Ilia Alshanetsky
|
6d70aa1f4e
|
Added missing open_basedir & safe_mode checks to zip:// and bzip://
wrappers.
Issues idendtified by MOPB-20 and MOPB-21
|
2007-03-14 03:50:18 +00:00 |
|
Stanislav Malyshev
|
c3e4a2854a
|
fix odbc resource handling, patch by Dave Lawson
|
2007-03-13 00:04:38 +00:00 |
|
Antony Dovgal
|
81f99c721b
|
return false instead of empty string when -length is greater than (len - offset)
|
2007-03-12 23:42:26 +00:00 |
|
Ilia Alshanetsky
|
c829314963
|
malloc() -> pemalloc()
|
2007-03-12 23:21:41 +00:00 |
|
Antony Dovgal
|
165f44c9c3
|
MFH
|
2007-03-12 20:55:15 +00:00 |
|
Antony Dovgal
|
5088614ea1
|
synchronize iconv_substr() behavior with substr()
no MFB so far, since substr() changes are not MFBed either
|
2007-03-12 19:34:26 +00:00 |
|
Dmitry Stogov
|
ab699d03bc
|
Fixed bug #40770 (Apache child exits when PHP memory limit reached)
|
2007-03-12 16:59:52 +00:00 |
|
Antony Dovgal
|
ed844bbb3f
|
BFN
|
2007-03-12 13:10:55 +00:00 |
|
Antony Dovgal
|
30f45e15de
|
MFH: fix #40784 (Case sensivity in constructor's fallback)
|
2007-03-12 13:10:40 +00:00 |
|
Dmitry Stogov
|
1e13ef2de5
|
Fixed compilation warning
|
2007-03-12 07:39:01 +00:00 |
|
Edin Kadribasic
|
ff53da7213
|
Lib upgrade news
|
2007-03-12 03:10:08 +00:00 |
|
Ilia Alshanetsky
|
f96245f8b4
|
malloc() -> pemalloc()
|
2007-03-11 18:42:19 +00:00 |
|
Antony Dovgal
|
80616688db
|
MFH
|
2007-03-11 12:56:44 +00:00 |
|
Antony Dovgal
|
e8ede1ec08
|
fix tests
|
2007-03-11 12:54:54 +00:00 |
|
Ilia Alshanetsky
|
e82c30c845
|
Re-added check removed by the previous patch
|
2007-03-10 20:07:50 +00:00 |
|
Ilia Alshanetsky
|
1453879587
|
Added additional checks for long input arrays inside
import_request_variables().
# Missing checks identified by Stefan Esser
|
2007-03-10 19:20:16 +00:00 |
|
Pierre Joye
|
cb11ba761e
|
- MFH: CVE-2007-1001, integer overflow with invalid wbmp images
|
2007-03-10 12:18:36 +00:00 |
|
Pierre Joye
|
547e4760e0
|
- #40764, line thickness not respected for horizontal and vertical lines
- add test
- NEWS entry
|
2007-03-10 01:13:19 +00:00 |
|
Stanislav Malyshev
|
1e9fd0f002
|
add testcase
|
2007-03-09 18:37:03 +00:00 |
|
Dmitry Stogov
|
c2a71f8eb1
|
Return HTTP 403 in case of "access denied".
|
2007-03-09 16:46:07 +00:00 |
|
Antony Dovgal
|
982de65f6e
|
fix substr()
it's perfectly legal to do substr("str", 0, 1000000);
|
2007-03-09 10:04:59 +00:00 |
|
Antony Dovgal
|
c9ded196b4
|
fix tests
|
2007-03-09 09:45:14 +00:00 |
|
Ilia Alshanetsky
|
02fae929af
|
Fixed bug #40754 (added substr() & substr_replace() overflow checks).
|
2007-03-09 01:58:34 +00:00 |
|
Ilia Alshanetsky
|
b3b6db3f03
|
Add _SESSION to checklist
|
2007-03-09 01:48:56 +00:00 |
|
Ilia Alshanetsky
|
0fa1427c6e
|
Fixed a possible super-global overwrite inside import_request_variables().
# Reported by Stefano Di Paola
|
2007-03-09 01:42:20 +00:00 |
|
Rasmus Lerdorf
|
5b9ec4828f
|
Off by ! in the url control char check for file:/// urls
|
2007-03-09 01:20:34 +00:00 |
|
Pierre Joye
|
1286d9e266
|
- #40764, line thickness not respected for horizontal and vertical lines
|
2007-03-09 01:18:40 +00:00 |
|
Stanislav Malyshev
|
0aa13e923b
|
more fixes
|
2007-03-08 22:53:37 +00:00 |
|
Stanislav Malyshev
|
6e460bab4e
|
fix crash/leak in bug #38710
|
2007-03-08 22:49:53 +00:00 |
|
Stanislav Malyshev
|
c4423ae27d
|
add news
|
2007-03-08 22:44:22 +00:00 |
|
Nuno Lopes
|
95391e4f9c
|
BFN: gd gif reading
|
2007-03-08 22:04:33 +00:00 |
|
Stanislav Malyshev
|
8779d1cdd3
|
fix crash on $x['x']['y'] += 1, patch by Brian Shire
|
2007-03-08 20:59:31 +00:00 |
|
Nuno Lopes
|
5116b67016
|
fix thread unsafety in the gif reader code (merge from libgd cvs)
|
2007-03-08 20:24:53 +00:00 |
|
Stanislav Malyshev
|
79195bfe2e
|
clarify checks and error messages
|
2007-03-08 00:47:04 +00:00 |
|
Antony Dovgal
|
af1843f866
|
MFH: fix #40752 (parse_ini_file() segfaults when a scalar setting is redeclared as an array)
|
2007-03-08 00:44:23 +00:00 |
|
Ilia Alshanetsky
|
8696c9bc89
|
Improved length parameter validation
|
2007-03-08 00:18:10 +00:00 |
|
Ilia Alshanetsky
|
42ff70ede8
|
Improved offset validation
|
2007-03-08 00:06:41 +00:00 |
|
Stanislav Malyshev
|
2625be4ed0
|
fix MOPB#14
# The error message seems wrong, so maybe better fix is needed
|
2007-03-07 18:15:46 +00:00 |
|
Antony Dovgal
|
0628f86e0e
|
fix small typo
add --with-zlib-dir option (and simple automagic zlib detection)
|
2007-03-07 09:36:22 +00:00 |
|
Antony Dovgal
|
c73225ab61
|
MFH: fix #40727 (segfault in PDO when failed to bind parameters)
|
2007-03-07 09:03:07 +00:00 |
|
Ilia Alshanetsky
|
0638ac7651
|
Fixed calloc wrapper
|
2007-03-07 00:55:49 +00:00 |
|
Ilia Alshanetsky
|
4a614cd6b1
|
malloc() -> pemalloc()
|
2007-03-07 00:52:40 +00:00 |
|
Ilia Alshanetsky
|
f6343f45f2
|
Add checks around raw allocation code
|
2007-03-07 00:47:42 +00:00 |
|
Derick Rethans
|
d447facb42
|
- Updated timezone database to version 2007.3. (Derick)
|
2007-03-06 21:28:37 +00:00 |
|
Antony Dovgal
|
a806ce9700
|
MFH
|
2007-03-06 21:08:05 +00:00 |
|
Antony Dovgal
|
a8f076d7a3
|
use the aliases and eliminate one more compile warning
|
2007-03-06 21:04:27 +00:00 |
|
Antony Dovgal
|
db8bbdc2a9
|
MFH: declare zend_mm_random() only when needed
|
2007-03-06 20:59:13 +00:00 |
|
Uwe Schindler
|
ad336e432a
|
remove (large) static buffers for header names and request uri
|
2007-03-06 18:15:25 +00:00 |
|
Uwe Schindler
|
e25bb8ea04
|
use slprintf instead of snprintf and remove 0termination things (because slprintf is always available now)
|
2007-03-06 15:43:49 +00:00 |
|
Antony Dovgal
|
cc49ea3a1e
|
MFH
|
2007-03-06 10:13:54 +00:00 |
|