clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-25 20:07:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
71,122 Commits 493 Branches 1,366 Tags 850 MiB
1744be2d17
Commit Graph

29908 Commits

Author SHA1 Message Date
Stanislav Malyshev
1744be2d17 Fix for bug #69782 2015-08-16 17:16:15 -07:00
Stanislav Malyshev
dda81f0505 Fix bug #70019 - limit extracted files to given directory 2015-08-04 14:02:31 -07:00
Stanislav Malyshev
0e09009753 Do not do convert_to_* on unserialize, it messes up references 2015-08-04 13:59:56 -07:00
Stanislav Malyshev
4d2278143a Fix #69793 - limit what we accept when unserializing exception 2015-08-01 22:02:26 -07:00
Stanislav Malyshev
863bf294fe Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList) 2015-08-01 22:01:51 -07:00
Stanislav Malyshev
7381b6accc Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject 2015-08-01 22:01:40 -07:00
Stanislav Malyshev
c7d3c027d5 ignore signatures for packages too 2015-08-01 22:01:32 -07:00
Stanislav Malyshev
c2e197e4ef Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage 2015-08-01 22:01:17 -07:00
Stanislav Malyshev
16023f3e3b Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes 2015-07-26 17:43:16 -07:00
Stanislav Malyshev
7a4584d3f6 Improved fix for Bug #69441 2015-07-26 17:31:12 -07:00
Stanislav Malyshev
b7fa67742c Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items) 2015-07-26 17:25:25 -07:00
Stanislav Malyshev
c96d08b272 Fix bug #70081: check types for SOAP variables 2015-07-26 16:44:18 -07:00
Stanislav Malyshev
885edfef0a Better fix for bug #69958 2015-07-07 09:38:31 -07:00
Stanislav Malyshev
97aa752fee Fix bug #69669 (mysqlnd is vulnerable to BACKRONYM) 2015-07-07 09:38:31 -07:00
Stanislav Malyshev
6dedeb40db Fix bug #69923 - Buffer overflow and stack smashing error in phar_fix_filepath 2015-07-07 09:38:31 -07:00
Stanislav Malyshev
bf58162ddf Fix bug #69958 - Segfault in Phar::convertToData on invalid file 2015-07-07 09:38:30 -07:00
Ferenc Kovacs
29533ae528 add missing second argument for ucfirst to the proto 2015-07-07 15:48:55 +02:00
Stanislav Malyshev
cd9c39d77c Merge branch 'pull-request/1350' into PHP-5.4 
* pull-request/1350:
  Move strlen() check to php_mail_detect_multiple_crlf()
  Fixed Bug #69874 : Can't set empty additional_headers for mail()
 2015-06-28 20:18:56 -07:00
Christoph M. Becker
a621781fdb Fixed bug #69768 (escapeshell*() doesn't cater to !) 
When delayed variable substitution is enabled (can be set in the
Registry, for instance), !ENV! works similar to %ENV%, and so ! should
be escaped like %.
 2015-06-24 00:15:55 +02:00
Yasuo Ohgaki
d263ecd864 Move strlen() check to php_mail_detect_multiple_crlf() 2015-06-19 15:17:56 +09:00
Yasuo Ohgaki
dacea3f6fb Fixed Bug #69874 : Can't set empty additional_headers for mail() 2015-06-19 12:19:12 +09:00
Lior Kaplan
cc7194dd10 Fixed bug #69689 (Align PCRE_MINOR with current version) 2015-06-18 17:30:21 +03:00
Yasuo Ohgaki
9d168b863e Fixed bug #68776 2015-06-09 21:32:54 -07:00
Stanislav Malyshev
eee8b6c33f fix test 2015-06-09 17:11:33 -07:00
Stanislav Malyshev
8036758491 Fix bug #69646 OS command injection vulnerability in escapeshellarg 2015-06-09 10:52:38 -07:00
Stanislav Malyshev
f7d7befae8 Fix #69719 - more checks for nulls in paths 2015-06-09 10:52:38 -07:00
Remi Collet
531c306fe6 fix test description 2015-06-09 09:18:54 +02:00
Lior Kaplan
7ced40e24e Upgrade bundled sqlite to 3.8.10.2 
Includes fixes for CVE-2015-3414, CVE-2015-3415, CVE-2015-3416 done in 3.8.9
 2015-06-08 22:17:06 +03:00
Stanislav Malyshev
0765623d69 improve fix for Bug #69545 2015-05-31 17:29:00 -07:00
Stanislav Malyshev
f38ca75a3c Update PCRE version (bug #69689) 2015-05-30 21:17:16 -07:00
Remi Collet
88aab478bf move test 2015-05-20 14:03:41 +02:00
Remi Collet
3ee3066bd0 fix new test 2015-05-20 08:46:14 +02:00
Remi Collet
f93d24aa67 Fixed Bug #69667 segfault in php_pgsql_meta_data 
Incomplete fix for #68741
 2015-05-20 08:46:01 +02:00
Stanislav Malyshev
9c0813fd48 Add test for bug #69522 2015-05-11 01:10:35 -07:00
Stanislav Malyshev
634aa0a2db Update tests 2015-05-11 00:12:39 -07:00
Stanislav Malyshev
ba1d9cc4b7 Fix bug #69522 - do not allow int overflow 2015-05-10 23:06:08 -07:00
Stanislav Malyshev
e2bbf0a2df Forgot test file 2015-05-10 02:24:29 -07:00
Stanislav Malyshev
c591f022f8 Fix bug #69403 and other int overflows 2015-05-10 02:20:08 -07:00
Stanislav Malyshev
be9b2a95ad Fixed bug #69418 - more s->p fixes for filenames 2015-05-10 02:09:38 -07:00
Stanislav Malyshev
c27f012b7a Fix bug #69453 - don't try to cut empty string 2015-04-29 22:51:43 -07:00
Stanislav Malyshev
ac28329354 Fix bug #69545 - avoid overflow when reading list 2015-04-29 22:50:18 -07:00
Stanislav Malyshev
95fa727992 Upgrade to PCRE 8.37 due to various bugfixes 2015-04-29 22:27:07 -07:00
Anatol Belski
9c5c3ff022 fix VC9 build with PCRE 2015-04-28 13:15:39 +02:00
Stanislav Malyshev
23917b451b Upgrade PCRE to 8.36, it fixes some crashes 
We probably will need to go to 8.37 once it is released.
 2015-04-27 23:16:54 -07:00
Dmitry Stogov
cee9722028 Fixed recently introduced memory leak 2015-04-14 11:08:38 -07:00
Stanislav Malyshev
9af582bbe0 fix non-standard C 2015-04-14 00:46:47 -07:00
Stanislav Malyshev
d3aeb8a204 Merge branch 'PHP-5.4.40' into PHP-5.4 
* PHP-5.4.40:
  update NEWS
  Fix bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode)
  fix memory leak & add test
  Fix tests
  fix CVE num
  Fix bug #69337 (php_stream_url_wrap_http_ex() type-confusion vulnerability)
  Fix test
  Additional fix for bug #69324
  More fixes for bug #69152
  Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions)
  Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar)
  Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER)
  Fix bug #68486 and bug #69218 (segfault in apache2handler with apache 2.4)
  Fix bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault)
 2015-04-14 00:26:53 -07:00
Stanislav Malyshev
f59b67ae50 Fix bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode) 2015-04-14 00:03:50 -07:00
Remi Collet
ff70b40dc9 fix type in fix for #69085 2015-04-13 14:41:39 +02:00
Stanislav Malyshev
45facd15fb fix memory leak & add test 2015-04-12 22:38:34 -07:00