clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-23 19:07:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
95,860 Commits 491 Branches 1,363 Tags 846 MiB
2c7909697a
Commit Graph

481 Commits

Author SHA1 Message Date
Sammy Kaye Powers
478f119ab9 Update copyright headers to 2017 2017-01-04 11:14:55 -06:00
Anatol Belski
5e9b4c26a5 remove TSRMLS_* 2016-11-21 23:53:37 +01:00
Edgar R. Sandi
72be8de39f fixed bug generated by fixes bug #73135 2016-11-12 17:43:16 +00:00
Edgar R. Sandi
1631c61feb phpt file to bug #73135 2016-11-12 17:43:16 +00:00
Edgar R. Sandi
319822b050 fixes bug #73135 2016-11-12 17:43:16 +00:00
Christoph M. Becker
39172d44d8 Merge branch 'PHP-5.6' into PHP-7.0 2016-08-20 12:46:08 +02:00
Christoph M. Becker
52793c14d9 Improvements to fix #72714, suggested by nikic 2016-08-20 12:44:20 +02:00
Christoph M. Becker
db1ef5cb00 Merge branch 'PHP-5.6' into PHP-7.0 2016-08-20 02:14:49 +02:00
Christoph M. Becker
9164dc11e2 Fix #72714: _xml_startElementHandler() segmentation fault 
The issue is caused by an integer overflow when the `long` passed as
XML_OPTION_SKIP_TAGSTART is assigned to `xml_parser::toffset` which is
declared as `int`. We can simply work around this issue, by clipping
resulting negative values to 0 (and raising a notice in this case), because
the reasonable range for this value is certainly catered to by positive
`int`s.

However, there still remains the issue that `xml_parser::toffset` is later
added to `char *`s, which can cause OOB reads, so we make sure that the
upper bound never exceeds the strlen(). We eschew optimizing `SKIP_TAGSTART`
wrt. to the potentially duplicate strlen() call, because that code path is
unexpected anyway.
 2016-08-20 01:58:08 +02:00
Xinchen Hui
f3231a7c76 Unused var 2016-08-17 11:16:48 +08:00
Christoph M. Becker
6202b47e63 Merge branch 'PHP-5.6' into PHP-7.0 2016-08-17 01:22:11 +02:00
Christoph M. Becker
1bb92d5212 #72085: SEGV on unknown address zif_xml_parse 
We better make sure that the ZVALs we're accessing as arrays are indeed
arrays.
 2016-08-17 00:42:45 +02:00
Joe Watkins
b165114013 fix #72206 (xml_parser_create/xml_parser_free leaks mem) 2016-05-14 08:10:16 +01:00
Anatol Belski
33d41da347 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fix memory leak
  Fix bug #72099: xml_parse_into_struct segmentation fault
  5.5.36 now
  Fix bug #72094 - Out of bounds heap read access in exif header processing
  Fix bug #72093: bcpowmod accepts negative scale and corrupts _one_ definition
  Fix bug #72061 - Out-of-bounds reads in zif_grapheme_stripos with negative offset
  Fix for bug #71912 (libgd: signedness vulnerability)
  Typo in NEWS
 2016-04-27 11:45:29 +02:00
Stanislav Malyshev
e315a162da Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fix memory leak
  Fix bug #72099: xml_parse_into_struct segmentation fault
  5.5.36 now
  Fix bug #72094 - Out of bounds heap read access in exif header processing
  Fix bug #72093: bcpowmod accepts negative scale and corrupts _one_ definition
  Fix bug #72061 - Out-of-bounds reads in zif_grapheme_stripos with negative offset
  Fix for bug #71912 (libgd: signedness vulnerability)
  Typo in NEWS

Conflicts:
	configure.in
	main/php_version.h
 2016-04-26 23:48:41 -07:00
Stanislav Malyshev
dccda88f27 Fix bug #72099: xml_parse_into_struct segmentation fault 2016-04-26 22:46:28 -07:00
Nikita Popov
1ac152938c Move semicolon into TSRMLS_CACHE_EXTERN/DEFINE 
Also re bug #71575.
 2016-03-03 16:50:01 +01:00
Stanislav Malyshev
57b997ebf9 Fix bug #71637: Multiple Heap Overflow due to integer overflows 2016-02-21 23:14:29 -08:00
Lior Kaplan
ed35de784f Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Happy new year (Update copyright to 2016)
 2016-01-01 19:48:25 +02:00
Lior Kaplan
49493a2dcf Happy new year (Update copyright to 2016) 2016-01-01 19:21:47 +02:00
Xinchen Hui
4171a8f6c6 Internal function argumensts cleanup (strict_types) 2015-12-12 22:52:37 -08:00
Christoph M. Becker
502b70c50c Merge branch 'PHP-5.6' 
* PHP-5.6:
  Skip test for old glibc iconv
 2015-09-09 04:33:28 +02:00
Christoph M. Becker
71da4f1f7f Skip test for old glibc iconv 
bug32001.phpt has a high failure rate for the submitted reports. According to
several samples it seems the iconv implementation of glibc 2.12 (released
2010-05) is the culprit. It seems appropriate to skip the test for such old
versions.
 2015-09-09 04:27:28 +02:00
Anatol Belski
4e66cce87c switch to the unified globals accessor where appropriate 2015-07-29 13:26:35 +02:00
Dmitry Stogov
4a2e40bb86 Use ZSTR_ API to access zend_string elements (this is just renaming without semantick changes). 2015-06-30 04:05:24 +03:00
Anatol Belski
becfdeb2ff improve searchability for libxml2 headers 
and bring the configs inline with the current libxml2 build
 2015-05-10 22:22:03 +02:00
Andrea Faulds
db76b708cf Deprecate PHP 4 constructors 2015-03-31 17:55:27 +02:00
Anatol Belski
663074b6b1 cleanup mod version macros and mod defs, round x 2015-03-23 21:30:22 +01:00
Anatol Belski
ffabfc703d fix exports 2015-03-23 15:09:06 +01:00
Dmitry Stogov
d146d15003 Optimize zend_string_realloc() add more specialized versions zend_string_extend() and zend_string_truncate() 2015-03-20 02:02:42 +03:00
Anatol Belski
af3ca74501 made ZEND_TSRMLS_CACHE_* macros look like function calls 
which also comply with the current semantics for such macros
 2015-02-16 17:19:32 +01:00
Xinchen Hui
942809909e Cleanup resource handling APIs 2015-02-02 13:23:16 +08:00
Xinchen Hui
fc33f52d8c bump year 2015-01-15 23:27:30 +08:00
Xinchen Hui
0579e8278d bump year 2015-01-15 23:26:37 +08:00
Xinchen Hui
73c1be2653 Bump year 2015-01-15 23:26:03 +08:00
Stanislav Malyshev
b7a7b1a624 trailing whitespace removal 2015-01-10 15:07:38 -08:00
Andrea Faulds
e5eb9530ab Use "float" and "integer" in typehint and zpp errors 2014-12-21 13:23:02 +00:00
Anatol Belski
bdeb220f48 first shot remove TSRMLS_* things 2014-12-13 23:06:14 +01:00
Anatol Belski
bb66f385d0 Merge remote-tracking branch 'origin/master' into native-tls 
* origin/master: (37 commits)
  NEWS
  NEWS
  Fix bug #68601 buffer read overflow in gd_gif_in.c
  Fixed compilation warnings
  Removed unnecessary checks
  pcntl_signal_dispatch: Speed up by preventing system calls when unnecessary
  Merged PR #911.
  Removed ZEND_ACC_FINAL_CLASS which is unnecessary. This also fixed some currently defined classes as final which were just not being considered as such before.
  Updated NEWS
  Updated NEWS
  Updated NEWS
  Fix bug #68532: convert.base64-encode omits padding bytes
  Updated NEWS
  Updated NEWS
  Updated NEWS
  Fixed Bug #65576 (Constructor from trait conflicts with inherited constructor)
  Updated NEWS
  Updated NEWS
  Fix MySQLi tests
  Fixed gd test
  ...
 2014-12-13 19:43:45 +01:00
Andrea Faulds
ebaa42302a Skip buncha tests on 32-bit 2014-11-29 01:05:19 +00:00
Anatol Belski
7a6a3d923b fix arg order, CFLAGS is the fifth arg in m4 2014-10-17 16:03:40 +02:00
Anatol Belski
5749b4a997 ext/libxml, ext/xml and ext/soap use static tsrmls pointer 2014-10-17 14:31:17 +02:00
Anatol Belski
c00424e427 bring back all the TSRMLS_FETCH() stuff 
for better comparability with the mainstream
 2014-10-15 09:37:55 +02:00
Anatol Belski
42ddd5f314 cleanup TSRMLS_FETCH in ext/xml 2014-09-26 20:57:14 +02:00
Florian MARGAINE
8eb7e7bf7f Merge branch 'master' into issue-67910 
Conflicts:
	README.PARAMETER_PARSING_API
	ext/gmp/tests/001.phpt
 2014-09-20 10:09:21 +02:00
Florian MARGAINE
cf0303e782 Replaces php5 with php7, without whitespace changes. 2014-09-20 10:01:44 +02:00
Johannes Schlüter
d0cb715373 s/PHP 5/PHP 7/ 2014-09-19 18:33:14 +02:00
Anatol Belski
a7482fd2bf make xml_utf8_ encode/decode work with size_t 2014-09-14 21:38:46 +02:00
Nikita Popov
17cb2443a7 Fix ext/xml warnings 2014-09-06 12:26:41 +02:00
Anatol Belski
6db8d4f829 's' works with size_t round 3 2014-08-27 20:49:36 +02:00