clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-29 22:06:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
95,710 Commits 494 Branches 1,367 Tags 790 MiB
732f67ee6f
Commit Graph

122 Commits

Author SHA1 Message Date
Stanislav Malyshev
c1355152db More fixing for bug #71540 2016-02-15 01:53:02 -08:00
Stanislav Malyshev
cf0cf5b507 Fix bug #71540 - NULL pointer dereference in xsl_ext_function_php() 2016-02-15 00:09:09 -08:00
Lior Kaplan
ed35de784f Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Happy new year (Update copyright to 2016)
 2016-01-01 19:48:25 +02:00
Lior Kaplan
49493a2dcf Happy new year (Update copyright to 2016) 2016-01-01 19:21:47 +02:00
Felipe Pena
20a384dfa9 Fixed bug #70678 (PHP7 returns true when false is expected) 
Cherry-pick from master.
 2015-10-16 17:44:17 +02:00
Dmitry Stogov
560e4fa393 Removed or simplified incorrect SEPARATE_*() macros usage. 2015-09-29 11:17:43 +03:00
Stanislav Malyshev
9b1a224d4e Merge branch 'PHP-5.6' 
* PHP-5.6: (21 commits)
  fix unit tests
  update NEWS
  add NEWS for fixes
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix bug ##70284 (Use after free vulnerability in unserialize() with GMP)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  ...

Conflicts:
	ext/exif/exif.c
	ext/gmp/gmp.c
	ext/pcre/php_pcre.c
	ext/session/session.c
	ext/session/tests/session_decode_variation3.phpt
	ext/soap/soap.c
	ext/spl/spl_observer.c
	ext/standard/var.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	ext/xsl/xsltprocessor.c
 2015-09-02 00:37:20 -07:00
Stanislav Malyshev
33d3acaae7 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  5.4.45 next

Conflicts:
	configure.in
	ext/pcre/php_pcre.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	main/php_version.h
 2015-09-01 11:42:19 -07:00
Stanislav Malyshev
1744be2d17 Fix for bug #69782 2015-08-16 17:16:15 -07:00
Nikita Popov
4854b11566 Partially fix XSLT warnings 
The two remaining issues seem to be genuine problems. We're treating
node->children as a string, even though it's actually an xmlNode.
The same code exists twice in xpath.c. In all cases gcov shows no
coverage for it.
 2015-07-17 21:12:15 +02:00
Dmitry Stogov
4a2e40bb86 Use ZSTR_ API to access zend_string elements (this is just renaming without semantick changes). 2015-06-30 04:05:24 +03:00
Rasmus Lerdorf
41774bceff Fix more minor mistakes in the proto comments 2015-06-23 15:47:33 -04:00
Dmitry Stogov
8633685675 Use specialized macro for string zval creation 2015-03-12 16:53:51 +03:00
Nikita Popov
a81e65a501 Remove xsl.security_prefs ini option 
Conflicts:
	ext/xsl/php_xsl.c
	ext/xsl/xsltprocessor.c
 2015-03-09 11:06:18 +01:00
Xinchen Hui
fc33f52d8c bump year 2015-01-15 23:27:30 +08:00
Xinchen Hui
73c1be2653 Bump year 2015-01-15 23:26:03 +08:00
Stanislav Malyshev
b7a7b1a624 trailing whitespace removal 2015-01-10 15:07:38 -08:00
Anatol Belski
bdeb220f48 first shot remove TSRMLS_* things 2014-12-13 23:06:14 +01:00
Anatol Belski
c00424e427 bring back all the TSRMLS_FETCH() stuff 
for better comparability with the mainstream
 2014-10-15 09:37:55 +02:00
Anatol Belski
75964594a2 drop TSRMLS_FETCH in xsl 2014-09-26 20:49:00 +02:00
Johannes Schlüter
d0cb715373 s/PHP 5/PHP 7/ 2014-09-19 18:33:14 +02:00
Dmitry Stogov
bccc653185 Avoid double IS_INTERNED() check 2014-09-19 17:32:50 +04:00
Anatol Belski
6db8d4f829 's' works with size_t round 3 2014-08-27 20:49:36 +02:00
Anatol Belski
3234480827 first show to make 's' work with size_t 2014-08-27 20:49:31 +02:00
Anatol Belski
af59e92b24 master renames phase 7 2014-08-25 21:51:49 +02:00
Anatol Belski
c3e3c98ec6 master renames phase 1 2014-08-25 19:24:55 +02:00
Anatol Belski
40912abf1d Merge remote-tracking branch 'php/master' 
Conflicts:
	ext/xsl/xsltprocessor.c
 2014-08-19 12:56:29 +02:00
Anatol Belski
168ea67b2d ported xsl, xml reader and writer 2014-08-19 12:55:03 +02:00
Anatol Belski
fa0cca85e5 fix uninitialized args usage 2014-08-19 12:50:27 +02:00
Anatol Belski
63d3f0b844 basic macro replacements, all at once 2014-08-19 08:07:31 +02:00
Dmitry Stogov
2ed8a17045 Refactored run_time_cache usage in object handlers 2014-07-07 20:54:31 +04:00
Xinchen Hui
d74f5ab3df Refactored ext/xsl, need some help in 3 tests failed 2014-05-15 17:43:44 +08:00
Dmitry Stogov
050d7e38ad Cleanup (1-st round) 2014-04-15 15:40:40 +04:00
Xinchen Hui
c081ce628f Bump year 2014-01-03 11:08:10 +08:00
Xinchen Hui
47c9027772 Bump year 2014-01-03 11:06:16 +08:00
Xinchen Hui
c0d060f5c0 Bump year 2014-01-03 11:04:26 +08:00
Michael Wallner
6408a1a59e fix bug #49634x 2013-12-02 12:10:00 +01:00
Christopher Jones
9ad97cd489 Reduce (some) compile noise of 'unused variable' and 'may be used uninitialized' warnings. 2013-08-14 20:36:50 -07:00
Xinchen Hui
0a7395e009 Happy New Year 2013-01-01 16:28:54 +08:00
Marc Easen
896ac689c9 Fixed the common misspelling of the word occurred (occured -> occurred) 2012-06-30 16:54:03 -07:00
Felipe Pena
4e19825281 - Year++ 2012-01-01 13:15:04 +00:00
Christian Stocker
eb039d5783 Added the xsl.security_prefs option to 5_4 and trunk and 
mark it as deprecated for BC-reasons
Added tests for ini option and combination of both
 2011-10-10 07:59:19 +00:00
Christian Stocker
6873ef7055 - Set an empty string and avoid warnings and stopping of the transformation process 
when a php function can't be called.
- Fixed tests.
 2011-08-31 09:14:08 +00:00
Ilia Alshanetsky
9c297247ef Another build fix relating to previous DOM commit 2011-08-08 16:49:43 +00:00
Ilia Alshanetsky
0b3cb3f220 Fixed build 2011-08-08 16:06:40 +00:00
Pierrick Charron
e03d19a00e Remove unused variables 2011-08-07 06:37:22 +00:00
Pierre Joye
894a746a80 - fix build 2011-07-14 11:12:33 +00:00
Christian Stocker
6be6c2d62d Added XsltProcessor::setSecurityPrefs($options) and getSecurityPrefs() 
to define forbidden operations within XSLT stylesheets, default is not to
enable any write operations from XSLT anymore. Bug #54446

(second iteration of the code for trunk, first commit for 5.4 branch)
 2011-07-12 04:58:38 +00:00
Felipe Pena
32b5f8a1a3 - Added new parameter parsing option (p - for valid path (string without null byte in the middle)) 
# The tests will be fixed in the next commits
 2011-06-06 21:28:16 +00:00
Felipe Pena
0203cc3d44 - Year++ 2011-01-01 02:17:06 +00:00