Many FTP-S servers now require FTP clients to re-use the SSL session
from the control connection on the data connection, to prove that the
same entity controls both connections. This patch updates PHP's FTP-S
client code to allow that possibility.
getimagesize() is rather strict about the length of the marker payload data,
and fails if there are extraneous bytes before the next marker. Only a very
special case reported in bug #13213 is catered to.
libjpeg is rather resilient to such corrupted JPEG files, and raises a
recoverable error in this case. Other image processors also accept such
JPEG files, so we adapt getimagesize() to skip (but warn about) such
extraneous bytes.
The has_property handler only checked whether a respective column name
exists, but neither whether the column value is set, nor whether it is
empty, respectively. We fix that to match the behavior of POD:FETCH_OBJ in
particular and PHP in general.
This should be safe change, as we don't dereference value and member
after calling setter/getter.
And compare to adding unref codes, this is much cheaper.
We don't want ReflectionMethod::invoke() to simply ignore its first argument,
if the method to invoke is a static method. Instead we match its ZPP with
that of ReflectionMethod::invokeArgs(). Furthermore, we apply the DRY
principle by factoring out the code to a common helper function to prevent
inadvertent future divergence of the implementations of both methods.
As can be seen from the necessity to adapt some test cases, this causes a
BC break for some pathological cases. Therefore we apply this patch to PHP
7.1 only, which is still in beta phase.
Also initialize buffer and buffer2 to NULL, which should fix bug #72039 (Use of uninitialised value on mssql_guid_string).
This only applies to 5.6, as we do not have mssql in 7.0 anymore
Calling imagesetstyle() with an empty $styles array caused gdImageSetStyle()
to be called with `noOfPixels==0`, what could have lead to OOB reads.
Actually, this issue will be fixed in libgd, but to avoid issues when older
libgd is in use, we simply disallow passing an empty $styles array to
imagesetstyle(), what wouldn't serve a useful purpose anyway.
