Ilia Alshanetsky
ae1c5674cb
Fixed MOPB-33-2007:PHP mail() Message ASCIIZ Byte Truncation
2007-03-27 00:13:09 +00:00
Rob Richards
b7c2eb3228
fix bug #37386 (autocreating element doesn't assign value to first node)
...
all single SimpleXMLElements are addressable using offset 0
use correct node for xpath context node
add test
2007-03-26 20:14:58 +00:00
Antony Dovgal
7053b89072
MFH: fix #40915 (addcslashes unexpected behavior with binary input)
2007-03-26 10:25:41 +00:00
Marcus Boerger
4e085083cd
- MFH Need to install headers
2007-03-25 12:53:47 +00:00
foobar
82023f9aac
- Fixed test to skip when mysqld is not running
2007-03-25 01:14:51 +00:00
Marcus Boerger
eceb7faee0
- MFH Drop double variable declaration
2007-03-24 16:28:53 +00:00
Ilia Alshanetsky
bc1f7356d7
Fixed CRLF injection inside ftp_putcmd().
...
# Reported on BugTraq by loveshell[at]Bug.Center.Team
2007-03-24 16:25:42 +00:00
Nuno Lopes
88f48476f9
regenerate to fix gcov build. plus use re2c bitvectors
2007-03-23 20:28:40 +00:00
Stanislav Malyshev
0af75d6b1a
fix MOPB-29 - unserialize modifier S does not calculate length correctly
...
# reported by Stefan Esser
2007-03-23 20:15:22 +00:00
Wez Furlong
cbb0db124b
export the module guy in the external dll version of the build
2007-03-23 14:30:00 +00:00
Ilia Alshanetsky
57a88f71d5
Added -- test case
2007-03-22 23:34:14 +00:00
Douglas Goldstein
4b39efa0ee
Replaced all instances of ldap_get_values() with ldap_get_values_len(), which returns back the length of the data so on non-NULL terminated data we don't crash in a strlen(). Removed the PHP function ldap_get_values() since it's the same thing as ldap_get_values_len() now and made it alias ldap_get_values_len(). This should fix some random PHP<->LDAP crashes
2007-03-22 21:50:34 +00:00
Wez Furlong
76329a99f0
Add php_pdo_sqlite_external.dll to windows build.
...
This allows the user to provide their own version of sqlite3.dll.
The php_pdo_sqlite.dll is still there, and will continue to be there.
It is built from the bundled sources.
[[DOC]]
(this should cc: phpdoc, if it's wrong, please let the docs folks know :-)
2007-03-22 01:00:23 +00:00
Derick Rethans
b7a791827c
- Revert this patch, as the code was incorrect.
...
- It was also not committed to HEAD.
2007-03-21 09:40:33 +00:00
Ilia Alshanetsky
5abffb51b6
Fixed bug #40861 (Multiple +/- on relative units breaks strtotime()).
2007-03-21 00:25:55 +00:00
Marcus Boerger
4c1c431a38
- MFH Fix Bug #40872 (inconsistency in offsetSet, offsetExists treatment
...
of string enclosed integers)
2007-03-20 20:28:08 +00:00
Marcus Boerger
6081c2284e
- MFH Optional dependency for SPL must be specified in header
2007-03-20 20:00:27 +00:00
Dmitry Stogov
3ee54ce924
Added ability to encode arrays with "SOAP-ENC:Array" type instead of WSDL type. To activate the ability use "feature"=>SOAP_USE_XSI_ARRAY_TYPE option in SoapClient/SoapServer constructors.
2007-03-20 09:52:14 +00:00
Dmitry Stogov
ef06bfa3ec
Fixed bug #36226 (Inconsistent handling when passing nillable arrays)
2007-03-20 07:51:32 +00:00
Ilia Alshanetsky
13aac95bfc
Fixed bug #40854 (imap_mail_compose() creates an invalid terminator for
...
multipart e-mails).
2007-03-19 22:56:57 +00:00
Antony Dovgal
ddc07c90b6
new test
2007-03-19 08:11:14 +00:00
Rob Richards
b172d3f8cd
MFH: fix bug #40836 (Segfault in ext/dom)
...
add test
2007-03-18 21:31:05 +00:00
Wez Furlong
16fc958508
fixes #40848
2007-03-18 20:20:23 +00:00
Ilia Alshanetsky
89939e13d6
Fixed MOPB-26-2007 mb_parse_str() can be used to activate register_globals
...
# Discovered by Stefan Esser
2007-03-18 16:36:13 +00:00
Antony Dovgal
8e67ec8225
MFH: fix #40794 (ReflectionObject::getValues() may crash when used with dynamic properties)
2007-03-17 23:00:49 +00:00
Stanislav Malyshev
7b7dcc89f3
fix spprintf usage
2007-03-16 21:59:23 +00:00
Stanislav Malyshev
a424d65e0b
add test
2007-03-16 19:55:21 +00:00
Stanislav Malyshev
90eff54400
Fix UMR in array_user_key_compare() (MOPB24 by Stefan Esser)
2007-03-16 19:38:58 +00:00
Sebastian Bergmann
d3cb98caf0
Fugbix typo.
2007-03-16 06:41:24 +00:00
Antony Dovgal
6a45f716ae
fix #40805 (Failure executing function ibase_execute())
2007-03-15 22:33:04 +00:00
Antony Dovgal
f6536ed2b2
MFH: remove unnecessary warning in case of exception
2007-03-14 23:47:44 +00:00
Ilia Alshanetsky
7aab16c333
Fixed MOPB-22-2007:PHP session_regenerate_id() Double Free Vulnerability
...
# Discovered by Stefan Esser
2007-03-14 19:37:07 +00:00
Antony Dovgal
f9d54cbb75
MFH: fix #40750 (openssl stream wrapper ignores default_stream_timeout)
2007-03-14 19:22:14 +00:00
Ilia Alshanetsky
5ed63dd8a9
Fixed a possible memory leak on open_basedir validation
2007-03-14 15:02:20 +00:00
Pierre Joye
fc3a62ed48
- MFH: openbasedir and safemode check in ::open()
2007-03-14 12:06:20 +00:00
Timm Friebe
b9bc7c55d4
- Changed message handler also to handle message #11021
...
- Adjusted expected output
# Seems newer Sybase versions yielf different error codes for getdate(NULL)
2007-03-14 11:57:45 +00:00
Timm Friebe
ca75503c8f
- Fixed segmentation fault in sybase_connect()
...
# This was introduced by changing sprintf -> spprintf and resulted
# from passing a char* to spprintf() instead of a char**
2007-03-14 11:48:49 +00:00
Timm Friebe
142357d445
- Changed expected output
...
# select getdate() returns something like "Mar 14 2007 12:44PM", we
# were checking for one additional (nonexistant) whitespace after "Mar"
# which was wrong. Don`t know when and how this changed
2007-03-14 11:46:06 +00:00
Timm Friebe
d8ed658b78
- Changed expected output
...
# Due to var_export() & __set_state() changes
2007-03-14 11:44:24 +00:00
Pierre Joye
b40b5b5305
- MFH: Fixed possible relative path issues in zip_open in TS mode (old API)
2007-03-14 11:32:25 +00:00
Pierre Joye
1c0b8e6f15
- rename SAFEMODE_CHECKFILE to OPENBASEDIR_CHECKPATH (can be used without
...
confusing in head without confusion)
- Add safemode and open basedir checks in zip:// wrapper (revert Ilia's
patch). Bug found by Stefan Esser in his MOPB-20-2007
2007-03-14 11:08:57 +00:00
Pierre Joye
4f5303ab92
- add more cases for getComment
2007-03-14 11:02:29 +00:00
Martin Kraemer
9c62ddde34
Typo
2007-03-14 09:58:14 +00:00
Ilia Alshanetsky
6d70aa1f4e
Added missing open_basedir & safe_mode checks to zip:// and bzip://
...
wrappers.
Issues idendtified by MOPB-20 and MOPB-21
2007-03-14 03:50:18 +00:00
Stanislav Malyshev
c3e4a2854a
fix odbc resource handling, patch by Dave Lawson
2007-03-13 00:04:38 +00:00
Antony Dovgal
81f99c721b
return false instead of empty string when -length is greater than (len - offset)
2007-03-12 23:42:26 +00:00
Ilia Alshanetsky
c829314963
malloc() -> pemalloc()
2007-03-12 23:21:41 +00:00
Antony Dovgal
165f44c9c3
MFH
2007-03-12 20:55:15 +00:00
Antony Dovgal
5088614ea1
synchronize iconv_substr() behavior with substr()
...
no MFB so far, since substr() changes are not MFBed either
2007-03-12 19:34:26 +00:00
Ilia Alshanetsky
f96245f8b4
malloc() -> pemalloc()
2007-03-11 18:42:19 +00:00
Antony Dovgal
80616688db
MFH
2007-03-11 12:56:44 +00:00
Antony Dovgal
e8ede1ec08
fix tests
2007-03-11 12:54:54 +00:00
Ilia Alshanetsky
e82c30c845
Re-added check removed by the previous patch
2007-03-10 20:07:50 +00:00
Ilia Alshanetsky
1453879587
Added additional checks for long input arrays inside
...
import_request_variables().
# Missing checks identified by Stefan Esser
2007-03-10 19:20:16 +00:00
Pierre Joye
cb11ba761e
- MFH: CVE-2007-1001, integer overflow with invalid wbmp images
2007-03-10 12:18:36 +00:00
Pierre Joye
547e4760e0
- #40764 , line thickness not respected for horizontal and vertical lines
...
- add test
- NEWS entry
2007-03-10 01:13:19 +00:00
Stanislav Malyshev
1e9fd0f002
add testcase
2007-03-09 18:37:03 +00:00
Antony Dovgal
982de65f6e
fix substr()
...
it's perfectly legal to do substr("str", 0, 1000000);
2007-03-09 10:04:59 +00:00
Antony Dovgal
c9ded196b4
fix tests
2007-03-09 09:45:14 +00:00
Ilia Alshanetsky
02fae929af
Fixed bug #40754 (added substr() & substr_replace() overflow checks).
2007-03-09 01:58:34 +00:00
Ilia Alshanetsky
b3b6db3f03
Add _SESSION to checklist
2007-03-09 01:48:56 +00:00
Ilia Alshanetsky
0fa1427c6e
Fixed a possible super-global overwrite inside import_request_variables().
...
# Reported by Stefano Di Paola
2007-03-09 01:42:20 +00:00
Rasmus Lerdorf
5b9ec4828f
Off by ! in the url control char check for file:/// urls
2007-03-09 01:20:34 +00:00
Pierre Joye
1286d9e266
- #40764 , line thickness not respected for horizontal and vertical lines
2007-03-09 01:18:40 +00:00
Stanislav Malyshev
6e460bab4e
fix crash/leak in bug #38710
2007-03-08 22:49:53 +00:00
Nuno Lopes
5116b67016
fix thread unsafety in the gif reader code (merge from libgd cvs)
2007-03-08 20:24:53 +00:00
Stanislav Malyshev
79195bfe2e
clarify checks and error messages
2007-03-08 00:47:04 +00:00
Antony Dovgal
af1843f866
MFH: fix #40752 (parse_ini_file() segfaults when a scalar setting is redeclared as an array)
2007-03-08 00:44:23 +00:00
Ilia Alshanetsky
8696c9bc89
Improved length parameter validation
2007-03-08 00:18:10 +00:00
Ilia Alshanetsky
42ff70ede8
Improved offset validation
2007-03-08 00:06:41 +00:00
Stanislav Malyshev
2625be4ed0
fix MOPB#14
...
# The error message seems wrong, so maybe better fix is needed
2007-03-07 18:15:46 +00:00
Antony Dovgal
0628f86e0e
fix small typo
...
add --with-zlib-dir option (and simple automagic zlib detection)
2007-03-07 09:36:22 +00:00
Antony Dovgal
c73225ab61
MFH: fix #40727 (segfault in PDO when failed to bind parameters)
2007-03-07 09:03:07 +00:00
Ilia Alshanetsky
4a614cd6b1
malloc() -> pemalloc()
2007-03-07 00:52:40 +00:00
Derick Rethans
d447facb42
- Updated timezone database to version 2007.3. (Derick)
2007-03-06 21:28:37 +00:00
Antony Dovgal
a8f076d7a3
use the aliases and eliminate one more compile warning
2007-03-06 21:04:27 +00:00
Antony Dovgal
cc49ea3a1e
MFH
2007-03-06 10:13:54 +00:00
Stanislav Malyshev
896abc5e34
use safe_realloc
2007-03-06 02:17:13 +00:00
Stanislav Malyshev
49a7bcd60b
use safe_realloc
2007-03-06 02:10:25 +00:00
Stanislav Malyshev
ec71493b99
use safe_erealloc
2007-03-06 02:03:28 +00:00
Marcus Boerger
331034afbb
- Revert last part and fix issue under windows
2007-03-06 01:19:47 +00:00
Marcus Boerger
3c21c05e43
- And the sizes too
2007-03-06 01:14:38 +00:00
Marcus Boerger
26ebcdfcb9
- More to go
...
# CVS sucks, you cannot mix -D with -r
# However, thanks edin for reminding me that we have mini version tags
# I still prefer subverison. There we don't have any problem of this kind
2007-03-06 01:13:21 +00:00
Marcus Boerger
638ffdb477
- There you go
2007-03-06 01:00:51 +00:00
Marcus Boerger
03bccc1b15
- MFH Revert back to sprintf (we could define snprintf for windows but we don't)
2007-03-06 00:56:42 +00:00
Ilia Alshanetsky
ff3e825083
Fixed bug #40417 (Allow multiple instances of the same named PDO token in
...
prepared statement emulation code).
2007-03-06 00:52:55 +00:00
Stanislav Malyshev
7508066230
fix broken snprintf code
2007-03-06 00:24:00 +00:00
Stanislav Malyshev
d856029c78
use safe_emalloc
2007-03-05 21:54:46 +00:00
andy wharmby
a252c79d53
Fixed bug #35872 (Prevent object store references during RSHUTDOWN)
2007-03-05 15:49:00 +00:00
Michael Wallner
3db2db7159
- fix ws as requested by derick
2007-03-05 14:10:18 +00:00
Michael Wallner
87b02796d8
- fix bug #40691 : add comparison object handler
2007-03-05 14:05:55 +00:00
Ilia Alshanetsky
ecf4e93630
Fixed bug #40703 (Resolved a possible namespace conflict between libxmlrpc
...
and MySQL's NDB table handler).
2007-03-04 18:24:49 +00:00
Ilia Alshanetsky
1ac71c4fe9
Fixed bug #40709 (array_reduce() behaves strange with one item stored
...
arrays).
2007-03-04 17:21:16 +00:00
Marcus Boerger
fa29c1a2f5
- Fix copy'n'paste issues
2007-03-04 14:01:06 +00:00
Marcus Boerger
ed359b4529
- MFH simplify, synch docu/implementation
2007-03-04 12:18:02 +00:00
Stanislav Malyshev
2ad036da3a
ik, make it memcpy
2007-03-04 04:38:43 +00:00
Stanislav Malyshev
b2673ab004
fix wrong code
...
# noticed by Stefan Esser
2007-03-04 02:23:47 +00:00
Ilia Alshanetsky
e769e1b49e
Fixed bug #40704 (strip_tags() does not handle single quotes correctly)
2007-03-03 15:46:29 +00:00
Marcus Boerger
e5397c076b
- MFH [DOC] Add SplFileInfo::getBasename(), DirectoryIterator::getBasename
...
- MFH Add SplFileInfo::getLinkTarget(), SplFileInfo::getRealPath()
# All based on suggestions by Arnold Daniels
2007-03-03 15:08:59 +00:00
Ilia Alshanetsky
a500d1efe9
Adjust checks to allow paths without a trailing /
2007-03-03 15:07:31 +00:00