clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-23 10:57:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
106,402 Commits 491 Branches 1,363 Tags 844 MiB
864f5ef12f
Commit Graph

106402 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Remi Collet
864f5ef12f fix release date 2019-12-18 14:16:19 +01:00
Stanislav Malyshev
9705e631a4 [ci skip] Update NEWS 2019-12-16 23:41:04 -08:00
Stanislav Malyshev
6d5cddabaf Fix test 2019-12-16 10:03:43 -08:00
Stanislav Malyshev
c14eb8de97 Fix bug #78793 2019-12-16 01:14:58 -08:00
Stanislav Malyshev
d348cfb96f Fixed bug #78910 2019-12-16 00:10:39 -08:00
Christoph M. Becker
eb23c60087 Fix #78878: Buffer underflow in bc_shift_addsub 
We must not rely on `isdigit()` to detect digits, since we only support
decimal ASCII digits in the following processing.
 2019-12-16 00:05:03 -08:00
Stanislav Malyshev
b771a18133 Fix test 2019-12-16 00:03:18 -08:00
Christoph M. Becker
0e6c0654ed Fix #78862: link() silently truncates after a null byte on Windows 
Since link() is supposed to accepts paths (i.e. strings without NUL
bytes), we must not accept arbitrary strings.
 2019-12-16 00:03:06 -08:00
Christoph M. Becker
a5a15965da Fix #78863: DirectoryIterator class silently truncates after a null byte 
Since the constructor of DirectoryIterator and friends is supposed to
accepts paths (i.e. strings without NUL bytes), we must not accept
arbitrary strings.
 2019-12-16 00:02:57 -08:00
Remi Collet
d2cfb63f02 next is 7.2.27 2019-12-03 11:25:37 +01:00
Christoph M. Becker
600f1f898f Fix #78814: strip_tags allows / in tag name => whitelist bypass 
When normalizing tags to check whether they are contained in the set
of allowable tags, we must not strip slashes, unless they come
immediately after the opening `<`, or immediately before the closing
`>`.
 2019-12-02 11:37:25 +01:00
Christoph M. Becker
db420cb6a1 Fix #78833: Integer overflow in pack causes out-of-bound access 
We check for potential signed integer overflow, and bail out
gracefully, in that case.
 2019-12-02 11:18:19 +01:00
George Wang
c7141412ce Added environment LSAPI_CLEAN_SHUTDOWN to control clean shutdown. Update SAPI version to LiteSpeed v7.6 . 2019-11-21 17:57:50 -05:00
Christoph M. Becker
9b92c1d154 Fix #78849: GD build broken with -D SIGNED_COMPARE_SLOW 
Apparently, this has not been tested for a long time, and might be a
refactoring relict.  Anyhow, we have to pass the context to
`GIFNextPixel` as well.
 2019-11-21 09:59:26 +01:00
Christoph M. Becker
f6eac76b65 Update NEWS 2019-11-18 12:46:43 +01:00
Tyson Andre
a2c41c0ea6 Fix $x = (bool)$x; for undefined with opcache 
And `$x = !$x`

Noticed while working on GH-4912

The included test would not emit undefined variable errors in php 8.0
with opcache enabled. The command used:

```
php -d zend_extension=opcache.so --no-php-ini -d error_reporting=E_ALL \
    -d opcache.file_cache= -d opcache.enable_cli=1  test.php
```
 2019-11-18 11:24:03 +03:00
Stanislav Malyshev
2c9926f156 Fix bug #78804 - Segmentation fault in Locale::filterMatches 2019-11-11 22:32:35 -08:00
Nikita Popov
ee243bc471 Remove outdated comments in test 2019-11-07 14:06:23 +01:00
Nikita Popov
5fa6dcd972 Fixed bug #78759 
Handle INDIRECT values in array.
 2019-11-07 11:15:29 +01:00
Sara Golemon
d317e16e89
Bump for 7.2.26-dev 2019-11-05 10:57:29 -05:00
Nikita Popov
4f984a2fdb Fixed bug #78775 
Clear the OpenSSL error queue before performing SSL stream operations.
As we don't control all code that could possibly be using OpenSSL,
we can't rely on the error queue being empty.
 2019-11-05 12:13:46 +01:00
Christoph M. Becker
e29922f054 Fix test cases for libxml2 2.9.10 
Since the error reporting has been slightly changed, we have to adapt
the two affected test cases.
 2019-10-31 16:07:34 +01:00
Nikita Popov
5f6eaf355c Add missing refcount increment 2019-10-30 09:22:20 +01:00
Nikita Popov
f9895b4bf5 Fixed bug #78689 2019-10-29 15:06:16 +01:00
Stanislav Malyshev
2bdb13a1f7 Merge branch 'PHP-7.1' into PHP-7.2 
* PHP-7.1:
  Fix libmagic buffer overflow issue (CVE-2019-18218)
  bump version
  set versions for release
 2019-10-28 20:47:30 -07:00
Christoph M. Becker
89c327f884 Fix #78751: Serialising DatePeriod converts DateTimeImmutable 
When getting the properties of a DatePeriod instance we have to retain
the proper classes, and when restoring a DatePeriod instance we have to
cater to DateTimeImmutable instances as well.
 2019-10-28 13:07:28 +01:00
Nikita Popov
16c4910876 Fix bug #78752 
NULL out the execute_data before destroying it, otherwise GC may
trigger while the execute_data is partially destroyed, resulting
in double-frees.

The handling of call stack unfreezing is a bit awkward because it's
a ZEND_API function, so we can't change the signature.
 2019-10-28 10:27:32 +01:00
Stanislav Malyshev
469820048d Fix libmagic buffer overflow issue (CVE-2019-18218) 
Ported from 46a8443f76
 2019-10-27 16:30:38 -07:00
Nikita Popov
5249993814 Fixed bug #78747 2019-10-25 12:47:18 +02:00
Ryan Schmidt
8daf96cef3 Use ICU's CXXFLAGS when using pkg-config 
This mirrors how ICU's CXXFLAGS are already used when using icu-config.
 2019-10-23 11:17:37 +02:00
Nikita Popov
fa89c41f37 Add "-pthread" to EXTRA_LDFLAGS_PROGRAM as well 
This is a backport of c518932c03
from the PHP 7.4 branch.
 2019-10-23 11:06:51 +02:00
Joe Watkins
52f049879a
bump version 2019-10-22 18:58:39 +02:00
Joe Watkins
326cd05dae
set versions for release 2019-10-22 18:56:55 +02:00
Remi Collet
2213bd36fd add NEWS entry 2019-10-22 09:37:35 +02:00
Stanislav Malyshev
4b5cdda0c7 Merge branch 'PHP-7.1' into PHP-7.2 
* PHP-7.1:
  Fix bug #78599 (env_path_info underflow can lead to RCE) (CVE-2019-11043)
  bump versions after release
  set versions for release
 2019-10-21 13:17:09 -07:00
Fabien Villepinte
bea2ff88c9
Fix bug #78697: inaccurate error message 2019-10-21 09:22:09 +02:00
Jakub Zelenka
ab061f95ca Fix bug #78599 (env_path_info underflow can lead to RCE) (CVE-2019-11043) 2019-10-20 22:50:04 -07:00
Christoph M. Becker
45a7723267 Fix #78694: Appending to a variant array causes segfault 
`write_dimension` object handlers have to be able to handle `NULL`
`offset`s; for now we simply throw an exception instead of following
the `NULL` pointer.
 2019-10-19 11:47:00 +02:00
m.yakunin
d2cde0bfd3 Fix #70153 \DateInterval incorrectly unserialized 
Added a separate macro for reading 'days' property, so that bool(false)
is correctly converted to the proper internal representation.
 2019-10-18 15:31:14 +02:00
Mitch Hagstrand
e2a6bf482f
Fix checksum calculation for opcache 2019-10-14 16:46:42 +02:00
Christoph M. Becker
900bdcbd03 Fix #78665: Multicasting may leak memory 2019-10-12 14:43:43 +02:00
Nikita Popov
46561dab6a Fix leak in phar open 2019-10-10 16:14:21 +02:00
Nikita Popov
96c84b7bc1 Fix leak on static method call on non-existent class 2019-10-10 11:40:49 +02:00
Nikita Popov
daf1fc6e31 Avoid float to int cast UB in exif 2019-10-09 17:33:29 +02:00
Erik Lundin
3164186d53 Fix #78656: Parse errors classified as highest log-level 2019-10-09 17:27:32 +02:00
Nikita Popov
d6ca174d5b Remove redundant components < 0 check 
components is an unsigned number, it cannot be smaller than zero.
 2019-10-09 14:57:24 +02:00
Sergei Turchanov
a8f60ac9dd Add pcre_get_compiled_regex_cache_ex() with local_aware flag 
A new function `pcre_get_compiled_regex_cache_ex()` is introduced,
which allows to compile regexp pattern using the "C" locale instead
of a current locale.

This will be needed to replace setlocale() usage in fileinfo,
which is not thread-safe.
 2019-10-08 16:11:55 +02:00
Fabien Villepinte
46894580b0 Add missing SKIPIFs in exif tests 2019-10-08 14:11:32 +02:00
Christoph M. Becker
195c2008e8 Fix #78642: Wrong libiconv version displayed 
The high byte of `_libiconv_version` specifies the major version; the
low byte the minor version.
 2019-10-08 12:09:11 +02:00
Remi Collet
05d6878b3b next is 7.2.25 2019-10-08 11:36:10 +02:00