mirror of
https://github.com/php/php-src.git
synced 2026-04-09 17:13:31 +02:00
ed709d5aa0
* PHP-5.5: update NEWS fix test update NEWS Fix bug #70019 - limit extracted files to given directory Do not do convert_to_* on unserialize, it messes up references Fix #69793 - limit what we accept when unserializing exception Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList) Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject ignore signatures for packages too Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage Fixed bug #69892 Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes Improved fix for Bug #69441 Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items) Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref) Fix bug #70081: check types for SOAP variables Conflicts: ext/soap/php_http.c ext/spl/spl_observer.c
This is an extension that aims to implement some efficient data access interfaces and classes. You'll find the classes documented using php code in the file spl.php or in the corresponding .inc file in the examples subdirectory. Based on the internal implementations or the files in the examples subdirectory there are also some .php files to experiment with. For more information look at: http://php.net/manual/en/book.spl.php