* PHP-5.4.45:
add test
Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
Fix bug #70172 - Use After Free Vulnerability in unserialize()
Fix bug #70388 - SOAP serialize_function_call() type confusion
Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
Improve fix for #70385
Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
Conflicts:
ext/pcre/php_pcre.c
ext/standard/var_unserializer.c
To do global matching (/g), for every empty match we have to do a second match
with PCRE_NOTEMPTY turned on. That may fail, however, when the \K escape
sequence is involved. For this purpose libpcre 8.0 introduced the
PCRE_NOTEMPTY_ATSTART flag, which we will use if available, and otherwise fall
back to the old (possibly buggy) behavior.
Squashed commit of the following:
commit d96eab8d79
Author: Francois Laupretre <francois@tekwire.net>
Date: Fri Jun 26 01:23:31 2015 +0200
Use the new 'ZSTR' macros in the rest of the code.
Does not change anything to the generated code (thanks to compat macros) but cleaner.
commit b352643910
Author: Francois Laupretre <francois@tekwire.net>
Date: Thu Jun 25 13:45:06 2015 +0200
Improve zend_string API
Add missing methods
When advancing after empty matches, php_pcre_match_impl() as well as
php_pcre_replace_impl() always have to advance to the next code point when the
u modifier is given, instead of to the next byte.
There were two issues
- php_pcre_replace could be used directly and sbject_str could be NULL
- the Windows sendmail variant was freeing something passed from the outside
* PHP-5.6:
Initialize the offset table - PCRE may sometimes miss offsets
set default response code to 200
set default response code to 200
set default response code to 200
fix NEWS & version
NEWS
Fix bug #68283: fileinfo: out-of-bounds read in elf note headers
Fix bug #68113 (Heap corruption in exif_thumbnail())
Fix bug #68089 - do not accept options with embedded \0
Fixed bug #68044: Integer overflow in unserialize() (32-bits only)
Fix bug #68027 - fix date parsing in XMLRPC lib
Conflicts:
ext/pcre/php_pcre.c
* PHP-5.5:
Initialize the offset table - PCRE may sometimes miss offsets
set default response code to 200
set default response code to 200
fix NEWS & version
NEWS
Fix bug #68283: fileinfo: out-of-bounds read in elf note headers
Fix bug #68113 (Heap corruption in exif_thumbnail())
Fix bug #68089 - do not accept options with embedded \0
Fixed bug #68044: Integer overflow in unserialize() (32-bits only)
Fix bug #68027 - fix date parsing in XMLRPC lib
