Christoph M. Becker
00adcbd3e9
Merge branch 'PHP-5.6'
...
* PHP-5.6:
updated NEWS
Fixed bug #69768 (escapeshell*() doesn't cater to !)
bump API version to 6.8
2015-06-24 00:47:18 +02:00
Christoph M. Becker
8da8dc04b6
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
updated NEWS
Fixed bug #69768 (escapeshell*() doesn't cater to !)
bump API version to 6.8
2015-06-24 00:23:39 +02:00
Christoph M. Becker
a621781fdb
Fixed bug #69768 (escapeshell*() doesn't cater to !)
...
When delayed variable substitution is enabled (can be set in the
Registry, for instance), !ENV! works similar to %ENV%, and so ! should
be escaped like %.
2015-06-24 00:15:55 +02:00
Stanislav Malyshev
563462fbf8
Fixed bug #69646 (OS command injection vulnerability in escapeshellarg)
2015-06-09 21:37:17 -07:00
Stanislav Malyshev
4e2fb47092
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Fix bug #69646 OS command injection vulnerability in escapeshellarg
Fix #69719 - more checks for nulls in paths
fix test description
Fixed Buf #68812 Unchecked return value.
Conflicts:
ext/dom/document.c
ext/gd/gd.c
2015-06-09 15:31:27 -07:00
Stanislav Malyshev
8036758491
Fix bug #69646 OS command injection vulnerability in escapeshellarg
2015-06-09 10:52:38 -07:00
Dmitry Stogov
d146d15003
Optimize zend_string_realloc() add more specialized versions zend_string_extend() and zend_string_truncate()
2015-03-20 02:02:42 +03:00
Yasuo Ohgaki
7d0e3c01e6
Added NULL byte protection to exec, system and passthru.
2015-02-14 05:37:56 +09:00
Yasuo Ohgaki
096fb06dab
Merge branch 'PHP-5.6'
...
* PHP-5.6:
Add NULL byte protection to exec, system and passthru
2015-02-14 05:28:32 +09:00
Yasuo Ohgaki
3ea76a768c
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Add NULL byte protection to exec, system and passthru
2015-02-14 05:26:54 +09:00
Yasuo Ohgaki
a8722f5330
Add NULL byte protection to exec, system and passthru
2015-02-14 05:25:04 +09:00
Xinchen Hui
fc33f52d8c
bump year
2015-01-15 23:27:30 +08:00
Xinchen Hui
73c1be2653
Bump year
2015-01-15 23:26:03 +08:00
Stanislav Malyshev
b7a7b1a624
trailing whitespace removal
2015-01-10 15:07:38 -08:00
Anatol Belski
bdeb220f48
first shot remove TSRMLS_* things
2014-12-13 23:06:14 +01:00
Veres Lajos
4b9535341a
typo fixes - https://github.com/vlajos/misspell_fixer
2014-11-19 20:23:00 +00:00
Anatol Belski
82c2e3f201
fix build
...
ifdef this var declaration to avoid the vs warning
2014-11-14 22:19:41 +01:00
Anatol Belski
dbddbcc950
remove unused var
2014-11-14 17:39:40 +01:00
Anatol Belski
0565a29e4d
fix datatype mismatches
2014-10-22 20:46:33 +02:00
Johannes Schlüter
d0cb715373
s/PHP 5/PHP 7/
2014-09-19 18:33:14 +02:00
Anatol Belski
bf96ee95ce
's' works with size_t round 4
2014-08-27 20:49:37 +02:00
Anatol Belski
3234480827
first show to make 's' work with size_t
2014-08-27 20:49:31 +02:00
Xinchen Hui
a3fd5b6954
Unused variable
2014-08-26 11:50:42 +08:00
Anatol Belski
c3e3c98ec6
master renames phase 1
2014-08-25 19:24:55 +02:00
Anatol Belski
745a71be33
yet more fixes to zpp
2014-08-20 14:46:14 +02:00
Anatol Belski
cb25136f4e
fix macros in the 5 basic extensions
2014-08-16 11:37:14 +02:00
Dmitry Stogov
c1965f58d4
Use reference counting instead of zval duplication
2014-06-05 16:04:11 +04:00
Dmitry Stogov
050d7e38ad
Cleanup (1-st round)
2014-04-15 15:40:40 +04:00
Dmitry Stogov
f0989e332f
Fixed char*/zend_string* inconsistency
2014-03-07 18:23:57 +04:00
Xinchen Hui
e3de898d98
Paramter are references
2014-03-03 23:14:57 +08:00
Xinchen Hui
70ddc853fd
Refactor php_escape_shell_* to return zend_string
2014-03-03 17:33:40 +08:00
Dmitry Stogov
fe5c1cc48f
Fixed crach because of dereferencing of NULL pointer
2014-02-25 16:25:45 +04:00
Xinchen Hui
5adeaa147d
Refactoring php_stream_copy_to_mem to return zend_string
2014-02-24 18:12:30 +08:00
Dmitry Stogov
40e053e7f3
Use better data structures (incomplete)
2014-02-13 17:54:23 +04:00
Xinchen Hui
c081ce628f
Bump year
2014-01-03 11:08:10 +08:00
Xinchen Hui
47c9027772
Bump year
2014-01-03 11:06:16 +08:00
Xinchen Hui
c0d060f5c0
Bump year
2014-01-03 11:04:26 +08:00
Xinchen Hui
a666285bc2
Happy New Year
2013-01-01 16:37:09 +08:00
Xinchen Hui
0a7395e009
Happy New Year
2013-01-01 16:28:54 +08:00
Rui Hirokawa
882dca647a
MFH: fixed a mistake on reverting my previous patch.
2012-04-09 23:49:18 +09:00
Rui Hirokawa
b28231165a
fixed a mistake on reverting my previous patch:
...
http://git.php.net/?p=php-src.git;a=commitdiff;h=50b2e02c045b61f99e8c72d54e6bec055aee98e4
2012-04-09 23:32:41 +09:00
Felipe Pena
8775a37559
- Year++
2012-01-01 13:15:04 +00:00
Felipe Pena
4e19825281
- Year++
2012-01-01 13:15:04 +00:00
Rui Hirokawa
50b2e02c04
revert changes to fix bug #60116 .
2011-11-11 14:58:32 +00:00
Rui Hirokawa
40a951ccad
revert changes to fix bug #60116 .
2011-11-11 14:52:56 +00:00
Rui Hirokawa
db5d9c0b66
MFH: fixed bug #60116 (escapeshellcmd() cannot escape the characters which cause shell command injection).
2011-11-10 14:19:06 +00:00
Rui Hirokawa
71ee976a2d
added a test script for bug60116 and fixed behabior of ESCAPE_CMD_END.
2011-10-30 05:57:26 +00:00
Rui Hirokawa
f17a215493
fixed bug #60116 escapeshellcmd() cannot escape the dangerous quotes.
2011-10-23 13:49:54 +00:00
Pierre Joye
9805e1674a
- remove magic quotes support, functions are kept (see the NEWS entry for the details) for BC reasons but do not allow to set enable MQ
2011-07-22 11:25:30 +00:00
Pierre Joye
cc1c7af037
- remove magic quotes support, functions are kept (see the NEWS entry for the details) for BC reasons but do not allow to set enable MQ
2011-07-22 11:25:30 +00:00