clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-29 13:56:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
96,124 Commits 494 Branches 1,367 Tags 788 MiB
1a06fae543
Commit Graph

1255 Commits

Author SHA1 Message Date
Mitch Hagstrand
3401f553b9 Fixes for session and fpm tests in PHP7.0 branch 
1. Increased the timeout on sapi/fpm tests to match the cli server
2. Disabled session GC in session_set_save_handler_basic.phpt
3. Fixed GC in save_handler.inc to delete files based on age
 2017-01-06 19:55:57 -08:00
Joe Watkins
b0ff9ee688
Merge branch 'pull-request/1360' into PHP-7.0 
* pull-request/1360:
  Fixed bug #69582 session not readable by root in CLI
  news entry for PR #1360
 2017-01-06 06:05:17 +00:00
Sammy Kaye Powers
478f119ab9 Update copyright headers to 2017 2017-01-04 11:14:55 -06:00
Nikita Popov
935b5cb11e Flush stderr on win32 in cli_log_message 
This allows us to unfork a bunch of tests for Windows.
 2017-01-01 21:09:02 +01:00
Anatol Belski
5e9b4c26a5 remove TSRMLS_* 2016-11-21 23:53:37 +01:00
Nikita Popov
c91f652ddb Fixed bug #73273 
As well as a few other $_SESSION separation issues.
 2016-10-10 12:20:44 +02:00
Christoph M. Becker
48cf8dd9c3 Merge branch 'PHP-5.6' into PHP-7.0 2016-09-16 23:43:18 +02:00
Christoph M. Becker
6682673070 Fix #73100: session_destroy null dereference in ps_files_path_create 2016-09-16 23:41:10 +02:00
Anatol Belski
855b8e4f79 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  fix test portability
 2016-09-13 12:02:05 +02:00
Anatol Belski
fc31d6fed4 fix test portability 2016-09-13 12:00:29 +02:00
Yasuo Ohgaki
0e3b30fad1 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fixed Bug #68015 Session does not report invalid uid for files save handler
 2016-09-09 11:32:20 +09:00
Yasuo Ohgaki
38553e853b Fixed Bug #68015 Session does not report invalid uid for files save handler 2016-09-09 11:31:54 +09:00
David Carlier
19350b6b73 phpdbg: couple of network function return checks. Possible 
overflow when copy the socket_path configuration.
 2016-09-04 23:18:51 -07:00
Yasuo Ohgaki
cc797d4fc3 Fix bug #72940 properly. Reduce needless branches 2016-09-01 07:47:13 +09:00
Yasuo Ohgaki
b5f2f6fbd8 Fixed bug #72940 SID always return "name=ID", even if session cookie exist 2016-08-30 15:58:25 +09:00
Xinchen Hui
b172f43caa Unused label 2016-08-17 16:56:20 +08:00
Stanislav Malyshev
ed9d916c28 fix test 2016-08-17 01:12:33 -07:00
Nikita Popov
e0f9fbdfa6 Bug #72663 - part 3 
When using the php_serialize session serialization handler, do
not use the result of the unserialization if it failed.
 2016-08-17 01:01:03 -07:00
Stanislav Malyshev
0d13325b66 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6: (24 commits)
  Update NEWS
  BLock test with memory leak
  fix tests
  Fix TSRM build
  Fix bug #72850 - integer overflow in uuencode
  Fixed bug #72849 - integer overflow in urlencode
  Fix bug #72848 - integer overflow in quoted_printable_encode caused heap corruption
  Fix bug #72838 - 	Integer overflow lead to heap corruption in sql_regcase
  Fix bug #72837 - integer overflow in bzdecompress caused heap corruption
  Fix bug #72836 - integer overflow in base64_decode caused heap corruption
  Fix for bug #72807 - do not produce strings with negative length
  Fix for bug #72790 and bug #72799
  Fix bug #72730 - imagegammacorrect allows arbitrary write access
  Fix bug#72697 - select_colors write out-of-bounds
  Fixed bug #72627: Memory Leakage In exif_process_IFD_in_TIFF
  Fix bug #72750: wddx_deserialize null dereference
  Fix bug #72771: ftps:// opendir wrapper is vulnerable to protocol downgrade attack
  Improve fix for #72663
  Fix bug #70436: Use After Free Vulnerability in unserialize()
  Fix bug #72749: wddx_deserialize allows illegal memory access
  ...

Conflicts:
	Zend/zend_API.h
	ext/bz2/bz2.c
	ext/curl/interface.c
	ext/ereg/ereg.c
	ext/exif/exif.c
	ext/gd/gd.c
	ext/gd/tests/imagetruecolortopalette_error3.phpt
	ext/gd/tests/imagetruecolortopalette_error4.phpt
	ext/session/session.c
	ext/snmp/snmp.c
	ext/standard/base64.c
	ext/standard/ftp_fopen_wrapper.c
	ext/standard/quot_print.c
	ext/standard/url.c
	ext/standard/uuencode.c
	ext/standard/var.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	ext/wddx/tests/bug72790.phpt
	ext/wddx/tests/bug72799.phpt
	ext/wddx/wddx.c
	sapi/cli/generate_mime_type_map.php
 2016-08-17 00:43:33 -07:00
Stanislav Malyshev
8763c6090d Fix bug #72681 - consume data even if we're not storing them 2016-08-16 22:54:42 -07:00
Nikita Popov
2194690625 Ensure session GC is not run during variation6.phpt 
The implemented gc() handler simply deletes all sessions, including
the current one. This may cause a subsequent unlink() warning.
Avoid this by preventing GC from running.
 2016-07-24 00:07:54 +02:00
Anatol Belski
958fa34c16 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  fix test
 2016-07-23 21:03:45 +02:00
Anatol Belski
80fee637f4 fix test 2016-07-23 20:55:39 +02:00
Stanislav Malyshev
b00f8f2a5b Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  fix #72519, possible OOB using imagegif
  fix #72512, invalid read or write for palette image when invalid transparent index is used
  Apparently some envs miss SIZE_MAX
  Fix tests
  Fix bug #72618: NULL Pointer Dereference in exif_process_user_comment
  Partial fix for bug #72613 - do not treat negative returns from bz2 as size_t
  Fix bug #72606: heap-buffer-overflow (write) simplestring_addn simplestring.c
  Fix for bug #72558, Integer overflow error within _gdContributionsAlloc()
  Fix bug #72603: Out of bound read in exif_process_IFD_in_MAKERNOTE
  Fix bug #72562 - destroy var_hash properly
  Fix bug #72533 (locale_accept_from_http out-of-bounds access)
  Fix fir bug #72520
  Fix for bug #72513
  Fix for bug #72513
  CS fix and comments with bug ID
  Fix for HTTP_PROXY issue.
  5.6.24RC1
  add tests for bug #72512
  Fixed bug #72512 gdImageTrueColorToPaletteBody allows arbitrary write/read access
  Fixed bug #72479 - same as #72434

Conflicts:
	Zend/zend_virtual_cwd.c
	ext/bz2/bz2.c
	ext/exif/exif.c
	ext/session/session.c
	ext/snmp/snmp.c
	ext/standard/basic_functions.c
	main/SAPI.c
	main/php_variables.c
 2016-07-19 01:39:28 -07:00
Stanislav Malyshev
4d0565b5ba Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  fix #72519, possible OOB using imagegif
  fix #72512, invalid read or write for palette image when invalid transparent index is used
  Apparently some envs miss SIZE_MAX
  Fix tests
  Fix bug #72618: NULL Pointer Dereference in exif_process_user_comment
  Partial fix for bug #72613 - do not treat negative returns from bz2 as size_t
  Fix bug #72606: heap-buffer-overflow (write) simplestring_addn simplestring.c
  Fix for bug #72558, Integer overflow error within _gdContributionsAlloc()
  Fix bug #72603: Out of bound read in exif_process_IFD_in_MAKERNOTE
  Fix bug #72562 - destroy var_hash properly
  Fix bug #72533 (locale_accept_from_http out-of-bounds access)
  Fix fir bug #72520
  Fix for bug #72513
  CS fix and comments with bug ID
  Fix for HTTP_PROXY issue.
  add tests for bug #72512
  Fixed bug #72512 gdImageTrueColorToPaletteBody allows arbitrary write/read access
  Fixed bug #72479 - same as #72434

Conflicts:
	ext/bz2/bz2.c
	main/SAPI.c
	main/php_variables.c
 2016-07-19 00:53:08 -07:00
Stanislav Malyshev
3798eb6fd5 Fix bug #72562 - destroy var_hash properly 2016-07-12 23:27:45 -07:00
Xinchen Hui
6744737577 Fixed bug #72531 (ps_files_cleanup_dir Buffer overflow) 2016-07-03 09:30:33 +08:00
Christoph M. Becker
07a793810f Merge branch 'PHP-5.6' into PHP-7.0 2016-06-09 15:35:28 +02:00
Raphaël Tournoy
1dfdae6de4 fix typo 2016-06-03 17:18:14 +02:00
Xinchen Hui
05d53dee7d Fixed bug #71972 (Cyclic references causing session_start(): Failed to decode session object) 2016-04-15 21:08:51 -07:00
Yasuo Ohgaki
6467a4eb36 Fixed Bug #71974 Trans sid will always be send, even if cookies are available 2016-04-07 10:26:05 +09:00
Yasuo Ohgaki
50fca7a02a Fixed Bug #71683 Null pointer dereference in zend_hash_str_find_bucket 2016-03-12 08:15:47 +09:00
Nikita Popov
1ac152938c Move semicolon into TSRMLS_CACHE_EXTERN/DEFINE 
Also re bug #71575.
 2016-03-03 16:50:01 +01:00
Nikita Popov
a4e56194d7 Fix intermixed SKIPIF and XFAIL sections in test 2016-03-03 16:38:05 +01:00
Antony Dovgal
6f81e95c33 check length first, prevent out-of-bounds read 2016-02-03 14:49:16 +03:00
Anatol Belski
b947aff98d yet one revert 2016-01-29 21:43:14 +01:00
Anatol Belski
ac22f71477 Revert "adjust test for 7.0" 
This reverts commit 7fdb019e66.
 2016-01-29 21:27:22 +01:00
Anatol Belski
6891e6abdf Revert "refix #69111 and one related test" 
This reverts commit 80f7b01258.

Conflicts:
	ext/session/mod_files.c
 2016-01-29 20:59:58 +01:00
Anatol Belski
3d90531d1e Revert "fix yet another leak" 
This reverts commit 39084ccc68.
 2016-01-29 20:58:00 +01:00
Anatol Belski
d1d3c0832e add XFAIL 2016-01-29 20:57:05 +01:00
Anatol Belski
ebcfe7618d Revert "refix #69111 and one related test" 
This reverts commit 80f7b01258.
 2016-01-29 20:50:14 +01:00
Anatol Belski
7f977c13dc Revert "fix tests" 
This reverts commit d964ccba40.
 2016-01-29 20:49:52 +01:00
Anatol Belski
57d9797b6f Revert "fix leak in 7.0" 
This reverts commit ee49df011c.
 2016-01-29 20:46:47 +01:00
Anatol Belski
b7dadfae87 add XFAIL 2016-01-29 20:36:11 +01:00
Anatol Belski
40b9f52c2c Revert "fix leak in 5.6" 
This reverts commit fa548e5ca9.
 2016-01-29 20:33:39 +01:00
Anatol Belski
80f7b01258 refix #69111 and one related test 
It is the least evil as the test just reduces the fail path. 5.6 seems
still broken in this regard, a backport should follow if travis is happy.
 2016-01-29 19:55:50 +01:00
Anatol Belski
d964ccba40 fix tests 2016-01-29 16:32:27 +01:00
Anatol Belski
39084ccc68 fix yet another leak 2016-01-29 16:03:33 +01:00
Anatol Belski
d2c752d7e9 fix wrong gc sequence 2016-01-29 15:18:59 +01:00
Anatol Belski
ee49df011c fix leak in 7.0 2016-01-29 14:48:05 +01:00