From: Anatol Belski <ab@php.net>
Date: Tue, 29 Mar 2016 09:24:33 +0000 (+0200)
Subject: Merge remote-tracking branch 'origin/PHP-7.0.5' into PHP-7.0
X-Git-Tag: php-7.0.6RC1~54^2~1^2~1
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=6afa41cf8033796e3ccd4a355bfd443dedf5ff0a;p=php

Merge remote-tracking branch 'origin/PHP-7.0.5' into PHP-7.0

* origin/PHP-7.0.5:
  Fixed bug #71704 php_snmp_error() Format String Vulnerability
  Fixed bug #71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut
  Updated to version 2016.3 (2016c)
  Fixed bug #71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut
  Fixed bug #71527 Buffer over-write in finfo_open with malformed magic file
  Fix bug #71798 - Integer Overflow in php_raw_url_encode
  update NEWS
  Disable huge pages in the Zend allocator by default As per the discussion on internals, this is an expert feature that needs special system-level configuration and care.
  Added ability to disable huge pages in Zend Memeory Manager through the environment variable USE_ZEND_ALLOC_HUGE_PAGES=0.
  Fix bug #71860: Require valid paths for phar filenames
  Fix bug #71860: Require valid paths for phar filenames
  update NEWS
  Fixed bug #71704 php_snmp_error() Format String Vulnerability
  Merge branch 'PHP-5.6' into PHP-7.0
  Updated to version 2016.2 (2016b)
  update libs versions
  set RC1 versions
  Going for 5.5.34
---

6afa41cf8033796e3ccd4a355bfd443dedf5ff0a
diff --cc ext/standard/url.c
index 9963ce60f4,b7fd188699..78ca472a2b
--- a/ext/standard/url.c
+++ b/ext/standard/url.c
@@@ -608,10 -608,10 +608,10 @@@ PHPAPI size_t php_url_decode(char *str
   */
  PHPAPI zend_string *php_raw_url_encode(char const *s, size_t len)
  {
- 	register int x, y;
+ 	register size_t x, y;
  	zend_string *str;
  
 -	str = zend_string_alloc(3 * len, 0);
 +	str = zend_string_safe_alloc(3, len, 0, 0);
  	for (x = 0, y = 0; len--; x++, y++) {
  		ZSTR_VAL(str)[y] = (unsigned char) s[x];
  #ifndef CHARSET_EBCDIC