Merge remote-tracking branch 'origin/master' into native-tls

* origin/master: (25 commits)
  Fix return code (merges are hard :( )
  fix bad merge
  Fix bug #68113 (Heap corruption in exif_thumbnail())
  Fix bug #68089 - do not accept options with embedded \0
  Fixed bug #68044: Integer overflow in unserialize() (32-bits only)
  Fix bug #68027 - fix date parsing in XMLRPC lib
  Fix bug #68113 (Heap corruption in exif_thumbnail())
  Fix bug #68089 - do not accept options with embedded \0
  Fixed bug #68044: Integer overflow in unserialize() (32-bits only)
  Fix bug #68027 - fix date parsing in XMLRPC lib
  Fix bug #68113 (Heap corruption in exif_thumbnail())
  Fix bug #68089 - do not accept options with embedded \0
  Fixed bug #68044: Integer overflow in unserialize() (32-bits only)
  Fix bug #68027 - fix date parsing in XMLRPC lib
  Fixed bug #68128
  Added API function to retrive current custom heap handlers
  update NEWS and UPGRADING
  Allow to substitute storage layer in memory manager.
  Upated NEWS
  Address issues raised by @nikic
  ...

1 files changed, 5 insertions, 0 deletions

diff --git a/ext/curl/interface.c b/ext/curl/interface.c
index 5c4a8800a3..079c8d7070 100644
--- a/ext/curl/interface.c
+++ b/ext/curl/interface.c
@@ -170,6 +170,11 @@ static int php_curl_option_str(php_curl *ch, zend_long option, const char *str,
 {
 	CURLcode error = CURLE_OK;
 
+	if (strlen(str) != len) {
+		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Curl option contains invalid characters (\\0)");
+		return FAILURE;
+	}
+
 #if LIBCURL_VERSION_NUM >= 0x071100
 	if (make_copy) {
 #endif