mirror of
https://github.com/php/php-src.git
synced 2026-04-09 09:03:04 +02:00
ed709d5aa0
* PHP-5.5: update NEWS fix test update NEWS Fix bug #70019 - limit extracted files to given directory Do not do convert_to_* on unserialize, it messes up references Fix #69793 - limit what we accept when unserializing exception Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList) Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject ignore signatures for packages too Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage Fixed bug #69892 Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes Improved fix for Bug #69441 Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items) Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref) Fix bug #70081: check types for SOAP variables Conflicts: ext/soap/php_http.c ext/spl/spl_observer.c
The CLI (command line interface) SAPI has been introduced
with a goal of making PHP better at supporting the creation of
stand alone applications.
It is based on CGI SAPI with all CGI specific things removed.
The main differences between the two:
* CLI is started up in quiet mode by default.
(-q switch kept for compatibility)
* It does not change the working directory to that of the script.
(-C switch kept for compatibility)
* Plain text error message
* $argc and $argv registered irrespective of the register_argc_argv
php.ini setting.
* implicit_flush always on
* -r option which allows execution of PHP code directly from
the command line (e.g. php -r 'echo md5("test");' )
* Other more sophisticated command line switches (see: man php)
* max_execution_time is set to unlimited, overriding php.ini setting.