Hi Sara, > -----Original Message----- > From: Anatol Belski [mailto:weltl...@outlook.de] On Behalf Of Anatol Belski > Sent: Saturday, April 22, 2017 12:41 PM > To: Sara Golemon <poll...@php.net>; PHP internals <internals@lists.php.net> > Subject: RE: [PHP-DEV] On malformed transport strings > > > > > I'm inclined to revert to prior "ignore garbage" behavior on the 7.0 > > and 7.1 branches to avoid BC break trauma (though I do think raising a > > warning is advised). What's uncertain in my mind is whether or not we > > take a hard line on "Use the API as documented" for 7.2 or if some > > other middle ground is appropriate. Particularly given the use case > > of named persistent transports. The right way to do that would be to > > have a new API for named transports, possibly just as a context option. > > > I'd be suggesting this as well. Either we could make this part only backward > compatible, as suggested in your follow up patch, or one could check whether a > solution were possible to fix the initial fsockopen() issue without affecting > the ip > parsing parts globally. Depends probably on how sensible the work amount > would be. Please be aware, that an action should be taken next days before > Tuesday, so then we can ask for tests on the RCs. And otherwise, an official > way > closing the actual undocumented gap could be suggested for 7.2. > I've applied the patch you've suggested in bug #74429, so it's going to be included in RCs. Given the initial security issue is not impacted, BC can be kept.
Thanks Anatol
