History log of /PHP-7.3/NEWS
Revision Date Author Comments
# b5ce6df0 10-Nov-2020 Christoph M. Becker <cmbecker69@gmx.de>

7.3.26 is next


# 8eaaabdd 03-Nov-2020 Alexander M. Turek <me@derrabus.de>

Fixed bug #80310: Support for icu4c 68.1.

On stable versions, bring back the TRUE/FALSE defines by defining
_U_DEFINE_TRUE_AND_FALSE.

Closes GH-6397.


# 2cab085b 04-Nov-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #80266: parse_url silently drops port number 0

As of commit 81b2f3e[1], `parse_url()` accepts URLs with a zero port,
but does not report that port, what is wrong in hindsight.

Since the port number is stored as `unsigned short` there is no way to
distinguish between port zero and no port. For BC reasons, we thus
introduce `parse_url_ex2()` which accepts an output parameter that
allows that distinction, and use the new function to fix the behavior.

The introduction of `parse_url_ex2()` has been suggested by Nikita.

[1] <http://git.php.net/?p=php-src.git;a=commit;h=81b2f3e5d9fcdffd87a4fcd12bd8c708a97091e1>

Closes GH-6399.


# 9690ded2 28-Oct-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #70461: disable md5 code when it is not supported in net-snmp

Patch contributed by Alexander Bergmann.

Closes GH-6389.


# c21e901b 29-Oct-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #44618: Fetching may rely on uninitialized data

Unless `SQLGetData()` returns `SQL_SUCCESS` or `SQL_SUCCESS_WITH_INFO`,
the `StrLen_or_IndPtr` output argument is not guaranteed to be properly
set. Thus we handle retrieval failure other than `SQL_ERROR` by
yielding `false` for those column values and raising a warning.

Closes GH-6281.


# 6d2bc725 23-Oct-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #80268: loadHTML() truncates at NUL bytes

libxml2 has no particular issues parsing HTML strings with NUL bytes;
these just cause truncation of the current text content, but parsing
continues generally. Since `::loadHTMLFile()` already supports NUL
bytes, `::loadHTML()` should as well.

Note that this is different from XML, which does not allow any NUL
bytes.

Closes GH-6368.


# 7424bfc7 22-Oct-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #62474: com_event_sink crashes on certain arguments

We have to make sure that the variant is of type `VT_DISPATCH` before
we access it as such.

Closes GH-6372.


# 848e24f2 19-Oct-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #80258: Windows Deduplication Enabled, randon permission errors

A recent bug fix regarding symlinks claimed:

> After resolving reparse points, the path still may be a reparse
> point; in that case we have to resolve that reparse point as well.

While that is basically correct, some reparse points may point to
inaccessible system folders (e.g. `IO_REPARSE_TAG_DEDUP` points to
"\System Volume Information"). Since we don't know details about
arbitrary reparse points, and are mainly interested in nested symlinks,
we take a step back, and only resolve `IO_REPARSE_TAG_SYMLINK` for now.

Close GH-6354.


# 2be27074 24-Oct-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #80280: ADD_EXTENSION_DEP() fails for ext/standard and ext/date

`ADD_EXTENSION_DEP()` relies on the `PHP_<extname>` config variables to
be set to `"yes"`, and since the standard and date extension are always
enabled, we define the respective variables uncoditionally.

Closes GH-6383.


# 12a09183 22-Oct-2020 George Peter Banyard <girgias@php.net>

Fix bug 76618

Apply patch which was attached to the bug in July 2018


# 315b95b0 20-Oct-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #80242: imap_mail_compose() segfaults for multipart with rfc822

libc-client expects `TYPEMESSAGE` with an explicit subtype of `RFC822`
to have a `nested.msg` (otherwise there will be a segfault during
free), but not to have any `contents.text.data` (this will leak
otherwise).

Closes GH-6345.


# 7f3bdda2 16-Oct-2020 Christoph M. Becker <cmbecker69@gmx.de>

Properly fix #80220

The original fix for that bug[1] broke the formerly working composition
of message/rfc822 messages, which results in a segfault when freeing
the message body now. While `imap_mail_compose()` does not really
support composition of meaningful message/rfc822 messages (although
libc-client appears to support that), some code may still use this to
compose partial messages, and using string manipulation to create the
final message.

The point is that libc-client expects `TYPEMESSAGE` with an explicit
subtype of `RFC822` to have a `nested.msg` (otherwise there will be a
segfault during free), but not to have any `contents.text.data` (this
will leak otherwise).

[1] <http://git.php.net/?p=php-src.git;a=commit;h=0d022ddf03c5fabaaa22e486d1e4a367ed9170a7>

Closes GH-6343.


# 5941b30b 14-Oct-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #80239: imap_rfc822_write_address() leaks memory

We have to free the address when we're finished with it.


# db8bf0a9 13-Oct-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #64076: imap_sort() does not return FALSE on failure

If unsupported `$search_criteria` are passed to `imap_sort()`, the
function returns an empty array, but there is also an error on the
libc-client error stack ("Unknown search criterion: UNSUPPORTED
(errflg=2)"). If, on the other hand, unsupported `$criteria` or
unsupported `$flags` are passed, the function returns `false`. We
solve this inconsistency by returning `false` for unsupported
`$search_criteria` as well.

Closes GH-6332.


# 2d01a89a 13-Oct-2020 Christoph M. Becker <cmbecker69@gmx.de>

7.3.25 is next


# 8488c34f 12-Oct-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #80226: imap_sort() leaks sortpgm memory

We need to free what we have allocated.

Closes GH-6327.


# 73e43b6e 12-Oct-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #80216: imap_mail_compose() does not validate types/encodings

We need to check whether the given `type`s and `encoding`s are within
bounds to avoid segfaults and out-of-bound reads.

Closes GH-6323.


# c1962e90 12-Oct-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #80223: imap_mail_compose() leaks envelope on malformed bodies

We have to clean up even on failure.

Closes GH-6322.


# 0d022ddf 12-Oct-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #80220: imap_mail_compose() may leak memory

Unless `topbod` is of `TYPEMULTIPART`, `mail_free_body()` does not free
the `nested.part`; while we could do this ourselves, instead we just
ignore additional bodies in this case, i.e. we don't attach them in the
first place.

Closes GH-6321.


# 62a2387a 10-Oct-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #80215: imap_mail_compose() may modify by-val parameters

We separate the input arrays and all sub-arrays to avoid modification
of the passed parameters.

This should be rewritten to use `zend_string`s for the "master" branch.

Closes GH-6316.


# 8bee0fbd 10-Oct-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #80213: imap_mail_compose() segfaults on certain $bodies

We have to cater to non-associative arrays where the key may be `NULL`;
we just skip these elements.

Closes GH-6315.


# e68acd03 06-Oct-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77040: tidyNode::isHtml() is completely broken

The documentation of `tidyNode::isHtml()` states that this method
"checks if a node is part of a HTML document". That is, of course,
nonsense, since a tidyNode is "an HTML node in an HTML file, as
detected by tidy."

What this method is actually supposed to do is to check whether a node
is an element (unless it is the root element). This has been broken by
commit d8eeb8e[1], which assumed that `enum TidyNodeType` would
represent flags of a bitmask, what it does not.

[1] <http://git.php.net/?p=php-src.git;a=commit;h=d8eeb8e28673236bca3f066ded75037a5bdf6378>

Closes GH-6290.


# e857dfa7 07-Oct-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #80185: jdtounix() fails after 2037

There is no such thing as the "end of the unix epoch", and if it was,
it would certainly not be 2037-10-11T02:00:00. There is, however,
potential integer overflow which we need to avoid.

Closes GH-6288.


# 69ba81d1 05-Oct-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #46050: odbc_next_result corrupts prepared resource

When resetting the result's values, we also have to reset its numcols.


# 1666cfcc 02-Oct-2020 Matteo Beccati <mbeccati@php.net>

[ci skip] moved soap fix to 7.3.23

When committing I didn't notice that version had been just bumped


# 662083fc 30-Sep-2020 Remi Collet <remi@php.net>

bump version to 7.2.35-dev


# ae95d06f 29-Sep-2020 Stanislav Malyshev <stas@php.net>

[ci skip] Add 7.3.23 security fixes to NEWS


# bf5f07cc 26-Sep-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #80152: odbc_execute() moves internal pointer of $params

As least intrusive fix, we separate the passed array argument.

Closes GH-6219.


# df5efa2f 25-Sep-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #80150: Failure to fetch error message

In case of statement related errors, we need to pass the respective
statement handle to `SQLError()`.

Closes GH-6217.


# af500b86 29-Sep-2020 Remi Collet <remi@php.net>

[ci skip] typo


# 7bc112a1 29-Sep-2020 Stanislav Malyshev <stas@php.net>

Update NEWS & UPGRADING


# 6acfb792 28-Sep-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #67465: NULL Pointer dereference in odbc_handle_preparer

We have to initialize `stmt->driver_data` before we use it.

Closes GH-6225.


# a49555a9 25-Sep-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #80147: BINARY strings may not be properly zero-terminated

We have to manually ensure that all strings fetched from a data source
are zero-terminated.

Closes GH-6213.


# 610e7d2c 24-Sep-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78470: odbc_specialcolumns() no longer accepts $nullable

It is mandatory to pass either `SQL_NO_NULLS` or `SQL_NULLABLE` as
tenth parameter to `SQLSpecialColumns()`; otherwise the function call
fails. Therefore the user must be allowed to pass the desired value
as parameter to `odbc_specialcolumns()` again.

Closes GH-6200.


# 2576c57a 22-Sep-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #76735: Incorrect message in fopen on invalid mode

We have to log errors in `stream_opener` callbacks to the wrapper's
error log, because otherwise we may pick up an unrelated `errno` or a
most generic message.

Closes GH-6187.


# 5ed0602e 22-Sep-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #76943: Inconsistent stream_wrapper_restore() errors

If restoring of any not registered built-in wrapper is requested, the
function is supposed to fail with a warning, so we have to check this
condition first.

Furthermore, to be able to detect whether a built-in wrapper has been
changed, it is not sufficient to check whether *any* userland wrapper
has been registered, but rather whether the specific wrapper has been
modified.

Closes GH-6183.


# 4000780b 09-Sep-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79423: copy command is limited to size of file it can copy

Passing `NULL` as `lpFileSizeHigh` to `GetFileSize()` gives wrong
results for files larger than 0xFFFFFFFF bytes. We fix this by using
`GetFileSizeEx()`, and let the mapping fail, if the file size is too
large for the architecture.

Closes GH-5319.


# 81b2f3e5 20-Sep-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #80114: parse_url does not accept URLs with port 0

URIs with a 0 port are generally valid, so `parse_url()` should
recognize such URIs, but still report the port as missing.

Co-authored-by: twosee <twose@qq.com>

Closes GH-6152.


# ecd9c42f 16-Sep-2020 Nikita Popov <nikita.ppv@gmail.com>

Fix bug #80107: Handling of large compressed packets

There's two layers of packet splitting going on. First, packets
need to be split into having a payload of exactly 2^24-1 bytes or
being the last packet. If the split packet has size between 2^24-5
and 2^24-1 bytes, the compressed packets also needs to be split,
though the choice of split doesn't matter here. I'm splitting off
the first 8192 bytes, as that's what I observe libmysqlclient to be
doing.


# efdbc368 16-Sep-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #80115: mysqlnd.debug doesn't recognize absolute paths with slashes


# a4f806aa 17-Sep-2020 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #80083

Add db2_execute() to the list of functions accessing the local
scope. Ideally the API wouldn't do that, but it seems most
pragmatic to address this on the opcache side at this point.


# edddddce 15-Sep-2020 Christoph M. Becker <cmbecker69@gmx.de>

7.3.24 is next


# dfb3a799 09-Sep-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #80067: Omitting the port in bindto setting errors

A recent commit[1] which fixed a memory leak introduced a regression
regarding the formerly liberal handling of IP addresses to bind to. We
fix this by reverting that commit, and fix the memory leak where it
actually occurs. In other words, this fix is less intrusive than the
former fix.

[1] <http://git.php.net/?p=php-src.git;a=commit;h=0b8c83f5936581942715d14883cdebddc18bad30>

Closes GH-6104.


# 2d4aa1ef 10-Jul-2020 Sammy Kaye Powers <sammyk@php.net>

Fix #79825: opcache.file_cache causes SIGSEGV with custom opcode handlers

Modules may have changed after restart which can cause dangling pointers from custom opcode handlers in the second-level cache files. This fix includes the installed module names and versions in the accel_system_id hash as entropy. Closes GH-5836


# 5dcb8f2f 08-Sep-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #72941: Modifying bucket->data by-ref has no effect any longer

To match the PHP 5 behavior, we have to explicitly cater to `buffer` or
`data` being references.

Closes GH-6096.


# 07cb6655 08-Sep-2020 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #80077

Quoting from the bug report:

> The domain names passed to getmxrr() do not contain a trailing dot.
> DNS lookups which do not find records will (depending on the local
> resolver config) try again by adding the local domain to the end of
> the searched host/domain. In many environments there's an mx record
> for any subdomain of the local domain and the MX query will return
> a hit. But the test expects no hit. So the test fails when checking
> that "qa.php.net" does not have an MX record in DNS. In our local
> environment the resolver falls back to also check qa.php.net.kippdata.de
> which does have an MX record. Using "qa.php.net." instead of "qa.php.net"
> should fix this for everyone.


# 46a49be6 03-Sep-2020 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #80049

Type checking may convert to refcounted values, so force freeing
of extra args.


# 1848ccda 03-Sep-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #80048: Bug #69100 has not been fixed for Windows

We fix the erroneous length calculation on Windows, too.

Closes GH-6067.


# 44ade0e8 31-Aug-2020 Matteo Beccati <mbeccati@php.net>

Fix #80027 Terrible performance using $query->fetch on queries with many bind parameters

Added new flags that allow skipping param_evt(s) that are not used by drivers,
in a backwards and forward compatible manner. Updated the pgsql, mysql, sqlite
and oci drivers to properly use the new flags. I've left out pdo_dblib, which
doesn't have a param_hook, and pdo_firebird, which seems to be using
PARAM_EVT_NORMALIZE in a wrong context (param type vs event type).


# 5ff15e26 26-Aug-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #64130: COM obj parameters passed by reference are not updated

`ITypeInfo_GetIDsOfNames()` is supposed to fail with `E_NOTIMPL` for
out-of-process servers, thus we should not remove the already available
typeinfo of the object in this case.

We also properly free the `byref_vals`.


# 844a2dd6 18-Aug-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79986: str_ireplace bug with diacritics characters

`tolower()` returns an `int`, so we must not convert to `char` which
may be `signed` and as such may be subject to overflow (actually,
implementation defined behavior).

Closes GH-6007


# fcd26ffc 20-Aug-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #80002: calc free space for new interned string is wrong

We need to calculate the free size in bytes.

Patch contributed by t-matsuno.

Closes GH-6024


# b2a33ab0 21-Aug-2020 Andy Postnikov <apostnikov@gmail.com>

Fix #80007: Potential type confusion in unixtojd() parameter parsing

Also it fixes test on 32-bit armv7 and x86
- Test unixtojd() function : error conditions [ext/calendar/tests/unixtojd_error1.phpt]

Closes GH-6033


# f7c43b8c 18-Aug-2020 Matteo Beccati <mbeccati@php.net>

Fix #47021: SoapClient stumbles over WSDL delivered with "Transfer-Encoding: chunked"


# ff14b7ad 18-Aug-2020 Christoph M. Becker <cmbecker69@gmx.de>

7.3.23 is next


# 2fe2e5b4 17-Feb-2019 Ahmed Abdou <email@ahmed.ro>

Fix #64705 errorInfo property of PDOException is null when PDO::__construct() fails

PDO driver constructors are throwing PdoException without setting
errorInfo, so create a new reusable function that throws exceptions
for PDO and will also set the errorInfo. Use this function in
pdo_mysql, pdo_sqlite, and pdo_pgsql.


# 2fa4ca95 12-Jul-2020 Nawarian <nickolas@phpsp.org.br>

Fix bug #75785 by attempt switching endianness on Maker's Note

Different manufacturer models may come with a
different endianness (motorola/intel) format. In
order to avoid a big refactor and a gigantic lookup
table, this commit simply attempts to switch the
endianness and proceed when values are acceptable.

Closes GH-5849.


# dc108fea 04-Aug-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #48585: com_load_typelib holds reference, fails on second call

Whether the type library is cached is actually irrelevant here; what
matters is that the symbols are imported, and since these are not
cached, we have to import them for every request. And we cannot cache
the symbols, because the import depends on the current codepage, but
the codepage is a `PHP_INI_ALL` setting.


# 9d9dffe6 11-Aug-2020 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #79951

One branch did not release tmp_replace_entry_str.

Also reduce the scope of some variables.


# a06eed0c 10-Aug-2020 Nikita Popov <nikita.ppv@gmail.com>

Fix bug #79944

Only return true from dns_get_mx if we actually found any MX record.


# 0af3f493 10-Aug-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79922: Crash after multiple calls to xml_parser_free()

We must not call `zend_list_delete()` in resource closer functions
exposed to userland, because decreasing the refcount there leads to
use-after-free scenarios. In this case, commit 4a42fbb worked for
typical use-cases where `xml_parser_free()` has been called exactly
once for the resource, because there is an internal zval (`->index`)
referencing the same resource which already increased the refcount by
one. However, when `xml_parser_free()` is called multiple times on the
same XML parser resource, the resource would be freed prematurely.

Instead we forcefully close the resource in `xml_parser_free()`. We
also could decrease the refcount of the resource there, but that would
require to call `xml_parser_free()` which is somewhat uncommon, and
would be particularly bad wrt. PHP 8 where that function is a NOP, and
as such doesn't have to be called. So we do no longer increase the
refcount of the resource when copying it to the internal zval, and let
the usualy refcounting semantics take care of the resource destruction.

[1] <http://git.php.net/?p=php-src.git;a=commit;h=4a42fbbbc73aad7427aef5c89974d1833636e082>


# 5be67026 05-Aug-2020 Florian Engelhardt <florian.engelhardt@oxid-esales.com>

Fix bug #70574: Move files to proper locale dir

Closes GH-5940.


# 06ade155 05-Aug-2020 Pieter van den Ham <p.e.vandenham@gmail.com>

Fix #79934: CRLF-only line in heredoc causes parsing error

Fixes the function `next_newline()` in zend_language_scanner.l. The
function now correctly returns a newline_len of 2 for "\r\n".

Closes GH-5944.


# da786a22 05-Aug-2020 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #79930

We're inserting src_zval, so that's what we should addref.


# c4677af6 03-Aug-2020 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Fix 7.3.21 release date


# 6b8ffdbd 04-Aug-2020 Remi Collet <remi@php.net>

bump version to 7.2.34-dev


# 07aeb917 03-Aug-2020 Stanislav Malyshev <stas@php.net>

Update NEWS


# 17d64af1 03-Aug-2020 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Add missing NEWS entries


# 1e0bc6e3 31-Jul-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79919: Stack use-after-scope in define()

Instead of the temporary `rv`, we use the `val_free` which is there for
this purpose.


# e767ca60 24-Jul-2020 Santiago M. Mola <santi@mola.io>

Fix #79895: support = in PHP_CHECK_GCC_ARG m4 macro

Closes GH-5890.


# 9a744c66 28-Jul-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #73060: php failed with error after temp folder cleaned up

Instead of storing the mapping base address and the address of
`execute_ex()` in a separate file in the temporary folder, we store
them right at the beginning of the memory mapping.


# c756f82c 28-Jul-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79806: realpath() erroneously resolves link to link

After resolving reparse points, the path still may be a reparse point;
in that case we have to resolve that reparse point as well.


# efe6d96b 10-Jul-2020 Paweł Tomulik <ptomulik@meil.pw.edu.pl>

fix memory leaks in ext/ldap/ldap.c


# 1aeff522 27-Jul-2020 Christoph M. Becker <cmbecker69@gmx.de>

Revert "Fix #79806: realpath() erroneously resolves link to link"

This reverts commit d5b59b4303642adac91df2c93969a72bc0f5fa7d.


# d5b59b43 15-Jul-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79806: realpath() erroneously resolves link to link

After resolving reparse points, the path still may be a reparse point;
in that case we have to resolve that reparse point as well.


# 6f18d7e2 27-Jul-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77932: File extensions are case-sensitive

The file extension to mime type mapping *must* not depend on the file
extension's case for case-insensitive file systems, and *should* not
for case-sensitive file systems.


# 15efb96d 22-Jul-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79884: PHP_CONFIG_FILE_PATH is meaningless

It does not make sense to make assumptions about `PHP_CONFIG_FILE_PATH`
during build time, since that value is never used during run time on
Windows. Since there is no `--with-config-file-path` on Windows
either, we define `PHP_CONFIG_FILE_PATH` as `""`.


# 2c0a6977 21-Jul-2020 Christoph M. Becker <cmbecker69@gmx.de>

7.3 is now 7.3.22-dev


# b2e3fd1e 10-Jul-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #63527: DCOM does not work with Username, Password parameter

We must not mix multibyte and wide character strings in the
`COAUTHIDENTITY` structure. Using wide character strings throughout
would have the advantage that the remote connection can be established
regardless of the code page of the server, but that would more likely
break BC, so we just drop the wide character string conversion of the
username.


# 2c57378b 14-Jul-2020 Andy Postnikov <apostnikov@gmail.com>

Fix bug #78008: dns_check_record() always return true on Alpine

- free handle before return result
- cleaned up remaining usage of MAXPACKET
- update dns_get_mx() to use the same approach

Closes GH-5854.


# a72c53a0 10-Jul-2020 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #79817

Use *_IND macros in a few places in string.c.


# 3d5de7d7 04-Jul-2020 XXiang <x.xiang@outlook.com>

Fix bug #79787

Closes GH-5807.


# c68d48de 07-Jul-2020 Sara Golemon <pollita@php.net>

Prep for 7.2.33


# 9588c847 07-Jul-2020 Sara Golemon <pollita@php.net>

Prep NEWS for 7.2.32 release


# 64931fd3 07-Jul-2020 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #79792

We need to remove the iterators even if the array is empty (we
will not create one if the first place, but the array may become
empty after the fact).


# b765f96f 07-Jul-2020 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #79778

In the interest of avoiding side-effects during dumping, I'm
replacing the value with a <constant ast> string instead of
performing an update constant operation.


# 7f3bc642 04-Mar-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #70362: Can't copy() large 'data://' with open_basedir

open_basedir is only relevant for plain files, so there is no need to
check it for other URL wrappers.


# a385cfa7 29-Jun-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #63208: BSTR to PHP string conversion not binary safe

A `BSTR` is similar to a `zend_string`; it stores the length of the
string just before the actual string, and thus the string may contain
NUL bytes. However, `php_com_olestring_to_string()` is supposed to
deal with arbitrary `OLECHAR*`s which may not be `BSTR`s, so we
introduce `php_com_bstr_to_string()` and use it for the only case where
we actually have to deal with `BSTR`s which may contain NUL bytes.

Contrary to `php_com_olestring_to_string()` we return a `zend_string`,
so we can save the re-allocation when converting to a `zval`.

We also cater to `php_com_string_to_olestring()` not being binary safe,
with basically the same fix we did for `php_com_olestring_to_string()`.


# 816b4c12 29-Jun-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79756: finfo_file crash (FILEINFO_MIME)

If `ctime` or `asctime` return `NULL`, we must not attempt to copy the
buffer, but rather return `NULL` as well.


# 43cd3f68 25-Jun-2020 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #79741


# 4a26628b 24-Jun-2020 Herbert256 <herbert@groot.jebbink.nl>

Fixed bug #79030 Use usec from apache request time

Don't unnecessarily truncate to milliseconds.

Closes GH-5760.


# e94126aa 23-Jun-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #55857: ftp_size on large files

`atol()` returns a `long` which is not the same as `zend_long` on
LLP64; we use `ZEND_ATOL()` instead.

There is no need for a new test case, since filesize_large.phpt already
tests for that behavior; unfortunately, the FTP test suite relies on
`pcntl_fork()` and therefore cannot be run on Windows.


# 91982bad 23-Jun-2020 Christoph M. Becker <cmbecker69@gmx.de>

7.3 is now 7.3.21-dev


# 6aff9a50 19-Jun-2020 Böszörményi Zoltán <zboszor@pr.hu>

Fixed bug #79570

Use the same logic for getgrgid_r, getpwnam_r and getpwuid_r
as for getgrnam_r in #75696

Closes GH-5740.


# 32f377b0 19-Jun-2020 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #79710

Make sure we don't use zresource after the stream has been destroyed.


# 5621c5fa 13-Jun-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79687: Sony picture - PHP Warning - Make, Model, MakerNotes

Even if the length of a maker note does not match our expectations
(either because the maker note is corrupted, or because our
expectations do not quite match reality), there is no need to let
parsing fail; we can still go on parsing the other meta information.


# 86e1f0ea 05-Jun-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79676: imagescale adds black border with IMG_BICUBIC

We have to loop over all image pixels to avoid the black border. This
is also done in external libgd in `_gdScaleOneAxis` and `_gdScalePass`.


# 7ac0fb5a 09-Jun-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix possibly unsupported timercmp() usage

The `timercmp()` manpage[1] points out that some systems have a broken
implementation which does not support `>=`. This is definitely the
case for the Windows SDK, which only supports `<` and `>`.

[1] <https://linux.die.net/man/3/timercmp>


# eadd9807 08-Jun-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #62890: default_socket_timeout=-1 causes connection to timeout

While unencrypted connections ignore negative timeouts, SSL/TLS
connections did not special case that, and so always failed due to
timeout.


# eac700b1 09-Jun-2020 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Update NEWS


# 12c59f66 08-Jun-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #74267: segfault with streams and invalid data

If the current character is a line break character, it cannot be a tab
or space character, so we would always fail with an invalid sequence
error. Obviously, these `scan_stat == 4` conditions are meant to be
exclusive.

Furthermore, if `in_pp == NULL || in_left_p == NULL` is true, we hit a
segfault if we are not returning right away. Obviously, the additional
constraints don't make sense, so we remove them.


# ceae8166 04-Jun-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #73527: Invalid memory access in php_filter_strip


# b8e7b30b 02-Jun-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79668: get_defined_functions(true) may miss functions

Instead of some brittle and unefficient string matching, we can just
check for the function handler.


# 63bd8f38 02-Jun-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79664: PDOStatement::getColumnMeta fails on empty result set

As its name suggests, `sqlite3_data_count` returns the number of
columns in the current row of the result set; we are interested in the
number of columns regardless of the current row, so we have to use
`sqlite3_column_count` instead.


# 923c45bd 31-May-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79650: php-win.exe 100% cpu lockup

As of PHP 7.3.0, `sapi_cli_single_write()` is supposed to return `< 0`
on failure, but `fwrite()` returns a `size_t`, and signals error by
setting the stream's error indicator. We have to cater to that.


# c249f593 26-May-2020 Christoph M. Becker <cmbecker69@gmx.de>

7.3.20 will be next


# d4bd6fb4 22-May-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79615: Wrong GIF header written in GD GIFEncode

The color resolution is expected in bits 4-6 of the packed fields byte
of the logical screen descriptor (byte 10 of the GIF data stream),
according to the specification[1], section 18.

[1] <https://www.w3.org/Graphics/GIF/spec-gif89a.txt>


# d1cd489a 15-May-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79596: MySQL FLOAT truncates to int some locales

We must not do locale aware float to string conversion here; instead
we using our `snprintf()` implementation with the `F` specifier.


# 5bdb4ab7 12-May-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79588: Boolean opcache settings ignore on/off values

We should display boolean INI settings as boolean.


# bdba0cd3 05-May-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79489: .user.ini does not inherit

On Windows, PATH_TRANSLATED may contain backslashes as well as slashes,
so we must not only check for `DEFAULT_SLASH`.


# 85e241c3 12-May-2020 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Update NEWS


# 4cf8be71 12-May-2020 Remi Collet <remi@php.net>

bump version to 7.2.32-dev


# b4afd214 11-May-2020 Stanislav Malyshev <stas@php.net>

Update NEWS


# bef96b9d 14-Apr-2020 Sara Golemon <pollita@php.net>

Update NEWS for 7.2.31


# bd49622a 14-Apr-2020 Sara Golemon <pollita@php.net>

Update NEWS for PHP 7.2.30


# f33cf52f 05-May-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79566: Private SHM is not private on Windows

We map the POSIX semantics of `IPC_PRIVATE` by creating unnamed file
mapping objects on Windows. While that is not particularly useful for
ext/shmop, which is the only bundled extension which uses `shmget()`,
it may be useful for external extensions.


# c40a4944 04-May-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79561: dns_get_record() fails with DNS_ALL

Since Windows has its own definitions of the `PHP_DNS_*` macros, we
have to use these when registering the PHP constants.


# 7c1316ec 04-May-2020 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #79535

We did not allocate a cache slot for FETCH_CLASS. This is already
fixed on newer PHP versions.


# 54148fd6 30-Apr-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79528: Different object of the same xml between 7.4.5 and 7.4.4

Revert "Fix #61597: SXE properties may lack attributes and content"

This reverts commit 7c081db885756d7b176a55b90b8746f664d1e042.


# 6998cc50 28-Apr-2020 Christoph M. Becker <cmbecker69@gmx.de>

Bump version


# 29968d8f 24-Apr-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79470: PHP incompatible with 3rd party file system on demand

We add support for Activision HSM (`IO_REPARSE_TAG_ACTIVISION_HSM`) and
VFS for Git (`IO_REPARSE_TAG_PROJFS`). The latter fixes bug #78784.


# ccca2c44 22-Apr-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79503: Memory leak on duplicate metadata

Duplicate metadata can only happen if someone tampers with the phar, so
we can and should treat that as error.


# fa10abd6 19-Apr-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79491: Search for .user.ini extends up to root dir

The `start` parameter of `php_cgi_ini_activate_user_config` is supposed
to hold the byte offset of the doc root in the given `path`. However,
the current expression which fixes a potential type incompatibility
will ever only evaluate to zero or one, because it uses the *logical*
and operator (`&&`). Furthermore we notice that subtracting one from
`doc_root_len` is not necessary, so there is even no need for the
`start` parameter at all.


# 94e09bfe 19-Apr-2020 Joe Cai <joe.cai@bigcommerce.com>

Fix #79497: Fix php_openssl_subtract_timeval()

I stumbled upon this while debugging a strange issue with
stream_socket_client() where it randomly throws out errors when
the connection timeout is set to below 1s. The logic to calculate
time difference in php_openssl_subtract_timeval() is wrong when
a.tv_usec < b.tv_usec, causing connection errors before the timeout
is reached.


# 79a36ff7 15-Apr-2020 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #79477

Make sure to deindirect properties when creating array.


# c4cdf1ae 14-Apr-2020 Christoph M. Becker <cmbecker69@gmx.de>

Add missing CVE


# 13842eda 13-Apr-2020 dinosaur <thedinosaurmail@gmail.com>

Fixed bug #79468

Close the stream filter resources when removing them from the stream.


# 6df761b7 14-Apr-2020 Sara Golemon <pollita@php.net>

NEWS


# 95eaccd0 13-Apr-2020 dinosaur <thedinosaurmail@gmail.com>

Fixed bug #79468

Close the stream filter resources when removing them from the stream.


# 89675887 14-Apr-2020 Christoph M. Becker <cmbecker69@gmx.de>

Add NEWS entries [ci skip]


# efec22b7 11-Mar-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78221: DOMNode::normalize() doesn't remove empty text nodes

If a text node is not followed by another text node, we remove it, if
its textContent is empty.


# cf68bc41 02-Apr-2020 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #79434


# cc3af6fd 01-Apr-2020 Christoph M. Becker <cmbecker69@gmx.de>

Add NEWS entryc [ci skip]


# 33226c3a 31-Mar-2020 Christoph M. Becker <cmbecker69@gmx.de>

Next is 7.3.18


# b510250b 26-Mar-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79413: session_create_id() fails for active sessions

The comment on `PS_VALIDATE_SID_FUNC(files)` is very clear that the
function is supposed to return `SUCCESS` if the session already exists.
So to detect a collision, we have to check for `SUCCESS`, not
`FAILURE`.

We also fix the wrong condition in session_regenerate_id() as well.


# a681b128 29-Mar-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79427: Integer Overflow in shmop_open()

If `shm.shm_segsz > ZEND_LONG_MAX` the assignment to `shmop->size` a
few lines below would overflow, so we catch that early and bail out if
necessary.


# 04920645 27-Mar-2020 Max Rees <maxcrees@me.com>

Fix #79424 ext/zip: don't use gl_pathc after call to globfree

This breaks on Linux with the musl libc, since it zeroes out gl_pathc during
globfree.


# 65120cfc 25-Mar-2020 Dmitry Stogov <dmitry@zend.com>

Fixed bug #79412 (Opcache chokes and uses 100% CPU on specific script).


# c0840fec 24-Mar-2020 Christian Schneider <schneider@search.ch>

Fix bug #79410 (system() swallows last chunk if it is exactly 4095 bytes without newline)

Closes GH-5292.


# 32a26443 16-Mar-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79200: Some iconv functions cut Windows-1258

To cater to potentially state-dependent encodings, we have to reset the
conversion descriptor into its initial shift state to properly finish
the conversion. Furthermore, state-dependent encodings may not show
progress when comparing `in_left` before and after the conversion; we
rather have to see whether `out_left` has decreased. Also we have to
cater to the fact that the final potentially state resetting call does
not signal failure, but we still have to break respective loops
afterwards.


# 47c74555 18-Mar-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79393: Null coalescing operator failing with SplFixedArray

We favor the KISS principle over optimization[1] – SPL is already
special enough.

[1] <https://github.com/php/php-src/pull/2489/commits/352f3d4476a79bb86136b431719df7394e5a8d4e#r112498098>ff


# 51c57a9c 20-Mar-2020 Remi Collet <remi@php.net>

NEWS


# d70058a1 18-Mar-2020 Nate Brunette <nate.brunette@wheniwork.com>

Fix #79396: DateTime hour incorrect during DST jump forward

When you attempt to set the time to a non-existent time occuring during
a DST jump forward, the hour does not move forward correctly.


# 3072b77c 17-Mar-2020 Remi Collet <remi@php.net>

bump verison to 7.2.30-dev


# 6a4fff46 17-Mar-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix NEWS


# e71fa031 16-Mar-2020 Stanislav Malyshev <stas@php.net>

[ci skip] Update NEWS


# c8d21d77 16-Mar-2020 Stanislav Malyshev <stas@php.net>

[ci skip] Update NEWS


# 2b5fc8e3 11-Mar-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79199: curl_copy_handle() memory leak

`curl_copy_handle()` already registers a new resource, so we must not
increase the refcount of the original resource.


# 7c081db8 07-Mar-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #61597: SXE properties may lack attributes and content

We must not treat a node as string if it has attributes, unless it is
an entity declaration which is always treated as string by simplexml.


# 53797c20 11-Mar-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78210: Invalid pointer address

This is actually about three distinct issues:

* If an empty string is passed as $address to `stream_socket_sendto()`,
the `sa` is not initialized, so we must not pass it as `addr` to
`php_stream_xport_sendto()`.

* On POSIX, `recvfrom()` truncates messages which are too long to fit
into the specified buffer (unless `MSG_PEEK` is given), discards the
excessive bytes, and returns the buffer length. On Windows, the same
happens, but `recvfrom()` returns `SOCKET_ERROR` with the error code
`WSAEMSGSIZE`. We have to catch this for best POSIX compatibility.

* In `php_network_parse_network_address_with_port()`, we have to zero
`in6` (not only its alias `sa`) to properly support IPv6.

Co-Authored-By: Nikita Popov <nikita.ppv@googlemail.com>


# 2462f2da 10-Mar-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79364: When copy empty array, next key is unspecified

We must not forget to keep the `nNextFreeElement` when duplicating
empty arrays.


# b8427729 05-Mar-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #75673: SplStack::unserialize() behavior

Even though `SplStack::unserialize()` is not supposed to be called on
an already constructed instance, it is probably better if the method
clears the stack before actually unserializing.


# 9dda3b9e 03-Mar-2020 Christoph M. Becker <cmbecker69@gmx.de>

Next is 7.3.17


# 53140e5c 02-Mar-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79333: com_print_typeinfo() leaks memory

We have to free the `ansiname`s, regardless of whether they have been
put into the hashtable or not.

Since bug79299.phpt already shows the leak when run with a leak
checker, there is no need for another regression test.


# 2adf1c4d 02-Mar-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79332: php_istreams are never freed

Releasing the `com_dotnet_istream_wrapper` in `istream_destructor()` is
pointless, since `istream_destructor()` is only called when the
resource is going to be released. This recursion is not a real issue,
though, since the resource is never exposed to userland, and has at
most refcount 1, so due to well defined unsigned integer underflow, it
never is released twice. However, returning early in this case causes
a memory leak which needs to be fixed.


# 6c48da9a 28-Feb-2020 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #79062

Back up the doc comment when performing heredoc scanahead.


# 6adb8859 28-Feb-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79311: enchant_dict_suggest() fails on big endian architecture

For obvious reasons, we must not assign a `size_t` value to an `int`
variable using memcpy(). However, there is actually no need for the
intermediate `n_sugg_st` here, if we use the proper types in the first
place.

A regression test is not necessary, because dict_suggest.phpt already
exhibits the erroneous behavior on big endian architectures.


# 8654c32b 26-Feb-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #64032: mysqli reports different client_version

While `mysqli_get_client_version()` calls `mysql_get_client_version()`
to retrieve the client version, `mysql::$client_version` is initialized
to `MYSQL_VERSION_ID`. Both should match though, and since the former
is the more useful information, we fix `mysql::$client_version`.

We do not add a regression test, because it would usually succeed
anyway, and we already have several tests with respective `assert()`s.


# 8c6a7c33 24-Feb-2020 Mark Plomer <mark.plomer@boerse-go.de>

Fix #63206: Fully support error/exception_handler stacking, even with null or inside the handler

Always push the current user_error/exception_handler to the stack,
even when it is empty, so restore_error_handler() always works as
expected.

The user_error_handler is especially temporarily empty when we are inside
the error handler, which caused inconsistent behaviour before.


# d0d60503 24-Feb-2020 Miguel Xavier Penha Neto <miguelxpn2@gmail.com>

Fixes #79265: Improper injection of Host header when using fopen for http requests

Check all occurrences of the string "host:" (and other headers),
not just the first one.


# 9e6358af 23-Feb-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79299: com_print_typeinfo prints duplicate variables

`lastid` has to retain its value during the traversal, so we move it to
an outer scope.

Patch contributed by Litiano Moura.


# f133f002 21-Feb-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79294: ::columnType() may fail after SQLite3Stmt::reset()

The fix for feature request #53466 did not properly handle resetting of
the corresponding statement; the problem with this is that the
statement does not know about its result sets. But even if we could
fix this, the `complete` handling still appears to be brittle, since
the `sqlite3_column_type()`docs[1] state:

| If the SQL statement does not currently point to a valid row, or if
| the column index is out of range, the result is undefined.

Fortunately, we can use `sqlite3_data_count()` instead, since[2]:

| If prepared statement P does not have results ready to return (via
| calls to the sqlite3_column() family of interfaces) then
| sqlite3_data_count(P) returns 0.

Thus, we guard `SQLite3::columnType()` with `sqlite3_data_count()`, and
completely drop updating the `php_sqlite3_result_object.complete`
field, but keep it for ABI BC purposes.

[1] <https://www.sqlite.org/c3ref/column_blob.html>
[2] <https://www.sqlite.org/c3ref/data_count.html>


# ab5b6702 20-Feb-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix NEWS [ci skip]

Cosmetics.


# 31dd4556 18-Feb-2020 Christoph M. Becker <cmbecker69@gmx.de>

Remove extra tab in NEWS [ci skip]


# 63f6608f 18-Feb-2020 Remi Collet <remi@php.net>

bump version to 7.2.29


# 08073b06 27-Dec-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79038: PDOStatement::nextRowset() leaks column values

Firstly, we must not rely on `stmt->column_count` when freeing the
driver specific column values, but rather store the column count in
the driver data. Since the column count is a `short`, 16 bit are
sufficient, so we can store it in reserved bits of `pdo_odbc_stmt`.

Furthermore, we must not allocate new column value storage when the
statement is not executed, but rather when the column value storage has
not been allocated.

Finally, we have to introduce a driver specific `cursor_closer` to
avoid that `::closeCursor()` calls `odbc_stmt_next_rowset()` which then
frees the column value storage, because it may be still needed for
bound columns.


# 16c7c716 17-Feb-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix NEWS [ci skip]


# 5009b981 17-Feb-2020 Christoph M. Becker <cmbecker69@gmx.de>

Update NEWS [ci skip]


# 09669411 14-Feb-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79271: DOMDocumentType::$childNodes is NULL

Dom level 2 core, DOM level 3 core and the DOM living standard agree
that `childNodes` always return a `NodeList`, and never `null`.


# 8308196c 14-Feb-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix typo in recent bugfix


# cec8b24c 13-Feb-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77569: Write Acess Violation in DomImplementation

We must not assume that the zval IS_STRING.


# 7b464ce6 11-Feb-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79254: getenv() w/o arguments not showing changes

To be able to see changes done only with `SetEnvironmentVariable()`, we
have to use `GetEnvironmentStrings()` instead of `environ`, because the
latter sees only changes done with `putenv()`.

For best backward compatibility we're using `GetEnvironmentStringsA()`;
switching to the wide string version likely makes sense for master,
though.


# f649aded 08-Feb-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79248: Traversing empty VT_ARRAY throws com_exception

If the `VT_ARRAY` is empty, i.e. its upperbound is less than its lower
bound, we must not call `php_com_safearray_get_elem()`, because that
function throws in this case.


# b9738f58 07-Feb-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79242: COM error constants don't match com_exception codes

Because a `HRESULT` is a `LONG`[1], no special treatment is required on
x86 platforms to get appropriate values. On x64 platforms we prefer
positive values, what we could accomplish by casting the `HRESULT`
value to `ULONG` and then to `zend_long`, but since the current
behavior is correct and the performance improvement is negligible, we
defer that to master.

[1] <https://docs.microsoft.com/en-us/windows/win32/winprog/windows-data-types#hresult>


# 5e2ea00b 06-Feb-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #66322: COMPersistHelper::SaveToFile can save to wrong location

Saving under the given `filename` may also work, but since
`::LoadFromFile` uses the `fullpath` we follow suit.


# 13bfa9f5 29-Jan-2020 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #79188


# e3632fdc 04-Feb-2020 Christoph M. Becker <cmbecker69@gmx.de>

Next is 7.3.16


# 079905ac 03-Feb-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78090: bug45161.phpt takes forever to finish

Not all systems support the discard protocol (TCP port 9), and since
there is no particular reason to use it, we switch to using actual
server testing.


# fe1bfb78 03-Feb-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79191: Error in SoapClient ctor disables DOMDocument::save()

The culprit is the too restrictive fix for bug #71536, which prevents
`php_libxml_streams_IO_write()` from properly executing when unclean
shutdown is flagged. A *more* suitable solution is to move the
`xmlwriter_free_resource_ptr()` call from the `free_obj` handler to an
added `dtor_obj` handler, to avoid to write to a closed stream in case
of late object freeing. This makes the `EG(active)` guard superfluous.

We also fix bug79029.phpt which has to use different variables for the
three parts to actually check the original shutdown issue.

Thanks to bwoebi and daverandom for helping to investigate this issue.


# c2935499 02-Feb-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79212: NumberFormatter::format() may detect wrong type

We have to convert to number *before* detecting the type, to cater to
internal objects implementing `cast_object`.

We also get rid of the fallback behavior of using `FORMAT_TYPE_INT32`,
because that can no longer happen; after `convert_scalar_to_number_ex`
the type is either `IS_LONG` or `IS_DOUBLE`. We cater explicitly to
the `IS_ARRAY` case what also avoids triggering a type confusion when
`::TYPE_INT64` is passed as `$type`.


# ef1e4891 31-Jan-2020 Nikita Popov <nikita.ppv@gmail.com>

Fix bug #76047

Unlink the current stack frame before freeing CVs or extra args.
This means it will no longer show up in back traces that are
generated during CV destruction.

We already did this prior to destructing the object/closure,
presumably for the same reason.


# 8226e704 29-Jan-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #70078: XSL callbacks with nodes as parameter leak memory

The fix for bug #49634 solved a double-free by copying the node with
`xmlDocCopyNodeList()`, but the copied node is later freed by calling
`xmlFreeNode()` instead of `xmlFreeNodeList()`, thus leaking memory.
However, there is no need to treat the node as node list, i.e. to copy
also the node's siblings; just creating a recursive copy of the node
with `xmlDocCopyNode()` is sufficient, while that also avoids the leak.


# 136f51f1 26-Jan-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #76584: PharFileInfo::decompress not working

We actually have to decompress, when told to do so.


# fd08f062 17-Jan-2020 Ivan Mikheykin <ivan.mikheykin@flant.com>

Fix bug #78323: Code 0 is returned on invalid options

Set CLI exit code to 1 when invalid parameters are passed,
and print error to stderr.


# 67421a78 16-Dec-2019 liudaixiao <dinosaur.liu@gmail.com>

Fixed bug #78902


# db9776c5 23-Jan-2020 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #79151

Make sure we also NULL out next/prev of the removed element on
pop/shift. This only matter is that element is still being referenced
by an iterator.


# 9be31a58 22-Jan-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79154: mb_convert_encoding() can modify $from_encoding

We must not modify arrays passed by value.


# 7e2bd95f 22-Jan-2020 Remi Collet <remi@php.net>

next will be 7.2.28


# 9eff906a 21-Jan-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79145: openssl memory leak

We must increase the refcount of `return_value` only if `cert` is a
resource; this is already done in `php_openssl_evp_from_zval()`,
though.


# 3046e357 20-Jan-2020 Deus Kane <deus.kane@claromentis.com>

Fix #79146: cscript can fail to run on some systems

In the buildconf and configure batch files, Windows' cscript utility was being
run without the /e:jscript flag. This works on systems that have not had the
default .js file association changed, but if .js has been re-associated to
(say) an IDE, the batch files fail with the error message:

Input Error: There is no script engine for file extension ".js".


# b67fc518 21-Jan-2020 Christoph M. Becker <cmbecker69@gmx.de>

Update NEWS wrt. sec fixes


# 5c90f8eb 21-Jan-2020 Stanislav Malyshev <stas@php.net>

Update NEWS


# 07bda97e 17-Jan-2020 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #79115


# 018251a7 03-Jan-2020 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #71876

This is a backport of fcdc0a6db0ae63fbed9e3828137b899b844623ce
to the PHP-7.3 branch. We need to make sure that OnUpdateString
is also called for a NULL value, otherwise the reset of the encoding
at the end of the request will not work.

I believe I already tried to land this before once, but it didn't
actually end up on the PHP-7.3 branch due to a push conflict that
I only noticed just now.


# 1752393b 13-Jan-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79084: mysqlnd may fetch wrong column indexes with MYSQLI_BOTH

Column names can be numeric strings, so we have to make sure to insert
the column values with the appropriate numeric keys, instead of adding
them.


# 0dda4a84 08-Jan-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79078: Hypothetical use-after-free in curl_multi_add_handle()

To avoid this, we have to verify the handlers already in
`curl_multi_add_handle()`, not only in `curl_multi_exec()`.


# 38c0a53b 07-Jan-2020 Christoph M. Becker <cmbecker69@gmx.de>

Bump version


# 06e78cad 06-Jan-2020 Christoph M. Becker <cmbecker69@gmx.de>

Revert "Extend CURLFile to support streams"

This reverts commit 17a9f1401aeb35fe1e3657b38102a410d151d42f, because
this commit would break ABI, and also due to bug #79013.
We keep the commit for PHP 7.4+, though.


# ae215069 05-Jan-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #54298: Using empty additional_headers adding extraneous CRLF

If the header string is empty, we pass `NULL` to `php_mail()` to avoid
further checks on the string length.


# 4bec59f1 06-Jan-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79068: gdTransformAffineCopy() changes interpolation method

We port
<https://github.com/libgd/libgd/commit/9088591eae437358ee5b929adf82865e37e3001e>.


# 2c586051 06-Jan-2020 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79067: gdTransformAffineCopy() may use unitialized values

We port
<https://github.com/libgd/libgd/commit/7a06c1669c563917bc48c464521e3de962ddb4e8>.


# c05a069a 14-Nov-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78808: [LMDB] MDB_MAP_FULL: Environment mapsize limit reached

We implement support for a fifth parameter, which allows to specify the
mapsize. The parameter defaults to zero, in which case the compiled in
default mapsize (usually 1048576) will be used. The mapsize should be
a multiple of the page size of the OS.


# 18172303 25-Nov-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78538: shmop memory leak

If the descriptor's refcount drops to zero, we have to unmap the
respective file view, to avoid leaking memory.


# b48f2625 23-Dec-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79015: undefined-behavior in php_date.c

We check that the given microsecond fraction is in the valid range
[0, 1000000[, and otherwise mark it as invalid. We also drop the
useless do loop; a plain block is sufficient here.


# 0cecf83b 29-Dec-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79040: Warning Opcode handlers are unusable due to ASLR

We must not use the same shared memory OPcache instance for different
SAPIs, since their memory layout is different. To avoid this, we add
the SAPI name (truncated to at most 20 characters) to the names of the
memory base file, the mutex and the file mapping.


# c47b18a2 28-Dec-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #79033: Curl timeout error with specific url and post

We must not set an empty mime structure as `CURLOPT_MIMEPOST`; instead
we set it to `NULL` if `CURLOPT_POSTFIELDS` has been set to an empty
array.


# 27bb3289 24-Dec-2019 Xinchen Hui <laruence@gmail.com>

Fixed bug #79029 (Use After Free's in XMLReader / XMLWriter).

We backport the fix PHP 7.3, since this branch is affected as well.

(cherry picked from commit b5e004379647bd1ebb75eb2eac8826fb6abdd3d8)
(cherry picked from commit e36daa6927c05d2e687bb77495ef206cde118b33)
(cherry picked from commit 2704ee6844c03348de9d15e74646d09007ef0f7c)


# 37d11d12 17-Dec-2019 SATO Kentaro <kentaro@ranvis.com>

Fix #78982: pdo_pgsql returns dead persistent connection

Call PQconsumeInput() before PQstatus() to update the status.


# 7e39e693 17-Dec-2019 SATO Kentaro <kentaro@ranvis.com>

Fix #78980: pgsqlGetNotify() overlooks dead connection

pgsqlGetNotify() didn't check result of PQconsumeInput().


# c62cd9a4 29-Aug-2019 Sergei Turchanov <turchanov@farpost.com>

Fix #74170: locale information change after mime_content_type

Some functions in libmagic (distributed with fileinfo extension) perform this sequence of calls:
func() {
setlocale(LC_TYPE, "C")
.. do some work ..
setlocale(LC_TYPE, "")
}

It effectively resets LC_TYPE if it that was set before the function call.

To avoid manipulations with current locale at all, the problematic functions
were modified to use locale-independent functions.


# cbb0efae 17-Dec-2019 SATO Kentaro <kentaro@ranvis.com>

Fix #78402: pcntl_signal() misleading error message

An error message can be misleading when a handler
passed to pcntl_signal() is not callable.


# eb846939 19-Dec-2019 Dmitry Stogov <dmitry@zend.com>

Fixed bug #78999 (Cycle leak when using function result as temporary)


# 3e35b089 17-Dec-2019 SATO Kentaro <kentaro@ranvis.com>

Fix #78983: pdo_pgsql config.w32 cannot find libpq-fe.h

When configured with a path specified.


# bacfae8b 18-Dec-2019 Remi Collet <remi@php.net>

fix release date


# 864f5ef1 18-Dec-2019 Remi Collet <remi@php.net>

fix release date


# 3d50131e 17-Dec-2019 Christoph M. Becker <cmbecker69@gmx.de>

Update/fix NEWS [ci skip]


# 0e413241 17-Dec-2019 Stanislav Malyshev <stas@php.net>

[ci skip] Update NEWS


# 9705e631 17-Dec-2019 Stanislav Malyshev <stas@php.net>

[ci skip] Update NEWS


# 17a9f140 29-Apr-2019 Christoph M. Becker <cmbecker69@gmx.de>

Extend CURLFile to support streams

Due to former restrictions of the libcurl API, curl multipart/formdata
file uploads supported only proper files. However, as of curl 7.56.0
the new `curl_mime_*()` API is available (and already supported by
PHP[1]), which allows us to support arbitrary *seekable* streams, which
is generally desirable, and particularly resolves issues with the
transparent Unicode and long part support on Windows (see bug #77711).

Note that older curl versions are still supported, but CURLFile is
still restricted to proper files in this case.

[1] <http://git.php.net/?p=php-src.git;a=commit;h=a83b68ba56714bfa06737a61af795460caa4a105>

(cherry picked from commit c68dc6b5e37e74d89e0a387079139c054c8faa81)


# b5d2cbe0 07-Dec-2019 willson-chen <willson.chenwx@gmail.com>

Fix #78923: Artifacts when convoluting image with transparency

We have to properly initialize `pxl` before using it.

Fix ported from <https://github.com/libgd/libgd/pull/559>.


# 65bbc670 02-Dec-2019 Christoph M. Becker <cmbecker69@gmx.de>

Next is 7.3.14


# d2cfb63f 03-Dec-2019 Remi Collet <remi@php.net>

next is 7.2.27


# 600f1f89 17-Nov-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78814: strip_tags allows / in tag name => whitelist bypass

When normalizing tags to check whether they are contained in the set
of allowable tags, we must not strip slashes, unless they come
immediately after the opening `<`, or immediately before the closing
`>`.


# bb735c9e 24-Nov-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78296: is_file fails to detect file

If we're constructing extended-length paths (i.e. paths prefixed with
`\\?\`), we have to replace all forward slashes with backward slashes,
because the former are not supported by Windows for extended-length
paths.

The more efficient and likely cleaner alternative solution would be to
cater to this in `php_win32_ioutil_normalize_path_w()` by always
replacing forward slashes, but that might break existing code. It
might be sensible to change that for `master`, though.


# db420cb6 19-Nov-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78833: Integer overflow in pack causes out-of-bound access

We check for potential signed integer overflow, and bail out
gracefully, in that case.


# 1979c5d1 30-Nov-2019 Christoph M. Becker <cmbecker69@gmx.de>

Upgrade to Oniguruma 6.9.4

Oniguruma 6.9.4 fixes several CVEs.


# fee38633 26-Nov-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78840: imploding $GLOBALS crashes

We add support for IS_INDIRECT zvals to implode().


# 23c65a81 25-Nov-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77638: var_export'ing certain class instances segfaults

If objects return immutable property hash tables (typically,
`zend_empty_array`), we must not try to apply recursion protection on
those.


# bb30fe9e 25-Nov-2019 Dmitry Stogov <dmitry@zend.com>

Fixed bug #78868 (Calling __autoload() with incorrect EG(fake_scope) value)


# e1da72bd 22-Nov-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78853: preg_match() may return integer > 1

Commit 54ebebd[1] optimized the match loop, but for this case it has
been overlooked, that we must only loop if we're doing global matching.

[1] <http://git.php.net/?p=php-src.git;a=commit;h=54ebebd686255c5f124af718c966edb392782d4a>


# 9b92c1d1 21-Nov-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78849: GD build broken with -D SIGNED_COMPARE_SLOW

Apparently, this has not been tested for a long time, and might be a
refactoring relict. Anyhow, we have to pass the context to
`GIFNextPixel` as well.


# f6eac76b 17-Nov-2019 Christoph M. Becker <cmbecker69@gmx.de>

Update NEWS


# 39d04f15 12-Nov-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix ASLR related invalid opline handler issues

Opcache stores `opline->handler`s in shared memory. These pointers are
invalid, if the main PHP DLL is loaded at another base address due to
ASLR. We therefore store the address of `execute_ex` in the mmap base
file, and check on startup whether it matches its current address. If
not, we fall back on the file cache if enabled, and bail out otherwise.

This still does not address cases where the opline handler is located
inside of another DLL (e.g. for some profilers, debuggers), but there
seems to be no general solution for now.

(cherry picked from commit 8ba10b8fbc020dc225d3b19d8f088f1351a3e304)


# 2c9926f1 12-Nov-2019 Stanislav Malyshev <stas@php.net>

Fix bug #78804 - Segmentation fault in Locale::filterMatches


# 5fa6dcd9 07-Nov-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #78759

Handle INDIRECT values in array.


# 6d4965fe 05-Nov-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #78787

Not the first time inheritance of shadow properties causes an issue,
thankfully this whole concept is gone in PHP 7.4.


# 4c9ba3e0 05-Nov-2019 Christoph M. Becker <cmbecker69@gmx.de>

7.3.13 is next


# d317e16e 05-Nov-2019 Sara Golemon <pollita@php.net>

Bump for 7.2.26-dev


# 4f984a2f 04-Nov-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #78775

Clear the OpenSSL error queue before performing SSL stream operations.
As we don't control all code that could possibly be using OpenSSL,
we can't rely on the error queue being empty.


# f9895b4b 29-Oct-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #78689


# 52f04987 22-Oct-2019 Joe Watkins <krakjoe@php.net>

bump version


# 326cd05d 22-Oct-2019 Joe Watkins <krakjoe@php.net>

set versions for release


# 89c327f8 25-Oct-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78751: Serialising DatePeriod converts DateTimeImmutable

When getting the properties of a DatePeriod instance we have to retain
the proper classes, and when restoring a DatePeriod instance we have to
cater to DateTimeImmutable instances as well.


# 16c49108 28-Oct-2019 Nikita Popov <nikita.ppv@gmail.com>

Fix bug #78752

NULL out the execute_data before destroying it, otherwise GC may
trigger while the execute_data is partially destroyed, resulting
in double-frees.

The handling of call stack unfreezing is a bit awkward because it's
a ZEND_API function, so we can't change the signature.


# 52499938 24-Oct-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #78747


# 36943dff 22-Oct-2019 Christoph M. Becker <cmbecker69@gmx.de>

Update NEWS


# 2213bd36 22-Oct-2019 Remi Collet <remi@php.net>

add NEWS entry


# bea2ff88 19-Oct-2019 Fabien Villepinte <fabien.villepinte@gmail.com>

Fix bug #78697: inaccurate error message


# ab061f95 12-Oct-2019 Jakub Zelenka <bukka@php.net>

Fix bug #78599 (env_path_info underflow can lead to RCE) (CVE-2019-11043)


# 45a77232 19-Oct-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78694: Appending to a variant array causes segfault

`write_dimension` object handlers have to be able to handle `NULL`
`offset`s; for now we simply throw an exception instead of following
the `NULL` pointer.


# d2cde0bf 16-Sep-2019 m.yakunin <m.yakunin@8bitgroup.com>

Fix #70153 \DateInterval incorrectly unserialized

Added a separate macro for reading 'days' property, so that bool(false)
is correctly converted to the proper internal representation.


# e2a6bf48 09-Oct-2019 Mitch Hagstrand <mhagstrand@gmail.com>

Fix checksum calculation for opcache


# 900bdcbd 12-Oct-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78665: Multicasting may leak memory


# 3164186d 09-Oct-2019 Erik Lundin <erik@coretech.se>

Fix #78656: Parse errors classified as highest log-level


# 6fd6ad8f 09-Oct-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #78658


# 195c2008 07-Oct-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78642: Wrong libiconv version displayed

The high byte of `_libiconv_version` specifies the major version; the
low byte the minor version.


# 26f45cb4 07-Oct-2019 Christoph M. Becker <cmbecker69@gmx.de>

7.3.12 is next


# 05d6878b 08-Oct-2019 Remi Collet <remi@php.net>

next is 7.2.25


# fd3118ff 08-Oct-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78641: addGlob can modify given remove_path value

`remove_path` points to the given string, so we must not modify it.
Instead we use a duplicate, if we need the modification.

We may want to switch to `zend_string`s in master.


# 114c03b9 07-Oct-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78623: Regression caused by "SP call yields additional empty result set"

This reverts commit 41a4379cb45419a376043ca5f8c5a2bca82cea7c.


# abaf9a76 03-Oct-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78620: Out of memory error

The integer addition in `ZEND_MM_ALIGNED_SIZE_EX` can overflow, what we
have to catch early.


# a6d21963 02-Oct-2019 Brent Shaffer <betterbrent@google.com>

fix #78624: session_gc return value for user defined session handlers


# 9a2b42a5 03-Sep-2018 Fábio Souto <fabio.souto@miniclip.com>

Fix bug #76809 (SSL settings aren't respected when persistent connection is reused)


# 05560b67 18-Sep-2018 Konstantin Kopachev <tenzzor@gmail.com>

Fix #76859 stream_get_line skips data if used with data-generating filter

stream_get-line repeatedly calls php_stream_fill_read_buffer until
enough data is accumulated in buffer. However, when stream contains
filters attached to it, then each call to fill buffer essentially
resets buffer read/write pointers and new data is written over old.
This causes stream_get_line to skip parts of data from stream
This patch fixes such behavior, so fill buffer call will append.


# f2fb37a7 02-Oct-2019 Christoph M. Becker <cmbecker69@gmx.de>

Revert "Fix #78620: Out of memory error"

This reverts commit 8ce04df7e0108a10f7b782a28204e9384ab1129c.

Cf. <https://github.com/php/php-src/pull/4766#discussion_r330658679>.


# 8ce04df7 02-Oct-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78620: Out of memory error

If the integer addition in `ZEND_MM_ALIGNED_SIZE_EX` overflows, the
macro evaluates to `0`, what we should catch early.


# 6fcde56b 30-Sep-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #78612


# e546d721 28-Aug-2019 Sergei Turchanov <turchanov@farpost.com>

Fix #78413: php-fpm request_terminate_timeout does not take effect after fastcgi_finish_request

To retain legacy behavior I decided to add an option to control request
termination logic. If request_terminate_timeout_track_finished is set,
then request will be tracked for time limits even after
fastcgi_finish_request was called.

This patch depends on the fix provided in BUG 78469 (otherwise php-fpm
workers listening on named pipes on Windows will be erroneously terminated)
(PR #4636)


# 45db6fa5 30-Sep-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78609: mb_check_encoding() no longer supports stringable objects

We apply type juggling for other types than array.


# 75309386 24-Sep-2019 Christoph M. Becker <cmbecker69@gmx.de>

Update NEWS


# ed099ab1 23-Sep-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix NEWS entry

Cf. <https://bugs.php.net/78590>.


# 398b3083 21-Sep-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78579: mb_decode_numericentity: args number inconsistency

mb_decode_numericentity() accepts a fourth optional parameter, which is
unused, however. Since this parameter doesn't do any harm, and to avoid
the small BC break, we're keeping this parameter for PHP 7, but adjust
the arginfo.

For PHP 8, we will remove this parameter.


# e11ed028 18-Sep-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #78272

Use MAP_JIT only when running under hardened runtime, because MAP_JIT
is incompatible with fork().

The check is based on
https://github.com/mono/mono/commit/f879e35e3ed7496d819bd766deb8be6992d068ed.


# e691a98c 29-Jul-2019 fancyweb <calvet.thomas@gmail.com>

Fix #76342: file_get_contents waits twice specified timeout


# fdcca930 12-Sep-2019 bugreportuser <37939393+bugreportuser@users.noreply.github.com>

Fix #78535: auto_detect_line_endings value not parsed as bool


# df982da5 12-Sep-2019 Nikita Popov <nikita.ppv@gmail.com>

Fix bug #78525

When calling free_result_buffers(), also free field metadata and
restore the mempool state to what it was before any allocations
have been made. Remove the mempool save/restore logic for the
inner result set as this is now handled on a higher level.


# 71651837 12-Sep-2019 Kalle Sommer Nielsen <kalle@php.net>

NEWS


# a270eb19 10-Sep-2019 Sara Golemon <pollita@php.net>

Bump for 7.2.24


# cf31210f 10-Sep-2019 Christoph M. Becker <cmbecker69@gmx.de>

PHP 7.3.10RC1 has been tagged


# 1ac6b025 08-Sep-2019 CHU Zhaowei <me@jhdxr.com>

Fix bug #72884 isCloneable() on SplFileObject should return false


# 8ead7793 09-Sep-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78510: Partially uninitialized buffer returned by sodium_crypto_generichash_init()

Backport jedisct1/libsodium.php@28d13bf437cb969a0583031fc7ac54c5a8dc8116.


# 41a4379c 06-Aug-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #41997: SP call yields additional empty result set

When stored procedures are called, the "final result set is a status
result that includes no result set". Calling `::nextRowset()` on the
actual last result set should return FALSE, since there is actually no
further result set to be processed.


# f7129255 02-Sep-2019 Christoph M. Becker <cmbecker69@gmx.de>

Update NEWS


# 8f564e53 28-Aug-2019 Sergei Turchanov <turchanov@farpost.com>

Fixed bug #78469

fcgi_accept_request function is supposed to call a FastCGI implementation's
on_accept hook when entering an "accepting" stage (that is right before
calling "accept"). This hook implementation (fpm_request_accepting) updates
a worker state to an "accepting" state which is effectively an "Idle" state,
and updates counters on the scoreboard of the corresponding pool (idle++,
active--).

But this is not done when listening for client connections on a named pipe on
Windows platform. In that case a combination of
ConnectNamedPipe/WaitForSingleObject is used (to be able to catch in_shutdown
as far as I understand), but it is nonetheless functionally equivalent to
"accept" call. Also by not calling on_hook neither a worker's state is updated
to "accepting" state nor scoreboard counters are updated.


# b5572658 28-Aug-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78473: odbc_close() closes arbitrary resources

We have to bail out, if an invalid resource is given. For consistency
with the other `zend_fetch_resource(2)` calls, we return `FALSE`.


# fadd7f0f 28-Aug-2019 Joe Watkins <krakjoe@php.net>

bump versions after release


# 481520d3 28-Aug-2019 Joe Watkins <krakjoe@php.net>

set versions for release


# ffcf57fa 25-Jul-2019 Tsuyoshi Sadakata <sadapon2008@gmail.com>

Fix bug #78334 (fpm log prefix message includes wrong stdout/stderr notation)


# 03c7749d 23-Aug-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77812: Interactive mode does not support PHP 7.3-style heredoc

As of PHP 7.3.0, the rules regarding the heredoc and nowdoc closing
identifier have been relaxed. While formerly, the closing identifier
was required to be placed at the beginning of a line and to be
immediately followed by (a semicolon and) a line break, it may now be
preceeded by whitespace, and may be followed by any non-word character.
We adjust the recognition logic respectively.


# 31070884 21-Aug-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78441: Parse error due to heredoc identifier followed by digit

Since digits are allowed for identifiers, we have to cater to them as
well.


# cdf16c01 12-Aug-2019 Qianqian Bu <qibu@microsoft.com>

fix the problem for connect_attr, set db condition, and add a new attribute _server_host


# 81f52158 19-Aug-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78220: Can't access OneDrive folder

As of Windows 1903, when the OneDrive on-demand feature is enabled, the
OneDrive folder is reported as reparse point by `FindFirstFile()`, but
trying to get information about the reparse point using
`DeviceIoControl()` fails with `ERROR_NOT_A_REPARSE_POINT`. We work
around this problem by falling back to `GetFileInformationByHandle()`
if that happens, but only if the reparse point is reported as cloud
reparse point, and only if PHP is running on Windows 1903 or later.

The patch has been developed in collaboration with ab@php.net.

We should keep an eye on the somewhat quirky OneDrive behavior, since
it might change again in a future Windows release.


# be7e8190 17-Aug-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77922

In PHP 7.3 shadow properties are no longer duplicated. Make sure we
only release them if the property was defined on the parent class,
which means that it changed from private->shadow, which is where
duplication does happen.


# 9b9814fa 16-Aug-2019 Sara Golemon <pollita@php.net>

Revert "Move to non deprecated API on suitable ICU versions"

This reverts commit 13a2f2d041999dca0066542f2a552798fab9a13d.

The APIs used by this commit aren't entirely equivalent to the original ones.


# 49666474 15-Aug-2019 Christoph M. Becker <cmbecker69@gmx.de>

Update NEWS

This fix has been cherry-picked into PHP-7.3.9.


# fcabe7e5 14-Aug-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #78412

$this should only be included in the generator GC buffer, if it
will be released on destruction.


# 4b64d47c 13-Aug-2019 Sara Golemon <pollita@php.net>

Bump for 7.2.23


# 5536105b 13-Aug-2019 Christoph M. Becker <cmbecker69@gmx.de>

Next will be 7.3.10


# 4eeb41d1 13-Aug-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77191


# 358379be 08-Aug-2019 Dmitry Stogov <dmitry@zend.com>

Fixed bug #78379 (Cast to object confuses GC, causes crash)


# 954543ce 13-Jul-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78282: atime and mtime mismatch

The fix for bug #78241 assumed that `time_t` would always be 64bit, but
actually is 32bit for x86. We therefore enforce 64bit arithmetic to
avoid wrapping.

(cherry picked from commit bf242d58e77d50d4d8fdaaaca7ede686ec4467c0)


# a87ef5e3 02-Aug-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78346: strip_tags no longer handling nested php tags

When the strip tags state machine has been flattened, an if statement
has mistakenly been treated as else if. We fix this, and also simplify
a bit right away.


# f9f4a683 02-Aug-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78179: MariaDB server version incorrectly detected

As of MariaDB 10.0.2, the server reports a fake version number as work-
around for replication issues[1]. We apply the same "fix" as in the
MariaDB client to cater to this.

[1] <https://github.com/MariaDB/server/commit/c50ee6c23dbeb090963580754bec2f0a96ac0557#diff-5b45fa673c88c06a9651c7906364f592>


# d89157cd 02-Aug-2019 Nikita Popov <nikita.ppv@gmail.com>

Add test for bug #78363


# 85e8ccd5 02-Aug-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #78363


# 8af14024 31-Jul-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix 78213: Empty row pocket

We have to ensure that we don't create an arena which is smaller than
its header, regardless of the configured alignment.


# 1c01a157 31-Jul-2019 Joe Watkins <krakjoe@php.net>

set version for release


# ef439abd 30-Jul-2019 Christoph M. Becker <cmbecker69@gmx.de>

Add security related NEWS entries [ci skip]


# b29ecec4 30-Jul-2019 Remi Collet <remi@php.net>

add security NEW entries + reorder [ci skip]


# cd1101e8 29-Jul-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77919: Potential UAF in Phar RSHUTDOWN

We have to properly clean up in case phar_flush() is failing.

We also make the expectation of the respective test case less liberal
to avoid missing such bugs in the future.


# 42e8b85d 29-Jul-2019 Stanislav Malyshev <stas@php.net>

Update NEWS


# dc7aa22b 23-Jul-2019 Albert Casademont <albertcasademont@gmail.com>

Fix bug #78326

Similar to what fread() does, truncate the stream_get_contents()
result if the original buffer was way too large.


# 76683ea9 29-Jul-2019 Christoph M. Becker <cmbecker69@gmx.de>

Update NEWS [ci skip]

The fix has been cherry-picked into PHP-7.3.8, so the bug will be fixed
already there.


# 8e63bb5e 29-Jul-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #78341

The smart branch logic assumed b->start refers to the old offsets,
while b->start was already adjusted to the new offsets at this
point. Delay the change until later.


# 68fd435b 29-Jul-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #78333

Don't dereference float/double values at unknown address, instead
memcpy it into an aligned stack slot and dereference that.


# d142dfc9 29-Jul-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #78333

Don't dereference float/double values at unknown address, instead
memcpy it into an aligned stack slot and dereference that.


# 30eb4b35 29-Jul-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78342: Bus error in configure test for iconv //IGNORE

We have to check the return value of iconv_open() for error, to avoid
that and potentially other undesired behavior of iconv().


# b42a13b0 23-Jul-2019 Peter Kokot <peterkokot@gmail.com>

Update NEWS


# 8f384bea 23-Jul-2019 Peter Kokot <peterkokot@gmail.com>

Update NEWS


# bdf24f8d 22-Jan-2019 Maksim Nikulin <mnikulin@plesk.com>

Prevent use after free in fpm_event_epoll_wait

epoll event backend does not guarantee that child input/output events
are reported before SIGCHILD due to finished worker. While a bunch of
events received by epoll is being processed, child-related structures
may be removed before dispatching of an I/O event for the same child.
The result may be attempt to access to memory region allocated for
another purpose, segfault of the master process, and unavailable web
sites.

Postpone processing of SIGCHILD events till other events in the same
bunch are processed.

Fix Bug #62418 php-fpm master process crashes
Fix Bug #65398 Race condition between SIGCHLD and child stdout/stderr event leads to segfault
Fix Bug #75112 php-fpm crashing, hard to reproduce
Fix Bug #77114 php-fpm master segfaults in fpm_event_epoll_wait/fpm_event_fire
Fix Bug #77185 Use-after-free in FPM master event handling


# c8c183eb 17-Jul-2019 Abyr Valg <valga@abyrga.ru>

Fixed bug #77946

Save multi_info_read() result into easy handle.


# b864abfe 17-Jul-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #69100


# 956ecc2c 16-Jul-2019 Christoph M. Becker <cmbecker69@gmx.de>

Update NEWS [ci skip]


# bd051491 16-Jul-2019 Remi Collet <remi@php.net>

move NEWS entry [ci skip]


# 8a19fe29 16-Jul-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #78297


# c9037421 16-Jul-2019 Remi Collet <remi@php.net>

next is 7.2.22


# 88ffe057 24-Jun-2019 Nikita Popov <nikita.ppv@gmail.com>

Fix bug #77124

This is a backport of 6fcae63f614d1ed4aaeaff7b13a7a4627b1f1312
to PHP 7.2.


# ad48464e 15-Jul-2019 Remi Collet <remi@php.net>

typo [ci skip]


# a7ff3a64 15-Jul-2019 Remi Collet <remi@php.net>

Fix #78269 password_hash uses weak options for argon2


# eab0079c 15-Jul-2019 Remi Collet <remi@php.net>

Fix #78269 password_hash uses weak options for argon2


# 768ad70f 14-Jul-2019 Andrew Collington <andy@amnuts.com>

Fix bug #78291 Missing opcache directives

New opcache directives have been added recently which are returned
if using `ini_get_all('zend opcache')` but are not listed in the
directives if using `opcache_get_configuration()`. This fix adds
those missing directives as well as if `opcache.mmap_base` is used
instead of `opcache.lockfile_path`. Also adds a test to ensure the
directives match with both methods of fetching.


# 4a91f66b 12-Jul-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #78279

Even if we don't initialize the callback on every request, we
should still reset our globals to default values...


# fa65f5ec 27-Jun-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78212: Segfault in built-in webserver

Since syslog's ident and facility parameters have been added to
config[1], vsyslog() segfaults on Windows, if openlog() has not been
called before. We bring back the removed lines to fix this.

[1] <http://git.php.net/?p=php-src.git;a=commit;h=2475337bd8a0fad0dac03db3f5e7e9d331d53653>


# e7a83ec8 10-Jul-2019 Nikita Popov <nikita.ppv@gmail.com>

Fix bug #78271

When cleaning nops in the dfa pass, we were always keeping the
smart branch inhibiting nop that occurs directly before the jump
instruction. However, as we skip unreachable blocks entirely, it
may happen that we need to keep a nop that occurs further back,
prior to the unreachable blocks. Account for that case now.

We should really do something about the smart branch situation,
this is very fragile...


# e944ae6b 21-Jun-2019 Christoph M. Becker <cmbecker69@gmx.de>

Upgrade to SQLite 3.28.0

Over the years, multiple security vulnerabilities[1] have been found
and fixed in SQLite3, so it makes sense to update our bundled libsqlite
to the latest available version.

[1] <https://www.cvedetails.com/vulnerability-list/vendor_id-9237/Sqlite.html>


# 4fcf8e93 08-Jul-2019 Peter Kokot <peterkokot@gmail.com>

Update NEWS [ci skip]


# f81be1af 08-Jul-2019 Peter Kokot <peterkokot@gmail.com>

Update NEWS [ci skip]


# 807c7556 04-Jul-2019 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Remove NEWS entry

This commit already was contained in PHP 7.3.7, but doesn't need a NEWS
entry, since the regression had only been introduced with PHP 7.3.7RC1.


# cb1237a3 04-Jul-2019 Fabien Villepinte <fabien.villepinte@gmail.com>

Fix typo in NEWS [skip ci]


# 0e48e35e 02-Jul-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #78231


# 4892bbc1 03-Jul-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #78230


# 44c8b741 03-Jul-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78241: touch() does not handle dates after 2038 in PHP 64-bit

`time_t` defaults to `_time64` (which is 64bit signed) even on x86, but
`Int32x32To64()` truncates it to signed 32bit. We replace the macro
with the "manual" calculation.


# 41949bb7 02-Jul-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix NEWS

Bug #78185 fixed a regression in PHP 7.3.7RC2, so should not be listed
here.


# b039a411 01-Jul-2019 Peter Kokot <peterkokot@gmail.com>

Update NEWS [ci skip]


# a149f9f3 29-Jun-2019 Anatol Belski <ab@php.net>

Update NEWS [ci skip]


# 05c00a83 26-Jun-2019 Vincent <vquatrevieux@b2pweb.com>

Fix bug #78192 PDO SQLite SegFault when reuse statement after schema has changed

Reset stmt->columns when column count changed on new execution of prepared statement


# 4366f22d 25-Jun-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78202: Opcache stats for cache hits are capped at 32bit NUM

We use the proper format specifiers now.


# fcd6f2de 20-Jun-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78189: file cache strips last character of uname hash

We must not forget to increase `len` by one to cater to the directory
separator.


# a0f370e7 20-Jun-2019 Christoph M. Becker <cmbecker69@gmx.de>

Update NEWS


# c2ee2e4c 20-Jun-2019 Remi Collet <remi@php.net>

move NEWS entry


# cd6a6e4c 20-Jun-2019 Dmitry Stogov <dmitry@zend.com>

Fixed bug #78185 (File cache no longer works)


# 65067dff 18-Jun-2019 Joe Watkins <krakjoe@php.net>

Resolve discrepencies between second value yielded by gettimeofday and time, fixes #69044


# d54220bc 18-Jun-2019 Asher Baker <asher.baker@tripleplay.tv>

Fix #78173: XML-RPC mutates immutable objects during encoding

With opcache.protect_memory=1 enabled, the XML-RPC extension causes a
segfault on PHP 7.2 as it is modifying the recursion counter of objects
it touches, without first checking if they are immutable or not.

This doesn't affect 7.3+


# 740d9ecd 18-Jun-2019 Christoph M. Becker <cmbecker69@gmx.de>

Update NEWS


# e59b986f 18-Jun-2019 Remi Collet <remi@php.net>

move NEWS entry


# 9f0515c4 15-Jun-2019 Erik Lundin <erik@coretech.se>

Add syslog.filter=raw

This passes through syslog message unchanged, without splitting
messages at newlines.


# f1a81380 12-Jun-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #78106

When disabling opcache during the request via opcache.enable ini
setting, make sure we also disable ZCG(accelerator_enabled).


# bcf20963 11-Jun-2019 Christoph M. Becker <cmbecker69@gmx.de>

Next is 7.3.8


# feb92adc 10-Jun-2019 Remi Collet <remi@php.net>

next is 7.2.21


# 05c60abf 10-Jun-2019 Remi Collet <remi@php.net>

next is 7.2.21


# f3ff72e5 30-Apr-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77937: preg_match failed

On some recent Windows systems, ext\pcre\tests\locales.phpt fails,
because 'pt_PT' is accepted by `setlocale()`, but not properly
supported by the ctype functions, which are used internally by PCRE2 to
build the localized character tables.

Since there appears to be no way to properly check whether a given
locale is fully supported, but we want to minimize BC impact, we filter
out typical Unix locale names, except for a few cases which have
already been properly supported on Windows. This way code like

setlocale(LC_ALL, 'de_DE.UTF-8', 'de_DE', 'German_Germany.1252');

should work like on older Windows systems.

It should be noted that the locale names causing trouble are not (yet)
documented as valid names anyway, see
<https://docs.microsoft.com/en-us/cpp/c-runtime-library/locale-names-languages-and-country-region-strings?view=vs-2019>.


# 10b208f2 06-Jun-2019 Dmitry Stogov <dmitry@zend.com>

Restored NEWS entry


# 83cdb89f 07-Jun-2019 Dmitry Stogov <dmitry@zend.com>

Fixed bug #77135 (Extract with EXTR_SKIP should skip $this)


# 7d1aa753 06-Mar-2019 Cameron Porter <camporter1@gmail.com>

Fixed bug #38546

Properly support binding boolean parameters with emulated prepared
statements disabled. Also add the necessary mysqlnd support for
MYSQL_TYPE_TINY.


# 22a3fa0b 06-Jun-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78114: segfault when calling sodium_* functions from eval

We must not follow the NULL pointer.


# 2e025794 02-Jun-2019 Jakub Zelenka <bukka@php.net>

Fix bug #78079 (openssl_encrypt_ccm.phpt fails with OpenSSL 1.1.1c)

It also fixes invalid setting of tag length


# f3cd6931 29-May-2019 Christoph M. Becker <cmbecker69@gmx.de>

Update NEWS for 7.3.6


# 30511470 29-May-2019 Remi Collet <remi@php.net>

add NEWS entries for sec fix


# 5533f249 28-May-2019 Joe Watkins <krakjoe@php.net>

bump version after release


# c34895e8 28-May-2019 Stanislav Malyshev <stas@php.net>

Fix bug #77967 - Bypassing open_basedir restrictions via file uris


# 73ff4193 28-May-2019 Stanislav Malyshev <stas@php.net>

Fix bug #77988 - heap-buffer-overflow on php_jpg_get16


# 16e037bd 27-May-2019 Stanislav Malyshev <stas@php.net>

Update NEWS


# a0c9d084 27-May-2019 Michael Maroszek <maroszek@gmx.net>

Fixed bug #76345


# 6f9dfd94 22-May-2019 Nikita Popov <nikita.ppv@gmail.com>

Fix bug #77955

Free metadata before freeing the arena. I don't have a repro script,
but the added assertion fails for many existing tests prior to this
change.


# 9a74b232 23-May-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #78038 socket_select with references


# 96404eb8 18-May-2019 Sjon Hortensius <sjon@hortensius.net>

Fix #77956 - When mysqli.allow_local_infile = Off, return a client error


# e246dea9 17-May-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78025: segfault when accessing properties of DOMDocumentType

Instead of following the NULL pointer, we return an empty string.


# 9d76fbd0 15-May-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #78015

Don't try to evaluate various operations with partial array operands.
We could evaluate some of these, but let's be conservative for now...


# 35353dc4 14-May-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #76980

If we perform a class fetch that is not marked as exception safe,
convert exceptions thrown by autoloaders into a fatal error.

Ideally fetching the interfaces would be exception safe, but as it
isn't right now, we must abort at this point.


# 714d2d8a 15-May-2019 Christoph M. Becker <cmbecker69@gmx.de>

Update NEWS regarding re-tagging 7.3.6RC1


# 4fa32d67 15-May-2019 Sara Golemon <pollita@php.net>

Bump for 7.2.20


# bb7ecb87 14-May-2019 Dmitry Stogov <dmitry@zend.com>

Moved NEWS entry


# 5c4d125d 14-May-2019 Dmitry Stogov <dmitry@zend.com>

Fixed possible crashes, because of inconsistent PCRE cache and opcache SHM reset


# 2d93cce0 14-May-2019 Christoph M. Becker <cmbecker69@gmx.de>

Prepare 7.3.7-dev


# 69bab6e5 13-May-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #78003: strip_tags output change since PHP 7.3

A refactoring of the strip tags state machine[1] missed the special
treatment of `depth > 0` when a `>` is encountered in state 2 or 3. We
re-add it for BC reasons.

[1] <http://git.php.net/?p=php-src.git;a=commit;h=5cf64742773ddbf9af69d962a4d12b567fcf0084>


# cc5c51e7 11-May-2019 Jakub Zelenka <bukka@php.net>

Fix bug #77934 (php-fpm kill -USR2 not working)


# 35c80583 08-May-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #75186


# 78d24429 03-May-2019 Javier Spagnoletti <phansys@gmail.com>

Update `NEWS` with changes made at #4093


# 1210c3b9 30-Apr-2019 Christoph M. Becker <cmbecker69@gmx.de>

Update NEWS wrt. sec fixes


# f80ad18a 30-Apr-2019 Stanislav Malyshev <stas@php.net>

Fix bug #77950 - Heap-buffer-overflow in _estrndup via exif_process_IFD_TAG

I do not completely understand what is going on there, but I am pretty
sure dir_entry <= offset_base if not a normal situation, so we better not
to rely on such dir_entry.


# 18a9ae41 29-Apr-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77943: imageantialias($image, false); does not work

Firstly, we must not call `gdImageSetAntiAliased()` (which sets the
color to anti-alias), but rather modify the `gdImage.AA` flag.
Furthermore, we have to actually use the supplied boolean value.

We also make sure that we don't attempt to enable anti-aliasing for
palette images.


# cd94cf60 29-Apr-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77943: imageantialias($image, false); does not work

Firstly, we must not call `gdImageSetAntiAliased()` (which sets the
color to anti-alias), but rather modify the `gdImage.AA` flag.
Furthermore, we have to actually use the supplied boolean value.

We also make sure that we don't attempt to enable anti-aliasing for
palette images.


# 5da05792 29-Apr-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77945

Make sure that we proper distinguish between empty string key and
no key during SDL serialization.


# f83c207d 27-Apr-2019 Peter Kokot <peterkokot@gmail.com>

Update NEWS


# 6d8892aa 27-Apr-2019 Peter Kokot <peterkokot@gmail.com>

Update NEWS


# 16609880 27-Apr-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77944: Wrong meta pdo_type for bigint on LLP64

When actually fetching the data, bigint (unsigned) column values are
returned as integers on LLP64 architectures, so their pdo_type has to
be PDO::PARAM_INT accordingly.


# 5d21a15c 24-Apr-2019 Remi Collet <remi@php.net>

news entry for litespeed


# 4831e150 22-Apr-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77843


# cedee440 23-Apr-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77931


# 0b841483 20-Apr-2019 Peter Kokot <peterkokot@gmail.com>

Update changelog


# 295c6691 20-Apr-2019 Peter Kokot <peterkokot@gmail.com>

Update changelog


# d20053a5 17-Apr-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77911: Wrong warning for session.sid_bits_per_character


# 7b1a4e24 25-Mar-2019 Ignace Nyamagana Butera <nyamsprod@gmail.com>

Fixed bug #77909: DatePeriod::__construct() with invalid recurrence count value

Improve error message on invalid reccurence count

Adding test when reccurence is -1


# 6c44a71e 16-Apr-2019 Remi Collet <remi@php.net>

next is 7.2.19


# 5ae49c43 16-Apr-2019 Christoph M. Becker <cmbecker69@gmx.de>

Prepare main branch for PHP 7.3.6


# 9a9eed47 16-Apr-2019 Nikita Popov <nikita.ppv@gmail.com>

Fix second part of bug #77903

When a HT iterator is one past the end and we rehash, we need to make
sure that it is move to the new one past the end position, to make
sure that newly inserted elements are picked up.


# 619c4e9f 15-Apr-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77895


# e9c0367f 15-Apr-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77882


# 3e1eff25 15-Apr-2019 Côme Chilliet <mcmic@php.net>

Updated NEWS


# d7b5954f 08-Apr-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77853


# eea61cda 08-Apr-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77844

We should probably return an integer result from the operation in
typed mode, right now the result is always a string.


# 9ec1525e 05-Apr-2019 Cameron Porter <porterca@us.ibm.com>

Fix bug #77849 Disable cloning of PDO handle/connection objects to avoid segfault


# 54bed8d2 04-Apr-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix typos


# 849c49a7 02-Apr-2019 Christoph M. Becker <cmbecker69@gmx.de>

Update NEWS


# 731eeb8d 02-Apr-2019 Joe Watkins <krakjoe@php.net>

bump versions after release


# 887a7b57 02-Apr-2019 Stanislav Malyshev <stas@php.net>

Fixed bug #77831 - Heap-buffer-overflow in exif_iif_add_value in EXIF


# 3d5b6f23 01-Apr-2019 Stanislav Malyshev <stas@php.net>

Update NEWS & UPGRADING


# c684d32f 01-Apr-2019 Stanislav Malyshev <stas@php.net>

Update NEWS


# 88460c01 31-Mar-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77827: preg_match does not ignore \r in regex flags


# 7af270eb 27-Mar-2019 Joe Watkins <krakjoe@php.net>

Fix #77805 phpdbg build fails when readline is shared


# 7df8e4fc 26-Mar-2019 Joe Watkins <krakjoe@php.net>

Fix #77800 phpdbg segfaults on conditional breakpoints


# 6ef6d317 25-Mar-2019 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS


# 72a2ab39 25-Mar-2019 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS


# ec2ecb7e 19-Mar-2019 Vlad Temian <vladtemian@gmail.com>

Fix bug #77680: Correctly implement recursive mkdir on FTP stream

If the root directory was missing, an extra CWD without arguments was
made. Also, the MKD contained an empty string.

Now the CWD will use / and MKDs will be issued starting from the root
directory.


# e97577ed 25-Mar-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77793

By making sure that we always first increment the refcount of the
new value before we destroy the old one.


# 85095dfd 25-Mar-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #72175

Make sure we don't close the connection we're trying to reuse...


# b8b88093 19-Mar-2019 Alessandro Chitolina <alekitto@gmail.com>

fix bug #76801: phpdbg too many open files error


# 30ddfd49 22-Mar-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77773


# da35fa2c 21-Mar-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77772


# a785ccd2 20-Mar-2019 Remi Collet <remi@php.net>

NEWS


# 963428a7 19-Mar-2019 Sara Golemon <pollita@php.net>

Bump versions for 7.2.18


# a2de4204 19-Mar-2019 Christoph M. Becker <cmbecker69@gmx.de>

Prepare main branch for PHP 7.3.5


# 661bce47 19-Mar-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #76127

Per documentation, and consistent with other preg functions, we
should return false if an error occurred.


# fe2885d8 18-Mar-2019 Vlad Temian <vladtemian@gmail.com>

Fixed bug #77765

Set mode 40755 for directories, via FTP stream stat.

Because we already manage to CWD into the current directory,
we should set 40755 as mode, instead of 40644.


# 09e52232 18-Mar-2019 Miriam Lauter <mlauter@etsy.com>

Fix #77767: phpdbg break command help message shows incorrect aliases

Previously the aliases for at and del were listed as A and d
in the help message for break. This patch corrects the aliases
to be @ and ~ respectively.


# 5ead86a3 18-Mar-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix order


# 41bc51ce 18-Mar-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77578: Crash when php unload

Since we're putting `ITypeLib *`s into the hash, we're getting
`ITypeLib *`s back, not `ITypeLib **`s.


# 54bf8c82 18-Mar-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77743


# ad2d2e41 18-Mar-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #76956: Wrong value for 'syslog.filter' documented in php.ini


# 6eb83a63 26-Feb-2019 Ignace Nyamagana Butera <nyamsprod@gmail.com>

Fixed bug #75113: Added DatePeriod::getRecurrences() method.


# b4195908 15-Mar-2019 Xinchen Hui <laruence@gmail.com>

Fixed bug #77697 (Crash on Big_Endian platform)


# e7d40afb 14-Mar-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77742

By avoiding integer overflow in the implementation entirely. The
multiplication was already explicitly checked for overflow, so also
add a check for the addition and remove the overflow checks after
the calculation.


# 82174e68 14-Mar-2019 Xinchen Hui <laruence@gmail.com>

updated NEWS


# c7920aba 14-Mar-2019 Xinchen Hui <laruence@gmail.com>

Fixed bug #77738 (Nullptr deref in zend_compile_expr)


# a7739be2 12-Mar-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77722


# 58c25bf6 16-Dec-2018 bohwaz <github.bohwaz@miam.kd2.org>

SQLite3: add DEFENSIVE config for SQLite >= 3.26.0 as a mitigation strategy against potential security flaws


# e93259bb 16-Dec-2018 bohwaz <github.bohwaz@miam.kd2.org>

SQLite3: add DEFENSIVE config for SQLite >= 3.26.0 as a mitigation strategy against potential security flaws


# 1fd32e9c 11-Mar-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #76717

Print INT_MIN as -INT_MAX-1 to avoid it getting parsed as a float
literal due to integer overflow.


# 0a416b3d 07-Mar-2019 Dmitry Stogov <dmitry@zend.com>

ws


# 5da591c5 07-Mar-2019 Dmitry Stogov <dmitry@zend.com>

Fixed bug #77345 (Stack Overflow caused by circular reference in garbage collection)


# 41fb0eaa 05-Mar-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77700: Writing truecolor images as GIF ignores interlace flag

We revert the interlace flag related part of commit ff2822a[1], since
contrary to the transparent color, the interlace flag is not retained
by `gdImageCreatePaletteFromTrueColor()`. This also matches upstream
libgd.

[1] <http://git.php.net/?p=php-src.git;a=commit;h=ff2822a82b740edb8ccf307f080bae188c200fb9>


# b6308f5b 05-Mar-2019 Joe Watkins <krakjoe@php.net>

fix news


# 58c5df3d 05-Mar-2019 Joe Watkins <krakjoe@php.net>

bump versions after release


# 0e836f52 05-Mar-2019 Remi Collet <remi@php.net>

add NEWS entry


# 007ac353 04-Mar-2019 Christoph M. Becker <cmbecker69@gmx.de>

Update NEWS


# 6ff0b24e 04-Mar-2019 Christoph M. Becker <cmbecker69@gmx.de>

Update NEWS


# 3f00c936 04-Mar-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77691

We cannot replace an op1_def opcode with an ASSIGN, if it also has
a used res_def. Usually this doesn't happen because the res_def use
can be eliminated first. The example is a case where operand replacement
on the res_def use fails.


# 2694953a 04-Mar-2019 Remi Collet <remi@php.net>

add NEWS entries


# e0f5d62b 04-Mar-2019 Stanislav Malyshev <stas@php.net>

Fix bug #77586 - phar_tar_writeheaders_int() buffer overflow


# 759e841b 04-Mar-2019 Stanislav Malyshev <stas@php.net>

Update NEWS


# 637713c1 02-Mar-2019 Peter Kokot <peterkokot@gmail.com>

Update NEWS


# c39fb1fc 01-Mar-2019 Peter Kokot <peterkokot@gmail.com>

Update NEWS


# 006355c9 18-Feb-2019 Kevin Adler <kadler@us.ibm.com>

Fix bug #77677: WCOREDUMP not available on all systems

Add #ifdef WCOREDUMP around all uses.

Also Change core dump message to yes/no/unknown in lsapilib.


# a890c5be 28-Feb-2019 Derick Rethans <github@derickrethans.nl>

Fixed bug #50020 (DateInterval:createDateFromString() silently fails)


# 9ad9cc71 28-Feb-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77669


# fb3f078e 25-Feb-2019 Xinchen Hui <laruence@gmail.com>

Update NEWS


# 1c22ace0 25-Feb-2019 Xinchen Hui <laruence@gmail.com>

Fixed bug #77660 (Segmentation fault on break 2147483648)


# 3b5475e9 25-Feb-2019 Xinchen Hui <laruence@gmail.com>

Update NEWS


# 4a72dd78 25-Feb-2019 Xinchen Hui <laruence@gmail.com>

Fixed bug #77664 (Segmentation fault when using undefined constant in custom wrapper)


# 831eba0e 22-Feb-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77648: BOM in sapi/apache2handler/php_functions.c


# 53881438 22-Feb-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77652


# 08089b57 21-Feb-2019 Frank Denis <github@pureftpd.org>

Fix bug #77646


# e7ca69f1 21-Feb-2019 Frank Denis <github@pureftpd.org>

Fix bug #77646


# 934691fa 21-Feb-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77597

The same variable was reused in two nested loops... The test doesn't
fail on 7.2, but I'm fixing this here anyway as the code is clearly
wrong, and probably erroneous in other situations.


# 2ec59b3e 19-Feb-2019 Christoph M. Becker <cmbecker69@gmx.de>

Prepare main branch for PHP 7.3.4


# b243f2fe 18-Feb-2019 Remi Collet <remi@php.net>

bump version to 7.2.17-dev


# 767fa3dc 15-Feb-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77626: Persistence confusion in php_com_import_typelib()

We apply only the most minimal fix here, and will cater to the
unnecessary re-allocation for PHP-7.4.

We don't need to add a regression test, since bug39606.phpt and
bug77621.phpt already show the misbehavior.


# de738496 14-Feb-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77621: Already defined constants are not properly reported

We must not check uninitialized values (i.e. `c.value`), and we have to
use proper types for printf-style formats (i.e. `char *` instead of
`zend_string *`).


# eb063c8a 14-Feb-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77612

Port php_setcookie() to use the smart_str API to ensure that there
can be no string truncation issues.


# 07877c46 12-Feb-2019 DanielCiochiu <daniel@ciochiu.ro>

Fixed bug #75546

By respecting the SILENT flag when checking the visibility of a
class constant.


# 8e34de47 12-Feb-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77608

Remove special handling of doubles and escape them as usual instead.


# c4294440 10-Feb-2019 Ben Ramsey <ben@benramsey.com>

Fixed bug #77564: Memory leak in exif_process_IFD_TAG

The memory leak occurs when more than one UserComment tag is present in
the EXIF data. It's still considered corrupt EXIF data, but this ensures
the memory is freed before trying to set to already allocated memory.


# b6e58dcd 12-Feb-2019 Dmitry Stogov <dmitry@zend.com>

Fixed bug #77599 (Unbuffered queries; native prepared statements memory leak)


# 2eaabf06 11-Feb-2019 Darek Slusarczyk <dariusz.slusarczyk@oracle.com>

security fix - by default 'local infile' is disabled:
- set default for mysqli.allow_local_infile=0
- explicitly disable PDO::MYSQL_ATTR_LOCAL_INFILE in case of lack of driver options
- add getAttribute support for PDO::MYSQL_ATTR_LOCAL_INFILE
- update existing tests where needed
- add new tests [checking default value and setting on] the 'local infile' in ext/mysqli and ext/pdo_mysql


# ec28d4c2 29-Jan-2019 Ahmed Abdou <email@ahmed.ro>

Fix bug #51068 (glob:// do not support current path relative)

Fix DirectoryIterator glob://* current path relative queries


# fe4d7248 01-Feb-2019 johnstevenson <john-stevenson@blueyonder.co.uk>

Fix #77552: Uninitialized buffer in stat functions


# 92055ca7 11-Feb-2019 Xinchen Hui <laruence@gmail.com>

Fixed bug #77589 (Core dump using parse_ini_string with numeric sections)

Section name should not be typed(NULL, FALSE, TRUE etc)


# bdce2954 11-Feb-2019 Christopher Jones <christopher.jones@oracle.com>

Merge PDO_OCI PR


# 1f86dcdd 11-Feb-2019 Christopher Jones <christopher.jones@oracle.com>

PDO_OCI tracing attribute PR merge


# b2907527 05-Feb-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix NEWS

Bug #77287 is already fixed in PHP 7.3.2.


# c0228f74 03-Feb-2019 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Add missing notes regarding gc_status()


# 203a2da3 01-Feb-2019 Dmitry Stogov <dmitry@zend.com>

Fixed bug #77329 (Buffer Overflow via overly long Error Messages)


# 3890c8bc 09-Jul-2018 Kevin Abel <kevin.abel.0@gmail.com>

Fix bug 76596: phpdbg supports display_errors=stderr


# f27f9022 30-Jan-2019 Guillaume Degoulet <g.degoulet@of2m.fr>

Fix #77546 iptcembed broken function


# cbc5a141 30-Jan-2019 Christoph M. Becker <cmbecker69@gmx.de>

Prepare main branch for PHP 7.2.16


# ef68cd32 28-Jan-2019 ekinhbayar <me@ekins.space>

Fixed bug #77530: PHP crashes when parsing "(2)::class"


# dc2ffdee 17-Jan-2019 Jakub Zelenka <bukka@php.net>

Fix bug #77390 (feof might hang on TLS streams in case of fragmented TLS records)

Simplified version of the fix from Abyl Valg so credit to him.


# f78e6814 25-Jan-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77498

I've renamed the function to the same name as the exported symbol
in master.


# 3c98c2d0 24-Jan-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77514


# 73f222d7 24-Jan-2019 Dmitry Stogov <dmitry@zend.com>

Fixed bug #77494 (Disabling class causes segfault on member access)


# 19a9a6ba 22-Jan-2019 Christoph M. Becker <cmbecker69@gmx.de>

Prepare main branch for PHP 7.3.3


# 76760901 21-Jan-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77287

There may be an EXT_NOP opcode before the parameter list, we should
skip over it.


# a1b1c53d 20-Jan-2019 Anatol Belski <ab@php.net>

Update NEWS [ci skip]


# d978590c 20-Jan-2019 Anatol Belski <ab@php.net>

Update NEWS [ci skip]


# 44fa0b0f 19-Jan-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77479: imagewbmp() segfaults with very large images

We must not proceed working with the Wbmp structure, if it hasn't been
allocated.


# 32ae7160 16-Jan-2019 Pedro Magalhães <pmmaga@php.net>

Fixed bug #76675

Leave a reference to the resource in the php_curl.


# 766b4fd5 17-Jan-2019 Jakub Zelenka <bukka@php.net>

Fix bug #77430 (php-fpm crashes with Main process exited)


# 61cfa34e 16-Jan-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #73614: gdImageFilledArc() doesn't properly draw pies

The fix for PHP bug 43828[1] changed the algorithm from drawing filled
pies from drawing multiple triangles to drawing a single polygon. Due
to quirks of the filled polygon drawing algorithm, we had to filter out
extraneous vertices. This lead, however, to a bug regarding displaced
starting and ending points near 90° and 270° degrees, which we fix by
reinserting these vertices if they had been removed.

This fix is a port of libgd/libgd@1406b1a.

[1] <https://bugs.php.net/bug.php?id=43828>


# 1a306cc9 14-Jan-2019 Dmitry Stogov <dmitry@zend.com>

Fixed bug #77308 (Unbuffered queries memory leak)


# c8c5a3ab 14-Jan-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77447

By disabling asan for CPU support helpers used in ifunc resolvers.


# 92045053 14-Jan-2019 Dmitry Stogov <dmitry@zend.com>

Fixed bug #77263 (Segfault when using 2 RecursiveFilterIterator)


# 3ad0ebdf 14-Jan-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77454


# 332b58f8 27-Dec-2018 Kevin Adler <kadler@us.ibm.com>

Fix bug #77361 (configure fails on 64-bit AIX when opcache enabled)

In f9048300123, support for GNU Hurd was added to the opcache and
the configure check to ensure the opcache knows the flock struct
layout prior to building was changed check for two cases: BSD layout
and Linux layout. All the existing hard-coded cases in
ZendAccelerator.h follow these two cases, except for 64-bit AIX.
This means that even though building on 64-bit AIX would work,
the configure script refuses to continue.

Add a new configure check for the 64-bit AIX case and a new
compiler definition HAVE_FLOCK_AIX64. Now that all the cases are
covered, simplify the ifdef logic around these three HAVE_FLOCK_*
macros:
- The macOS and the various BSD flavors fall under HAVE_FLOCK_BSD
- Linux, HP-UX, GNU Hurd, 32-bit AIX, and SVR4 environments
fall under HAVE_FLOCK_LINUX
- 64-bit AIX falls under HAVE_FLOCK_AIX64

The only difference between the existing HAVE_FLOCK_LINUX and
the hard-coded Linux/HP-UX/Hurd case is that the latter
initialized the 5th member to 0, but since the C standard already
says that un-initialized members will be initialized to 0,
it's effectively the same.


# 6b4cdbaa 10-Jan-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #73281: imagescale(…, IMG_BILINEAR_FIXED) can cause black border

We port the upstream fixes for libgd/libgd#329 and libgd/libgd#224.


# 772b1cb2 10-Jan-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77272: imagescale() may return image resource on failure

`_gdScaleHoriz()` and `_gdScaleVert()` may fail, but don't signal
failure since they are void functions. We change that according to
upstream libgd.

We also remove the unused `Scale()` function, which doesn't exist in
upstream libgd either, right away.


# 5d33024a 10-Jan-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77439


# ade702a0 10-Jan-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77434

Mark arrays containing partial arrays as partial. This was already
done for the ADD_ARRAY_ELEMENT case, but not for ASSIGN_DIM.


# c4c6b80b 09-Jan-2019 Christoph M. Becker <cmbecker69@gmx.de>

Sync NEWS with 7.3.1

All these bugs are fixed in PHP-7.3.1 already.


# 63c38c9e 09-Jan-2019 Lauri Kenttä <lauri.kentta@gmail.com>

Fixed bug #77289

Use mysqlnd_restart_psession and mysqlnd_end_psession in PDO MySQL.
This makes sure we free last_message while ZMM is still live.


# fabade15 08-Jan-2019 Sara Golemon <pollita@php.net>

Bump for 7.1.27


# cd49db9d 08-Jan-2019 Xinchen Hui <laruence@gmail.com>

Fixed bug #77266 (Assertion failed in dce_live_ranges)


# 76c687fe 08-Jan-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77428

mb_ereg_replace historically has not supported escaping backslashes
with backslashes. Go back to that behavior for BC reasons.


# deb88f22 07-Jan-2019 Christoph M. Becker <cmbecker69@gmx.de>

Fix NEWS

The fixes for bug #77359 and #77360 have been ported to PHP-7.3.1, and
the release has been postponed by one week.


# 3e780d7f 07-Jan-2019 Remi Collet <remi@php.net>

[ci skip] fix NEWS


# 03a630de 07-Jan-2019 Remi Collet <remi@php.net>

[ci skip] fix NEWS


# 9d6c59ee 07-Jan-2019 Stanislav Malyshev <stas@php.net>

Fix bug #77418 - Heap overflow in utf32be_mbc_to_code


# 1b7c599a 06-Jan-2019 Stanislav Malyshev <stas@php.net>

Add NEWS


# 08bb0ce4 06-Jan-2019 Stanislav Malyshev <stas@php.net>

Add NEWS


# 25c95752 06-Jan-2019 Stanislav Malyshev <stas@php.net>

Add NEWS


# b51eaf41 06-Jan-2019 Stanislav Malyshev <stas@php.net>

[ci skip] Add NEWS


# 361d3ede 03-Jan-2019 Nikita Popov <nikita.ppv@gmail.com>

Fix bug #77410


# 07873fab 04-Jan-2019 Nikita Popov <nikita.ppv@gmail.com>

Add NEWS entry for bug #77357

The fix has been confirmed.

[ci skip]


# cb009b12 03-Jan-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77273


# 1732ce9c 02-Jan-2019 Anatol Belski <ab@php.net>

Update NEWS


# 7b3f8e74 02-Jan-2019 Anatol Belski <ab@php.net>

Fixed bug #75684 In mysqlnd_ext_plugin.h the plugin methods family has no external visibility


# 1b86f849 02-Jan-2019 Xinchen Hui <laruence@gmail.com>

Entry get lost while merging


# 54a58a73 02-Jan-2019 Xinchen Hui <laruence@gmail.com>

Fixed bug #77387 (Recursion detection broken when printing GLOBALS)


# 91888cc3 02-Jan-2019 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77257

Correctly handle the case of duplicate predecessors, by removing the
duplicate predecessor and corresponding phi node operands.

For the future, it would be better to instead allow duplicate
predecessors and avoid this kind of fragile code...


# e01f08f6 02-Jan-2019 Xinchen Hui <laruence@gmail.com>

Fixed bug #77376 ("undefined function" message no longer includes namespace)


# 703ccd5d 01-Jan-2019 Xinchen Hui <laruence@gmail.com>

Update NEWS


# 8ebae846 01-Jan-2019 Xinchen Hui <laruence@gmail.com>

Fixed bug #77395 (segfault about array_multisort)


# b0cfa28d 31-Dec-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77391: 1bpp BMPs may fail to be loaded

We port the upstream fix[1].

[1] <https://github.com/libgd/libgd/commit/d0859134fcbd8817f87895bd1cb158096568a7a2>


# 6896d2a6 28-Dec-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 16c62a81 27-Dec-2018 Lauri Kenttä <lauri.kentta@gmail.com>

Fix #77360: class_uses causes segfault


# 89bf3df6 27-Dec-2018 Lauri Kenttä <lauri.kentta@gmail.com>

Fix #77359: spl_autoload causes segfault

Use the correct function to free the string.


# d2621c31 26-Dec-2018 Anatol Belski <ab@php.net>

Update NEWS [ci skip]


# b53d2b69 26-Dec-2018 Anatol Belski <ab@php.net>

Update NEWS [ci skip]


# a2cb8228 26-Dec-2018 Anatol Belski <ab@php.net>

Update NEWS [ci skip]


# b1deb98c 26-Dec-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77338

Set preg_options to 0 in php_pcre_get_compiled_regex(_ex). These
options are intended to be passed to pcre2_match. However, we do
not have any flags that actually need to be set during matching
(all relevant flags are set during compilation), and the preg_flags
value is used for PHP-specific flags instead.

This parameter should be removed entirely in master to avoid confusion.


# 7e597f48 24-Dec-2018 Dmitry Stogov <dmitry@zend.com>

Fixed bug #77339 (__callStatic may get incorrect arguments)


# b15189f4 19-Dec-2018 CHU Zhaowei <jhdxr@php.net>

Fix #77298: segfault occurs when add property to unserialized empty ArrayObject


# b1e25ce3 18-Dec-2018 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Add missing entry for bug 77020


# 3245d1bb 18-Dec-2018 Remi Collet <remi@php.net>

missing entry for #77020


# 7161fe62 18-Dec-2018 Remi Collet <remi@php.net>

bump to 7.2.15-dev


# 8734d6a7 18-Dec-2018 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Fix release date


# a65133a1 17-Dec-2018 Christoph M. Becker <cmbecker69@gmx.de>

Prepare main branch for 7.3.2


# e0e08d37 14-Dec-2018 Scott <scott@paragonie.com>

Fix #77297: SodiumException segfaults on PHP 7.3

Instead of trying to clean the argument arrays from the backtrace, we
overwrite them with empty arrays.


# 0061db55 16-Dec-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77291: magic methods inherited from a trait may be ignored

When adding methods from a trait, we must not assume that a method name
with the same length as the name of the using class is either a PHP 4
style constructor, or not a magic method at all – it may well be
another magic method.

We mostly preserve the spirit of the optimization which caused this
regression, and avoid string comparisons for all method names which can
never be magic methods.


# 54739c7e 11-Dec-2018 Xinchen Hui <laruence@gmail.com>

Update NEWS


# 93aabf15 10-Dec-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77275

Instead of juggling with this problem during literal compaction,
make sure that we always initialize Z_EXTRA for literals, which
seems like the more robust solution.


# 8c37d5f4 09-Dec-2018 Christopher Jones <christopher.jones@oracle.com>

Add OCI8 changes


# 99f1f3de 09-Dec-2018 Christopher Jones <christopher.jones@oracle.com>

Add oci_set_call_timeout() and bump version to 2.10.0


# b3a6ca90 08-Dec-2018 Pierrick Charron <pierrick@php.net>

Fix 77264: curl_getinfo returning microseconds, not seconds

Since curl 7.55.0, libcurl introduced new constants to return
more sensible variable types with curl_getinfo.

When curl_getinfo with no option was called, and curl >= 7.55.0, some
of the result were returned as int when they where returned as float
in previous versions. This commit remove this BC Break.

If someone still want to use more sensible variable types, it's always
possible to call curl_getinfo with newer constants.

CURLINFO_CONTENT_LENGTH_DOWNLOAD => CURLINFO_CONTENT_LENGTH_DOWNLOAD_T
CURLINFO_CONTENT_LENGTH_UPLOAD => CURLINFO_CONTENT_LENGTH_UPLOAD_T
CURLINFO_SIZE_DOWNLOAD => CURLINFO_SIZE_DOWNLOAD_T
CURLINFO_SIZE_UPLOAD => CURLINFO_SIZE_UPLOAD_T
CURLINFO_SPEED_DOWNLOAD => CURLINFO_SPEED_DOWNLOAD_T
CURLINFO_SPEED_UPLOAD => CURLINFO_SPEED_UPLOAD_T
CURLINFO_APPCONNECT_TIME => CURLINFO_APPCONNECT_TIME_T
CURLINFO_CONNECT_TIME => CURLINFO_CONNECT_TIME_T
CURLINFO_NAMELOOKUP_TIME => CURLINFO_NAMELOOKUP_TIME_T
CURLINFO_PRETRANSFER_TIME => CURLINFO_PRETRANSFER_TIME_T
CURLINFO_REDIRECT_TIME => CURLINFO_REDIRECT_TIME_T
CURLINFO_STARTTRANSFER_TIME => CURLINFO_STARTTRANSFER_TIME_T
CURLINFO_TOTAL_TIME => CURLINFO_TOTAL_TIME_T


# 431ff36f 08-Dec-2018 Remi Collet <remi@php.net>

missing entry for #77020


# 9b8f2417 08-Dec-2018 Remi Collet <remi@php.net>

missing entry for #77020


# 78c299ae 08-Dec-2018 Christopher Jones <christopher.jones@oracle.com>

Update NEWS


# 8ff6a305 08-Dec-2018 Christopher Jones <christopher.jones@oracle.com>

Update NEWS


# 327e2d01 06-Dec-2018 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Fix NEWS wrt. ChangeLog conversion

We have to be rather picky in this regard; otherwise we need to
manually post process the ChangeLog.


# c26cb383 05-Dec-2018 Ferenc Kovacs <tyra3l@gmail.com>

5.6.40 will be next. probably not


# a8f125fb 03-Dec-2018 Anatol Belski <ab@php.net>

Sync NEWS [ci skip]


# 78bffa72 03-Dec-2018 Stanislav Malyshev <stas@php.net>

Fix null pointer deref in qprint-encode filter (bug #77231)


# 5be58a43 03-Dec-2018 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Prepare NEWS for 7.3 GA


# 48f0f73f 12-Nov-2018 Stanislav Malyshev <stas@php.net>

Fix bug #77143 - add more checks to buffer reads


# 54212674 12-Nov-2018 Stanislav Malyshev <stas@php.net>

Fix bug #77143 - add more checks to buffer reads


# 7edc639b 11-Nov-2018 Stanislav Malyshev <stas@php.net>

Fix #77020: null pointer dereference in imap_mail

If an empty $message is passed to imap_mail(), we must not set message
to NULL, since _php_imap_mail() is not supposed to handle NULL pointers
(opposed to pointers to NUL).


# 69f5e799 02-Dec-2018 Stanislav Malyshev <stas@php.net>

Fix bug #77022 - use file mode or umask for new files


# ea454583 01-Dec-2018 Anatol Belski <ab@php.net>

Update NEWS [ci skip]


# 94ec262f 22-Nov-2018 BohwaZ <bohwaz@github.com>

Fix #77051: Issue with re-binding on SQLite3

We have to call `sqlite3_reset()` before re-binding the parameters.


# a3f2871b 28-Nov-2018 Derick Rethans <github@derickrethans.nl>

Fixed bug #77097 (DateTime::diff gives wrong diff when the actual diff is less than 1 second) by upgrading to timelib 2017.09


# 17f8b9fb 28-Nov-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77215

Remove invalid assertion: A block can have multiple switch frees,
so if we don't do live range block splitting, it is not necessarily
true that the free is located at the start of a block.


# d6595f27 27-Nov-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #76046

Place FE_FREE on start line of foreach, instead of whatever random
line number might be in CG(zend_lineno) at the time.


# 9ec519e0 21-Nov-2018 Colin Basnett <colin@spexigeo.com>

Fixed bug #77184

The U in URATIONAL is for unsigned, so the values should be printed
as unsigned.


# 2c4425a8 26-Nov-2018 Adam Baratz <adambaratz@php.net>

update NEWS


# e126ca15 07-Nov-2018 Sergei Morozov <morozov@tut.by>

Check column number before trying to fetch the value


# a1aaec08 25-Nov-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77200: imagecropauto(…, GD_CROP_SIDES) crops left but not right

We apply the upstream patch[1].

[1] <https://github.com/libgd/libgd/commit/6613094e5d218dc4d4372757aef5e58c6462a9f7>


# b47b8886 25-Nov-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77198: auto cropping has insufficient precision

We apply the upstream patch[1], and also fix the erroneous bailout at
the end of `gdImageAutoCrop()`, since `crop.x` and `crop.y` may very
well be zero.

[1] <https://github.com/libgd/libgd/commit/bda85aaeeb1d7467d92c892ba4c30eaa53d7a6d4>


# 60a9f7a3 23-Nov-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77195: Incorrect error handling of imagecreatefromjpeg()

The broken JPEG image triggers a notice, two warnings and outputs a
message to stderr directly. The additional notice is pretty useless,
and the direct output to stderr is bad. Therefore, we port the
relevant differences from upstream to our bundled libgd. This leaves
us with two warnings; the first one is triggered by libjpeg and shows
the actual problem, the second one is triggered by our libgd wrapper
whenever an image can't be read, what may not have necessarily
triggered a warning before.


# 2979c6a5 23-Nov-2018 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Preliminary fix for NEWS

No more regular bug fixes for PHP 7.3.0.

We'll clean up the rest later.


# 115ee49b 23-Nov-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77177: Serializing or unserializing COM objects crashes

Firstly, we avoid returning NULL from the get_property handler, but
instead return an empty HashTable, which already prevents the crashes.
Secondly, since (de-)serialization obviously makes no sense for COM,
DOTNET and VARIANT objects (at least with the current implementation),
we prohibit it right away.


# 0b3cbd66 21-Nov-2018 Sara Golemon <pollita@php.net>

Prep for 7.1.26


# aaafd793 21-Nov-2018 Xinchen Hui <laruence@gmail.com>

Fixed bug #77088 (Segfault when using SoapClient with null options)

SoapClient constructor has its own error handler


# 11ddf766 20-Nov-2018 Valentin V. Bartenev <vbart@nginx.com>

Fix bug #71041 dynamic embed SAPI load error

If the library is built with ZEND_SIGNALS defined, it's unusable with an
external SAPI module because the zend_signal_startup() call is mandatory
in this case.

This bug is similar to #74149, but related to dynamic loading of PHP library.


# e672cd43 10-Nov-2018 Mizunashi Mana <mizunashi-mana@noreply.git>

Define __APPLE_USE_RFC_3542 for new ipv6 constants


# 9fc52c16 20-Nov-2018 Sara Golemon <pollita@php.net>

Bump for 7.2.14


# 336d2086 19-Nov-2018 Stanislav Malyshev <stas@php.net>

Disable rsh/ssh functionality in imap by default (bug #77153)


# 05782f01 19-Nov-2018 Stanislav Malyshev <stas@php.net>

Disable rsh/ssh functionality in imap by default (bug #77153)


# 628df47e 19-Nov-2018 Stanislav Malyshev <stas@php.net>

Disable rsh/ssh functionality in imap by default (bug #77153)


# 03a3a04e 20-Nov-2018 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Update NEWS wrt. php-7.3.0RC6 tagging


# 3ed07cc3 20-Nov-2018 Remi Collet <remi@php.net>

NEWS


# e7acb29e 20-Nov-2018 Remi Collet <remi@php.net>

NEWS


# 1adbf70e 20-Nov-2018 Remi Collet <remi@php.net>

NEWS


# e5bfea64 19-Nov-2018 Stanislav Malyshev <stas@php.net>

Disable rsh/ssh functionality in imap by default (bug #77153)


# 68442312 18-Nov-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 6742b4b7 18-Nov-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 3e78380d 18-Nov-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# cf764f02 17-Nov-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# b4776cda 17-Nov-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# dee5a450 15-Nov-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77165

Also add some helper macros for PROTECT/UNPROTECT that check for
IMMUTABLE. These checks are needed for nearly any use of
PROTECT/UNPROTECT.


# a56cdd0a 14-Nov-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77147: Fix for 60494 ignores ICONV_MIME_DECODE_CONTINUE_ON_ERROR

If the `ICONV_MIME_DECODE_CONTINUE_ON_ERROR` flag is set, parsing
should not fail, if there are illegal characters in the headers;
instead we silently ignore these like before.


# ec2e7a2d 21-Oct-2018 Thiago Carvalho <thiago.oak@gmail.com>

Validate length on socket_write


# f6079e3c 12-Nov-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77141: Signedness issue in SOAP when precision=-1

According to php_gcvt(), we assume at most 17 fractional digits for
negative precision.


# 155aecd3 06-Nov-2018 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Update NEWS wrt. php-7.3.0RC5 tagging


# ddd54401 05-Nov-2018 Anatol Belski <ab@php.net>

Update NEWS [ci skip]


# fab72d75 05-Nov-2018 Anatol Belski <ab@php.net>

Update NEWS [ci skip]


# 7625f972 05-Nov-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #76825: Undefined symbols ___cpuid_count

Apparently, the presence of `cpuid.h` is not necessarily sufficient to
guarantee the availability of `__cpuid_count()`. We therefore test for
the latter explicitly.


# d7847973 05-Nov-2018 Remi Collet <remi@php.net>

NEWS


# 625f614c 04-Nov-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #76348: WSDL_CACHE_MEMORY causes Segmentation fault

“Thou shalt not follow the NULL pointer, for chaos and madness await
thee at its end.”


# 4daa4138 02-Nov-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77092

Weird that this worked for so long, probably because nearly all
ext/standard functions use fast ZPP rather than ordinary ZPP.


# 8827cc34 30-Oct-2018 Anatol Belski <ab@php.net>

Fixed bug #77081 ftruncate() changes seek pointer in c mode


# 17df3a19 29-Oct-2018 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS


# 69496a04 29-Oct-2018 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS


# 91a11111 29-Oct-2018 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS


# 829b0df7 27-Oct-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #71592: External entity processing never fails

If the callback set via `xml_set_external_entity_ref_handler()` returns
a falsy value, parsing is supposed to stop and the error number set to
`XML_ERROR_EXTERNAL_ENTITY_HANDLING`. This is already correctly done
by the libexpat binding, but the libxml2 binding ignores the return
value. We fix this by calling `xmlStopParser()` which is available as
of libxml 2.1.0[1] (PHP-7.1 requires at least libxml 2.6.11 anyway),
and setting the desired `errNo` ourselves.

[1] <http://xmlsoft.org/news.html>


# f1ceec55 25-Oct-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77058

Account for the fact that undef must be interpreted as null for
the purposes of INC/DEC inference.


# 33fa02ea 24-Oct-2018 Joe Watkins <krakjoe@php.net>

bump versions


# db47e353 06-Oct-2018 Cameron Porter <camporter1@gmail.com>

Fixed bug #50675

SOAP: Stop overwriting the node name when creating an XML node
for an object reference.


# 1d5baf16 22-Oct-2018 Remi Collet <remi@php.net>

bump to 7.2.13-dev


# 4ffa4155 22-Oct-2018 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Update NEWS wrt. php-7.3.0RC4 tagging


# 502b187a 20-Oct-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #75282: xmlrpc_encode_request() crashes

Since we allow ext/xmlrpc to be built against a system libxmlrpc(-epi),
we must not `efree` memory which has been allocated via `malloc`. To
distinguish bundled and system libxmlrpc(-epi) we introduce the macro
`HAVE_XMLRPC_BUNDLED` (analogous to how it is done by ext/gd). We
deliberately keep the ugly `#ifdef`s, instead of tucking them away in
an `XMLRPC_FREE()` macro, to not forget that it is a bad idea to fork
and bundle a library, but to also allow building against an unpatched
system lib.


# 13aae9f3 20-Oct-2018 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS


# 3b8be227 20-Oct-2018 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS


# 1b936033 20-Oct-2018 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS


# 2224277d 18-Oct-2018 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS


# b9d8e5d7 18-Oct-2018 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS


# 4be05284 18-Oct-2018 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS


# 8a9e0312 17-Oct-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #77027: tidy::getOptDoc() not available on Windows

We define the `HAVE_TIDYOPTGETDOC` macro unconditionally, since the
Windows PHP SDK ships libtidy 2009/04/06 or newer for a long time.

We do not add a regression test, since 021.phpt already tests
`tidy_get_opt_doc`, but has previously been skipped due to
unavailability of the function.


# 56665a1b 16-Oct-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #77025

Implements 8bit conversions equivalently to iso-8859-1 conversions.
This seems quite dubious to me, but seems to match the previous
behavior.

It might make more sense to map the characters into a private area
instead, so that the 8bit encoding is treated as binary data with
no case conversions (including no case conversions in the ascii
range).


# b3312423 16-Oct-2018 Christoph M. Becker <cmbecker69@gmx.de>

Add support for getting SKIP_TAGSTART and SKIP_WHITE options

When `XML_OPTION_SKIP_TAGSTART` and `XML_OPTION_SKIP_WHITE` had been
introduced[1], it had been overlooked to also support them for
`xml_parser_get_option()`. We catch up on that.

[1] <http://git.php.net/?p=php-src.git;a=commit;h=b57dc275950b228f2399990471c4f22b7d154c6c>


# 60a69dae 13-Oct-2018 Peter Kokot <peterkokot@gmail.com>

Sync leading and final newlines in source code files

This patch adds missing newlines, trims multiple redundant final
newlines into a single one, and trims redundant leading newlines.

According to POSIX, a line is a sequence of zero or more non-' <newline>'
characters plus a terminating '<newline>' character. [1] Files should
normally have at least one final newline character.

C89 [2] and later standards [3] mention a final newline:
"A source file that is not empty shall end in a new-line character,
which shall not be immediately preceded by a backslash character."

Although it is not mandatory for all files to have a final newline
fixed, a more consistent and homogeneous approach brings less of commit
differences issues and a better development experience in certain text
editors and IDEs.

[1] http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html#tag_03_206
[2] https://port70.net/~nsz/c/c89/c89-draft.html#2.1.1.2
[3] https://port70.net/~nsz/c/c99/n1256.html#5.1.1.2


# 5d70165f 14-Oct-2018 Frank Denis <github@pureftpd.org>

[ci skip] Update NEWS


# 3362620b 13-Oct-2018 Peter Kokot <peterkokot@gmail.com>

Trim trailing whitespace in source code files


# 902d39a3 13-Oct-2018 Peter Kokot <peterkokot@gmail.com>

Trim trailing whitespace in source code files


# 7f6387b5 13-Oct-2018 Peter Kokot <peterkokot@gmail.com>

Trim trailing whitespace in source code files


# 9c608bd1 12-Oct-2018 Derick Rethans <github@derickrethans.nl>

Upgrade timelib to 2018.01RC1, to fix bug #77007


# 94a98f2c 12-Oct-2018 Derick Rethans <github@derickrethans.nl>

Upgrade timelib to 2017.08, to fix bug #77007


# 454a86c2 11-Oct-2018 Derick Rethans <github@derickrethans.nl>

Update news with further fixed bugs due to timelib upgrade


# 01948f20 10-Oct-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #76991

Back up exceptions while the scan-ahead loop, to avoid an early
bail out.


# 2845f859 09-Oct-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #30875: xml_parse_into_struct() does not resolve entities

Setting up an empty default handler is not only useless, but actually
harmful, since internal entity-references are not resolved anymore.
From the libexpat docs[1]:

| Setting the handler with this call has the side effect of
| turning off expansion of references to internally defined general
| entities. Instead these references are passed to the default
| handler.

[1] <https://www.xml.com/pub/1999/09/expat/reference.html#setdefhandler>


# efb9ccc9 09-Oct-2018 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Update NEWS


# 3d4167c3 09-Oct-2018 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Update NEWS wrt. php-7.3.0RC3 tagging


# f42d7bdd 06-Oct-2018 Pierrick Charron <pierrick@php.net>

Fixed bug #76965 INI_SCANNER_RAW doesn't strip trailing whitespace


# 64881a1e 08-Oct-2018 Pierrick Charron <pierrick@php.net>

Add constants from curl 7.56 to 7.61


# 47b89bc5 02-Oct-2018 stodorovic <sasa.todorovic@gmx.com>

Fix #76954: apache_response_headers removes last character from header name


# c097acd5 11-Jul-2018 Adam Saponara <as@php.net>

Fix #75851: Year component overflow with date formats "c", "o", "r" and "y"


# 0a6ddc77 05-Oct-2018 Michael Moravec <me@majkl.me>

Fix bug #76979: define() error message does not mention resources as valid values


# 476fdf54 05-Oct-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# fec5786f 05-Oct-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# aaf4cc05 05-Oct-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# bb4a2e8b 04-Oct-2018 Manuel Mausz <manuel@mausz.at>

Fix #76972: FTP data truncation due to forceful ssl socket shutdown

Do a correct bidirectional shutdown instead


# 2e984dc7 04-Oct-2018 Pierrick Charron <pierrick@php.net>

Update NEWS [ci skip]


# 38c06085 03-Oct-2018 Anatol Belski <ab@php.net>

Update NEWS [ci skip]


# 0c99755c 03-Oct-2018 Anatol Belski <ab@php.net>

Update NEWS [ci skip]


# 42b769b9 03-Oct-2018 Anatol Belski <ab@php.net>

Update NEWS [ci skip]


# abfda3de 03-Oct-2018 Anatol Belski <ab@php.net>

Update NEWS [ci skip]


# f0647edd 02-Oct-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #66430


# d2477b28 02-Oct-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #76936


# 26f82a77 02-Oct-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #76958


# 8b8b625d 29-Sep-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #72635

This seems to be a simple oversight, where we did not enable
exceptions. Other constexpr conditions already throw, so there is
no particular reason to stick to a fatal error here.


# 83e2b9e2 28-Sep-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #76946


# 69c1b619 28-Sep-2018 Sara Golemon <pollita@php.net>

Bump versions for 7.1.24-dev


# 45cdcb2d 27-Sep-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #76846


# 5f29e3fb 25-Sep-2018 Sara Golemon <pollita@php.net>

Bump version


# 36092b23 25-Sep-2018 Christoph M. Becker <cmbecker69@gmx.de>

Update NEWS wrt. php-7.3.0RC2 tagging


# da17686d 23-Sep-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 9cbe1283 22-Sep-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #66828: iconv_mime_encode Q-encoding longer than it should be

Before the fix for bug 48289 has been applied, the algorithm to
construct a Q-encoded-word has been optimistic, i.e. try to encode as
many bytes that *may* fit in the remaining space, calculate the actual
length of the Q-encoded word, and if it's too long, try again with a
reduced size. However, the fix for the mentioned bug replaced this by
a pessimistic algorithm, which always terminates[1] the for loop[2]
during the first iteration (which renders the following 3 lines as dead
code), and as such easily produces unnecessarily short encoded-words.
Instead the proper fix for the bug would have been to make sure that
`out_size` is always decremented, if the space isn't sufficient for the
encoded-word.

[1] <https://github.com/php/php-src/blob/php-7.3.0beta3/ext/iconv/iconv.c#L1421>
[2] <https://github.com/php/php-src/blob/php-7.3.0beta3/ext/iconv/iconv.c#L1360>


# b8ffa370 19-Sep-2018 Dmitry Stogov <dmitry@zend.com>

Fixed bug #76711 (OPcache enabled triggers false-positive "Illegal string offset")


# 294fb83e 19-Sep-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #76901

get_method() may modify the object pointer passed to it if method
forwarding is used. In this case we do not want to modify the
passed zval, so make sure that we copy the object into a temporary
first.


# ab6c45f5 22-Nov-2017 Manabu Matsui <manabu.matsui@gmail.com>

Fix bug #75533: array_reduce is slow when $carry is large array


# 3bb218a0 18-Sep-2018 Pierrick Charron <pierrick@php.net>

Fix 76480: Use curl_multi_wait() so that timeouts are respected


# 3691b6d2 05-Apr-2018 Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Fix #76886: Can't build xmlrpc with expat

We fix it by including "php.h" in the HAVE_LIBEXPAT case.


# 3bc4a63f 14-Sep-2018 Dmitry Stogov <dmitry@zend.com>

Fixed bug #76800 (foreach inconsistent if array modified during loop)


# 655a99d1 11-Sep-2018 Dmitry Stogov <dmitry@zend.com>

Fixed bug #76869 (Incorrect bypassing protected method accessibilty check).


# 81f23057 11-Sep-2018 Ferenc Kovacs <tyra3l@gmail.com>

5.6.39 will be the next


# e6585a47 11-Sep-2018 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Update NEWS wrt. php-7.3.RC1 tagging


# b117feeb 10-Sep-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #76510: file_exists() stopped working for phar://

We work around a strlen() optimization bug in GCC 8[1] by checking
whether the used GCC exhibits the broken behavior, and if so by
disabling `optimize-strlen`.

[1] <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86914>


# 1b895229 11-Sep-2018 Anatol Belski <ab@php.net>

7.0.33 next


# 4415dab2 10-Sep-2018 Anatol Belski <ab@php.net>

Sync NEWS [ci skip]


# 609afc29 10-Sep-2018 Remi Collet <remi@php.net>

add NEWS for 76582


# c1de8401 09-Sep-2018 Stanislav Malyshev <stas@php.net>

Update NEWS


# 90d86389 08-Sep-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #75273: php_zlib_inflate_filter() may not update bytes_consumed

Whenever we return with `PSFS_PASS_ON`, we need to update
`bytes_consumed` to not mislead the caller. Instead of fixing the
respective `if` clauses, we eschew the early bail-outs to simplify the
code a bit.


# cfdd8281 07-Sep-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #76796


# c0a389a9 05-Sep-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #74454: Wrong exception being thrown when using ReflectionMethod

If zend_throw_exception_ex() already threw an exception, we should not
throw again.


# d903fc08 04-Sep-2018 Anatol Belski <ab@php.net>

Restore NEWS entry [skip ci]


# 3497b75b 04-Sep-2018 Xinchen Hui <laruence@gmail.com>

Fixed bug #76825 (Undefined symbols ___cpuid_count)


# 0f724453 28-Aug-2018 Ville Hukkamaki <vhu@iki.fi>

Fix bug #74764 and add a test case


# 7585a20d 04-Sep-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 64d29785 04-Sep-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# e58690a2 04-Sep-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 742783c3 24-Aug-2018 Ville Hukkamaki <vhu@iki.fi>

Fixed bug #73457

Correctly report errors when opening FTP data connection.


# 3e863ff2 02-Sep-2018 Christoph M. Becker <cmbecker69@gmx.de>

Update to Oniguruma 6.9.0


# 2677d438 24-Aug-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #75696: posix_getgrnam fails to print details of group

According to the POSIX specification of `getgrnam_r()` the result of
`sysconf(_SC_GETGR_R_SIZE_MAX)` is an initial value suggested for the
size of the buffer, and `ERANGE` signals that insufficient storage was
supplied. So if we get `ERANGE`, we try again with a buffer twice as
big, and so on, instead of failing.


# bcfe5f58 01-Sep-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# c5231ad3 30-Aug-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #76820: Z_COPYABLE invalid definition

We remove the extraneous parenthesis.


# cc635684 30-Aug-2018 Remi Collet <remi@php.net>

NEWS for #76818


# 5fee4e71 29-Aug-2018 Sara Golemon <pollita@php.net>

Prep for 7.1.23


# d21220d7 29-Aug-2018 Anatol Belski <ab@php.net>

Update NEWS


# ce201df4 27-Aug-2018 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Update NEWS wrt. php-7.3.0beta3 tagging


# 7353dae8 28-Aug-2018 Remi Collet <remi@php.net>

bump to 7.2.11-dev


# efb86aef 25-Aug-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #68180: iconv_mime_decode can return extra characters in a header

Basically, the algorithm to append a converted string to an existing
`smart_str` works by increasing the `smart_str` buffer, to let `iconv`
convert characters until there is no more space, to set the new length
of the `smart_str` and to repeat until there is no more input.

Formerly, the new length calculation has been wrong, though, since we
would have to take the old `out_len` into account (`buf_growth -
old_out_len - out_len`). However, since there is no need to take the
old `out_len` into account when increasing the `smart_str` buffer, we
can simplify the fix, avoiding an additional variable.


# e29c946c 25-Aug-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #60494: iconv_mime_decode does ignore special characters

We must not ignore erroneous characters in mime headers, but rather let
iconv_mime_decode() fail in this case, issuing the usual notice
regarding illegal characters.


# 8754d441 12-Aug-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #63839: iconv_mime_decode_headers function is skipping headers

We have to cater to the possibility that `=?` is not the start of an
encoded-word, but rather a literal `=?`. If a line break is found
while we're still looking for the charset, we can safely assume that
it's a literal `=?`, and act accordingly.


# 6e1980e1 12-Aug-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #55146: iconv_mime_decode_headers() skips some headers

If we're expecting the start of an encoded word (`=?`), but instead of
the question mark get a line break (CR or LF), we must not append it to
the `pretval`.


# eb032907 12-Aug-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #53891: iconv_mime_encode() fails to Q-encode UTF-8 string

The minimum length of an encoded-word is actually the pure encoding
overhead plus the length of the `output-charset` plus the minimum unit
of encoded text, which is 4 for B-encoding and (for simplicity) 3 for
Q-encoding. We also cater to the possibility that we need further
encoded words, which would be split by the `line-break-chars` followed
by a space character. Obviously, the former `out_charset_len + 12` is
too simplistic and wrong in the given case (where the magic number
would be 13).

These simplifications are somewhat wasteful, but iconv_mime_encode()
with Q-encoding is wasteful anyway (see bug 66828[1]), and the proper
solution to convert the whole input to the desired output charset
upfront, and applying the encoding afterwards appears too much a change
for the stable releases.

[1] <https://bugs.php.net/66828>


# 692e5d5c 07-Aug-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #76712: Assignment of empty string creates extraneous text node

We work around this peculiarity of libxml by using xmlNodeSetContent(),
which does not exhibit this behavior. This also saves us from manually
calculating the string length.


# 32a728d3 19-Aug-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #68825: Exception in DirectoryIterator::getLinkTarget()

intern->file_name may not have been properly set when
DirectoryIterator::getLinkTarget() is called, so we make sure it is
before using it.


# 9ace33b9 21-Aug-2018 Chris Wright <daverandom@php.net>

Fix #76773 - Methods with a concrete scope need to be added again


# 02b0bc8b 20-Aug-2018 Ondřej Surý <ondrej@sury.org>

Fix #76767: ‘asm’ operand has impossible constraints in zend_operators.h

We disable assembly code with gcc 4.8 on i386.


# 70b2fca2 22-Aug-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #76778: array_reduce leaks memory if callback throws exception

We have to release the result variable in the error case, too.


# 2527a0fc 21-Aug-2018 Massimiliano Braglia <massimiliano.braglia@fazland.com>

Fixed bug #75797

Fix zend_register_class_alias_ex() to use non-persistent strings
for (non-persistent) userland classes.


# cf2fc66b 22-Aug-2018 Ville Hukkamaki <vhu@iki.fi>

Fixed bug #76777 and added test

Set undefined values to null rather than undefined.


# efbf846f 05-Aug-2018 Gabriel Caruso <carusogabriel34@gmail.com>

Make array parsing parameters error messages consistency with ZPP failure


# 4c542e6c 19-Aug-2018 Jakub Zelenka <bukka@php.net>

Fix bug #76705 (unusable ssl => peer_fingerprint in stream_context_create())


# 4c448334 18-Aug-2018 Christoph M. Becker <cmbecker69@gmx.de>

Add regression test for bug #68175


# a097f926 17-Aug-2018 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Update NEWS

Bug #76285 was supposed to have been fixed for 7.3.0alpha3, but that
has been reverted for 7.3.0beta2 due to bug #76738. Now that we have a
working fix in master, we backport the respective commits.


# d61ff37f 17-Aug-2018 Xinchen Hui <laruence@gmail.com>

Fixed bug #76755 (setcookie does not accept "double" type for expire time)


# 2aa3733d 17-Aug-2018 Xinchen Hui <laruence@gmail.com>

Update NEWS


# acd4264f 17-Aug-2018 Xinchen Hui <laruence@gmail.com>

Update NEWS


# 04c4854f 17-Aug-2018 Xinchen Hui <laruence@gmail.com>

Fixed bug #76754 (parent private constant in extends class memory leak)


# fd463a9a 16-Aug-2018 Xinchen Hui <laruence@gmail.com>

Fixed bug #76752 (Crash in ZEND_COALESCE_SPEC_TMP_HANDLER - assertion in _get_zval_ptr_tmp failed).


# 6e7b3812 16-Aug-2018 Xinchen Hui <laruence@gmail.com>

Update NEWS


# eb7fca95 16-Aug-2018 Xinchen Hui <laruence@gmail.com>

Update NEWS


# 8c92442b 16-Aug-2018 Xinchen Hui <laruence@gmail.com>

Fixed bug #76747 (Opcache treats path containing "test.pharma.tld" as a phar file)


# e4276aeb 15-Aug-2018 Xinchen Hui <laruence@gmail.com>

Added NEWs


# 66a43629 14-Aug-2018 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Update NEWS wrt. php-7.3.0beta2 tagging


# 819cf528 13-Aug-2018 Christoph M. Becker <cmbecker69@gmx.de>

Revert "DOMDocument::formatOutput attribute sometimes ignored"

This reverts commit ef9ed19ec7f141311feea1d42467f5773cfc09bc and its
follow-up 36f05a80d7cf11fffb827c7f0b6c8e73d3846e8e, since these caused
a serious regression (see bug #76738).


# dcd4b321 13-Aug-2018 Tyson Andre <tysonandre775@hotmail.com>

Fix arginfo for tidy::__construct()

This was split out of PR #3439

Previously, the arginfo was wrong for these methods.
getNumberOfRequiredParameters() was 4 for that method.
Compare with http://php.net/manual/en/tidy.construct.php)

This fixes the arginfo added to PHP 7.3 in 97353cda99


# e20baee1 12-Aug-2018 Tyson Andre <tysonandre775@hotmail.com>

Fix arginfo for bzcompress

bzcompress() has 1 required parameter, not 2.

See http://php.net/manual/en/function.bzcompress.php or invoke
bzcompress with 1 parameter.


# 9eb51ce3 13-Aug-2018 Anatol Belski <ab@php.net>

Update NEWS [ci skip]


# dd0fb4fd 13-Aug-2018 Anatol Belski <ab@php.net>

Update NEWS [ci skip]


# 859f7fce 13-Aug-2018 Anatol Belski <ab@php.net>

Update NEWS [ci skip]


# a16aee6c 01-Aug-2018 Pedro Magalhães <mail@pmmaga.net>

Fix #76688: Disallow excessive parameters after options array


# 326d3d48 12-Aug-2018 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS


# d22ddd8c 08-Aug-2018 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Update NEWS regarding SameSite cookie support


# 2b1d79ce 06-Aug-2018 Xinchen Hui <laruence@gmail.com>

Fixed bug #76713 (Segmentation fault caused by property corruption)


# 1c1567c9 06-Aug-2018 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS


# 0b9a540d 06-Aug-2018 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS


# 935625f1 06-Aug-2018 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS


# 2c726739 06-Aug-2018 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS


# fa07b8bb 06-Aug-2018 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS


# 4d5edcb4 06-Aug-2018 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS


# 8cbb3810 05-Aug-2018 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS


# b4b14d21 05-Aug-2018 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS


# 1012416a 05-Aug-2018 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS


# 6680d5f8 05-Aug-2018 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS


# 169a9831 05-Aug-2018 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS


# 70ecb6e5 04-Aug-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #76706: mbstring.http_output_conv_mimetypes is ignored

_php_mb_match_regex() is supposed to return != 0 on success, and 0 on
failure. pcre2_match() returns >= 0 on success, and < 0 on failure.
We map the result accordingly.

Since this patch fixes four failing tests, there is no need to add
another.


# 827abb84 04-Aug-2018 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS

Bug fix #76595 has been done after the 7.2.9RC1 release and should go
to appropriate NEWS location then.


# fd0fc20d 04-Aug-2018 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS

Bug fix #76595 has been done after RC release and should go to
appropriate NEWS location then.


# 81ebe930 04-Aug-2018 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Fix NEWS

beta1 has already been released, but does not contain the fix for bug
76595.


# c00f5e65 03-Aug-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #76704: mb_detect_order return value varies based on argument type

php_mb_parse_encoding_list() and php_mb_parse_encoding_array() are
supposed to return SUCCESS and FAILURE, not 1 and 0, respectively.


# bb928087 04-Aug-2018 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS


# ffae3fb2 04-Aug-2018 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS


# b71a5038 04-Aug-2018 Peter Kokot <peterkokot@gmail.com>

[ci skip] Update NEWS


# 0ba49597 02-Aug-2018 Sara Golemon <pollita@php.net>

Roll NEWS for 7.2.10


# 74988eed 31-Jul-2018 Joe Watkins <krakjoe@php.net>

bump version


# 16035368 30-Jul-2018 Anatol Belski <ab@php.net>

Update NEWS [ci skip]


# 095a30e1 30-Jul-2018 Anatol Belski <ab@php.net>

Update NEWS [ci skip]


# 28701787 30-Jul-2018 Anatol Belski <ab@php.net>

Update NEWS [ci skip]


# a7746d10 27-Jul-2018 Xinchen Hui <laruence@gmail.com>

Fixed bug #76667 (Segfault with divide-assign op and __get + __set)


# ed7e3bc7 26-Jul-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #76665: SQLite3Stmt::bindValue() with SQLITE3_FLOAT doesn't juggle

We need to ensure that a zval IS_DOUBLE before we access it as such.
In this case we apply common type juggling to do so.


# 40bd84d3 23-Jul-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #76643: Segmentation fault when using `output_add_rewrite_var`

We have to check whether _SERVER is actually an array before we're
going to use it as such.


# d31d4d13 24-Jul-2018 Xinchen Hui <laruence@gmail.com>

Update NEWs


# 033dac7a 24-Jul-2018 Xinchen Hui <laruence@gmail.com>

Update NEWs


# 38d97557 24-Jul-2018 Xinchen Hui <laruence@gmail.com>

Fixed bug #68553 (array_column: null values in $index_key become incrementing keys in result)


# 99fdf591 22-Jul-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #52974: jewish.c: compile error under Windows with GBK charset

jewish.c includes ISO-8859-8 encoded Hebrew Hebrew month names, which
may cause compile errors, and is generally confusing. We replace the
literal month names with appropriate escape sequences.


# e5a99563 22-Jul-2018 Jakub Zelenka <bukka@php.net>

Update NEWS and UPGRADING with info about syslog.filter


# 1ba33143 19-Jul-2018 Ferenc Kovacs <tyra3l@gmail.com>

5.6.38 will be next


# 7db988cc 17-Jul-2018 Christoph M. Becker <cmbecker69@gmx.de>

Update NEWS for 7.3.0beta1


# b52c4fcb 17-Jul-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# e069b0be 17-Jul-2018 Remi Collet <remi@php.net>

NEWS


# b73a1085 16-Jul-2018 Stanislav Malyshev <stas@php.net>

Add NEWS


# 3588d8af 23-Jun-2018 Nikita Popov <nikita.ppv@gmail.com>

Deprecate case-insensitive constants

RFC: https://wiki.php.net/rfc/case_insensitive_constant_deprecation


# 0f8c1ee7 15-Jul-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #73817: Incorrect entries in get_html_translation_table

Due to incorrect string termination and length handling, several HTML
entities missed the trailing semicolon.

We also fix the obviously wrong expectations in two already existing
tests.


# 432c4e77 12-Jul-2018 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Update next version

According to <https://externals.io/message/102762>.


# 6c630eef 12-Jul-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #33502: Some nullary functions don't check the number of arguments

We add the missing zend_parse_parameters_none() checks for:

* output_reset_rewrite_vars()
* func_num_args()
* gc_status()
* gc_disable()
* gc_enable()
* gc_enabled()
* gc_collect_cycles()
* gc_mem_caches()
* zend_version()


# e4e9cd83 05-Jul-2018 Andrea Faulds <ajf@ajf.me>

Export stdClass objects using (object) cast (fixes #48016)

Before this change, var_export()'s output for stdClass objects calls
the non-existent stdClass::__set_state method, and is therefore useless.

This commit makes var_export() output an (object) cast from an array
instead, which when evaluated, will produce a stdClass object. Other
classes see unchanged output.


# 271ae3eb 10-Jul-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #76574: use of undeclared identifiers INT_MAX and LONG_MAX

As of Oniguruma 6.4.0 <limits.h> is required, so we have to add a check
for this header file to set the respective macro.


# bf5a8136 10-Jul-2018 Anatol Belski <ab@php.net>

[skip ci] Update NEWS


# a766f65c 10-Jul-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 9026562c 10-Jul-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# a8dce319 09-Jul-2018 Kalle Sommer Nielsen <kalle@php.net>

Added the 'add_slashes' sanitization filter (FILTER_SANITIZE_ADD_SLASHES) as an alias to 'magic_quotes' (FILTER_SANITIZE_MAGIC_QUOTES) so we can move past our "magical" legacy.


# 1c01b1ab 08-Jul-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #76594: Bus Error due to unaligned access in zend_ini.c OnUpdateLong

Since commit ea83b69[1] changed the type of mbstring.strict_detection
from `long` to `zend_bool`, we have to update the `on_modify` callback
as well.

[1] http://git.php.net/?p=php-src.git;a=commit;h=ea83b69883f3f77fd27e4663fa854c88f141ab41


# 3b10e9cc 07-Jul-2018 Jakub Zelenka <bukka@php.net>

Update NEWS for log related changes in FPM


# 2a78006a 06-Jul-2018 Jakub Zelenka <bukka@php.net>

Update NEWS and UPGRADING for fpm_get_status addition


# 47fb17b1 06-Jul-2018 cdoco <gao_zihang@hotmail.com>

Fixed bug #76366 (references in sub-array for filtering breaks the filter)


# 95013042 31-Mar-2018 seliver <alexeyseliverstov.dev@gmail.com>

Fixed bug #76136 (stream_socket_get_name enclosed IPv6 in brackets)

The IPv6 IP of a socket is provided by inet_ntop() as a string, but
this function doesn't enclose the IP in brackets. This patch adds
them in the php_network_populate_name_from_sockaddr() function.


# 67352cb2 28-Jun-2018 Peter Kokot <peterkokot@gmail.com>

Fix bug #76392

On systems without glibc, such as Alpine with Musl libc, the function attributes
are not supported. GCC 6 doesn't properly omit some systems. This is
already fixed in GCC 7 but for systems with GCC 6 and ones without
glibc, this additional check fixes this bug.


# 0b94534e 06-Jul-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# d207fd44 06-Jul-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# ea248476 06-Jul-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 137f22ad 06-Jul-2018 Sara Golemon <pollita@php.net>

Fix year


# 268e801c 06-Jul-2018 Sara Golemon <pollita@php.net>

Bump version


# 587ab006 05-Jul-2018 Remi Collet <remi@php.net>

NEW and UPGRADING


# 2af3234a 03-Jul-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# a0b9f8d4 03-Jul-2018 Christoph M. Becker <cmb@php.net>

Update NEWS for 7.3.0beta1


# 8bf21adb 03-Jul-2018 Remi Collet <remi@php.net>

bump to 7.2.9-dev


# 28b03f96 02-Jul-2018 Dmitry Stogov <dmitry@zend.com>

Another fix for bug #63217


# c97b8bbf 02-Jul-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #75231

The behavior is now consistent with ReflectionMethod.


# 787593b7 02-Jul-2018 Nikita Popov <nikita.ppv@gmail.com>

Fix test after serialization change

And move it to a more appropriate location.


# c793885b 02-Jul-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #74670

Validate that "C" serialization payload is followed by "}" prior to
calling the unserialize() handler. This mitigates issues caused by
unserialize() not correctly handling strings that are not NUL
terminated. Making sure that there is a "}" at the end avoids the
problem.


# 30156d58 28-Jun-2018 Rudi Theunissen <rudolf.theunissen@gmail.com>

Fixed bug #63217

Don't automatically convert literal string keys to integers on
array access, as we may be dealing with an ArrayAccess object,
rather than a plain array.


# d404b5e2 18-Jun-2018 Jakub Zelenka <bukka@php.net>

Add ssl/tls streams options for min and max proto version


# ce0721be 01-Jul-2018 Jakub Zelenka <bukka@php.net>

Update NEWS, UPGRADING and default php.ini files with syslog changes


# 1118fca7 30-Jun-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #76556: get_debug_info handler for BreakIterator shows wrong type

We use the retrieved type for the "type" element instead of the text.
This has been confused during the PHP 7 upgrade[1].

[1] http://git.php.net/?p=php-src.git;a=commit;h=1d793348067e5769144c0f7efd86428a4137baec


# ae041100 30-Jun-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #71848: getimagesize with $imageinfo returns false

Some JFIF images contain empty APP segments, i.e. those which consist
only of the marker bytes and the length, but without actual content.
It appears to be doubtful to have empty APP segments, but we should
apply the robustness principle, and accept these, instead of simply
failing in this case.

We choose to add empty APP segments to $imageinfo with an empty string
as value, instead of NULL, or even to omit these segments altogether.

This patch also fixes the potential issue that php_stream_read() might
not read the supposed number of bytes, which could result in garbage to
be added to the read value.


# 7a6dc296 29-Jun-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 15ad5d31 29-Jun-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# fb09f134 29-Jun-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# bf5a802f 28-Jun-2018 Marcus Schwarz <schwarz@sc-networks.com>

Fixed bug #76532 (excessive memory usage in mb_strimwidth)


# a1ae9d5f 28-Jun-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# f1c0500f 27-Jun-2018 Xinchen Hui <laruence@gmail.com>

Update NEWS


# 809a7b5f 27-Jun-2018 Xinchen Hui <laruence@gmail.com>

Update NEWS


# 1f6b842a 27-Jun-2018 Xinchen Hui <laruence@gmail.com>

Fixed bug #76536 (PHP crashes with core dump when throwing exception in error handler). (Laruence)


# 9b02ee0b 27-Jun-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #76538


# 17afe643 27-Jun-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #76439


# a394e155 27-Jun-2018 Xinchen Hui <laruence@gmail.com>

Update NEWS


# 7b98d056 27-Jun-2018 Xinchen Hui <laruence@gmail.com>

Update NEWS


# d1b1866a 27-Jun-2018 Xinchen Hui <laruence@gmail.com>

Fixed bug #76534 (PHP hangs on 'illegal string offset on string references with an error handler)


# 2543e61a 21-Jun-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #76509

In PHP static properties are shared between inheriting classes,
unless they are explicitly overwritten. However, because this
functionality was implemented using reference, it was possible
to break the implementation by reassigning the static property
reference.

This is fixed by switching the implementation from using references
to using INDIRECTs, which cannot be affected by userland code.


# 6b5597f7 22-Jun-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix arginfo wrt. optional/required parameters

All parameters of phpdbg_color(), phpdbg_exec() and phpdbg_prompt() are
required. We mark them as such.


# 701460ba 24-Jun-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #76502


# 8c923186 22-Jun-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# ed9d1b70 22-Jun-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #76520


# 71d16fee 21-Jun-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #76512: \w no longer includes unicode characters

The migration from PCRE to PCRE2 missed to rename once occurrence of
`PCRE_UCP` to `PCRE2_UCP`. We fix that. We also revert the changes to
bug52971.phpt which had been incorrectly made in commit a5bc5ae[1].

[1] <http://git.php.net/?p=php-src.git;a=commit;h=a5bc5aed71f7a15f14f33bb31b8e17bf5f327e2d>


# 4bd6be8a 21-Jun-2018 Xinchen Hui <laruence@gmail.com>

Update NEWS


# e62c6e7d 21-Jun-2018 Xinchen Hui <laruence@gmail.com>

Update NEWS


# 6531719d 21-Jun-2018 Xinchen Hui <laruence@gmail.com>

Fixed bug #76505 (array_merge_recursive() is duplicating sub-array keys)


# 69dee5c7 12-Jun-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #73342

Directly listen on socket, instead of duping it to STDIN and
listening on that.


# 963998f0 19-Jun-2018 Christoph M. Becker <cmbecker69@gmx.de>

Update NEWS for 7.3.0alpha3


# ecc1a7c5 15-Jun-2018 Robert Lu <robberphex@gmail.com>

Fix bug #44217: Output after stdout/stderr closed cause immediate exit with status 0

We exit with status 255 instead.


# 84d7d4e1 18-Jun-2018 Dmitry Stogov <dmitry@zend.com>

Fixed bug #76466 (Loop variable confusion)


# 4d69bbee 18-Jun-2018 Xinchen Hui <laruence@gmail.com>

Fixed bug #76437 (token_get_all with TOKEN_PARSE flag fails to recognise close tag)


# d04917c7 24-Sep-2017 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #75218

I've introduced a new CompileError type, from which ParseError
inherits. These errors are not parse errors in the narrow sense
of the term, even though they happen to be generated during
parsing in our implementation. Additionally reusing the ParseError
class for this purpose would change existing error messages (if
the exception is not caught) from a "Fatal error:" to a "Parse
error:" prefix, and also the error kind from E_COMPILE_ERROR to
E_PARSE.


# 19af5e47 14-Jun-2018 David Carlier <devnexen@gmail.com>

Add NEWS entries

[ci skip]


# 3775bf93 14-Jun-2018 Tom Van Looy <tom@ctors.net>

[ci skip] Mention new hrtime() in NEWS


# 51f63211 15-Jun-2018 Xinchen Hui <laruence@gmail.com>

Update NEWS


# f31ba7cb 15-Jun-2018 Xinchen Hui <laruence@gmail.com>

Fixed bug #76477 (Opcache causes empty return value)


# 5334463e 15-Jun-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 609385bb 13-Jun-2018 Xinchen Hui <laruence@gmail.com>

Fixed bug #76446 (zend_variables.c:73: zend_string_destroy: Assertion `!(zval_gc_flags((str)->gc)).


# 0cb6b17b 12-Jun-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 827cb048 12-Jun-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 62554eff 12-Jun-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 1cc99331 12-Jun-2018 Xinchen Hui <laruence@gmail.com>

Fixed bug #76463 (var has array key type but not value type)


# c5ab9169 12-Jun-2018 Remi Collet <remi@php.net>

NEWS


# eb2a3c6c 12-Jun-2018 Remi Collet <remi@php.net>

NEWS


# dc99a13f 11-Jun-2018 Xinchen Hui <laruence@gmail.com>

Correct NEWS


# ffaee274 11-Jun-2018 Xinchen Hui <laruence@gmail.com>

Fixed bug #76427 (Segfault in zend_objects_store_put)


# a6b9ddbf 11-Jun-2018 Kalle Sommer Nielsen <kalle@php.net>

Fixed bug #76443 (php+php_interbase.dll crash on module_shutdown)


# 92ae59cf 09-Jun-2018 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Update NEWS

Cf. https://github.com/php/php-src/commit/3fdde65617e9f954e2c964768aac8831005497e5


# 8db4543f 09-Jun-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 3fdde656 09-Jun-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #76409: heap use after free in _php_stream_free

We must not close the stream in exif_read_from_impl(), since it is the
responsibility of the (caller's) caller to do so, if it actually opened
the stream.

We simplify the reproduce script, which is actually about supplying a
path to a directory (opposed to a regular file), and use `.` instead of
`/` to also make it work on Windows.


# fdd9f572 06-Jun-2018 Stas Malyshev <smalyshev@gmail.com>

Update NEWS for 7.3.0alpha2


# e9b8193b 07-Jun-2018 Joe Watkins <krakjoe@php.net>

bump versions


# 917222f3 05-Jun-2018 Sara Golemon <pollita@php.net>

NEWS for 7.2.8


# c4331b00 05-Jun-2018 Christoph M. Becker <cmbecker69@gmx.de>

Update to SQLite 3.24.0


# 951e29f6 05-Jun-2018 Xinchen Hui <laruence@gmail.com>

Fixed bug #76410 (SIGV in zend_mm_alloc_small)


# 4ade46ad 04-Jun-2018 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Fix typos in NEWS


# 97a84831 27-May-2018 Bob Weinand <bobwei9@hotmail.com>

Fixed bug #76383 (array_map on $GLOBALS returns IS_INDIRECT)


# 2c4556ee 26-May-2018 Christoph M. Becker <cmbecker69@gmx.de>

Update to Oniguruma 6.8.2


# e265a96d 08-May-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #76137: config.guess/config.sub do not recognize RISC-V

These had their latest update more than three years ago, so there may
be even more issues. Since the config project[1] does not have any
versioning, we're grabbing the most recent HEAD.

[1] <http://git.savannah.gnu.org/gitweb/?p=config.git;a=summary>


# 9d63f4de 25-May-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #76319

While at it, also make sure that mbstring case conversion takes
into account the specified substitution character and substitution
mode.


# a9d00be0 23-May-2018 Xinchen Hui <laruence@gmail.com>

Update NEWS


# 8f221bde 23-May-2018 Xinchen Hui <laruence@gmail.com>

Fixed bug #76367 (NoRewindIterator segfault 11)


# 68c3d09c 21-May-2018 Jakub Zelenka <bukka@php.net>

Fix bug #76174 (openssl extension fails to build with LibreSSL 2.7)


# 364fad27 20-May-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# a8a1dc03 19-May-2018 Anatol Belski <ab@php.net>

Fix versions, as 7.2.6RC is already out


# 33382dc7 18-May-2018 Jakub Zelenka <bukka@php.net>

Update NEWS with info about bug #76296


# c8ab9e1e 13-May-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 2d9836a5 13-May-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# cbee2392 14-May-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 4dedccd8 14-May-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 1f474272 09-May-2018 Jakub Zelenka <bukka@php.net>

Update NEWS and UPGRADING for openssl_pkey_derive


# 6c3b70e9 08-May-2018 Joe Watkins <krakjoe@php.net>

bump versions


# 637e47a5 06-May-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 54ca2e7f 06-May-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 5b3e1ded 02-May-2018 Dmitry Stogov <dmitry@zend.com>

Fixed bug #76205 (PHP-FPM sporadic crash when running Infinitewp)


# df4d0a73 28-Apr-2018 Dmitry Stogov <dmitry@zend.com>

Revert "Fixed bug #76205 (PHP-FPM sporadic crash when running Infinitewp)."

This reverts commit c6ce03e45e09087de8fc65f8a0a3345fea163ba2.


# f8c1ce18 28-Apr-2018 Dmitry Stogov <dmitry@zend.com>

Revert "Merge branch 'PHP-7.1' into PHP-7.2"

This reverts commit c547c1b980468c6d5fd6e1a15606c858ffff36bf, reversing
changes made to 4c083e7a66525ef662f1ae211cafb09752832342.


# c6ce03e4 27-Apr-2018 Dmitry Stogov <dmitry@zend.com>

Fixed bug #76205 (PHP-FPM sporadic crash when running Infinitewp).


# 6738d19f 27-Apr-2018 Nikita Popov <nikita.ppv@gmail.com>

Fix bug #76281

Make sure we keep the smart-branch inhibiting NOP even if there
are multiple NOPs in sequence.


# 279ba58e 27-Apr-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #76275

* Adjust IS_SERIALIZED() check to account for potential empty
allocations at the end of the memory region.
* Deallocate empty allocation if all try/catch elements have been
removed in the block pass (similar to what we do if all live
ranges have been eliminated).


# 8677edb2 24-Apr-2018 Scott Arciszewski <scott@arciszewski.me>

Update NEWS

Add whitespace in NEWS file


# fe3d53f4 24-Apr-2018 Ferenc Kovacs <tyra3l@gmail.com>

5.6.37 will be next


# 42344cdc 24-Apr-2018 Remi Collet <remi@php.net>

update NEWS for 7.2.5


# 090fef55 24-Apr-2018 Anatol Belski <ab@php.net>

7.0.31 next


# 31c36467 24-Apr-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 0c80cb16 08-Apr-2018 Levi Morrison <levim@php.net>

Fix bug #76198


# 48873572 15-Sep-2017 Thomas Punt <tpunt@hotmail.co.uk>

Implement flexible heredoc/nowdoc syntax

RFC: https://wiki.php.net/rfc/flexible_heredoc_nowdoc_syntaxes

* The ending label no longer has to be followed by a semicolon or
newline. Any non-label character is fine.
* The ending label may be indented. The indentation will be stripped
from all lines in the heredoc/nowdoc string.

Lexing of heredoc strings performs a scan-ahead to determine the
indentation of the ending label, so that the correct amount of
indentation can be removed when calculting the semantic values for
use by the parser. This makes the implementation quite a bit more
complicated than we would like :/


# 4e407b87 13-Apr-2018 Jakub Zelenka <bukka@php.net>

[ci skip] Update NEWS with fpm acl fix


# bb79e576 25-Mar-2018 Gabriel Caruso <carusogabriel34@gmail.com>

Fix arginfo for array_replace(_recursive) and array_merge(_recursive)


# 281a1754 12-Apr-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #76164: exif_read_data zend_mm_heap corrupted

We must not release parsed parameters ourselves, since this is already
done by the engine.


# ab200bd6 12-Apr-2018 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Update NEWS

Cf. 68296c4055642940503c57d850f00e07a1b64618.


# 9322b43d 11-Apr-2018 Joe Watkins <krakjoe@php.net>

bump versions


# 0d87a0ba 11-Apr-2018 Remi Collet <remi@php.net>

next is 7.2.6


# d2ebe414 10-Apr-2018 Christoph M. Becker <cmbecker69@gmx.de>

Update bundled libsqlite to 3.23.1


# 22a8ea2a 10-Apr-2018 Xinchen Hui <laruence@gmail.com>

Update NEWS


# 8cfb6487 10-Apr-2018 Xinchen Hui <laruence@gmail.com>

Fixed bug #76143 (Memory corruption: arbitrary NUL overwrite)


# 658a23a9 28-Mar-2018 Chris Wright <daverandom@php.net>

Remove warnings from inet_pton()/inet_ntop()


# 062f93c9 03-Apr-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# c3fa8686 03-Apr-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# a4cbd80b 02-Apr-2018 Christoph M. Becker <cmbecker69@gmx.de>

Update bundled libsqlite to 3.23.0


# 9c37d956 30-Mar-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #52070: imagedashedline() - dashed line sometimes is not visible

We finally remove the inadvertent leftover from the synchronization
with GD 2.0.12.


# 2688023c 30-Mar-2018 Jakub Zelenka <bukka@php.net>

Update NEWS with FPM fixes


# cb981e39 28-Mar-2018 Ferenc Kovacs <tyra3l@gmail.com>

[ci skip] 5.6.36 will be next


# ac4d9fd0 22-Feb-2018 TATAR Balazs Janos <tatarbj@gmail.com>

Fixed #75996: Add the right urls to the header of mt_rand.


# 63934ea7 24-Mar-2018 Gabriel Caruso <carusogabriel34@gmail.com>

Fix #76131 some arginfo params are different from the documentation


# 1e4273d8 27-Mar-2018 Anatol Belski <ab@php.net>

[ci skip] Fix release date


# 48f835ef 27-Mar-2018 Anatol Belski <ab@php.net>

7.0.30 next


# 8b20e864 27-Mar-2018 Anatol Belski <ab@php.net>

[skip ci] Update NEWS


# 631ed728 27-Mar-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# ca514580 27-Mar-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 2885f628 27-Mar-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 033907b9 29-Aug-2017 Tim Bazuin <krageon@gmail.com>

Add support for rl_completion_suppress_append and rl_completion_append_character

These options are only available with libreadline.


# 5cb825df 10-Mar-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #69948: path/domain are not sanitized in setcookie

For improved security, characters not allowed for name and value should
also be forbidden for path and domain.


# 25ba60b1 14-Feb-2018 Michael Heimpold <mhei@heimpold.de>

Fixed bug #75722: Rework valgrind detection

As described in bug report #75722, the configure script (acinclude.m4)
currently searches for the valgrind header file and enables valgrind
support if found.

When cross-compiling the searched paths are invalid for the target
platform because they belong to the host system. At the moment, there is
no way to tell the build system a dedicated path where to look for the
header file.

This leads to the issue, that when cross-compiling eg. for ARMv5 platform,
that valgrind header file is detected - e.g. because host system is amd64 -
and support is enabled - but target platform will never support valgrind
(valgrind requires e.g. at least ARMv7).

This change reworks the detection so that user could manually opt-in
valgrind support and optionally specify a directory where the build system
should look for the header file using the --with-valgrind option.


# ec5b408d 20-Mar-2018 Christoph M. Becker <cmbecker69@gmx.de>

Update to Oniguruma 6.8.1


# 4072b278 20-Mar-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #76113: mbstring does not build with Oniguruma 6.8.1

As of Oniguruma 6.8.1, the regex structure has been moved from the
public `oniguruma.h` to the private `regint.h`. Thus, it is no longer
possible to directly access the struct's members, and actually, there
is no need to, since there are respective accessor functions available
at least of 2.3.1.


# 47461368 19-Mar-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #75944: Wrong cp1251 detection

`\xFF` is a valid character of CP-1251.


# 4758164a 15-Mar-2018 Xinchen Hui <laruence@gmail.com>

Fixed bug #76094 (Access violation when using opcache)


# d2b47e80 14-Mar-2018 Joe Watkins <krakjoe@php.net>

bump versions


# 25f324fa 13-Mar-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #74139: mail.add_x_header default inconsistent with docs [ci skip]

mail.add_x_header actually defaults to `Off`, so we should use this
default in the provided `php.ini`s.


# cab354de 13-Mar-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #76088: ODBC functions are not available by default on Windows


# d660d6d3 12-Mar-2018 Remi Collet <remi@php.net>

next is 7.2.5


# 98fe8582 13-Mar-2018 Xinchen Hui <laruence@gmail.com>

Forgot NEWs


# 998a2ddc 13-Mar-2018 Xinchen Hui <laruence@gmail.com>

Forgot NEWS


# 410de52b 12-Mar-2018 Dmitry Stogov <dmitry@zend.com>

Added NEWS entry


# 01ea314e 24-Feb-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #62545: wrong unicode mapping in some charsets

Undefined characters are best mapped to Unicode REPLACEMENT characters.


# d0ee2a82 19-Jan-2018 Gabriel Caruso <carusogabriel34@gmail.com>

Add is_countable function

RFC: https://wiki.php.net/rfc/is-countable


# d34ab3a5 10-Mar-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 76fc73cb 10-Mar-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 9d908c70 10-Mar-2018 Bob Weinand <bobwei9@hotmail.com>

Fixup mess in NEWS file (mixed 7.2.3 and 7.2.4 NEWS)


# 9c6df8a2 09-Mar-2018 Bob Weinand <bobwei9@hotmail.com>

Fix bug #76074 (opcache corrupts variable in for-loop)


# d48b2339 06-Mar-2018 Christoph M. Becker <cmbecker69@gmx.de>

Update to Oniguruma 6.7.1

We also apply the still relevant parts of `oniguruma.patch` and update
the patch accordingly.


# f1b358c9 09-Mar-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #73957: signed integer conversion in imagescale()

We must not pass values to `gdImageScale()` which cannot be represented
by an `unsigned int`. Instead we return FALSE, according to what we
already did for negative integers.


# 7780bfc7 06-Mar-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 8a57fcdf 06-Mar-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# d83467d7 02-Mar-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #76041: null pointer access crashed php

We must not draw anti-aliased lines on palette images, because that is
not supported by `gdImageSetAAPixelColor()` and it wouldn't make much
sense to support it, due to the limitation to at most 256 colors.


# f37dff9d 02-Mar-2018 Dmitry Stogov <dmitry@zend.com>

Added NEWS entry


# a827aefe 27-Feb-2018 Joe Watkins <krakjoe@php.net>

fix news date


# 07fb1884 28-Feb-2018 Xinchen Hui <laruence@gmail.com>

Update NEWS


# d5c17131 28-Feb-2018 Xinchen Hui <laruence@gmail.com>

Fixed bug #76025 (Segfault while throwing exception in error_handler).


# 3db7427b 27-Feb-2018 Ferenc Kovacs <tyra3l@gmail.com>

5.6.35 is next


# c61b56ed 27-Feb-2018 Anatol Belski <ab@php.net>

7.0.29 next


# 74bdb8fb 27-Feb-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# f6356b43 27-Feb-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# fed294d2 27-Feb-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 4698a412 27-Feb-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 6e300bde 24-Feb-2018 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Update NEWS


# a358211a 24-Feb-2018 Gabriel Caruso <carusogabriel34@gmail.com>

Fix imagesetinterpolation arginfo

imagesetinterpolation only requires one parameter.


# 78c1ef2a 23-Feb-2018 Sam Ding <samding@ca.ibm.com>

Fix #75873: pcntl_wexitstatus returns incorrect on Big_Endian platform (s390x)

Cf. https://github.com/php/php-src/pull/3141.


# 0b8cfa6c 21-Feb-2018 Gabriel Caruso <carusogabriel34@gmail.com>

Fix some arginfos

* all arguments for ftp_pasv are required
* $varname for getenv function isn't required anymore
* fsockopen and pfsockopen only require $hostname
* strtok can work with only one parameter
* strpbrk needs two parameters to work
* required parameters and add some parameters in openssl_* functions


# 73cd5fca 20-Feb-2018 Johannes Schlüter <johannes@php.net>

Fix NEWS


# 74ed42c1 20-Feb-2018 Johannes Schlüter <johannes@php.net>

Fix a memleak with mysqlnd and SSL


# 8f3c29ae 20-Feb-2018 Johannes Schlüter <johannes@php.net>

Fix negotiaton of MySQL auth plugin


# 65638174 20-Feb-2018 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Sort recent NEWS entries alphabetically


# 276b5731 17-Feb-2018 Gabriel Caruso <carusogabriel34@gmail.com>

Fix openssl_* arginfos

openssl_pkcs12_export and openssl_x509_parse had wrong arginfos


# 114e5d02 17-Feb-2018 Xinchen Hui <laruence@gmail.com>

Update NEWS


# 94e9d0a2 17-Feb-2018 Xinchen Hui <laruence@gmail.com>

Fixed bug #75961 (Strange references behavior)


# 372bf8a9 16-Feb-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #75969

Move NOP stripping out of zend_optimize_block: NOP stripping may
move instructions, which may invalidate a Tsource shared across
an extended basic block.


# 1f0ea7fa 13-Feb-2018 Joe <krakjoe@php.net>

bump versions


# 51f2a580 11-Feb-2018 CHU Zhaowei <jhdxr@php.net>

Fixed bug #68406 calling var_dump on a DateTimeZone object modifies it


# 070211b3 21-Sep-2017 jhdxr <jhdxr@php.net>

Fixed bug #68406 calling var_dump on a DateTimeZone object modifies it


# f7069371 08-Feb-2018 Gabriel Caruso <carusogabriel34@gmail.com>

Fix #75857: Timezone gets truncated when formatted

Use sizeof buffer instead of hard-coded lenghts


# fddd7e38 07-Feb-2018 Pedro Lacerda <pslacerda@gmail.com>

Fixed bug #75928


# 78ed55d7 07-Feb-2018 Gabriel Caruso <carusogabriel34@gmail.com>

Fixed bug #74707

Several tidy functions receive a tidy object as mandatory parameter


# 7aac61ce 09-Feb-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #75938

New modulus range inference implementation has been verified using
https://gist.github.com/nikic/67947ff92cf0e1f7e931f2f0d4cf817f.

The computed bounds are not tight, but it seems to be very hard to
compute tight bounds on modulus operations.


# 5673c641 06-Feb-2018 Pedro Magalhães <mail@pmmaga.net>

Fixes bug #75871 Use pkg-config for libxml2 if available


# 80003345 13-Sep-2017 David Zuelke <dzuelke@gmail.com>

Fixed bug #49876 lib path on 64bit distros


# d806d031 02-Feb-2018 Bishop Bettini <bishop.bettini@gmail.com>

Fixed bug #65414


# 4765ba7d 02-Feb-2018 Bishop Bettini <bishop.bettini@gmail.com>

Fixed bug #65414


# 01eafcee 19-Dec-2017 CHU Zhaowei <jhdxr@php.net>

Fixed bug #74519 strange behavior of AppendIterator


# 1391a0fa 05-Feb-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #75893

It is not sufficient to just add the additional types for aliased
variables at the end of type inference, because types of derived
variables may depend on them. Make sure the additional types are
always added whenever the type of an aliased variable is updated.


# d9e71169 05-Feb-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #75729

Don't try to evaluate substr() and strpos() at compile-time if
mbstring function overloading is enabled. I'm reusing the
COMPILE_NO_BUILTIN_STRLEN for the detection of mbstring function
overloading here, even if it's technically only about strlen()...


# 42f2ae05 05-Feb-2018 Michael Wallner <mike@php.net>

fix bug #75916 DNS_CAA record results contain garbage

It is assumed that DNS_CAA record values are zero terminated,
while its length is defined as (RDATA_LENGTH - tag_length - 2).


# bc584c40 01-Feb-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 2ae46f8e 01-Feb-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# fa586cee 06-Jan-2018 Bishop Bettini <bishop.bettini@gmail.com>

Fixed bug #54289

If a directory is passed to Phar::extractTo(), loop over all
entries and extract all files with the given prefix.


# a99df321 27-Jan-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS.


# a882f95e 27-Jan-2018 Christoph M. Becker <cmbecker69@gmx.de>

Revert "Fix #75878: RecursiveTreeIterator::setPostfix has wrong signature"

This reverts commit 4bd7658e1b44b72ff76913036c1b41f74318b065.

To avoid the BC break we apply the fix to master only.


# 4bd7658e 26-Jan-2018 Christoph M. Becker <cmbecker69@gmx.de>

Fix #75878: RecursiveTreeIterator::setPostfix has wrong signature


# 5b4b4d33 22-Jan-2018 Christoph M. Becker <cmbecker69@gmx.de>

Update to SQLite 3.22.0


# 4626c28e 22-Jan-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 594a4da3 22-Jan-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 2dc1cd11 18-Jan-2018 Xinchen Hui <laruence@gmail.com>

Updated NEWS


# fb205020 18-Jan-2018 Xinchen Hui <laruence@gmail.com>

Fixed #75838 (Memory leak in pg_escape_bytea())


# a01de10b 05-Jan-2018 alexanderholman <alexander@holman.org.uk>

Fixed bug #74719

Allow stream context arguments for fopen, rename, unlink, mkdir
and rmdir to be null.


# ea56fc84 16-Jan-2018 Anatol Belski <ab@php.net>

7.0.15 next


# 9206afc6 16-Jan-2018 Xinchen Hui <laruence@gmail.com>

Fixed NEWS


# 5a541078 16-Jan-2018 Remi Collet <remi@php.net>

next is 7.2.3


# be894058 15-Jan-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 47941976 15-Jan-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 20233469 14-Jan-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #75079


# 43c578b4 13-Jan-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 05c4f72a 13-Jan-2018 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 420d11e8 12-Jan-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #75396

Do not run finally blocks in generators on unclean shutdown (e.g.
caused by exit). This is consistent with how finally blocks outside
of generators behave.


# a484b9a5 06-Jan-2018 timurib <timok@ya.ru>

Fix #75765 Exception on extend of undefined class

As the parent class is fetched prior to binding, there are no
safety concerns in this case and we can replace the fatal error
with an Error exception.


# 8c73fc80 12-Jan-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #75653


# a843a86e 10-Jan-2018 Gabriel Caruso <carusogabriel34@gmail.com>

Fixed bug #75799 (arg of get_defined_functions is optional)


# fd30c59e 09-Jan-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #75786

SEND_UNPACK on iterators was duplicating references in-place,
which effectively leaks the original value and causes an off-by-one
refcount on the duplicated value.

Replace this with a deref, as an actual duplication is not even
needed in this case.


# 0a1f52fb 09-Jan-2018 Xinchen Hui <laruence@gmail.com>

Update NEWS


# 6da44fef 09-Jan-2018 Xinchen Hui <laruence@gmail.com>

Fixed bug #75781 (substr_count incorrect result)


# 67ec3ce1 03-Jan-2018 Remi Collet <remi@php.net>

2018


# 421787db 03-Jan-2018 Remi Collet <remi@php.net>

missing changelog entries + fix version and date


# d6e4132c 03-Jan-2018 Remi Collet <remi@php.net>

missing changelog entries


# 1aa8e420 03-Jan-2018 Remi Collet <remi@php.net>

2018


# 028507f1 02-Jan-2018 Ferenc Kovacs <tyra3l@gmail.com>

php 5.6.34 is next


# 5d8e298e 02-Jan-2018 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# 2881199c 02-Jan-2018 Stanislav Malyshev <stas@php.net>

Update NEWS


# d534d59b 01-Jan-2018 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #75502

The string keys were not duplicated into persistent memory in this
case.


# 60b2d678 28-Dec-2017 Dmitry Stogov <dmitry@zend.com>

Fixed bug #75720 (File cache not populated after SHM runs full)


# 650264e3 28-Dec-2017 Xinchen Hui <laruence@gmail.com>

Fixed bug #75742 (potential memleak in internal classes's static members)


# 14304faa 26-Dec-2017 Xinchen Hui <laruence@gmail.com>

Updated NEWS


# dc3822c3 26-Dec-2017 Xinchen Hui <laruence@gmail.com>

Fixed bug #75735 ([embed SAPI] Segmentation fault in sapi_register_post_entry)


# b2b2b437 25-Dec-2017 Nikita Popov <nikita.ppv@gmail.com>

Add _IS_NUMBER as cast_object() target type

convert_scalar_to_number() will now call cast_object() with an
_IS_NUMBER argument, in which case the cast handler should return
either an integer or floating point number, whichever is more
appropriate.

Previously convert_scalar_to_number() unconditionally converted
objects to integers instead.

Fixes bug #53033.
Fixes bug #54973.
Fixes bug #73108.


# 688b9136 23-Dec-2017 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #54043


# e19c71e3 22-Dec-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# da61c7a2 21-Dec-2017 Dmitry Stogov <dmitry@zend.com>

Fixed bug #75579 (Interned strings buffer overflow may cause crash)

(cherry picked from commit 37bf8bdc1494abb2ce5cac40e0be80e23682f851)


# f14b6f49 22-Dec-2017 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #73209


# ec142f2c 22-Dec-2017 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #75242


# ccb113c3 22-Dec-2017 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #75717


# 02463737 04-Nov-2017 Anton Artamonov <a.artmnv@gmail.com>

Fixed bug #70469

Don't generate an E_ERROR if we've already thrown an exception.
This interacts badly with error_get_last() checks.


# 37bf8bdc 21-Dec-2017 Dmitry Stogov <dmitry@zend.com>

Fixed bug #75579 (Interned strings buffer overflow may cause crash)


# ac4da9a0 19-Dec-2017 Remi Collet <remi@php.net>

NEWS


# 11eed9f3 16-Dec-2017 Jaromír Doleček <jdolecek@NetBSD.org>

Fixed bug #75616

PDO can be built shared on Darwin nowadays. There used to be issues
relating to symbol references between dynamically loaded shared
objects.


# 200bf9b5 16-Dec-2017 Jaromír Doleček <jdolecek@NetBSD.org>

Fix bug #75615

Remove -I without argument in pdo_mysql config.m4.


# a3b5b93b 17-Dec-2017 Xinchen Hui <laruence@gmail.com>

Updated NEWS


# 340255a6 16-Dec-2017 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #75614

Replace non-standard == with = in shell scripts.


# ee45104d 16-Dec-2017 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #75698


# 19d0c5dc 16-Dec-2017 Nikita Popov <nikita.ppv@gmail.com>

Add test for bug #75681

The issue itself has been fixed by 8a4532319dfae83ff16b2d2bbfeed062924c3c27.


# 43d9f599 16-Dec-2017 Nikita Popov <nikita.ppv@gmail.com>

Fix duplicate NEWS entry

Also add an UPGRADING note while at it, as this is potentially
BC breaking.

[ci skip]


# 84235344 10-Oct-2017 Michael Moravec <mail@majkl578.cz>

Fixed bug #75355: preg_quote() does not quote # control character


# a20c9bd3 16-Dec-2017 Xinchen Hui <laruence@gmail.com>

Fixed bug #75687 (var 8 (TMP) has array key type but not value type)


# 8a179fa0 08-Dec-2017 Jelle van der Waa <jelle@vdwaa.nl>

Fix bug #69727: Support SOURCE_DATE_EPOCH for Build Date

When checking for reproducible builds php is build twice, once with the
current date and once with a date in the future. To keep the build date
supported and reproducible builds possible, SOURCE_DATE_EPOCH is
introduced which can be set to the same epoch value for both builds.


# 72ec23d8 13-Dec-2017 Li-Wen Hsu <lwhsu@lwhsu.org>

Fix bug #75677: Drop fastcall attribute on variadic function

Fastcall generally doesn't make sense on variadic functions. For
clang in particular this eliminates a "fastcall calling convention
ignored on variadic function" warning.


# d9a110a2 15-Dec-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# f14f3ed7 15-Dec-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# 90cccffe 14-Dec-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# fd81881e 14-Dec-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# 4cbc1f7e 12-Dec-2017 Sara Golemon <pollita@php.net>

Prep NEWS for PHP 7.2.2


# fc80114a 09-Dec-2017 Nikita Popov <nikita.ppv@gmail.com>

Add gmp_kronecker()

Exposes the mpz_kronecker(), mpz_si_kronecker() and
mpz_kronecher_si() for computing the Kronecker symbol.


# 10a336d3 09-Dec-2017 Nikita Popov <nikita.ppv@gmail.com>

Add gmp_perfect_power()

Exposes the mpz_perfect_power_p() function.

We already had the more specific gmp_perfect_square() function.


# a1d36a11 09-Dec-2017 Nikita Popov <nikita.ppv@gmail.com>

Add gmp_lcm()

Exposes mpz_lcm() and mpz_lcm_ui() for calculating the least
common multiple.

We already expose the somewhat complementary gmp_gcd() function.


# 7fea7967 09-Dec-2017 Nikita Popov <nikita.ppv@gmail.com>

Add gmp_binomial()

Adds PHP bindings for mpz_bin_ui and mpz_bin_uiui, for calculating
binomial coefficients.


# 6d4de4cf 06-Oct-2017 David Walker <dwalker@n.io>

Implement list() reference assignments

Support list() reference assignments of the form:

list(&$a, list(&$b, $c)) = $d;

RFC: https://wiki.php.net/rfc/list_reference_assignment


# 9cdd547e 06-Dec-2017 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #74372


# 71a460ba 05-Dec-2017 krakjoe <krakjoe@php.net>

bump versions


# b79082c9 05-Dec-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# 3110bc10 05-Dec-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# 484c11a5 05-Dec-2017 Anatol Belski <ab@php.net>

7.0.28 is next


# dab205cb 05-Dec-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# 5934bff9 04-Dec-2017 Dmitry Stogov <dmitry@zend.com>

Fixed bug #75608 ("Narrowing occurred during type inference" error)


# 6a23add6 29-Nov-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# 39d1818b 29-Nov-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS

Move entry to proper section


# 17338ddb 29-Nov-2017 Xinchen Hui <laruence@gmail.com>

Update NEWS


# 3b9ba7b6 29-Nov-2017 Xinchen Hui <laruence@gmail.com>

Fixed bug #75573 (Segmentation fault in 7.1.12 and 7.0.26)


# 6ed242df 16-Nov-2017 johnstevenson <john-stevenson@blueyonder.co.uk>

Fixed #73124: php_ini_scanned_files()

Additional ini files are reported using the --ini option, but not by
`php_ini_scanned_files()`, which relied on PHP_CONFIG_FILE_SCAN_DIR.


# 7c043fff 28-Nov-2017 Remi Collet <remi@php.net>

NEWS


# 2873316d 28-Nov-2017 Remi Collet <remi@php.net>

NEWS


# 26656684 28-Nov-2017 Remi Collet <remi@php.net>

NEWS


# e722f7bf 27-Nov-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# cf084416 27-Nov-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# c52900d7 28-Nov-2017 Xinchen Hui <laruence@gmail.com>

Update NEWS


# ee9e32ca 28-Nov-2017 Xinchen Hui <laruence@gmail.com>

Update NEWs (added bug entry)


# 7ca5a7d8 21-Nov-2017 Sara Golemon <pollita@php.net>

Add net_get_interfaces()


# 51404ad0 26-Nov-2017 Remi Collet <remi@php.net>

Prepare NEWS file for release
- set release date
- merge all alpha/beta/RC entries
- clean entries already in 7.1


# c9fecf7d 23-Nov-2017 MattJeevas <tehnya@gmail.com>

Print PHP version in phpinfo() func html title


# c412b8b3 24-Nov-2017 Xinchen Hui <laruence@gmail.com>

Fixed bug #75556 (Invalid opcode 138/1/1)


# 0dbb327d 23-Nov-2017 Remi Collet <remi@php.net>

add 7.1 NEW entries


# 1dfcd1af 04-Nov-2017 Anton Artamonov <a.artmnv@gmail.com>

Fixed bug #70469

Don't generate an E_ERROR if we've already thrown an exception.
This interacts badly with error_get_last() checks.


# 179ed6e4 30-Sep-2017 Pedro Magalhães <mail@pmmaga.net>

63911: Compare opcodes of the op_array to determine different functions


# 269d1601 22-Nov-2017 Scott <scott@paragonie.com>

Fix bug #75409


# 9988f056 21-Nov-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# 3ad116b7 21-Nov-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# 38be3c4a 21-Nov-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# 045e0fc0 20-Nov-2017 Remi Collet <remi@php.net>

NEWS


# 50a867eb 20-Nov-2017 Remi Collet <remi@php.net>

NEWS


# 8832c466 20-Nov-2017 Remi Collet <remi@php.net>

NEWS


# 0e097f2c 17-Nov-2017 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #75535

The sizeof()s for Content-Length and Transfer-Encoding were missing
the trailing ":". Apart from being generally wrong, this no longer
verified that the header actually contains a colon, leading to the
null http_header_value being used.

Additionally, in the interest of being defensive, also make sure
that http_header_value is non-null by setting it to the end of
the header line (effectively an empty string) if there is no colon.
If the following conditions are correct, this value is not going
to be used though.


# dba5a798 07-Nov-2017 DanielCiochiu <daniel@ciochiu.ro>

Fixed #74862: Unable to clone instance when private __clone defined

Even though __clone was implemented as private and called only from
parent class, child extending class instance could not be cloned.


# 97b046a6 15-Nov-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# 47645749 15-Nov-2017 Remi Collet <remi@php.net>

NEWS


# 4615fcf2 14-Nov-2017 Anatol Belski <ab@php.net>

update NEWS


# a5206bc6 01-Sep-2017 Sammy Kaye Powers <sammyk@sammykmedia.com>

Update NEWS


# 61ae64f6 13-Nov-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# 704bcd38 12-Nov-2017 Remi Collet <remi@php.net>

next version is 7.2.1


# 8c73c9a1 13-Nov-2017 Remi Collet <remi@php.net>

NEWS


# 3dbe8dd1 13-Nov-2017 Remi Collet <remi@php.net>

NEWS


# 1ab03bc3 13-Nov-2017 Xinchen Hui <laruence@gmail.com>

Update NEWS


# 1c1df0d9 13-Nov-2017 Xinchen Hui <laruence@gmail.com>

Fixed bug #75511 (fread not free unused buffer)


# a0ed09f9 10-Nov-2017 fandrieu <fandrieu@gmail.com>

Treat DATETIME2 columns like DATETIME


# b760b462 10-Nov-2017 fandrieu <fandrieu@gmail.com>

Expose TDS version as \PDO::DBLIB_ATTR_TDS_VERSION attribute on \PDO instance


# 1426be10 10-Nov-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# 0bbb545c 10-Nov-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# df615f47 10-Nov-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# b6294bbc 07-Nov-2017 Dmitry Stogov <dmitry@zend.com>

Fixed assertion on phpMyAdmin-4.7.5 home page


# 3be68103 07-Nov-2017 Joe Watkins <krakjoe@php.net>

bump versions


# 35e2984b 07-Nov-2017 Christoph M. Becker <cmbecker69@gmx.de>

Updated bundled libsqlite to 3.21.0


# bc7d4dc5 07-Nov-2017 Anatol Belski <ab@php.net>

7.0.27 next


# 897bdb42 27-Sep-2017 Pedro Magalhães <mail@pmmaga.net>

Fix #74922 - Try to resolve constants when importing trait properties


# b72af30a 31-Oct-2017 fandrieu <fandrieu@gmail.com>

Fix #74243: allow locales.conf to drive datetime format

Add a driver attribute, PDO::DBLIB_ATTR_DATETIME_CONVERT, to control.


# dc4427d0 30-Oct-2017 Christoph M. Becker <cmbecker69@gmx.de>

Implemented request #62055 (Make run-tests.php support --CGI-- sections)

Not regarding the CGI section might even been seen as a bug, and since
server-tests.php appears to broken, anway[1][2], we implement it for
run-tests.php in the way as described[3] for server-tests.php, i.e.
respective tests are skipped if no CGI executable is found.

[1] <https://github.com/php/php-src/pull/222#commitcomment-2064387>
[2] <https://github.com/php/php-src/pull/1811#issuecomment-256677997>
[3] <https://qa.php.net/phpt_details.php#cgi_section>


# bbf57b11 30-Oct-2017 Sara Golemon <pollita@php.net>

Revert array_slice passthrough optimization

This reverts commit fabb5b7a7421280b43e6f11c59d9446f6b21e3e6.
This reverts commit e751e6cebad959592f223f99ffd2a60cdf51bed0.


# a308000f 30-Oct-2017 Fabien Villepinte <fabien.villepinte@gmail.com>

Fix bug #75464 Wrong reflection on SoapClient::__setSoapHeaders


# e6aea3dc 29-Oct-2017 Fabien Villepinte <fabien.villepinte@gmail.com>

Fix bug #75453 Incorrect reflection on ibase_connect and ibase_pconnect


# 938f256e 28-Oct-2017 Fabien Villepinte <fabien.villepinte@gmail.com>

Fix bug #75434 Wrong reflection for mysqli_fetch_all function


# 51ea2cfb 27-Oct-2017 Fabien Villepinte <fabien.villepinte@gmail.com>

Fix bug #75307 Wrong reflection for openssl_open function


# e751e6ce 27-Oct-2017 Sara Golemon <pollita@php.net>

Do not create a new array when slicing all of input array.


# ed02dce2 26-Oct-2017 Xinchen Hui <laruence@gmail.com>

Update NEWS


# 7d3c057b 26-Oct-2017 Xinchen Hui <laruence@gmail.com>

Update NEWS


# d2047503 26-Oct-2017 Xinchen Hui <laruence@gmail.com>

Fixed bug #75420 (Crash when modifing property name in __isset for BP_VAR_IS)


# 0fbb9f34 24-Oct-2017 Fabien Villepinte <fabien.villepinte@gmail.com>

Fix bug #75437 Wrong reflection on imagewebp


# f600785f 25-Oct-2017 Ferenc Kovacs <tyra3l@gmail.com>

5.6.33 is next


# a8ffc692 24-Oct-2017 Sara Golemon <pollita@php.net>

Update NEWS for 7.2.0RC6


# 98f28a91 24-Oct-2017 Sara Golemon <pollita@php.net>

Update NEWS for PHP 7.2.0RC5


# 22c48761 24-Oct-2017 Christoph M. Becker <cmbecker69@gmx.de>

Fixed bug #65148 (imagerotate may alter image dimensions)

We apply the respective patches from external libgd, work around the
still missing `gdImageClone()`, and fix the special cased rotation
routines according to Pierre's patch
(https://gist.github.com/pierrejoye/59d72385ed1888cf8894a7ed437235ae).

We also cater to bug73272.phpt whose result obviously changes a bit.


# ab8c0f19 24-Oct-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# c05fcc46 24-Oct-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# 75d0ba51 24-Oct-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# 7d06a5c8 24-Oct-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# 8f804a21 24-Oct-2017 Sara Golemon <pollita@php.net>

Add support for zlib/level context option


# 9fca5854 23-Oct-2017 Sara Golemon <pollita@php.net>

NEWS entry for pg_close() fix


# 14609ca6 26-Sep-2017 Peter Kokot <peterkokot@gmail.com>

Fix bug #69954 and remove pdo_mysql.cache_size and mysqli.cache_size INI directives

This patch removes some non working links to PHP manual and removes the
pdo_mysql.cache_size and mysqli.cache_size INI directives which have been
removed since PHP 5.3.0.


# a59e233a 26-Sep-2017 Peter Kokot <peterkokot@gmail.com>

Fix bug #75264


# e8237705 22-Oct-2017 Andrea Faulds <ajf@ajf.me>

Merge JSON_THROW_ON_ERROR


# 858614e9 20-Oct-2017 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# ffa4d48e 20-Oct-2017 Anatol Belski <ab@php.net>

[skip ci] Update NEWS


# ede8cee9 20-Oct-2017 Anatol Belski <ab@php.net>

[ci skip] Update NEWS


# 80c3b078 09-Oct-2017 Nester <andrew.nester.dev@gmail.com>

Fixed #75317 - UConverter::setDestinationEncoding changes source instead of destinatination


# 014fd21b 17-Oct-2017 fandrieu <fandrieu@gmail.com>

Implemented request #69592: allow 0-column rowsets to be skipped automatically

This adds a new attribute PDO::DBLIB_ATTR_SKIP_EMPTY_ROWSETS to enable automatic
skipping of empty rowsets.

This happens with some SQL commands (like PRINT or SET): a rowset with 0 columns
is returned by the driver.

With this option enabled, 0 columns rowsets are automatically skipped, mirroring
the behavior of the deprecated mssql extension.

Credits go to MiRacLe-RPZ for developping and promoting this patch.


# e53a9aaa 17-Oct-2017 Xinchen Hui <laruence@gmail.com>

Fixed bug (assertion fails with extended info generated)


# aad4544e 16-Oct-2017 Tianfang Yang <tianfyan@php.net>

Fixed valgrind issue


# 863acd77 16-Oct-2017 Xinchen Hui <laruence@gmail.com>

Fixed bug #75378 ([REGRESSION] IntlDateFormatter::parse() does not change $position argument)


# 200d526a 16-Oct-2017 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Fixed bug #75383 (The date is "Sep", it should say "Oct")


# 8e147f12 16-Oct-2017 Xinchen Hui <laruence@gmail.com>

Fixed bug (Phi sources removel)


# 999fe36d 15-Oct-2017 Jakub Zelenka <bukka@php.net>

Properly fix #75363 and address some other leaks with cert


# 7c556c44 15-Oct-2017 Jakub Zelenka <bukka@php.net>

Fix bug #68567 (JSON_PARTIAL_OUTPUT_ON_ERROR can result in JSON with null key)


# 5acb8381 09-Oct-2017 Jelle van der Waa <jelle@vdwaa.nl>

Fixed bug #53070 (enchant_broker_get_path crashes if no path is set)

enchant_broker_get_dict_path segfaults when the dict path is not setup,
instead of segfaulting return false instead.


# fb090214 12-Oct-2017 Christoph M. Becker <cmbecker69@gmx.de>

Fixed bug #75365 (Enchant still reports version 1.1.0)

Since Enchant is bundled, we make `PHP_ENCHANT_VERSION` an alias of
`PHP_VERSION` and also drop the rather meaningless revision hash from
the PHP info.


# 481a65a0 15-Oct-2017 Xinchen Hui <laruence@gmail.com>

Update NEWS


# b9b2ae70 15-Oct-2017 Xinchen Hui <laruence@gmail.com>

Update NEWS


# 816758ed 15-Oct-2017 Xinchen Hui <laruence@gmail.com>

Fixed bug #75287 (Builtin webserver crash after chdir in a shutdown function)


# abbdbc21 14-Oct-2017 Xinchen Hui <laruence@gmail.com>

Fixed bug #75357 (segfault loading WordPress wp-admin)


# f26fc527 13-Oct-2017 Dmitry Stogov <dmitry@zend.com>

Fixed unzserialize(), to disable creation of unsupported data structures through manually crafted strings. (Dmitry)


# 397f5cb6 13-Oct-2017 Dmitry Stogov <dmitry@zend.com>

Fixed bug #75368 (mmap/munmap trashing on unlucky allocations)


# e4f7ff9c 13-Oct-2017 Xinchen Hui <laruence@gmail.com>

Fixed bug #75370 (Webserver hangs on valid PHP text)


# 3f8961df 18-Sep-2017 Christoph M. Becker <cmbecker69@gmx.de>

Fixed bug #75221 (Argon2i always throws NUL at the end)

Apparently, `argon2_encodedlen()` also counts the terminating NUL byte;
that doesn't appear to be documented somewhere, but from looking at the
implementation[1] it is pretty obvious. Therefore, the respective
`zend_string` has to be one byte shorter.

[1] <https://github.com/P-H-C/phc-winner-argon2/blob/20161029/src/argon2.c#L431-L436>


# a55af1e2 11-Oct-2017 Bob Weinand <bobwei9@hotmail.com>

Fixed bug #75363 (openssl_x509_parse leaks memory)


# 4d61091a 11-Oct-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# 6c3c1872 10-Oct-2017 Sara Golemon <pollita@php.net>

Revert "Update NEWS for PHP 7.2.0RC4"

This reverts commit 1ea657c65e64d8338e47ead04cfe64c88bf47f2c.


# 6c8a5817 10-Oct-2017 Sara Golemon <pollita@php.net>

Revert "Update NEWS for 7.2.0RC5"

This reverts commit ef25e56ae6a9df1d8fe409707c208d71c067f285.


# ef25e56a 10-Oct-2017 Sara Golemon <pollita@php.net>

Update NEWS for 7.2.0RC5


# 1ea657c6 10-Oct-2017 Sara Golemon <pollita@php.net>

Update NEWS for PHP 7.2.0RC4


# c2bfdf37 10-Oct-2017 Joe Watkins <krakjoe@php.net>

bump version


# c8eccf84 10-Oct-2017 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Add NEWS entry for bug #75349


# f3cda1a3 10-Oct-2017 Remi Collet <remi@php.net>

Update NEWS for 7.2.0RC5


# 9317e910 10-Oct-2017 Remi Collet <remi@php.net>

Update NEWS for PHP 7.2.0RC4


# 51658bac 10-Oct-2017 Anatol Belski <ab@php.net>

Move dev to 7.0.26


# e05cba08 02-Oct-2017 Sara Golemon <pollita@php.net>

Make GMP more usable by third-party extensions.

Export a PHPAPI function to return gmp_ce (and make the actual storage static).
Provide gmp_object struct in header w/ inline accessor.
Install php_gmp_int.h header.

Remove unnecessary `#ifdef HAVE_GMP` checks.


# ec3d8647 06-Oct-2017 Christoph M. Becker <cmbecker69@gmx.de>

Fixed bug #75318 (The parameter of UConverter::getAliases() is not optional)

Of course, reflection has to know that as well.


# 6b9ccda9 04-Oct-2017 Mathieu CARBONNEAUX <mcarbonneaux@gmail.com>

Fixed bug #75311


# 1195de87 04-Oct-2017 Dmitry Stogov <dmitry@zend.com>

Bumped ext/oci8 version


# ca6d7019 03-Oct-2017 Remi Collet <remi@php.net>

NEWS


# a1c08245 02-Oct-2017 Frank Denis <github@pureftpd.org>

NEWS


# 03aef5f6 02-Oct-2017 Remi Collet <remi@php.net>

NEWS


# abefb6df 29-Sep-2017 Andrea Faulds <ajf@ajf.me>

Fix bug #75290


# 7e21f472 29-Sep-2017 Remi Collet <remi@php.net>

NEWS


# 819874c2 27-Sep-2017 Côme Chilliet <mcmic@php.net>

Updated NEWS

Added LDAP control support in it


# 1c68d63f 27-Sep-2017 Dmitry Stogov <dmitry@zend.com>

Fixed bug #75255 (Request hangs and not finish)


# 7deb561f 25-Sep-2017 jhdxr <jhdxr@php.net>

fix bug #75222 DateInterval microseconds property always 0


# 6d0391b1 22-Sep-2017 Peter Kokot <peterkokot@gmail.com>

Fix bug #75248 and #75251


# a680d701 18-Sep-2017 Nester <andrew.nester.dev@gmail.com>

Fixed #75220 - Segfault when calling is_callable on parent


# bffe657d 26-Sep-2017 Remi Collet <remi@php.net>

Update NEWS for 7.2.0RC4


# 8cdb9784 26-Sep-2017 Remi Collet <remi@php.net>

Update NEWS for PHP 7.2.0RC3


# ed2a5eba 24-Sep-2017 Xinchen Hui <laruence@gmail.com>

Fixed bug #75230 (Invalid opcode 49/1/8 using opcache)


# ccc0a925 24-Sep-2017 Xinchen Hui <laruence@gmail.com>

Update NEWS


# 634f79d8 24-Sep-2017 Xinchen Hui <laruence@gmail.com>

Update NEWS


# b05ff14a 24-Sep-2017 Xinchen Hui <laruence@gmail.com>

Fixed bug #75241 (Null pointer dereference in zend_mm_alloc_small()).


# 73d6456d 24-Sep-2017 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #75252


# 418f9744 20-Sep-2017 Andrea Faulds <ajf@ajf.me>

Fix bug #75236


# eedc060c 20-Sep-2017 Christoph M. Becker <cmbecker69@gmx.de>

Fixed bug #73629 (SplDoublyLinkedList::setIteratorMode masks intern flags)

We must not overwrite the SPL_DLLIST_IT_FIX flag when changing the
iterator mode.


# 3cd5f288 18-Sep-2017 Christoph M. Becker <cmbecker69@gmx.de>

[ci skip] Update NEWS


# 7d5c0f19 18-Sep-2017 Remi Collet <remi@php.net>

NEWS


# 41e5f916 18-Sep-2017 Dmitry Stogov <dmitry@zend.com>

Fixed bug #74878 (Data race in ZTS builds)


# 46e0c474 13-Sep-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# fba79294 13-Sep-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS

Fix format


# 0d37dcd2 12-Sep-2017 Sara Golemon <pollita@php.net>

Update NEWS for 7.2.0RC3


# 2272f408 12-Sep-2017 Sara Golemon <pollita@php.net>

Update NEWS for PHP 7.2.0RC2


# 7f01872a 12-Sep-2017 Joe Watkins <krakjoe@php.net>

bump versions


# 1454dc20 11-Sep-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# 3719aaeb 11-Sep-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# 3d1cb7e3 11-Sep-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# 5cf21553 12-Sep-2017 Anatol Belski <ab@php.net>

Move dev to 7.0.25


# f5d478c8 12-Sep-2017 Anatol Belski <ab@php.net>

[ci skip] Fix news entry format


# b5c9cd4d 12-Sep-2017 Anatol Belski <ab@php.net>

[ci skip] Fix news entry format


# 194547f5 12-Sep-2017 Anatol Belski <ab@php.net>

[ci skip] Fix news entry format


# 3e11b7fc 10-Sep-2017 jhdxr <jhdxr@php.net>

fix bug #75173 incorrect behavior of AppendIterator::append in foreach loop


# 9aa6898b 11-Sep-2017 Christoph M. Becker <cmbecker69@gmx.de>

Fixed bug #46781 (BC math handles minus zero incorrectly)

Actually, there is no negative zero at all. We obey Postel's law, and
still accept negative zeroes, but we store them as positive zeroes
after the conversion from string, i.e. we normalize before further
processing.


# 613bac9e 11-Sep-2017 Christoph M. Becker <cmbecker69@gmx.de>

[ci-skip] Add NEWS entry for bug #75185


# c40c0b81 11-Sep-2017 Xinchen Hui <laruence@gmail.com>

Not sure why these lines are removed :<


# 8cb06273 10-Sep-2017 Xinchen Hui <laruence@gmail.com>

Update NEWS


# 6b2813c3 10-Sep-2017 Xinchen Hui <laruence@gmail.com>

Fixed bug #75152 (signed integer overflow in parse_iv)


# 4b746fce 10-Sep-2017 Christoph M. Becker <cmbecker69@gmx.de>

Fixed bug #73730 (textdomain(null) throws in strict mode)

The $text_domain parameter may be NULL, which we have to cater to
explicitly with regard to strict_types.


# 44eec946 09-Sep-2017 Christoph M. Becker <cmbecker69@gmx.de>

Fixed bug #75178 (bcpowmod() misbehaves for non-integer base or modulus)

Since `bcpowmod()` does not support non-integral operands, we have to
truncate these in addition to emitting a respective warning. We also
have to work with the truncated values in the following.

We recognize that the division by one to enforce the truncation is
actually overkill, but we stick with it for now, and shall tackle the
issue for PHP 7.3.


# fd073020 07-Sep-2017 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #75170

This change may result in different mt_rand/rand sequences being
generated on 64-bit systems for a specific seed.

See also https://externals.io/message/100229.


# b2919853 06-Sep-2017 Christoph M. Becker <cmbecker69@gmx.de>

Fixed bug #54598 (bcpowmod() may return 1 if modulus is 1)

`x mod 1` is always zero; we have to take the scale into account,
though.


# dea41f3c 06-Sep-2017 Christoph M. Becker <cmbecker69@gmx.de>

Fixed bug #44995 (bcpowmod() fails if scale != 0)

`bc_divmod()` is supposed to do integer division, so we must not apply
a scale factor here.


# ed2f6510 03-Sep-2017 BohwaZ <bohwaz@github.com>

Add support for SQLite open flags


# f1fd11f4 01-Sep-2017 Sammy Kaye Powers <sammyk@sammykmedia.com>

Update NEWS that did not get updated in #2442

[ci skip]


# cd9d90f4 04-Sep-2017 Bouke van der Bijl <boukevanderbijl@gmail.com>

Fixed bug #70470


# 81ad6a97 05-Sep-2017 Remi Collet <remi@php.net>

NEWS


# c2e3541c 04-Sep-2017 Nikita Popov <nikita.ppv@gmail.com>

Add test for bug #75155


# 6355e650 04-Sep-2017 Remi Collet <remi@php.net>

NEWS


# ea734e2a 04-Sep-2017 Dmitry Stogov <dmitry@zend.com>

Fixed incorect constant conditional jump elimination


# e20a6b02 01-Sep-2017 Christoph M. Becker <cmbecker69@gmx.de>

Fixed bug #75139 (libgd/gd_interpolation.c:1786: suspicious if ?)

We back-port https://github.com/libgd/libgd/commit/dd48286 even though
we cannot come up with a regression test, because the erroneous
condition appears to be impossible to trigger.

We also parenthesize the inner ternary operation to avoid confusion.


# a6456f0a 01-Sep-2017 Anatol Belski <ab@php.net>

Fixed bug #75143 new method setEncryptionName() seems not to exist in ZipArchive

update NEWS


# 1f843a8f 28-Aug-2017 Jakub Zelenka <bukka@php.net>

Automatically load OpenSSL configuration file


# d3bc8beb 29-Aug-2017 Kalle Sommer Nielsen <kalle@php.net>

Removed support for BeOS, development for BeOS was supported 17 years ago.

This patch however does not drop support for the BeOS compatible variant, Haiku, see Github PR #2697 which is currently a WiP

I intentionally left out some fragments for BeOS in the build system for that seems to be bundles


# 045d18d2 29-Aug-2017 Remi Collet <remi@php.net>

Update NEWS for 7.2.0RC2


# 4f64716f 29-Aug-2017 Remi Collet <remi@php.net>

Update NEWS for PHP 7.2.0RC1


# 499f5480 27-Aug-2017 Christoph M. Becker <cmbecker69@gmx.de>

Fixed bug #75124 (gdImageGrayScale() may produce colors)

We have to make sure to avoid alpha-blending issues by explicitly
switching to `gdEffectReplace` and to restore the old value afterwards.

This is a port of <https://github.com/libgd/libgd/commit/a7a7ece>.


# 3a2ad5b2 25-Aug-2017 Christoph M. Becker <cmbecker69@gmx.de>

Update to SQLite 3.20.1


# d9d13aba 17-Apr-2017 Michael Moravec <mail@majkl578.cz>

Added method DateTime::createFromImmutable()


# be9edd83 23-Aug-2017 Thomas Punt <tpunt@hotmail.co.uk>

Fixed bug #75090


# df7f2a5d 25-Aug-2017 Remi Collet <remi@php.net>

NEWS


# 5cd348c1 23-Aug-2017 Christoph M. Becker <cmbecker69@gmx.de>

Fixed bug #75111 (Memory disclosure or DoS via crafted .bmp image)

Crafted BMP images can cause dynamicSeek() to be called with a negative
position which must not be allowed, since dynamicSeek() works like
fseek() in SEEK_SET mode. We solve this by bailing out if `pos` is
negative, and let the image reading fail gracefully.


# f0f6ac6b 22-Aug-2017 Tianfang Yang <tianfyan@php.net>

Update NEWS


# 708349ee 22-Aug-2017 Tianfang Yang <tianfyan@php.net>

Update NEWS


# 1b8a71e7 22-Aug-2017 Tianfang Yang <tianfyan@php.net>

Update NEWS


# 079bc324 22-May-2017 Ingmar Runge <ingmar.runge@sixt.com>

Fixed bug #74631 (PDO_PCO with PHP-FPM: OCI environment initialized before PHP-FPM sets it up)


# 799b52e8 19-Aug-2017 Andrea Faulds <ajf@ajf.me>

Retroactively correct NEWS omission


# 61538eba 19-Aug-2017 Andrea Faulds <ajf@ajf.me>

Fixed bug #75097 (gethostname fails if your host name is 64 chars long)

PHP contained two different off-by-one errors, which are fixed here. First,
it created a buffer of size HOST_NAME_MAX, not adding space for a null
terminator. Second, it subtracted 1 from the size of that buffer when passing
its size to gethostname(), despite gethostname() expecting it to be a buffer
size including space for a terminating null byte, not a string length.


# 6f55fe05 19-Aug-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# 95ef8e96 19-Aug-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# 3cad07b8 19-Aug-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# 07e8cb42 18-Aug-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# debbaba9 18-Aug-2017 Remi Collet <remi@php.net>

NEWS


# de0b816b 18-Aug-2017 Remi Collet <remi@php.net>

NEWS


# b28912b0 18-Aug-2017 Remi Collet <remi@php.net>

NEWS


# ef90e37b 18-Aug-2017 Dmitry Stogov <dmitry@zend.com>

Fixed bug #75089 (preg_grep() is not reporting PREG_BAD_UTF8_ERROR after first input string)


# 1d9b46f3 17-Aug-2017 Kalle Sommer Nielsen <kalle@php.net>

Implemented FR #74781 (Add the latest PG_DIAG_* const)


# 5b02d105 16-Aug-2017 Joe Watkins <krakjoe@php.net>

bump versions


# 3e66ae67 15-Aug-2017 Remi Collet <remi@php.net>

Update NEWS for 7.2.0RC1


# 6c1c49d1 15-Aug-2017 Remi Collet <remi@php.net>

Update NEWS for PHP 7.2.0beta3


# 3af62012 15-Aug-2017 Anatol Belski <ab@php.net>

move dev to 7.0.24


# 6b77792d 14-Aug-2017 Xinchen Hui <laruence@gmail.com>

Update NEWS


# 6275825c 14-Aug-2017 Xinchen Hui <laruence@gmail.com>

Update NEWS


# d8c80af7 14-Aug-2017 Xinchen Hui <laruence@gmail.com>

Fixed bug #75075 (unpack with X* causes infinity loop)


# 112afb92 13-Aug-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# 73d84d4b 13-Aug-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# f64be0b0 13-Aug-2017 Christoph M. Becker <cmbecker69@gmx.de>

Fixed bug #73793 (WDDX uses wrong decimal seperator)

The WDDX specification[1] requires to serialize floats with a decimal
point, but `snprintf()` is locale-dependent and may use a decimal
comma. We fix that afterwards by replacing an eventual comma with a
point.

[1] <http://xml.coverpages.org/wddx0090-dtd-19980928.txt>


# 1a23ebc1 12-Aug-2017 Nikita Popov <nikita.ppv@gmail.com>

Fixed bug #74103 and bug #75054

Directly fail unserialization when trying to acquire an r/R
reference to an UNDEF HT slot. Previously this left an UNDEF and
later deleted the index/key from the HT.

What actually caused the issue here is a combination of two
factors: First, the key deletion was performed using the hash API,
rather than the symtable API, such that the element was not actually
removed if it used an integral string key. Second, a subsequent
deletion operation, while collecting trailing UNDEF ranges, would
mark the element as available for reuse (leaving a corrupted HT
state with nNumOfElemnts > nNumUsed).

Fix this by failing early and dropping the deletion code.


# b59718bd 12-Aug-2017 Andrea Faulds <ajf@ajf.me>

Fix bug #74725 (html_errors=1 breaks unhandled exceptions)


# f7cf8392 09-Aug-2017 Xinchen Hui <laruence@gmail.com>

Update NEWs


# 46ecda76 09-Aug-2017 Xinchen Hui <laruence@gmail.com>

Update NEWS


# b06f8cb5 09-Aug-2017 Xinchen Hui <laruence@gmail.com>

Fixed bug #75049 (spl_autoload_unregister can't handle spl_autoload_functions results)


# 618dcd65 08-Aug-2017 Darek Slusarczyk <dariusz.slusarczyk@oracle.com>

JSON: fix config.w32 / Install headers on windows


# db96b7c2 04-Aug-2017 Adam Saponara <as@php.net>

Fix #75031: Support append mode in `php://temp` streams

This patch introduces a distinction between write mode and append
mode in `php://temp` and `php://memory` streams, achieving parity
with C stdio.


# 39f0e810 02-Aug-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# 3e5b8c1e 02-Aug-2017 Anatol Belski <ab@php.net>

[ci skip] update NEWS


# 9ba2cfd3 02-Aug-2017 Anatol Belski <ab@php.net>

update NEWS


# 29e4d4ee 08-Jul-2017 Andreas Treichel <gmblar+github@gmail.com>

Add ftp_append to create a new file or append data to an existing file (RFC959)


# c2b8066e 23-Jul-2017 Andreas Treichel <gmblar+github@gmail.com>

Bug #74975: Different serialization for classes


# 2cc1cbf2 28-Jul-2017 Fabien Villepinte <fabien.villepinte@gmail.com>

Fix Bug #75001: Wrong reflection on mb_eregi_replace


# 5097e2ee 23-Jun-2017 Tyson Andre <tysonandre775@hotmail.com>

Implement spl_object_id(object $x) : int

spl_object_id is a new function returning the object handle,
as a signed integer.

Discussion for this new function is ongoing on php-internals, see
https://marc.info/?t=143835274500003&r=1&w=2

The object id is unique for the lifetime of the object.
When the object is garbage collected,
different objects may & will have the same object id.

- This is also the case for the string generated by spl_object_hash

It is always possible to cast the object handle to a **signed** zend_long
in php 7.2. _zend_object->handle is always of the type `uint32_t`.
(zend_long is 32 bits on 32 bit builds, 64 bits on 64 bit builds)

As of php 7.0, the object id uniquely identifies the object,
there can't be two objects with the same id but different handlers
(See the implementation of spl_object_hash)

Skip the pointless XORing, as discussed in internals.

- It was intended to avoid exposing in-memory addresses.
- The object handle is not a memory address.
- The output of var_dump() includes the object handle(id)


# 43e76562 01-Aug-2017 Christoph M. Becker <cmbecker69@gmx.de>

Update NEWS


# 6278f614 01-Aug-2017 Sara Golemon <pollita@php.net>

Update NEWS for 7.2.0beta3


# 1b05a237 01-Aug-2017 Sara Golemon <pollita@php.net>

Update NEWS for PHP 7.2.0beta2


# 5069d521 01-Aug-2017 Julien Pauli <jpauli@php.net>

Updated NEWS


#