clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-29 22:06:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
95,344 Commits 494 Branches 1,367 Tags 790 MiB
730288ae41
Commit Graph

54 Commits

Author SHA1 Message Date
Christoph M. Becker
af3031d755 Merge branch 'PHP-5.6' into PHP-7.0 2016-09-06 12:11:24 +02:00
Christoph M. Becker
dad793630d Fix #73025: Heap Buffer Overflow in virtual_popen of zend_virtual_cwd.c 
`command_length` is retrieved via strlen() and later passed to emalloc()
and memcpy(), so the appropriate type is `size_t`.

We don't add a regression test, because that would need to allocate a string
of at least 2 GiB.
 2016-09-06 12:05:58 +02:00
Stanislav Malyshev
374ae8e9da Fix for bug #72513 
This is applicable to 7 as well, but was somehow missing from the merge.
 2016-07-19 17:18:24 +02:00
Stanislav Malyshev
4d0565b5ba Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  fix #72519, possible OOB using imagegif
  fix #72512, invalid read or write for palette image when invalid transparent index is used
  Apparently some envs miss SIZE_MAX
  Fix tests
  Fix bug #72618: NULL Pointer Dereference in exif_process_user_comment
  Partial fix for bug #72613 - do not treat negative returns from bz2 as size_t
  Fix bug #72606: heap-buffer-overflow (write) simplestring_addn simplestring.c
  Fix for bug #72558, Integer overflow error within _gdContributionsAlloc()
  Fix bug #72603: Out of bound read in exif_process_IFD_in_MAKERNOTE
  Fix bug #72562 - destroy var_hash properly
  Fix bug #72533 (locale_accept_from_http out-of-bounds access)
  Fix fir bug #72520
  Fix for bug #72513
  CS fix and comments with bug ID
  Fix for HTTP_PROXY issue.
  add tests for bug #72512
  Fixed bug #72512 gdImageTrueColorToPaletteBody allows arbitrary write/read access
  Fixed bug #72479 - same as #72434

Conflicts:
	ext/bz2/bz2.c
	main/SAPI.c
	main/php_variables.c
 2016-07-19 00:53:08 -07:00
Stanislav Malyshev
a099545bec Fix for bug #72513 2016-07-12 21:52:27 -07:00
Anatol Belski
0718aa5833 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  fix handle leak
 2016-05-10 20:02:17 +02:00
Anatol Belski
6b63d80a7a fix handle leak 2016-05-10 19:59:48 +02:00
Xinchen Hui
67f0770036 tsrm_win32_get_path_sid_key might returns NULL (Partially fix bug #71752) 
cherry-picked from 7d5f71b0b1
 2016-03-10 09:33:39 +01:00
Xinchen Hui
7d5f71b0b1 tsrm_win32_get_path_sid_key might returns NULL (Partially fix bug #71752) 2016-03-10 14:24:13 +08:00
Xinchen Hui
97a9470d97 bump year which is missed in rev 49493a2 2016-01-02 17:56:11 +08:00
Lior Kaplan
c51e73c803 Happy new year (Update copyright to 2016) 2016-01-01 19:23:04 +02:00
Anatol Belski
9968129831 don't get invalid chmod mode through 2015-11-05 14:46:23 +01:00
Anatol Belski
dea14fc707 zero cwd buffer before passing to chmod 2015-11-05 14:46:18 +01:00
Kalle Sommer Nielsen
ce2cd89258 Replace references to PHP_WIN32 and TSRM_WIN32 with ZEND_WIN32 in Zend/, this also fixes 1 instance of where fflush(stderr) was misplaced (zend_extensions.c) 2015-07-04 18:55:22 +02:00
Anatol Belski
6084844fb5 Fix bug #69814 Enabling php_curl, php_mysqli, and php_openssl causes php-cgi to crash 2015-06-13 18:45:27 +02:00
Anatol Belski
cf50748f2b move S_IFLNK define into header 2015-05-25 18:07:47 +02:00
Anatol Belski
c444c4172f further cleanups with S_IF* macros generalized declarations 2015-05-25 18:03:28 +02:00
Anatol Belski
890a28d4b9 Fixed bug #69511 Off-by-one bufferoverflow in php_sys_readlink 2015-05-19 15:44:55 +02:00
Anatol Belski
4af9ca544e Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  backported patch for bug #69472
 2015-04-28 15:32:22 +02:00
Jan Starke
6e4a1b7862 Fixed bug #69472 php_sys_readlink ignores misc errors from GetFinalPathNameByHandleA 2015-04-28 15:28:57 +02:00
Kalle Sommer Nielsen
313d01f30a Drop old VC support in Zend Engine, this also kills the remaining MessageBox fix for Windows 9x that Anatol changed a while back 2015-03-29 07:10:39 +02:00
Xinchen Hui
fc33f52d8c bump year 2015-01-15 23:27:30 +08:00
Xinchen Hui
0579e8278d bump year 2015-01-15 23:26:37 +08:00
Stanislav Malyshev
b7a7b1a624 trailing whitespace removal 2015-01-10 15:07:38 -08:00
Anatol Belski
bdeb220f48 first shot remove TSRMLS_* things 2014-12-13 23:06:14 +01:00
Dmitry Stogov
3893c1fc3d Fixed compilation warnings 2014-12-12 21:57:34 +03:00
Anatol Belski
fb6c3d3cf5 fix datatype mismatches 2014-11-18 13:19:49 +01:00
Anatol Belski
999d387bf8 move these functions to the appropriate place 
and include the necessary header
 2014-11-10 10:58:19 +01:00
Anatol Belski
cd574ca467 fix datatype mismatch warning 2014-10-31 19:36:19 +01:00
Xinchen Hui
84783ecb7e Fixed outof memory (length == -1) 2014-10-31 12:25:40 +08:00
Anatol Belski
1b4fd5825a fix datatype mismatch warnings 2014-10-24 20:57:38 +02:00
Anatol Belski
c41fbcfb4c improved file size computation in stat() 
On 32 bit it's still overwlowing, so nothing is changed there. But
the usage of LARGE_INTEGER instead of bit shifting is a better way
to go.
 2014-10-02 12:18:02 +02:00
Anatol Belski
065edced71 added a comment 2014-09-22 09:41:56 +02:00
Anatol Belski
dc7a66a1c4 fix the REPARSE_DATA_BUFFER struct def 2014-09-22 09:41:54 +02:00
Anatol Belski
2fc1a1dce5 fixed copying of the struct as it's not being modified 
in the subsequent function call
 2014-09-20 20:58:00 +02:00
Johannes Schlüter
d0cb715373 s/PHP 5/PHP 7/ 2014-09-19 18:33:14 +02:00
Anatol Belski
d1131d4278 reverted some previous IS_ABSOLUTE_PATH related changes 
It's fine with strlen usage now, only one call
 2014-09-19 16:30:05 +02:00
Anatol Belski
3ec7c28084 forgot to replace the strlen call 2014-09-19 13:14:16 +02:00
Anatol Belski
6bbebc60ea avoid multiple strlen calls for the same buffer 2014-09-19 12:39:17 +02:00
Anatol Belski
455741fce3 master renames phase 4 2014-08-25 20:57:25 +02:00
Anatol Belski
c3e3c98ec6 master renames phase 1 2014-08-25 19:24:55 +02:00
Anatol Belski
5eefbce083 fix types in virtual cwd 2014-08-20 17:49:52 +02:00
Anatol Belski
90d6f60bc1 mostly fixes to spl, but also some other 2014-08-17 13:31:39 +02:00
Anatol Belski
8ee2a4a9b5 first shot on merging the core fro the int64 branch 2014-08-16 11:16:11 +02:00
Xinchen Hui
c081ce628f Bump year 2014-01-03 11:08:10 +08:00
Anatol Belski
f1c2f8f9f1 removed unnecessary call 2013-10-31 21:38:24 +01:00
Anatol Belski
4d430ecb02 simplify the state free macros 2013-10-31 17:39:17 +01:00
Anatol Belski
abb962d54d compact the code to preserve the error info after state freeing 2013-10-30 20:46:08 +01:00
Anatol Belski
25dc4af392 enabled windows to use stack in both ts/nts mode, some more fixes 2013-10-24 08:48:09 -07:00
Anatol Belski
08f6a76b92 moved to do_alloca() usage where appropriate 2013-10-24 05:12:37 -07:00