Dorin Marcoci
e926bf6507
Fixes #65689 . PDO_Firebrid / exec() does not free allocated statement.
2016-12-25 22:06:20 -08:00
Bob Weinand
ac1372d811
Fix alpn_ctx leaking in openssl
2016-12-22 23:34:07 +01:00
Bob Weinand
8823b68c41
Fixed bug #73373 (deflate_add does not verify that output was not truncated)
2016-12-22 15:29:36 +01:00
Sébastien Santoro
25c96f92f4
Fix IS_UNDEF comparisons in opcache
...
These conditions were formerly `!q->pData` and `!p->pData`, and should
now be detected as undefined variables, using the special type IS_UNDEF.
Incidentally, this syntax raised a logical-not-parentheses compiler
warning, now gone.
2016-12-22 12:46:14 +01:00
Dorin Marcoci
eb33d08f1e
Compatibility with Firebird & Oracle select syntax.
2016-12-19 01:06:24 +01:00
Anatol Belski
88c1491c6d
fix proto
2016-12-19 00:50:29 +01:00
Dorin Marcoci
cf46ac1179
Cursor is not opened on singleton selects.
...
Test case for unregistered bug on FB3 singleton selects
Set error mode to warning instead of exception.
2016-12-18 21:53:51 +01:00
Anatol Belski
3e48baa49d
fix arg spec and datatype, follow up on 73594
2016-12-18 21:16:35 +01:00
Bruce Weirdan
c78fd4568e
Fixed bug #73594
...
Skip the tests when local resolver does not behave
* Added SKIPIF sections to check local resolver
* Added test to check $authns parameter
2016-12-18 20:44:33 +01:00
Nikita Popov
c1af9f282f
Fix bug #46103
2016-12-18 17:10:19 +01:00
Nikita Popov
eb636fcb56
Add test for get_browser() in object mode
...
All other tests only check array return values...
2016-12-18 13:16:25 +01:00
Anatol Belski
58a945cf68
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
fix C89 compat
2016-12-17 20:45:22 +01:00
Anatol Belski
79e47aae41
fix C89 compat
2016-12-17 20:43:32 +01:00
Sara Golemon
5004ae2b62
Silence warning from unhandled enum
...
(cherry picked from commit 57bbe2c140
)
2016-12-17 00:12:33 +01:00
Anatol Belski
2f9e928af8
fix leaking streams and memory mapped files
...
(cherry picked from commit f1ff23095b
)
2016-12-17 00:12:19 +01:00
Anatol Belski
8bc3f179ce
make timing check more forgiving in these tests
...
Particularly on slower VMs, the sporadic fails can still happen.
The timing is kept in an uncritical range, but allows the tests
pass there. Mayby, it'd make sense to introduce a new group for
this kind of tests, so tests requiring exact time measurement
can be avoided on unsuitable environments.
2016-12-15 12:20:37 +01:00
Matteo Beccati
7c696fa886
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
Skip tests when secure_file_priv dir not writable
2016-12-15 09:31:54 +01:00
Matteo Beccati
0c9324ea9b
Skip tests when secure_file_priv dir not writable
2016-12-15 09:31:00 +01:00
Anatol Belski
5136048064
extend skip section
...
The day light offset is calculated based on the system TZ, so with
an unsuitable one there's no way to workaround the false positives.
2016-12-14 19:53:55 +01:00
Anatol Belski
d663296e3b
cleanup temporary data
2016-12-14 12:33:13 +01:00
Nikita Popov
4b2cc62e26
More fixes for bug #73089
...
Insert a lot more DEREFs. Some may not be necessary, but better
safe than sorry. I'm thinking the soap_hash_str_find_deref function
should become part of the zend_hash API -- we need this in many
places.
2016-12-13 17:56:38 +01:00
Andrey Hristov
13fc1b92ca
Add a bit more test cases (edge cases) to the BIT test case
2016-12-12 21:52:36 +02:00
Andrey Hristov
a881ea7d86
Add a test case to test fetching of multiple rows with bit values.
2016-12-12 21:28:33 +02:00
Andrey Hristov
e15c418c4c
Fix off by 1 problem.
...
The problem was manifestated only with BIT columns and only when more than
one row was fetched. The problem was coming from the fact that in pre-7.0
times mysqlnd was using a no-copy optimization. This optimization kept the
strings (and also the BIT mask equivalents as strings) in the packet and the
zval referred to them. 7.0+ zvals cannot use no-copy and always copy. Because
of this the allocated memory for the packet was reduced by 1 by the person who
ported the driver, but the starting address of the bit area wasn't reduced.
Because of this the bit_area started at wrong address and the length decoded
wrong.
2016-12-12 21:11:02 +02:00
Anatol Belski
7a8774ade4
better way to get ACP
2016-12-12 01:54:22 +01:00
Anatol Belski
3473b519c0
fix datatype for zpp, yet a followup on bug #73679
2016-12-12 01:26:06 +01:00
Anatol Belski
1d80fb2cdb
Fixed bug #73679 DOTNET read access violation using invalid codepage
2016-12-11 17:06:55 +01:00
Anatol Belski
66ad7918b8
fix uninitialized member
2016-12-08 17:15:06 +01:00
Anatol Belski
ff6565462e
git clean section
2016-12-08 03:24:18 +01:00
Dorin Marcoci
13ffa88e1f
Fixed bug #72931 PDO_FIREBIRD with Firebird 3.0 not work on returning statement
2016-12-07 21:06:11 +01:00
Anatol Belski
c89306ac52
fix leak, take 2
2016-12-06 16:12:39 +01:00
Anatol Belski
9b1430140a
fix leak, take on 7.x
2016-12-06 14:42:59 +01:00
Anatol Belski
b04d60626d
fix leak, take on 5.6
2016-12-06 14:34:27 +01:00
Stanislav Malyshev
183b4d78aa
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
This still leaks memory, I don't have enough knowledge in WDDX code to fix them :(
2016-12-05 22:33:33 -08:00
Stanislav Malyshev
d7ce944cf1
This still leaks memory, I don't have enough knowledge in WDDX code to fix them :(
2016-12-05 22:32:59 -08:00
Stanislav Malyshev
1d59ed7524
Fix bug #73645 - int/size_t confusion
2016-12-05 22:16:00 -08:00
Stanislav Malyshev
6292fe84d3
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
Fix bug #73631 - Invalid read when wddx decodes empty boolean element
2016-12-05 21:58:55 -08:00
Stanislav Malyshev
266ecb6d0a
Fix bug #73631 - Invalid read when wddx decodes empty boolean element
2016-12-05 21:40:55 -08:00
Anatol Belski
eddca73ad2
fix test
...
This test depends on connection flags modifable from teh env,
that can affect the exact function called.
2016-12-04 22:42:39 +01:00
Anatol Belski
1eb3f01c68
fix test
...
On Windows, either doubled backslashes or forward slashes are supported
on the server side.
2016-12-04 22:27:17 +01:00
Anatol Belski
69fbc751ff
fix ident
2016-12-04 20:59:12 +01:00
Anatol Belski
8e209d0435
fix test
2016-12-04 17:28:43 +01:00
Anatol Belski
10a2ceef3b
enforce the test ini usage for the child process
2016-12-04 14:01:40 +01:00
Anatol Belski
2252d4e59d
fork tests
2016-12-01 14:52:18 +01:00
Dmitry Stogov
7f22e3c879
Fixed bad merge
2016-12-01 16:21:57 +03:00
Dmitry Stogov
b7b7dd8cea
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
Workaround for GCC-4.9.2 bug
oops, changed in wrong place
2016-12-01 15:50:05 +03:00
Anatol Belski
043d8e2fe1
improve skipif
2016-12-01 13:32:10 +01:00
Dmitry Stogov
003346c450
Simpler overflow check
2016-12-01 10:30:02 +03:00
Nuno Lopes
d5a2af6d1c
Merge branch 'PHP-7.0' of https://git.php.net/push/php-src into PHP-7.0
2016-11-30 14:41:26 -05:00
Dmitry Stogov
9a9ad56af0
Fixed bug #73586 (php_user_filter::$stream is not set to the stream the filter is working on).
2016-11-28 12:54:47 +03:00
Stanislav Malyshev
c8778eb293
oops, changed in wrong place
2016-11-27 16:11:41 -08:00
Stanislav Malyshev
f1a9851c3e
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
Fix #68447 : grapheme_extract take an extra trailing character
2016-11-27 15:36:29 -08:00
Stanislav Malyshev
8856b3a63c
Merge branch 'pull-request/1974' into PHP-5.6
...
* pull-request/1974:
Fix #68447 : grapheme_extract take an extra trailing character
2016-11-27 15:34:58 -08:00
Stanislav Malyshev
1cb58ead70
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
Fix #73549 : Use after free when stream is passed to imagepng
2016-11-27 14:53:27 -08:00
Christoph M. Becker
5049ef2f1c
Fix #73549 : Use after free when stream is passed to imagepng
...
If a stream is passed to imagepng() or other image output functions,
opposed to a filename, we must not close this stream.
2016-11-27 14:51:02 -08:00
Matteo Beccati
54c04befc2
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
Fix occasionaly failing test
2016-11-27 10:20:38 +01:00
Matteo Beccati
2a80758fd5
Fix occasionaly failing test
2016-11-27 10:20:13 +01:00
Stanislav Malyshev
bc85678df3
Add more mbfl string size checks (bug #73505 )
2016-11-26 14:49:48 -08:00
Stanislav Malyshev
58cdd03d92
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
Add more mbfl string size checks (bug #73505 )
2016-11-26 14:48:40 -08:00
Stanislav Malyshev
5ee02b207d
Add more mbfl string size checks (bug #73505 )
2016-11-26 14:47:58 -08:00
Christoph M. Becker
003727d851
Fix #73612 : preg_*() may leak memory
...
We have to make sure that collectible zvals end up in the GC root
buffer, to avoid memory leaks.
2016-11-26 15:34:27 +01:00
Stanislav Malyshev
8be94d46f8
Fix more size_t/int implicit conversions
...
Now the conversions are explicit and do checks. Not sure it's
the best way but at least we can see them now in the open.
2016-11-25 15:31:50 -08:00
Stanislav Malyshev
bcc913fa8b
Fix int/size_t confusion in isValidPharFilename (bug #73580 )
2016-11-25 15:31:50 -08:00
Christoph M. Becker
bc979aee6d
Merge branch 'PHP-5.6' into PHP-7.0
2016-11-25 23:16:18 +01:00
Christoph M. Becker
7f529e3dee
Fix #73582 : Failing ext/gd/tests/imagettftext_charmap_order.phpt
...
This test is not supposed to work with JIS-mapped Japanese font support
enabled.
2016-11-25 23:14:08 +01:00
Anatol Belski
a36dd1dfd8
add test for bug #57547
2016-11-24 19:25:47 +01:00
Derick Rethans
c38f2c2a6b
Updated to version 2016.10 (2016j)
2016-11-24 10:40:14 +00:00
Derick Rethans
6785ea2340
Updated to version 2016.10 (2016j)
2016-11-24 10:40:11 +00:00
Nikita Popov
5b88c61580
Merge branch 'PHP-5.6' into PHP-7.0
2016-11-22 19:25:31 +01:00
Nikita Popov
2d19c92fc2
Make php_url_parse_ex() respect length argument
...
This should fix all out-of-bounds reads that could previously
occur if the string passed to php_url_parse_ex() is not NUL
terminated.
2016-11-22 19:24:24 +01:00
Nikita Popov
f0f68c7274
Cleanup parse_url() query/fragment handling
...
The query/fragment handling was pretty convoluted, with many parts
being duplicated. Simplify by checking for fragment, then for query,
then for path.
2016-11-22 19:24:23 +01:00
Nikita Popov
9befad6fc2
Cleanup parse_url() gotos
...
Simplify some unnecessarily complicated code. In particular the
length updates are unnecessary (length is only used at the very
start) and we're goto'ing around a bit too much.
2016-11-22 19:24:21 +01:00
Anatol Belski
58aa1a70a0
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
Fix bug #73498
Add a test for bug 73498
2016-11-22 00:46:03 +01:00
Craig Duncan
644e290fcd
Fix bug #73498
...
Postgres uses the DELIMITER keyword since 7.3
And WITH is no longer required/used
2016-11-22 00:42:45 +01:00
Craig Duncan
d36d4c70d3
Add a test for bug 73498
2016-11-22 00:42:45 +01:00
Anatol Belski
5e9b4c26a5
remove TSRMLS_*
2016-11-21 23:53:37 +01:00
Anatol Belski
eb53865dfd
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
add test for bug #73452
Backport 15ac4904
to 5.6
2016-11-21 15:29:44 +01:00
Anatol Belski
4805be1db6
add test for bug #73452
2016-11-21 15:25:46 +01:00
Anatol Belski
0da5cb5fb6
Backport 15ac4904
to 5.6
2016-11-21 15:20:03 +01:00
Tyson Andre
cdb7aafc23
Fix memory leak(null coalescing operator with Spl hash)
...
The SEPARATE_ARG_IF_REF macro increased the refcount of the object passed as a
key.
However, when the key did not exist in the ArrayAccess implementation,
the code returned early without trying to decrement the refcount.
Add a test of `??` succeeding+failing on a SplObjectStorage instance.
2016-11-20 15:46:13 -08:00
Jakub Zelenka
60574ea1ac
Fix bug #73526 (php_json_encode depth issue)
2016-11-20 20:36:03 +00:00
Craig Duncan
685b1292e9
Fix bug #73538
...
Remove any previous default headers and replace with the specified
ones, as documented, and as is the case when a single header is
passed.
2016-11-20 21:18:28 +01:00
Xinchen Hui
ebfd93f725
Fixed bug #73483 (Segmentation fault on pcre_replace_callback)
2016-11-20 15:44:27 +08:00
Anatol Belski
48191010d5
fix test portability
2016-11-18 22:10:41 +01:00
Mitch Hagstrand
55980684f6
Fix the lchwon error test for Travis CI.
...
The E_WARNING message from the PHP function lchown is passed
from the system function lchown. The error message returned
from lchown can be filesystem dependent.
2016-11-18 17:55:44 +01:00
Dmitry Stogov
97b65cc9c2
Fixed memory leaks in parse_ini_file()
2016-11-18 16:17:52 +03:00
Dmitry Stogov
05d382e7ec
Merge branch 'PHP-7.0' of git.php.net:php-src into PHP-7.0
...
* 'PHP-7.0' of git.php.net:php-src:
Updated NEWS
Improvement for bug73297
Simplify ext/standard/tests/http/bug73297.phpt
http_fopen_wrapper.c - bug#73297 Skip past "100 Continue" responses
Add failing test for bug#73297
2016-11-17 14:07:11 +03:00
Dmitry Stogov
c2173c16d0
Fixed 64-bit build
2016-11-17 14:05:22 +03:00
Julien Pauli
4b2cbc3f2f
Improvement for bug73297
2016-11-17 11:51:53 +01:00
Rowan Collins
66ac73bee8
Simplify ext/standard/tests/http/bug73297.phpt
2016-11-17 11:51:53 +01:00
Rowan Collins
94374c51e7
http_fopen_wrapper.c - bug#73297 Skip past "100 Continue" responses
2016-11-17 11:51:53 +01:00
Rowan Collins
4683377dfa
Add failing test for bug#73297
2016-11-17 11:51:53 +01:00
Julien Pauli
49030f2a25
Improvement for bug73297
2016-11-17 11:33:36 +01:00
Dmitry Stogov
a67637039f
Prevent modification of immutable arrays (ext/mbstring/tests/bug26639.phpt failure with opcache.protect_memory=1)
2016-11-17 13:33:05 +03:00
Dmitry Stogov
d4b3f89c53
Overflow check
2016-11-17 13:17:34 +03:00
Rowan Collins
eba5e276c7
Simplify ext/standard/tests/http/bug73297.phpt
2016-11-17 11:04:57 +01:00
Rowan Collins
aec1a5eccc
http_fopen_wrapper.c - bug#73297 Skip past "100 Continue" responses
2016-11-17 11:04:56 +01:00
Rowan Collins
6122526cea
Add failing test for bug#73297
2016-11-17 11:04:56 +01:00
Dmitry Stogov
5e001c34ec
Skip 64-bit specific tests on 32-bit systems
2016-11-17 11:44:28 +03:00
Dmitry Stogov
27542d9c9d
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
Accorate handling of too big inodes of chroot directories
2016-11-17 01:14:23 +03:00
Dmitry Stogov
9849c97b1b
Accorate handling of too big inodes of chroot directories
2016-11-17 01:08:42 +03:00
Mitch Hagstrand
1d8be7c044
Fix #73546 : Logging for opcache has an empty file name
2016-11-16 21:30:40 +01:00
Dmitry Stogov
71ee641327
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
"opcache.validate_root" is useless on Windows
2016-11-16 23:19:56 +03:00
Dmitry Stogov
935d922114
"opcache.validate_root" is useless on Windows
2016-11-16 23:15:14 +03:00
Nuno Lopes
d26b8804d0
fix gcov coverage
2016-11-16 15:11:07 -05:00
Dmitry Stogov
8e350a627a
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
Use full path
2016-11-16 23:05:00 +03:00
Dmitry Stogov
8202b97077
Use full path
2016-11-16 23:01:40 +03:00
Dmitry Stogov
99e5d6c4a5
Merge branch 'PHP-7.0' of git.php.net:php-src into PHP-7.0
...
* 'PHP-7.0' of git.php.net:php-src:
2016-11-16 16:47:05 +03:00
Dmitry Stogov
a91f3d475e
Fixed ZTS build
2016-11-16 16:43:57 +03:00
Christoph M. Becker
936cafe33e
Merge branch 'PHP-5.6' into PHP-7.0
2016-11-16 12:00:39 +01:00
Christoph M. Becker
eb570294a2
Fix #73530 : Unsetting result set may reset other result set
...
Calling sqlite3_reset() when a result set object is freed can cause
undesired and maybe even hard to track interference with other result
sets. Furthermore, there is no need to call sqlite3_reset(), because
that is implicitly called on SQLite3Stmt::execute(), and users are
encouraged to explicitly call either SQLite3Result::finalize() or
SQLite3Stmt::reset() anyway.
2016-11-16 11:49:04 +01:00
Dmitry Stogov
a1a5b52f3b
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
Fixed bug #69090 (check cached files permissions)
2016-11-16 12:49:50 +03:00
Dmitry Stogov
ecba563f2f
Fixed bug #69090 (check cached files permissions)
2016-11-16 12:43:10 +03:00
jhdxr
0bd63959c9
move declaration of vars to top
2016-11-13 05:32:24 +00:00
jhdxr
9ad2083773
add test for #69587
2016-11-13 05:32:24 +00:00
jhdxr
23f9e48273
fix bug #69587 DateInterval properties and isset
2016-11-13 05:32:24 +00:00
Edgar R. Sandi
72be8de39f
fixed bug generated by fixes bug #73135
2016-11-12 17:43:16 +00:00
Edgar R. Sandi
1631c61feb
phpt file to bug #73135
2016-11-12 17:43:16 +00:00
Edgar R. Sandi
319822b050
fixes bug #73135
2016-11-12 17:43:16 +00:00
Joshua Rogers
1b8cfaf23d
Fix integer overflow in calender.
...
Fix int overflows in conversation functions for calendar.
Add tests for the overflows.
2016-11-12 17:33:51 +00:00
Jean Carlo Machado
f578ce3a13
added a test for date_interval_format function
2016-11-12 09:57:50 +00:00
Joe Watkins
ff1986e4d7
Merge branch 'pull-request/2198'
2016-11-12 08:16:01 +00:00
Nikita Popov
bb3d0c0e17
Fcall optimization: Avoid FETCH_DIM_R with UNUSED op2
2016-11-10 21:36:46 +01:00
Dmitry Stogov
15ac490472
Don't update proprties inplace.
2016-11-10 12:32:07 +03:00
Anatol Belski
e87daf363b
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
fix memory leak
2016-11-08 12:16:39 +01:00
Anatol Belski
d6d08f97cd
fix memory leak
2016-11-08 12:12:58 +01:00
Anatol Belski
2b30b54275
Merge remote-tracking branch 'phpsec/PHP-7.0.13' into PHP-7.0
...
* phpsec/PHP-7.0.13:
Fixed bug #73418 Integer Overflow in "_php_imap_mail" leads to crash
Fix #72696 : imagefilltoborder stackoverflow on truecolor images
Fix #72482 : Ilegal write/read access caused by gdImageAALine overflow
Fix bug #73144 and bug #73341 - remove extra dtor
remove unreferenced var came in with merge
Fix bug #73331 - do not try to serialize/unserialize objects wddx can not handle
fix version
set versions
2016-11-08 11:13:29 +01:00
Anatol Belski
33766347cb
Merge remote-tracking branch 'phpsec/PHP-5.6.28' into PHP-5.6
2016-11-08 11:06:52 +01:00
Anatol Belski
ef55a4b5b3
Enable FTS4 and FTS5 for bundled libsqlite
...
FTS3 is already enabled by default, and the other FTS versions
seems just to have been missed. Given that, the other FTS plugins
look like a low impact so worth a try. The current bundled libsqlite
versions in 7.x are proven stable already and support FTS5.
2016-11-08 02:26:43 +01:00
Anatol Belski
0c2156d190
avoid unneeded copying
2016-11-07 21:09:03 +01:00
Anatol Belski
f0676cbe20
Add test for bug #73448
2016-11-07 20:39:51 +01:00
Anatol Belski
3558e70e58
Fixed bug #73448 odbc_errormsg returns trash, always 513 bytes
2016-11-07 20:18:29 +01:00
Jakub Zelenka
493b2bff02
Fix bug #72776 (Invalid parameter in memcpy function trough openssl_pbkdf2)
2016-11-06 20:40:51 +00:00
Nikita Popov
b2af4e8868
Complete the fix of bug #70172 for PHP 7
2016-11-05 23:06:27 +01:00
Dorin Marcoci
3d73f718b2
Fix blob parameters binding. Fixes : #73087 , #61183 , #71494
...
Adjusted formatting according to requirements
Test case for bug #73087
2016-11-05 22:49:16 +01:00
Stanislav Malyshev
3b78cabc88
More int->size_t and string overflow fixes
2016-11-05 14:00:47 -07:00
Anatol Belski
617f38b0e0
fix dir separator in test
2016-11-04 18:29:54 +01:00
Anatol Belski
a61eade827
fix dir separator
2016-11-04 13:10:52 +01:00
Stanislav Malyshev
d858b4c77f
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
Add length check for bzcompress too - fix for bug #73356
2016-11-03 22:30:46 -07:00
Stanislav Malyshev
40f7fea897
Add length check for bzcompress too - fix for bug #73356
2016-11-03 22:10:22 -07:00
Stanislav Malyshev
2fa455128c
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
More string length checks & fixes
2016-11-03 22:05:25 -07:00
Stanislav Malyshev
1fd18821e0
More string length checks & fixes
2016-11-03 21:35:09 -07:00
Stanislav Malyshev
6e12e49b5b
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
More string length checks & fixes
2016-11-03 20:46:25 -07:00
Stanislav Malyshev
ea9fac94bb
More string length checks & fixes
2016-11-03 20:36:52 -07:00
Derick Rethans
7f2b7a4950
Updated to version 2016.9 (2016i)
2016-11-03 13:57:31 -04:00
Derick Rethans
ccb91cde94
Updated to version 2016.9 (2016i)
2016-11-03 13:57:28 -04:00
Anatol Belski
de643586de
Fixed bug #73418 Integer Overflow in "_php_imap_mail" leads to crash
...
(cherry picked from commit 99b242a6d0
)
2016-11-03 17:09:03 +01:00
Anatol Belski
99b242a6d0
Fixed bug #73418 Integer Overflow in "_php_imap_mail" leads to crash
2016-11-03 17:03:23 +01:00
Xinchen Hui
1efb9fd32d
Fixed bug #73423 (Reproducible crash with GDB backtrace)
2016-11-02 12:11:30 +08:00
Christoph M. Becker
8957ff36b3
Merge branch 'PHP-5.6' into PHP-7.0
2016-11-01 20:24:10 +01:00
Christoph M. Becker
2eacb53fc4
Fix #73436 : Setting allow_url_fopen to Off makes several tests fail
...
We make sure that these tests run with allow_url_fopen=1.
2016-11-01 20:13:53 +01:00
Christoph M. Becker
5693474997
Fix #72696 : imagefilltoborder stackoverflow on truecolor images
...
We must not allow negative color values be passed to
gdImageFillToBorder(), because that can lead to infinite recursion
since the recursion termination condition will not necessarily be met.
(cherry picked from commit 863d37ea66
)
2016-11-01 13:07:37 +01:00
Christoph M. Becker
1b5543b8ab
Fix #72482 : Ilegal write/read access caused by gdImageAALine overflow
...
Instead of rolling our own bounds check we use clip_1d() as it's done
in gdImageLine() and in external libgd. We must not pass the image
width and height, respectively, but rather the largest ordinate value
that is allowed to be accessed, i.e. width-1 and height-1,
respectively.
(cherry picked from commit 6499581af7
)
2016-11-01 13:03:41 +01:00
Stanislav Malyshev
7cf7920055
Fix bug #73144 and bug #73341 - remove extra dtor
...
(cherry picked from commit f74d7d92c8
)
Conflicts:
ext/spl/spl_array.c
Merged the test only, in 7.0 tree the removed dtor call is already
not present.
2016-11-01 13:01:58 +01:00
Anatol Belski
6b21c28b0e
remove unreferenced var came in with merge
2016-11-01 12:55:05 +01:00
Stanislav Malyshev
8c67460a10
Fix bug #73331 - do not try to serialize/unserialize objects wddx can not handle
...
Proper soltion would be to call serialize/unserialize and deal with the result,
but this requires more work that should be done by wddx maintainer (not me).
(cherry picked from commit 6045de69c7
)
Conflicts:
ext/wddx/wddx.c
2016-11-01 12:50:33 +01:00
Christoph M. Becker
863d37ea66
Fix #72696 : imagefilltoborder stackoverflow on truecolor images
...
We must not allow negative color values be passed to
gdImageFillToBorder(), because that can lead to infinite recursion
since the recursion termination condition will not necessarily be met.
2016-10-30 14:31:29 -07:00
Christoph M. Becker
6499581af7
Fix #72482 : Ilegal write/read access caused by gdImageAALine overflow
...
Instead of rolling our own bounds check we use clip_1d() as it's done
in gdImageLine() and in external libgd. We must not pass the image
width and height, respectively, but rather the largest ordinate value
that is allowed to be accessed, i.e. width-1 and height-1,
respectively.
2016-10-30 14:28:23 -07:00
Xinchen Hui
af873d4788
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
Fixed bug #73402 (Opcache segfault when using class constant to call a method)
Conflicts:
ext/opcache/Optimizer/zend_optimizer.c
2016-10-29 23:43:59 +08:00
Xinchen Hui
ef75ddd4f9
Fixed bug #73402 (Opcache segfault when using class constant to call a method)
2016-10-29 23:41:51 +08:00
Xinchen Hui
66caa61188
Skip if no jit is built
2016-10-29 14:23:25 +08:00
Xinchen Hui
e5aa365147
Fixed bug #73392 (A use-after-free in zend allocator management)
2016-10-28 21:21:24 +08:00
Anatol Belski
0f9a4af90b
make config.w32 compatible with ICU 58
2016-10-26 13:05:03 +02:00
Christoph M. Becker
af4bfe234c
Merge branch 'PHP-5.6' into PHP-7.0
2016-10-25 14:31:41 +02:00
Christoph M. Becker
cd13d0260a
Fix #72494 : imagecropauto out-of-bounds access
...
This issue has actually already been fixed with commit 46f2c690. We're
adding a regression test and a NEWS entry, and also port the fix in
gdImageCropThreshold() from libgd:
* <https://github.com/libgd/libgd/commit/b347e034 >
* <https://github.com/libgd/libgd/commit/46f2c690 >
2016-10-25 14:29:48 +02:00
Derick Rethans
7544040469
Updated to version 2016.8 (2016h)
2016-10-24 10:37:13 +01:00
Derick Rethans
4f5a755b9d
Updated to version 2016.8 (2016h)
2016-10-24 10:37:07 +01:00
Stanislav Malyshev
f74d7d92c8
Fix bug #73144 and bug #73341 - remove extra dtor
2016-10-23 22:03:16 -07:00
Stanislav Malyshev
6045de69c7
Fix bug #73331 - do not try to serialize/unserialize objects wddx can not handle
...
Proper soltion would be to call serialize/unserialize and deal with the result,
but this requires more work that should be done by wddx maintainer (not me).
2016-10-23 20:09:23 -07:00
Nikita Popov
89d3e234af
Fix test output
...
Changed due to eca84946a4
.
2016-10-23 22:26:25 +02:00
Adam Saponara
55d17662cb
Fix bug #71241 : array_replace_recursive mutates ref params
...
`array_replace_recursive` can sometimes mutate its params if
references are nested within. This differs from the PHP 5 behavior.
2016-10-20 13:22:04 +02:00
Leigh
c3361f16c7
Add php_random_int internal API
...
This is the internal API compliment to `php_random_bytes`
2016-10-20 10:18:07 +01:00
Joe Watkins
295377630a
Merge branch 'pull-request/2152' into PHP-7.0
2016-10-20 05:19:10 +01:00
Joe Watkins
8c74be0c52
Revert "Fix bug #47890 #73215 uniqid() should use better random source"
...
This reverts commit 48f1a17886
.
2016-10-18 11:30:19 +01:00
Yasuo Ohgaki
48f1a17886
Fix bug #47890 #73215 uniqid() should use better random source
2016-10-18 09:13:42 +09:00
Christoph M. Becker
0b596f81b8
Merge branch 'PHP-5.6' into PHP-7.0
...
We also use ZEND_LONG_(MAX|MIN) now instead of LONG_(MAX|MIN).
2016-10-17 23:38:28 +02:00
Christoph M. Becker
86e603a664
Fix #73333 : 2147483647 is fetched as string
...
We return all integers that can be represented as such by PHP as
integers, and only those that exceed the possible range as strings.
On builds which represent integers with 64 bits, the range check is
unnecessary and might cause code checkers to complain, so we skip this
special casing via the preprocessor according to
<http://git.php.net/?p=php-src.git;a=commit;h=99d087e5 >.
2016-10-17 23:34:41 +02:00
Joe Watkins
39ee3184ee
Merge branch 'pull-request/1817'
2016-10-17 17:01:39 +01:00
Joe Watkins
5eb84337a6
Merge branch 'pull-request/1816'
2016-10-17 17:01:28 +01:00
Joe Watkins
522e4f1174
Merge branch 'pull-request/1814'
2016-10-17 17:01:10 +01:00
Joe Watkins
6806a41e7f
Merge branch 'pull-request/1808'
2016-10-17 17:00:50 +01:00
Christopher Jones
8be59a1301
Fixed bug #71148 (Bind reference overwritten on PHP 7)
2016-10-17 12:40:14 +11:00
Remi Collet
f1cf340e19
bump ext/zip version
2016-10-14 17:31:07 +02:00
Remi Collet
428ef50838
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
use zend_error instead of zend_error_noreturn
2016-10-14 10:54:09 +02:00
Remi Collet
e1f5b6d8df
use zend_error instead of zend_error_noreturn
2016-10-14 10:53:40 +02:00
Keith Smiley
3b9ba6195d
soap #69137 - Invert logic to be correct
2016-10-13 23:56:24 -04:00
Anatol Belski
730288ae41
rename publicly exposed symbol to avoid name conflicts
2016-10-13 15:23:50 +02:00
Christoph M. Becker
b8fab503fe
Merge branch 'PHP-5.6' into PHP-7.0
2016-10-13 11:25:11 +02:00
Christoph M. Becker
cc08cbc84d
Fix #73280 : Stack Buffer Overflow in GD dynamicGetbuf
...
We make sure to never pass a negative `rlen` as size to memcpy().
Cf. <https://github.com/libgd/libgd/commit/53110871 >.
2016-10-13 11:10:02 +02:00
Stanislav Malyshev
cd8c9b0614
Fix outlen for openssl function
...
Even though datalen can't be over int, outlen can.
2016-10-12 23:19:07 -07:00
Stanislav Malyshev
2301608736
Syncronize with 5.6 - __toString should return ""
2016-10-12 23:09:49 -07:00
Stanislav Malyshev
9c50ba42d6
Fix potential overflows in php_pcre_replace_impl
2016-10-12 23:07:47 -07:00
Keith Smiley
26287132c0
Fixed bug #73237
...
If the response includes both fields with simple types (which get
concatenated into an XML string) and a complex type (which is parsed
into an object), then the object will parsed into the same zval as the
simple types and will overwrite the string.
2016-10-12 23:12:45 +02:00
Mitch Hagstrand
bcee2fdbec
Fixed bug in zend_accel_error() and cleaned up kill_all_lockers()
...
1. zend_accel_error was only executing clean up if log_verbosity_level is high enough to log
2. Cleaned up kill_all_lockers function and fixed comments.
2016-10-12 23:03:55 +02:00
Anatol Belski
58b18892bf
update len in fallback cases
2016-10-12 20:52:46 +02:00
Stanislav Malyshev
74b5662536
Fix bug #73190 : memcpy negative parameter _bc_new_num_ex
...
(cherry picked from commit 40e7baab3c
)
2016-10-12 19:48:25 +02:00
Stanislav Malyshev
f42cbd749c
Fix bug #73147 : Use After Free in PHP7 unserialize()
...
(cherry picked from commit 0e6fe3a4c9
)
2016-10-12 17:51:15 +02:00
Anatol Belski
efc1f33b58
fix typo
2016-10-12 17:12:38 +02:00
Anatol Belski
80eb013a92
Revert "Fix for #73240 - Write out of bounds at number_format"
...
This reverts commit 01280f8deb
.
The fix is already merged by Stas.
2016-10-12 16:12:18 +02:00
Anatol Belski
b135ba3fa9
followup with #73276 merge
2016-10-12 16:03:35 +02:00
Anatol Belski
7c6cb1282d
fix test
2016-10-12 16:03:09 +02:00
Stanislav Malyshev
7dc8b5e7ae
Fix bug #73276 - crash in openssl_random_pseudo_bytes function
...
(cherry picked from commit 85a22a0af0
)
2016-10-12 15:55:42 +02:00
Stanislav Malyshev
4ef79370a8
Fix bug #73293 - NULL pointer dereference in SimpleXMLElement::asXML()
...
(cherry picked from commit 96a8cf8e1b
)
2016-10-12 15:40:21 +02:00
Stanislav Malyshev
01280f8deb
Fix for #73240 - Write out of bounds at number_format
...
(cherry picked from commit 8259130b6b
)
2016-10-12 14:55:00 +02:00
Anatol Belski
aaa5d07365
avoid strlen
2016-10-12 13:28:23 +02:00
Stanislav Malyshev
b26b02b2df
Bug #73218 : add mitigation for ICU int overflow
...
(cherry picked from commit d946d10293
)
2016-10-12 13:22:51 +02:00
Stanislav Malyshev
87a8240b5a
Add more locale length checks, due to ICU bugs.
...
(cherry picked from commit d3eb58332a
)
2016-10-12 13:11:16 +02:00
Stanislav Malyshev
d1e878f272
Fix bug #73150 : missing NULL check in dom_document_save_html
...
(cherry picked from commit 1c0e9126fb
)
2016-10-12 12:19:41 +02:00
Sara Golemon
43ccf23d70
Clear FG(user_stream_current_filename) when bailing out
...
If a userwrapper opener E_ERRORs then FG(user_stream_current_filename)
would remain set until the next request and would not be pointing
at unallocated memory.
Catch the bailout, clear the variable, then continue bailing.
Closes https://bugs.php.net/bug.php?id=73188
2016-10-11 21:55:01 -07:00
Sara Golemon
4d11a8eedf
Clear FG(user_stream_current_filename) when bailing out
...
If a userwrapper opener E_ERRORs then FG(user_stream_current_filename)
would remain set until the next request and would not be pointing
at unallocated memory.
Catch the bailout, clear the variable, then continue bailing.
Closes https://bugs.php.net/bug.php?id=73188
2016-10-11 21:44:14 -07:00
Stanislav Malyshev
1bdb30a429
Merge branch 'PHP-7.0.12' into PHP-7.0
...
* PHP-7.0.12:
set versions and release date
sync NEWS
Revert "Fixed bug #73067 (__debugInfo crashes when throwing an exception)"
Fix for #73240 - Write out of bounds at number_format
Fix bug #73257 and bug #73258 - SplObjectStorage unserialize allows use of non-object as key
set versions
Fix bug #73091 - Unserializing DateInterval object may lead to __toString invocation
2016-10-11 16:46:51 -07:00
Stanislav Malyshev
9c675607e6
Merge remote-tracking branch 'origin/PHP-7.0.12' into PHP-7.0.12
...
* origin/PHP-7.0.12: (99 commits)
set versions and release date
sync NEWS
Revert "Fixed bug #73067 (__debugInfo crashes when throwing an exception)"
set versions
update NEWS
Ignore potentially misleading dberr values
update NEWS
Fixed bug #73172 parse error: Invalid numeric literal
Fix #53745 : cgi.discard_path option is missing from php.ini
update libs_versions.txt
update libs_versions.txt
Fixed bug #73156 (segfault on undefined function)
Add an include path for freetype which is relevant for cmake builds
Fix test_image_equals_file() wrt. palette images
Fixed bug #73163
Fix #73161 : imagecreatefromgd2() may leak memory
Fix #73159 : imagegd2(): unrecognized formats may result in corrupted files
Fix #73155 : imagegd2() writes wrong chunk sizes on boundaries
Fix #73157 (again): imagegd2() ignores 3rd param if 4 are given
Fix #73157 : imagegd2() ignores 3rd param if 4 are given
...
2016-10-11 16:27:13 -07:00
Stanislav Malyshev
689a9b8def
Merge branch 'PHP-5.6.27' into PHP-5.6
...
* PHP-5.6.27:
Fix tests
fix tsrm
Fix bug #73284 - heap overflow in php_ereg_replace function
Fix bug #73276 - crash in openssl_random_pseudo_bytes function
Fix bug #73293 - NULL pointer dereference in SimpleXMLElement::asXML()
fix bug #73275 - crash in openssl_encrypt function
Fix for #73240 - Write out of bounds at number_format
Bug #73218 : add mitigation for ICU int overflow
Add more locale length checks, due to ICU bugs.
Fix bug #73208 - another missing length check
Fix bug #73190 : memcpy negative parameter _bc_new_num_ex
Fix bug #73189 - Memcpy negative size parameter php_resolve_path
Fixed bug #73174 - heap overflow in php_pcre_replace_impl
Fix bug #73150 : missing NULL check in dom_document_save_html
Fix bug #73147 : Use After Free in PHP7 unserialize()
Fix bug #73082
Fix bug #73073 - CachingIterator null dereference when convert to string
2016-10-11 16:26:35 -07:00
Stanislav Malyshev
082d1f2375
Fix tests
2016-10-11 16:18:08 -07:00
Stanislav Malyshev
c1112ff323
fix tsrm
2016-10-11 14:39:16 -07:00
Stanislav Malyshev
21452a5401
Fix bug #73284 - heap overflow in php_ereg_replace function
2016-10-11 14:16:51 -07:00
Stanislav Malyshev
85a22a0af0
Fix bug #73276 - crash in openssl_random_pseudo_bytes function
2016-10-11 13:37:47 -07:00
Stanislav Malyshev
96a8cf8e1b
Fix bug #73293 - NULL pointer dereference in SimpleXMLElement::asXML()
2016-10-11 13:30:52 -07:00
Stanislav Malyshev
8822f7c9f0
fix bug #73275 - crash in openssl_encrypt function
2016-10-11 13:19:20 -07:00
Stanislav Malyshev
3b5262ec4c
Fix for #73240 - Write out of bounds at number_format
2016-10-10 23:49:28 -07:00
Stanislav Malyshev
8259130b6b
Fix for #73240 - Write out of bounds at number_format
2016-10-10 23:42:50 -07:00
Stanislav Malyshev
61cdd1255d
Fix bug #73257 and bug #73258 - SplObjectStorage unserialize allows use of non-object as key
2016-10-10 22:54:29 -07:00
Anatol Belski
62c68f7483
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
add test for bug #73037
2016-10-10 16:02:30 +02:00
Anatol Belski
256b150a96
add test for bug #73037
2016-10-10 15:59:52 +02:00
Nikita Popov
c91f652ddb
Fixed bug #73273
...
As well as a few other $_SESSION separation issues.
2016-10-10 12:20:44 +02:00
Christoph M. Becker
fb08216b08
Merge branch 'PHP-5.6' into PHP-7.0
2016-10-10 11:45:53 +02:00
Christoph M. Becker
fc989fc6e7
Fix #73279 : Integer overflow in gdImageScaleBilinearPalette()
...
The color components are supposed to be in range 0..255, so we must not
cast them to `signed char`, what can be the default for `char`.
Port of <https://github.com/libgd/libgd/commit/77c8d359 >.
2016-10-10 11:41:39 +02:00
Christoph M. Becker
c930714cbe
Merge branch 'PHP-5.6' into PHP-7.0
2016-10-09 15:14:17 +02:00
Christoph M. Becker
b92216b97d
Fix #73272 : imagescale() affects imagesetinterpolation()
...
We must not permanently change the interpolation method, but rather
have to restore the old method after we're done with scaling the image.
2016-10-09 15:10:34 +02:00
Anatol Belski
6f84ac721b
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
fix leak
2016-10-08 19:25:36 +02:00
Anatol Belski
3c5742ebd7
fix leak
2016-10-08 19:07:35 +02:00
Nikita Popov
159de7723e
Merge branch 'PHP-5.6' into PHP-7.0
2016-10-08 01:06:02 +02:00
Nikita Popov
b061fa909d
Fix bug #73192
2016-10-08 01:04:22 +02:00
Nikita Popov
bc3a0b82b8
Revert "Fixed test"
...
This reverts commit a10d03ac16
.
2016-10-08 00:43:36 +02:00
Nikita Popov
1c468ee044
Revert "Added validation to parse_url() to prohibit restricted characters inside login/pass components based on RFC3986"
...
This reverts commit 085dfca02b
.
2016-10-08 00:43:17 +02:00
Christoph M. Becker
825e0fd430
Document that ext/shmop deals with resources as of PHP 7.0.0
...
Second attempt
2016-10-07 16:35:37 +02:00
Anatol Belski
5b79e95f7b
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
Fix bug #73037 , second round
2016-10-05 15:03:38 +02:00
Anatol Belski
07546496b1
Fix bug #73037 , second round
2016-10-05 14:54:06 +02:00
Stanislav Malyshev
d946d10293
Bug #73218 : add mitigation for ICU int overflow
2016-10-04 22:40:43 -07:00
Stanislav Malyshev
56e19b7c75
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
Fixed test
Added validation to parse_url() to prohibit restricted characters inside login/pass components based on RFC3986
Apparently negative wordwrap is a thing and should work as length = 0.
2016-10-04 21:56:28 -07:00
Stanislav Malyshev
d3eb58332a
Add more locale length checks, due to ICU bugs.
2016-10-04 21:28:40 -07:00
Ilia Alshanetsky
a10d03ac16
Fixed test
2016-10-04 21:20:38 -07:00
Ilia Alshanetsky
085dfca02b
Added validation to parse_url() to prohibit restricted characters inside login/pass components based on RFC3986
2016-10-04 21:20:31 -07:00
Stanislav Malyshev
8ea01d5f19
Apparently negative wordwrap is a thing and should work as length = 0.
...
I'll leave it as is for now.
2016-10-03 19:17:42 -07:00
Stanislav Malyshev
631173aa5c
Really fix bug #73017
2016-10-03 18:07:21 -07:00
Keith Smiley
31cbce341c
soap #69137 - Fix SSL verify when using a proxy
...
Name verification was failing because the OpenSSL extension was picking
the proxy server's address when guessing which name to compare to the
SSL certificate. This scenario is already handled for stream wrappers
in http_fopen_wrapper.c. This patch applies the same fix to the SOAP
extension: when a proxy is used, set peer_name explicitly on the stream
context.
2016-10-03 14:02:34 -04:00
Stanislav Malyshev
ef801b9bf9
Fix bug #73208 - another missing length check
2016-10-03 00:12:14 -07:00
Stanislav Malyshev
40e7baab3c
Fix bug #73190 : memcpy negative parameter _bc_new_num_ex
2016-10-03 00:09:02 -07:00
Christoph M. Becker
12967bc346
Merge branch 'PHP-5.6' into PHP-7.0
2016-09-30 23:54:18 +02:00
Christoph M. Becker
9acfb1a3a5
Fix #73213 : Integer overflow in imageline() with antialiasing
...
We port the respective fixes <https://github.com/libgd/libgd/commit/eca37d620 >
and <https://github.com/libgd/libgd/commit/837b7327 > to our bundled libgd.
2016-09-30 23:38:13 +02:00