Stanislav Malyshev
3798eb6fd5
Fix bug #72562 - destroy var_hash properly
2016-07-12 23:27:45 -07:00
Stanislav Malyshev
fc8eff897b
More fixes for bug #70219
2015-08-28 21:50:21 -07:00
Stanislav Malyshev
24dda816d0
Merge branch 'PHP-5.4.45' into PHP-5.5.29
...
* PHP-5.4.45:
Fix bug #70219 (Use after free vulnerability in session deserializer)
Fix for bug #69782
5.4.45 next
Conflicts:
configure.in
ext/standard/var_unserializer.c
ext/standard/var_unserializer.re
main/php_version.h
2015-08-25 23:08:49 -07:00
Stanislav Malyshev
df4bf28f9f
Fix bug #70219 (Use after free vulnerability in session deserializer)
2015-08-23 19:56:12 -07:00
Yasuo Ohgaki
4c711200b4
Set NULL after efree
2015-04-24 16:04:01 +09:00
Julien Pauli
4dba99c226
Fix flaws in session module
2015-03-16 16:00:46 +01:00
Yasuo Ohgaki
b41a6c6f05
Fixed Bug #66623 no EINTR check on flock(LOCK_EX)
2015-02-03 14:02:58 +09:00
Yasuo Ohgaki
853ae39d6e
Fixed bug #68063 Empty session IDs do still start sessions
2015-02-03 13:38:49 +09:00
Yasuo Ohgaki
17beba686e
Bug #61470 is fixed only in master
2015-02-03 12:26:01 +09:00
Adam Harvey
9d8b1170aa
Let's not assume bash is always /bin/bash.
2015-02-02 11:31:10 +00:00
Yasuo Ohgaki
fb803ff819
Add test for bug #61470 . It is already fixed.
2015-02-02 18:39:07 +09:00
Yasuo Ohgaki
c8a12508c7
Fixed typo in comment
2015-02-01 05:14:27 +09:00
Yasuo Ohgaki
d463ddd3c7
Use bash rather than sh
2015-01-29 15:21:17 +09:00
Yasuo Ohgaki
abf9e2ea09
Fixed Bug #68941 mod_files.sh is a bash-script
2015-01-29 09:25:28 +09:00
Xinchen Hui
73c1be2653
Bump year
2015-01-15 23:26:03 +08:00
Adam Harvey
bc44eb6172
Fix bug #67972 (SessionHandler Invalid memory read create_sid()).
...
SessionHandler::create_sid() didn't check if PS(default_mod) was initialised
before attempting to call its create_sid() handler.
2014-09-08 19:25:14 +00:00
Stanislav Malyshev
531be9662f
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Fix missing type checks in various functions
2014-07-28 00:34:27 -07:00
Stanislav Malyshev
b4a4db467b
Fix missing type checks in various functions
2014-07-27 02:42:49 -07:00
Yasuo Ohgaki
f83a6c33b4
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Fixed bug #66827 Session raises E_NOTICE when session name variable is array
2014-07-19 09:53:04 +09:00
Yasuo Ohgaki
e946de29d2
Fixed bug #66827 Session raises E_NOTICE when session name variable is array
2014-07-19 09:52:31 +09:00
Ferenc Kovacs
8e2d396b52
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Fixed test (it requires ext/hash)
2014-05-07 00:55:05 +02:00
Dmitry Stogov
8517001b25
Fixed test (it requires ext/hash)
2014-05-07 00:52:49 +02:00
Ferenc Kovacs
579898e338
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Fixed tests (they might fail from time to time because of session GC)
Fix author name on the #63228 patch.
2014-05-07 00:38:32 +02:00
Dmitry Stogov
f880013c4d
Fixed tests (they might fail from time to time because of session GC)
2014-05-07 00:37:56 +02:00
Anatol Belski
793f67e852
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
fix windows build
2014-04-14 23:30:14 +02:00
Anatol Belski
24b72e7a27
fix windows build
2014-04-14 23:29:38 +02:00
Stanislav Malyshev
8bc82718ae
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Fix #66942 : openssl_seal() memory leak
ws fix
Conflicts:
ext/openssl/openssl.c
2014-04-14 13:35:24 -07:00
Stanislav Malyshev
56f9727305
ws fix
2014-04-14 13:16:53 -07:00
Stanislav Malyshev
7f43aeb167
Fix bug #66171 : better handling of symlinks
2014-04-14 10:46:45 -07:00
Stanislav Malyshev
40a9316dff
Fix bug #66171 : better handling of symlinks
2014-04-14 10:44:53 -07:00
Yasuo Ohgaki
b1c0614ecc
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Fixed bug data->fd not set to -1 for open_basedir failure.
2014-01-30 14:16:05 +09:00
Yasuo Ohgaki
f5e097d1ed
Fixed bug data->fd not set to -1 for open_basedir failure.
2014-01-30 14:15:29 +09:00
Anatol Belski
c0fcd3d6b0
refixed that test for 5.5+
2014-01-22 23:30:14 +01:00
Anatol Belski
0436b85d9f
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
fixed test
2014-01-22 15:40:19 +01:00
Anatol Belski
0eff7176de
fixed test
2014-01-22 15:39:49 +01:00
Anatol Belski
6d1d8ec330
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
fix zts
2014-01-22 12:04:25 +01:00
Anatol Belski
34792280bc
fix zts
2014-01-22 12:03:54 +01:00
Yasuo Ohgaki
fa224b1c58
Fixed previous commit may delete unwanted cookies.
2014-01-22 19:23:01 +09:00
Yasuo Ohgaki
58f94345a7
Fixed previous commit may delete unwanted cookies. Sync tests from upper branches.
2014-01-22 19:21:25 +09:00
Yasuo Ohgaki
383423a1ee
Re-fixed bug #66469
2014-01-22 13:46:59 +09:00
Yasuo Ohgaki
a27e51fd4e
Re-fixed bug #66469
2014-01-22 13:40:58 +09:00
Anatol Belski
14e371e7d4
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
forked the test for bug #66481
2014-01-17 03:31:38 +01:00
Anatol Belski
a218a8b917
forked the test for bug #66481
2014-01-17 03:30:42 +01:00
Xinchen Hui
9799816e0c
Merge branch 'PHP-5.4' into PHP-5.5
2014-01-16 14:41:52 +08:00
Xinchen Hui
b777248ded
Re-fixed Bug #66481 (Calls to session_name() segfault when session.name is null)
2014-01-16 14:41:12 +08:00
Xinchen Hui
271053ad47
Revert "Bug #66481 Segfaults on session_name()"
...
This reverts commit 5662ffb295
.
2014-01-16 14:38:35 +08:00
Yasuo Ohgaki
744f38c2d6
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Bug #66481 Segfaults on session_name()
2014-01-16 11:34:31 +09:00
Conor McDermottroe
5662ffb295
Bug #66481 Segfaults on session_name()
...
If the previous value of session.name was NULL then any call to
session_name($string) would result in a segmentation fault.
This changes the behaviour to set the value of session.name to
"PHPSESSID" if a blank value is given in php.ini or via -d on the
command line. There is already protection against setting it to NULL via
session_name() or ini_set().
2014-01-16 11:33:10 +09:00
Yasuo Ohgaki
f52c251f60
Fixed session module is sending multiple set-cookie headers when session.use_strict_mode=1
2014-01-15 11:06:06 +09:00
Xinchen Hui
47c9027772
Bump year
2014-01-03 11:06:16 +08:00