cancel by original author
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
Hi PHP
So I read that there's this Throwable interface coming. Great! How about
extending it with one further method:
void Throwable::addSuppressed(Throwable exception)
Semantic is the same as Java's Throwable.addSuppressed()¹.
Why? Well consider a code fragment which wants to close a resource
Hi PHP
So I read that there's this Throwable interface coming. Great! How about
extending it with one further method:
void Throwable::addSuppressed(Throwable exception)
Semantic is the same as Java's Throwable.addSuppressed()¹.
Why? Well consider a code fragment which wants to close a resource
Hi Jakub,
On Wed, Jul 29, 2015 at 3:15 AM, Jakub Zelenka wrote:
> On Mon, Jul 27, 2015 at 11:17 PM, Yasuo Ohgaki wrote:
>
>>
>> Get JSON data from Google maps and store the data using PHP, then
>> users lose last 2 digits of fraction part by default. The value is
>> changed
>> and wrong. This i
The
On Jul 28, 2015 11:42 PM, "Christoph Becker" wrote:
>
> Rowan Collins wrote:
>
> > On 28 July 2015 18:33:31 BST, Matt Tait wrote:
> >> Hi all,
> >>
> >> I've written an RFC (and PoC) about automatic detection and blocking of
> >> SQL
> >> injection vulnerabilities directly from inside PHP via
Hi!
> New BC breaks in Beta?
Why not? What's the problem with it? Beta is to identify issues with
current code, serialized exceptions is an issue (as in, they don't work
and lead to security problems and generally pointless). Dragging this
known problem around for years makes no sense.
--
Stas
New BC breaks in Beta? Meh.
On Jul 28, 2015 22:44, "Rowan Collins" wrote:
> On 28 July 2015 21:34:06 BST, Marco Pivetta wrote:
> >This sort of change would be a major BC break for 8.x or similar.
>
> I think that was the point of trying to squeeze it into 7.0
>
>
Hi!
> This sort of change would be a major BC break for 8.x or similar.
How is it a major BC break? You make it sound like serializing
exceptions is something no application can do without. I have yet to see
a single case where it's useful (yes, I've read the Symphony comment but
I'm not sure wh
On 28 July 2015 21:34:06 BST, Marco Pivetta wrote:
>This sort of change would be a major BC break for 8.x or similar.
I think that was the point of trying to squeeze it into 7.0
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
Rowan Collins wrote:
> On 28 July 2015 18:33:31 BST, Matt Tait wrote:
>> Hi all,
>>
>> I've written an RFC (and PoC) about automatic detection and blocking of
>> SQL
>> injection vulnerabilities directly from inside PHP via automated taint
>> analysis.
>>
>> https://wiki.php.net/rfc/sql_injection
This sort of change would be a major BC break for 8.x or similar. I also
don't see security implications, tbh.
On Jul 28, 2015 18:41, "Stanislav Malyshev" wrote:
> Hi!
>
> > -1 on this. If there is no technical problem with serializing the
> > Exception class itself, it should be possible to seri
On 28 July 2015 18:33:31 BST, Matt Tait wrote:
>Hi all,
>
>I've written an RFC (and PoC) about automatic detection and blocking of
>SQL
>injection vulnerabilities directly from inside PHP via automated taint
>analysis.
>
>https://wiki.php.net/rfc/sql_injection_protection
Have you searched the li
Hi Yasuo
On Mon, Jul 27, 2015 at 11:17 PM, Yasuo Ohgaki wrote:
>
> Get JSON data from Google maps and store the data using PHP, then
> users lose last 2 digits of fraction part by default. The value is changed
> and wrong. This is definitely a bug.
>
>
I don't really get why you use Google maps
Hi all,
I've written an RFC (and PoC) about automatic detection and blocking of SQL
injection vulnerabilities directly from inside PHP via automated taint
analysis.
https://wiki.php.net/rfc/sql_injection_protection
In short, we make zend_strings track where their value originated. If it
originat
Hi!
> -1 on this. If there is no technical problem with serializing the
> Exception class itself, it should be possible to serialize it. It can
> always happen that an object contains some not-serializable member, this
> is nothing specific to exceptions. I don't see the point of this change.
The
Nikita Popov wrote on 28/07/2015 14:07:
-1 on this. If there is no technical problem with serializing the Exception
class itself, it should be possible to serialize it. It can always happen
that an object contains some not-serializable member, this is nothing
specific to exceptions. I don't see t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 07/28/2015 05:22 PM, Johannes Schlüter wrote:
> An approach might be to remove the automatic download and
> instructing the user to put the file there manually if this is seen
> as important.
+1
--
PHP Internals - PHP Runtime Development Maili
On Tue, 2015-07-28 at 17:11 +0200, Sebastian Bergmann wrote:
> On 07/28/2015 04:45 PM, Johannes Schlüter wrote:
> > (and yes - developers doing this might be an interesting targeted
> > attack vector. Malicious code there knows where the developer keeps
> > the source tree and might inject bad code
On 07/28/2015 04:45 PM, Johannes Schlüter wrote:
> (and yes - developers doing this might be an interesting targeted
> attack vector. Malicious code there knows where the developer keeps
> the source tree and might inject bad code into the codebase which we
> notice only with good review of commits
On Mon, 2015-07-27 at 09:32 +0200, Ferenc Kovacs wrote:
> Hi,
>
> I've just realized that even thought https://pear.php.net/ is available, we
> are still downloading the install-pear-nozlib.phar via http:// in
> pear/Makefile.frag and makedist
> Do you happen to know any reason for keeping it that
On Mon, Jul 27, 2015 at 9:08 AM, Stas Malyshev wrote:
> Hi!
>
> Looking into some issue, I've discovered that, to my surprise,
> > Exceptions are serializable. Except that it doesn't always work of
> > course (e.g. see http://stackoverflow.com/q/9747813/214196) because
> > exceptions contain back
Results for project php-src-nightly, build date 2015-07-28 11:24:46+03:00
commit: 5ac6b8bcc6431073e453d1eb19c347b24a03261c
revision_date:2015-07-28 16:06:06+08:00
environment: Haswell-EP
cpu: Intel(R) Xeon(R) CPU E5-2699 v3 @ 2.30GHz 2x18 cores, stepping 2,
LLC 45 MB
22 matches
Mail list logo
