clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-10-01 06:46:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
90,909 Commits 494 Branches 1,367 Tags 800 MiB
5060060317
Commit Graph

196 Commits

Author SHA1 Message Date
Christoph M. Becker
00adcbd3e9 Merge branch 'PHP-5.6' 
* PHP-5.6:
  updated NEWS
  Fixed bug #69768 (escapeshell*() doesn't cater to !)
  bump API version to 6.8
 2015-06-24 00:47:18 +02:00
Christoph M. Becker
8da8dc04b6 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  updated NEWS
  Fixed bug #69768 (escapeshell*() doesn't cater to !)
  bump API version to 6.8
 2015-06-24 00:23:39 +02:00
Christoph M. Becker
a621781fdb Fixed bug #69768 (escapeshell*() doesn't cater to !) 
When delayed variable substitution is enabled (can be set in the
Registry, for instance), !ENV! works similar to %ENV%, and so ! should
be escaped like %.
 2015-06-24 00:15:55 +02:00
Stanislav Malyshev
563462fbf8 Fixed bug #69646 (OS command injection vulnerability in escapeshellarg) 2015-06-09 21:37:17 -07:00
Stanislav Malyshev
4e2fb47092 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix bug #69646	OS command injection vulnerability in escapeshellarg
  Fix #69719 - more checks for nulls in paths
  fix test description
  Fixed Buf #68812 Unchecked return value.

Conflicts:
	ext/dom/document.c
	ext/gd/gd.c
 2015-06-09 15:31:27 -07:00
Stanislav Malyshev
8036758491 Fix bug #69646 OS command injection vulnerability in escapeshellarg 2015-06-09 10:52:38 -07:00
Dmitry Stogov
d146d15003 Optimize zend_string_realloc() add more specialized versions zend_string_extend() and zend_string_truncate() 2015-03-20 02:02:42 +03:00
Yasuo Ohgaki
7d0e3c01e6 Added NULL byte protection to exec, system and passthru. 2015-02-14 05:37:56 +09:00
Yasuo Ohgaki
096fb06dab Merge branch 'PHP-5.6' 
* PHP-5.6:
  Add NULL byte protection to exec, system and passthru
 2015-02-14 05:28:32 +09:00
Yasuo Ohgaki
3ea76a768c Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Add NULL byte protection to exec, system and passthru
 2015-02-14 05:26:54 +09:00
Yasuo Ohgaki
a8722f5330 Add NULL byte protection to exec, system and passthru 2015-02-14 05:25:04 +09:00
Xinchen Hui
fc33f52d8c bump year 2015-01-15 23:27:30 +08:00
Xinchen Hui
73c1be2653 Bump year 2015-01-15 23:26:03 +08:00
Stanislav Malyshev
b7a7b1a624 trailing whitespace removal 2015-01-10 15:07:38 -08:00
Anatol Belski
bdeb220f48 first shot remove TSRMLS_* things 2014-12-13 23:06:14 +01:00
Veres Lajos
4b9535341a typo fixes - https://github.com/vlajos/misspell_fixer 2014-11-19 20:23:00 +00:00
Anatol Belski
82c2e3f201 fix build 
ifdef this var declaration to avoid the vs warning
 2014-11-14 22:19:41 +01:00
Anatol Belski
dbddbcc950 remove unused var 2014-11-14 17:39:40 +01:00
Anatol Belski
0565a29e4d fix datatype mismatches 2014-10-22 20:46:33 +02:00
Johannes Schlüter
d0cb715373 s/PHP 5/PHP 7/ 2014-09-19 18:33:14 +02:00
Anatol Belski
bf96ee95ce 's' works with size_t round 4 2014-08-27 20:49:37 +02:00
Anatol Belski
3234480827 first show to make 's' work with size_t 2014-08-27 20:49:31 +02:00
Xinchen Hui
a3fd5b6954 Unused variable 2014-08-26 11:50:42 +08:00
Anatol Belski
c3e3c98ec6 master renames phase 1 2014-08-25 19:24:55 +02:00
Anatol Belski
745a71be33 yet more fixes to zpp 2014-08-20 14:46:14 +02:00
Anatol Belski
cb25136f4e fix macros in the 5 basic extensions 2014-08-16 11:37:14 +02:00
Dmitry Stogov
c1965f58d4 Use reference counting instead of zval duplication 2014-06-05 16:04:11 +04:00
Dmitry Stogov
050d7e38ad Cleanup (1-st round) 2014-04-15 15:40:40 +04:00
Dmitry Stogov
f0989e332f Fixed char*/zend_string* inconsistency 2014-03-07 18:23:57 +04:00
Xinchen Hui
e3de898d98 Paramter are references 2014-03-03 23:14:57 +08:00
Xinchen Hui
70ddc853fd Refactor php_escape_shell_* to return zend_string 2014-03-03 17:33:40 +08:00
Dmitry Stogov
fe5c1cc48f Fixed crach because of dereferencing of NULL pointer 2014-02-25 16:25:45 +04:00
Xinchen Hui
5adeaa147d Refactoring php_stream_copy_to_mem to return zend_string 2014-02-24 18:12:30 +08:00
Dmitry Stogov
40e053e7f3 Use better data structures (incomplete) 2014-02-13 17:54:23 +04:00
Xinchen Hui
c081ce628f Bump year 2014-01-03 11:08:10 +08:00
Xinchen Hui
47c9027772 Bump year 2014-01-03 11:06:16 +08:00
Xinchen Hui
c0d060f5c0 Bump year 2014-01-03 11:04:26 +08:00
Xinchen Hui
a666285bc2 Happy New Year 2013-01-01 16:37:09 +08:00
Xinchen Hui
0a7395e009 Happy New Year 2013-01-01 16:28:54 +08:00
Rui Hirokawa
882dca647a MFH: fixed a mistake on reverting my previous patch. 2012-04-09 23:49:18 +09:00
Rui Hirokawa
b28231165a fixed a mistake on reverting my previous patch: 
http://git.php.net/?p=php-src.git;a=commitdiff;h=50b2e02c045b61f99e8c72d54e6bec055aee98e4
 2012-04-09 23:32:41 +09:00
Felipe Pena
8775a37559 - Year++ 2012-01-01 13:15:04 +00:00
Felipe Pena
4e19825281 - Year++ 2012-01-01 13:15:04 +00:00
Rui Hirokawa
50b2e02c04 revert changes to fix bug #60116. 2011-11-11 14:58:32 +00:00
Rui Hirokawa
40a951ccad revert changes to fix bug #60116. 2011-11-11 14:52:56 +00:00
Rui Hirokawa
db5d9c0b66 MFH: fixed bug #60116 (escapeshellcmd() cannot escape the characters which cause shell command injection). 2011-11-10 14:19:06 +00:00
Rui Hirokawa
71ee976a2d added a test script for bug60116 and fixed behabior of ESCAPE_CMD_END. 2011-10-30 05:57:26 +00:00
Rui Hirokawa
f17a215493 fixed bug #60116 escapeshellcmd() cannot escape the dangerous quotes. 2011-10-23 13:49:54 +00:00
Pierre Joye
9805e1674a - remove magic quotes support, functions are kept (see the NEWS entry for the details) for BC reasons but do not allow to set enable MQ 2011-07-22 11:25:30 +00:00
Pierre Joye
cc1c7af037 - remove magic quotes support, functions are kept (see the NEWS entry for the details) for BC reasons but do not allow to set enable MQ 2011-07-22 11:25:30 +00:00