Sie sind hier: PHP-Versionen > PHP 7 > PHP 7.0

PHP 7.0.12 wurde am 13.10.2016 herausgebracht. Im folgenden erhalten Sie einen kurzen Überblick welche Änderungen in diesem Patch enthalten waren. Bei Interesse kann auch das ausführliche Änderungsprotokoll eingesehen werden.

Fehlerbehebung
Core
Heap Buffer Overflow in virtual_popen of zend_virtual_cwd.c
Out of bounds global memory read in BF_crypt triggered by password_verify
crypt broken when salt is 'too' long
Invalid free in extension trait
segfault on undefined function
PHP hangs if error handler throws while accessing undef const in default value
parse error: Invalid numeric literal
Write out of bounds at number_format
Use After Free in PHP7 unserialize()
Memcpy negative size parameter php_resolve_path
BCmath
memcpy negative parameter _bc_new_num_ex
COM
Cannot pass parameter 1 by reference
Date
Unserializing DateInterval object may lead to __toString invocation
DOM
missing NULL check in dom_document_save_html
Filter
Bad filter for the flags FILTER_FLAG_NO_RES_RANGE and FILTER_FLAG_NO_PRIV_RANGE
default option ignored when object passed to int filter
GD
imagetruecolortopalette: white is duplicated in palette
imagettftext broken on transparent background w/o alphablending
Integer Overflow in gdImageWebpCtx of gd_webp.c
imagettfbbox gives incorrect values for bounding box
imagegd2() ignores 3rd param if 4 are given
imagegd2() writes wrong chunk sizes on boundaries
imagegd2(): unrecognized formats may result in corrupted files
imagecreatefromgd2() may leak memory
Intl
add mitigation for ICU int overflow
Mbstring
mb_substr only takes 32-bit signed integer
mb_convert_variables() cannot detect recursion
mbstring.internal_encoding doesn't inherit default_charset
Mysqlnd
PHP Crashes When Modifying Array Containing MySQLi Result Data
Opcache
Memory leak in zend_accel_blacklist_update_regexp() function
OpenSSL
Invalid path SNI_server_certs causes segfault
crash in openssl_random_pseudo_bytes function
crash in openssl_encrypt function
PCRE
Bundled PCRE doesn't compile because JIT isn't supported on s390
heap overflow in php_pcre_replace_impl
PDO_DBlib
Never quote values as raw binary data
PDOStatement::nextRowset() should succeed when all rows in current rowset haven't been fetched
phpdbg
phpdbg_prompt.c undefined reference to DL_LOAD
next command not stopping when leaving function
Session
Session does not report invalid uid for files save handler
session_destroy null dereference in ps_files_path_create
SimpleXML
NULL pointer dereference in SimpleXMLElement::asXML()
SOAP
Soap Server Member variables reference bug
Using references in arrays doesn't work like expected
SPL
SplObjectStorage unserialize allows use of non-object as key
Zip
Depacking with wrong password leaves 0 length files
Neuerung
PDO_DBlib
Allow PDO::setAttribute() to set query timeouts
Handle SQLDECIMAL/SQLNUMERIC types, which are used by later TDS versions
Add common PDO test suite
Free error and message strings when cleaning up PDO instances
Ignore potentially misleading dberr values
SQLite3
Updated bundled SQLite3 to 3.14.2

Changelog Quelle php.net

Anzeige