Keep old 5.6 behavior: return Uniqidentifier value as 36-byte hex string (not binary),
when PDO::ATTR_STRINGIFY_FETCHES is TRUE
pdo_dblib: Stringify uniqidentifier field
Keep old 5.6 behavior: return Uniqidentifier value as 36-byte hex string (not binary),
when PDO::ATTR_STRINGIFY_FETCHES is TRUE
Tests added.
pdo_dblib: Stringify uniqidentifier field
Keep old 5.6 behavior: return Uniqidentifier value as 36-byte hex string (not binary),
when PDO::ATTR_STRINGIFY_FETCHES is TRUE
Tests fix.
pdo_dblib: Stringify uniqueidentifier field Added separate PDO::DBLIB_ATTR_STRINGIFY_UNIQUEIDENTIFIER attribute instead of PDO::ATTR_STRINGIFY_FETCHES.
pdo_dblib: Stringify uniqueidentifier field Added `getAttribute` support for PDO::DBLIB_ATTR_STRINGIFY_UNIQUEIDENTIFIER.
Simplify storage of stringify_uniqueidentifier attribute
Xinchen Hui [Sun, 21 Aug 2016 09:19:24 +0000 (17:19 +0800)]
Merge branch 'PHP-5.6' of git.php.net:/php-src into PHP-5.6
* 'PHP-5.6' of git.php.net:/php-src:
Improvements to fix #72714, suggested by nikic
Fix #65732: grapheme_*() is not Unicode compliant on CR LF sequence
Fix #72714: _xml_startElementHandler() segmentation fault
update NEWS
Fixed bug #72852 imap_mail null dereference
Revert "Fix dba configuration for Windows"
Fix dba configuration for Windows
Fix broken test include
fix NEWS
Add myself as PDO_OCI maintainer
Fix #65732: grapheme_*() is not Unicode compliant on CR LF sequence
According to the Unicode specification (at least as of 5.1), CRLF sequences
are considered to be a single grapheme. We cater to that special case by
letting grapheme_ascii_check() fail. While it would be trivial to fix
grapheme_ascii_check() wrt. grapheme_strlen(), grapheme_substr() and
grapheme_strrpos() would be much harder to handle, so we accept the slight
performance penalty if CRLF is involved.
The issue is caused by an integer overflow when the `long` passed as
XML_OPTION_SKIP_TAGSTART is assigned to `xml_parser::toffset` which is
declared as `int`. We can simply work around this issue, by clipping
resulting negative values to 0 (and raising a notice in this case), because
the reasonable range for this value is certainly catered to by positive
`int`s.
However, there still remains the issue that `xml_parser::toffset` is later
added to `char *`s, which can cause OOB reads, so we make sure that the
upper bound never exceeds the strlen(). We eschew optimizing `SKIP_TAGSTART`
wrt. to the potentially duplicate strlen() call, because that code path is
unexpected anyway.
To be able to build the dba extension on Windows, libdb was required. This
is contrary to *nix where each handler can be configured individually. To
avoid BC breaks, we only do minimal modifications, instead of adjusting the
Windows configuration to match the *nix configuration, for now.
PNG allows identical images to be stored differently what makes nearly all
tests checking the MD5 hash of the PNG representation fail with external
libgd. For now, we use the GD format instead, which doesn't allow for such
differences.
Of course, this md5() checking should be replaced by a image diffing feature
in the long run.
Fix #68302: impossible to compile php with zip support
We should not let configure succeed, if SIZEOF_OFF_T == 0, just to let the
compilation fail later. Instead we bail out early, giving a hint regarding
the potential issue, namely misconfigured libraries.
Nikita Popov [Wed, 10 Aug 2016 12:30:16 +0000 (14:30 +0200)]
Bug #72663 - part 2
If a (nested) unserialize() call fails, we remove all the values
that were inserted into var_hash during that call. This prevents
their use in other unserializations in the same context.
Nikita Popov [Mon, 8 Aug 2016 16:05:29 +0000 (18:05 +0200)]
Bug #72663 - part 1
Don't call __destruct() on an unserialized object that has a
__wakeup() method if either
a) unserialization of its properties fails or
b) the __wakeup() call fails (e.g. by throwing).
This basically treats __wakeup() as a form of constructor and
aligns us with the usual behavior that if the constructor call
fails the destructor should not be called.
The security aspect here is that people use __wakeup() to prevent
unserialization of objects with dangerous __destruct() methods,
but this is ineffective if __destruct() can still be called while
__wakeup() was skipped.
* PHP-7.0: (34 commits)
Fix URL rewriter partially
Support "git worktree"
Add NEWS
Fix ASSERT logic
Bugfix 72791: fix memory leak in PDO persistent connections
Don't copy mime types in CLI server
Remove obsolete Id tags
Bump version in OCI8 test
Fixed bug #72788 (Invalid memory access when using persistent PDO connection)
Remove typo'd commit
Fix bug 72788: Invalid memory access when database_object_handle is undefined. Also fix memory leak in dbh_free when using persistent PDO connections.
Replace dead branch with ZEND_ASSERT()
Add test for bug #69107: finfo no longer detects PHP files
Fix bug #55451
Fix stream_socket_enable_crypto() test
Remove old $Id$ tags
Sync with 7.1 branch changes from Nikita & Dimitri to keep OCI8 code identical
Fix bug #72524 (Binding null values triggers ORA-24816 error)
Fix the fix (Nikita), thanks!
Check the return value of dbconvert() in mssql_guid_string(), as it may return -1 in case the conversion failed. In that case false is returned.
...
projects / php / log