]> granicus.if.org Git - php/log
php
5 years agoadd security NEW entries + reorder [ci skip]
Remi Collet [Tue, 30 Jul 2019 07:26:50 +0000 (09:26 +0200)]
add security NEW entries + reorder [ci skip]

5 years agoMerge branch 'PHP-7.1' into PHP-7.2
Stanislav Malyshev [Mon, 29 Jul 2019 20:19:16 +0000 (13:19 -0700)]
Merge branch 'PHP-7.1' into PHP-7.2

* PHP-7.1:
  Fix #77919: Potential UAF in Phar RSHUTDOWN
  Update NEWS
  Fix bug #78256 (heap-buffer-overflow on exif_process_user_comment)
  Fix bug #78222 (heap-buffer-overflow on exif_scan_thumbnail)

5 years agoFix #77919: Potential UAF in Phar RSHUTDOWN
Christoph M. Becker [Mon, 29 Jul 2019 14:08:03 +0000 (16:08 +0200)]
Fix #77919: Potential UAF in Phar RSHUTDOWN

We have to properly clean up in case phar_flush() is failing.

We also make the expectation of the respective test case less liberal
to avoid missing such bugs in the future.

5 years agoUpdate NEWS
Stanislav Malyshev [Mon, 29 Jul 2019 07:55:18 +0000 (00:55 -0700)]
Update NEWS

5 years agoFix bug #78326
Albert Casademont [Tue, 23 Jul 2019 12:03:06 +0000 (14:03 +0200)]
Fix bug #78326

Similar to what fread() does, truncate the stream_get_contents()
result if the original buffer was way too large.

5 years agoFix Zend signals unblocking
Nikita Popov [Tue, 23 Jul 2019 08:38:23 +0000 (10:38 +0200)]
Fix Zend signals unblocking

There are a few parts here:
 * opcache should not be blocking signals while invoking compile_file,
   otherwise signals may remain blocked on a compile error. While at
   it, also protect SHM memory during compile_file.
 * We should deactivate Zend signals at the end of the request, to make
   sure that we gracefully recover from a missing unblock and signals
   don't remain blocked forever.
 * We don't use a critical section in deactivation, because it should
   not be necessary. Additionally we want to clean up the signal queue,
   if it is non-empty.
 * Enable SIGG(check) in debug builds so we notice issues in the future.

5 years agoFixed bug #78333
Nikita Popov [Mon, 29 Jul 2019 09:23:26 +0000 (11:23 +0200)]
Fixed bug #78333

Don't dereference float/double values at unknown address, instead
memcpy it into an aligned stack slot and dereference that.

5 years agoFix bug #78256 (heap-buffer-overflow on exif_process_user_comment)
Stanislav Malyshev [Mon, 8 Jul 2019 00:39:59 +0000 (17:39 -0700)]
Fix bug #78256 (heap-buffer-overflow on exif_process_user_comment)

5 years agoFix bug #78222 (heap-buffer-overflow on exif_scan_thumbnail)
Stanislav Malyshev [Mon, 8 Jul 2019 00:01:01 +0000 (17:01 -0700)]
Fix bug #78222 (heap-buffer-overflow on exif_scan_thumbnail)

5 years agoFix #78342: Bus error in configure test for iconv //IGNORE
Christoph M. Becker [Mon, 29 Jul 2019 06:48:13 +0000 (08:48 +0200)]
Fix #78342: Bus error in configure test for iconv //IGNORE

We have to check the return value of iconv_open() for error, to avoid
that and potentially other undesired behavior of iconv().

5 years agoRemove .post files only for passing tests
Levi Morrison [Thu, 25 Jul 2019 15:48:29 +0000 (09:48 -0600)]
Remove .post files only for passing tests

This allows the sh script for failing tests with --POST-- to work

5 years agoUpdate NEWS
Peter Kokot [Tue, 23 Jul 2019 00:13:00 +0000 (02:13 +0200)]
Update NEWS

5 years agoChecked in LiteSpeed SAPI 7.5, addressed two main problems in "clean shutdown" introd...
George Wang [Sun, 21 Jul 2019 03:59:43 +0000 (23:59 -0400)]
Checked in LiteSpeed SAPI 7.5, addressed two main problems in "clean shutdown" introduced in 7.4.3,
1. falls in an infinite loop because PHP engine's inconsistent state, now override the ITIMER_PROF to 0.1 second, clean shutdown must finish before that.
2. generate too much error log, we completely disable "error_reporting" before calling php_request_shutdown().

5 years agoFixed bug #77946
Abyr Valg [Wed, 17 Jul 2019 18:46:40 +0000 (21:46 +0300)]
Fixed bug #77946

Save multi_info_read() result into easy handle.

5 years agoFixed bug #69100
Nikita Popov [Wed, 17 Jul 2019 13:58:29 +0000 (15:58 +0200)]
Fixed bug #69100

5 years agomove NEWS entry [ci skip]
Remi Collet [Tue, 16 Jul 2019 11:00:13 +0000 (13:00 +0200)]
move NEWS entry [ci skip]

5 years agoFixed bug #78297
Nikita Popov [Tue, 16 Jul 2019 09:08:27 +0000 (11:08 +0200)]
Fixed bug #78297

5 years agonext is 7.2.22
Remi Collet [Tue, 16 Jul 2019 08:38:20 +0000 (10:38 +0200)]
next is 7.2.22

5 years agoFixed incorrect specialization (missed IS_INDIRECT handling)
Dmitry Stogov [Mon, 15 Jul 2019 22:50:10 +0000 (01:50 +0300)]
Fixed incorrect specialization (missed IS_INDIRECT handling)

5 years agoFix bug #77124
Nikita Popov [Tue, 25 Jun 2019 10:09:47 +0000 (12:09 +0200)]
Fix bug #77124

This is a backport of 6fcae63f614d1ed4aaeaff7b13a7a4627b1f1312
to PHP 7.2.

5 years agoFix #78269 password_hash uses weak options for argon2
Remi Collet [Mon, 15 Jul 2019 12:10:38 +0000 (14:10 +0200)]
Fix #78269 password_hash uses weak options for argon2

5 years agoFix bug #78291 Missing opcache directives
Andrew Collington [Sun, 14 Jul 2019 13:49:38 +0000 (14:49 +0100)]
Fix bug #78291 Missing opcache directives

New opcache directives have been added recently which are returned
if using `ini_get_all('zend opcache')` but are not listed in the
directives if using `opcache_get_configuration()`.  This fix adds
those missing directives as well as if `opcache.mmap_base` is used
instead of `opcache.lockfile_path`.  Also adds a test to ensure the
directives match with both methods of fetching.

5 years agoUse TRY_ADDREF/TRY_DELREF in soap
Nikita Popov [Fri, 12 Jul 2019 14:50:43 +0000 (16:50 +0200)]
Use TRY_ADDREF/TRY_DELREF in soap

The DELREF part is a possible fix for bug #78278, the ADDREF part
is a drive-by fix.

5 years agoFixed bug #78279
Nikita Popov [Fri, 12 Jul 2019 14:29:18 +0000 (16:29 +0200)]
Fixed bug #78279

Even if we don't initialize the callback on every request, we
should still reset our globals to default values...

5 years agoRevert "Fixed bug #76980"
Nikita Popov [Tue, 9 Jul 2019 09:04:05 +0000 (11:04 +0200)]
Revert "Fixed bug #76980"

This reverts commit 35353dc49a73a58c17c7896c4c4c3997ef2c007d.

This changes causes issues for Symfony, see
https://github.com/symfony/symfony/issues/32395. I'm reverting it
from PHP 7.2 and PHP 7.3 and only leaving it in PHP 7.4.

5 years agoMerge branch 'PHP-7.1' into PHP-7.2
Christoph M. Becker [Tue, 9 Jul 2019 08:01:52 +0000 (10:01 +0200)]
Merge branch 'PHP-7.1' into PHP-7.2

* PHP-7.1:
  Upgrade to SQLite 3.28.0

5 years agoUpgrade to SQLite 3.28.0
Christoph M. Becker [Fri, 21 Jun 2019 13:48:50 +0000 (15:48 +0200)]
Upgrade to SQLite 3.28.0

Over the years, multiple security vulnerabilities[1] have been found
and fixed in SQLite3, so it makes sense to update our bundled libsqlite
to the latest available version.

[1] <https://www.cvedetails.com/vulnerability-list/vendor_id-9237/Sqlite.html>

5 years agoUpdate NEWS [ci skip]
Peter Kokot [Mon, 8 Jul 2019 16:45:36 +0000 (18:45 +0200)]
Update NEWS [ci skip]

5 years agoBackport fe_reset_rw case
Nikita Popov [Fri, 5 Jul 2019 10:06:52 +0000 (12:06 +0200)]
Backport fe_reset_rw case

5 years agoFix inference for compound object op on dim
Nikita Popov [Fri, 5 Jul 2019 09:39:42 +0000 (11:39 +0200)]
Fix inference for compound object op on dim

5 years agoUpdated to LiteSpeed SAPI V7.4.3
George Wang [Thu, 4 Jul 2019 16:03:21 +0000 (12:03 -0400)]
Updated to LiteSpeed SAPI V7.4.3
Increased response header count limit from 100 to 1000.
Added crash handler to cleanly shutdown PHP request.
Added CloudLinux mod_lsapi mode
Fixed bug #76058

5 years agoFixed bug #78231
Nikita Popov [Wed, 3 Jul 2019 10:27:13 +0000 (12:27 +0200)]
Fixed bug #78231

5 years agoFix #78241: touch() does not handle dates after 2038 in PHP 64-bit
Christoph M. Becker [Wed, 3 Jul 2019 07:59:17 +0000 (09:59 +0200)]
Fix #78241: touch() does not handle dates after 2038 in PHP 64-bit

`time_t` defaults to `_time64` (which is 64bit signed) even on x86, but
`Int32x32To64()` truncates it to signed 32bit.  We replace the macro
with the "manual" calculation.

5 years agoBackport test fix
Nikita Popov [Tue, 2 Jul 2019 14:10:56 +0000 (16:10 +0200)]
Backport test fix

Closes GH-3816.

5 years agoFix bug #78138: opcache.validate_permission incorrectly works with PHAR files
Alex Scott [Tue, 11 Jun 2019 14:31:07 +0000 (18:31 +0400)]
Fix bug #78138: opcache.validate_permission incorrectly works with PHAR files

opcache incorrectly handles PHAR files when opcache.validate_permission
option enabled, because it calls

  access("phar://path-to/file.phar/path/inside.php", R_OK);

rather than

  access("path-to/file.phar", R_OK)

5 years agoAdd missing SKIPIFs
Christoph M. Becker [Mon, 1 Jul 2019 16:11:13 +0000 (18:11 +0200)]
Add missing SKIPIFs

All these tests are meant to run with OPcache available, and some will
even fail inevitably without it, so we add OPcache as SKIPIF
requirement.

5 years agoAdd missing SKIPIFs
Christoph M. Becker [Mon, 1 Jul 2019 13:01:24 +0000 (15:01 +0200)]
Add missing SKIPIFs

All these tests are meant to run with OPcache available, and some will
even fail inevitably without it, so we add OPcache as SKIPIF
requirement.

5 years agoFix brittle test
Christoph M. Becker [Mon, 1 Jul 2019 14:41:20 +0000 (16:41 +0200)]
Fix brittle test

This test is easily tripped by former test runs with other PHP
versions.  To avoid such false positives, we check that there is at
least one respective OPcache file, and that all found OPcache user ID
folders have exactly 32 hexadecimal digits.

5 years agoUpdate NEWS [ci skip]
Anatol Belski [Sat, 29 Jun 2019 15:39:45 +0000 (17:39 +0200)]
Update NEWS [ci skip]

5 years agoFix #78183: finfo_file shows wrong mime-type for .tga file
Joshua Westerheide [Fri, 28 Jun 2019 13:07:14 +0000 (15:07 +0200)]
Fix #78183: finfo_file shows wrong mime-type for .tga file

Due to a bug in the underlying libmagic 5.31, .tga images returned mime type "image/x-tgaimage/x-tga".

5 years agoFix bugs in AST printer
sunnyeo [Fri, 28 Jun 2019 14:06:01 +0000 (16:06 +0200)]
Fix bugs in AST printer

Closes GH-4324.

5 years agoFix bug #78192 PDO SQLite SegFault when reuse statement after schema has changed
Vincent [Wed, 26 Jun 2019 09:37:08 +0000 (11:37 +0200)]
Fix bug #78192 PDO SQLite SegFault when reuse statement after schema has changed

Reset stmt->columns when column count changed on new execution of prepared statement

5 years agoRemove stream_socket_sendto.phpt
Nikita Popov [Wed, 26 Jun 2019 14:58:37 +0000 (16:58 +0200)]
Remove stream_socket_sendto.phpt

Fails for me locally due to different number of warnings with
different messages. Rather than adding more wildcards I'm dropping
this test entirely, as it doesn't seem to test anything particularly
useful.

(cherry picked from commit 84333cad674890174c47f3c21b1b1cf85a4276ac)

5 years agoFix #78202: Opcache stats for cache hits are capped at 32bit NUM
Christoph M. Becker [Tue, 25 Jun 2019 07:56:33 +0000 (09:56 +0200)]
Fix #78202: Opcache stats for cache hits are capped at 32bit NUM

We use the proper format specifiers now.

5 years agoAdd explicit cast to uint32_t.
Andrey Hristov [Fri, 21 Jun 2019 13:30:25 +0000 (16:30 +0300)]
Add explicit cast to uint32_t.

It works even without it but explicit stuff is better. The compiler probably converts the 16-bit
uint16_t to uint32_t before doing the shift.

5 years agoFix PKCS12 leak in openssl
Nikita Popov [Fri, 21 Jun 2019 13:00:25 +0000 (15:00 +0200)]
Fix PKCS12 leak in openssl

5 years agoFix d leak in ecc openssl_pkey_new
Nikita Popov [Fri, 21 Jun 2019 12:43:15 +0000 (14:43 +0200)]
Fix d leak in ecc openssl_pkey_new

5 years agoFix netscape spki leak in openssl
Nikita Popov [Fri, 21 Jun 2019 12:35:35 +0000 (14:35 +0200)]
Fix netscape spki leak in openssl

5 years agoFix X509 leak in openssl_pkcs7_verify()
Nikita Popov [Fri, 21 Jun 2019 12:24:00 +0000 (14:24 +0200)]
Fix X509 leak in openssl_pkcs7_verify()

5 years agoFix CSR leaks in openssl
Nikita Popov [Fri, 21 Jun 2019 12:17:05 +0000 (14:17 +0200)]
Fix CSR leaks in openssl

5 years agoFree cert in php_openssl_load_stream_cafile()
Nikita Popov [Fri, 21 Jun 2019 12:03:06 +0000 (14:03 +0200)]
Free cert in php_openssl_load_stream_cafile()

X509_STORE_add_cert() increments the refcount of the cert, so we
should free it here.

5 years agoFix memory leak in TLS matches_san_list
Niklas Keller [Fri, 3 Aug 2018 19:00:14 +0000 (21:00 +0200)]
Fix memory leak in TLS matches_san_list

5 years agoFix #78189: file cache strips last character of uname hash
Christoph M. Becker [Thu, 20 Jun 2019 15:53:10 +0000 (17:53 +0200)]
Fix #78189: file cache strips last character of uname hash

We must not forget to increase `len` by one to cater to the directory
separator.

5 years agofix test for Windows and for parallel run
Remi Collet [Thu, 20 Jun 2019 09:58:32 +0000 (11:58 +0200)]
fix test for Windows and for parallel run

5 years agoimprove test clean section
Remi Collet [Thu, 20 Jun 2019 09:51:18 +0000 (11:51 +0200)]
improve test clean section

5 years agomove NEWS entry
Remi Collet [Thu, 20 Jun 2019 08:40:52 +0000 (10:40 +0200)]
move NEWS entry

5 years agoadd test for #78185
Remi Collet [Thu, 20 Jun 2019 08:27:33 +0000 (10:27 +0200)]
add test for #78185

5 years agoFixed bug #78185 (File cache no longer works)
Dmitry Stogov [Thu, 20 Jun 2019 06:04:14 +0000 (09:04 +0300)]
Fixed bug #78185 (File cache no longer works)

5 years agoFix version comparison
Andrey Hristov [Wed, 19 Jun 2019 13:42:43 +0000 (16:42 +0300)]
Fix version comparison

5 years agofix setcookie Max-Age to use php_time
Joe Watkins [Wed, 19 Jun 2019 10:42:00 +0000 (12:42 +0200)]
fix setcookie Max-Age to use php_time

5 years agoexport php_time
Joe Watkins [Wed, 19 Jun 2019 10:39:51 +0000 (12:39 +0200)]
export php_time

5 years agoResolve discrepencies between second value yielded by gettimeofday and time, fixes...
Joe Watkins [Tue, 18 Jun 2019 09:06:00 +0000 (11:06 +0200)]
Resolve discrepencies between second value yielded by gettimeofday and time, fixes #69044

5 years agoFix #78173: XML-RPC mutates immutable objects during encoding
Asher Baker [Tue, 18 Jun 2019 14:05:38 +0000 (15:05 +0100)]
Fix #78173: XML-RPC mutates immutable objects during encoding

With opcache.protect_memory=1 enabled, the XML-RPC extension causes a
segfault on PHP 7.2 as it is modifying the recursion counter of objects
it touches, without first checking if they are immutable or not.

This doesn't affect 7.3+

5 years agomove NEWS entry
Remi Collet [Tue, 18 Jun 2019 05:50:44 +0000 (07:50 +0200)]
move NEWS entry

5 years agoAccept null for preg_quote delimiter argument
Nikita Popov [Mon, 17 Jun 2019 11:30:15 +0000 (13:30 +0200)]
Accept null for preg_quote delimiter argument

Related to bug #78163.

5 years agoBackport 96a12578c13b5c37195b10526fcdc669b795644d
Dmitry Stogov [Fri, 14 Jun 2019 10:29:13 +0000 (13:29 +0300)]
Backport 96a12578c13b5c37195b10526fcdc669b795644d

5 years agoBackport 91a6cdbff5ebd1ca4db1d6e8c42d3265ce80ace4
Dmitry Stogov [Fri, 14 Jun 2019 10:24:47 +0000 (13:24 +0300)]
Backport 91a6cdbff5ebd1ca4db1d6e8c42d3265ce80ace4

5 years agoFixed bug #78106
Nikita Popov [Thu, 13 Jun 2019 10:51:35 +0000 (12:51 +0200)]
Fixed bug #78106

When disabling opcache during the request via opcache.enable ini
setting, make sure we also disable ZCG(accelerator_enabled).

5 years agoAdd test for bug #78106
Nikita Popov [Thu, 13 Jun 2019 10:35:29 +0000 (12:35 +0200)]
Add test for bug #78106

Also add PHP_TEST_EXTRA_ARGS environment variable, which allows
to pass on -c, -d etc flags provided by run-tests.php. Otherwise
we won't get the built-in server to run with opcache.

5 years agonext is 7.2.21
Remi Collet [Tue, 11 Jun 2019 10:18:43 +0000 (12:18 +0200)]
next is 7.2.21

5 years agoFix #77937: preg_match failed
Christoph M. Becker [Tue, 30 Apr 2019 14:10:04 +0000 (16:10 +0200)]
Fix #77937: preg_match failed

On some recent Windows systems, ext\pcre\tests\locales.phpt fails,
because 'pt_PT' is accepted by `setlocale()`, but not properly
supported by the ctype functions, which are used internally by PCRE2 to
build the localized character tables.

Since there appears to be no way to properly check whether a given
locale is fully supported, but we want to minimize BC impact, we filter
out typical Unix locale names, except for a few cases which have
already been properly supported on Windows.  This way code like

  setlocale(LC_ALL, 'de_DE.UTF-8', 'de_DE', 'German_Germany.1252');

should work like on older Windows systems.

It should be noted that the locale names causing trouble are not (yet)
documented as valid names anyway, see
<https://docs.microsoft.com/en-us/cpp/c-runtime-library/locale-names-languages-and-country-region-strings?view=vs-2019>.

5 years agoFixed possible misalignment in 32-bit build.
Dmitry Stogov [Mon, 10 Jun 2019 09:51:59 +0000 (12:51 +0300)]
Fixed possible misalignment in 32-bit build.

5 years agoExtend wildcard files section in EditorConfig [ci skip]
Peter Kokot [Sun, 9 Jun 2019 20:53:58 +0000 (22:53 +0200)]
Extend wildcard files section in EditorConfig [ci skip]

Changes:
- Trim trailing whitespace for all files except patches. There isn't
  really any practical reason to not trim the trailing whitespace in all
  other files. Binary files or phpt files that include trailing
  whitespace as part of the test should be manually set in editors/IDEs
  or by disabling the editorconfig for particular editing.
- Add *.ac, *.d, *.l, *.skl, *.re, *.wsdl, *.dtd, *.html, *.rng, *.xml,
  *.xsd, *.xsl, buildconf, and Makefile* files settings.

Closes #4156

5 years agoRestored NEWS entry
Dmitry Stogov [Fri, 7 Jun 2019 09:37:49 +0000 (12:37 +0300)]
Restored NEWS entry

5 years agoEnable STRICT_TRANS_TABLES in new test
Nikita Popov [Fri, 7 Jun 2019 08:26:37 +0000 (10:26 +0200)]
Enable STRICT_TRANS_TABLES in new test

The part testing error cases relies on this.

5 years agoFixed bug #77135 (Extract with EXTR_SKIP should skip $this)
Dmitry Stogov [Fri, 7 Jun 2019 08:36:39 +0000 (11:36 +0300)]
Fixed bug #77135 (Extract with EXTR_SKIP should skip $this)

5 years agoFixed bug #38546
Cameron Porter [Wed, 6 Mar 2019 06:33:40 +0000 (00:33 -0600)]
Fixed bug #38546

Properly support binding boolean parameters with emulated prepared
statements disabled. Also add the necessary mysqlnd support for
MYSQL_TYPE_TINY.

5 years agoFix test regarding Unix Domain Sockets on Windows
Christoph M. Becker [Thu, 6 Jun 2019 12:56:47 +0000 (14:56 +0200)]
Fix test regarding Unix Domain Sockets on Windows

Recent Windows versions actually support Unix Domain Sockets.  Cf.
<https://github.com/curl/curl/pull/3939>.

5 years agofix flaky posix test
Joe Watkins [Wed, 5 Jun 2019 14:34:50 +0000 (16:34 +0200)]
fix flaky posix test

5 years agoFixed bug #78050
Nikita Popov [Tue, 4 Jun 2019 13:08:16 +0000 (15:08 +0200)]
Fixed bug #78050

This is a backport of a9821255612a99f9773c3601ff1914de4e7a7e32.

5 years agoReload tsrmls_id in release builds as well
Nikita Popov [Tue, 4 Jun 2019 13:23:10 +0000 (15:23 +0200)]
Reload tsrmls_id in release builds as well

If TSRM is shut down and started again (something that phpdbg does),
then tsrmls_id needs to be reloaded everywhere. As tsrmls_id
update is a rare operation, doing that shouldn't be a problem.

5 years agoClear errors after SSL_CTX_load_verify_locations()
Nikita Popov [Mon, 3 Jun 2019 13:14:01 +0000 (15:14 +0200)]
Clear errors after SSL_CTX_load_verify_locations()

We report our own errors here. Make sure these don't clog up the
error queue.

5 years agoFix bug #78079 (openssl_encrypt_ccm.phpt fails with OpenSSL 1.1.1c)
Jakub Zelenka [Sun, 2 Jun 2019 18:10:56 +0000 (19:10 +0100)]
Fix bug #78079 (openssl_encrypt_ccm.phpt fails with OpenSSL 1.1.1c)

It also fixes invalid setting of tag length

5 years agoUpdate SDK version for AppVeyor
Anatol Belski [Sat, 1 Jun 2019 11:43:31 +0000 (13:43 +0200)]
Update SDK version for AppVeyor

5 years agoChange ZPP only if compiled with ICU >= 64
Anatol Belski [Sat, 1 Jun 2019 00:18:56 +0000 (02:18 +0200)]
Change ZPP only if compiled with ICU >= 64

5 years agoUpdate tests for ICU 64
Nikita Popov [Fri, 31 May 2019 13:39:03 +0000 (15:39 +0200)]
Update tests for ICU 64

(cherry picked from commit 8a8bc5c4529223ecf4f421b1bed03618f7394335)

5 years agoFix var name
Anatol Belski [Fri, 31 May 2019 18:49:42 +0000 (20:49 +0200)]
Fix var name

5 years agoAdd a test for bug #65672
Craig Duncan [Tue, 20 Feb 2018 21:12:43 +0000 (21:12 +0000)]
Add a test for bug #65672

5 years agoEnsure the internal properties cannot be overwritten
Craig Duncan [Tue, 20 Feb 2018 21:11:03 +0000 (21:11 +0000)]
Ensure the internal properties cannot be overwritten

5 years agoAdd tests for DatePeriod properties
Craig Duncan [Tue, 28 May 2019 19:49:14 +0000 (20:49 +0100)]
Add tests for DatePeriod properties

5 years agoadd NEWS entries for sec fix
Remi Collet [Wed, 29 May 2019 06:53:23 +0000 (08:53 +0200)]
add NEWS entries for sec fix

5 years agodisabled functions must not have return type
Joe Watkins [Wed, 29 May 2019 06:30:08 +0000 (08:30 +0200)]
disabled functions must not have return type

5 years agoFix type inference of SEND_UNPACK with empty array
Nikita Popov [Tue, 28 May 2019 14:39:49 +0000 (16:39 +0200)]
Fix type inference of SEND_UNPACK with empty array

An empty array will not be turned into an array of references.
This violated the invariant than an array has values iff it has
keys.

5 years agoMerge branch 'PHP-7.1' into PHP-7.2
Joe Watkins [Tue, 28 May 2019 07:53:32 +0000 (09:53 +0200)]
Merge branch 'PHP-7.1' into PHP-7.2

* PHP-7.1:
  bump version after release

5 years agobump version after release
Joe Watkins [Tue, 28 May 2019 07:52:52 +0000 (09:52 +0200)]
bump version after release

5 years agoMerge branch 'PHP-7.1' into PHP-7.2
Stanislav Malyshev [Tue, 28 May 2019 04:36:00 +0000 (21:36 -0700)]
Merge branch 'PHP-7.1' into PHP-7.2

* PHP-7.1:
  Fix bug #77967 - Bypassing open_basedir restrictions via file uris

5 years agoFix bug #77967 - Bypassing open_basedir restrictions via file uris
Stanislav Malyshev [Tue, 28 May 2019 01:04:00 +0000 (18:04 -0700)]
Fix bug #77967 - Bypassing open_basedir restrictions via file uris

5 years agoMerge branch 'PHP-7.1' into PHP-7.2
Stanislav Malyshev [Tue, 28 May 2019 00:28:20 +0000 (17:28 -0700)]
Merge branch 'PHP-7.1' into PHP-7.2

* PHP-7.1:
  Fix bug #77988 - heap-buffer-overflow on php_jpg_get16

5 years agoFix bug #77988 - heap-buffer-overflow on php_jpg_get16
Stanislav Malyshev [Tue, 28 May 2019 00:16:29 +0000 (17:16 -0700)]
Fix bug #77988 - heap-buffer-overflow on php_jpg_get16

5 years agoFix function name
Stanislav Malyshev [Tue, 28 May 2019 00:20:56 +0000 (17:20 -0700)]
Fix function name