clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-10-01 14:56:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
76,489 Commits 494 Branches 1,367 Tags 801 MiB
86f1875536
Commit Graph

8123 Commits

Author SHA1 Message Date
Michael Wallner
1e06c73192 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  fix integer overflow in {stream,file}_{get,put}_contents()
 2014-07-02 09:55:15 +02:00
Michael Wallner
34e686c556 fix integer overflow in {stream,file}_{get,put}_contents() 2014-07-02 09:53:03 +02:00
Stanislav Malyshev
e2ed4874b5 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  5.4.30
  Better fix for bug #67072 with more BC provisions
  Fix bug #67498 - phpinfo() Type Confusion Information Leak Vulnerability
  update CVE
  Fix bug #67492: unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion
  Fix bug #67397 (Buffer overflow in locale_get_display_name->uloc_getDisplayName (libicu 4.8.1))
  Fix bug #67349: Locale::parseLocale Double Free
  add CVEs
  Fix potential segfault in dns_get_record()
  Fix bug #66127 (Segmentation fault with ArrayObject unset)
  5.4.30 rc1

Conflicts:
	ext/intl/locale/locale_methods.c
 2014-06-24 10:25:09 -07:00
Stanislav Malyshev
3488cf6fd8 Merge branch 'PHP-5.4.30' into PHP-5.4 
* PHP-5.4.30:
  5.4.30
  Better fix for bug #67072 with more BC provisions
  Fix bug #67498 - phpinfo() Type Confusion Information Leak Vulnerability
  update CVE
  Fix bug #67492: unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion
  Fix bug #67397 (Buffer overflow in locale_get_display_name->uloc_getDisplayName (libicu 4.8.1))
  Fix bug #67349: Locale::parseLocale Double Free
  add CVEs
  Fix potential segfault in dns_get_record()
  Fix bug #66127 (Segmentation fault with ArrayObject unset)
  5.4.30 rc1

Conflicts:
	configure.in
	main/php_version.h
 2014-06-24 10:23:36 -07:00
Stanislav Malyshev
6d97b4b2b3 Better fix for bug #67072 with more BC provisions 2014-06-23 22:16:25 -07:00
Stanislav Malyshev
fb0128af2a Fix bug #67498 - phpinfo() Type Confusion Information Leak Vulnerability 2014-06-23 00:22:59 -07:00
Stanislav Malyshev
342240fd7f Better fix for bug #67072 with more BC provisions 2014-06-21 21:30:34 -07:00
Stanislav Malyshev
c42d5cf5de Better fix for bug #67072 with more BC provisions 2014-06-21 21:29:11 -07:00
Lior Kaplan
c38b73a701 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Update copyright year for re2c generated files
  Update copyright year to 2014
  Update copyright year for re2c files as well
 2014-06-16 23:30:44 +03:00
Lior Kaplan
6f3bcb0d6e Update copyright year for re2c generated files 2014-06-16 23:28:36 +03:00
Lior Kaplan
e667d23178 Update copyright year for re2c files as well 2014-06-16 23:26:50 +03:00
Sara Golemon
21525d0413 Fix potential segfault in dns_get_record() 
If the remote sends us a packet with a malformed TXT record,
we could end up trying to over-consume the packet and wander
off into overruns.
 2014-06-15 01:04:24 -07:00
Adam Harvey
2546434008 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Follow 308 Permanent Redirect responses.
 2014-06-12 18:15:07 -07:00
Adam Harvey
b51f82f260 Follow 308 Permanent Redirect responses. 
Fixes bug #67430 (http:// wrapper doesn't follow 308 redirects).
 2014-06-12 18:12:53 -07:00
Adam Harvey
aa3a5f7681 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Keep 308-399 HTTP response codes when header('Location:') is called.
 2014-06-12 17:38:52 -07:00
Adam Harvey
1b9cbab9a7 Keep 308-399 HTTP response codes when header('Location:') is called. 
Fixes bug #67428 (header('Location: foo') will override a 308-399 response
code).
 2014-06-12 17:35:05 -07:00
Sara Golemon
1978f41c8a Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix potential segfault in dns_get_record()
 2014-06-11 13:37:40 -07:00
Sara Golemon
4f73394fdd Fix potential segfault in dns_get_record() 
If the remote sends us a packet with a malformed TXT record,
we could end up trying to over-consume the packet and wander
off into overruns.
 2014-06-11 13:37:04 -07:00
Stanislav Malyshev
4b0b032676 Fixed bug #67399 (putenv with empty variable may lead to crash) 2014-06-08 23:09:31 -07:00
Stanislav Malyshev
62857998c5 Fixed bug #67399 (putenv with empty variable may lead to crash) 2014-06-08 23:09:09 -07:00
Anatol Belski
e2710310a0 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed regression introduced by patch for bug #67072
 2014-06-03 20:51:18 +02:00
Anatol Belski
20568e5028 Fixed regression introduced by patch for bug #67072 
This applies to 5.4 and 5.5 only as a legacy fix.
 2014-06-03 20:43:58 +02:00
Stanislav Malyshev
a2f8c9c1ae Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  update NEWS
  Fix bug #67249: printf out-of-bounds read
 2014-05-27 12:10:41 -07:00
Stanislav Malyshev
091b7642c2 Fix bug #67249: printf out-of-bounds read 2014-05-27 11:28:22 -07:00
Stanislav Malyshev
a03a1ab88c Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  fix bug #67253: timelib_meridian_with_check out-of-bounds read
  Fix bug #67252: convert_uudecode out-of-bounds read
  Fix bug #67251 - date_parse_from_format out-of-bounds read
  Fix bug #67250 (iptcparse out-of-bounds read)

Conflicts:
	ext/date/lib/parse_date.c
	ext/date/lib/parse_date.re
 2014-05-13 17:02:09 -07:00
Stanislav Malyshev
0094fd0969 Merge branch 'bug67252' into PHP-5.4 
* bug67252:
  fix bug #67253: timelib_meridian_with_check out-of-bounds read
  Fix bug #67252: convert_uudecode out-of-bounds read
 2014-05-13 16:47:27 -07:00
Stanislav Malyshev
9103c9eb4f Merge branch 'bug67250' into PHP-5.4 
* bug67250:
  Fix bug #67250 (iptcparse out-of-bounds read)
 2014-05-13 16:43:10 -07:00
Stanislav Malyshev
1e2818b143 Fix bug #67252: convert_uudecode out-of-bounds read 2014-05-11 20:29:27 -07:00
Stanislav Malyshev
3e9cb6a4a5 Fix bug #67250 (iptcparse out-of-bounds read) 2014-05-11 19:09:19 -07:00
Stanislav Malyshev
f6841d250a Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  add a test case previously broken by a bad fix
  Revert "Fixed bug #64604"
 2014-04-24 23:59:32 -07:00
Stanislav Malyshev
03c703b8bd add a test case previously broken by a bad fix 2014-04-24 23:58:38 -07:00
Stanislav Malyshev
a328803803 Revert "Fixed bug #64604" 
This reverts commit b05c088a3a.
Breaks parsing urls where query has : in it, like: /foo/bar?baz=goo:boo
 2014-04-24 23:50:45 -07:00
Stanislav Malyshev
8b903f24d5 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix a compiler warning in php_rand.h
 2014-04-20 16:35:49 -07:00
Rouven Weßling
68283c9f4a Fix a compiler warning in php_rand.h 2014-04-20 16:35:36 -07:00
Stanislav Malyshev
5addf223d5 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix bug #65701: Do not use cache for file file copy
 2014-04-20 15:25:03 -07:00
Boro Sitnikovski
a18cec1b86 Fix bug #65701: Do not use cache for file file copy 2014-04-20 15:22:44 -07:00
Anatol Belski
7c400dc867 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Improved the fix for bug #67072, thanks Nikita
 2014-04-18 15:14:42 +02:00
Anatol Belski
c2acdbdd3d Improved the fix for bug #67072, thanks Nikita 2014-04-18 15:13:32 +02:00
Anatol Belski
dc407c2402 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed bug #67072 Echoing unserialized "SplFileObject" crash

Conflicts:
	ext/standard/var_unserializer.c
 2014-04-17 11:05:21 +02:00
Anatol Belski
5328d42899 Fixed bug #67072 Echoing unserialized "SplFileObject" crash 
The actual issue lays in the unserializer code which doesn't honor
the unserialize callback. By contrast, the serialize callback is
respected. This leads to the situation that even if a class has
disabled the serialization explicitly, user could still construct
a vulnerable string which would result bad things when trying
to unserialize.

This conserns also the classes implementing Serializable as well
as some core classes disabling serialize/unserialize callbacks
explicitly (PDO, SimpleXML, SplFileInfo and co). As of now, the
flow is first to call the unserialize callback (if available),
then call __wakeup. If the unserialize callback returns with no
success, no object is instantiated. This makes the scheme used
by internal classes effective, to disable unserialize just assign
zend_class_unserialize_deny as callback.
 2014-04-17 10:48:14 +02:00
Stanislav Malyshev
30ec1c0051 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed bug #64604
 2014-04-13 18:38:36 -07:00
Ingo Walz
b05c088a3a Fixed bug #64604 2014-04-13 18:37:40 -07:00
Stanislav Malyshev
df8e34bcc1 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix windows build
 2014-04-13 17:03:28 -07:00
Stanislav Malyshev
3a2660b302 Fix windows build 2014-04-13 17:02:21 -07:00
Stanislav Malyshev
fe72caa6e5 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed bug #67024 - getimagesize should recognize BMP files with negative height
 2014-04-13 15:23:32 -07:00
Gabor Buella
1010200da5 Fixed bug #67024 - getimagesize should recognize BMP files with negative height 2014-04-13 15:17:04 -07:00
Bob Weinand
bf3edbada6 Merge branch 'PHP-5.4' into PHP-5.5 2014-04-13 23:03:53 +02:00
Bob Weinand
beda5093b4 Reverted to 5a0da281e5 
Discussion: http://news.php.net/php.cvs/76836
 2014-04-13 23:01:31 +02:00
Bob Weinand
191d9fc227 Merge branch 'PHP-5.4' into PHP-5.5 2014-04-13 19:37:06 +02:00
Bob Weinand
f07e37c96d Forgot title in phpt for bug #67064 2014-04-13 19:34:17 +02:00
Bob Weinand
eca0644e0a Merge branch 'PHP-5.4' into PHP-5.5 2014-04-13 19:25:07 +02:00
Bob Weinand
1a4a9eede5 Fix bug #67064 in a BC safe way 
You can use an optional parameter now when implementing the Countable interface
to get the $mode passed to count().
 2014-04-13 19:24:12 +02:00
Ferenc Kovacs
e00e4b9334 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  abstract namespace for unix sockets is a linux only feature
 2014-04-09 19:02:25 +02:00
Ferenc Kovacs
2c8aeda6dc abstract namespace for unix sockets is a linux only feature 2014-04-09 19:01:01 +02:00
Tjerk Meesters
287790d5c8 Don't test for specific non-zero substr_compare() return value 2014-04-09 20:10:34 +08:00
Tjerk Meesters
032921d80c Fixed bug 67043 2014-04-09 07:33:55 +08:00
Michael Wallner
ba4fddd2da Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix bug #66182 	exit in stream filter produces segfault
 2014-04-03 09:08:35 +02:00
Michael Wallner
7ab5c593f7 Fix bug #66182 exit in stream filter produces segfault 
Unfortunately, a segv caused by exit cannot be tested reliably.
 2014-04-03 09:07:35 +02:00
Michael Wallner
f453917f62 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed bug #61019 (Out of memory on command stream_get_contents)
 2014-04-02 15:37:50 +02:00
Michael Wallner
1ec83d44a1 Fixed bug #61019 (Out of memory on command stream_get_contents) 2014-04-02 15:36:39 +02:00
Michael Wallner
af147ac9b7 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix bug #64330
 2014-04-02 11:10:59 +02:00
Michael Wallner
91a9d24aa3 Fix bug #64330 
stream_socket_server() creates wrong Abstract Namespace UNIX sockets
 2014-04-02 11:09:26 +02:00
Mateusz Kocielski
156cc39e21 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed off-by-one in php_url_parse_ex
 2014-03-18 08:57:30 +01:00
Mateusz Kocielski
497b918e62 Merge branch 'PHP-5.3' into PHP-5.4 
* PHP-5.3:
  Fixed off-by-one in php_url_parse_ex

Conflicts:
	ext/standard/url.c
 2014-03-18 08:54:57 +01:00
Mateusz Kocielski
46566b78c9 Fixed off-by-one in php_url_parse_ex 
Change order of condition, previously pointer could be derefrenced before
bound check was done.
 2014-03-18 08:48:41 +01:00
Nikita Popov
ecf7570072 Merge branch 'PHP-5.4' into PHP-5.5 2014-03-06 23:12:41 +01:00
Dmitry Panin
e2fc6b52f0 Fix HTML entity table generation 2014-03-06 23:10:31 +01:00
Tjerk Meesters
bbd0781b39 Merge branch 'PHP-5.4' into PHP-5.5 2014-03-03 05:56:22 +08:00
Tjerk Meesters
e73c05b75e proc_open(): separate environment values that aren't strings 
Added a test case
 2014-03-03 05:49:52 +08:00
datibbaw
2e459be237 substr_compare(): Allow zero length comparison 
Treat zero length comparison as always equal.
 2014-02-28 23:45:04 +08:00
Tjerk Meesters
d022c8565d Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed test case title
  [bug 66535] X-PHP-Originating-Script adds newline if no custom headers are given
 2014-02-28 22:30:21 +08:00
Tjerk Meesters
eca13f7909 Fixed test case title 2014-02-28 22:27:32 +08:00
Tjerk Meesters
79b3c2a744 [bug 66535] X-PHP-Originating-Script adds newline if no custom headers are given 
A newline is added to the mail headers when mail.add_x_header is used and no other headers are passed to mail().

The scenario in which custom headers are used was already fixed in #48620, back in 2009.
 2014-02-28 22:22:07 +08:00
Lior Kaplan
c09bd9def0 Merge branch 'PHP-5.4' into PHP-5.5 2014-02-14 15:30:00 +02:00
Veres Lajos
35101e9ef4 a few typofixes 2014-02-14 14:51:10 +02:00
Dmitry Panin
179e45920c Make html_table_gen consistent with html_table.h 
In commit 6dabd7de04 the html_table.h was changed manually,
without changing the underlying generator (html_table_gen.php).
This commit fixes it.
 2014-01-30 02:04:38 -08:00
Stanislav Malyshev
d5560faaa3 drop precision since trigonometric functions are non-portable 
See: http://stackoverflow.com/questions/21212326/floating-point-arithmetic-and-reproducibility
 2014-01-26 15:51:17 -08:00
Stanislav Malyshev
1dcaa109a1 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  drop precision since trigonometric functions are non-portable
 2014-01-26 15:15:38 -08:00
Stanislav Malyshev
35cb180d9e drop precision since trigonometric functions are non-portable 
See: http://stackoverflow.com/questions/21212326/floating-point-arithmetic-and-reproducibility
 2014-01-26 15:14:16 -08:00
Will Fitch
767e6d2e08 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix bug #66509: copy() arginfo incorrect since 5.4

Conflicts:
	NEWS
 2014-01-18 11:39:32 -05:00
Will Fitch
5b906ce6eb Fix bug #66509: copy() arginfo incorrect since 5.4 
Since 5.4, the ZEND_BEGIN_ARG_INFO_EX was replaced
by non _EX, causing Reflection to assume the
$context parameter is required.
 2014-01-18 11:25:53 -05:00
Johannes Schlüter
98e06a10d3 fix encoding 2014-01-10 15:57:40 +01:00
Anatol Belski
748e707bf9 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  one more extension for the basename test
 2014-01-05 19:21:27 +01:00
Anatol Belski
1c586d4070 one more extension for the basename test 2014-01-05 19:19:54 +01:00
Anatol Belski
3bde9cfd8d Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  improved the fix for bug #66395
 2014-01-05 19:12:52 +01:00
Anatol Belski
3f7f72adb2 improved the fix for bug #66395 
- fixed the traverse vulnerability in case like c:d:file.txt
- ensure paths containing NTFS streams are still worky
 2014-01-05 19:05:04 +01:00
Anatol Belski
d3a053d9f4 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed bug #66395 basename function doesn't remove drive letter
 2014-01-03 22:32:39 +01:00
Anatol Belski
46f60fae22 Fixed bug #66395 basename function doesn't remove drive letter 2014-01-03 22:25:58 +01:00
Xinchen Hui
47c9027772 Bump year 2014-01-03 11:06:16 +08:00
Xinchen Hui
c0d060f5c0 Bump year 2014-01-03 11:04:26 +08:00
Eric Stenson
330168a247 Fix tests expecting specific resource IDs 
When Wincache or APC are installed, the resource IDs are not the same.
This is because Wincache takes a few resource objects for itself.  As a
result, these tests become false positives.

On Windows boxes, the microtime precision is not granular enough
to reliably register a difference if two calls to uniqid() are made
concurrently.  This is a fix to the uniqid() test to avoid the false
positive when run on Windows machines.  Also, added a test to exercise
the 'more_entropy' variant of uniqid().
 2013-12-15 16:51:21 +08:00
Sara Golemon
32a4cc8353 Use 'user@example.com' rather than 'user@company.com' in tests 
Using some arbitrary 3rd party's domain name is clowny,
even if it never tries to send.
 2013-12-04 07:49:16 -08:00
Dmitry Stogov
2f5ab04c5f Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed tests
 2013-12-02 12:04:07 +04:00
Dmitry Stogov
edbefd1d5c Fixed tests 2013-12-02 11:53:35 +04:00
Anatol Belski
ad5a63e8bc Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  fixed test
 2013-11-21 21:29:02 +01:00
Anatol Belski
345032946c fixed test 2013-11-21 21:24:47 +01:00
Yasuo Ohgaki
b8b92bd790 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  added a test to cover distinction between boolean return value of unserialize function and deserializing serialized boolean
 2013-11-20 07:23:54 +09:00
Yasuo Ohgaki
0d558afc05 Fix WS in serialization_error_002.phpt 2013-11-20 07:17:53 +09:00
Aaron Hamid
050dd59c63 added a test to cover distinction between boolean return value of unserialize function and deserializing serialized boolean 2013-11-20 07:14:53 +09:00
Jeff Welch
72a8489a12 Fixed tests that fail with non-default serialize_precision configurations. 
See:

 * https://bugs.php.net/bug.php?id=64760
 * 4dc4302
 2013-11-20 06:17:34 +09:00