* PHP-5.5: (27 commits)
fix non-standard C
update NEWS
5.4.41 next
fix CVE num
update NEWS
Fix bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode)
fix test
fix type in fix for #69085
fix memory leak & add test
Fix tests
fix CVE num
Fix bug #69337 (php_stream_url_wrap_http_ex() type-confusion vulnerability)
Fix test
Additional fix for bug #69324
More fixes for bug #69152
Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions)
Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar)
Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER)
Fix bug #68486 and bug #69218 (segfault in apache2handler with apache 2.4)
Fix bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault)
...
Conflicts:
ext/standard/http_fopen_wrapper.c
* PHP-5.4.40:
Additional fix for bug #69324
More fixes for bug #69152
Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions)
Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar)
Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER)
Fix bug #68486 and bug #69218 (segfault in apache2handler with apache 2.4)
Fix bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault)
Fixed bug #68901 (use after free)
Fixed bug #68740 (NULL Pointer Dereference)
Fix bug #66550 (SQLite prepared statement use-after-free)
Better fix for #68601 for perf https://bitbucket.org/libgd/gd-libgd/commits/81e9a993f2893d651d225646378e3fd1b7465467
Fix bug #68601 buffer read overflow in gd_gif_in.c
Revert "Merge branch 'PHP-5.4' of https://git.php.net/repository/php-src into PHP-5.4"
Fixed bug #69293
Add ZEND_ARG_CALLABLE_INFO to allow internal function to type hint against callable.
- New functions (each accepts a pgsql $connection resource):
. pg_connect_poll
. pg_socket
. pg_consume_input
. pg_flush
- Modified functions
The following functions now additionally return zero if the
underlying socket is set to non-blocking mode and the send
operation does not complete immediately. Previously these
functions returned only boolean TRUE/FALSE and blocked
execution while polling until all data was sent:
. pg_send_execute
. pg_send_prepare
. pg_send_query
. pg_send_query_params
- New constants
Used with pg_connect() to initiate an asynchronous connection
attempt:
. PGSQL_CONNECT_ASYNC
Used with pg_connection_status() to determine the current state
of an async connection attempt:
. PGSQL_CONNECTION_STARTED
. PGSQL_CONNECTION_MADE
. PGSQL_CONNECTION_AWAITING_RESPONSE
. PGSQL_CONNECTION_AUTH_OK
. PGSQL_CONNECTION_SSL_STARTUP
. PGSQL_CONNECTION_SETENV
Used with pg_connect_poll() to determine the result of an
async connection attempt:
. PGSQL_POLLING_FAILED
. PGSQL_POLLING_READING
. PGSQL_POLLING_WRITING
. PGSQL_POLLING_OK
. PGSQL_POLLING_ACTIVE
- Polling via returned pg_socket() stream
pg_socket() returns a read-only socket stream that may be
cast to a file descriptor for select (and similar) polling
operations. Blocking behavior of the pgsql connection socket
can be controlled by calling stream_set_blocking() on the
stream returned by pg_socket().
Use string escape for exotic types that allows to handle any data types. i.e. Array, JSON, JSONB, etc will work.
Add escape only query for better performance which removes meta data look up. Limitations forced by pg_convert() can be avoided with this. PGSQL_DML_ESCAPE constant is added for it.
Anatol Belski