This is a private property, so we are allowed to add a type.
The new declaration of the property is:
private array $trace = [];
This ensures that Exception::getTrace() does indeed return an array.
Userland code that was modifying the property through refleciton
may have to be adjusted to assign an array (instead of null,
for example).
Closes GH-5636.
Closes GH-5353. From now on, PHP will have reflection information
about default values of parameters of internal functions.
Co-authored-by: Nikita Popov <nikita.ppv@gmail.com>
We also change `Generator::throw()` to expect a `Throwable` in the
first place, and we now throw a TypeError instead of returning `false`
from `Exception::getTraceAsString()`.
I thought these were redundant, because we already NULL out the
clone_obj object handler. However, it turns out that reflection is
using private __clone() to determine clonability (isCloneable) for
the case where we only have a class, rather than an object.
As such, removing these methods would be a BC break.
This reverts commit e7131a4e9f.
This reverts commit 55bd88ce0d.
Exceptions already prohibit cloning by setting clone_obj to NULL
(which is integrated with reflection). No need to additionally
define a dummy __clone() method.
* PHP-5.6:
update NEWS
fix test
update NEWS
Fix bug #70019 - limit extracted files to given directory
Do not do convert_to_* on unserialize, it messes up references
Fix#69793 - limit what we accept when unserializing exception
Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList)
Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject
ignore signatures for packages too
Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage
Fixed bug #69892
Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes
Improved fix for Bug #69441
Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items)
Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref)
Fix bug #70081: check types for SOAP variables
Conflicts:
Zend/zend_exceptions.c
ext/date/php_date.c
ext/openssl/openssl.c
ext/phar/phar_internal.h
ext/soap/php_http.c
ext/spl/spl_array.c
ext/spl/spl_dllist.c
ext/spl/spl_observer.c
ext/standard/tests/serialize/bug69152.phpt
sapi/cli/tests/005.phpt
