* PHP-5.5:
Fix bug #69646 OS command injection vulnerability in escapeshellarg
Fix#69719 - more checks for nulls in paths
fix test description
Fixed Buf #68812 Unchecked return value.
This implements a reduced variant of #1226 with just the following
change:
-Fatal error: Uncaught exception 'EngineException' with message 'Call to private method foo::bar() from context ''' in %s:%d
+Fatal error: Uncaught EngineException: Call to private method foo::bar() from context '' in %s:%d
The '' wrapper around messages is very weird if the exception
message itself contains ''. Futhermore having the message wrapped
in '' doesn't work for the "and defined" suffix of
TypeExceptions.
TypeException stays as-is for now because it uses messages that are
incompatible with the way exception messages are displayed.
closure_038.phpt and a few others now show that we're generating
too many exceptions for compound operations on undefined properties
-- this needs to be fixed in a followup.
* PHP-5.6: (27 commits)
fix non-standard C
update NEWS
5.4.41 next
fix CVE num
update NEWS
Fix bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode)
fix test
fix type in fix for #69085
fix memory leak & add test
Fix tests
fix CVE num
Fix bug #69337 (php_stream_url_wrap_http_ex() type-confusion vulnerability)
Fix test
Additional fix for bug #69324
More fixes for bug #69152
Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions)
Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar)
Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER)
Fix bug #68486 and bug #69218 (segfault in apache2handler with apache 2.4)
Fix bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault)
...
Conflicts:
Zend/zend_exceptions.c
ext/curl/interface.c
ext/dom/document.c
ext/fileinfo/libmagic/softmagic.c
ext/gd/gd.c
ext/hash/hash.c
ext/pgsql/pgsql.c
ext/phar/phar.c
ext/phar/phar_internal.h
ext/standard/http_fopen_wrapper.c
ext/standard/link.c
ext/standard/streamsfuncs.c
ext/xmlwriter/php_xmlwriter.c
ext/zlib/zlib.c
* PHP-5.5: (27 commits)
fix non-standard C
update NEWS
5.4.41 next
fix CVE num
update NEWS
Fix bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode)
fix test
fix type in fix for #69085
fix memory leak & add test
Fix tests
fix CVE num
Fix bug #69337 (php_stream_url_wrap_http_ex() type-confusion vulnerability)
Fix test
Additional fix for bug #69324
More fixes for bug #69152
Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions)
Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar)
Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER)
Fix bug #68486 and bug #69218 (segfault in apache2handler with apache 2.4)
Fix bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault)
...
Conflicts:
ext/standard/http_fopen_wrapper.c
* PHP-5.4.40:
Additional fix for bug #69324
More fixes for bug #69152
Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions)
Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar)
Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER)
Fix bug #68486 and bug #69218 (segfault in apache2handler with apache 2.4)
Fix bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault)
Fixed bug #68901 (use after free)
Fixed bug #68740 (NULL Pointer Dereference)
Fix bug #66550 (SQLite prepared statement use-after-free)
Better fix for #68601 for perf 81e9a993f2
Fix bug #68601 buffer read overflow in gd_gif_in.c
Revert "Merge branch 'PHP-5.4' of https://git.php.net/repository/php-src into PHP-5.4"
Fixed bug #69293
Add ZEND_ARG_CALLABLE_INFO to allow internal function to type hint against callable.
Introduces a ZEND_PARSE_PARAMS_THROW flag for zpp, which forces to
report FAILURE errors using a TypeException instead of a Warning,
like it would happen in strict mode.
Adds a zend_parse_parameters_throw() convenience function, which
invokes zpp with this flag.
Converts all cases I could identify, where we currently have
throwing zpp usage in constructors and replaces them with this API.
Error handling is still replaced to EH_THROW in some cases to handle
other, domain-specific errors in constructors.
Now each HashTable is also zend_array, so it's refcounted and may be a subject for Copy on Write
zend_array_dup() was changed to allocate and return HashTable, instead of taking preallocated HashTable as argument.
* origin/master:
We can't eliminate FETCH_CONSTANT opcodes for constants represented by AST.
Ensure __LINE__ is always accurate
Fix incdec of referenced properties
Fix ::jsonSerialize() failure message
Fix invalid zend_string_frees in reflection
Remove retval member in spl_dllist
DLL export several APIs needed for phpdbg
More fixes for nodelist array access - testing for null property read - no zval copying if the type is already long - memory fix for master
* PHP-5.6:
More fixes for nodelist array access
- testing for null property read
- no zval copying if the type is already long
- memory fix for master
- use zend_long for offset
Conflicts:
ext/dom/php_dom.c
* origin/master: (40 commits)
int to size_t where the underlaying API supports it
use php_socket_t instead of int
fix signed/unsigned mismatch warning
fix compilation warning
Improved specialisation $this variable accessed through IS_UNUSED operand must be IS_OBJECT, so we don't have to check for its type or perform dereference.
Add notes about get_class_entry/get_class_name to UPGRADING
Fix casts in GD
Drop redundant casting code from ext/filter
update NEWS
update NEWS
update NEWS
update NEWS
Added note to UPGRADING regarding 64-bit support in pack()/unpack()
pack(): Use SIZEOF_ZEND_LONG instead of SIZEOF_LONG
Add 64 bit formats to pack() and unpack()
Help to CPU branch predictor
Removed unused EG(orig_error_reporting)
Update get_class_name semantics
Remove Z_OBJ_CLASS_NAME_P
Improved VM stack primitives for fast paths. Slow paths are not inlined anymore.
...
* origin/master: (26 commits)
Micro optimization
Drop unused INIT_STRING opcode
Drop unused RAISE_ABSTRACT_ERROR opcode
CT substitute unqualified true/false/null in namespaces
Fix a couple compile warnings
fix test filename
one more test to illustrate transfer of an arbitrary data amount throug pipes
fix tests on linux
better test cleanup
Use more readable inline functions
increase the polling period to not to break existing behaviours
updated NEWS
Fixed bug #51800 proc_open on Windows hangs forever
Fixed segfault
Set an LDAP error code when failing ldap_bind due to null bytes
Fix segmentation fault in debug_backtrace()
Drop support for GMP 4.1
Make gmp_setbit and gmp_clrbit return values consistent
removed *.dsw and *.dsp files
Opcache compatibility for coalesce operator
...
