PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? ??? ????, PHP 7.2.0RC1 - Core: . Fixed #75042 run-tests.php issues with EXTENSION block). (John Boehr) - CURL: . Fixed bug #75093 (OpenSSL support not detected). (Remi) . Better fix for #74125 (use pkg-config instead of curl-config). (Remi) - GD: . Fixed bug #75111 (Memory disclosure or DoS via crafted .bmp image). (cmb) . Fixed bug #75124 (gdImageGrayScale() may produce colors). (cmb) - Intl: . Fixed bug #75090 (IntlGregorianCalendar doesn't have constants from parent class). (tpunt) - PCRE: . Fixed bug #75089 (preg_grep() is not reporting PREG_BAD_UTF8_ERROR after first input string). (Dmitry) - PDO_OCI: . Fixed bug #74631 (PDO_PCO with PHP-FPM: OCI environment initialized before PHP-FPM sets it up). (Ingmar Runge) - SQLite3: . Update to Sqlite 3.20.1. (cmb) - Standard: . Fixed bug #75097 (gethostname fails if your host name is 64 chars long). (Andrea) 17 Aug 2017, PHP 7.2.0beta3 - Core: . Fixed bug #75063 (Main CWD initialized with wrong codepage). (Anatol) . Fixed bug #74725 (html_errors=1 breaks unhandled exceptions). (Andrea) - Date: . Fixed bug #75002 (Null Pointer Dereference in timelib_time_clone). (Derick) - FTP: . Added ftp_append() function. (blar) - Mbstring: . Fixed bug #75001 (Wrong reflection on mb_eregi_replace). (Fabien Villepinte) - SQLite3: . Updated to SQLite 3.20.0. (cmb) - SPL: . Fixed bug #75049 (spl_autoload_unregister can't handle spl_autoload_functions results). (Laruence) . Added spl_object_id(). (Tyson Andre) - Standard: . Fixed bug #75075 (unpack with X* causes infinity loop). (Laruence) . Fixed bug #74103 (heap-use-after-free when unserializing invalid array size). (Nikita) . Fixed bug #75054 (A Denial of Service Vulnerability was found when performing deserialization). (Nikita) - WDDX: . Fixed bug #73793 (WDDX uses wrong decimal seperator). (cmb) - XMLRPC: . Fixed bug #74975 (Incorrect xmlrpc serialization for classes with declared properties). (blar) 03 Aug 2017, PHP 7.2.0beta2 - Core: . Implemented FR #74963 (Improved error message on fetching property of non-object). (Laruence) . Fixed bug #74947 (Segfault in scanner on INF number). (Laruence) . Fixed bug #74954 (null deref and segfault in zend_generator_resume()). (Bob) - CLI: . Fixed bug #74979 (Interactive shell opening instead of script execution with -f flag). (Anatol) - cURL: . Fixed bug #74125 (Fixed finding CURL on systems with multiarch support). (cebe) - Intl: . Fixed bug #74993 (Wrong reflection on some locale_* functions). (Sara) - Mbstring: . Fixed bug #69267 (mb_strtolower fails on titlecase characters). (Nikita) . Fixed bug #71606 (Segmentation fault mb_strcut with HTML-ENTITIES encoding). (cmb) . Fixed bug #62934 (mb_convert_kana() does not convert iteration marks). (Nikita) - MySQLi: . Fixed bug #74968 (PHP crashes when calling mysqli_result::fetch_object with an abstract class). (Anatol) - OCI8: . Expose oci_unregister_taf_callback() (Tianfang Yang) - Opcache: . Fixed bug #74980 (Narrowing occurred during type inference). (Laruence) - OpenSSL: . Fixed bug #74903 (openssl_pkcs7_encrypt() uses different EOL than before). (Anatol) - phar: . Fixed bug #74991 (include_path has a 4096 char limit in some cases). (bwbroersma) - Reflection: . Fixed bug #74949 (null pointer dereference in _function_string). (Laruence) - Session: . Fixed bug #74892 (Url Rewriting (trans_sid) not working on urls that start with "#"). (Andrew Nester) . Fixed bug #74936 (session_cache_expire/cache_limiter/save_path() trigger a warning in read mode). (morozov) . Fixed bug #74941 (session fails to start after having headers sent). (morozov) . Fixed bug #74833 (SID constant created with wrong module number). (Anatol) - SimpleXML: . Fixed bug #74950 (nullpointer deref in simplexml_element_getDocNamespaces). (Laruence) - SPL: . Fixed bug #74669 (Unserialize ArrayIterator broken). (Andrew Nester) . Fixed bug #74977 (Appending AppendIterator leads to segfault). (Andrew Nester) . Fixed bug #75015 (Crash in recursive iterator destructors). (Julien) - Standard: . Fixed bug #74851 (uniqid() without more_entropy performs badly). (Emmanuel Dreyfus) 20 Jul 2017, PHP 7.2.0beta1 - Core: . Added new VM instuctions ISSET_ISEMPTY_CV and UNSET_CV. Previously they were implemented as ISSET_ISEMPTY_VAR and UNSET_VAR variants with ZEND_QUICK_SET flag. (Nikita, Dmitry) . Fixed bug #74603 (PHP INI Parsing Stack Buffer Overflow Vulnerability). (Stas) . Fixed bug #74111 (Heap buffer overread (READ: 1) finish_nested_data from unserialize). (Nikita) . Fixed bug #74819 (wddx_deserialize() heap out-of-bound read via php_parse_date()). (Derick) . Fixed bug #49649 (unserialize() doesn't handle changes in property visibility). (pmmaga) . Fixed #74866 (extension_dir = "./ext" now use current directory for base). (Francois Laupretre) . Fixed bug #74923 (Crash when crawling through network share). (Anatol) . Fixed bug #74913 (fixed incorrect poll.h include). (petk) . Fixed bug #74906 (fixed incorrect errno.h include). (petk) - Date: . Fixed bug #74852 (property_exists returns true on unknown DateInterval property). (jhdxr) - DOM: . Implement #74837 (Implement Countable for DomNodeList and DOMNamedNodeMap). (Andreas Treichel) - EXIF: . Implemented #65187 (exif_read_data/thumbnail: add support for stream resource). (Kalle) . Deprecated the read_exif_data() alias. (Kalle) . Fixed bug #74428 (exif_read_data(): "Illegal IFD size" warning occurs with correct exif format). (bradpiccho at gmail dot com, Kalle) . Fixed bug #72819 (EXIF thumbnails not read anymore). (Kalle) . Fixed bug #62523 (php crashes with segfault when exif_read_data called). (Kalle) . Fixed bug #50660 (exif_read_data(): Illegal IFD offset (works fine with other exif readers). (skinny dot bravo at gmail dot com, Kalle) - GD: . Fixed bug #74435 (Buffer over-read into uninitialized memory). (cmb) - IMAP: . Fixed bug #72324 (imap_mailboxmsginfo() return wrong size). (ronaldpoon at udomain dot com dot hk, Kalle) - JSON: . Add JSON_INVALID_UTF8_IGNORE and JSON_INVALID_UTF8_SUBSTITUTE options for json_encode and json_decode to ignore or replace invalid UTF-8 byte sequences - it addresses request #65082. (Jakub Zelenka) - LDAP: . Fixed passing an empty array to ldap_set_option for client or server controls. - Opcache: . Added global optimisation passes based on data flow analysis using Single Static Assignment (SSA) form: Sparse Conditional Constant Propagation (SCCP), Dead Code Elimination (DCE), and removal of unused local variables (Nikita, Dmitry) - OpenSSL: . Add ssl security_level stream option to support OpenSSL security levels. (Jakub Zelenka). . Allow setting SNI cert and private key in separate files. (Jakub Zelenka) . Fixed bug #74651 (negative-size-param (-1) in memcpy in zif_openssl_seal()). (Stas) - PCRE: . Fixed bug #74873 (Minor BC break: PCRE_JIT changes output of preg_match()). (Dmitry) - Sodium: . New cryptographic extension - SQLite3: . Fixed bug #74883 (SQLite3::__construct() produces "out of memory" exception with invalid flags). (Anatol) - ZIP: . ZipArchive implements countable, added ZipArchive::count() method. (Remi) . Fix segfault in php_stream_context_get_option call. (Remi) 06 Jul 2017, PHP 7.2.0alpha3 - Core: . Fixed bug #74780 (parse_url() broken when query string contains colon). (jhdxr) . Fixed bug #74761 (Unary operator expected error on some systems). (petk) . Allow loading PHP/Zend extensions by name in ini files (extension=). (francois at tekwire dot net) . Added object type annotation. (brzuchal) . Fixed bug #74815 (crash with a combination of INI entries at startup). (Anatol) . Fixed bug #74836 (isset on zero-prefixed numeric indexes in array broken). (Dmitry) . Fixed bug #74101, bug #74614 (Unserialize Heap Use-After-Free (READ: 1) in zval_get_type). (Nikita) - CLI: . Fixed bug #74849 (Process is started as interactive shell in PhpStorm). (Anatol) - LDAP: . Implemented FR #69445 (Support for LDAP EXOP operations) . Fixed support for LDAP_OPT_SERVER_CONTROLS and LDAP_OPT_CLIENT_CONTROLS in ldap_get_option - OpenSSL: . Fixed bug #74798 (pkcs7_en/decrypt does not work if \x0a is used in content). (Anatol) - SPL: . Fixed bug #73471 (PHP freezes with AppendIterator). (jhdxr) . Fixed bug #71412 (Incorrect arginfo for ArrayIterator::__construct). (tysonandre775 at hotmail dot com) - Session: . Fixed bug #74514 (5 session functions incorrectly warn when calling in read-only/getter mode). (Yasuo) - Standard: . Add support for extension name as argument to dl(). (francois at tekwire dot net) - zlib: . Fixed bug #73944 (dictionary option of inflate_init() does not work). (wapmorgan) . Expose inflate_get_status() and inflate_get_read_len() functions. (Matthew Trescott) 22 Jun 2017, PHP 7.2.0alpha2 - Core: . Change PHP_OS_FAMILY value from "OSX" to "Darwin". (Sebastian, Kalle) - GD: . Fixed bug #74744 (gd.h: stdarg.h include missing for va_list use in gdErrorMethod). (rainer dot jung at kippdata dot de, cmb) - OCI8: . Add TAF callback (PR #2459). (KoenigsKind) . Fixed bug #74625 (Integer overflow in oci_bind_array_by_name). (Ingmar Runge) - OpenSSL: . Fixed bug #74720 (pkcs7_en/decrypt does not work if \x1a is used in content). (Anatol) . Use TLS_ANY for default ssl:// and tls:// negotiation. (kelunik) . Fix leak in openssl_spki_new(). (jelle at vdwaa dot nl) . Added openssl_pkcs7_read() and pk7 parameter to openssl_pkcs7_verify(). (jelle at vdwaa dot nl) - PDO_OCI: . Fixed Bug #74537 (Align --with-pdo-oci configure option with --with-oci8 syntax). (Tianfang Yang) - Standard: . Compatibility with libargon2 versions 20161029 and 20160821. (charlesportwoodii at erianna dot com) . Fixed Bug #74737 (mysqli_get_client_info reflection info). (mhagstrand at gmail dot com) - Streams: . Default ssl/single_dh_use and ssl/honor_cipher_order to true. (kelunik) - SQLite3: . Update to Sqlite 3.19.3. (cmb) . Implement writing to blobs. (bohwaz at github dot com) 08 Jun 2017, PHP 7.2.0alpha1 - Core: . Added ZEND_COUNT, ZEND_GET_CLASS, ZEND_GET_CALLED_CLASS, ZEND_GET_TYPE, ZEND_FUNC_NUM_ARGS, ZEND_FUNC_GET_ARGS instructions, to implement corresponding builtin functions. (Dmitry) . "Countable" interface is moved from SPL to Core. (Dmitry) . Added ZEND_IN_ARRAY instruction, implementing optimized in_array() builtin function, through hash lookup in flipped array. (Dmitry) . Removed IS_TYPE_IMMUTABLE (it's the same as COPYABLE & !REFCOUNTED). (Dmitry) . Removed the sql.safe_mode directive. (Kalle) . Removed support for Netware. (Kalle) . Renamed ReflectionClass::isIterateable() to ReflectionClass::isIterable() (alias original name for BC). (Sara) . Fixed bug #54535 (WSA cleanup executes before MSHUTDOWN). (Kalle) . Implemented FR #69791 (Disallow mail header injections by extra headers) (Yasuo) . Implemented FR #49806 (proc_nice() for Windows). (Kalle) . Fix pthreads detection when cross-compiling (ffontaine) . Fixed memory leaks caused by exceptions thrown from destructors. (Bob, Dmitry). . Fixed bug #73215 (uniqid() should use better random source). (Yasuo) . Fixed bug #73337 (try/catch not working with two exceptions inside a same operation). (Dmitry) . Implemented FR #72768 (Add ENABLE_VIRTUAL_TERMINAL_PROCESSING flag for php.exe). (Michele Locati) . Implemented "Convert numeric keys in object/array casts" RFC, fixes bugs #53838, #61655, #66173, #70925, #72254, etc. (Andrea) . Implemented "Deprecate and Remove Bareword (Unquoted) Strings" RFC. (Rowan Collins) . Raised minimum supported Windows versions to Windows 7/Server 2008 R2. (Anatol) . Implemented minor optimization in array_keys/array_values(). (Sara) . Fixed bug #73969 (segfault in debug_print_backtrace). (andrewnester) . Added PHP_OS_FAMILY constant to determine on which OS we are. (Jan Altensen) . Fixed bug #73994 (arginfo incorrect for unpack). (krakjoe) . Fixed bug #73973 (assertion error in debug_zval_dump). (andrewnester) . Fixed bug #73987 (Method compatibility check looks to original definition and not parent). (pmmaga) . Fixed bug #73991 (JSON_OBJECT_AS_ARRAY not respected). (Sara) . Fixed bug #74053 (Corrupted class entries on shutdown when a destructor spawns another object). (jim at commercebyte dot com) . Fixed bug #73971 (Filename got limited to MAX_PATH on Win32 when scan directory). (Anatol) . Fixed bug #74149 (static embed SAPI linkage error). (krakjoe) . Fixed bug #72359, bug #72451, bug #73706, bug #71115 and others related to interned strings handling in TS builds. (Anatol, Dmitry) . Implemented "Trailing Commas In List Syntax" RFC for group use lists only. (Sammy Kaye Powers) . Fixed bug #74269 (It's possible to override trait property with different loosely-equal value). (pmmaga) . Fixed bug #61970 (Restraining __construct() access level in subclass gives a fatal error). (pmmaga) . Fixed bug #63384 (Cannot override an abstract method with an abstract method). (pmmaga, wes) . Fixed bug #74607 (Traits enforce different inheritance rules). (pmmaga) . Fixed misparsing of abstract unix domain socket names. (Sara) - BCMath: . Fixed bug #46564 (bcmod truncates fractionals). (liborm85) - Calendar: . Fix integer overflows (Joshua Rogers) - Date: . Fixed bug #55407 (Impossible to prototype DateTime::createFromFormat). (kelunik) . Fixed bug #69587 (DateInterval properties and isset). (jhdxr) . Fixed bug #74404 (Wrong reflection on DateTimeZone::getTransitions). (krakjoe) . Fixed bug #74080 (add constant for RFC7231 format datetime). (duncan3dc) . Fixed bug #74639 (implement clone for DatePeriod and DateInterval). (andrewnester) . Implemented FR #71520 (Adding the DateTime constants to the DateTimeInterface interface). (Majkl578) - Dba: . Fixed bug #72885 (flatfile: dba_fetch() fails to read replaced entry). (Anatol) - DOM: . Fixed bug #67474 (getElementsByTagNameNS filter on default ns). (aboks) . Fixed bug #54382 (getAttributeNodeNS doesn't get xmlns* attributes). (aboks) . Fixed bug #74004 (LIBXML_NOWARNING (etc) ignored by DOMDocument::loadHTML). (somedaysummer) - EXIF: . Added support for vendor specific tags for the following formats: Samsung, DJI, Panasonic, Sony, Pentax, Minolta, Sigma/Foveon, AGFA, Kyocera, Ricoh & Epson. (Kalle) . Fixed bug #72682 (exif_read_data() fails to read all data for some images). (Kalle) . Fixed bug #71534 (Type confusion in exif_read_data() leading to heap overflow in debug mode). (hlt99 at blinkenshell dot org, Kalle) . Fixed bug #68547 (Exif Header component value check error). (sjh21a at gmail dot com, Kalle) . Fixed bug #66443 (Corrupt EXIF header: maximum directory nesting level reached for some cameras). (Kalle) . Fixed Redhat bug #1362571 (PHP not returning full results for exif_read_data function). (Kalle) - FPM: . Configuration to limit fpm slow log trace callers. (Sannis) . Fixed bug #69865 (php-fpm does not close stderr when using syslog). (Mike) - FTP: . Fixed bug #74598 (ftp:// wrapper ignores context arg). (Sara) . Implement MLSD for structured listing of directories. (blar) - GD: . Implemented imageresolution as getter and setter (Christoph) . Fixed bug #74343 (compile fails on solaris 11 with system gd2 library). (krakjoe) - GMP: . Fixed bug #70896 (gmp_fact() silently ignores non-integer input). (Sara) - hash: . Fixed bug #73961 (environmental build dependency in hash sha3 source). (krakjoe) . Changed HashContext from resource to object. (Rouven Weßling, Sara) . Disallowed usage of non-cryptographic hash functions with HMAC and PBKDF2. (Andrey Andreev, Nikita) - intl: . Fixed bug #74433 (wrong reflection for Normalizer methods). (villfa) . Fixed bug #74439 (wrong reflection for Locale methods). (villfa) . Fixed bug #74468 (wrong reflection on Collator::sortWithSortKeys). (villfa) . Fixed bug #63790 (test using Spoofchecker which may be unavailable). (Sara) - Mbstring: . Implemented request #66024 (mb_chr() and mb_ord()). (Masakielastic, Yasuo) . Implemented request #65081 (mb_scrub()). (Masakielastic, Yasuo) . Implemented request #69086 (enhancement for mb_convert_encoding() that handles multibyte replacement char nicely). (Masakielastic, Yasuo) . Added array input support to mb_convert_encoding(). (Yasuo) . Added array input support to mb_check_encoding(). (Yasuo) . Fixed bug #69079 (enhancement for mb_substitute_character). (masakielastic) . Update to oniguruma version 6.3.0. (Remi) - Mcrypt: . The deprecated mcrypt extension has been moved to PECL. (leigh) - MySQLi: . Fixed bug #73949 (leak in mysqli_fetch_object). (krakjoe) - mysqlnd: . Fixed bug #73800 (sporadic segfault with MYSQLI_OPT_INT_AND_FLOAT_NATIVE). (vanviegen) - OpenSSL: . Fixed bug #71519 (add serial hex to return value array). (xrobau) - PCRE: . Added support for PCRE JIT fast path API. (dmitry) . Fixed bug #61780 (Inconsistent PCRE captures in match results). (cmb) - PDO: . Add "Sent SQL" to debug dump for emulated prepares. (Adam Baratz) . Add parameter types for national character set strings. (Adam Baratz) - PDO_DBlib: . Fixed bug #73234 (Emulated statements let value dictate parameter type). (Adam Baratz) . Fixed bug #73396 (bigint columns are returned as strings). (Adam Baratz) . Expose DB-Library version as \PDO::DBLIB_ATTR_VERSION attribute on \PDO instance. (Adam Baratz) . Add test coverage for bug #72969. (Jeff Farr) - PDO_OCI: . Fixed bug #54379 (PDO_OCI: UTF-8 output gets truncated). (gureedo / Oracle) - PDO_PgSQL: . Fixed bug #73959 (lastInsertId fails to throw an exception for wrong sequence name). (andrewnester) - PDO_Sqlite . Switch to sqlite3_prepare_v2() and sqlite3_close_v2() functions (rasmus) - phar: . Fixed bug #74383 (phar method parameters reflection correction). (mhagstrand) . Fixed bug #74196 (phar does not correctly handle names containing dots). (mhagstrand) . Fixed bug #74386 (Phar::__construct reflection incorrect). (villfa) - PHPDBG . Added extended_value to opcode dump output. (Sara) - posix: . Fixed bug #71219 (configure script incorrectly checks for ttyname_r). (atoh) - Session: . Fixed bug #73461 (Prohibit session save handler recursion). (Yasuo) . PR #2233 Removed register_globals related code and "!" can be used as $_SESSION key name. (Yasuo) . Improved bug #73100 fix. 'user' save handler can only be set by session_set_save_handler() . Fixed bug #69582 (session not readable by root in CLI). (EvgeniySpinov) - SOAP: . Fixed bug #69137 (Peer verification fails when using a proxy with SoapClient) (Keith Smiley) - SQLite3: . Update to Sqlite 3.18.0. (cmb) . Fixed bug #74413 (incorrect reflection for SQLite3::enableExceptions). (krakjoe) - Standard: . Add subject to mail log. (tomsommer) . Fixed bug #31875 (get_defined_functions additional param to exclude disabled functions). (willianveiga) . Fixed bug #69442 (closing of fd incorrect when PTS enabled). (jaytaph) . Fixed bug #72974 (imap is undefined service on AIX). (matthieu.sarter) . Fixed bug #72979 (money_format stores wrong length AIX). (matthieu.sarter) . Fixed bug #74300 (unserialize accepts two plus/minus signs for float number exponent part). (xKerman) . Fixed bug #74556 (stream_socket_get_name() returns '\0'). (Sara) - XML: . Moved utf8_encode() and utf8_decode() to the Standard extension. (Andrea) . Fixed bug #72135 (malformed XML causes fault) (edgarsandi) - xmlreader: . Fixed bug #74457 (Wrong reflection on XMLReader::expand). (villfa) - XMLRPC: . Use Zend MM for allocation in bundled libxmlrpc (Joe) - ZIP: . Add support for encrypted archives. (Remi) . Use of bundled libzip is deprecated, --with-libzip option is recommended. (Remi) . Fixed Bug #73803 (Reflection of ZipArchive does not show public properties). (Remi) <<< NOTE: Insert NEWS from last stable release here prior to actual release! >>>