* PHP-5.6:
update NEWS
fix test
update NEWS
Fix bug #70019 - limit extracted files to given directory
Do not do convert_to_* on unserialize, it messes up references
Fix#69793 - limit what we accept when unserializing exception
Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList)
Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject
ignore signatures for packages too
Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage
Fixed bug #69892
Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes
Improved fix for Bug #69441
Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items)
Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref)
Fix bug #70081: check types for SOAP variables
Conflicts:
Zend/zend_exceptions.c
ext/date/php_date.c
ext/openssl/openssl.c
ext/phar/phar_internal.h
ext/soap/php_http.c
ext/spl/spl_array.c
ext/spl/spl_dllist.c
ext/spl/spl_observer.c
ext/standard/tests/serialize/bug69152.phpt
sapi/cli/tests/005.phpt
Squashed commit of the following:
commit d96eab8d79
Author: Francois Laupretre <francois@tekwire.net>
Date: Fri Jun 26 01:23:31 2015 +0200
Use the new 'ZSTR' macros in the rest of the code.
Does not change anything to the generated code (thanks to compat macros) but cleaner.
commit b352643910
Author: Francois Laupretre <francois@tekwire.net>
Date: Thu Jun 25 13:45:06 2015 +0200
Improve zend_string API
Add missing methods
Instead of using the array apply count on the debug_info array, use
the object apply count for recursion detection when dumping. This
handles recursion in a more generic way and does not require each
debug_info handler to deal with this.
This allows returning a temporary debug_info array, instead of
having to store it in the object (thus delaying destruction of the
values).
Switch SPL debug_info handlers to use a temporary array.
Introduces a ZEND_PARSE_PARAMS_THROW flag for zpp, which forces to
report FAILURE errors using a TypeException instead of a Warning,
like it would happen in strict mode.
Adds a zend_parse_parameters_throw() convenience function, which
invokes zpp with this flag.
Converts all cases I could identify, where we currently have
throwing zpp usage in constructors and replaces them with this API.
Error handling is still replaced to EH_THROW in some cases to handle
other, domain-specific errors in constructors.
Removed HashTable->arHash (reduced memory consumption). Now hash slots may be accessed using HT_HASH() macro.
Hash slotas are allocated together with Buckets (before them) and lay in reverse order from HashTable->arData base address (see comments in Zend/zend_types.h)
Indexes in hash table and conflict resolution chains (Z_NEXT) may be stored as indeces or offsets in bytes, depending on system (32 or 64-bit).
HashTable data filelds are reordered to keep the most useful for zend_hash_find() data in the same CPU cache line.
Now each HashTable is also zend_array, so it's refcounted and may be a subject for Copy on Write
zend_array_dup() was changed to allocate and return HashTable, instead of taking preallocated HashTable as argument.
zval_add_ref should be used as a copy ctor, after the value was
already copied.
In particular when used with hash insertions, it should be applied
to the return value of the insert function.
So we can use it there as well...
For now I've retained the zend_smart_str_public.h header, though
it would probably be better to just move that one struct into
zend_types.h.
This API is experemental. It may be changed or removed.
It should be used only for really often used functions.
(Keep the original parsing code and wrap usage with #ifndef FAST_ZPP)
* master: (48 commits)
change locale - looks like not everybody has sl_SI
Fix bug #66921 - Wrong argument type hint for function intltz_from_date_time_zone
fix format
Fix bug #67052 (NumberFormatter::parse() resets LC_NUMERIC setting)
Make sure the generator script also creates a newline at the end of file
Add newline at end of file to prevent compilation warning
Fix handling of session user module custom handlers.
Reference bug report instead of github issue in NEWS file
add more exts for Travis
Update NEWS
Fix phpdbg.1 man page installation when build != src directory
BFN for bug #67551 (php://input temp file will be located in sys_temp_dir instead of upload_tmp_dir)
reorder
restore API compatibility
finish
refactor php_stream_temp_create{,_ex} and use it for the php://input stream
refactor _php_stream_fopen_{temporary_,tmp}file()
fix length overflow of HTTP_RAW_POST_DATA
Update NEWS
Fixed bug #67215 (php-cgi work with opcache, may be segmentation fault happen)
...
Conflicts:
ext/opcache/zend_accelerator_util_funcs.c
ext/session/mod_user.c
ext/spl/spl_array.c
ext/spl/spl_dllist.c
ext/standard/file.c
ext/standard/streamsfuncs.c
ext/standard/string.c
main/streams/memory.c
