* PHP-7.2:
Add DISPLAY_INI_ENTRIES for imap
Disable rsh/ssh functionality in imap by default (bug #77153)
Disable rsh/ssh functionality in imap by default (bug #77153)
* PHP-7.1:
Add DISPLAY_INI_ENTRIES for imap
Disable rsh/ssh functionality in imap by default (bug #77153)
Disable rsh/ssh functionality in imap by default (bug #77153)
* PHP-7.0:
Add DISPLAY_INI_ENTRIES for imap
Disable rsh/ssh functionality in imap by default (bug #77153)
Disable rsh/ssh functionality in imap by default (bug #77153)
Remove invalid assertion: A block can have multiple switch frees,
so if we don't do live range block splitting, it is not necessarily
true that the free is located at the start of a block.
We apply the upstream patch[1], and also fix the erroneous bailout at
the end of `gdImageAutoCrop()`, since `crop.x` and `crop.y` may very
well be zero.
[1] <bda85aaeeb>
The broken JPEG image triggers a notice, two warnings and outputs a
message to stderr directly. The additional notice is pretty useless,
and the direct output to stderr is bad. Therefore, we port the
relevant differences from upstream to our bundled libgd. This leaves
us with two warnings; the first one is triggered by libjpeg and shows
the actual problem, the second one is triggered by our libgd wrapper
whenever an image can't be read, what may not have necessarily
triggered a warning before.
Firstly, we avoid returning NULL from the get_property handler, but
instead return an empty HashTable, which already prevents the crashes.
Secondly, since (de-)serialization obviously makes no sense for COM,
DOTNET and VARIANT objects (at least with the current implementation),
we prohibit it right away.
The change reduces the input size on patterns using posix character
classes. It is still better than reverting to the patterns from the
older version, as the upstream data uses posix classes also in the later
versions. The input reduction speeds up the pattern matching in some
cases.
This patch is functionally almost same as upstream, but might show some diff
when the input is very long. While the magic data in the newer versions is
functionally an improvement, with jit=0 it might show a performance regression.
The slowdown is negligible in the normal usage and is still acceptable for the
malicious input. If some functional regressions show up, this patch should be
reverted and the tests timing should be adapted instead.
If the `ICONV_MIME_DECODE_CONTINUE_ON_ERROR` flag is set, parsing
should not fail, if there are illegal characters in the headers;
instead we silently ignore these like before.