clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-22 02:17:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
102,657 Commits 491 Branches 1,363 Tags 837 MiB
5d3027d759
Commit Graph

372 Commits

Author SHA1 Message Date
Sammy Kaye Powers
1e3624290a Resolve conflict 2017-01-03 08:01:05 -06:00
Stanislav Malyshev
13c18d4601 Merge branch 'PHP-7.1' 
* PHP-7.1:
  Fix #73832 - leave the table in a safe state if the size is too big.
  Fix bug #73831 - NULL Pointer Dereference while unserialize php object
 2017-01-02 21:37:10 -08:00
Stanislav Malyshev
ca72faa2c5 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Fix #73832 - leave the table in a safe state if the size is too big.
  Fix bug #73831 - NULL Pointer Dereference while unserialize php object
 2017-01-02 21:37:06 -08:00
Sammy Kaye Powers
9e29f841ce Update copyright headers to 2017 2017-01-02 09:30:12 -06:00
Stanislav Malyshev
8d2539fa0f Fix bug #73831 - NULL Pointer Dereference while unserialize php object 2016-12-31 20:14:20 -08:00
Anatol Belski
8c403ecd99 Merge branch 'PHP-7.1' 
* PHP-7.1:
  fix leak, take on 7.x
 2016-12-06 14:46:15 +01:00
Anatol Belski
4e3f728701 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  fix leak, take on 7.x
 2016-12-06 14:44:04 +01:00
Anatol Belski
9b1430140a fix leak, take on 7.x 2016-12-06 14:42:59 +01:00
Stanislav Malyshev
fe084168d0 Merge branch 'PHP-7.1' 
* PHP-7.1:
  This still leaks memory, I don't have enough knowledge in WDDX code to fix them :(
 2016-12-05 22:33:47 -08:00
Stanislav Malyshev
28fc49a53f Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  This still leaks memory, I don't have enough knowledge in WDDX code to fix them :(
 2016-12-05 22:33:42 -08:00
Stanislav Malyshev
183b4d78aa Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  This still leaks memory, I don't have enough knowledge in WDDX code to fix them :(
 2016-12-05 22:33:33 -08:00
Stanislav Malyshev
d7ce944cf1 This still leaks memory, I don't have enough knowledge in WDDX code to fix them :( 2016-12-05 22:32:59 -08:00
Stanislav Malyshev
5b18436dc6 Merge branch 'PHP-7.1' 
* PHP-7.1:
  Fix bug #73631 - Invalid read when wddx decodes empty boolean element
 2016-12-05 21:59:17 -08:00
Stanislav Malyshev
4ae4ca45aa Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Fix bug #73631 - Invalid read when wddx decodes empty boolean element
 2016-12-05 21:59:10 -08:00
Stanislav Malyshev
6292fe84d3 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fix bug #73631 - Invalid read when wddx decodes empty boolean element
 2016-12-05 21:58:55 -08:00
Stanislav Malyshev
266ecb6d0a Fix bug #73631 - Invalid read when wddx decodes empty boolean element 2016-12-05 21:40:55 -08:00
Dmitry Stogov
3e9bb03a62 Removed IS_TYPE_IMMUTABLE (it's the same as COPYABLE & !REFCOUED) 2016-11-28 22:59:57 +03:00
Anatol Belski
59f2f14aea Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  fix memory leak
 2016-11-08 12:17:39 +01:00
Anatol Belski
e87daf363b Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  fix memory leak
 2016-11-08 12:16:39 +01:00
Anatol Belski
d6d08f97cd fix memory leak 2016-11-08 12:12:58 +01:00
Anatol Belski
9b81342352 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Fixed bug #73418 Integer Overflow in "_php_imap_mail" leads to crash
  Fixed bug #73418 Integer Overflow in "_php_imap_mail" leads to crash
  Fix #72696: imagefilltoborder stackoverflow on truecolor images
  Fix #72482: Ilegal write/read access caused by gdImageAALine overflow
  Fix bug #73144 and bug #73341 - remove extra dtor
  remove unreferenced var came in with merge
  Fix bug #73331 - do not try to serialize/unserialize objects wddx can not handle
  Fix #72696: imagefilltoborder stackoverflow on truecolor images
  Fix #72482: Ilegal write/read access caused by gdImageAALine overflow
  fix version
  set versions
  Fix bug #73144 and bug #73341 - remove extra dtor
  Fix bug #73331 - do not try to serialize/unserialize objects wddx can not handle
 2016-11-08 11:15:06 +01:00
Anatol Belski
6b21c28b0e remove unreferenced var came in with merge 2016-11-01 12:55:05 +01:00
Stanislav Malyshev
8c67460a10 Fix bug #73331 - do not try to serialize/unserialize objects wddx can not handle 
Proper soltion would be to call serialize/unserialize and deal with the result,
but this requires more work that should be done by wddx maintainer (not me).

(cherry picked from commit 6045de69c7)

Conflicts:
	ext/wddx/wddx.c
 2016-11-01 12:50:33 +01:00
Stanislav Malyshev
6045de69c7 Fix bug #73331 - do not try to serialize/unserialize objects wddx can not handle 
Proper soltion would be to call serialize/unserialize and deal with the result,
but this requires more work that should be done by wddx maintainer (not me).
 2016-10-23 20:09:23 -07:00
Stanislav Malyshev
dad0e9d1a3 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0: (22 commits)
  Fix bug #72293 - Heap overflow in mysqlnd related to BIT fields
  I don't think 8cceb012a7 is needed
  Fix test
  Add check in fgetcsv in case sizeof(unit) != sizeof(size_t)
  Fix bug #73065: Out-Of-Bounds Read in php_wddx_push_element of wddx.c
  Fix bug #73035 (Out of bound when verify signature of tar phar in phar_parse_tarfile)
  Fix bug #73052 - Memory Corruption in During Deserialized-object Destruction
  Fix bug #73029 - Missing type check when unserializing SplArray
  Fix bug #72860: wddx_deserialize use-after-free
  Fix bug #73007: add locale length check
  Fix bug #72928 - Out of bound when verify signature of zip phar in phar_parse_zipfile
  sync NEWS
  Revert "Merge branch 'PHP-5.6' into PHP-7.0"
  Merge branch 'PHP-5.6' into PHP-7.0
  Merge branch 'PHP-5.6' into PHP-7.0
  Revert "Revert "Merge branch 'PHP-5.6' into PHP-7.0""
  fix version
  sync NEWS
  Fix bug #72957
  set versions
  ...
 2016-09-12 21:10:34 -07:00
Stanislav Malyshev
c4cca4c20e Fix bug #73065: Out-Of-Bounds Read in php_wddx_push_element of wddx.c 2016-09-12 21:04:23 -07:00
Stanislav Malyshev
b88393f08a Fix bug #72860: wddx_deserialize use-after-free 2016-09-12 21:04:23 -07:00
Stanislav Malyshev
9528ce7315 Fix bug #73065: Out-Of-Bounds Read in php_wddx_push_element of wddx.c 
(cherry picked from commit bbaf784f8d213e201baf67e861f20b38c6e87d3b)

Conflicts:
	ext/wddx/wddx.c
 2016-09-12 18:13:04 +02:00
Stanislav Malyshev
060ab26cfe Fix bug #72860: wddx_deserialize use-after-free 
(cherry picked from commit ee552853ff4d72f626102025133e2cd1575043ee)

Conflicts:
	ext/wddx/wddx.c
 2016-09-12 17:33:32 +02:00
Anatol Belski
2103e9f21f fix test 
The improvements to the base64 functionality allows now to loosen
strictness. Strict mode still can be activated later, if there are
any issues.
 2016-08-18 00:18:26 +02:00
Anatol Belski
f7231acadf Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  fix char * vs zend_string *
 2016-08-17 13:23:31 +02:00
Anatol Belski
06c0540b90 fix char * vs zend_string * 2016-08-17 13:22:02 +02:00
Xinchen Hui
0fd0328933 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Avoid duplicating string
 2016-08-17 18:19:59 +08:00
Xinchen Hui
195d7618e7 Avoid duplicating string 2016-08-17 18:19:14 +08:00
Anatol Belski
afa832b5a6 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Revert "fix tests"
 2016-08-17 12:07:39 +02:00
Anatol Belski
7d4c5a0dc9 Revert "fix tests" 
This reverts commit a47df5be19.

Looks like some environment issue, as some system throws the notice,
some don't. Revert for now.
 2016-08-17 12:04:03 +02:00
Anatol Belski
60f1ec1c32 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  fix leak
 2016-08-17 11:53:00 +02:00
Anatol Belski
a5d00fc908 fix leak 2016-08-17 11:51:56 +02:00
Xinchen Hui
ce6ad9bdd9 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0: (48 commits)
  Update NEWs
  Unused label
  Fixed bug #72853 (stream_set_blocking doesn't work)
  fix test
  Bug #72663 - part 3
  Bug #72663 - part 2
  Bug #72663 - part 1
  Update NEWS
  BLock test with memory leak
  fix tests
  Fix TSRM build
  Fix bug #72850 - integer overflow in uuencode
  Fixed bug #72849 - integer overflow in urlencode
  Fix bug #72848 - integer overflow in quoted_printable_encode caused heap corruption
  Fix bug #72838 - 	Integer overflow lead to heap corruption in sql_regcase
  Fix bug #72837 - integer overflow in bzdecompress caused heap corruption
  Fix bug #72836 - integer overflow in base64_decode caused heap corruption
  Fix for bug #72807 - do not produce strings with negative length
  Fix for bug #72790 and bug #72799
  Fix bug #72730 - imagegammacorrect allows arbitrary write access
  ...

Conflicts:
	ext/standard/var_unserializer.c
 2016-08-17 17:14:30 +08:00
Nikita Popov
e0f9fbdfa6 Bug #72663 - part 3 
When using the php_serialize session serialization handler, do
not use the result of the unserialization if it failed.
 2016-08-17 01:01:03 -07:00
Stanislav Malyshev
0d13325b66 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6: (24 commits)
  Update NEWS
  BLock test with memory leak
  fix tests
  Fix TSRM build
  Fix bug #72850 - integer overflow in uuencode
  Fixed bug #72849 - integer overflow in urlencode
  Fix bug #72848 - integer overflow in quoted_printable_encode caused heap corruption
  Fix bug #72838 - 	Integer overflow lead to heap corruption in sql_regcase
  Fix bug #72837 - integer overflow in bzdecompress caused heap corruption
  Fix bug #72836 - integer overflow in base64_decode caused heap corruption
  Fix for bug #72807 - do not produce strings with negative length
  Fix for bug #72790 and bug #72799
  Fix bug #72730 - imagegammacorrect allows arbitrary write access
  Fix bug#72697 - select_colors write out-of-bounds
  Fixed bug #72627: Memory Leakage In exif_process_IFD_in_TIFF
  Fix bug #72750: wddx_deserialize null dereference
  Fix bug #72771: ftps:// opendir wrapper is vulnerable to protocol downgrade attack
  Improve fix for #72663
  Fix bug #70436: Use After Free Vulnerability in unserialize()
  Fix bug #72749: wddx_deserialize allows illegal memory access
  ...

Conflicts:
	Zend/zend_API.h
	ext/bz2/bz2.c
	ext/curl/interface.c
	ext/ereg/ereg.c
	ext/exif/exif.c
	ext/gd/gd.c
	ext/gd/tests/imagetruecolortopalette_error3.phpt
	ext/gd/tests/imagetruecolortopalette_error4.phpt
	ext/session/session.c
	ext/snmp/snmp.c
	ext/standard/base64.c
	ext/standard/ftp_fopen_wrapper.c
	ext/standard/quot_print.c
	ext/standard/url.c
	ext/standard/uuencode.c
	ext/standard/var.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	ext/wddx/tests/bug72790.phpt
	ext/wddx/tests/bug72799.phpt
	ext/wddx/wddx.c
	sapi/cli/generate_mime_type_map.php
 2016-08-17 00:43:33 -07:00
Stanislav Malyshev
5a34bd6d1e Fix for bug #72790 and bug #72799 2016-08-16 22:55:41 -07:00
Stanislav Malyshev
698a691724 Fix bug #72750: wddx_deserialize null dereference 2016-08-16 22:55:39 -07:00
Stanislav Malyshev
426aeb2808 Fix bug #72749: wddx_deserialize allows illegal memory access 2016-08-16 22:55:19 -07:00
Stanislav Malyshev
e3829b8869 Fix bug #72749: wddx_deserialize allows illegal memory access 
(cherry picked from commit 659a21dc20f0b64dafd8cb16573059d3b45cce6b)

Conflicts:
	ext/wddx/wddx.c
 2016-08-16 23:36:14 +02:00
Stanislav Malyshev
f1486f0fd6 Fix bug #72750: wddx_deserialize null dereference 
(cherry picked from commit 6930a1d12c47aa1d2675837852910d177b0ceb11)

Conflicts:
	ext/wddx/wddx.c
 2016-08-16 13:13:05 +02:00
Anatol Belski
a47df5be19 fix tests 2016-08-16 13:01:06 +02:00
Anatol Belski
4bccb8e94e add missing skipif section 2016-08-16 12:53:40 +02:00
Stanislav Malyshev
0c8a2a2cd1 Fix for bug #72790 and bug #72799 
(cherry picked from commit a14fdb9746262549bbbb96abb87338bacd147e1b)

Conflicts:
	ext/wddx/wddx.c
 2016-08-16 12:46:29 +02:00
Nikita Popov
99613431b4 Add missing TSRMLS_FETCH() 2016-07-30 16:28:42 +02:00