The SEPARATE_ARG_IF_REF macro increased the refcount of the object passed as a
key.
However, when the key did not exist in the ArrayAccess implementation,
the code returned early without trying to decrement the refcount.
Add a test of `??` succeeding+failing on a SplObjectStorage instance.
If this does not break the Unix system somehow, I'll be amazed. This should get most of it out, apologies for any errors this may cause on non-Windows ends which I cannot test atm.
* PHP-7.0:
followup with #73276 merge
fix test
Fix bug #73276 - crash in openssl_random_pseudo_bytes function
Fix bug #73293 - NULL pointer dereference in SimpleXMLElement::asXML()
Fix for #73240 - Write out of bounds at number_format
avoid strlen
Bug #73218: add mitigation for ICU int overflow
Add more locale length checks, due to ICU bugs.
Fix bug #73150: missing NULL check in dom_document_save_html
Clear FG(user_stream_current_filename) when bailing out
set versions and release date
sync NEWS
Revert "Fixed bug #73067 (__debugInfo crashes when throwing an exception)"
Fix for #73240 - Write out of bounds at number_format
Fix bug #73257 and bug #73258 - SplObjectStorage unserialize allows use of non-object as key
set versions
Fix bug #73091 - Unserializing DateInterval object may lead to __toString invocation
* origin/PHP-7.0.12: (99 commits)
set versions and release date
sync NEWS
Revert "Fixed bug #73067 (__debugInfo crashes when throwing an exception)"
set versions
update NEWS
Ignore potentially misleading dberr values
update NEWS
Fixed bug #73172 parse error: Invalid numeric literal
Fix#53745: cgi.discard_path option is missing from php.ini
update libs_versions.txt
update libs_versions.txt
Fixed bug #73156 (segfault on undefined function)
Add an include path for freetype which is relevant for cmake builds
Fix test_image_equals_file() wrt. palette images
Fixed bug #73163Fix#73161: imagecreatefromgd2() may leak memory
Fix#73159: imagegd2(): unrecognized formats may result in corrupted files
Fix#73155: imagegd2() writes wrong chunk sizes on boundaries
Fix#73157 (again): imagegd2() ignores 3rd param if 4 are given
Fix#73157: imagegd2() ignores 3rd param if 4 are given
...
It fixes several bugs:
- Fixed bug #45554 (Inconsistent behavior of the u format char).
- Fixed bug #48225 (DateTime parser doesn't set microseconds for "now").
- Fixed bug #52514 (microseconds are missing in DateTime class).
- Fixed bug #52519 (microseconds in DateInterval are missing).
- Fixed bug #68506 (General DateTime improvments needed for microseconds to become useful).
- Fixed bug #73109 (timelib_meridian doesn't parse dots correctly).
- Fixed bug #73247 (DateTime constructor does not initialise microseconds property).
It also updates timelib to 2016.04, and updates a data mapping file, which
causes changes to the volatile abbreviations tests.
In case USE_KEY flag is active, RegexIterator->accept() should keep it's
old behavior which is to accept keys mapping arrays.
This broke after PHP 5.5 but was not noticed due to lack of tests for USE_KEY.
* PHP-7.1: (23 commits)
Fix bug #72293 - Heap overflow in mysqlnd related to BIT fields
Fix bug #72293 - Heap overflow in mysqlnd related to BIT fields
I don't think 8cceb012a7 is needed
Fix test
Add check in fgetcsv in case sizeof(unit) != sizeof(size_t)
Fix bug #73065: Out-Of-Bounds Read in php_wddx_push_element of wddx.c
Fix bug #73035 (Out of bound when verify signature of tar phar in phar_parse_tarfile)
Fix bug #73052 - Memory Corruption in During Deserialized-object Destruction
Fix bug #73029 - Missing type check when unserializing SplArray
Fix bug #72860: wddx_deserialize use-after-free
Fix bug #73007: add locale length check
Fix bug #72928 - Out of bound when verify signature of zip phar in phar_parse_zipfile
sync NEWS
Revert "Merge branch 'PHP-5.6' into PHP-7.0"
Merge branch 'PHP-5.6' into PHP-7.0
Merge branch 'PHP-5.6' into PHP-7.0
Revert "Revert "Merge branch 'PHP-5.6' into PHP-7.0""
fix version
sync NEWS
Fix bug #72957
...
* PHP-7.0: (22 commits)
Fix bug #72293 - Heap overflow in mysqlnd related to BIT fields
I don't think 8cceb012a7 is needed
Fix test
Add check in fgetcsv in case sizeof(unit) != sizeof(size_t)
Fix bug #73065: Out-Of-Bounds Read in php_wddx_push_element of wddx.c
Fix bug #73035 (Out of bound when verify signature of tar phar in phar_parse_tarfile)
Fix bug #73052 - Memory Corruption in During Deserialized-object Destruction
Fix bug #73029 - Missing type check when unserializing SplArray
Fix bug #72860: wddx_deserialize use-after-free
Fix bug #73007: add locale length check
Fix bug #72928 - Out of bound when verify signature of zip phar in phar_parse_zipfile
sync NEWS
Revert "Merge branch 'PHP-5.6' into PHP-7.0"
Merge branch 'PHP-5.6' into PHP-7.0
Merge branch 'PHP-5.6' into PHP-7.0
Revert "Revert "Merge branch 'PHP-5.6' into PHP-7.0""
fix version
sync NEWS
Fix bug #72957
set versions
...
* PHP-7.0.11: (22 commits)
Fix bug #72293 - Heap overflow in mysqlnd related to BIT fields
I don't think 8cceb012a7 is needed
Fix test
Add check in fgetcsv in case sizeof(unit) != sizeof(size_t)
Fix bug #73065: Out-Of-Bounds Read in php_wddx_push_element of wddx.c
Fix bug #73035 (Out of bound when verify signature of tar phar in phar_parse_tarfile)
Fix bug #73052 - Memory Corruption in During Deserialized-object Destruction
Fix bug #73029 - Missing type check when unserializing SplArray
Fix bug #72860: wddx_deserialize use-after-free
Fix bug #73007: add locale length check
Fix bug #72928 - Out of bound when verify signature of zip phar in phar_parse_zipfile
sync NEWS
Revert "Merge branch 'PHP-5.6' into PHP-7.0"
Merge branch 'PHP-5.6' into PHP-7.0
Merge branch 'PHP-5.6' into PHP-7.0
Revert "Revert "Merge branch 'PHP-5.6' into PHP-7.0""
fix version
sync NEWS
Fix bug #72957
set versions
...
* rng-fixes:
Fix legacy mode RAND_RANGE and 32/64-bit consistency
Fix crypt salt not being converted to b64
Make mode selection part of mt_srand()
Use zend_bitset
Improve array_rand distribution
Fix some insecure usages of php_rand
Alias rand to mt_rand
Fix RAND_RANGE for mt_rand
Fix mt_rand impl. Provide legacy impl. access.
Split rand and mt_rand into separate files
Xinchen Hui