From f5570be3a94fa15e7ba1c20b3a78b14d18778747 Mon Sep 17 00:00:00 2001
From: Pierre Joye <pajoye@php.net>
Date: Thu, 18 Nov 2010 17:09:27 +0000
Subject: [PATCH] - path with null entries

---
 NEWS      | 1 +
 UPGRADING | 3 +++
 2 files changed, 4 insertions(+)

diff --git a/NEWS b/NEWS
index a4aed4135d..025c880ed7 100644
--- a/NEWS
+++ b/NEWS
@@ -33,6 +33,7 @@
 - Added a 3rd parameter to get_html_translation_table. It now takes a charset
   hint, like htmlentities et al. (Gustavo)
 
+- Path with NULL in them (foo\obar.txt) are now considered as invalid. (Rasmus)
 - Fixed a possible double free in imap extension (Identified by Mateusz 
   Kocielski). (CVE-2010-4150). (Ilia)
 - Fixed NULL pointer dereference in ZipArchive::getArchiveComment.
diff --git a/UPGRADING b/UPGRADING
index 23e64f2885..b1c0870aaf 100755
--- a/UPGRADING
+++ b/UPGRADING
@@ -40,6 +40,9 @@ UPGRADE NOTES - PHP 5.3
 2. Changes made to existing functions
 =====================================
 
+- Paths containing NULL (like /some/path\0foo.txt) are now considered invalid. 
+  See http://news.php.net/php.internals/50191
+
 - The HTTP stream wrapper now considers all status codes from 200 to 399 to be
   successful.
 
-- 
2.40.0