PHP Version 7.1.0 Published

目标及关键路径

  • 提升性能
    • New SSA based optimization framework (embedded into opcache)
    • Global optimization of PHP bytecode based on type inference
    • Highly specialized VM opcode handlers

从 PHP 7.0.x 移植到 PHP 7.1.x

这里可以找到原文

不向后兼容的变更

  • 当传递参数过少时将抛出错误

  • Dynamic calls for certain functions have been forbidden (in the form of $func() or array_map('extract', ...), etc). These functions either inspect or modify another scope, and present with them ambiguous and unreliable behavior. The functions are as follows:

  • The following names cannot be used to name classes, interfaces, or traits:

  • Integer operations and conversions on numerical strings now respect scientific notation. This also includes the (int) cast operation, and the following functions: intval() (where the base is 10), settype(), decbin(), decoct(), and dechex().

  • mt_rand() will now default to using the fixed version of the Mersenne Twister algorithm. If deterministic output from mt_srand() was relied upon, then the MT_RAND_PHP with the ability to preserve the old (incorrect) implementation via an additional optional second parameter to mt_srand().

  • rand() and srand() have now been made aliases to mt_rand() and mt_srand(), respectively. This means that the output for the following functions have changed: rand(), shuffle(), str_shuffle(), and array_rand().

  • The ASCII delete control character (0x7F) can no longer be used in identifiers that are not quoted.

  • If the error_log ini setting is set to syslog, the PHP error levels are mapped to the syslog error levels. This brings finer differentiation in the error logs in contrary to the previous approach where all the errors are logged with the notice level only.

  • 对于在执行构造方法时抛出异常的对象,现在析构方法绝不会被调用。在先前的版本中,这个行为取决于对象是否在构造方法以外的地方呗引用(例如一个错误堆栈回溯)

  • call_user_func()不再支持对传址的函数的调用

  • 对字符串使用一个空索引操作符(例如$str[] = $x)将会抛出一个致命错误, 而不是静默地将其转为一个数组。

  • 下列ini配置项已经被移除:

    • session.entropy_file
    • session.entropy_length
    • session.hash_function
    • session.hash_bits_per_character
  • The order of the elements in an array has changed when those elements have been automatically created by referencing them in a by reference assignment.

  • The internal sorting algorithm has been improved, what may result in different sort order of elements, which compare as equal, than before.

  • The error message for E_RECOVERABLE errors has been changed from “Catchable fatal error” to “Recoverable fatal error”.

  • DateTime and DateTimeImmutable now properly incorporate microseconds when constructed from the current time, either explicitly or with a relative string (e.g. "first day of next month"). This means that naive comparisons of two newly created instances will now more likely return false instead of true:

  • Fatal errors to Error exceptions conversions

  • Variables bound to a closure via the use construct cannot use the same name as any superglobals, $this, or any parameter.

  • long2ip() now expects an int instead of a string.

  • JSON encoding and decoding

    • The serialize_precision ini setting now controls the serialization precision when encoding doubles.

    • Decoding an empty key now results in an empty property name, rather than empty as a property name.

  • Drop support for the sslv2 stream

  • Return statements without argument in functions which declare a return type now trigger E_COMPILE_ERROR (unless the return type is declared as void), even if the return statement would never be reached.


  • mcrypt 扩展已经过时了大约10年,并且用起来很复杂。因此它被废弃并且被 OpenSSL 所取代。 从PHP 7.2起它将被从核心代码中移除并且移到PECL中。

  • 对于mb_ereg_replace()mb_eregi_replace()e模式修饰符现在已被废弃。

新特性

  • 参数以及返回值的类型现在可以通过在类型前加上一个问号使之允许为空。 当启用这个特性时,传入的参数或者函数返回的结果要么是给定的类型,要么是 null 。

  • 一个新的返回值类型void被引入。 返回值声明为 void 类型的方法要么干脆省去 return 语句,要么使用一个空的 return 语句。 对于 void 函数来说,null 不是一个合法的返回值。

  • 短数组语法([])现在作为list()语法的一个备选项,可以用于将数组的值赋给一些变量(包括在foreach中)。

  • 现在起支持设置类常量的可见性。

  • 现在引入了一个新的被称为iterable的伪类 (与callable类似)。 这可以被用在参数或者返回值类型中,它代表接受数组或者实现了Traversable接口的对象。 至于子类,当用作参数时,子类可以收紧父类的iterable类型到array 或一个实现了Traversable的对象。对于返回值,子类可以拓宽父类的 array或对象返回值类型到iterable

  • 一个catch语句块现在可以通过管道字符(|)来实现多个异常的捕获。 这对于需要同时处理来自不同类的不同异常时很有用。

  • 现在list()和它的新的[]语法支持在它内部去指定键名。这意味着它可以将任意类型的数组 都赋值给一些变量(与短数组语法类似)

  • 现在所有支持偏移量的字符串操作函数 都支持接受负数作为偏移量,包括通过[]{}操作字符串下标。在这种情况下,一个负数的偏移量会被理解为一个从字符串结尾开始的偏移量。

  • 通过给openssl_encrypt()openssl_decrypt() 添加额外参数,现在支持了AEAD (模式 GCM and CCM)。

  • Closure新增了一个静态方法,用于将callable快速地 转为一个Closure 对象。

  • 一个新的名为 pcntl_async_signals() 的方法现在被引入, 用于启用无需 ticks (这会带来很多额外的开销)的异步信号处理。

  • 对服务器推送的支持现在已经被加入到 CURL 扩展中( 需要版本 7.46 或更高)。这个可以通过 curl_multi_setopt() 函数与新的常量 CURLMOPT_PUSHFUNCTION 来进行调节。常量 CURL_PUST_OKCURL_PUSH_DENY 也已经被添加进来,以便服务器推送的回调函数来表明自己会同意或拒绝处理。

  • 新增 tcp_nodelay 选项。

变化

这里可以找到原文

Core

  • Change statement and fcall extension handlers to accept frame.
  • Number operators taking numeric strings now emit E_NOTICEs or E_WARNINGs when given malformed numeric strings.
  • (int), intval() where $base is 10 or unspecified, settype(), decbin(), decoct(), dechex(), integer operators and other conversions now always respect scientific notation in numeric strings.
  • Raise a compile-time warning on octal escape sequence overflow.
  • TypeError messages for arg_info type checks will now say “must be … or null” where the parameter or return type accepts null.

  • Added nullable types.
  • Added DFA optimization framework based on e-SSA form.
  • Added specialized opcode handlers (e.g. ZEND_ADD_LONG_NO_OVERFLOW).
  • Added [] = as alternative construct to list() =.
  • Added void return type.
  • Added support for negative string offsets in string offset syntax and various string functions.
  • Added a form of the list() construct where keys can be specified.
  • Implemented safe execution timeout handling, that prevents random crashes after “Maximum execution time exceeded” error.
  • Implemented the RFC `Support Class Constant Visibility`.
  • Implemented the RFC `Catching multiple exception types`.
  • Implemented logging to syslog with dynamic error levels.
  • Implemented FR #72614 (Support “nmake test” on building extensions by phpize).
  • Implemented RFC: Iterable.
  • Implemented RFC: Closure::fromCallable (Danack)
  • Implemented RFC: Replace “Missing argument” warning with “\ArgumentCountError” exception.
  • Implemented RFC: Fix inconsistent behavior of $this variable.
  • Added new constant PHP_FD_SETSIZE.
  • Added optind parameter to getopt().
  • Added PHP to SAPI error severity mapping for logs.
  • Implemented RFC: RNG Fixes.
  • Implemented email validation as per RFC 6531.

  • Fixed bug #73585 (Logging of “Internal Zend error - Missing class information” missing class name).
  • Fixed memory leak(null coalescing operator with Spl hash).
  • Fixed bug #72736 (Slow performance when fetching large dataset with mysqli / PDO).
  • Fixed bug #72978 (Use After Free Vulnerability in unserialize()). (CVE-2016-9936)
  • Fixed bug #72482 (Ilegal write/read access caused by gdImageAALine overflow).
  • Fixed bug #72696 (imagefilltoborder stackoverflow on truecolor images). (CVE-2016-9933)
  • Fixed bug #73350 (Exception::__toString() cause circular references).
  • Fixed bug #73329 ((Float)“Nano” == NAN).
  • Fixed bug #73288 (Segfault in __clone > Exception.toString > __get).
  • Fixed for #73240 (Write out of bounds at number_format).
  • Fix pthreads detection when cross-compiling (ffontaine)
  • Fixed bug #73337 (try/catch not working with two exceptions inside a same operation).
  • Fixed bug #73156 (segfault on undefined function).
  • Fixed bug #73163 (PHP hangs if error handler throws while accessing undef const in default value).
  • Fixed bug #73172 (parse error: Invalid numeric literal).
  • Fixed bug #73181 (parse_str() without a second argument leads to crash).
  • Fixed bug #73025 (Heap Buffer Overflow in virtual_popen of zend_virtual_cwd.c).
  • Fixed bug #73058 (crypt broken when salt is ‘too’ long).
  • Fixed bug #72944 (Null pointer deref in zval_delref_p).
  • Fixed bug #72943 (assign_dim on string doesn’t reset hval).
  • Fixed bug #72598 (Reference is lost after array_slice()).
  • Fixed bug #72703 (Out of bounds global memory read in BF_crypt triggered by password_verify).
  • Fixed bug #72813 (Segfault with __get returned by ref).
  • Fixed bug #72767 (PHP Segfaults when trying to expand an infinite operator).
  • Fixed bug #72857 (stream_socket_recvfrom read access violation).
  • Fixed bug #72663 (Create an Unexpected Object and Don’t Invoke __wakeup() in Deserialization).
  • Fixed bug #72681 (PHP Session Data Injection Vulnerability).
  • Fixed bug #72742 (memory allocator fails to realloc small block to large one).
  • Fixed URL rewriter. It would not rewrite ‘//example.com/’ URL unconditionally. URL rewrite target hosts whitelist is implemented.
  • Fixed bug #72641 (phpize (on Windows) ignores PHP_PREFIX).
  • Fixed bug #72683 (getmxrr broken).
  • Fixed bug #72629 (Caught exception assignment to variables ignores references).
  • Fixed bug #72594 (Calling an earlier instance of an included anonymous class fatals).
  • Fixed bug #72581 (previous property undefined in Exception after deserialization).
  • Fixed bug #72543 (Different references behavior comparing to PHP 5).
  • Fixed bug #72347 (VERIFY_RETURN type casts visible in finally).
  • Fixed bug #72216 (Return by reference with finally is not memory safe).
  • Fixed bug #72215 (Wrong return value if var modified in finally).
  • Fixed bug #71818 (Memory leak when array altered in destructor).
  • Fixed bug #71539 (Memory error on $arr[$a] =& $arr[$b] if RHS rehashes).
  • Fixed bug #71911 (Unable to set --enable-debug on building extensions by phpize on Windows).
  • Fixed bug #29368 (The destructor is called when an exception is thrown from the constructor).
  • Fixed bug #72513 (Stack-based buffer overflow vulnerability in virtual_file_ex).
  • Fixed bug #72573 (HTTP_PROXY is improperly trusted by some PHP libraries and applications).
  • Fixed bug #72523 (dtrace issue with reflection (failed test)).
  • Fixed bug #72508 (strange references after recursive function call and “switch” statement).
  • Fixed bug #72441 (Segmentation fault: RFC list_keys).
  • Fixed bug #72395 (list() regression).
  • Fixed bug #72373 (TypeError after Generator function w/declared return type finishes).
  • Fixed bug #69489 (tempnam() should raise notice if falling back to temp dir).
  • Fixed UTF-8 and long path support on Windows.
  • Fixed bug #53432 (Assignment via string index access on an empty string converts to array).
  • Fixed bug #62210 (Exceptions can leak temporary variables).
  • Fixed bug #62814 (It is possible to stiffen child class members visibility).
  • Fixed bug #69989 (Generators don’t participate in cycle GC).
  • Fixed bug #70228 (Memleak if return in finally block).
  • Fixed bug #71266 (Missing separation of properties HT in foreach etc).
  • Fixed bug #71604 (Aborted Generators continue after nested finally).
  • Fixed bug #71572 (String offset assignment from an empty string inserts null byte).
  • Fixed bug #71897 (ASCII 0x7F Delete control character permitted in identifiers).
  • Fixed bug #72188 (Nested try/finally blocks losing return value).
  • Fixed bug #72213 (Finally leaks on nested exceptions).
  • Fixed bug #47517 (php-cgi.exe missing UAC manifest).

Apache2handler

  • Enable per-module logging in Apache 2.4+.

BCmath

  • Fixed bug #73190 (memcpy negative parameter _bc_new_num_ex).

Bz2

  • Fixed bug #72837 (integer overflow in bzdecompress caused heap corruption).
  • Fixed bug #72613 (Inadequate error handling in bzread()).

Calendar

  • Fix integer overflows (Joshua Rogers)
  • Fixed bug #67976 (cal_days_month() fails for final month of the French calendar).
  • Fixed bug #71894 (AddressSanitizer: global-buffer-overflow in zif_cal_from_jd).

CLI Server

  • Fixed bug #73360 (Unable to work in root with unicode chars).
  • Fixed bug #71276 (Built-in webserver does not send Date header).

COM

  • Fixed bug #73126 (Cannot pass parameter 1 by reference).
  • Fixed bug #69579 (Invalid free in extension trait).
  • Fixed bug #72922 (COM called from PHP does not return out parameters).
  • Fixed bug #72569 (DOTNET/COM array parameters broke in PHP7).
  • Fixed bug #72498 (variant_date_from_timestamp null dereference).

Curl

  • Implement support for handling HTTP/2 Server Push.
  • Add curl_multi_errno(), curl_share_errno() and curl_share_strerror() functions.

  • Fixed bug #72674 (Heap overflow in curl_escape).
  • Fixed bug #72541 (size_t overflow lead to heap corruption). (Stas).
  • Fixed bug #71709 (curl_setopt segfault with empty CURLOPT_HTTPHEADER).
  • Fixed bug #71929 (CURLINFO_CERTINFO data parsing error).

Date

  • Invalid serialization data for a DateTime or DatePeriod object will now throw an instance of Error from __wakeup() or __set_state() instead of resulting in a fatal error.
  • Timezone initialization failure from serialized data will now throw an instance of Error from __wakeup() or __set_state() instead of resulting in a fatal error.
  • Export date_get_interface_ce() for extension use.

  • Fixed bug #69587 (DateInterval properties and isset).
  • Fixed bug #73426 (createFromFormat with ‘z’ format char results in incorrect time).
  • Fixed bug #45554 (Inconsistent behavior of the u format char).
  • Fixed bug #48225 (DateTime parser doesn’t set microseconds for “now”).
  • Fixed bug #52514 (microseconds are missing in DateTime class).
  • Fixed bug #52519 (microseconds in DateInterval are missing).
  • Fixed bug #60089 (DateTime::createFromFormat() U after u nukes microtime).
  • Fixed bug #64887 (Allow DateTime modification with subsecond items).
  • Fixed bug #68506 (General DateTime improvments needed for microseconds to become useful).
  • Fixed bug #73109 (timelib_meridian doesn’t parse dots correctly).
  • Fixed bug #73247 (DateTime constructor does not initialise microseconds property).
  • Fixed bug #73147 (Use After Free in PHP7 unserialize()).
  • Fixed bug #73189 (Memcpy negative size parameter php_resolve_path).
  • Fixed bug #66836 (DateTime::createFromFormat ‘U’ with pre 1970 dates fails parsing).
  • Fixed bug #63740 (strtotime seems to use both sunday and monday as start of week).

Dba

  • Data modification functions (e.g.: dba_insert()) now throw an instance of Error instead of triggering a catchable fatal error if the key is does not contain exactly two elements.

  • Fixed bug #70825 (Cannot fetch multiple values with group in ini file).

DOM

  • Invalid schema or RelaxNG validation contexts will throw an instance of Error instead of resulting in a fatal error.
  • Attempting to register a node class that does not extend the appropriate base class will now throw an instance of Error instead of resulting in a fatal error.
  • Attempting to read an invalid or write to a readonly property will throw an instance of Error instead of resulting in a fatal error.

  • Fixed bug #73150 (missing NULL check in dom_document_save_html).
  • Fixed bug #66502 (DOM document dangling reference).

DTrace

  • Disabled PHP call tracing by default (it makes significant overhead). This may be enabled again using envirionment variable USE_ZEND_DTRACE=1.

EXIF

  • Fixed bug #72735 (Samsung picture thumb not read (zero size)).
  • Fixed bug #72627 (Memory Leakage In exif_process_IFD_in_TIFF).
  • Fixed bug #72603 (Out of bound read in exif_process_IFD_in_MAKERNOTE).
  • Fixed bug #72618 (NULL Pointer Dereference in exif_process_user_comment).

Filter

  • Fixed bug #72972 (Bad filter for the flags FILTER_FLAG_NO_RES_RANGE and FILTER_FLAG_NO_PRIV_RANGE).
  • Fixed bug #73054 (default option ignored when object passed to int filter).
  • Fixed bug #71745 (FILTER_FLAG_NO_RES_RANGE does not cover whole 127.0.0.0/8 range).

FPM

  • Fixed bug #72575 (using --allow-to-run-as-root should ignore missing user).

FTP

  • Implemented FR #55651 (Option to ignore the returned FTP PASV address).

  • Fixed bug #70195 (Cannot upload file using ftp_put to FTPES with require_ssl_reuse).

GD

  • Fixed bug #73213 (Integer overflow in imageline() with antialiasing).
  • Fixed bug #73272 (imagescale() is not affected by, but affects imagesetinterpolation()).
  • Fixed bug #73279 (Integer overflow in gdImageScaleBilinearPalette()).
  • Fixed bug #73280 (Stack Buffer Overflow in GD dynamicGetbuf).
  • Fixed bug #50194 (imagettftext broken on transparent background w/o alphablending).
  • Fixed bug #73003 (Integer Overflow in gdImageWebpCtx of gd_webp.c).
  • Fixed bug #53504 (imagettfbbox gives incorrect values for bounding box).
  • Fixed bug #73157 (imagegd2() ignores 3rd param if 4 are given).
  • Fixed bug #73155 (imagegd2() writes wrong chunk sizes on boundaries).
  • Fixed bug #73159 (imagegd2(): unrecognized formats may result in corrupted files).
  • Fixed bug #73161 (imagecreatefromgd2() may leak memory).
  • Fixed bug #67325 (imagetruecolortopalette: white is duplicated in palette).
  • Fixed bug #66005 (imagecopy does not support 1bit transparency on truecolor images).
  • Fixed bug #72913 (imagecopy() loses single-color transparency on palette images).
  • Fixed bug #68716 (possible resource leaks in _php_image_convert()).
  • Fixed bug #72709 (imagesetstyle() causes OOB read for empty $styles).
  • Fixed bug #72697 (select_colors write out-of-bounds).
  • Fixed bug #72730 (imagegammacorrect allows arbitrary write access).
  • Fixed bug #72596 (imagetypes function won’t advertise WEBP support).
  • Fixed bug #72604 (imagearc() ignores thickness for full arcs).
  • Fixed bug #70315 (500 Server Error but page is fully rendered).
  • Fixed bug #43828 (broken transparency of imagearc for truecolor in blendingmode).
  • Fixed bug #72512 (gdImageTrueColorToPaletteBody allows arbitrary write/read access).
  • Fixed bug #72519 (imagegif/output out-of-bounds access).
  • Fixed bug #72558 (Integer overflow error within _gdContributionsAlloc()).
  • Fixed bug #72482 (Ilegal write/read access caused by gdImageAALine overflow).
  • Fixed bug #72494 (imagecropauto out-of-bounds access).
  • Fixed bug #72404 (imagecreatefromjpeg fails on selfie).
  • Fixed bug #43475 (Thick styled lines have scrambled patterns).
  • Fixed bug #53640 (XBM images require width to be multiple of 8).
  • Fixed bug #64641 (imagefilledpolygon doesn’t draw horizontal line).

Hash

  • Added SHA3 fixed mode algorithms (224, 256, 384, and 512 bit).
  • Added SHA512/256 and SHA512/224 algorithms.

iconv

  • Fixed bug #72320 (iconv_substr returns false for empty strings).

IMAP

  • An email address longer than 16385 bytes will throw an instance of Error instead of resulting in a fatal error.

  • Fixed bug #73418 (Integer Overflow in “_php_imap_mail” leads to crash).

Interbase

  • Fixed bug #73512 (Fails to find firebird headers as don’t use fb_config output).

Intl

  • Failure to call the parent constructor in a class extending Collator before invoking the parent methods will throw an instance of Error instead of resulting in a recoverable fatal error.
  • Cloning a Transliterator object may will now throw an instance of Error instead of resulting in a fatal error if cloning the internal transliterator fails.

  • Added IntlTimeZone::getWindowsID() and IntlTimeZone::getIDForWindowsID().

  • Fixed bug #73007 (add locale length check).
  • Fixed bug #73218 (add mitigation for ICU int overflow).
  • Fixed bug #65732 (grapheme_*() is not Unicode compliant on CR LF sequence).
  • Fixed bug #73007 (add locale length check).
  • Fixed bug #72639 (Segfault when instantiating class that extends IntlCalendar and adds a property).
  • Fixed bug #72658 (Locale::lookup() / locale_lookup() hangs if no match found).
  • Partially fixed #72506 (idn_to_ascii for UTS #46 incorrect for long domain names).
  • Fixed bug #72533 (locale_accept_from_http out-of-bounds access).
  • Fixed bug #69374 (IntlDateFormatter formatObject returns wrong utf8 value).
  • Fixed bug #69398 (IntlDateFormatter formatObject returns wrong value when time style is NONE).

JSON

  • Exported JSON parser API including json_parser_method that can be used for implementing custom logic when parsing JSON.
  • Escaped U+2028 and U+2029 when JSON_UNESCAPED_UNICODE is supplied as json_encode options and added JSON_UNESCAPED_LINE_TERMINATORS to restore the previous behaviour.
  • Implemented FR #46600 (“_empty_” key in objects).

  • Implemented earlier return when json_encode fails, fixes bugs #68992 (Stacking exceptions thrown by JsonSerializable) and #70275 (On recursion error, json_encode can eat up all system memory).
  • Introduced encoder struct instead of global which fixes bugs #66025 and #73254 related to pretty print indentation.
  • Fixed bug #73113 (Segfault with throwing JsonSerializable).

LDAP

  • Providing an unknown modification type to ldap_batch_modify() will now throw an instance of Error instead of resulting in a fatal error.

Mbstring

  • Deprecated mb_ereg_replace() eval option.

  • mb_ereg() and mb_eregi() will now throw an instance of ParseError if an invalid PHP expression is provided and the ‘e’ option is used.

  • Fixed bug #73532 (Null pointer dereference in mb_eregi).
  • Fixed bug #66964 (mb_convert_variables() cannot detect recursion).
  • Fixed bug #72992 (mbstring.internal_encoding doesn’t inherit default_charset).
  • Fixed bug #66797 (mb_substr only takes 32-bit signed integer).
  • Fixed bug #72711 (`mb_ereg` does not clear the `$regs` parameter on failure).
  • Fixed bug #72691 (mb_ereg_search raises a warning if a match zero-width).
  • Fixed bug #72693 (mb_ereg_search increments search position when a match zero-width).
  • Fixed bug #72694 (mb_ereg_search_setpos does not accept a string’s last position).
  • Fixed bug #72710 (`mb_ereg` causes buffer overflow on regexp compile error).
  • Fixed bug #69151 (mb_ereg should reject ill-formed byte sequence).
  • Fixed bug #72405 (mb_ereg_replace - mbc_to_code (oniguruma) - oob read access).
  • Fixed bug #72399 (Use-After-Free in MBString (search_re)).

Mcrypt

  • Deprecated ext/mcrypt.

  • mcrypt_encrypt() and mcrypt_decrypt() will throw an instance of Error instead of resulting in a fatal error if mcrypt cannot be initialized.

  • Fixed bug #72782 (Heap Overflow due to integer overflows).
  • Fixed bug #72551, bug #72552 (In correct casting from size_t to int lead to heap overflow in mdecrypt_generic).

Mysqli

  • Attempting to read an invalid or write to a readonly property will throw an instance of Error instead of resulting in a fatal error.

Mysqlnd

  • Fixed bug #64526 (Add missing mysqlnd.* parameters to php.ini-*).
  • Fixed bug #71863 (Segfault when EXPLAIN with “Unknown column” error when using MariaDB).
  • Fixed bug #72701 (mysqli_get_host_info() wrong output).

OCI8

  • Fixed bug #71148 (Bind reference overwritten on PHP 7).
  • Fixed invalid handle error with Implicit Result Sets.
  • Fixed bug #72524 (Binding null values triggers ORA-24816 error).

ODBC

  • Fixed bug #73448 (odbc_errormsg returns trash, always 513 bytes).

Opcache

  • Fixed bug #73583 (Segfaults when conditionally declared class and function have the same name).
  • Fixed bug #69090 (check cached files permissions)
  • Fixed bug #72982 (Memory leak in zend_accel_blacklist_update_regexp() function).
  • Fixed bug #72949 (Typo in opcache error message).
  • Fixed bug #72762 (Infinite loop while parsing a file with opcache enabled).
  • Fixed bug #72590 (Opcache restart with kill_all_lockers does not work).

OpenSSL

  • Dropped support for SSL2.

  • Bumped a minimal version to 1.0.1.

  • Implemented FR #61204 (Add elliptic curve support for OpenSSL).
  • Implemented FR #67304 (Added AEAD support [CCM and GCM modes] to openssl_encrypt and openssl_decrypt).

  • Fixed bug #73478 (openssl_pkey_new() generates wrong pub/priv keys with Diffie Hellman).
  • Fixed bug #73276 (crash in openssl_random_pseudo_bytes function).
  • Fixed bug #73072 (Invalid path SNI_server_certs causes segfault).
  • Fixed bug #72360 (ext/openssl build failure with OpenSSL 1.1.0).
  • Implemented error storing to the global queue and cleaning up the OpenSSL error queue (resolves bugs #68276 and #69882).

Pcntl

  • Implemented asynchronous signal handling without TICKS.
  • Added pcntl_signal_get_handler() that returns the current signal handler for a particular signal. Addresses FR #72409.
  • Add siginfo to pcntl_signal() handler args (Bishop Bettini, David Walker)

PCRE

  • Downgraded to PCRE 8.38.
  • Upgraded to PCRE 8.39.

  • Fixed bug #73483 (Segmentation fault on pcre_replace_callback).
  • Fixed bug #73612 (preg_*() may leak memory).
  • Fixed bug #73392 (A use-after-free in zend allocator management).
  • Fixed bug #73121 (Bundled PCRE doesn’t compile because JIT isn’t supported on s390).
  • Fixed bug #72688 (preg_match missing group names in matches).
  • Fixed bug #72476 (Memleak in jit_stack).
  • Fixed bug #72463 (mail fails with invalid argument).

PDO

  • Fixed bug #72788 (Invalid memory access when using persistent PDO connection).
  • Fixed bug #72791 (Memory leak in PDO persistent connection handling).
  • Fixed bug #60665 (call to empty() on NULL result using PDO::FETCH_LAZY returns false).

PDO_DBlib

  • Allow \PDO::setAttribute() to set query timeouts.
  • Handle SQLDECIMAL/SQLNUMERIC types, which are used by later TDS versions.
  • Free error and message strings when cleaning up PDO instances.
  • Ignore potentially misleading dberr values.

  • Add common PDO test suite.
  • Implemented stringify ‘uniqueidentifier’ fields.

  • Fixed bug #72414 (Never quote values as raw binary data).
  • Fixed bug #67130 (\PDOStatement::nextRowset() should succeed when all rows in current rowset haven’t been fetched).

PDO_Firebird

  • Fixed bug #73087, #61183, #71494 (Memory corruption in bindParam).
  • Fixed bug #60052 (Integer returned as a 64bit integer on X86_64).

PDO_pgsql

  • Implemented FR #72633 (Postgres PDO lastInsertId() should work without specifying a sequence).

  • Fixed bug #70313 (PDO statement fails to throw exception).
  • Fixed bug #72570 (Segmentation fault when binding parameters on a query without placeholders).

Phar

  • Fixed bug #72928 (Out of bound when verify signature of zip phar in phar_parse_zipfile).
  • Fixed bug #73035 (Out of bound when verify signature of tar phar in phar_parse_tarfile).

phpdbg

  • Added generator command for inspection of currently alive generators.

Postgres

  • Implemented FR #31021 (pg_last_notice() is needed to get all notice messages).
  • Implemented FR #48532 (Allow pg_fetch_all() to index numerically).

  • Fixed bug #73498 (Incorrect SQL generated for pg_copy_to()).

Readline

  • Fixed bug #72538 (readline_redisplay crashes php).

Reflection

  • Undo backwards compatiblity break in ReflectionType->__toString() and deprecate via documentation instead.

  • Failure to retrieve a reflection object or retrieve an object property will now throw an instance of Error instead of resulting in a fatal error.

  • Reverted prepending \ for class names.
  • Implemented FR #38992 (invoke() and invokeArgs() static method calls should match). (cmb).
  • Add ReflectionNamedType::getName(). This method should be used instead of ReflectionType::__toString()
  • Prepend \ for class names and ? for nullable types returned from ReflectionType::__toString().

  • Fixed bug #72661 (ReflectionType::__toString crashes with iterable).
  • Fixed bug #72222 (ReflectionClass::export doesn’t handle array constants).
  • Fixed bug #72209 (ReflectionProperty::getValue() doesn’t fail if object doesn’t match type).

Session

  • Custom session handlers that do not return strings for session IDs will now throw an instance of Error instead of resulting in a fatal error when a function is called that must generate a session ID.
  • An invalid setting for session.hash_function will throw an instance of Error instead of resulting in a fatal error when a session ID is created.


  • Fixed bug #73273 (session_unset() empties values from all variables in which is $_session stored).
  • Fixed bug #73100 (session_destroy null dereference in ps_files_path_create).
  • Fixed bug #68015 (Session does not report invalid uid for files save handler).
  • Fixed bug #72940 (SID always return “name=ID”, even if session cookie exist).
  • Fixed bug #72531 (ps_files_cleanup_dir Buffer overflow).
  • Fixed bug #72562 (Use After Free in unserialize() with Unexpected Session Deserialization).
  • Improved fix for bug #68063 (Empty session IDs do still start sessions).
  • Fixed bug #71038 (session_start() returns TRUE on failure). Session save handlers must return ‘string’ always for successful read. i.e. Non-existing session read must return empty string. PHP 7.0 is made not to tolerate buggy return value.
  • Fixed bug #71394 (session_regenerate_id() must close opened session on errors).

SimpleXML

  • Creating an unnamed or duplicate attribute will throw an instance of Error instead of resulting in a fatal error.

  • Fixed bug #73293 (NULL pointer dereference in SimpleXMLElement::asXML()).
  • Fixed bug #72971 (SimpleXML isset/unset do not respect namespace).
  • Fixed bug #72957 (Null coalescing operator doesn’t behave as expected with SimpleXMLElement).
  • Fixed bug #72588 (Using global var doesn’t work while accessing SimpleXML element).

SNMP

  • Fixed bug #72708 (php_snmp_parse_oid integer overflow in memory allocation).
  • Fixed bug #72479 (Use After Free Vulnerability in SNMP with GC and unserialize()).

Soap

  • Fixed bug #73538 (SoapClient::__setSoapHeaders doesn’t overwrite SOAP headers).
  • Fixed bug #73452 (Segfault (Regression for #69152)).
  • Fixed bug #73037 (SoapServer reports Bad Request when gzipped).
  • Fixed bug #73237 (Nested object in “any” element overwrites other fields).
  • Fixed bug #69137 (Peer verification fails when using a proxy with SoapClient).
  • Fixed bug #71711 (Soap Server Member variables reference bug).
  • Fixed bug #71996 (Using references in arrays doesn’t work like expected).

SPL

  • Attempting to clone an SplDirectory object will throw an instance of Error instead of resulting in a fatal error.
  • Calling ArrayIterator::append() when iterating over an object will throw an instance of Error instead of resulting in a fatal error.

  • Fixed bug #73423 (Reproducible crash with GDB backtrace).
  • Fixed bug #72888 (Segfault on clone on splFileObject).
  • Fixed bug #73029 (Missing type check when unserializing SplArray).
  • Fixed bug #72646 (SplFileObject::getCsvControl does not return the escape character).
  • Fixed bug #72684 (AppendIterator segfault with closed generator).
  • Fixed bug #55701 (GlobIterator throws LogicException).

SQLite3

  • Update to SQLite 3.15.1.

  • Implemented FR #71159 (Upgraded bundled SQLite lib to 3.9.2).
  • Implemented FR #72653 (SQLite should allow opening with empty filename).

  • Fixed bug #73530 (Unsetting result set may reset other result set).
  • Fixed bug #73333 (2147483647 is fetched as string).
  • Fixed bug #72668 (Spurious warning when exception is thrown in user defined function).
  • Fixed bug #70628 (Clearing bindings on an SQLite3 statement doesn’t work).

Standard

  • array_multisort now uses zend_sort instead zend_qsort.
  • assert() will throw a ParseError when evaluating a string given as the first argument if the PHP code is invalid instead of resulting in a catchable fatal error.
  • Calling forward_static_call() outside of a class scope will now throw an instance of Error instead of resulting in a fatal error.
  • unpack() function accepts an additional optional argument $offset.

  • Implemented RFC: More precise float values.
  • Added is_iterable() function.
  • Implemented FR #55716 (Add an option to pass a custom stream context to get_headers()).
  • Additional validation for parse_url() for login/pass components).
  • Implemented FR #69359 (Provide a way to fetch the current environment variables).
  • Implemented FR #51879 stream context socket option tcp_nodelay (Joe)

  • Fixed bug #73297 (HTTP stream wrapper should ignore HTTP 100 Continue).
  • Fixed bug #73303 (Scope not inherited by eval in assert()).
  • Fixed bug #73192 (parse_url return wrong hostname).
  • Fixed bug #73203 (passing additional_parameters causes mail to fail).
  • Fixed bug #73203 (passing additional_parameters causes mail to fail).
  • Fixed bug #72920 (Accessing a private constant using constant() creates an exception AND warning).
  • Fixed bug #65550 (get_browser() incorrectly parses entries with “+” sign).
  • Fixed bug #71882 (Negative ftruncate() on php://memory exhausts memory).
  • Fixed bug #55451 (substr_compare NULL length interpreted as 0).
  • Fixed bug #72278 (getimagesize returning FALSE on valid jpg).
  • Fixed bug #61967 (unset array item in array_walk_recursive cause inconsistent array).
  • Fixed bug #62607 (array_walk_recursive move internal pointer).
  • Fixed bug #69068 (Exchanging array during array_walk -> memory errors).
  • Fixed bug #70713 (Use After Free Vulnerability in array_walk()/ array_walk_recursive()).
  • Fixed bug #72622 (array_walk + array_replace_recursive create references from nothing).
  • Fixed bug #72330 (CSV fields incorrectly split if escape char followed by UTF chars).
  • Fixed bug #72505 (readfile() mangles files larger than 2G).
  • Fixed bug #72306 (Heap overflow through proc_open and $env parameter).
  • Fixed bug #71100 (long2ip() doesn’t accept integers in strict mode).

Streams

  • Implemented FR #27814 (Multiple small packets send for HTTP request).

  • Fixed bug #73586 (php_user_filter::$stream is not set to the stream the filter is working on).
  • Fixed bug #72853 (stream_set_blocking doesn’t work).
  • Fixed bug #72743 (Out-of-bound read in php_stream_filter_create).
  • Fixed bug #72764 (ftps:// opendir wrapper data channel encryption fails with IIS FTP 7.5, 8.5).
  • Fixed bug #72810 (Missing SKIP_ONLINE_TESTS checks).
  • Fixed bug #41021 (Problems with the ftps wrapper).
  • Fixed bug #54431 (opendir() does not work with ftps:// wrapper).
  • Fixed bug #72667 (opendir() with ftp:// attempts to open data stream for non-existent directories).
  • Fixed bug #72771 (ftps:// wrapper is vulnerable to protocol downgrade attack).
  • Fixed bug #72534 (stream_socket_get_name crashes).
  • Fixed bug #72439 (Stream socket with remote address leads to a segmentation fault).

sysvshm

  • Fixed bug #72858 (shm_attach null dereference).

Tidy

  • Implemented support for libtidy 5.0.0 and above.
  • Creating a tidyNode manually will now throw an instance of Error instead of resulting in a fatal error.

Wddx

  • A circular reference when serializing will now throw an instance of Error instead of resulting in a fatal error.

  • Fixed bug #73331 (NULL Pointer Dereference in WDDX Packet Deserialization with PDORow). (CVE-2016-9934)
  • Fixed bug #72142 (WDDX Packet Injection Vulnerability in wddx_serialize_value()).
  • Fixed bug #72749 (wddx_deserialize allows illegal memory access).
  • Fixed bug #72750 (wddx_deserialize null dereference).
  • Fixed bug #72790 (wddx_deserialize null dereference with invalid xml).
  • Fixed bug #72799 (wddx_deserialize null dereference in php_wddx_pop_element).
  • Fixed bug #72860 (wddx_deserialize use-after-free).
  • Fixed bug #73065 (Out-Of-Bounds Read in php_wddx_push_element).
  • Fixed bug #72564 (boolean always deserialized as “true”).

XML

  • Fixed bug #72135 (malformed XML causes fault).
  • Fixed bug #72714 (_xml_startElementHandler() segmentation fault).
  • Fixed bug #72085 (SEGV on unknown address zif_xml_parse).

XMLRPC

  • A circular reference when serializing will now throw an instance of Error instead of resulting in a fatal error.

  • Fixed bug #72647 (xmlrpc_encode() unexpected output after referencing array elements).
  • Fixed bug #72606 (heap-buffer-overflow (write) simplestring_addn simplestring.c).

Zip

  • ZipArchive::addGlob() will throw an instance of Error instead of resulting in a fatal error if glob support is not available.

  • Fixed bug #68302 (impossible to compile php with zip support).
  • Fixed bug #72660 (NULL Pointer dereference in zend_virtual_cwd).
  • Fixed bug #72520 (Stack-based buffer overflow vulnerability in php_stream_zip_opener).