Stanislav Malyshev
6d97b4b2b3
Better fix for bug #67072 with more BC provisions
2014-06-23 22:16:25 -07:00
Stanislav Malyshev
fb0128af2a
Fix bug #67498 - phpinfo() Type Confusion Information Leak Vulnerability
2014-06-23 00:22:59 -07:00
Stanislav Malyshev
62857998c5
Fixed bug #67399 (putenv with empty variable may lead to crash)
2014-06-08 23:09:09 -07:00
Anatol Belski
20568e5028
Fixed regression introduced by patch for bug #67072
...
This applies to 5.4 and 5.5 only as a legacy fix.
2014-06-03 20:43:58 +02:00
Stanislav Malyshev
091b7642c2
Fix bug #67249 : printf out-of-bounds read
2014-05-27 11:28:22 -07:00
Stanislav Malyshev
0094fd0969
Merge branch 'bug67252' into PHP-5.4
...
* bug67252:
fix bug #67253 : timelib_meridian_with_check out-of-bounds read
Fix bug #67252 : convert_uudecode out-of-bounds read
2014-05-13 16:47:27 -07:00
Stanislav Malyshev
1e2818b143
Fix bug #67252 : convert_uudecode out-of-bounds read
2014-05-11 20:29:27 -07:00
Stanislav Malyshev
3e9cb6a4a5
Fix bug #67250 (iptcparse out-of-bounds read)
2014-05-11 19:09:19 -07:00
Stanislav Malyshev
03c703b8bd
add a test case previously broken by a bad fix
2014-04-24 23:58:38 -07:00
Stanislav Malyshev
a328803803
Revert "Fixed bug #64604 "
...
This reverts commit b05c088a3a
.
Breaks parsing urls where query has : in it, like: /foo/bar?baz=goo:boo
2014-04-24 23:50:45 -07:00
Boro Sitnikovski
a18cec1b86
Fix bug #65701 : Do not use cache for file file copy
2014-04-20 15:22:44 -07:00
Anatol Belski
c2acdbdd3d
Improved the fix for bug #67072 , thanks Nikita
2014-04-18 15:13:32 +02:00
Anatol Belski
5328d42899
Fixed bug #67072 Echoing unserialized "SplFileObject" crash
...
The actual issue lays in the unserializer code which doesn't honor
the unserialize callback. By contrast, the serialize callback is
respected. This leads to the situation that even if a class has
disabled the serialization explicitly, user could still construct
a vulnerable string which would result bad things when trying
to unserialize.
This conserns also the classes implementing Serializable as well
as some core classes disabling serialize/unserialize callbacks
explicitly (PDO, SimpleXML, SplFileInfo and co). As of now, the
flow is first to call the unserialize callback (if available),
then call __wakeup. If the unserialize callback returns with no
success, no object is instantiated. This makes the scheme used
by internal classes effective, to disable unserialize just assign
zend_class_unserialize_deny as callback.
2014-04-17 10:48:14 +02:00
Ingo Walz
b05c088a3a
Fixed bug #64604
2014-04-13 18:37:40 -07:00
Gabor Buella
1010200da5
Fixed bug #67024 - getimagesize should recognize BMP files with negative height
2014-04-13 15:17:04 -07:00
Bob Weinand
beda5093b4
Reverted to 5a0da281e5
...
Discussion: http://news.php.net/php.cvs/76836
2014-04-13 23:01:31 +02:00
Bob Weinand
f07e37c96d
Forgot title in phpt for bug #67064
2014-04-13 19:34:17 +02:00
Bob Weinand
1a4a9eede5
Fix bug #67064 in a BC safe way
...
You can use an optional parameter now when implementing the Countable interface
to get the $mode passed to count().
2014-04-13 19:24:12 +02:00
Ferenc Kovacs
2c8aeda6dc
abstract namespace for unix sockets is a linux only feature
2014-04-09 19:01:01 +02:00
Michael Wallner
1ec83d44a1
Fixed bug #61019 (Out of memory on command stream_get_contents)
2014-04-02 15:36:39 +02:00
Michael Wallner
91a9d24aa3
Fix bug #64330
...
stream_socket_server() creates wrong Abstract Namespace UNIX sockets
2014-04-02 11:09:26 +02:00
Dmitry Panin
e2fc6b52f0
Fix HTML entity table generation
2014-03-06 23:10:31 +01:00
Tjerk Meesters
e73c05b75e
proc_open(): separate environment values that aren't strings
...
Added a test case
2014-03-03 05:49:52 +08:00
Tjerk Meesters
eca13f7909
Fixed test case title
2014-02-28 22:27:32 +08:00
Tjerk Meesters
79b3c2a744
[bug 66535] X-PHP-Originating-Script adds newline if no custom headers are given
...
A newline is added to the mail headers when mail.add_x_header is used and no other headers are passed to mail().
The scenario in which custom headers are used was already fixed in #48620 , back in 2009.
2014-02-28 22:22:07 +08:00
Stanislav Malyshev
d5560faaa3
drop precision since trigonometric functions are non-portable
...
See: http://stackoverflow.com/questions/21212326/floating-point-arithmetic-and-reproducibility
2014-01-26 15:51:17 -08:00
Will Fitch
5b906ce6eb
Fix bug #66509 : copy() arginfo incorrect since 5.4
...
Since 5.4, the ZEND_BEGIN_ARG_INFO_EX was replaced
by non _EX, causing Reflection to assume the
$context parameter is required.
2014-01-18 11:25:53 -05:00
Anatol Belski
1c586d4070
one more extension for the basename test
2014-01-05 19:19:54 +01:00
Anatol Belski
3f7f72adb2
improved the fix for bug #66395
...
- fixed the traverse vulnerability in case like c:d:file.txt
- ensure paths containing NTFS streams are still worky
2014-01-05 19:05:04 +01:00
Anatol Belski
46f60fae22
Fixed bug #66395 basename function doesn't remove drive letter
2014-01-03 22:25:58 +01:00
Dmitry Stogov
edbefd1d5c
Fixed tests
2013-12-02 11:53:35 +04:00
Anatol Belski
345032946c
fixed test
2013-11-21 21:24:47 +01:00
Yasuo Ohgaki
0d558afc05
Fix WS in serialization_error_002.phpt
2013-11-20 07:17:53 +09:00
Aaron Hamid
050dd59c63
added a test to cover distinction between boolean return value of unserialize function and deserializing serialized boolean
2013-11-20 07:14:53 +09:00
Jeff Welch
101c780500
Fixed tests that fail with non-default serialize_precision
configurations.
...
See:
* https://bugs.php.net/bug.php?id=64760
* 4dc4302
2013-11-20 06:17:23 +09:00
Xinchen Hui
823e330c75
Fixed Bug #66094 (unregister_tick_function tries to cast a Closure to a string)
2013-11-17 17:04:37 +08:00
Xinchen Hui
cf2626f10c
Fixed bug #65947 (basename is no more working after fgetcsv in certain situation)
...
previous codes: "#define php_mblen(ptr, len) ((ptr) == NULL ? mbsinit(&BG(mblen_state)):
(int)mbrlen(ptr, len, &BG(mblen_state)))#
it use mbsinit there, seems try to initialize the mblen_state, but:
"This function does not change the state identified by ps. Typical ways
to make the state pointed by ps an initial state are:
memset (ps,0,sizeof(*ps)); // ps points to zero-valued object
"
http://www.cplusplus.com/reference/cwchar/mbsinit/?kw=mbsinit
2013-11-08 15:32:28 +08:00
Sara Golemon
8b6b39fdcf
Add a couple more test cases to parse_url() tests
...
http://::# (valid but silly)
http://# (invalid)
2013-11-06 10:32:11 +01:00
ptarjan
290becb1f1
fix missing change from 'tcp_socket' to the more common 'server'
2013-11-06 10:32:00 +01:00
ptarjan
9c1e1bbc05
fix many parallel test issues
...
While running these on HHVM I've run into a lot of parallelism issues.
I'm backporting all the fixes I had to do in
https://github.com/facebook/hiphop-php/blob/master/hphp/tools/import_zend_test.py#L650
to php core.
Most of these changes were just filenames that were shared between
tests, but I did more surgery on the fixed ports. I can apreciate port
31337 as much as the next nerd, but random ports are better for tests.
2013-11-06 10:31:47 +01:00
Yasuo Ohgaki
4dc4302a30
Fixed Bug 64760 var_export() does not use full precision for floating-point numbers
2013-10-29 17:24:23 +09:00
Michael Wallner
2ecf94e07e
Just SKIP that test on travis
2013-10-21 12:16:41 +02:00
Michael Wallner
8973390541
fix bug #64146 (serialize incorrectly saving objects when they are
...
cloned)
2013-10-04 16:16:15 +02:00
Michael Wallner
e8ae795529
such a weird hack probably helps in finding regressions in the future
2013-10-04 16:11:49 +02:00
Michael Wallner
18b04b480e
Fixed bug #61548
2013-10-01 11:07:55 +02:00
Michael M Slusarz
3f9af558e7
Fix #65483 : quoted-printable encode stream filter incorrectly encoding spaces
2013-08-24 19:45:54 -07:00
Michael Wallner
1ac4d8f2c6
fix bug #65481 (shutdown segfault due to serialize)
2013-08-20 00:05:11 +02:00
Anatol Belski
4bad49e3bc
added new glob() test
2013-08-19 11:17:13 +02:00
Christopher Jones
9d62807190
Skip test if SKIP_ONLINE_TESTS set
2013-08-14 15:45:06 -07:00
Veres Lajos
8d86597d73
non living code related typo fixes
2013-08-04 16:05:36 -07:00