clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-22 18:37:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
71,036 Commits 491 Branches 1,363 Tags 839 MiB
12d3bdee3d
Commit Graph

71036 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stanislav Malyshev
12d3bdee3d Additional fix for bug #69324 
Not so happy about duplication but needed due to bug #69429
 2015-04-11 16:53:22 -07:00
Stanislav Malyshev
a894a8155f More fixes for bug #69152 2015-04-11 16:53:22 -07:00
Stanislav Malyshev
4435b9142f Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions) 2015-04-11 16:53:22 -07:00
Stanislav Malyshev
9faaee66fa Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar) 2015-04-11 16:53:21 -07:00
Stanislav Malyshev
0ea75af9be Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER) 2015-04-11 16:53:21 -07:00
Stanislav Malyshev
809610f5ea Fix bug #68486 and bug #69218 (segfault in apache2handler with apache 2.4) 2015-04-11 16:53:21 -07:00
Stanislav Malyshev
f938112c49 Fix bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault) 2015-04-11 16:53:21 -07:00
Xinchen Hui
920a0afbf8 Fixed bug #68901 (use after free) 2015-04-11 16:28:07 -07:00
Xinchen Hui
9a404df382 Fixed bug #68740 (NULL Pointer Dereference) 
(cherry picked from commit 124fb22a13)
 2015-04-05 22:48:10 -07:00
Stanislav Malyshev
5ae20c6247 Fix bug #66550 (SQLite prepared statement use-after-free) 2015-04-05 22:36:26 -07:00
Remi Collet
bd31cb7563 Better fix for #68601 for perf 
81e9a993f2
 2015-04-05 17:36:47 -07:00
Remi Collet
afbf725e73 Fix bug #68601 buffer read overflow in gd_gif_in.c 2015-04-05 17:33:52 -07:00
Stanislav Malyshev
caecd88237 Revert "Merge branch 'PHP-5.4' of https://git.php.net/repository/php-src into PHP-5.4" 
This reverts commit fe0ca2745f, reversing
changes made to 968fbc6acf.
 2015-04-01 23:43:33 -07:00
Dmitry Stogov
75f40ae1f3 Fixed bug #69293 2015-03-27 18:40:58 +03:00
Xinchen Hui
fe0ca2745f Merge branch 'PHP-5.4' of https://git.php.net/repository/php-src into PHP-5.4 2015-03-25 13:05:08 +08:00
Stanislav Malyshev
968fbc6acf Bacport fix bug #68741 - Null pointer dereference 2015-03-22 18:30:05 -07:00
Stanislav Malyshev
fb83c76dee Check that the type is correct 2015-03-22 18:17:47 -07:00
Stanislav Malyshev
95b9c34f02 add CVEs 2015-03-19 22:54:48 -07:00
Dmitry Stogov
51856a76f8 Fixed bug #69152 2015-03-19 11:36:01 +03:00
Stanislav Malyshev
4c3b73b6df 5.4.40 next 2015-03-17 22:37:16 -07:00
Stanislav Malyshev
ef8fc4b53d Fix bug #69253 - ZIP Integer Overflow leads to writing past heap boundary 2015-03-17 21:59:56 -07:00
Stanislav Malyshev
fb04dcf6db Fix bug #69248 - heap overflow vulnerability in regcomp.c 
Merged from 70bc296560
 2015-03-17 17:04:57 -07:00
Stanislav Malyshev
8b14d3052f add test for bug #68976 2015-03-17 17:03:46 -07:00
Stanislav Malyshev
646572d6d3 Fixed bug #68976 - Use After Free Vulnerability in unserialize() 2015-03-17 13:20:22 -07:00
Stanislav Malyshev
bfb669891e Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM configuration options) 2015-03-17 13:05:43 -07:00
Stanislav Malyshev
9ba4db5e5d fix tests 2015-03-17 12:55:35 -07:00
Stanislav Malyshev
1291d6bbee Fix bug #69207 - move_uploaded_file allows nulls in path 2015-03-17 12:47:58 -07:00
Xinchen Hui
ef2db26c60 Merge branch 'arginfo' of https://github.com/realityking/php-src into PHP-5.4 2015-03-08 22:53:19 +08:00
Dmitry Stogov
c8eaca013a Added type checks 2015-03-03 10:43:48 +03:00
Dmitry Stogov
0c136a2abd Added type checks 2015-03-03 09:44:46 +03:00
Dmitry Stogov
d5248f67b5 Check variable type before its usage as IS_ARRAY. 2015-03-02 12:27:36 +03:00
George Wang
8584cc010a Fixed a bug that header value is not terminated by '\0' when accessed through getenv(). 2015-02-25 10:48:19 -05:00
Ferenc Kovacs
c17a17e44b fix typo in bug# 2015-02-18 19:47:07 +01:00
Remi Collet
c6a26cb39d add CVE 2015-02-18 06:44:41 +01:00
Stanislav Malyshev
24f8a68d0a 5.4.39 next 2015-02-17 07:34:00 +01:00
Stanislav Malyshev
bdfe457a2c Port for for bug #68552 2015-02-17 06:53:02 +01:00
Stanislav Malyshev
7b18981830 Fix bug #68942 (Use after free vulnerability in unserialize() with DateTimeZone) 
Conflicts:
	ext/date/php_date.c
 2015-02-17 06:43:51 +01:00
Felipe Pena
82d347a477 - BFN 2015-02-17 01:14:05 -02:00
Felipe Pena
8f9ab04d93 - Fixed bug #67827 (broken detection of system crypt sha256/sha512 support) 2015-02-17 00:23:47 -02:00
Felipe Pena
e08bef442c - Fixed bug #67427 (SoapServer cannot handle large messages) patch by: brandt at docoloc dot de 2015-02-16 13:07:26 -02:00
Yasuo Ohgaki
5b6269a253 Update NEWS 2015-02-14 05:34:57 +09:00
Yasuo Ohgaki
a8722f5330 Add NULL byte protection to exec, system and passthru 2015-02-14 05:25:04 +09:00
George Wang
5e3f0f5671 Fixed #68790 (Missing return) 2015-02-07 12:16:54 -05:00
Stanislav Malyshev
f001c63073 Update header handling to RFC 7230 2015-02-05 20:08:12 -08:00
Stanislav Malyshev
7efbd70b03 fix sizeof size 2015-02-01 12:40:38 -08:00
Stanislav Malyshev
94d6cb4a78 fix TSRM 2015-01-31 23:34:14 -08:00
Stanislav Malyshev
b30a6d6018 Use better constant since MAXHOSTNAMELEN may mean shorter name 2015-01-31 21:46:56 -08:00
Stanislav Malyshev
2cdbd3537f use right sizeof for memset 2015-01-31 21:30:58 -08:00
Stanislav Malyshev
0f9c708229 Add mitigation for CVE-2015-0235 (bug #68925) 2015-01-31 19:08:13 -08:00
Ferenc Kovacs
61ad5e24ea fix some factual errors in the process 2015-01-22 21:27:38 +01:00