#
51e2015a |
| 23-Feb-2021 |
Christoph M. Becker |
Fix #78719: http wrapper silently ignores long Location headers When opening HTTP streams, and reading the headers, we currently discard header lines longer than `HTTP_HEADER_BLOCK_SIZE`
Fix #78719: http wrapper silently ignores long Location headers When opening HTTP streams, and reading the headers, we currently discard header lines longer than `HTTP_HEADER_BLOCK_SIZE` (1024 bytes). While this is not generally forbidden by RFC 7230, section 3.2.5, it is not generally allowed either, since that may change the "message framing or response semantics". We thus fix this by allowing arbitrarily long header lines. Closes GH-6720.
show more ...
|
#
e8579365 |
| 11-Sep-2020 |
Nikita Popov |
Fixed bug #80805 Handle missing result_var in binary_op_result_type. (cherry picked from commit 8446e2827585c37d0739f8d44fa8d359cbbb6551)
|
#
78b0a85d |
| 24-Feb-2021 |
Felipe Pena |
Update NEWS
|
#
963e50c8 |
| 16-Feb-2021 |
Christoph M. Becker |
Fix #75776: Flushing streams with compression filter is broken First, the `bzip2.compress` filter has the same issue as `zlib.deflate` so we port the respective fix[1] to ext/bz2.
Fix #75776: Flushing streams with compression filter is broken First, the `bzip2.compress` filter has the same issue as `zlib.deflate` so we port the respective fix[1] to ext/bz2. Second, there is still an issue, if a stream with an attached compression filter is flushed before it is closed, without any writes in between. In that case, the compression is never finalized. We fix this by enforcing a `_php_stream_flush()` with the `closing` flag set in `_php_stream_free()`, whenever a write filter is attached. This call is superfluous for most write filters, but does not hurt, even when it is unnecessary. [1] <http://git.php.net/?p=php-src.git;a=commit;h=20e75329f2adb11dd231852c061926d0e4080929> Closes GH-6703.
show more ...
|
#
073b6ea8 |
| 22-Feb-2021 |
Christoph M. Becker |
Fix #80771: phpinfo(INFO_CREDITS) displays nothing in CLI There is no good reason not to show the credits in text based SAPIs, except for brevity. Thus, we suppress the credits from `ph
Fix #80771: phpinfo(INFO_CREDITS) displays nothing in CLI There is no good reason not to show the credits in text based SAPIs, except for brevity. Thus, we suppress the credits from `php -i`. Closes GH-6710.
show more ...
|
#
d7c98ca1 |
| 19-Feb-2021 |
Christoph M. Becker |
Fix #80774: session_name() problem with backslash Since we do no longer URL decode cookie names[1], we must not URL encode the session name. We need to prevent broken Set-Cookie headers
Fix #80774: session_name() problem with backslash Since we do no longer URL decode cookie names[1], we must not URL encode the session name. We need to prevent broken Set-Cookie headers, by rejecting names which contain invalid characters. [1] <http://git.php.net/?p=php-src.git;a=commit;h=6559fe912661ca5ce5f0eeeb591d928451428ed0> Closes GH-6711.
show more ...
|
#
6dd85f83 |
| 22-Feb-2021 |
Nikita Popov |
Fixed bug #80781 zend_find_array_dim_slow() may throw, make sure to handle this. This backports the code we already use for this on PHP-8.0, and also backports an exception check tha
Fixed bug #80781 zend_find_array_dim_slow() may throw, make sure to handle this. This backports the code we already use for this on PHP-8.0, and also backports an exception check that makes this easier to catch.
show more ...
|
#
84b61528 |
| 17-Feb-2021 |
Christoph M. Becker |
Fix #80763: msgfmt_format() does not accept DateTime references `intl_zval_to_millis()` needs to cater to references. Closes GH-6707.
|
#
9552cf6b |
| 16-Feb-2021 |
Nikita Popov |
Handle incomplete result set metadata more gracefully Rather than segfaulting because sname is missing lateron, report a FAIL here. As this indicates a server bug, the errors is reported
Handle incomplete result set metadata more gracefully Rather than segfaulting because sname is missing lateron, report a FAIL here. As this indicates a server bug, the errors is reported as an out of band warning, rather than a client error. This fixes the PHP side of bug #80713.
show more ...
|
#
2d858fbf |
| 16-Feb-2021 |
Derick Rethans |
Fixed dates
|
#
6d3d9104 |
| 16-Feb-2021 |
Derick Rethans |
PHP-7.4 is now 7.4.17-dev
|
#
64b10854 |
| 15-Feb-2021 |
Nikita Popov |
Fixed bug #80747 If RSA key generation fails, actually report that failure.
|
#
36466042 |
| 05-Feb-2021 |
Daniel Black |
Fix #78680: mysqlnd pam plugin missing terminating null The PAM service requires the terminating null to be part of the communication. Tested with MariaDB-10.4(pam) and Percona
Fix #78680: mysqlnd pam plugin missing terminating null The PAM service requires the terminating null to be part of the communication. Tested with MariaDB-10.4(pam) and Percona Server 5.7.32(auth_pam_compat). Also changed MySQL Enterprise test to the server side plugin, authentication_pam as opposed to the client plugin mysql_clear_password. Add additional check for pamtest user and pam service file as all are required for the test. More importantly, test result should actually succeed. Thanks Geoff Montee for bug report. Closes GH-78680.
show more ...
|
#
c34c5234 |
| 11-Feb-2021 |
Nikita Popov |
Fixed bug #80719
|
#
ca7547c9 |
| 04-Feb-2021 |
Christoph M. Becker |
Fix #80706: mail(): Headers after Bcc headers may be ignored We need to handle the case where a CRLF after a Bcc header is not the beginning of a folding marker, because in that case the
Fix #80706: mail(): Headers after Bcc headers may be ignored We need to handle the case where a CRLF after a Bcc header is not the beginning of a folding marker, because in that case the Bcc header was not the last "thing". Closes GH-6666.
show more ...
|
#
3f8d21b9 |
| 04-Feb-2021 |
Christoph M. Becker |
Fix #74779: x() and y() truncating floats to integers We must not use the locale dependent `atof()`, but instead use the (hopefully) locale independent `zend_strtod()`, when converting s
Fix #74779: x() and y() truncating floats to integers We must not use the locale dependent `atof()`, but instead use the (hopefully) locale independent `zend_strtod()`, when converting string representations of floating point numbers which are sent by the server. Closes GH-6665.
show more ...
|
#
1bb2a4f9 |
| 26-Jan-2021 |
Christoph M. Becker |
Fix #53467: Phar cannot compress large archives When Phars are flushed, a new temporary file is created for each entry which should be compressed, and the `compressed_filesize` is retrie
Fix #53467: Phar cannot compress large archives When Phars are flushed, a new temporary file is created for each entry which should be compressed, and the `compressed_filesize` is retrieved. Afterwards, the Phar manifest is written, and only after that the files are copied to the actual Phar. So for each such entry there is an open temp file, what easily exceeds the limit. Therefore, we use a single temporary file for all entries, and store the start offset in the otherwise unused `header_offset` member. We ensure that the `cfp` members are properly set to NULL even if flushing fails, to avoid use after free scenarios. This solution is based on a suggestion by @lserni[1]. Closes GH-6643. [1] <https://github.com/box-project/box2/issues/80#issuecomment-77147371>
show more ...
|
#
7e947908 |
| 28-Jan-2021 |
Christoph M. Becker |
Fix #80654: file_get_contents() maxlen fails above (2**31)-1 bytes We remove the arbitrary restriction to `INT_MAX`; it is superfluous on 32bit systems where `ZEND_LONG_MAX == INT_MAX` a
Fix #80654: file_get_contents() maxlen fails above (2**31)-1 bytes We remove the arbitrary restriction to `INT_MAX`; it is superfluous on 32bit systems where `ZEND_LONG_MAX == INT_MAX` anyway, and not useful on 64bit systems, where larger files should be readable, if the `memory_limit` is large enough. Closes GH-6648.
show more ...
|
#
3c939e3f |
| 01-Feb-2021 |
Stanislav Malyshev |
Fix bug #80672 - Null Dereference in SoapClient
|
#
aeb4f215 |
| 28-Jan-2021 |
Remi Collet |
NEWS
|
#
6a0b889f |
| 26-Jan-2021 |
Christoph M. Becker |
Fix #70091: Phar does not mark UTF-8 filenames in ZIP archives The default encoding of filenames in a ZIP archive is IBM Code Page 437. Phar, however, only supports UTF-8 filenames. Th
Fix #70091: Phar does not mark UTF-8 filenames in ZIP archives The default encoding of filenames in a ZIP archive is IBM Code Page 437. Phar, however, only supports UTF-8 filenames. Therefore we have to mark filenames as being stored in UTF-8 by setting the general purpose bit 11 (the language encoding flag). The effect of not setting this bit for non ASCII filenames can be seen in popular tools like 7-Zip and UnZip, but not when extracting the archives via ext/phar (which is agnostic to the filename encoding), or via ext/zip (which guesses the encoding). Thus we add a somewhat brittle low-level test case. Closes GH-6630.
show more ...
|
#
61ed904c |
| 25-Jan-2021 |
Christoph M. Becker |
Fix #75850: Unclear error message wrt. __halt_compiler() w/o semicolon We add the failure reason to the error message. Closes GH-6638.
|
#
6adfb8c9 |
| 20-Jan-2021 |
Christoph M. Becker |
Fix #80648: Fix for bug 79296 should be based on runtime version Instead of checking for actually affected libzip versions, we now always `ZIP_TRUNCATE` empty files unless `ZIP_RDONLY` i
Fix #80648: Fix for bug 79296 should be based on runtime version Instead of checking for actually affected libzip versions, we now always `ZIP_TRUNCATE` empty files unless `ZIP_RDONLY` is set. Closes GH-6625.
show more ...
|
#
a33d0c3a |
| 19-Jan-2021 |
Derick Rethans |
Update NEWS and version
|
#
e8a89c49 |
| 19-Jan-2021 |
Derick Rethans |
Update NEWS for PHP 7.4.15RC1
|