clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-23 02:47:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
83,371 Commits 491 Branches 1,363 Tags 841 MiB
65056e9d6c
Commit Graph

149 Commits

Author SHA1 Message Date
Stanislav Malyshev
7dde353ee7 Merge branch 'PHP-5.5' into PHP-5.6.23 
* PHP-5.5:
  Fixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
  update NEWS
  fix tests
  fix build
  Fix bug #72455:  Heap Overflow due to integer overflows
  Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize
  Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize
  Fix bug #72407: NULL Pointer Dereference at _gdScaleVert
  Fix bug #72402: _php_mb_regex_ereg_replace_exec - double free
  Fix bug #72298	pass2_no_dither out-of-bounds access
  Fixed #72339 Integer Overflow in _gd2GetHeader() resulting in heap overflow
  Fix bug #72262 - do not overflow int
  Fix bug #72400 and #72403 - prevent signed int overflows for string lengths
  Fix bug #72275: don't allow smart_str to overflow int
  Fix bug #72340: Double Free Courruption in wddx_deserialize
  update NEWS
  Fix #66387: Stack overflow with imagefilltoborder
  Skip test which is 64bits only
  5.5.37 now

Conflicts:
	configure.in
	ext/mcrypt/mcrypt.c
	ext/spl/spl_directory.c
	main/php_version.h
 2016-06-21 00:01:48 -07:00
Stanislav Malyshev
88746d60ab Fix bug #72400 and #72403 - prevent signed int overflows for string lengths 2016-06-15 21:51:28 -07:00
Stanislav Malyshev
62da5cdf3d Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed bug #71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut
  Fix bug #71798 - Integer Overflow in php_raw_url_encode
  Fix bug #71860: Require valid paths for phar filenames
  Going for 5.5.34

Conflicts:
	configure.in
	ext/phar/tests/create_path_error.phpt
	main/php_version.h
 2016-03-28 23:21:15 -07:00
Stanislav Malyshev
95433e8e33 Fix bug #71798 - Integer Overflow in php_raw_url_encode 2016-03-27 14:22:19 -07:00
Lior Kaplan
49493a2dcf Happy new year (Update copyright to 2016) 2016-01-01 19:21:47 +02:00
Stanislav Malyshev
629e4da7cc Fix bug #70480 (php_url_parse_ex() buffer overflow read) 2015-09-28 11:31:14 -07:00
Tjerk Meesters
d7fb52ea20 Fixed bug #68917 (parse_url fails on some partial urls) 2015-03-06 20:51:22 +08:00
Xinchen Hui
73c1be2653 Bump year 2015-01-15 23:26:03 +08:00
Tjerk Meesters
d0e51f5ce9 Fixed bug #68129 
Empty usernames and passwords are now treated differently from no username or password

For example, empty password:

    ftp://user:@example.org

Empty username:

    ftp://:password@example.org

Empty username and empty password

    ftp://:@example.org
 2014-10-09 08:21:30 +08:00
Veres Lajos
3f42f2f5d1 typofixes 2014-08-17 15:44:02 +03:00
Stanislav Malyshev
a328803803 Revert "Fixed bug #64604" 
This reverts commit b05c088a3a.
Breaks parsing urls where query has : in it, like: /foo/bar?baz=goo:boo
 2014-04-24 23:50:45 -07:00
Ingo Walz
b05c088a3a Fixed bug #64604 2014-04-13 18:37:40 -07:00
Mateusz Kocielski
497b918e62 Merge branch 'PHP-5.3' into PHP-5.4 
* PHP-5.3:
  Fixed off-by-one in php_url_parse_ex

Conflicts:
	ext/standard/url.c
 2014-03-18 08:54:57 +01:00
Mateusz Kocielski
46566b78c9 Fixed off-by-one in php_url_parse_ex 
Change order of condition, previously pointer could be derefrenced before
bound check was done.
 2014-03-18 08:48:41 +01:00
Xinchen Hui
c0d060f5c0 Bump year 2014-01-03 11:04:26 +08:00
Veres Lajos
b79b13b4ef less serious compatAbility fixes 2013-07-15 00:21:39 -07:00
Xinchen Hui
0a7395e009 Happy New Year 2013-01-01 16:28:54 +08:00
Xinchen Hui
a2045ff332 Happy New Year~ 2013-01-01 16:02:16 +08:00
husman
491b1efacb Bug #63162 - parse_url does not matches password component 2012-09-30 19:20:37 -07:00
Andrew Faulds
4ec29b945c relative-scheme 2012-08-19 22:16:07 -07:00
Andrew Faulds
36b88d77f2 bug #62844; relative URL schemes in parse_url() 2012-08-19 22:15:58 -07:00
Felipe Pena
d6e6db4501 Merge branch 'PHP-5.3' into PHP-5.4 
* PHP-5.3:
  - Value stored to var is never used
 2012-08-19 14:50:52 -03:00
Felipe Pena
3dd256a67b - Value stored to var is never used 2012-08-19 14:50:49 -03:00
Felipe Pena
e4ca0ed09f - Year++ 2012-01-01 13:15:04 +00:00
Felipe Pena
4e19825281 - Year++ 2012-01-01 13:15:04 +00:00
Ilia Alshanetsky
9e9d2a9ce6 Missing file relating to previous commit 2011-08-11 13:02:16 +00:00
Ilia Alshanetsky
cc93e8e51f Fixed bug #55399 (parse_url() incorrectly treats ':' as a valid path) 2011-08-11 13:01:52 +00:00
Pierrick Charron
5a53a74304 Fixed bug #54180 (parse_url() incorrectly parses path when ? in fragment) 2011-03-17 18:02:58 +00:00
Pierrick Charron
e68e2893c0 # Revert bug fix (will commit it again on 5.3 branch when 5.3.6 will be released) 2011-03-13 17:14:18 +00:00
Pierrick Charron
ee832705d1 Fixed bug #54180 (parse_url() incorrectly parses path when ? in fragment) 2011-03-13 04:02:56 +00:00
Pierrick Charron
6e74d95f34 Fixed bug #54180 (parse_url() incorrectly parses path when ? in fragment) 2011-03-13 04:02:56 +00:00
Gustavo André dos Santos Lopes
a888ee434b - Changed port validation introduced in commit #308035 to consider 
negative ports and ports > 65535 as invalid.
  The tests that fail due to #308035 in the standard ext were not
  fixed. If the behavior in those tests turns out to be the
  desirable one, both this commit and #308035 ought to be reverted
  or at least adapted.
 2011-02-05 22:37:00 +00:00
Gustavo André dos Santos Lopes
426f31e790 - Changed port validation introduced in commit #308035 to consider 
negative ports and ports > 65535 as invalid.
  The tests that fail due to #308035 in the standard ext were not
  fixed. If the behavior in those tests turns out to be the
  desirable one, both this commit and #308035 ought to be reverted
  or at least adapted.
 2011-02-05 22:37:00 +00:00
Ilia Alshanetsky
218448bfa0 Fixed bug #53924 (FILTER_VALIDATE_URL doesn't validate port number). 2011-02-04 21:41:15 +00:00
Ilia Alshanetsky
109b8e99e0 Fixed bug #53924 (FILTER_VALIDATE_URL doesn't validate port number). 2011-02-04 21:41:15 +00:00
Felipe Pena
927bf09c29 - Year++ 2011-01-01 02:19:59 +00:00
Felipe Pena
0203cc3d44 - Year++ 2011-01-01 02:17:06 +00:00
Felipe Pena
50863932a6 - Fixed bug #53248 (rawurlencode RFC 3986 EBCDIC support misses tilde char). 
patch by: Justin Martin (frozenfire@php)
 2010-11-07 12:59:22 +00:00
Felipe Pena
83ebbc36a1 - Fixed bug #53248 (rawurlencode RFC 3986 EBCDIC support misses tilde char). 
patch by: Justin Martin (frozenfire@php)
 2010-11-07 12:59:22 +00:00
Pierre Joye
ed58636f00 - use TSRMLS_D/C with php_stream_context_alloc 2010-09-16 09:33:42 +00:00
Pierre Joye
cba1ed2475 - #50563, removing E_WARNING from parse_url() 2010-06-16 18:56:24 +00:00
Pierre Joye
cfd930d218 - #50563, removing E_WARNING from parse_url() 2010-06-16 18:56:24 +00:00
Sebastian Bergmann
9ba1e81665 sed -i "s#1997-2009#1997-2010#g" **/*.c **/*.h **/*.php 2010-01-03 09:23:27 +00:00
Ilia Alshanetsky
41611fd003 Fixed bug #50073 (parse_url() incorrect when ? in fragment). 2009-11-04 13:44:10 +00:00
Sebastian Bergmann
08659c2dcd MFH: Bump copyright year, 3 of 3. 2008-12-31 11:15:49 +00:00
Lars Strojny
50fa64885e Reverting local change 2008-08-20 21:26:04 +00:00
Lars Strojny
080157870f MFH: Allow mixed $initial (patch by Christian Seiler) 2008-08-20 20:35:40 +00:00
Rob Richards
5e60f46159 MFH: rawurlencode now conforms to rfc 3986 (~ is not encoded) [DOC] 2008-06-04 19:35:15 +00:00
Antony Dovgal
9d9468e9f4 fix compile warnings 2008-03-28 10:22:12 +00:00
Sebastian Bergmann
d1dded8751 MFH: Bump copyright year, 2 of 2. 2007-12-31 07:17:19 +00:00