pajoye Thu, 18 Nov 2010 17:09:27 +0000
Revision: http://svn.php.net/viewvc?view=revision&revision=305510
Log:
- path with null entries
Changed paths:
U php/php-src/branches/PHP_5_3/NEWS
U php/php-src/branches/PHP_5_3/UPGRADING
Modified: php/php-src/branches/PHP_5_3/NEWS
===================================================================
--- php/php-src/branches/PHP_5_3/NEWS 2010-11-18 16:16:26 UTC (rev 305509)
+++ php/php-src/branches/PHP_5_3/NEWS 2010-11-18 17:09:27 UTC (rev 305510)
@@ -33,6 +33,7 @@
- Added a 3rd parameter to get_html_translation_table. It now takes a charset
hint, like htmlentities et al. (Gustavo)
+- Path with NULL in them (foo\obar.txt) are now considered as invalid. (Rasmus)
- Fixed a possible double free in imap extension (Identified by Mateusz
Kocielski). (CVE-2010-4150). (Ilia)
- Fixed NULL pointer dereference in ZipArchive::getArchiveComment.
Modified: php/php-src/branches/PHP_5_3/UPGRADING
===================================================================
--- php/php-src/branches/PHP_5_3/UPGRADING 2010-11-18 16:16:26 UTC (rev
305509)
+++ php/php-src/branches/PHP_5_3/UPGRADING 2010-11-18 17:09:27 UTC (rev
305510)
@@ -40,6 +40,9 @@
2. Changes made to existing functions
=====================================
+- Paths containing NULL (like /some/path\0foo.txt) are now considered invalid.
+ See http://news.php.net/php.internals/50191
+
- The HTTP stream wrapper now considers all status codes from 200 to 399 to be
successful.
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
