clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-27 12:57:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
70,714 Commits 494 Branches 1,367 Tags 781 MiB
21525d0413
Commit Graph

70714 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sara Golemon
21525d0413 Fix potential segfault in dns_get_record() 
If the remote sends us a packet with a malformed TXT record,
we could end up trying to over-consume the packet and wander
off into overruns.
 2014-06-15 01:04:24 -07:00
Stanislav Malyshev
2b04d68972 Fix bug #66127 (Segmentation fault with ArrayObject unset) 2014-06-10 23:24:11 -07:00
Stanislav Malyshev
0235a8acdc 5.4.30 rc1 2014-06-10 21:17:37 -07:00
Remi Collet
6256b79a35 NEWS 2014-06-10 14:35:14 +02:00
Remi Collet
25b1dc917a Fixed Bug #67413 fileinfo: cdf_read_property_info insufficient boundary chec 
Upstream:
93e063ee37

Adapted for C standard.
 2014-06-10 14:33:37 +02:00
Remi Collet
da5d40bae6 NEWS 2014-06-10 14:23:31 +02:00
Remi Collet
40ef6e07e0 Bug #67412 fileinfo: cdf_count_chain insufficient boundary check 
Upstream:
40bade80cb
 2014-06-10 14:22:04 +02:00
Remi Collet
2b33a41162 NEWS 2014-06-10 14:16:00 +02:00
Remi Collet
5c9f967999 Fixed Bug #67411 fileinfo: cdf_check_stream_offset insufficient boundary check 
Upstream:
36fadd2984
 2014-06-10 14:13:14 +02:00
Remi Collet
d02aa44090 NEWS 2014-06-10 14:04:27 +02:00
Remi Collet
e77659a8c8 Fixed Bug #67410 fileinfo: mconvert incorrect handling of truncated pascal string size 
Upstream
27a14bc7ba
 2014-06-10 14:02:36 +02:00
Remi Collet
949cab09f2 NEWS 2014-06-10 10:31:17 +02:00
Remi Collet
58c6a08e00 Fixed bug #67406 built-in web-server segfaults on startup 
Reproduce on aarch64.

From select man page:
  "select() may update the timeout argument to indicate how much time was left."
So "const" is not ok.
 2014-06-10 10:28:34 +02:00
Stanislav Malyshev
62857998c5 Fixed bug #67399 (putenv with empty variable may lead to crash) 2014-06-08 23:09:09 -07:00
Matteo Beccati
5c8c57aa6c Fixed DOM tests when using libxml2 versions patched against CVE-2014-0191 
DOMDocument::substituteEntities needs to be set to true in order for
external entities to be parsed.
 2014-06-09 07:05:23 +02:00
Stanislav Malyshev
9b5d56fd61 add news 2014-06-08 19:44:27 -07:00
Boro Sitnikovski
aebb23e4db Bug 49898 
__getCookies() method implementation
 2014-06-08 19:36:18 -07:00
Stanislav Malyshev
e43270cb2a fix order 2014-06-08 19:03:50 -07:00
Levi Morrison
e030efa4f6 Fix bug 666222 
This also adds some smaller, isolated tests related to bug 66622.

Conflicts:
	Zend/zend_vm_def.h
	Zend/zend_vm_execute.h
 2014-06-08 18:59:23 -07:00
Jefersson Nathan
33926b19d0 Fixed identation on file 2014-06-08 14:30:01 -07:00
Jefersson Nathan
e51eaaf665 Fix align indentation 2014-06-08 14:28:51 -07:00
Paul Oehler
76a7fd893b Added support for parsing ssl certificates using GeneralizedTime format. 
fix bug #65698
fix bug #66636
 2014-06-08 14:17:58 -07:00
Jeff Welch
5fd7c2b01d Remove superfluous echos. 2014-06-08 13:50:22 -07:00
Remi Collet
811f35d0ed NEWS 2014-06-06 14:17:54 +02:00
Remi Collet
91bcadd85e Fix bug #67390 insecure temporary file use in the configure script 2014-06-06 14:16:04 +02:00
Remi Collet
56c9e22c1f drop exec perm on doc files 2014-06-05 17:45:22 +02:00
Remi Collet
127651e9ae fix test for 5.4/5.5 2014-06-05 17:33:40 +02:00
Remi Collet
15d8c80ead add test for previous fix 2014-06-05 14:00:00 +02:00
Remi Collet
3f47368738 NEWS 2014-06-05 13:45:25 +02:00
Remi Collet
1fe9f1e4f5 Fix regression introduce in fix for bug #67118 
The fix was correct but break some code (at least in Horde)
This is a temporary workaround to fix regressioni in 5.4, 5.5 and 5.6

This make php_date_initialize more consistent
- on success return 1 + time initiliazed
- on failure return 0 + time = zero
  which is check by DATE_CHECK_INITIALIZED by later method call

Will restore consistency with other date classes in master.
 2014-06-05 13:39:46 +02:00
Stanislav Malyshev
e06c4f7fe5 update NEWS 2014-06-04 01:09:37 -07:00
Anatol Belski
20568e5028 Fixed regression introduced by patch for bug #67072 
This applies to 5.4 and 5.5 only as a legacy fix.
 2014-06-03 20:43:58 +02:00
Remi Collet
0817a2c767 (re)add cve number in NEWS, from 5.4.29 2014-06-03 11:28:07 +02:00
Remi Collet
21986f98db NEWS 2014-06-03 11:08:46 +02:00
Remi Collet
4fcb9a9d1b Fix bug #67326 fileinfo: cdf_read_short_sector insufficient boundary check 
Upstream fix 6d209c1c48.patch
Only revelant part applied
 2014-06-03 11:05:00 +02:00
Xinchen Hui
38be99b739 Fixed bug #67359 (Segfault in recursiveDirectoryIterator) 2014-06-01 19:41:01 +08:00
Adam Harvey
b5d9983ff4 Check for zero-length keys in spl_array_skip_protected and don't skip them. 
Fixes bug #67360 (Missing element after ArrayObject::getIterator).
 2014-05-29 17:49:32 +00:00
Anatol Belski
d2765e4b8c updated libmagic.patch for 5.4+ 2014-05-27 22:36:12 +02:00
Stanislav Malyshev
76b06780d5 update NEWS 2014-05-27 11:28:53 -07:00
Stanislav Malyshev
091b7642c2 Fix bug #67249: printf out-of-bounds read 2014-05-27 11:28:22 -07:00
Matteo Beccati
92d54f81d6 Escape non-printable characters in the junit XML output 
XML doesn't allow most of the characters < 0x20 and binary output
breaks XML parsers. Such characters are not allowed as entities
either, so the generated entities are escaped in order to be printed
as text.
 2014-05-27 12:03:38 +02:00
Matteo Beccati
1696166466 Fixed broken XML junit output due to escaping of CDATA sections 
I've removed CDATA and used htmlspecialchars as the output might not be UTF-8 safe, as pointed out by ircmaxell in 26b37f1792
 2014-05-27 11:04:48 +02:00
Anatol Belski
d184f07b3c backport this piece from 5.6, related to the #66307 fix 2014-05-26 18:05:13 -07:00
Anatol Belski
15ee33eb21 Fixed bug #66307 Fileinfo crashes with powerpoint files 2014-05-26 18:04:27 -07:00
Stanislav Malyshev
4005f06df6 Fix bug #67328 (fileinfo: numerous file_printf calls resulting in performance degradation) 
Upstream patch: b8acc83781
 2014-05-26 18:01:17 -07:00
Stanislav Malyshev
57225f09ed Fix bug #67327: fileinfo: CDF infinite loop in nelements DoS 
Upstream fix: f97486ef5d
 2014-05-26 17:45:14 -07:00
Matteo Beccati
f9357b44f3 Fix broken Junit output with --disable-cgi 2014-05-25 00:07:52 +02:00
Adam Harvey
319611ffbd Fix broken test caused by fdb2709. 2014-05-23 15:07:19 +00:00
Adam Harvey
5d1bfd6fbf Fix run-tests.php with Valgrind >= 3.10.0. 
The version test that we had in run-tests.php assumed that the major and minor
version numbers were always single digits. This removes that assumption and
also uses version_compare() for the comparison instead of naively converting it
to an integer.
 2014-05-22 22:37:08 +00:00
Adam Harvey
fdb2709dd2 Add microseconds to the serialised form of DateTime objects. 
Fixes bug #67308 (Serialize of DateTime truncates fractions of second).
 2014-05-21 14:55:52 -05:00