Sie sind hier: PHP-Versionen > PHP 7 > PHP 7.0

PHP 7.0.10 wurde am 18.08.2016 herausgebracht. Im folgenden erhalten Sie einen kurzen Überblick welche Änderungen in diesem Patch enthalten waren. Bei Interesse kann auch das ausführliche Änderungsprotokoll eingesehen werden.

Fehlerbehebung
Core
Caught exception assignment to variables ignores references
Calling an earlier instance of an included anonymous class fatals
previous property undefined in Exception after deserialization
Cannot declare public method with signature incompatible with parent private method
microtime() leaks memory
Unable to set --enable-debug on building extensions by phpize on Windows
Fixed bug causing ClosedGeneratorException being thrown into the calling code instead of the Generator yielding from
phpize (on Windows) ignores PHP_PREFIX
Fixed potential segfault in object storage freeing in shutdown sequence
Create an Unexpected Object and Don't Invoke __wakeup() in Deserialization
PHP Session Data Injection Vulnerability
getmxrr broken
memory allocator fails to realloc small block to large one
Bz2
integer overflow in bzdecompress caused heap corruption
Calendar
cal_days_month() fails for final month of the French calendar
AddressSanitizer: global-buffer-overflow in zif_cal_from_jd
COM
DOTNET/COM array parameters broke in PHP7
CURL
curl_setopt segfault with empty CURLOPT_HTTPHEADER
CURLINFO_CERTINFO data parsing error
Heap overflow in curl_escape
DOM
DOM document dangling reference
EXIF
Samsung picture thumb not read (zero size)
Memory Leakage In exif_process_IFD_in_TIFF
Filter
FILTER_FLAG_NO_RES_RANGE does not cover whole 127.0.0.0/8 range
FPM
using --allow-to-run-as-root should ignore missing user
GD
imagetypes function won't advertise WEBP support
imagearc() ignores thickness for full arcs
500 Server Error but page is fully rendered
broken transparency of imagearc for truecolor in blendingmode
Always false condition in ext/gd/libgd/gdkanji.c
suspicious if-else statements
select_colors write out-of-bounds
imagegammacorrect allows arbitrary write access
imagecropauto out-of-bounds access
Intl
Segfault when instantiating class that extends IntlCalendar and adds a property
idn_to_ascii for UTS #46 incorrect for long domain names (Partially fixed)
mbstring
mb_ereg_search raises a warning if a match zero-width
mb_ereg_search increments search position when a match zero-width
mb_ereg_search_setpos does not accept a string's last position
`mb_ereg` causes buffer overflow on regexp compile error
Mcrypt
Heap Overflow due to integer overflows
Opcache
Opcache restart with kill_all_lockers does not work
PCRE
preg_match missing group names in matches
PDO_pgsql
PDO statement fails to throw exception
Reflection
ReflectionClass::export doesn't handle array constants
SimpleXML
Using global var doesn't work while accessing SimpleXML element
SNMP
php_snmp_parse_oid integer overflow in memory allocation
SPL
GlobIterator throws LogicException
SplFileObject::getCsvControl does not return the escape character
AppendIterator segfault with closed generator
SQLite3
Spurious warning when exception is thrown in user defined function
SQLite3::bindValue, SQLite3::bindParam crash
Standard
array_walk + array_replace_recursive create references from nothing
base64_decode $strict fails to detect null byte
base64_decode skips a character after padding in strict mode
base64_decode $strict fails with whitespace between padding
CSV fields incorrectly split if escape char followed by UTF chars
Streams
Problems with the ftps wrapper
opendir() does not work with ftps:// wrapper
opendir() with ftp:// attempts to open data stream for non-existent directories
ftps:// wrapper is vulnerable to protocol downgrade attack
XMLRPC
xmlrpc_encode() unexpected output after referencing array elements
Wddx
boolean always deserialized as "true"
WDDX Packet Injection Vulnerability in wddx_serialize_value()
wddx_deserialize allows illegal memory access
wddx_deserialize null dereference
wddx_deserialize null dereference with invalid xml
wddx_deserialize null dereference in php_wddx_pop_element
Zip
NULL Pointer dereference in zend_virtual_cwd
Implementierung FR
Core
Support "nmake test" on building extensions by phpize
SQLite3
SQLite should allow opening with empty filename
Neuerung
SQLite3
Updated to SQLite3 3.13.0

Changelog Quelle php.net

Anzeige