ます’s Blog - どうでもいい記事100選

どうでもいい記事100選

5.5.2 & 4.4.7 ready!

されたようで()。RCの修正情報まで消すのはどうかと思うんだけどなぁ。
5.5.1から5.5.2までの修正状況は以下の通り。
このは強行された模様。他にも、こういう事もありました()。
「I believe」って。。。っていうか、cvsのMLでやりとりするのは本当に勘弁。

--- NEWS	2007/02/07 00:45:04	1.2027.2.547.2.522
+++ NEWS	2007/05/02 23:05:13	1.2027.2.547.2.674
@@ -1,5 +1,230 @@
 PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
+03 May 2007, PHP 5.2.2
+- Improved bundled GD
+  . Sync to 2.0.35
+  . Added imagegrabwindow and imagegrabscreen, capture a screen or a 
+	window using its handle (Pierre)
+  . colors allocated henceforth from the resulting image overwrite the palette 
+	  colors (Rob Leslie)
+  . Improved thread safety of the gif support (Roman Nemecek, Nuno, Pierre)
+	. Use the dimension of the GIF frame to create the destination image (Pierre)
+	. Load only once the local color map from a GIF data (Pierre)
+  . Improved thread safety of the freetype cache (Scott MacVicar, Nuno, Pierre)
+	. imagearc huge CPU usage with large angles, libgd bug #74 (Pierre)
+- Improved FastCGI SAPI to support external pipe and socket servers on win32.
+  (Dmitry)
+- Improved Zend Memory Manager
+  . guarantee of reasonable time for worst cases of best-fit free block
+    searching algorithm. (Dmitry)
+  . better cache usage and less fragmentation on erealloc() (Tony, Dmitry)
+- Improved SPL (Marcus)
+  . Added SplFileInfo::getBasename(), DirectoryIterator::getBasename().
+  . Added SplFileInfo::getLinkTarget(), SplFileInfo::getRealPath().
+  . Made RecursiveFilterIterator::accept() abstract as stated in documentation.
+- Improved SOAP
+  . Added ability to encode arrays with "SOAP-ENC:Array" type instead of WSDL
+    type. To activate the ability use "feature"=>SOAP_USE_XSI_ARRAY_TYPE
+    option in SoapClient/SoapServer constructors. (Rob, Dmitry)
+
+- Added GMP_VERSION constant. (Tony)
+- Added --ri switch to CLI which allows to check extension information. (Marcus)
+- Added tidyNode::getParent() method (John, Nuno)
+- Added openbasedir and safemode checks in zip:// stream wrapper and 
+  ZipArchive::open (Pierre)
+- Added php_pdo_sqlite_external.dll, a version of the PDO SQLite driver that
+  links against an external sqlite3.dll.  This provides Windows users to upgrade
+  their sqlite3 version outside of the PHP release cycle.  (Wez, Edin)
+- Added linenumbers to array returned by token_get_all(). (Johannes)
+
+- Upgraded SQLite 3 to version 3.3.16 (Ilia)
+- Upgraded libraries bundled in the Windows distribution. (Edin)
+  . c-client (imap) to version 2006e
+  . libpq (PostgreSQL) to version 8.2.3
+  . libmysql (MySQL) to version 5.0.37
+  . openssl to version 0.9.8e
+- Upgraded PCRE to version 7.0 (Nuno)
+
+- Updated timezone database to version 2007.5. (Derick)
+
+- Fixed commandline handling for CLI and CGI. (Marcus, Johannes)
+- Fixed iterator_apply() with a callback using __call(). (Johannes)
+- Fixed possible multi bytes issues in openssl csr parser (Pierre)
+- Fixed shmop_open() with IPC_CREAT|IPC_EXCL flags on Windows. 
+  (Vladimir Kamaev, Tony).
+- Fixed possible leak in ZipArchive::extractTo when safemode checks fails (Ilia)
+- Fixed possible relative path issues in zip_open and TS mode (old API) (Pierre)
+- Fixed zend_llist_remove_tail (Michael Wallner, Dmitry)
+- Fixed a thread safety issue in gd gif read code (Nuno, Roman Nemecek)
+- Fixed CVE-2007-1001, GD wbmp used with invalid image size (Pierre)
+- Fixed unallocated memory access/double free in in array_user_key_compare() 
+  (MOPB-24 by Stefan Esser) (Stas)
+- Fixed wrong length calculation in unserialize S type
+  (MOPB-29 by Stefan Esser) (Stas)
+
+- Fixed bug #41215 (setAttribute return code reversed). (Ilia)
+- Fixed bug #41192 (Per Directory Values only work for one key). (Dmitry)
+- Fixed bug #41175 (addAttribute() fails to add an attribute with an empty
+  value). (Ilia)
+- Fixed bug #41159 (mysql_pconnect() hash does not account for connect
+  flags). (Ilia)
+- Fixed bug #41121 (range() overflow handling for large numbers on 32bit
+  machines). (Ilia)
+- Fixed bug #41118 (PHP does not handle overflow of octal integers). (Tony)
+- Fixed bug #41109 (recursiveiterator.inc says "implements" Iterator instead of
+  "extends"). (Marcus)
+- Fixed bug #40130 (TTF usage doesn't work properly under Netware). (Scott,
+  gk at gknw dot de)
+- Fixed bug #41093 (magic_quotes_gpc ignores first arrays keys). (Arpad, Ilia)
+- Fixed bug #41075 (memleak when creating default object caused exception). 
+  (Dmitry)
+- Fixed bug #41067 (json_encode() problem with UTF-16 input). (jp at df5ea
+  dot net. Ilia)
+- Fixed bug #41063 (chdir doesn't like root paths). (Dmitry)
+- Fixed bug #41061 ("visibility error" in ReflectionFunction::export()).
+  (Johannes)
+- Fixed bug #41043 (pdo_oci crash when freeing error text with persistent 
+  connection). (Tony)
+- Fixed bug #41037 (unregister_tick_function() inside the tick function crash PHP).
+  (Tony)
+- Fixed bug #41034 (json_encode() ignores null byte started keys in arrays).
+  (Ilia)
+- Fixed bug #41026 (segfault when calling "self::method()" in shutdown functions).
+  (Tony)
+- Fixed bug #40999 (mcrypt_create_iv() not using random seed). (Ilia)
+- Fixed bug #40998 (long session array keys are truncated). (Tony)
+- Implement feature request #40947, allow a single filter as argument 
+  for filter_var_array (Pierre)
+- Fixed bug #40935 (pdo_mysql does not raise an exception on empty
+  fetchAll()). (Ilia)
+- Fixed bug #40931 (open_basedir bypass via symlink and move_uploaded_file()). 
+  (Tony)
+- Fixed bug #40921 (php_default_post_reader crashes when post_max_size is
+  exceeded). (trickie at gmail dot com, Ilia)
+- Fixed bug #40915 (addcslashes unexpected behavior with binary input). (Tony)
+- Fixed bug #40899 (memory leak when nesting list()). (Dmitry)
+- Fixed bug #40897 (error_log file not locked). (Ilia)
+- Fixed bug #40883 (mysql_query() is allocating memory incorrectly). (Tony)
+- Fixed bug #40872 (inconsistency in offsetSet, offsetExists treatment of 
+  string enclosed integers). (Marcus)
+- Fixed bug #40861 (strtotime() doesn't handle double negative relative time
+  units correctly). (Derick, Ilia)
+- Fixed bug #40854 (imap_mail_compose() creates an invalid terminator for 
+  multipart e-mails). (Ilia)
+- Fixed bug #40848 (sorting issue on 64-bit Solaris). (Wez)
+- Fixed bug #40836 (Segfault in ext/dom). (Rob)
+- Fixed bug #40833 (Crash when using unset() on an ArrayAccess object retrieved
+  via __get()). (Dmitry)
+- Fixed bug #40822 (pdo_mysql does not return rowCount() on select). (Ilia)
+- Fixed bug #40815 (using strings like "class::func" and static methods in 
+  set_exception_handler() might result in crash). (Tony)
+- Fixed bug #40809 (Poor performance of ".="). (Dmitry)
+- Fixed bug #40805 (Failure executing function ibase_execute()). (Tony)
+- Fixed bug #40800 (cannot disable memory_limit with -1). (Dmitry, Tony)
+- Fixed bug #40794 (ReflectionObject::getValues() may crash when used with 
+  dynamic properties). (Tony)
+- Fixed bug #40784 (Case sensitivity in constructor's fallback). (Tony)
+- Fixed bug #40770 (Apache child exits when PHP memory limit reached). (Dmitry)
+- Fixed bug #40764 (line thickness not respected for horizontal and vertical 
+  lines). (Pierre)
+- Fixed bug #40758 (Test fcgi_is_fastcgi() is wrong on windows). (Dmitry)
+- Fixed bug #40754 (added substr() & substr_replace() overflow checks). (Ilia)
+- Fixed bug #40752 (parse_ini_file() segfaults when a scalar setting is 
+  redeclared as an array). (Tony)
+- Fixed bug #40750 (openssl stream wrapper ignores default_stream_timeout). 
+  (Tony)
+- Fixed bug #40727 (segfault in PDO when failed to bind parameters). (Tony)
+- Fixed bug #40709 (array_reduce() behaves strange with one item stored arrays).
+  (Ilia)
+- Fixed bug #40703 (Resolved a possible namespace conflict between libxmlrpc
+  and MySQL's NDB table handler). (Ilia)
+- Fixed bug #40961 (Incorrect results of DateTime equality check). (Mike)
+- Fixed bug #40678 (Cross compilation fails). (Tony)
+- Fixed bug #40621 (Crash when constructor called inappropriately). (Tony)
+- Fixed bug #40609 (Segfaults when using more than one SoapVar in a request).
+  (Rob, Dmitry)
+- Fixed bug #40606 (umask is not being restored when request is finished). 
+  (Tony)
+- Fixed bug #40598 (libxml segfault). (Rob)
+- Fixed bug #40591 (list()="string"; gives invalid opcode). (Dmitry)
+- Fixed bug #40578 (imagettftext() multithreading issue). (Tony, Pierre)
+- Fixed bug #40576 (double values are truncated to 6 decimal digits when 
+  encoding). (Tony)
+- Fixed bug #40560 (DIR functions do not work on root UNC path). (Dmitry)
+- Fixed bug #40548 (SplFileInfo::getOwner/getGroup give a warning on broken
+  symlink). (Marcus)
+- Fixed bug #40546 (SplFileInfo::getPathInfo() throws an exception if directory
+  is in root dir). (Marcus)
+- Fixed bug #40545 (multithreading issue in zend_strtod()). (Tony)
+- Fixed bug #40503 (json_encode() value corruption on 32bit systems with 
+  overflown values). (Ilia)
+- Fixed bug #40467 (Partial SOAP request sent when XSD sequence or choice
+  include minOccurs=0). (Dmitry) 
+- Fixed bug #40465 (Ensure that all PHP elements are printed by var_dump).
+  (wharmby at uk dot ibm dot com, Ilia)
+- Fixed bug #40464 (session.save_path wont use default-value when safe_mode
+  or open_basedir is enabled). (Ilia)
+- Fixed bug #40455 (proc_open() uses wrong command line when safe_mode_exec_dir 
+  is set). (Tony)
+- Fixed bug #40432 (strip_tags() fails with greater than in attribute). (Ilia)
+- Fixed bug #40431 (dynamic properties may cause crash in ReflectionProperty 
+  methods). (Tony)
+- Fixed bug #40451 (addAttribute() may crash when used with non-existent child 
+  node). (Tony)
+- Fixed bug #40442 (ArrayObject::offsetExists broke in 5.2.1, works in 5.2.0).
+  (olivier at elma dot fr, Marcus)
+- Fixed bug #40428 (imagepstext() doesn't accept optional parameter). (Pierre)
+- Fixed bug #40417 (Allow multiple instances of the same named PDO token in
+  prepared statement emulation code). (Ilia)
+- Fixed bug #40414 (possible endless fork() loop when running fastcgi).
+  (Dmitry)
+- Fixed bug #40410 (ext/posix does not compile on MacOS 10.3.9). (Tony)
+- Fixed bug #40392 (memory leaks in PHP milter SAPI). 
+  (tuxracer69 at gmail dot com, Tony)
+- Fixed bug #40371 (pg_client_encoding() not working on Windows). (Edin)
+- Fixed bug #40352 (FCGI_WEB_SERVER_ADDRS function get lost). (Dmitry)
+- Fixed bug #40290 (strtotime() returns unexpected result with particular
+  timezone offset). (Derick)
+- Fixed bug #40286 (PHP fastcgi with PHP_FCGI_CHILDREN don't kill children when
+  parent is killed). (Dmitry)
+- Fixed bug #40261 (Extremely slow data handling due to memory fragmentation).
+  (Dmitry)
+- Fixed bug #40236 (php -a function allocation eats memory). (Dmitry)
+- Fixed bug #40109 (iptcembed fails on non-jfif jpegs). (Tony)
+- Fixed bug #39965 (Latitude and longitude are backwards in date_sun_info()).
+  (Derick)
+- Implement #39867 (openssl PKCS#12 support) (Marc Delling, Pierre)
+- Fixed bug #39836 (SplObjectStorage empty after unserialize). (Marcus)
+- Fixed bug #39416 (Milliseconds in date()). (Derick)
+- Fixed bug #39396 (stream_set_blocking crashes on Win32). (Ilia, maurice at
+  iceblog dot de)
+- Fixed bug #39351 (relative include fails on Solaris). (Dmitry, Tony)
+- Fixed bug #39322 (proc_terminate() destroys process resource). (Nuno)
+- Fixed bug #38406 (crash when assigning objects to SimpleXML attributes). (Tony)
+- Fixed bug #37799 (ftp_ssl_connect() falls back to non-ssl connection). (Nuno)
+- Fixed bug #36496 (SSL support in imap_open() not working on Windows). (Edin)
+- Fixed bug #36226 (Inconsistent handling when passing nillable arrays).
+  (Dmitry)
+- Fixed bug #35872 (Avoid crash caused by object store being referenced during 
+  RSHUTDOWN). (Andy) 
+- Fixed bug #34794 (proc_close() hangs when used with two processes).
+  (jdolecek at netbsd dot org, Nuno)
+- Fixed PECL bug #10194 (crash in Oracle client when memory limit reached in 
+  the callback). (Tony)
+- Limit nesting level of input variables with max_input_nesting_level 
+  as fix for MOPB-03-2007 (Stas)
+- Fixed substr_compare and substr_count information leak (MOPB-14) (Stas, Ilia)
+- Fixed crash on op-assign where argument is string offset (Brian, Stas)
+- Fixed bug #38710 (data leakage because of nonexisting boundary checking in 
+  statements in mysqli) (Stas)
+- Fixed bug #37386 (autocreating element doesn't assign value to first node).
+  (Rob)
+- Fixed bug #37013 (server hangs when returning circular object references).
+  (Dmitry)
+- Fixed bug #33664 Console window appears when using exec() 
+  (Richard Quadling, Stas)
+
+
 08 Feb 2007, PHP 5.2.1
 - Added read-timeout context option "timeout" for HTTP streams. (Hannes, Ilia). 
 - Added CURLOPT_TCP_NODELAY constant to Curl extension. (Sara)
@@ -103,7 +328,7 @@
   missing). (Tony)
 - Fixed bug #40285 (The PDO prepare parser goes into an infinite loop in
   some instances). (Ilia)
-- Fixed Bug #40274 (Sessions fail with numeric root keys). (Ilia)
+- Fixed bug #40274 (Sessions fail with numeric root keys). (Ilia)
 - Fixed bug #40259 (ob_start call many times - memory error). (Dmitry)
 - Fixed bug #40231 (file_exists incorrectly reports false). (Dmitry)
 - Fixed bug #40228 (ZipArchive::extractTo does create empty directories 
@@ -2459,4 +2684,3 @@
 - Fixed bug #28694 (ReflectionExtension::getFunctions() crashes PHP). (Marcus)
 - Fixed bug #28512 (Allocate enough space to store MSSQL data). (Frank)
 - Fixed strip_tags() to correctly handle '\0' characters. (Stefan)
-

4.4.6から4.4.7までの修正状況は以下の通り。
4.4.7はthe Month of PHP Bugsに対する成果の一部が取り込まれていないので注意が必要(今後も取り込まれる事は無さそうだ。。。トホホ)。

--- NEWS	2007/02/28 18:24:08	1.1247.2.920.2.201
+++ NEWS	2007/05/03 13:49:17	1.1247.2.920.2.225
@@ -1,7 +1,35 @@
 PHP 4                                                                      NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
-28 Feb 2007, Version 4.4.6
+04 May 2007, Version 4.4.7
+- Fixed MOPB-33-2007 (PHP mail() Message ASCIIZ Byte Truncation). (Ilia)
+- Fixed MOPB-32-2007 (Double free inside session_decode()). (Ilia)
+- Fixed MOPB-26-2007 (mb_parse_str() can be used to activate
+  register_globals). (Ilia)
+- Fixed MOPB-24-2007 (Fixed unallocated memory access/double free in in
+  array_user_key_compare()).  (Stas)
+- Fixed MOPB-22-2007 (PHP session_regenerate_id() Double Free Vulnerability).
+  (Ilia)
+- Fixed MOPB-21-2007 (An open_basedir/safe_mode bypass inside the
+  compress.bzip2 wraper). (Ilia)
+- Fixed MOPB-8-2007 (XSS in phpinfo()). (Joe Orton, Stas)
+- Fixed CVE-2007-1001 (GD wbmp used with invalid image size). (Pierre)
+- Fixed CVE-2007-0455 (Buffer overflow in gdImageStringFTEx, used by imagettf
+  function). (Kees Cook, Pierre)
+- Fixed bug #41252 (Calling mcrypt_generic without first calling
+  mcrypt_generic_init crashes). (Derick)
+- Fixed bug #40998 (long session array keys are truncated). (Tony)
+- Fixed bug #40915 (addcslashes unexpected behavior with binary input). (Tony)
+- Fixed bug #40831 (cURL extension doesn't clean up the buffer of reused
+  handle). (Tony)
+- Fixed bug #40747 (possible crash in session when save_path is out of 
+  open_basedir). (Tony)
+- Fixed bug #38236 (Binary data gets corrupted on multipart/formdata POST)
+  (patch by ass3mbler@gmail.com)
+- Fixed huge CPU usage in imagearc when used with large angles (libgd bug #74).
+  (Pierre)
+- Fixed CRLF injection inside ftp_putcmd(). (Ilia)
 
+28 Feb 2007, Version 4.4.6
 - Updated PCRE to version 7.0. (Nuno)
 - Fixed segfault in ext/session when register_globals=On. (Tony)
 - Fixed bug #40635 (segfault in cURL extension). (Tony)

頻繁にテストされていなかったような気もするし、個人的には微妙なリリース。