Sie sind hier: PHP-Versionen > PHP 7 > PHP 7.0

PHP 7.0.9 wurde am 21.07.2016 herausgebracht. Im folgenden erhalten Sie einen kurzen Überblick welche Änderungen in diesem Patch enthalten waren. Bei Interesse kann auch das ausführliche Änderungsprotokoll eingesehen werden.

Fehlerbehebung
Core
strange references after recursive function call and "switch" statement
Stack-based buffer overflow vulnerability in virtual_file_ex
HTTP_PROXY is improperly trusted by some PHP libraries and applications
bz2
Inadequate error handling in bzread()
CLI
SCRIPT_FILENAME shows wrong path if the user specify router.php
COM
variant_date_from_timestamp null dereference
Curl
size_t overflow lead to heap corruption
Date
DateTime::createFromFormat 'U' with pre 1970 dates fails parsing
Exif
Out of bound read in exif_process_IFD_in_MAKERNOTE
NULL Pointer Dereference in exif_process_user_comment
GD
Thick styled lines have scrambled patterns
XBM images require width to be multiple of 8
imagefilledpolygon doesn't draw horizontal line
gdImageTrueColorToPaletteBody allows arbitrary write/read access
imagegif/output out-of-bounds access
Integer overflow error within _gdContributionsAlloc()
Ilegal write/read access caused by gdImageAALine overflow
imagecropauto out-of-bounds access
Intl
locale_accept_from_http out-of-bounds access
Mbstring
mb_ereg_replace - mbc_to_code (oniguruma) - oob read access
Use-After-Free in MBString (search_re)
mcrypt
Incorrect casting from size_t to int lead to heap overflow in mdecrypt_generic
PDO_pgsql
Segmentation fault when binding parameters on a query without placeholders
PCRE
Memleak in jit_stack
mail fails with invalid argument
Readline
readline_redisplay crashes php
Standard
readfile() mangles files larger than 2G
Heap overflow through proc_open and $env parameter
Session
ps_files_cleanup_dir Buffer overflow
Use After Free in unserialize() with Unexpected Session Deserialization
SNMP
Use After Free Vulnerability in SNMP with GC and unserialize()
Streams
Stream socket with remote address leads to a segmentation fault
XMLRPC
heap-buffer-overflow (write) simplestring_addn simplestring.c
Zip
Stack-based buffer overflow vulnerability in php_stream_zip_opener

Changelog Quelle php.net

Anzeige