Christoph M. Becker
73f29a5c5e
Merge branch 'PHP-7.3' into PHP-7.4
...
* PHP-7.3:
Add missing skip keyword in tests
2019-10-01 11:17:53 +02:00
Christoph M. Becker
2fc5d00afa
Merge branch 'PHP-7.2' into PHP-7.3
...
* PHP-7.2:
Add missing skip keyword in tests
2019-10-01 11:15:12 +02:00
Fabien Villepinte
209e37db7d
Add missing skip keyword in tests
2019-10-01 11:13:36 +02:00
Fabien Villepinte
0aa3acc6c4
Fix borked SKIPIFs
2019-09-30 17:51:41 +02:00
Nikita Popov
1f0ffece91
Merge branch 'PHP-7.3' into PHP-7.4
2019-09-30 15:06:43 +02:00
Nikita Popov
0805e132b0
Merge branch 'PHP-7.2' into PHP-7.3
2019-09-30 15:06:32 +02:00
Nikita Popov
6fcde56b03
Fixed bug #78612
2019-09-30 15:06:07 +02:00
Nikita Popov
1806ce9cb0
Add max_depth option to unserialize()
...
Add a max_depth option to unserialize and an unserialize_max_depth
ini setting, which can be used to control the depth limit. The
default value is 4096.
This option is intended to prevent stack overflows during the
unserialization of deeply nested structures.
This fixes bug #78549 and addresses oss-fuzz #17581 , #17589 , #17664 ,
and #17788 .
2019-09-30 10:28:24 +02:00
Nikita Popov
b154c12cc9
Fix file clash in rename_variation.phpt
...
rename_variation2.tmp is ... unsurprisingly ... already used by
rename_variation2.phpt. Alternatively it could be placed in the
directory that the test creates, but maybe this is intended to
test cross-directory renames, so I'll leave it.
2019-09-27 11:11:23 +02:00
Nikita Popov
a6c9c7c2b8
Handle resources used as array keys consistently
...
Resources used as array keys are generally handled by throwing a
notice and converting the resource to the resource handle. The only
exception is the [$resource => null] syntax, where this was treated
as an illegal offset type instead. However, this also only happened
for VM evaluations, the AST evaluator did handle resources correctly.
2019-09-27 10:40:41 +02:00
Nikita Popov
b8ef7c35ab
Increase serialize_lock while decoding session
...
Avoid leaking state between Serializable::unserialize() and
session_decode().
2019-09-25 11:02:23 +02:00
Nikita Popov
b100d51ba2
Remove xfail on bug70219.phpt
...
Looks like this is working as it's supposed to, the test expectation
just needs to be adjusted.
2019-09-25 10:57:03 +02:00
Nikita Popov
dbeeabed9b
Merge branch 'PHP-7.3' into PHP-7.4
2019-09-23 17:18:39 +02:00
Nikita Popov
954d073833
Merge branch 'PHP-7.2' into PHP-7.3
2019-09-23 17:18:33 +02:00
Nikita Popov
3ddb63dce1
Fix skipif condition
2019-09-23 17:17:52 +02:00
Nikita Popov
2bb04106be
Merge branch 'PHP-7.3' into PHP-7.4
2019-09-23 16:42:59 +02:00
Nikita Popov
d0f4966b05
Merge branch 'PHP-7.2' into PHP-7.3
2019-09-23 16:42:33 +02:00
Nikita Popov
bc4c4c658c
Skip test on 32-bit
2019-09-23 16:42:24 +02:00
Nikita Popov
41335afed9
Merge branch 'PHP-7.3' into PHP-7.4
2019-09-23 14:52:40 +02:00
Nikita Popov
087051c9a5
Skip test on 32-bit
2019-09-23 14:52:32 +02:00
Nikita Popov
1a184f030a
Commit regenerated var_unserializer.c
2019-09-23 13:47:05 +02:00
Nikita Popov
c2add43bbc
Merge branch 'PHP-7.3' into PHP-7.4
2019-09-23 13:18:59 +02:00
Nikita Popov
f53af9ac23
Merge branch 'PHP-7.2' into PHP-7.3
2019-09-23 13:18:39 +02:00
Nikita Popov
8509970e6a
Fix signed integer overflow in SplObjectStorage unserialization
...
If count is ZEND_LONG_MIN the count-- loop underflows. This is
ultimately harmless, but results in a ubsan warning.
Fix this by adding a sanity check that the count isn't negative,
because that doesn't make sense...
2019-09-23 13:18:27 +02:00
Nikita Popov
3f0cab53b2
Merge branch 'PHP-7.3' into PHP-7.4
2019-09-23 13:09:01 +02:00
Nikita Popov
e65adc9c19
Fix ubsan violation in parse_iv2
...
This fixes two issues:
* Negative the value in an unsigned type to avoid signed overflow.
* Treat -0 as 0 rather than an invalid number that gets converted
to ZEND_LONG_MIN.
2019-09-23 13:08:44 +02:00
Nikita Popov
7c6985d7cb
Merge branch 'PHP-7.3' into PHP-7.4
2019-09-17 17:34:24 +02:00
Nikita Popov
409e9ea51d
Merge branch 'PHP-7.2' into PHP-7.3
2019-09-17 17:34:08 +02:00
Nikita Popov
175f4f24ae
Increase timeout in test
2019-09-17 17:33:46 +02:00
Nikita Popov
b50a90867a
Merge branch 'PHP-7.3' into PHP-7.4
2019-09-17 15:43:35 +02:00
Nikita Popov
c5d4c45e7d
Merge branch 'PHP-7.2' into PHP-7.3
2019-09-17 15:42:58 +02:00
fancyweb
e691a98c1f
Fix #76342 : file_get_contents waits twice specified timeout
2019-09-17 15:42:29 +02:00
Nikita Popov
d266ba4f2d
Check for exception after calling count_values()
...
To avoid a duplicate error if count_values() throws.
2019-09-17 13:13:44 +02:00
Fabien Villepinte
1792adebfd
Improve test usleep_basic by inlining its output
...
Closes GH-4703.
2019-09-17 12:07:06 +02:00
Nikita Popov
c3376bf7ae
Fix use-after-free due to packed->mixed conversion with __unserialize()
2019-09-16 14:37:16 +02:00
Nikita Popov
0d3da6ac25
Fix segfault when unserializing abstract class
2019-09-16 13:52:52 +02:00
Nikita Popov
b29b846863
Merge branch 'PHP-7.3' into PHP-7.4
2019-09-16 13:03:08 +02:00
Nikita Popov
74876f09c4
Merge branch 'PHP-7.2' into PHP-7.3
2019-09-16 13:02:56 +02:00
Nikita Popov
8873df8e86
Fix leak in SplObjectStorage unserialization
...
The result of php_var_unserialize always needs to be destroyed,
even if the call failed.
2019-09-16 13:02:32 +02:00
Nikita Popov
4377a8ea41
Sanity-check array/object lengths during unserialization
...
Avoid OOM conditions in unserialize due to overly large array or
object length specifications.
2019-09-16 11:38:35 +02:00
Christoph M. Becker
da8aa4a798
Merge branch 'PHP-7.2' into PHP-7.3
...
* PHP-7.2:
Stick with zend_long for ABI compatibility
2019-09-15 15:13:13 +02:00
Christoph M. Becker
81cefab7b0
Stick with zend_long for ABI compatibility
...
Cf. <https://github.com/php/php-src/pull/4700#issuecomment-531515689 >.
2019-09-15 15:11:25 +02:00
Christoph M. Becker
d0247a63b6
Merge branch 'PHP-7.3' into PHP-7.4
...
* PHP-7.3:
Fix #78535 : auto_detect_line_endings value not parsed as bool
2019-09-14 18:48:28 +02:00
Christoph M. Becker
00ad365125
Merge branch 'PHP-7.2' into PHP-7.3
...
* PHP-7.2:
Fix #78535 : auto_detect_line_endings value not parsed as bool
2019-09-14 18:47:12 +02:00
bugreportuser
fdcca93056
Fix #78535 : auto_detect_line_endings value not parsed as bool
2019-09-14 18:46:09 +02:00
Nikita Popov
ab4f725d83
Use XtOffsetOf() in url_scanner_ex
...
Instead of a manual implementation.
2019-09-14 00:25:14 +02:00
David Carlier
711bd0a0fc
Fix tautological compare warning
...
The ZEND_ALLOCATOR() macro compares against constants that are
larger than the unsigned short type, resulting in warnings on
clang. Avoid this by explicitly casting to size_t.
2019-09-14 00:25:00 +02:00
Nikita Popov
1ce830a4aa
Fix another pointer indexing UB in http_fopen_wrapper
...
Only compute the gep after checking whether the pointer is NULL.
2019-09-11 10:31:03 +02:00
Nikita Popov
11f3e24190
Fixed bug #78506
2019-09-11 10:27:32 +02:00
Nikita Popov
974e77b345
Clarify that our usage of gettimeofday() is infallible
...
And that false can't be returned for this reason.
2019-09-09 17:11:22 +02:00