* PHP-5.5:
update NEWS
fix test
update NEWS
Fix bug #70019 - limit extracted files to given directory
Do not do convert_to_* on unserialize, it messes up references
Fix#69793 - limit what we accept when unserializing exception
Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList)
Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject
ignore signatures for packages too
Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage
Fixed bug #69892
Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes
Improved fix for Bug #69441
Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items)
Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref)
Fix bug #70081: check types for SOAP variables
Conflicts:
ext/soap/php_http.c
ext/spl/spl_observer.c
* PHP-5.5:
Handle NULL strings in sapi_cli_server_register_variable().
Allow CLI server test scripts to specify the name of the router file.
Conflicts:
sapi/cli/tests/php_cli_server.inc
We had an infinite loop in sapi_cli_server_send_headers(): while iterating over
the linked list of headers, when an empty header was hit, continue would go to
the next iteration of the loop without updating h to be the next value in the
linked list. Updating it to always increment regardless of whether the header
is actually valid or not fixes the issue.
* PHP-5.5:
Updated NEWS
Removed UPGRADING note
Rewrote test using tcp instead of http:// stream
Implemented FR #65917 (getallheaders() is not supported by the built-in...)
- Implemented apache_request_headers() and getallheaders() alias in CLI server
- Implemented apache_response_headers() in CLI server using FastCGI code
Conflicts:
NEWS
UPGRADING
* PHP-5.4:
Fix the spelling of the php_cli_server_http_response_status_code_pair typedef.
Change the search in get_status_string() to correctly handle unknown codes.
This previously used a buggy implementation of binary search that would loop
infinitely for unknown codes when searching in reason arrays of particular
sizes (such as the one we have at the moment). Since C provides bsearch(),
we'll just use that instead, since libc authors hopefully get this right.
There was also an additional bug that was masked by the first one: the design
was that an unknown code would result in get_status_string() returning NULL,
which would then result in a segfault in append_http_status_line(), since it
assumed that it would always receive a valid string pointer that could be
handed off to smart_str_appends_ex(). We'll now return a placeholder in that
case.
Fixes bug #65066 (Cli server not responsive when responding with 422 http
status code).
