clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-22 02:17:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
95,960 Commits 491 Branches 1,363 Tags 837 MiB
5432d6f982
Commit Graph

9453 Commits

Author SHA1 Message Date
Anatol Belski
29a089d3c9 update NEWS 2016-10-10 20:57:57 +02:00
Anatol Belski
4165d97606 update NEWS 2016-10-10 20:55:44 +02:00
Nikita Popov
c91f652ddb Fixed bug #73273 
As well as a few other $_SESSION separation issues.
 2016-10-10 12:20:44 +02:00
Christoph M. Becker
fb08216b08 Merge branch 'PHP-5.6' into PHP-7.0 2016-10-10 11:45:53 +02:00
Christoph M. Becker
fc989fc6e7 Fix #73279: Integer overflow in gdImageScaleBilinearPalette() 
The color components are supposed to be in range 0..255, so we must not
cast them to `signed char`, what can be the default for `char`.

Port of <https://github.com/libgd/libgd/commit/77c8d359>.
 2016-10-10 11:41:39 +02:00
Christoph M. Becker
c930714cbe Merge branch 'PHP-5.6' into PHP-7.0 2016-10-09 15:14:17 +02:00
Christoph M. Becker
b92216b97d Fix #73272: imagescale() affects imagesetinterpolation() 
We must not permanently change the interpolation method, but rather
have to restore the old method after we're done with scaling the image.
 2016-10-09 15:10:34 +02:00
Nikita Popov
2a75f5026a Fix bug #66773, #66862 
This a partial backport of 8754b19. It
a) fixes the class/function/constant import table confusion in the
   namespaced case, and
b) restricts conflict checks to a single file based on a filename
   pointer comparison.

It does not fix the issues with filename reuse (e.g. due to eval)
and late-bound classes. This part of the change requires globals
changes.
 2016-10-08 17:00:27 +02:00
Bob Weinand
9d537951c5 Add proper escape sequences and reading stdin from file in phpdbg run command 2016-10-01 19:05:19 +01:00
Christoph M. Becker
12967bc346 Merge branch 'PHP-5.6' into PHP-7.0 2016-09-30 23:54:18 +02:00
Christoph M. Becker
9acfb1a3a5 Fix #73213: Integer overflow in imageline() with antialiasing 
We port the respective fixes <https://github.com/libgd/libgd/commit/eca37d620>
and <https://github.com/libgd/libgd/commit/837b7327> to our bundled libgd.
 2016-09-30 23:38:13 +02:00
Christoph M. Becker
dd93712911 Merge branch 'PHP-5.6' into PHP-7.0 2016-09-30 11:40:55 +02:00
Christoph M. Becker
e72165bb86 Fix #73203: passing additional_parameters causes mail to fail 
We make sure that there's no unsigned underflow, which happened for `y==0`.
 2016-09-30 11:38:09 +02:00
Ferenc Kovacs
703c247c7d 5.6.28 is next 2016-09-29 00:55:36 +02:00
Nikita Popov
b7cbaa7f43 Fix bug #73181 2016-09-27 19:47:48 +02:00
Anatol Belski
cb29c01ed6 prepare next 2016-09-27 12:49:52 +02:00
Adam Baratz
6887c4a061 update NEWS 2016-09-26 17:09:11 -04:00
Anatol Belski
3a058e3817 update NEWS 2016-09-26 19:54:10 +02:00
Dmitry Stogov
d279118422 Fixed bug #73156 (segfault on undefined function) 2016-09-26 14:14:57 +03:00
Nikita Popov
8831a12da1 Fixed bug #73163 2016-09-24 13:18:43 +02:00
Christoph M. Becker
5c81298597 Merge branch 'PHP-5.6' into PHP-7.0 2016-09-24 12:41:48 +02:00
Christoph M. Becker
8f5eda4bf6 Fix #73161: imagecreatefromgd2() may leak memory 2016-09-24 12:36:54 +02:00
Christoph M. Becker
61722743f4 Merge branch 'PHP-5.6' into PHP-7.0 2016-09-24 11:31:54 +02:00
Christoph M. Becker
709731797c Fix #73159: imagegd2(): unrecognized formats may result in corrupted files 
We must not apply the format correction twice for truecolor images.
 2016-09-24 11:28:20 +02:00
Christoph M. Becker
0a4b72fa94 Merge branch 'PHP-5.6' into PHP-7.0 2016-09-24 10:48:24 +02:00
Christoph M. Becker
c7936ead8f Fix #73155: imagegd2() writes wrong chunk sizes on boundaries 2016-09-24 10:33:49 +02:00
Christoph M. Becker
1da79a6c6e Fix #73157 (again): imagegd2() ignores 3rd param if 4 are given 
Obviously, there was a bad merge.
 2016-09-24 00:35:24 +02:00
Christoph M. Becker
456be3ec37 Merge branch 'PHP-5.6' into PHP-7.0 2016-09-23 23:46:22 +02:00
Christoph M. Becker
c240978067 Fix #73157: imagegd2() ignores 3rd param if 4 are given 
We must initialize `q` for *more* than three parameters, too.
 2016-09-23 23:42:34 +02:00
Christoph M. Becker
be4489d488 Merge branch 'PHP-5.6' into PHP-7.0 2016-09-23 16:26:05 +02:00
Christoph M. Becker
9a2a45c1df Update NEWS 2016-09-23 16:23:58 +02:00
Anatol Belski
9ee913a773 update NEWS 2016-09-23 11:24:55 +02:00
Bob Weinand
cf35dae6e2 phpdbg next command must stop when leaving function 2016-09-23 03:29:37 +02:00
John Boehr
68e602ff0a Fix bug #69579 2016-09-22 12:38:07 +02:00
Anatol Belski
adaf68c3b1 update NEWS 2016-09-22 12:04:37 +02:00
Adam Baratz
4b9810b9bb update NEWS 2016-09-21 14:29:42 -04:00
Nikita Popov
01759c4346 Add test for bug #72489 2016-09-17 22:54:25 +02:00
Christoph M. Becker
48cf8dd9c3 Merge branch 'PHP-5.6' into PHP-7.0 2016-09-16 23:43:18 +02:00
Christoph M. Becker
6682673070 Fix #73100: session_destroy null dereference in ps_files_path_create 2016-09-16 23:41:10 +02:00
Xinchen Hui
01c7c6b152 Updte NEWS 2016-09-16 20:55:37 +08:00
Christoph M. Becker
c18263e0e0 Merge branch 'PHP-5.6' into PHP-7.0 2016-09-16 11:41:42 +02:00
Christoph M. Becker
46df064261 Fix #73003: Integer Overflow in gdImageWebpCtx of gd_webp.c 
We add the missing integer overflow check to avoid potential buffer overflows.
 2016-09-16 11:37:18 +02:00
Ferenc Kovacs
1d7484077a update NEWS 2016-09-15 11:35:46 +02:00
Adam Baratz
b424d9f270 Mark change with relevant bug number 2016-09-14 17:44:56 -04:00
Adam Baratz
744d1b3c76 Add pdo_dblib changes 2016-09-14 11:19:31 -04:00
Christoph M. Becker
bc27ce98ee Merge branch 'PHP-5.6' into PHP-7.0 2016-09-14 15:50:09 +02:00
Christoph M. Becker
09eb6ed35e Fix #50194: imagettftext broken on transparent background w/o alphablending 
We must not draw the background pixels of the character glyphs, what has
already been fixed in GD 2.0.26.
 2016-09-14 15:47:32 +02:00
Jakub Zelenka
cfc8522238 Sync NEWS for bug #73072 2016-09-14 12:31:45 +01:00
Jakub Zelenka
05baa92727 Fix bug #73072 (Invalid path SNI_server_certs causes segfault) 2016-09-13 18:15:34 +01:00
Anatol Belski
667d8d3522 update NEWS 2016-09-13 15:55:31 +02:00
Anatol Belski
598ed66f82 update NEWS 2016-09-13 15:45:18 +02:00
Anatol Belski
941b56dd4a update NEWS 2016-09-13 12:34:03 +02:00
Xinchen Hui
2d8ab51576 Fixed bug #73067 (__debugInfo crashes when throwing an exception) 2016-09-13 10:58:57 +08:00
Anatol Belski
95e4e6a3ce fix bug category 2016-09-11 13:20:25 +02:00
Anatol Belski
0fdf2ffae1 update NEWS 2016-09-11 13:05:07 +02:00
Anatol Belski
1ed07676e6 update NEWS 2016-09-10 11:04:00 +02:00
Anatol Belski
6c9d37d059 update NEWS 2016-09-10 11:02:17 +02:00
Christoph M. Becker
1a30a7a422 Merge branch 'PHP-5.6' into PHP-7.0 2016-09-09 14:34:11 +02:00
Christoph M. Becker
23e721fc93 Fix #73054: default option ignored when object passed to int filter 
If an object that can't be converted to string is validated, we must not
bail out early, but rather check for a requested default value.
 2016-09-09 14:30:24 +02:00
Christoph M. Becker
807c49e6be Merge branch 'PHP-5.6' into PHP-7.0 2016-09-09 12:49:02 +02:00
Levi Morrison
cb91a51b00 Partially fix bug #67167 - Wrong return value... 
...from FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE

The remainer of the fix would require the filter functions to only
convert to string when it makes sense for that particular filter.

(cherry picked from commit 432dc527ad)
 2016-09-09 12:45:46 +02:00
Yasuo Ohgaki
fb9444e053 Update NEWS 2016-09-09 11:34:34 +09:00
Yasuo Ohgaki
38553e853b Fixed Bug #68015 Session does not report invalid uid for files save handler 2016-09-09 11:31:54 +09:00
Yasuo Ohgaki
c50ae8fda7 Update NEWS 2016-09-08 13:35:35 +09:00
Yasuo Ohgaki
fb1c46f013 Update NEWS 2016-09-08 13:35:30 +09:00
Christoph M. Becker
af3031d755 Merge branch 'PHP-5.6' into PHP-7.0 2016-09-06 12:11:24 +02:00
Christoph M. Becker
dad793630d Fix #73025: Heap Buffer Overflow in virtual_popen of zend_virtual_cwd.c 
`command_length` is retrieved via strlen() and later passed to emalloc()
and memcpy(), so the appropriate type is `size_t`.

We don't add a regression test, because that would need to allocate a string
of at least 2 GiB.
 2016-09-06 12:05:58 +02:00
Yasuo Ohgaki
3a35d43ad9 Update NEWS 2016-09-06 18:29:20 +09:00
Yasuo Ohgaki
a58e6d4e34 Update NEWS 2016-09-06 18:28:45 +09:00
Christoph M. Becker
81ec843d0e Merge branch 'PHP-5.6' into PHP-7.0 2016-09-06 01:15:36 +02:00
Christoph M. Becker
8aad3131a1 Fix #70752: Depacking with wrong password leaves 0 length files 
We should not open the output stream before we have tried to open the
archive entry, as failing the latter could leave an empty file behind.
 2016-09-06 01:03:46 +02:00
Julien Pauli
dd6da58fac Updated NEWS 2016-09-05 17:03:29 +02:00
Julien Pauli
d185c2f13a Updated NEWS 2016-09-05 10:18:39 +02:00
Julien Pauli
1abbcc8cc5 Updated NEWS 2016-09-05 10:17:56 +02:00
Christoph M. Becker
b7259b71b4 Fix #72994: mbc_to_code() out of bounds read 
We're backporting commit 999a3553 to the still supported PHP 5.6.
 2016-09-04 16:37:06 +02:00
Nikita Popov
1ae2d074f8 Fix bug #72996 2016-09-03 23:30:23 +02:00
Christoph M. Becker
8cc9570f53 Merge branch 'PHP-5.6' into PHP-7.0 2016-09-03 19:59:44 +02:00
Christoph M. Becker
d582241368 Fix #67325: imagetruecolortopalette: white is duplicated in palette 
gdImageTrueColorToPalette() is sometimes wasteful by putting multiple white
color entries into the palette. This is caused by an obvious typo, where
to avoid a division by zero when `total` is zero, `count` is checked instead
of `total`.

We fix this issue to improve the quality of the color quantization.

Cf. <https://github.com/libgd/libgd/commit/24b4550f>
 2016-09-03 19:50:42 +02:00
Ferenc Kovacs
fbb81dd755 5.6.27 will be next 2016-09-01 20:27:19 +02:00
Xinchen Hui
1ee41683dc Fixed bug #72982 (Memory leak in zend_accel_blacklist_update_regexp() function) 2016-09-01 12:10:38 +08:00
Yasuo Ohgaki
97f2bb894a Update NEWS 2016-08-31 21:10:57 +09:00
Yasuo Ohgaki
747b61808b Update NEWS 2016-08-31 21:06:19 +09:00
Nikita Popov
3317287ce1 Fix bug #71711 
Also handle another case of bug #71996.
 2016-08-30 18:06:18 +02:00
Nikita Popov
8e487aefaa Fixed bug #71996 2016-08-30 17:20:55 +02:00
Christoph M. Becker
972302d2f0 Merge branch 'PHP-5.6' into PHP-7.0 2016-08-30 15:01:12 +02:00
Christoph M. Becker
2f10db36af Fix #66797: mb_substr only takes 32-bit signed integer 
`from` and `len` are `long`, but get passed to mbfl_substr() which expects
`int`s. Therefore we clamp the values to avoid the undefined conversion
behavior.
 2016-08-30 14:52:47 +02:00
Anatol Belski
52afd8b744 fix typo 2016-08-30 14:11:47 +02:00
Anatol Belski
bc7460260b prepare for next 2016-08-30 14:11:22 +02:00
Nikita Popov
bfd4277008 Fix bug #72957 2016-08-30 13:05:53 +02:00
Nikita Popov
07cc6a6ba2 Fix bug #72971 2016-08-30 10:54:31 +02:00
Yasuo Ohgaki
b5f2f6fbd8 Fixed bug #72940 SID always return "name=ID", even if session cookie exist 2016-08-30 15:58:25 +09:00
Christoph M. Becker
65f0c163f9 Merge branch 'PHP-5.6' into PHP-7.0 2016-08-30 02:13:48 +02:00
Christoph M. Becker
207dab585a Fix #71882: Negative ftruncate() on php://memory exhausts memory 
We must not pass negative sizes to a size_t parameter.
 2016-08-30 02:05:45 +02:00
Christoph M. Becker
4b45c0a9a7 Merge branch 'pull-request/2043' into PHP-7.0 2016-08-30 01:16:45 +02:00
Anatol Belski
5bcae9d586 update NEWS 2016-08-29 21:23:20 +02:00
Anatol Belski
ae81e8fc32 update NEWS 2016-08-29 21:20:36 +02:00
Dmitry Stogov
b66039db33 Fixed bug #72944 (Null pointer deref in zval_delref_p). 2016-08-29 12:02:50 +03:00
Christoph M. Becker
8fcfacf746 Merge branch 'PHP-5.6' into PHP-7.0 2016-08-27 01:18:10 +02:00
Christoph M. Becker
2139918ea6 Fix #65550: get_browser() incorrectly parsers entries with "+" sign 
+ signs in the browscap patterns are meant to be literal characters, so we
have to escape them for the regex matching.
 2016-08-27 01:12:01 +02:00
Christoph M. Becker
c4c3eb55a7 Fix #72949: Typo in opcache error message 2016-08-26 18:50:30 +02:00
Xinchen Hui
c67fa3c91d Fixed bug #72943 (assign_dim on string doesn't reset hval) 2016-08-26 18:30:08 +08:00
Anatol Belski
57509fb969 update NEWS 2016-08-25 19:43:39 +02:00
Christoph M. Becker
433976f931 Merge branch 'PHP-5.6' into PHP-7.0 2016-08-25 18:29:23 +02:00
Christoph M. Becker
84512a1177 Fix #70825: Cannot fetch multiple values with group in ini file 
If we have the position already from the last fetch, we also have to preset
the current group, because it won't be read again.
 2016-08-25 18:18:10 +02:00
Christoph M. Becker
bd8112afe0 Fix #71514: Bad dba_replace condition because of wrong API usage 
We're backporting commit 9e309a2d to PHP-5.6, because it is a bugfix.
 2016-08-25 16:20:30 +02:00
Anatol Belski
392c5ea472 Fixed bug #72922 COM called from PHP does not return out parameters 2016-08-25 12:12:45 +02:00
Christoph M. Becker
4c13a7f5c4 Merge branch 'PHP-5.6' into PHP-7.0 2016-08-21 19:48:38 +02:00
Christoph M. Becker
6a232c3604 Fix #68716: possible resource leaks in _php_image_convert() 
We properly clean up after ourselves wrt. to closing opened file pointers
and created images.
 2016-08-21 19:39:58 +02:00
Christoph M. Becker
4c68fc5392 Merge branch 'PHP-5.6' into PHP-7.0 2016-08-21 17:45:49 +02:00
Christoph M. Becker
d65adac2be Fix #72913: imagecopy() loses single-color transparency on palette images 
The proper code to handle true-color to palette copies is already contained
in gdImageCopy(), so we can simply remove the buggy duplicated code.
 2016-08-21 17:39:23 +02:00
Christoph M. Becker
7a36056d6c Merge branch 'PHP-5.6' into PHP-7.0 2016-08-21 16:15:22 +02:00
Christoph M. Becker
9eb5bbd8bd Fix #66005: imagecopy does not support 1bit transparency on truecolor images 
We must not copy transparent pixels, see
<https://github.com/libgd/libgd/commit/daac285c>.
 2016-08-21 16:08:57 +02:00
Xinchen Hui
0476bb1de5 Fixed bug #72911 (Memleak in zend_binary_assign_op_obj_helper) 2016-08-21 17:38:03 +08:00
Xinchen Hui
b740bb3987 Fixed bug #72907 (null pointer deref, segfault in gc_remove_zval_from_buffer (zend_gc.c:260)) 2016-08-21 17:10:10 +08:00
Christoph M. Becker
078f674212 Merge branch 'PHP-5.6' into PHP-7.0 2016-08-20 03:04:08 +02:00
Christoph M. Becker
e4a006cd3e Fix #65732: grapheme_*() is not Unicode compliant on CR LF sequence 
According to the Unicode specification (at least as of 5.1), CRLF sequences
are considered to be a single grapheme. We cater to that special case by
letting grapheme_ascii_check() fail. While it would be trivial to fix
grapheme_ascii_check() wrt. grapheme_strlen(), grapheme_substr() and
grapheme_strrpos() would be much harder to handle, so we accept the slight
performance penalty if CRLF is involved.
 2016-08-20 03:01:35 +02:00
Christoph M. Becker
db1ef5cb00 Merge branch 'PHP-5.6' into PHP-7.0 2016-08-20 02:14:49 +02:00
Christoph M. Becker
9164dc11e2 Fix #72714: _xml_startElementHandler() segmentation fault 
The issue is caused by an integer overflow when the `long` passed as
XML_OPTION_SKIP_TAGSTART is assigned to `xml_parser::toffset` which is
declared as `int`. We can simply work around this issue, by clipping
resulting negative values to 0 (and raising a notice in this case), because
the reasonable range for this value is certainly catered to by positive
`int`s.

However, there still remains the issue that `xml_parser::toffset` is later
added to `char *`s, which can cause OOB reads, so we make sure that the
upper bound never exceeds the strlen(). We eschew optimizing `SKIP_TAGSTART`
wrt. to the potentially duplicate strlen() call, because that code path is
unexpected anyway.
 2016-08-20 01:58:08 +02:00
Anatol Belski
a556543a3f update NEWS 2016-08-20 01:38:01 +02:00
Anatol Belski
f682193609 update NEWS 2016-08-20 01:36:37 +02:00
Anatol Belski
e6d3221766 update NEWS 2016-08-18 17:50:17 +02:00
Ferenc Kovacs
761d2f629b fix NEWS 2016-08-18 13:01:53 +02:00
Anatol Belski
52787e902f sync NEWS 2016-08-18 00:15:54 +02:00
Christoph M. Becker
356b586ec1 Merge branch 'PHP-5.6' into PHP-7.0 2016-08-17 12:47:06 +02:00
Christoph M. Becker
48198e4c25 Fix #68302: impossible to compile php with zip support 
We should not let configure succeed, if SIZEOF_OFF_T == 0, just to let the
compilation fail later. Instead we bail out early, giving a hint regarding
the potential issue, namely misconfigured libraries.
 2016-08-17 12:43:29 +02:00
Xinchen Hui
1dab8e07f2 Update NEWs 2016-08-17 16:56:58 +08:00
Xinchen Hui
abe00908af Fixed bug #72853 (stream_set_blocking doesn't work) 
Implemented  PHP_STREAM_OPTION_META_DATA_API for plain_wrappers
 2016-08-17 16:54:21 +08:00
Stanislav Malyshev
9e00ad2b09 Update NEWS 2016-08-16 23:44:59 -07:00
Anatol Belski
0f337e11bc update NEWS 2016-08-17 01:37:40 +02:00
Christoph M. Becker
6202b47e63 Merge branch 'PHP-5.6' into PHP-7.0 2016-08-17 01:22:11 +02:00
Christoph M. Becker
1bb92d5212 #72085: SEGV on unknown address zif_xml_parse 
We better make sure that the ZVALs we're accessing as arrays are indeed
arrays.
 2016-08-17 00:42:45 +02:00
Nikita Popov
e2230c17d3 Fix bug #72854 2016-08-16 21:05:30 +02:00
Xinchen Hui
60de74ebda Fixed bug #72846 (getConstant for a array constant with constant values returns NULL/NFC/UKNOWN) 2016-08-15 23:22:55 +08:00
Anatol Belski
e910b0a8a5 update NEWS 2016-08-14 20:52:47 +02:00
Anatol Belski
5c7f802e7e update NEWS 2016-08-14 20:50:23 +02:00
Jakub Zelenka
9f1d962ed6 Fixed bug #72787 (json_decode reads out of bounds) 2016-08-14 13:52:59 +01:00
Nikita Popov
98787d9002 Merge branch 'PHP-5.6' into PHP-7.0 2016-08-13 21:41:00 +02:00
Benedict Singer
dfadc5a427 Bug 70195 
Many FTP-S servers now require FTP clients to re-use the SSL session
from the control connection on the data connection, to prove that the
same entity controls both connections. This patch updates PHP's FTP-S
client code to allow that possibility.
 2016-08-13 21:35:03 +02:00
Christoph M. Becker
33508a3d47 Merge branch 'PHP-5.6' into PHP-7.0 2016-08-13 16:23:15 +02:00
Christoph M. Becker
82df4e2638 Fix #72278: getimagesize returning FALSE on valid jpg 
getimagesize() is rather strict about the length of the marker payload data,
and fails if there are extraneous bytes before the next marker. Only a very
special case reported in bug #13213 is catered to.

libjpeg is rather resilient to such corrupted JPEG files, and raises a
recoverable error in this case. Other image processors also accept such
JPEG files, so we adapt getimagesize() to skip (but warn about) such
extraneous bytes.
 2016-08-13 16:14:34 +02:00
Christoph M. Becker
ae3b2078ea Fix #72823: strtr out-of-bound access 
If php_strtr_array_prepare_repls() reports pattern_len == 0, we return
early to avoid OOB accesses, and because there is nothing to replace anyway.
 2016-08-13 11:40:33 +02:00
Christoph M. Becker
175d94b6e5 Merge branch 'PHP-5.6' into PHP-7.0 2016-08-13 01:21:57 +02:00
Christoph M. Becker
7938ebf6c1 Fix #60665: call to empty() on NULL result using PDO::FETCH_LAZY returns false 
The has_property handler only checked whether a respective column name
exists, but neither whether the column value is set, nor whether it is
empty, respectively. We fix that to match the behavior of POD:FETCH_OBJ in
particular and PHP in general.
 2016-08-13 01:11:13 +02:00
Xinchen Hui
e03480bfab Fixed bug #72813 (Segfault with __get returned by ref) 
This should be safe change, as we don't dereference value and member
after calling setter/getter.

And compare to adding unref codes, this is much cheaper.
 2016-08-12 16:24:46 +08:00
Keyur
bb955ec937 Add NEWS 2016-08-09 17:29:36 +00:00
Xinchen Hui
e52cb1858d Fixed bug #72788 (Invalid memory access when using persistent PDO connection) 2016-08-09 11:32:16 +08:00
Lauri Kenttä
e616bc8694 Fix bug #55451 
Make substr_compare ignore the length if it's NULL. This allows to
use the last parameter (case_insensitivity) with the default length.
 2016-08-07 18:48:36 +02:00
Christopher Jones
b601dc5b29 Fix bug #72524 (Binding null values triggers ORA-24816 error) 2016-08-07 09:39:44 +10:00
Kalle Sommer Nielsen
5e2b8349b4 Check the return value of dbconvert() in mssql_guid_string(), as it may return -1 in case the conversion failed. In that case false is returned. 
Also initialize buffer and buffer2 to NULL, which should fix bug #72039 (Use of uninitialised value on mssql_guid_string).

This only applies to 5.6, as we do not have mssql in 7.0 anymore
 2016-08-06 10:17:49 +02:00
Nikita Popov
a2a2ea18fe Merge branch 'PHP-5.6' into PHP-7.0 
Conflicts:
	ext/standard/ftp_fopen_wrapper.c
 2016-08-05 23:09:30 +02:00
Ville Hukkamaki
65056e9d6c Fix #72764 
Negotiate data channel encryption after NLST command.
This is to prevent issues with IIS and ProFTPD.
 2016-08-05 22:56:54 +02:00
Nikita Popov
807e81937b Fix bug #72767 
The page size calculation did not account for the size of the
stack header (or rather it did account for it, but in the wrong
direction...)
 2016-08-05 19:55:10 +02:00
Matteo Beccati
4003595d60 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Clean up FR #72633
 2016-08-04 09:30:48 +02:00
Matteo Beccati
d3a8e107ac Clean up FR #72633 2016-08-04 09:28:58 +02:00
Christopher Jones
78488a54c8 Fixed invalid handle error with Implicit Result Sets and bump OCI8 version. 2016-08-04 16:55:54 +10:00
Ferenc Kovacs
562c17eb4e 5.6.26 will be next 2016-08-04 01:39:37 +02:00
Anatol Belski
2bdb34fd40 update NEWS 2016-08-03 17:39:55 +02:00
Anatol Belski
f15c155363 update NEWS 2016-08-03 17:38:11 +02:00
Nikita Popov
1bcd439cad Fix bug #72724 2016-08-03 00:34:36 +02:00
Christoph M. Becker
3a8c027ec3 Merge branch 'PHP-5.6' into PHP-7.0 2016-08-02 18:49:59 +02:00
Christoph M. Becker
f5622f5c87 Fix #72709: imagesetstyle() causes OOB read for empty $styles 
Calling imagesetstyle() with an empty $styles array caused gdImageSetStyle()
to be called with `noOfPixels==0`, what could have lead to OOB reads.
Actually, this issue will be fixed in libgd, but to avoid issues when older
libgd is in use, we simply disallow passing an empty $styles array to
imagesetstyle(), what wouldn't serve a useful purpose anyway.
 2016-08-02 18:43:37 +02:00
Anatol Belski
e95625f47e update NEWS 2016-08-02 14:36:56 +02:00
Anatol Belski
5c51433e2a prepare next 2016-08-02 11:13:20 +02:00
Anatol Belski
753e6eacd5 update NEWS 2016-07-31 14:58:46 +02:00
Nikita Popov
c4d35c3214 Merge branch 'PHP-5.6' into PHP-7.0 2016-07-30 18:36:00 +02:00
Nikita Popov
c9d3ff0c6e Revert "Fixed bug #71219" 
This reverts commit 14d674442e.

I misread the discussion on the bug -- this is not the correct
fix. However the other proposed fix does not work either, so just
reverting for now.
 2016-07-30 18:34:34 +02:00
Nikita Popov
9fe0398dad Merge branch 'PHP-5.6' into PHP-7.0 2016-07-30 18:24:14 +02:00
Nikita Popov
14d674442e Fixed bug #71219 2016-07-30 18:21:19 +02:00
Nikita Popov
029f8e8777 Fix incorrect merge 
Forgot to amend the merge fixes...
 2016-07-30 16:07:54 +02:00
Nikita Popov
e87ac688d5 Fixed bug #72142 2016-07-30 15:13:03 +02:00
Christoph M. Becker
e5940aa795 Merge branch 'PHP-5.6' into PHP-7.0 2016-07-30 12:01:29 +02:00
ju1ius
1d32b80903 fixes bad address given to onig_error_code_to_str 
Closes bug #72710

(cherry picked from commit 0fb7eb6723)
 2016-07-30 11:46:34 +02:00
Christoph M. Becker
293dd3d701 Merge branch 'PHP-5.6' into PHP-7.0 
# Resolved conflicts:
#	ext/calendar/calendar.c
 2016-07-29 01:26:15 +02:00
Christoph M. Becker
f67ccd4a7b Fix #71894: AddressSanitizer: global-buffer-overflow in zif_cal_from_jd 
Julian days < 347998 denote invalid Jewish calendar dates, so
cal_from_jd($jd, CAL_JEWISH) and jdmonthname($jd, CAL_MONTH_JEWISH) should
actually fail. For BC we don't yet let them though, but we fix the OOB read
that happens in this case, and we also adjust cal_from_jd()'s return value
to have empty strings for "abbrevdayname" and "dayname" instead of "Sun"/
"Sunday" and NULL for "dow" instead of 0, which doesn't make any sense.
 2016-07-29 01:04:21 +02:00
Christoph M. Becker
7c412688f4 Merge branch 'PHP-5.6' into PHP-7.0 2016-07-28 19:22:40 +02:00
Christoph M. Becker
7ab39e2fae Fix #67976: cal_days_month() fails for final month of the French calendar 
The French calendar ends on 0014-13-05, so trying to calculate the Julian
day of 0015-01-01 fails. We cater to that by returning the hard-coded value.
 2016-07-28 19:13:58 +02:00
Christoph M. Becker
1693eb9d2a Merge branch 'PHP-5.6' into PHP-7.0 2016-07-28 18:24:37 +02:00
Christoph M. Becker
ced2a80e6f Bug #69975 had already been fixed as of PHP 5.6.12 
Also CVE-2015-8879 had been assigned.
 2016-07-28 18:22:19 +02:00
Christoph M. Becker
81c25abd25 Update to SQLite3 3.13.0 2016-07-28 16:39:24 +02:00
Christoph M. Becker
805dc0ea47 Merge branch 'PHP-5.6' into PHP-7.0 
# Resolved conflicts:
#	ext/mbstring/php_mbregex.c
 2016-07-28 15:26:29 +02:00
Christoph M. Becker
ee6900c3de Fix #72694: mb_ereg_search_setpos does not accept a string's last position 
Setting the search position immediately behind the last character should be
allowed, so we fix this off-by-one error.
 2016-07-28 15:21:48 +02:00
Christoph M. Becker
a621023168 Merge branch 'PHP-5.6' into PHP-7.0 2016-07-28 14:03:40 +02:00
Christoph M. Becker
56cdaecb28 Fix #72693: mb_ereg_search increments search position when a match zero-width 
That's caused by an off-by-one error, which we fix.
 2016-07-28 13:57:38 +02:00
Christoph M. Becker
18a37eeeec Merge branch 'PHP-5.6' into PHP-7.0 
# Resolved conflicts:
#	ext/mbstring/php_mbregex.c
 2016-07-28 13:12:40 +02:00
Christoph M. Becker
d276e6a838 Fix #72691: mb_ereg_search raises a warning if a match zero-width 
That warning doesn't make sense (PCRE doesn't throw such a warning either),
so we remove it.
 2016-07-28 13:07:05 +02:00
Christoph M. Becker
c7a4e37d97 Merge branch 'PHP-5.6' into PHP-7.0 2016-07-28 12:29:00 +02:00
Christoph M. Becker
0ae8c337a3 Bug #6836 has already been fixed in PHP 5.6.24 and 7.0.9 2016-07-28 12:26:41 +02:00
Pierrick Charron
bf37b97d9c Merge branch 'PHP-5.6' into PHP-7.0 
Conflicts:
	ext/curl/interface.c
 2016-07-27 23:36:22 -04:00
Pierrick Charron
30a5ed3a79 Fixed bug #71929 (CURLINFO_CERTINFO data parsing error). 2016-07-27 23:30:20 -04:00
Pierrick Charron
1b681880c1 Merge branch 'PHP-5.6' into PHP-7.0 2016-07-27 18:17:43 -04:00
Pierrick Charron
ed16f2fed5 Update NEWS 2016-07-27 17:52:05 -04:00
Anatol Belski
e0294b39e3 update NEWS 2016-07-27 23:30:23 +02:00
Anatol Belski
c52322707e Fixed bug #72683 getmxrr broken 2016-07-27 20:48:45 +02:00
Anatol Belski
6e8b2d21d1 update NEWS 2016-07-27 20:41:27 +02:00
Christoph M. Becker
40afd77826 Merge branch 'PHP-5.6' into PHP-7.0 
# Resolved conflicts:
#	ext/pcre/php_pcre.c
 2016-07-27 19:00:38 +02:00
Christoph M. Becker
315c0536c2 Fix #72688: preg_match missing group names in matches 
We have to multiply with 0x100 to properly scale the high byte.
 2016-07-27 18:50:52 +02:00
Bob Weinand
5513f00a97 Fixed a potential segfault in zend_objects_store_free_object_storage() 
Under the special circumstance where a garbage collected objects bucket slot was not reused until the end of the script, we get access into freed memory...
No test added as it usually is valgrind-only, and only sometimes when the memory happens to have changed (i.e. (GC_FLAGS(obj) & IS_OBJ_FREE_CALLED) == 0), it actually *may* segfault
 2016-07-27 18:08:43 +02:00
Christoph M. Becker
23c359c276 Merge branch 'PHP-5.6' into PHP-7.0 
# Resolved conflicts:
#	ext/sqlite3/sqlite3.c
 2016-07-27 16:48:29 +02:00
Christoph M. Becker
cc125f277b Implement #72653: SQLite should allow opening with empty filename 
From the [sqlite3_open](https://www.sqlite.org/c3ref/open.html) docs:

| If the filename is an empty string, then a private, temporary on-disk
| database will be created. This private database will be automatically
| deleted as soon as the database connection is closed.

We make that facility available to userland.

While we're at it, we also do some minor optimizations, remove the
unnecessary check for NUL characters in filename, which is already catered
to by ZPP(p), and add a missing `return` in case db_obj isn't initialized.
 2016-07-27 16:41:03 +02:00
Nikita Popov
0d2c4f822c Merge branch 'PHP-5.6' into PHP-7.0 
Conflicts:
	ext/standard/ftp_fopen_wrapper.c
 2016-07-27 15:58:06 +02:00