offset 'run away' in %s on line %d string(1) "S" +string(1) "c" + +Warning: Illegal string offset '14.5' in %s on line %d +string(1) "o" + +Notice: A non well formed numeric value encountered in %s on line %d +string(1) "r" + +Notice: String offset cast occured in %s on line %d string(1) "i" + +Notice: String offset cast occured in %s on line %d string(1) "S" Warning: Illegal offset type in %s on line %d @@ -42,4 +62,4 @@ string(1) "%s" Warning: Illegal offset type in %s on line %d string(1) "i" -Done +Done \ No newline at end of file diff --git a/Zend/tests/result_unused.phpt b/Zend/tests/result_unused.phpt index ed8502ce34..0db744d089 100644 --- a/Zend/tests/result_unused.phpt +++ b/Zend/tests/result_unused.phpt @@ -24,6 +24,6 @@ $x->prop; $x->y; echo "ok\n"; --EXPECTF-- -Notice: Uninitialized string offset: 3 in %sresult_unused.php on line 11 +Notice: Uninitialized string offset: 3 in %sresult_unused.php on line %d ok diff --git a/Zend/tests/str_offset_001.phpt b/Zend/tests/str_offset_001.phpt index 1ebea6e28f..8a6b91b49a 100644 --- a/Zend/tests/str_offset_001.phpt +++ b/Zend/tests/str_offset_001.phpt @@ -24,28 +24,28 @@ foo($str[1][0]); foo($str[2][1]); ?> --EXPECTF-- -Notice: Uninitialized string offset: -1 in %sstr_offset_001.php on line 7 +Notice: Uninitialized string offset: -1 in %sstr_offset_001.php on line %d string(0) "" string(1) "a" string(1) "b" string(1) "c" -Notice: Uninitialized string offset: 3 in %sstr_offset_001.php on line 11 +Notice: Uninitialized string offset: 3 in %sstr_offset_001.php on line %d string(0) "" string(1) "b" -Notice: Uninitialized string offset: 1 in %sstr_offset_001.php on line 13 +Notice: Uninitialized string offset: 1 in %sstr_offset_001.php on line %d string(0) "" -Notice: Uninitialized string offset: -1 in %sstr_offset_001.php on line 15 +Notice: Uninitialized string offset: -1 in %sstr_offset_001.php on line %d string(0) "" string(1) "a" string(1) "b" string(1) "c" -Notice: Uninitialized string offset: 3 in %sstr_offset_001.php on line 19 +Notice: Uninitialized string offset: 3 in %sstr_offset_001.php on line %d string(0) "" string(1) "b" -Notice: Uninitialized string offset: 1 in %sstr_offset_001.php on line 21 +Notice: Uninitialized string offset: 1 in %sstr_offset_001.php on line %d string(0) "" diff --git a/Zend/zend_execute.c b/Zend/zend_execute.c index e24a3dd6f2..3474ee43cd 100644 --- a/Zend/zend_execute.c +++ b/Zend/zend_execute.c @@ -1147,13 +1147,22 @@ convert_to_array: } if (Z_TYPE_P(dim) != IS_LONG) { + switch(Z_TYPE_P(dim)) { /* case IS_LONG: */ case IS_STRING: + if (IS_LONG == is_numeric_string(Z_STRVAL_P(dim), Z_STRLEN_P(dim), NULL, NULL, -1)) { + break; + } + if (type != BP_VAR_UNSET) { + zend_error(E_WARNING, "Illegal string offset '%s'", dim->value.str.val); + } + + break; case IS_DOUBLE: case IS_NULL: case IS_BOOL: - /* do nothing */ + zend_error(E_NOTICE, "String offset cast occured"); break; default: zend_error(E_WARNING, "Illegal offset type"); @@ -1265,10 +1274,19 @@ static void zend_fetch_dimension_address_read(temp_variable *result, zval **cont switch(Z_TYPE_P(dim)) { /* case IS_LONG: */ case IS_STRING: + if (IS_LONG == is_numeric_string(Z_STRVAL_P(dim), Z_STRLEN_P(dim), NULL, NULL, -1)) { + break; + } + if (type != BP_VAR_IS) { + zend_error(E_WARNING, "Illegal string offset '%s'", dim->value.str.val); + } + break; case IS_DOUBLE: case IS_NULL: case IS_BOOL: - /* do nothing */ + if (type != BP_VAR_IS) { + zend_error(E_NOTICE, "String offset cast occured"); + } break; default: zend_error(E_WARNING, "Illegal offset type"); diff --git a/Zend/zend_vm_def.h b/Zend/zend_vm_def.h index b47016d7f5..1a42119a43 100644 --- a/Zend/zend_vm_def.h +++ b/Zend/zend_vm_def.h @@ -2391,7 +2391,7 @@ ZEND_VM_HANDLER(59, ZEND_INIT_FCALL_BY_NAME, ANY, CONST|TMP|VAR|CV) CHECK_EXCEPTION(); ZEND_VM_NEXT_OPCODE(); } else if (OP2_TYPE != IS_CONST && - EXPECTED(Z_TYPE_P(function_name) == IS_ARRAY) && + EXPECTED(Z_TYPE_P(function_name) == IS_ARRAY) && zend_hash_num_elements(Z_ARRVAL_P(function_name)) == 2) { zend_class_entry *ce; zval **method = NULL; @@ -2399,15 +2399,15 @@ ZEND_VM_HANDLER(59, ZEND_INIT_FCALL_BY_NAME, ANY, CONST|TMP|VAR|CV) zend_hash_index_find(Z_ARRVAL_P(function_name), 0, (void **) &obj); zend_hash_index_find(Z_ARRVAL_P(function_name), 1, (void **) &method); - + if (Z_TYPE_PP(obj) != IS_STRING && Z_TYPE_PP(obj) != IS_OBJECT) { zend_error_noreturn(E_ERROR, "First array member is not a valid class name or object"); } - + if (Z_TYPE_PP(method) != IS_STRING) { zend_error_noreturn(E_ERROR, "Second array member is not a valid method"); } - + if (Z_TYPE_PP(obj) == IS_STRING) { ce = zend_fetch_class_by_name(Z_STRVAL_PP(obj), Z_STRLEN_PP(obj), NULL, 0 TSRMLS_CC); if (UNEXPECTED(ce == NULL)) { @@ -2415,7 +2415,7 @@ ZEND_VM_HANDLER(59, ZEND_INIT_FCALL_BY_NAME, ANY, CONST|TMP|VAR|CV) } EX(called_scope) = ce; EX(object) = NULL; - + if (ce->get_static_method) { EX(fbc) = ce->get_static_method(ce, Z_STRVAL_PP(method), Z_STRLEN_PP(method) TSRMLS_CC); } else { @@ -2429,7 +2429,7 @@ ZEND_VM_HANDLER(59, ZEND_INIT_FCALL_BY_NAME, ANY, CONST|TMP|VAR|CV) if (UNEXPECTED(EX(fbc) == NULL)) { zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), Z_STRVAL_PP(method)); } - + if ((EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) != 0) { EX(object) = NULL; } else { @@ -4507,10 +4507,17 @@ ZEND_VM_C_LABEL(num_index_prop): zval tmp; if (Z_TYPE_P(offset) != IS_LONG) { - ZVAL_COPY_VALUE(&tmp, offset); - zval_copy_ctor(&tmp); - convert_to_long(&tmp); - offset = &tmp; + if (Z_TYPE_P(offset) <= IS_BOOL /* simple scalar types */ + || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ + && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, -1))) { + ZVAL_COPY_VALUE(&tmp, offset); + zval_copy_ctor(&tmp); + convert_to_long(&tmp); + offset = &tmp; + } else { + /* can not be converted to proper offset, return "not set" */ + result = 0; + } } if (Z_TYPE_P(offset) == IS_LONG) { if (opline->extended_value & ZEND_ISSET) { diff --git a/Zend/zend_vm_execute.h b/Zend/zend_vm_execute.h index 59dd5080a5..6bd8450749 100644 --- a/Zend/zend_vm_execute.h +++ b/Zend/zend_vm_execute.h @@ -14035,10 +14035,17 @@ num_index_prop: zval tmp; if (Z_TYPE_P(offset) != IS_LONG) { - ZVAL_COPY_VALUE(&tmp, offset); - zval_copy_ctor(&tmp); - convert_to_long(&tmp); - offset = &tmp; + if (Z_TYPE_P(offset) <= IS_BOOL /* simple scalar types */ + || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ + && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, -1))) { + ZVAL_COPY_VALUE(&tmp, offset); + zval_copy_ctor(&tmp); + convert_to_long(&tmp); + offset = &tmp; + } else { + /* can not be converted to proper offset, return "not set" */ + result = 0; + } } if (Z_TYPE_P(offset) == IS_LONG) { if (opline->extended_value & ZEND_ISSET) { @@ -15941,10 +15948,17 @@ num_index_prop: zval tmp; if (Z_TYPE_P(offset) != IS_LONG) { - ZVAL_COPY_VALUE(&tmp, offset); - zval_copy_ctor(&tmp); - convert_to_long(&tmp); - offset = &tmp; + if (Z_TYPE_P(offset) <= IS_BOOL /* simple scalar types */ + || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ + && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, -1))) { + ZVAL_COPY_VALUE(&tmp, offset); + zval_copy_ctor(&tmp); + convert_to_long(&tmp); + offset = &tmp; + } else { + /* can not be converted to proper offset, return "not set" */ + result = 0; + } } if (Z_TYPE_P(offset) == IS_LONG) { if (opline->extended_value & ZEND_ISSET) { @@ -18205,10 +18219,17 @@ num_index_prop: zval tmp; if (Z_TYPE_P(offset) != IS_LONG) { - ZVAL_COPY_VALUE(&tmp, offset); - zval_copy_ctor(&tmp); - convert_to_long(&tmp); - offset = &tmp; + if (Z_TYPE_P(offset) <= IS_BOOL /* simple scalar types */ + || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ + && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, -1))) { + ZVAL_COPY_VALUE(&tmp, offset); + zval_copy_ctor(&tmp); + convert_to_long(&tmp); + offset = &tmp; + } else { + /* can not be converted to proper offset, return "not set" */ + result = 0; + } } if (Z_TYPE_P(offset) == IS_LONG) { if (opline->extended_value & ZEND_ISSET) { @@ -21119,10 +21140,17 @@ num_index_prop: zval tmp; if (Z_TYPE_P(offset) != IS_LONG) { - ZVAL_COPY_VALUE(&tmp, offset); - zval_copy_ctor(&tmp); - convert_to_long(&tmp); - offset = &tmp; + if (Z_TYPE_P(offset) <= IS_BOOL /* simple scalar types */ + || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ + && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, -1))) { + ZVAL_COPY_VALUE(&tmp, offset); + zval_copy_ctor(&tmp); + convert_to_long(&tmp); + offset = &tmp; + } else { + /* can not be converted to proper offset, return "not set" */ + result = 0; + } } if (Z_TYPE_P(offset) == IS_LONG) { if (opline->extended_value & ZEND_ISSET) { @@ -22446,10 +22474,17 @@ num_index_prop: zval tmp; if (Z_TYPE_P(offset) != IS_LONG) { - ZVAL_COPY_VALUE(&tmp, offset); - zval_copy_ctor(&tmp); - convert_to_long(&tmp); - offset = &tmp; + if (Z_TYPE_P(offset) <= IS_BOOL /* simple scalar types */ + || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ + && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, -1))) { + ZVAL_COPY_VALUE(&tmp, offset); + zval_copy_ctor(&tmp); + convert_to_long(&tmp); + offset = &tmp; + } else { + /* can not be converted to proper offset, return "not set" */ + result = 0; + } } if (Z_TYPE_P(offset) == IS_LONG) { if (opline->extended_value & ZEND_ISSET) { @@ -23596,10 +23631,17 @@ num_index_prop: zval tmp; if (Z_TYPE_P(offset) != IS_LONG) { - ZVAL_COPY_VALUE(&tmp, offset); - zval_copy_ctor(&tmp); - convert_to_long(&tmp); - offset = &tmp; + if (Z_TYPE_P(offset) <= IS_BOOL /* simple scalar types */ + || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ + && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, -1))) { + ZVAL_COPY_VALUE(&tmp, offset); + zval_copy_ctor(&tmp); + convert_to_long(&tmp); + offset = &tmp; + } else { + /* can not be converted to proper offset, return "not set" */ + result = 0; + } } if (Z_TYPE_P(offset) == IS_LONG) { if (opline->extended_value & ZEND_ISSET) { @@ -24746,10 +24788,17 @@ num_index_prop: zval tmp; if (Z_TYPE_P(offset) != IS_LONG) { - ZVAL_COPY_VALUE(&tmp, offset); - zval_copy_ctor(&tmp); - convert_to_long(&tmp); - offset = &tmp; + if (Z_TYPE_P(offset) <= IS_BOOL /* simple scalar types */ + || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ + && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, -1))) { + ZVAL_COPY_VALUE(&tmp, offset); + zval_copy_ctor(&tmp); + convert_to_long(&tmp); + offset = &tmp; + } else { + /* can not be converted to proper offset, return "not set" */ + result = 0; + } } if (Z_TYPE_P(offset) == IS_LONG) { if (opline->extended_value & ZEND_ISSET) { @@ -26162,10 +26211,17 @@ num_index_prop: zval tmp; if (Z_TYPE_P(offset) != IS_LONG) { - ZVAL_COPY_VALUE(&tmp, offset); - zval_copy_ctor(&tmp); - convert_to_long(&tmp); - offset = &tmp; + if (Z_TYPE_P(offset) <= IS_BOOL /* simple scalar types */ + || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ + && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, -1))) { + ZVAL_COPY_VALUE(&tmp, offset); + zval_copy_ctor(&tmp); + convert_to_long(&tmp); + offset = &tmp; + } else { + /* can not be converted to proper offset, return "not set" */ + result = 0; + } } if (Z_TYPE_P(offset) == IS_LONG) { if (opline->extended_value & ZEND_ISSET) { @@ -29470,10 +29526,17 @@ num_index_prop: zval tmp; if (Z_TYPE_P(offset) != IS_LONG) { - ZVAL_COPY_VALUE(&tmp, offset); - zval_copy_ctor(&tmp); - convert_to_long(&tmp); - offset = &tmp; + if (Z_TYPE_P(offset) <= IS_BOOL /* simple scalar types */ + || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ + && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, -1))) { + ZVAL_COPY_VALUE(&tmp, offset); + zval_copy_ctor(&tmp); + convert_to_long(&tmp); + offset = &tmp; + } else { + /* can not be converted to proper offset, return "not set" */ + result = 0; + } } if (Z_TYPE_P(offset) == IS_LONG) { if (opline->extended_value & ZEND_ISSET) { @@ -31250,10 +31313,17 @@ num_index_prop: zval tmp; if (Z_TYPE_P(offset) != IS_LONG) { - ZVAL_COPY_VALUE(&tmp, offset); - zval_copy_ctor(&tmp); - convert_to_long(&tmp); - offset = &tmp; + if (Z_TYPE_P(offset) <= IS_BOOL /* simple scalar types */ + || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ + && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, -1))) { + ZVAL_COPY_VALUE(&tmp, offset); + zval_copy_ctor(&tmp); + convert_to_long(&tmp); + offset = &tmp; + } else { + /* can not be converted to proper offset, return "not set" */ + result = 0; + } } if (Z_TYPE_P(offset) == IS_LONG) { if (opline->extended_value & ZEND_ISSET) { @@ -33387,10 +33457,17 @@ num_index_prop: zval tmp; if (Z_TYPE_P(offset) != IS_LONG) { - ZVAL_COPY_VALUE(&tmp, offset); - zval_copy_ctor(&tmp); - convert_to_long(&tmp); - offset = &tmp; + if (Z_TYPE_P(offset) <= IS_BOOL /* simple scalar types */ + || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ + && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, -1))) { + ZVAL_COPY_VALUE(&tmp, offset); + zval_copy_ctor(&tmp); + convert_to_long(&tmp); + offset = &tmp; + } else { + /* can not be converted to proper offset, return "not set" */ + result = 0; + } } if (Z_TYPE_P(offset) == IS_LONG) { if (opline->extended_value & ZEND_ISSET) { @@ -36038,10 +36115,17 @@ num_index_prop: zval tmp; if (Z_TYPE_P(offset) != IS_LONG) { - ZVAL_COPY_VALUE(&tmp, offset); - zval_copy_ctor(&tmp); - convert_to_long(&tmp); - offset = &tmp; + if (Z_TYPE_P(offset) <= IS_BOOL /* simple scalar types */ + || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */ + && IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, -1))) { + ZVAL_COPY_VALUE(&tmp, offset); + zval_copy_ctor(&tmp); + convert_to_long(&tmp); + offset = &tmp; + } else { + /* can not be converted to proper offset, return "not set" */ + result = 0; + } } if (Z_TYPE_P(offset) == IS_LONG) { if (opline->extended_value & ZEND_ISSET) {