clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-24 19:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
82,301 Commits 493 Branches 1,365 Tags 848 MiB
3f93e4485e
Commit Graph

4104 Commits

Author SHA1 Message Date
Ferenc Kovacs
4d8ae36695 move to 5.6.11-dev 2015-05-28 02:05:50 +02:00
Anatol Belski
f3cec08e65 increase the internal post data buffer 
This brings speedup and fixes issues with var parsing. Default BUFSIZ
on Windows is 512 bytes which causes too much reallocation work.
 2015-05-23 18:44:39 +02:00
Stanislav Malyshev
587ddf6ddc Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  fix format
  update NEWS
  Add test for bug #69522
  Update tests
  Fix bug #69522 - do not allow int overflow
  Forgot test file
  Fix bug #69403 and other int overflows
  Fixed bug #69418 - more s->p fixes for filenames
  Fixed bug #69364 - use smart_str to assemble strings
  Fix bug #69453 - don't try to cut empty string
  Fix bug #69545 - avoid overflow when reading list

Conflicts:
	ext/standard/pack.c
 2015-05-12 14:26:06 -07:00
Stanislav Malyshev
c08f9c2c78 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  fix format
  update NEWS
  Add test for bug #69522
  Update tests
  Fix bug #69522 - do not allow int overflow
  Forgot test file
  Fix bug #69403 and other int overflows
  Fixed bug #69418 - more s->p fixes for filenames
  Fixed bug #69364 - use smart_str to assemble strings
  Fix bug #69453 - don't try to cut empty string
  Fix bug #69545 - avoid overflow when reading list

Conflicts:
	ext/pcntl/pcntl.c
	ext/standard/basic_functions.c
	ext/standard/pack.c
	ext/standard/tests/dir/opendir_variation1-win32.phpt
 2015-05-12 14:24:15 -07:00
Julien Pauli
2ddb560c2e Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fix for #66048
 2015-05-12 16:12:51 +02:00
Julien Pauli
c117548ea9 Fix for #66048 2015-05-12 16:12:29 +02:00
Stanislav Malyshev
4605d536d2 Fixed bug #69364 - use smart_str to assemble strings 2015-05-09 23:04:25 -07:00
Ferenc Kovacs
9c7496e0dd 5.6.10 will be next 2015-04-30 00:01:55 +02:00
Julien Pauli
775d0707ca 5.5.26 now 2015-04-29 11:16:06 +02:00
Stanislav Malyshev
e21f87e957 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  5.4.41 next
  fix CVE num
  update NEWS
  Fix bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode)
  fix type in fix for #69085
  fix CVE num

Conflicts:
	configure.in
	main/php_version.h
 2015-04-14 00:34:02 -07:00
Stanislav Malyshev
e10272c628 5.4.41 next 2015-04-14 00:30:58 -07:00
Ferenc Kovacs
a5e68f72a7 5.6.9 is up next 2015-04-01 01:30:51 +02:00
Julien Pauli
8e3e034469 5.5.24RC1 2015-03-31 16:03:52 +02:00
Stanislav Malyshev
4c3b73b6df 5.4.40 next 2015-03-17 22:37:16 -07:00
Stanislav Malyshev
749f82af02 oops, no idea how this got in 2015-03-17 17:13:50 -07:00
Stanislav Malyshev
890b3987ab Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fix bug #69248 - heap overflow vulnerability in regcomp.c
  add test for bug #68976
 2015-03-17 17:09:47 -07:00
Stanislav Malyshev
0f333fa93c Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  added missing parentheses
  Fix #67626
  Fix #63486

Conflicts:
	main/streams/userspace.c
 2015-03-08 23:41:30 -07:00
Julien Pauli
7d47d9fe23 Fix #67626 2015-03-08 23:40:55 -07:00
Stanislav Malyshev
43b426fbc4 Merge branch 'pull-request/1106' into PHP-5.5 
* pull-request/1106:
  Fix #67626
 2015-03-08 22:52:21 -07:00
Daniel Lowrey
10bc5fd4c4 Fixed bug (#69195 Inconsistent stream crypto values across versions) 
PHP 5.6.0 altered the semantics of the following constants:

- STREAM_CRYPTO_METHOD_SSLv23_CLIENT
- STREAM_CRYPTO_METHOD_SSLv23_SERVER
- STREAM_CRYPTO_METHOD_TLS_CLIENT
- STREAM_CRYPTO_METHOD_TLS_SERVER

Instead of representing the SSLv23_*() handshake methods the v23
constants were changed to allow only SSLv2 or SSLv3 connections.
Likewise, the TLS methods were modified from using only the TLSv1
handshake to allowing TLS1,1.1, and 1.2. This created a situation
in which users upgrading from previous versions faced a potential
security degradation if they did not update code to use different
constants. In the interest of compatibility across PHP versions
the original semantics have been restored with the following
caveat:

**IMPORTANT**

The SSLv23 client/server methods will no longer negotiate the use
of the insecure SSLv2 or SSLv3 protocols by default. Users wishing
to allow these protocols must explicitly add them to the method
bitmask via the appropriate flags.
 2015-03-05 21:09:39 -07:00
Chris Wright
e7df9d710c Fix stream_select() issue with OpenSSL buffer 
Ensure data from OpenSSL internal buffer has been
transfered to PHP stream buffer before a select()
emulation operation is performed

Addresses bug #65137
https://bugs.php.net/bug.php?id=65137

Conflicts:
	ext/openssl/xp_ssl.c
 2015-03-05 17:18:14 -07:00
Ferenc Kovacs
d4d05c8919 5.6.8 up next 2015-03-05 19:07:23 +01:00
Julien Pauli
0f334a1265 5.5.24 now 2015-03-05 14:13:39 +01:00
Reeze Xia
6cb3b941df Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Improve fix for bug 67741
  Added type checks
  Added type checks
 2015-03-03 16:27:35 +08:00
Reeze Xia
860fc3947f Improve fix for bug 67741 
Thanks to laruence.
 2015-03-03 16:25:43 +08:00
Reeze Xia
4e2c87edb3 Fixed bug #67741 (auto_prepend_file messes up __LINE__) 
This also fixes bug #54081
 2015-03-03 11:43:23 +08:00
Reeze Xia
34f09b6240 Fixed bug #67741 (auto_prepend_file messes up __LINE__) 
This also fixes bug #54081
 2015-03-03 11:25:30 +08:00
Xinchen Hui
578903578c Merge branch 'PHP-5.5' into PHP-5.6 2015-02-27 12:03:00 +08:00
Xinchen Hui
4eb830b212 Reorder 2015-02-27 12:02:42 +08:00
Xinchen Hui
d377cb6207 Merge branch 'PHP-5.5' into PHP-5.6 2015-02-27 12:01:05 +08:00
Xinchen Hui
ebfc49aa91 Fixed bug #69121 (Segfault in get_current_user when script owner is not in passwd with ZTS build) 2015-02-27 12:00:52 +08:00
Rasmus Lerdorf
a9ba407ce1 Fix bug #68166 
We can't always efree here
php_escape_html_entities can return an interned_empty_string
 2015-02-22 08:25:56 -08:00
Rasmus Lerdorf
e12b72d3f7 Fix bug #68166 
We can't always efree here
php_escape_html_entities can return an interned_empty_string
 2015-02-22 08:14:41 -08:00
Julien Pauli
c4c3dca302 Fix #67626 2015-02-20 16:07:40 +01:00
Michael Wallner
0d2a2b98c9 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed bug #65593 (Segfault when calling ob_start from output buffering callback)
 2015-02-18 13:59:32 +01:00
Michael Wallner
225af964c0 Fixed bug #65593 (Segfault when calling ob_start from output buffering callback) 2015-02-18 13:58:31 +01:00
Stanislav Malyshev
24f8a68d0a 5.4.39 next 2015-02-17 07:34:00 +01:00
manuel
cc13d8696f Fix another invalid free of CG(interned_empty_string) 
Fixes #68214
 2015-02-07 19:17:31 +01:00
manuel
13fc7f20a4 Invalid free of CG(interned_empty_string) 
On failure php_escape_html_entities returns STR_EMPTY_ALLOC which is an
alias of CG(interned_empty_string) if interned strings are enabled.
Make sure we don't free this.
 2015-02-06 16:53:01 +01:00
Stanislav Malyshev
a1c28567c6 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Update header handling to RFC 7230
 2015-02-05 20:10:09 -08:00
Stanislav Malyshev
067340bbc8 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Update header handling to RFC 7230
 2015-02-05 20:09:13 -08:00
Stanislav Malyshev
f001c63073 Update header handling to RFC 7230 2015-02-05 20:08:12 -08:00
Xinchen Hui
ae90010891 Merge branch 'PHP-5.5' into PHP-5.6 
Conflicts:
	main/streams/memory.c
 2015-02-05 16:33:20 +08:00
Nayana Hettiarachchi
5446377c6b Conflicts: 
main/streams/memory.c
 2015-02-05 16:32:30 +08:00
Julien Pauli
e6ea244004 5.6.7 now 2015-02-04 16:37:49 +01:00
Julien Pauli
b86529f751 5.5.23 now 2015-02-04 16:35:32 +01:00
Xinchen Hui
1bb7647c6e Fixed indent 2015-02-03 23:24:34 +08:00
Yasuo Ohgaki
436ba1c488 Fixed Bug #67988 htmlspecialchars() does not respect default_charset specified by ini_set. 2015-02-03 18:52:46 +09:00
Stanislav Malyshev
c5526291ce Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  fix group name handling
 2015-01-31 23:47:25 -08:00
Stanislav Malyshev
e5e251b023 fix group name handling 2015-01-31 23:47:03 -08:00