Keith Smiley [Mon, 27 Jun 2016 18:23:15 +0000 (14:23 -0400)]
Fixed bug #73237
If the response includes both fields with simple types (which get
concatenated into an XML string) and a complex type (which is parsed
into an object), then the object will parsed into the same zval as the
simple types and will overwrite the string.
Mitch Hagstrand [Wed, 12 Oct 2016 01:18:59 +0000 (20:18 -0500)]
Fixed bug in zend_accel_error() and cleaned up kill_all_lockers()
1. zend_accel_error was only executing clean up if log_verbosity_level is high enough to log
2. Cleaned up kill_all_lockers function and fixed comments.
Bob Weinand [Wed, 12 Oct 2016 18:11:51 +0000 (20:11 +0200)]
Add stdin command and -s command line parameter to phpdbg
This allows reading the initial script file from stdin instead of being forced to put the script into a file in order to run it with phpdbg.
Especially important for programmatic execution of phpdbg.
Also adding tests/include_once.phpt and tests/set_exception_handler.phpt as I seem to have forgotten to git add them sometime long ago...
Anatol Belski [Wed, 12 Oct 2016 14:24:51 +0000 (16:24 +0200)]
Merge branch 'PHP-7.1'
* PHP-7.1:
Revert "Fix for #73240 - Write out of bounds at number_format"
followup with #73276 merge
fix test
Fix bug #73276 - crash in openssl_random_pseudo_bytes function
Fix bug #73293 - NULL pointer dereference in SimpleXMLElement::asXML()
Fix for #73240 - Write out of bounds at number_format
avoid strlen
Bug #73218: add mitigation for ICU int overflow
Add more locale length checks, due to ICU bugs.
Fix bug #73150: missing NULL check in dom_document_save_html
Clear FG(user_stream_current_filename) when bailing out
set versions and release date
sync NEWS
Revert "Fixed bug #73067 (__debugInfo crashes when throwing an exception)"
Fix for #73240 - Write out of bounds at number_format
Fix bug #73257 and bug #73258 - SplObjectStorage unserialize allows use of non-object as key
set versions
Fix bug #73091 - Unserializing DateInterval object may lead to __toString invocation
Anatol Belski [Wed, 12 Oct 2016 14:06:11 +0000 (16:06 +0200)]
Merge branch 'PHP-7.0' into PHP-7.1
* PHP-7.0:
followup with #73276 merge
fix test
Fix bug #73276 - crash in openssl_random_pseudo_bytes function
Fix bug #73293 - NULL pointer dereference in SimpleXMLElement::asXML()
Fix for #73240 - Write out of bounds at number_format
avoid strlen
Bug #73218: add mitigation for ICU int overflow
Add more locale length checks, due to ICU bugs.
Fix bug #73150: missing NULL check in dom_document_save_html
Clear FG(user_stream_current_filename) when bailing out
set versions and release date
sync NEWS
Revert "Fixed bug #73067 (__debugInfo crashes when throwing an exception)"
Fix for #73240 - Write out of bounds at number_format
Fix bug #73257 and bug #73258 - SplObjectStorage unserialize allows use of non-object as key
set versions
Fix bug #73091 - Unserializing DateInterval object may lead to __toString invocation
Sara Golemon [Wed, 12 Oct 2016 04:14:25 +0000 (21:14 -0700)]
Clear FG(user_stream_current_filename) when bailing out
If a userwrapper opener E_ERRORs then FG(user_stream_current_filename)
would remain set until the next request and would not be pointing
at unallocated memory.
Catch the bailout, clear the variable, then continue bailing.
Sara Golemon [Wed, 12 Oct 2016 04:35:10 +0000 (21:35 -0700)]
Clear FG(user_stream_current_filename) when bailing out
If a userwrapper opener E_ERRORs then FG(user_stream_current_filename)
would remain set until the next request and would not be pointing
at unallocated memory.
Catch the bailout, clear the variable, then continue bailing.
Sara Golemon [Wed, 12 Oct 2016 04:35:10 +0000 (21:35 -0700)]
Clear FG(user_stream_current_filename) when bailing out
If a userwrapper opener E_ERRORs then FG(user_stream_current_filename)
would remain set until the next request and would not be pointing
at unallocated memory.
Catch the bailout, clear the variable, then continue bailing.
* PHP-7.0.12:
set versions and release date
sync NEWS
Revert "Fixed bug #73067 (__debugInfo crashes when throwing an exception)"
Fix for #73240 - Write out of bounds at number_format
Fix bug #73257 and bug #73258 - SplObjectStorage unserialize allows use of non-object as key
set versions
Fix bug #73091 - Unserializing DateInterval object may lead to __toString invocation
Merge remote-tracking branch 'origin/PHP-7.0.12' into PHP-7.0.12
* origin/PHP-7.0.12: (99 commits)
set versions and release date
sync NEWS
Revert "Fixed bug #73067 (__debugInfo crashes when throwing an exception)"
set versions
update NEWS
Ignore potentially misleading dberr values
update NEWS
Fixed bug #73172 parse error: Invalid numeric literal
Fix #53745: cgi.discard_path option is missing from php.ini
update libs_versions.txt
update libs_versions.txt
Fixed bug #73156 (segfault on undefined function)
Add an include path for freetype which is relevant for cmake builds
Fix test_image_equals_file() wrt. palette images
Fixed bug #73163
Fix #73161: imagecreatefromgd2() may leak memory
Fix #73159: imagegd2(): unrecognized formats may result in corrupted files
Fix #73155: imagegd2() writes wrong chunk sizes on boundaries
Fix #73157 (again): imagegd2() ignores 3rd param if 4 are given
Fix #73157: imagegd2() ignores 3rd param if 4 are given
...
Adam Baratz [Mon, 10 Oct 2016 22:10:37 +0000 (18:10 -0400)]
Fix #73234: Emulated statements let value dictate parameter type
The prepared statement emulator (pdo_sql_parser.*) figures out how to quote
each query parameter. The intended type is specified by the PDO::PARAM_*
consts, but this direction wasn't always followed. In practice, queries could
work as expected, but subtle errors could result. For example, a numeric string
bound as PDO::PARAM_INT would be sent to a driver's quote function. While these
functions are told which type is expected, they generally assume values are
being quoted as strings. This can result in implicit casts, which are bad for
performance.
This commit includes the following changes:
- Cast values marked as bool/int/null to the appropriate type and bypass the
driver's quote function.
- Save some memory by dropping the temporary zval used for casting.
- Avoid a memory leak if the driver's quote function produces an error.
- Appropriate test suite updates.
projects / php / log