Christoph M. Becker
af3031d755
Merge branch 'PHP-5.6' into PHP-7.0
2016-09-06 12:11:24 +02:00
Christoph M. Becker
dad793630d
Fix #73025 : Heap Buffer Overflow in virtual_popen of zend_virtual_cwd.c
...
`command_length` is retrieved via strlen() and later passed to emalloc()
and memcpy(), so the appropriate type is `size_t`.
We don't add a regression test, because that would need to allocate a string
of at least 2 GiB.
2016-09-06 12:05:58 +02:00
Stanislav Malyshev
374ae8e9da
Fix for bug #72513
...
This is applicable to 7 as well, but was somehow missing from the merge.
2016-07-19 17:18:24 +02:00
Stanislav Malyshev
4d0565b5ba
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
fix #72519 , possible OOB using imagegif
fix #72512 , invalid read or write for palette image when invalid transparent index is used
Apparently some envs miss SIZE_MAX
Fix tests
Fix bug #72618 : NULL Pointer Dereference in exif_process_user_comment
Partial fix for bug #72613 - do not treat negative returns from bz2 as size_t
Fix bug #72606 : heap-buffer-overflow (write) simplestring_addn simplestring.c
Fix for bug #72558 , Integer overflow error within _gdContributionsAlloc()
Fix bug #72603 : Out of bound read in exif_process_IFD_in_MAKERNOTE
Fix bug #72562 - destroy var_hash properly
Fix bug #72533 (locale_accept_from_http out-of-bounds access)
Fix fir bug #72520
Fix for bug #72513
CS fix and comments with bug ID
Fix for HTTP_PROXY issue.
add tests for bug #72512
Fixed bug #72512 gdImageTrueColorToPaletteBody allows arbitrary write/read access
Fixed bug #72479 - same as #72434
Conflicts:
ext/bz2/bz2.c
main/SAPI.c
main/php_variables.c
2016-07-19 00:53:08 -07:00
Stanislav Malyshev
a099545bec
Fix for bug #72513
2016-07-12 21:52:27 -07:00
Anatol Belski
0718aa5833
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
fix handle leak
2016-05-10 20:02:17 +02:00
Anatol Belski
6b63d80a7a
fix handle leak
2016-05-10 19:59:48 +02:00
Xinchen Hui
67f0770036
tsrm_win32_get_path_sid_key might returns NULL (Partially fix bug #71752 )
...
cherry-picked from 7d5f71b0b1
2016-03-10 09:33:39 +01:00
Xinchen Hui
7d5f71b0b1
tsrm_win32_get_path_sid_key might returns NULL (Partially fix bug #71752 )
2016-03-10 14:24:13 +08:00
Xinchen Hui
97a9470d97
bump year which is missed in rev 49493a2
2016-01-02 17:56:11 +08:00
Lior Kaplan
c51e73c803
Happy new year (Update copyright to 2016)
2016-01-01 19:23:04 +02:00
Anatol Belski
9968129831
don't get invalid chmod mode through
2015-11-05 14:46:23 +01:00
Anatol Belski
dea14fc707
zero cwd buffer before passing to chmod
2015-11-05 14:46:18 +01:00
Kalle Sommer Nielsen
ce2cd89258
Replace references to PHP_WIN32 and TSRM_WIN32 with ZEND_WIN32 in Zend/, this also fixes 1 instance of where fflush(stderr) was misplaced (zend_extensions.c)
2015-07-04 18:55:22 +02:00
Anatol Belski
6084844fb5
Fix bug #69814 Enabling php_curl, php_mysqli, and php_openssl causes php-cgi to crash
2015-06-13 18:45:27 +02:00
Anatol Belski
cf50748f2b
move S_IFLNK define into header
2015-05-25 18:07:47 +02:00
Anatol Belski
c444c4172f
further cleanups with S_IF* macros generalized declarations
2015-05-25 18:03:28 +02:00
Anatol Belski
890a28d4b9
Fixed bug #69511 Off-by-one bufferoverflow in php_sys_readlink
2015-05-19 15:44:55 +02:00
Anatol Belski
4af9ca544e
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
backported patch for bug #69472
2015-04-28 15:32:22 +02:00
Jan Starke
6e4a1b7862
Fixed bug #69472 php_sys_readlink ignores misc errors from GetFinalPathNameByHandleA
2015-04-28 15:28:57 +02:00
Kalle Sommer Nielsen
313d01f30a
Drop old VC support in Zend Engine, this also kills the remaining MessageBox fix for Windows 9x that Anatol changed a while back
2015-03-29 07:10:39 +02:00
Xinchen Hui
fc33f52d8c
bump year
2015-01-15 23:27:30 +08:00
Xinchen Hui
0579e8278d
bump year
2015-01-15 23:26:37 +08:00
Stanislav Malyshev
b7a7b1a624
trailing whitespace removal
2015-01-10 15:07:38 -08:00
Anatol Belski
bdeb220f48
first shot remove TSRMLS_* things
2014-12-13 23:06:14 +01:00
Dmitry Stogov
3893c1fc3d
Fixed compilation warnings
2014-12-12 21:57:34 +03:00
Anatol Belski
fb6c3d3cf5
fix datatype mismatches
2014-11-18 13:19:49 +01:00
Anatol Belski
999d387bf8
move these functions to the appropriate place
...
and include the necessary header
2014-11-10 10:58:19 +01:00
Anatol Belski
cd574ca467
fix datatype mismatch warning
2014-10-31 19:36:19 +01:00
Xinchen Hui
84783ecb7e
Fixed outof memory (length == -1)
2014-10-31 12:25:40 +08:00
Anatol Belski
1b4fd5825a
fix datatype mismatch warnings
2014-10-24 20:57:38 +02:00
Anatol Belski
c41fbcfb4c
improved file size computation in stat()
...
On 32 bit it's still overwlowing, so nothing is changed there. But
the usage of LARGE_INTEGER instead of bit shifting is a better way
to go.
2014-10-02 12:18:02 +02:00
Anatol Belski
065edced71
added a comment
2014-09-22 09:41:56 +02:00
Anatol Belski
dc7a66a1c4
fix the REPARSE_DATA_BUFFER struct def
2014-09-22 09:41:54 +02:00
Anatol Belski
2fc1a1dce5
fixed copying of the struct as it's not being modified
...
in the subsequent function call
2014-09-20 20:58:00 +02:00
Johannes Schlüter
d0cb715373
s/PHP 5/PHP 7/
2014-09-19 18:33:14 +02:00
Anatol Belski
d1131d4278
reverted some previous IS_ABSOLUTE_PATH related changes
...
It's fine with strlen usage now, only one call
2014-09-19 16:30:05 +02:00
Anatol Belski
3ec7c28084
forgot to replace the strlen call
2014-09-19 13:14:16 +02:00
Anatol Belski
6bbebc60ea
avoid multiple strlen calls for the same buffer
2014-09-19 12:39:17 +02:00
Anatol Belski
455741fce3
master renames phase 4
2014-08-25 20:57:25 +02:00
Anatol Belski
c3e3c98ec6
master renames phase 1
2014-08-25 19:24:55 +02:00
Anatol Belski
5eefbce083
fix types in virtual cwd
2014-08-20 17:49:52 +02:00
Anatol Belski
90d6f60bc1
mostly fixes to spl, but also some other
2014-08-17 13:31:39 +02:00
Anatol Belski
8ee2a4a9b5
first shot on merging the core fro the int64 branch
2014-08-16 11:16:11 +02:00
Xinchen Hui
c081ce628f
Bump year
2014-01-03 11:08:10 +08:00
Anatol Belski
f1c2f8f9f1
removed unnecessary call
2013-10-31 21:38:24 +01:00
Anatol Belski
4d430ecb02
simplify the state free macros
2013-10-31 17:39:17 +01:00
Anatol Belski
abb962d54d
compact the code to preserve the error info after state freeing
2013-10-30 20:46:08 +01:00
Anatol Belski
25dc4af392
enabled windows to use stack in both ts/nts mode, some more fixes
2013-10-24 08:48:09 -07:00
Anatol Belski
08f6a76b92
moved to do_alloca() usage where appropriate
2013-10-24 05:12:37 -07:00