Hi all,
This PR disables recursive session save handler function calls (any
multiple/invalid session save handler function calls)
https://github.com/php/php-src/pull/2196
This patch disables many kinds of save handler function abuses and
user script bugs. We have/had many bugs related to this pat
2016-11-10 0:43 GMT+01:00 Anatol Belski :
> At this point, what were our course of action? Seems there might be multiple
> tasks
>
> - granting the willing devs security karma
> - setting up a private CI
> - organizing a security team
>
> It probably would make sense, to make some plan on what is
Hi,
I decided to be bold and do this. The RFC template and howto pages now
mention having a language specification patch.
It's probably a bit weak, though. Perhaps I should've added a new
section to the template for it.
Anyway, I hope this improves the situation. :)
--
Andrea Faulds
https
Hi,
> -Original Message-
> From: jakub@gmail.com [mailto:jakub@gmail.com] On Behalf Of Jakub
> Zelenka
> Sent: Wednesday, November 2, 2016 8:36 PM
> To: Stanislav Malyshev
> Cc: PHP Internals ; Remi Collet
>
> Subject: Re: [PHP-DEV] bug classification discussion
>
> Hi,
>
> On
Hi,
> -Original Message-
> From: Stanislav Malyshev [mailto:smalys...@gmail.com]
> Sent: Saturday, November 5, 2016 8:13 PM
> To: Matteo Beccati ; PHP Internals
>
> Subject: Re: [PHP-DEV] Security issue handling
>
> Hi!
>
> > On 24/10/2016 07:16, Stanislav Malyshev wrote:
> >> c. Get so
Hi Andrea
2016-11-09 22:43 GMT+01:00 Andrea Faulds :
> Hi everyone,
>
> If I edited the RFC template to mention having a language specification
> patch, would anyone object?
+1, I was thinking about something similar the other day while looking
over bug reports for the langspec.
--
regards,
Ka
Hi,
Fleshgrinder wrote:
That change would actually be brutally easy since we only need to change
the `%nonassoc` to `%left` and we are done.
Not quite. We'd still need to parse and compile these expressions
correctly. If we just add associativity, then we end up with Java's
behaviour.
--
A
Hi everyone,
If I edited the RFC template to mention having a language specification
patch, would anyone object?
Thanks!
--
Andrea Faulds
https://ajf.me/
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
On 09.11.2016 at 17:28, Joe Watkins wrote:
> I want to explain why I voted no on this:
>
> I think it's significantly less useful without variance, variance is
> something that is usually difficult to achieve in PHP, but not for this
> feature in particular.
Can you please elaborate what
On 09.11.2016 at 21:53, Christoph M. Becker wrote:
> On 09.11.2016 at 17:28, Joe Watkins wrote:
>
>> I want to explain why I voted no on this:
>>
>> I think it's significantly less useful without variance, variance is
>> something that is usually difficult to achieve in PHP, but not for t
نمي دانم تا به حال با کسي رفيق بوده ايد يا نه، اما طبيعي است که هر کسي در طول
زندگي با افراد زيادي ارتباط برقرار مي کند; خواه اين ارتباط قوي و صميمي باشد،
خواه ضعيف و در حد يک سلام و احوال پرسي. جالب است و شايد هم باور کردنش سخت باشد،
اما واقعيت دارد و آن اين که هيچ کسي نيست که به شهداء سلام بده
On 11/8/2016 10:57 PM, David Walker wrote:
> I don't think that alone allows the chaining of comparisons. I'd have to
> look closer, but it'd seem to me that zend_ast_create_binary_op
> (ZEND_AST_BINARY_OP) evaluation might need to be amended as well. Seems it
> eventually calls a `op(zval*,zval*
Hi Joe,
If that's gonna improve feature I'll be happy to patch and then restart
voting.
I hope it's gonna satisfy more voters :)
I'll put RFC: On hold, then apply patch, draft some info in RFC and then
set up new voting.
Cheers,
2016-11-09 17:28 GMT+01:00 Joe Watkins :
> Morning Internals,
>
On Wed, 9 Nov 2016, Nikita Popov wrote:
> On Wed, Nov 9, 2016 at 4:09 PM, Derick Rethans wrote:
>
> > On Wed, 9 Nov 2016, Christoph M. Becker wrote:
> >
> > > On 09.11.2016 at 15:21, Derick Rethans wrote:
> >
> >
> >
> > > > And running it with "valgrind php -n index.php", produces:
> > > >
> >
Morning Internals,
I want to explain why I voted no on this:
I think it's significantly less useful without variance, variance is
something that is usually difficult to achieve in PHP, but not for this
feature in particular.
I absolutely want it, but I want it to be properly useful.
On Wed, Nov 9, 2016 at 4:09 PM, Derick Rethans wrote:
> On Wed, 9 Nov 2016, Christoph M. Becker wrote:
>
> > On 09.11.2016 at 15:21, Derick Rethans wrote:
>
>
>
> > > And running it with "valgrind php -n index.php", produces:
> > >
> > > root@debian-8-64bit:/home/derick/xdebug-issue-1185# va
Stephen Zarkos in php.internals (Wed, 9 Nov 2016 14:44:17 +):
>FYI - the Windows builds for 7.1.0RC6 are uploaded.
This confirms, what I already noticed myself. There has been a change in
the Windows build process: the *.pdb files of the dependencies are added
to the debug pack now. I do not m
Results for project PHP master, build date 2016-11-09 06:26:03+02:00
commit: 328ebff
previous commit:47d044b
revision date: 2016-11-09 02:19:23+01:00
environment:Haswell-EP
cpu:Intel(R) Xeon(R) CPU E5-2699 v3 @ 2.30GHz 2x18 cores,
stepping 2, LLC 45 MB
On Wed, 9 Nov 2016, Christoph M. Becker wrote:
> On 09.11.2016 at 15:21, Derick Rethans wrote:
> > And running it with "valgrind php -n index.php", produces:
> >
> > root@debian-8-64bit:/home/derick/xdebug-issue-1185# valgrind php -n
> > index.php
> > ==760== Memcheck, a memory error
Hi Derick!
On 09.11.2016 at 15:21, Derick Rethans wrote:
> Hi!
>
> Through https://bugs.xdebug.org/view.php?id=1185 I ran into a bug in PHP
> proper. Apparently, this script:
>
>
> class A {
> static private $a;
>
> static public function init() {
>
Hi,
FYI - the Windows builds for 7.1.0RC6 are uploaded.
Thanks!
Steve
From: Joe Watkins [mailto:pthre...@pthreads.org]
Sent: Wednesday, November 9, 2016 7:41 AM
To: Anatol Belski
Cc: Davey Shafik ; Stephen Zarkos
; Remi Collet ; Julien Pauli
; Stas Malyshev ; PHP internals
Subject: Re: [PH
Hi!
Through https://bugs.xdebug.org/view.php?id=1185 I ran into a bug in PHP
proper. Apparently, this script:
https://derickrethans.nl | https://xdebug.org | https://dram.io
Like Xdebug? Consider a donation: https://xdebug.org/donate.php
twitter: @derickr and @xdebug
--
PHP Internals -
Morning Anatol,
Damn it ... will fix in the dev branch.
Cheers
Joe
On Wed, Nov 9, 2016 at 10:27 AM, Anatol Belski
wrote:
> Hi Joe,
>
> > -Original Message-
> > From: Joe Watkins [mailto:pthre...@pthreads.org]
> > Sent: Wednesday, November 9, 2016 4:42 AM
> > To: Davey Shafik ; Anat
Hi Joe,
> -Original Message-
> From: Joe Watkins [mailto:pthre...@pthreads.org]
> Sent: Wednesday, November 9, 2016 4:42 AM
> To: Davey Shafik ; Anatol Belski ;
> Stephen Zarkos ; Remi Collet
> ; Julien Pauli ; Stas Malyshev
> ; PHP internals
> Subject: [PHP-DEV] PHP-7.1.0RC6
>
> Morning
24 matches
Mail list logo
