clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-27 04:47:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
79,725 Commits 494 Branches 1,367 Tags 780 MiB
208ae5498d
Commit Graph

34035 Commits

Author SHA1 Message Date
Stanislav Malyshev
844a046945 Fix bug #67349: Locale::parseLocale Double Free 2014-06-24 10:29:09 -07:00
Stanislav Malyshev
e2ed4874b5 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  5.4.30
  Better fix for bug #67072 with more BC provisions
  Fix bug #67498 - phpinfo() Type Confusion Information Leak Vulnerability
  update CVE
  Fix bug #67492: unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion
  Fix bug #67397 (Buffer overflow in locale_get_display_name->uloc_getDisplayName (libicu 4.8.1))
  Fix bug #67349: Locale::parseLocale Double Free
  add CVEs
  Fix potential segfault in dns_get_record()
  Fix bug #66127 (Segmentation fault with ArrayObject unset)
  5.4.30 rc1

Conflicts:
	ext/intl/locale/locale_methods.c
 2014-06-24 10:25:09 -07:00
Stanislav Malyshev
3488cf6fd8 Merge branch 'PHP-5.4.30' into PHP-5.4 
* PHP-5.4.30:
  5.4.30
  Better fix for bug #67072 with more BC provisions
  Fix bug #67498 - phpinfo() Type Confusion Information Leak Vulnerability
  update CVE
  Fix bug #67492: unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion
  Fix bug #67397 (Buffer overflow in locale_get_display_name->uloc_getDisplayName (libicu 4.8.1))
  Fix bug #67349: Locale::parseLocale Double Free
  add CVEs
  Fix potential segfault in dns_get_record()
  Fix bug #66127 (Segmentation fault with ArrayObject unset)
  5.4.30 rc1

Conflicts:
	configure.in
	main/php_version.h
 2014-06-24 10:23:36 -07:00
Stanislav Malyshev
6d97b4b2b3 Better fix for bug #67072 with more BC provisions 2014-06-23 22:16:25 -07:00
Stanislav Malyshev
fb0128af2a Fix bug #67498 - phpinfo() Type Confusion Information Leak Vulnerability 2014-06-23 00:22:59 -07:00
Stanislav Malyshev
342240fd7f Better fix for bug #67072 with more BC provisions 2014-06-21 21:30:34 -07:00
Stanislav Malyshev
c42d5cf5de Better fix for bug #67072 with more BC provisions 2014-06-21 21:29:11 -07:00
Stanislav Malyshev
88223c5245 Fix bug #67492: unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion 2014-06-21 19:46:16 -07:00
Stanislav Malyshev
6027c56fd7 Fix bug #67397 (Buffer overflow in locale_get_display_name->uloc_getDisplayName (libicu 4.8.1)) 2014-06-21 18:44:14 -07:00
Stanislav Malyshev
aef6432fbe Fix bug #67349: Locale::parseLocale Double Free 2014-06-21 18:38:41 -07:00
Dmitry Stogov
f08a5bfadc Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed MarinaDB support
 2014-06-20 13:58:26 +04:00
Dmitry Stogov
f0639611cf Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed MarinaDB support
 2014-06-20 13:57:38 +04:00
Dmitry Stogov
680ddabac1 Fixed MarinaDB support 2014-06-20 13:56:32 +04:00
Remi Collet
e9c9169e05 skip this test which fails without network 2014-06-20 06:45:16 +02:00
Andrey Hristov
a886a0cf93 Add support for gb18030/MySQL 5.7 2014-06-18 21:53:34 +03:00
Andrey Hristov
6dd0e8e0fc Merge branch 'PHP-5.6' of git.php.net:php-src into PHP-5.6 2014-06-18 18:32:51 +03:00
Andrey Hristov
f201bf2305 Fix another problem with MySQL 5.7 2014-06-18 18:30:37 +03:00
Remi Collet
bf7fed7e41 new test, missing in ea466a3 2014-06-18 15:59:45 +02:00
Andrey Hristov
23f77050eb Merge branch 'PHP-5.5' into PHP-5.6 2014-06-18 16:42:42 +03:00
Andrey Hristov
21c9a9388f Suppress test failure with MySQL 5.7 2014-06-18 16:20:14 +03:00
Lior Kaplan
9f727692b6 Update copyright year to 2014 
Align with online version at http://www.php.net/license/3_01.txt
 2014-06-18 00:16:23 +03:00
Lior Kaplan
1222f51ebd Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Update copyright year to 2014
  Update copyright year to 2014
  Update copyright year to 2014
  Update copyright year to 2014
 2014-06-18 00:14:18 +03:00
Lior Kaplan
728c554f93 Update copyright year to 2014 2014-06-18 00:12:33 +03:00
Remi Collet
ea466a316f Fix Request #67453 Allow to unserialize empty data. 
SplDoublyLinkedList, SplObjectStorage and ArrayObject have empty
constructor (no arg), so it make sense to allow to unserialize empty
data.

This allow the hack (used in various place, including PHPUnit) to
instanciate class without call to constructor to work.
 2014-06-17 09:38:54 +02:00
Lior Kaplan
11b18347d8 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Update copyright year for re2c generated files
  Update copyright year to 2014
  Update copyright year for re2c files as well
 2014-06-16 23:32:10 +03:00
Lior Kaplan
c38b73a701 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Update copyright year for re2c generated files
  Update copyright year to 2014
  Update copyright year for re2c files as well
 2014-06-16 23:30:44 +03:00
Lior Kaplan
6f3bcb0d6e Update copyright year for re2c generated files 2014-06-16 23:28:36 +03:00
Lior Kaplan
e667d23178 Update copyright year for re2c files as well 2014-06-16 23:26:50 +03:00
Remi Collet
6788f14f5e fix failed test 2014-06-16 10:52:26 +02:00
Remi Collet
fc36277eb6 Fix test on modern distro where old unsecure algo are disabled in openssl config. 
Testing recent algo should be enough to check this function.
 2014-06-16 09:42:55 +02:00
Sara Golemon
21525d0413 Fix potential segfault in dns_get_record() 
If the remote sends us a packet with a malformed TXT record,
we could end up trying to over-consume the packet and wander
off into overruns.
 2014-06-15 01:04:24 -07:00
Derick Rethans
a06dabb5e9 Merge branch 'PHP-5.5' into PHP-5.6 2014-06-13 23:26:47 +01:00
Derick Rethans
c06ccf7c70 Merge branch 'PHP-5.4' into PHP-5.5 2014-06-13 23:26:43 +01:00
Derick Rethans
ce70b920e4 - Updated to version 2014.5 (2014e) 2014-06-13 23:26:42 +01:00
Matteo Beccati
df5551ba4f Fix bug #67433 SIGSEGV when using count() on an object implementing Countable 2014-06-13 13:14:12 +02:00
Adam Harvey
84f339546a Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Follow 308 Permanent Redirect responses.
 2014-06-12 18:17:18 -07:00
Adam Harvey
2546434008 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Follow 308 Permanent Redirect responses.
 2014-06-12 18:15:07 -07:00
Adam Harvey
b51f82f260 Follow 308 Permanent Redirect responses. 
Fixes bug #67430 (http:// wrapper doesn't follow 308 redirects).
 2014-06-12 18:12:53 -07:00
Adam Harvey
82231b5d89 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Keep 308-399 HTTP response codes when header('Location:') is called.
 2014-06-12 17:40:51 -07:00
Adam Harvey
aa3a5f7681 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Keep 308-399 HTTP response codes when header('Location:') is called.
 2014-06-12 17:38:52 -07:00
Adam Harvey
1b9cbab9a7 Keep 308-399 HTTP response codes when header('Location:') is called. 
Fixes bug #67428 (header('Location: foo') will override a 308-399 response
code).
 2014-06-12 17:35:05 -07:00
Sara Golemon
e2ef56f760 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fix potential segfault in dns_get_record()
 2014-06-11 13:51:53 -07:00
Sara Golemon
1978f41c8a Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix potential segfault in dns_get_record()
 2014-06-11 13:37:40 -07:00
Sara Golemon
4f73394fdd Fix potential segfault in dns_get_record() 
If the remote sends us a packet with a malformed TXT record,
we could end up trying to over-consume the packet and wander
off into overruns.
 2014-06-11 13:37:04 -07:00
Ferenc Kovacs
c38ab260fe Revert "Add optional second arg to unserialize()" 
This reverts commit cfd1045822.
 2014-06-11 14:43:09 +02:00
Stanislav Malyshev
2b04d68972 Fix bug #66127 (Segmentation fault with ArrayObject unset) 2014-06-10 23:24:11 -07:00
Stanislav Malyshev
2ed66ed21c Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fix bug #66127 (Segmentation fault with ArrayObject unset)
  5.4.31 next
 2014-06-10 23:20:07 -07:00
Stanislav Malyshev
f11bba4929 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix bug #66127 (Segmentation fault with ArrayObject unset)
  5.4.31 next

Conflicts:
	configure.in
	main/php_version.h
 2014-06-10 23:19:21 -07:00
Stanislav Malyshev
317bcb96d0 Fix bug #66127 (Segmentation fault with ArrayObject unset) 2014-06-10 23:17:30 -07:00
Remi Collet
0a7e131128 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  NEWS
  NEWS
  Fixed Bug #67413 	fileinfo: cdf_read_property_info insufficient boundary chec
 2014-06-10 14:36:02 +02:00
Remi Collet
12a62ce868 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  NEWS
  Fixed Bug #67413 	fileinfo: cdf_read_property_info insufficient boundary chec
 2014-06-10 14:35:23 +02:00
Remi Collet
25b1dc917a Fixed Bug #67413 fileinfo: cdf_read_property_info insufficient boundary chec 
Upstream:
93e063ee37

Adapted for C standard.
 2014-06-10 14:33:37 +02:00
Remi Collet
9ee147e6ff Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  NEWS
  NEWS
  Bug #67412 	fileinfo: cdf_count_chain insufficient boundary check
 2014-06-10 14:24:07 +02:00
Remi Collet
ff66c90af0 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  NEWS
  Bug #67412 	fileinfo: cdf_count_chain insufficient boundary check
 2014-06-10 14:23:37 +02:00
Remi Collet
40ef6e07e0 Bug #67412 fileinfo: cdf_count_chain insufficient boundary check 
Upstream:
40bade80cb
 2014-06-10 14:22:04 +02:00
Remi Collet
1d6286c049 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  NEWS
  NEWS
  Fixed Bug #67411 	fileinfo: cdf_check_stream_offset insufficient boundary check
 2014-06-10 14:16:39 +02:00
Remi Collet
f6fee381be Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  NEWS
  Fixed Bug #67411 	fileinfo: cdf_check_stream_offset insufficient boundary check
 2014-06-10 14:16:07 +02:00
Remi Collet
5c9f967999 Fixed Bug #67411 fileinfo: cdf_check_stream_offset insufficient boundary check 
Upstream:
36fadd2984
 2014-06-10 14:13:14 +02:00
Remi Collet
5e7cb43890 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  NEWS
  NEWS
  Fixed Bug #67410 fileinfo: mconvert incorrect handling of truncated pascal string size
 2014-06-10 14:05:02 +02:00
Remi Collet
18ff81eb1a Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  NEWS
  Fixed Bug #67410 fileinfo: mconvert incorrect handling of truncated pascal string size
 2014-06-10 14:04:36 +02:00
Remi Collet
e77659a8c8 Fixed Bug #67410 fileinfo: mconvert incorrect handling of truncated pascal string size 
Upstream
27a14bc7ba
 2014-06-10 14:02:36 +02:00
Stanislav Malyshev
336b5f59b6 Fixed bug #67399 (putenv with empty variable may lead to crash) 2014-06-08 23:10:04 -07:00
Stanislav Malyshev
4b0b032676 Fixed bug #67399 (putenv with empty variable may lead to crash) 2014-06-08 23:09:31 -07:00
Stanislav Malyshev
62857998c5 Fixed bug #67399 (putenv with empty variable may lead to crash) 2014-06-08 23:09:09 -07:00
Matteo Beccati
6eaadc0228 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed DOM tests when using libxml2 versions patched against CVE-2014-0191
 2014-06-09 07:07:17 +02:00
Matteo Beccati
af5057bea7 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed DOM tests when using libxml2 versions patched against CVE-2014-0191
 2014-06-09 07:07:07 +02:00
Matteo Beccati
5c8c57aa6c Fixed DOM tests when using libxml2 versions patched against CVE-2014-0191 
DOMDocument::substituteEntities needs to be set to true in order for
external entities to be parsed.
 2014-06-09 07:05:23 +02:00
Stanislav Malyshev
df03bcf135 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  add news
  Bug 49898 __getCookies() method implementation
 2014-06-08 19:47:38 -07:00
Stanislav Malyshev
1b8d4695e2 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  add news
  Bug 49898 __getCookies() method implementation
 2014-06-08 19:46:12 -07:00
Boro Sitnikovski
aebb23e4db Bug 49898 
__getCookies() method implementation
 2014-06-08 19:36:18 -07:00
Sobak
00c362c1f6 Removed another cvsclean file 2014-06-08 19:28:06 -07:00
Boro Sitnikovski
cfccdc6362 Bug 64744 
Show the type of the non-object for more descriptive errors
 2014-06-08 19:14:58 -07:00
Stanislav Malyshev
3d9f922c03 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Added support for parsing ssl certificates using GeneralizedTime format.
 2014-06-08 14:19:50 -07:00
Stanislav Malyshev
4946dc1ab9 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Added support for parsing ssl certificates using GeneralizedTime format.
 2014-06-08 14:19:16 -07:00
Paul Oehler
76a7fd893b Added support for parsing ssl certificates using GeneralizedTime format. 
fix bug #65698
fix bug #66636
 2014-06-08 14:17:58 -07:00
Stanislav Malyshev
e35945490f Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Remove superfluous echos.
 2014-06-08 13:53:01 -07:00
Stanislav Malyshev
da6abc8db4 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Remove superfluous echos.
 2014-06-08 13:50:41 -07:00
Jeff Welch
5fd7c2b01d Remove superfluous echos. 2014-06-08 13:50:22 -07:00
Ferenc Kovacs
1e2a4a67dd use ./tokenizer_data_gen.sh to for adding T_POW & T_POW_EQUAL 2014-06-08 00:01:01 +02:00
Ferenc Kovacs
016b1f089e Fix bug #67392: token_name() does not return name for T_POW and T_POW_EQUAL token 2014-06-07 15:27:54 +02:00
Remi Collet
b16950b5d3 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  fix test for 5.4/5.5
 2014-06-05 17:34:32 +02:00
Remi Collet
67f1a58ac9 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  fix test for 5.4/5.5
 2014-06-05 17:34:09 +02:00
Remi Collet
127651e9ae fix test for 5.4/5.5 2014-06-05 17:33:40 +02:00
Remi Collet
218df7e058 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  add test for previous fix
 2014-06-05 14:00:29 +02:00
Remi Collet
ab848ea400 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  add test for previous fix
 2014-06-05 14:00:15 +02:00
Remi Collet
15d8c80ead add test for previous fix 2014-06-05 14:00:00 +02:00
Remi Collet
2b3f4cc29e Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  NEWS
  NEWS
  Fix regression introduce in fix for bug #67118
 2014-06-05 13:46:41 +02:00
Remi Collet
9ea9064779 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  NEWS
  Fix regression introduce in fix for bug #67118
 2014-06-05 13:45:57 +02:00
Remi Collet
1fe9f1e4f5 Fix regression introduce in fix for bug #67118 
The fix was correct but break some code (at least in Horde)
This is a temporary workaround to fix regressioni in 5.4, 5.5 and 5.6

This make php_date_initialize more consistent
- on success return 1 + time initiliazed
- on failure return 0 + time = zero
  which is check by DATE_CHECK_INITIALIZED by later method call

Will restore consistency with other date classes in master.
 2014-06-05 13:39:46 +02:00
Anatol Belski
e2710310a0 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed regression introduced by patch for bug #67072
 2014-06-03 20:51:18 +02:00
Anatol Belski
20568e5028 Fixed regression introduced by patch for bug #67072 
This applies to 5.4 and 5.5 only as a legacy fix.
 2014-06-03 20:43:58 +02:00
Anatol Belski
f3f22ff5c6 Fixed bug #67329 fileinfo: NULL pointer deference flaw by processing certain CDF files 2014-06-03 11:37:20 +02:00
Remi Collet
e61f7727d4 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  NEWS
  NEWS
  Fix bug #67326	fileinfo: cdf_read_short_sector insufficient boundary check
 2014-06-03 11:09:29 +02:00
Remi Collet
2d59b87527 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  NEWS
  Fix bug #67326	fileinfo: cdf_read_short_sector insufficient boundary check
 2014-06-03 11:09:04 +02:00
Remi Collet
4fcb9a9d1b Fix bug #67326 fileinfo: cdf_read_short_sector insufficient boundary check 
Upstream fix 6d209c1c48.patch
Only revelant part applied
 2014-06-03 11:05:00 +02:00
Xinchen Hui
c4e7c7d50e Merge branch 'PHP-5.5' into PHP-5.6 2014-06-01 19:42:20 +08:00
Xinchen Hui
9bb5867fad Merge branch 'PHP-5.4' into PHP-5.5 2014-06-01 19:41:35 +08:00
Xinchen Hui
38be99b739 Fixed bug #67359 (Segfault in recursiveDirectoryIterator) 2014-06-01 19:41:01 +08:00
Adam Harvey
b8042acdde Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Check for zero-length keys in spl_array_skip_protected and don't skip them.
  added CVEs in NEWS
 2014-05-29 17:56:32 +00:00
Adam Harvey
43e3a83d51 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Check for zero-length keys in spl_array_skip_protected and don't skip them.
 2014-05-29 17:53:28 +00:00