clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-29 05:46:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
83,365 Commits 494 Branches 1,367 Tags 786 MiB
9667ee4f72
Commit Graph

35804 Commits

Author SHA1 Message Date
Pierre Joye
f80125950c #72337 invalid dimensions can lead to segv 2016-06-07 17:16:40 +07:00
Anatol Belski
2a0ed8a2eb Add test for bug #53735 2016-06-06 21:06:06 +02:00
Anatol Belski
eaef8f6db2 fix typo 2016-06-06 08:56:40 +02:00
Anatol Belski
1b2afd478b fix broken skipif and add xfail for now 2016-06-06 08:20:01 +02:00
Anatol Belski
c05b417718 missing return 2016-06-06 07:28:12 +02:00
Jakub Zelenka
d4615d1118 Add new test for openssl_pkey_new 2016-06-05 17:27:47 +01:00
Jakub Zelenka
497fe33d6f Add test for openssl_error_string 
This test is important for making sure that the error strings
from OpenSSL works as expected and we can safely add a fix
for storing the strings that is prepared.
 2016-06-05 17:23:05 +01:00
Jakub Zelenka
5e9f387175 Remove openssl_x509_parse for OpenSSL 0.9.x 
The test is unstable and it actually fails with latest 0.9.8
 2016-06-05 16:28:50 +01:00
Raphaël Tournoy
1dfdae6de4 fix typo 2016-06-03 17:18:14 +02:00
Anatol Belski
22336db97f Fixed bug #70484 selectordinal doesn't work with named parameters 2016-06-02 12:17:42 +02:00
Elizabeth Marie Smith
72c9324d70 Fix ODBC bug for varchars returning with length zero 2016-06-02 12:04:10 +02:00
Remi Collet
4dd03651f3 Skip test which is 64bits only 
Diff from test output
001+ Warning: fread(): Length parameter must be greater than 0 in ...
001- Warning: fread(): Length parameter must be no more than 2147483647 in ...
 2016-05-25 16:40:52 +02:00
Remi Collet
ce932f6479 Skip test which is 64bits only 
Diff from test output
001+ Warning: fread(): Length parameter must be greater than 0 in ...
001- Warning: fread(): Length parameter must be no more than 2147483647 in ...
 2016-05-25 16:17:12 +02:00
Anatol Belski
65a2c451bb fix test portability 2016-05-25 11:19:19 +02:00
Stanislav Malyshev
2464b092eb Merge branch 'PHP-5.6.22' into PHP-5.6 
* PHP-5.6.22:
  Fix memory leak in imagescale()
  Update NEWS
  Better fix for bug #72135
  Fixed bug #72227: imagescale out-of-bounds read
  Fix bug #72241: get_icu_value_internal out-of-bounds read
  Fix bug #72135 - don't create strings with lengths outside int range
  prepare for 5.6.22RC1
  Add check for string overflow to all string add operations
  Fix bug #72114 - int/size_t confusion in fread
  Updated NEWS
  Fixed bug #71331 - Uninitialized pointer in phar_make_dirstream()

Conflicts:
	configure.in
	main/php_version.h
 2016-05-24 17:21:22 -07:00
Stanislav Malyshev
544940c48a Merge branch 'PHP-5.5' into PHP-5.6.22 
* PHP-5.5:
  Fix memory leak in imagescale()
  Update NEWS
  Better fix for bug #72135
  Fixed bug #72227: imagescale out-of-bounds read
  Fix bug #72241: get_icu_value_internal out-of-bounds read
  Fix bug #72135 - don't create strings with lengths outside int range
  Add check for string overflow to all string add operations
  Fix bug #72114 - int/size_t confusion in fread
  Updated NEWS
  Fixed bug #71331 - Uninitialized pointer in phar_make_dirstream()

Conflicts:
	Zend/zend_operators.c
	ext/phar/dirstream.c
	ext/phar/tests/bug71331.phpt
 2016-05-24 16:56:36 -07:00
Stanislav Malyshev
9a826a3bd9 Fix memory leak in imagescale() 2016-05-24 16:12:01 -07:00
Stanislav Malyshev
e955913115 Better fix for bug #72135 2016-05-24 15:52:15 -07:00
Stanislav Malyshev
7a1aac3343 Fixed bug #72227: imagescale out-of-bounds read 
Ported from 4f65a3e4ee
 2016-05-23 00:34:35 -07:00
Stanislav Malyshev
97eff7eb57 Fix bug #72241: get_icu_value_internal out-of-bounds read 2016-05-22 17:49:02 -07:00
Derick Rethans
f43f6fc39b Fixed bug #63740 (strtotime seems to use both sunday and monday as start of week) 2016-05-18 12:19:11 +01:00
Stanislav Malyshev
0da8b8b801 Fix bug #72135 - don't create strings with lengths outside int range 2016-05-15 23:26:51 -07:00
Dmitry Stogov
90f43caf5b The "flock" structure has to be writable on AIX. 2016-05-10 17:50:14 +03:00
Stanislav Malyshev
abd159cce4 Fix bug #72114 - int/size_t confusion in fread 2016-05-09 21:55:29 -07:00
Anatol Belski
1cc536af5a Revert "Backport patch for bug #71820" 
This reverts commit 1b632cfe83.

This fixed bug #72151, and reverts the fix for bug #71820.
See also bug #50636 and #49521 for the history.
 2016-05-09 17:15:40 +02:00
Anatol Belski
5351151352 add test fo rbug 71805 2016-05-03 19:09:11 +02:00
Stanislav Malyshev
9649ca1630 Fixed bug #71331 - Uninitialized pointer in phar_make_dirstream() 2016-04-28 20:57:44 +03:00
Anatol Belski
a21a997478 fix/improve tests 2016-04-27 13:16:57 +02:00
Stanislav Malyshev
e315a162da Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fix memory leak
  Fix bug #72099: xml_parse_into_struct segmentation fault
  5.5.36 now
  Fix bug #72094 - Out of bounds heap read access in exif header processing
  Fix bug #72093: bcpowmod accepts negative scale and corrupts _one_ definition
  Fix bug #72061 - Out-of-bounds reads in zif_grapheme_stripos with negative offset
  Fix for bug #71912 (libgd: signedness vulnerability)
  Typo in NEWS

Conflicts:
	configure.in
	main/php_version.h
 2016-04-26 23:48:41 -07:00
Stanislav Malyshev
61c7a06e7c Fix memory leak 2016-04-26 22:54:58 -07:00
Stanislav Malyshev
dccda88f27 Fix bug #72099: xml_parse_into_struct segmentation fault 2016-04-26 22:46:28 -07:00
Dmitry Stogov
9f389cccfd Fixed test on 32-bit platforms (split into 32-bit and 64-bit versions) 2016-04-26 13:43:18 +03:00
Stanislav Malyshev
082aecfc3a Fix bug #72094 - Out of bounds heap read access in exif header processing 2016-04-24 19:33:52 -07:00
Stanislav Malyshev
d650063a04 Fix bug #72093: bcpowmod accepts negative scale and corrupts _one_ definition 
We can not modify result since it can be copy of _zero_ or _one_, etc. and
"copy" in bcmath is just bumping the refcount.
 2016-04-24 18:33:32 -07:00
Stanislav Malyshev
fd9689745c Fix bug #72061 - Out-of-bounds reads in zif_grapheme_stripos with negative offset 2016-04-24 13:15:17 -07:00
Stanislav Malyshev
c02301b666 Better fix for #71952 2016-04-19 23:44:00 -07:00
Stanislav Malyshev
f061867fd3 Fix bug #71952: Corruption inside imageaffinematrixget 2016-04-18 23:33:21 -07:00
Stanislav Malyshev
b15f0ecc0f Fix for bug #71912 (libgd: signedness vulnerability) 2016-04-18 22:24:16 -07:00
Christopher Jones
d1e81a59a7 Fix old comment cut-n-paste error 2016-04-14 15:08:42 +10:00
Christopher Jones
8f2e6da806 Fixed bug #71422 (Fix ORA-01438: value larger than specified precision allowed for this column) 2016-04-14 13:50:01 +10:00
Lior Kaplan
c1f597d9a1 opcache config.m4: Use = for comparison 2016-04-08 22:38:07 +03:00
Thomas Punt
1aea777349 Use STR_EMPTY_ALLOC macro instead 2016-04-05 11:18:14 +02:00
Thomas Punt
40f14bad33 Fix DateInterval::format segfault 2016-04-05 11:18:14 +02:00
Matteo Beccati
30925cd498 Fixed bug #71447 (Quotes inside comments not properly handled) 2016-04-04 23:50:28 +02:00
Matteo Beccati
9a87108eca Fixed a few PDO tests to conform to PDO Common standards 2016-04-04 23:43:17 +02:00
Anatol Belski
a00c2b1bf5 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  fix borked mainstream patch
  5.5.35 now
 2016-03-31 01:36:47 +02:00
Anatol Belski
4b0b1cec00 fix borked mainstream patch 2016-03-31 01:33:38 +02:00
Anatol Belski
ed707a5217 fix test to not to cause false positives 2016-03-31 01:29:05 +02:00
Anatol Belski
23d0065744 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  fix dir separator in test
 2016-03-29 14:19:35 +02:00
Anatol Belski
551423c642 fix dir separator in test 2016-03-29 14:18:25 +02:00
Anatol Belski
5272184a1e Fixed bug #71527 Buffer over-write in finfo_open with malformed magic file 
The actual fix is applying the upstream patch from
6713ca45e7
 2016-03-29 13:11:25 +02:00
Anatol Belski
84990ab346 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed bug #71527 Buffer over-write in finfo_open with malformed magic file
 2016-03-29 13:11:17 +02:00
Anatol Belski
fe13566c93 Fixed bug #71527 Buffer over-write in finfo_open with malformed magic file 
The actual fix is applying the upstream patch from
6713ca45e7
 2016-03-29 13:10:39 +02:00
Stanislav Malyshev
cc7631dd08 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed bug #71704 php_snmp_error() Format String Vulnerability
 2016-03-28 23:45:15 -07:00
Anatol Belski
9c19a08b9d Fixed bug #71704 php_snmp_error() Format String Vulnerability 
Conflicts:
	ext/snmp/snmp.c
 2016-03-28 23:42:19 -07:00
Stanislav Malyshev
62da5cdf3d Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed bug #71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut
  Fix bug #71798 - Integer Overflow in php_raw_url_encode
  Fix bug #71860: Require valid paths for phar filenames
  Going for 5.5.34

Conflicts:
	configure.in
	ext/phar/tests/create_path_error.phpt
	main/php_version.h
 2016-03-28 23:21:15 -07:00
Stanislav Malyshev
f8dd10508b Fixed bug #71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut 2016-03-28 23:15:16 -07:00
Stanislav Malyshev
95433e8e33 Fix bug #71798 - Integer Overflow in php_raw_url_encode 2016-03-27 14:22:19 -07:00
Nikita Popov
54da966883 Fixed bug #67512 2016-03-25 20:18:46 +01:00
Derick Rethans
c4681ec8e1 Updated to version 2016.3 (2016c) 2016-03-24 11:09:05 +00:00
Julien Pauli
d3d64b7c62 Reworked Fix bug #52098 2016-03-21 15:23:18 +01:00
Daniel Persson
e541cd8e6b Fix bug #52098 2016-03-21 15:04:11 +01:00
Xinchen Hui
056459dc9d Merge branch 'PHP-5.6' of https://github.com/msierks/php-src into PHP-5.6 
* 'PHP-5.6' of https://github.com/msierks/php-src:
  FIX #71831: CURLOPT_NOPROXY applied as long instead of string
 2016-03-21 16:39:22 +08:00
Stanislav Malyshev
72281f29dd Fix bug #71860: Require valid paths for phar filenames 2016-03-20 21:33:11 -07:00
Nikita Popov
cc3cdd0057 Fixed bug #67582 2016-03-20 17:46:12 +01:00
Michael Sierks
efacdc3511 FIX #71831: CURLOPT_NOPROXY applied as long instead of string 
The CURLOPT_NOPROXY option value is converted to a long before
being applied as a curl option. This causes the option to have
no effect. This patch changes this conversion to a string.
 2016-03-18 07:29:01 -05:00
Anatol Belski
1b632cfe83 Backport patch for bug #71820 
Rev b4eedd128b
 2016-03-17 14:28:58 +01:00
Xinchen Hui
eb405623ec Merge branch 'PHP-5.6' of git.php.net:/php-src into PHP-5.6 
* 'PHP-5.6' of git.php.net:/php-src:
  fix NEWS
  NEWS
  Fix Bug #63171 	Script hangs after max_execution_time
 2016-03-17 21:27:23 +08:00
Remi Collet
407ad28ae5 Fix Bug #63171 Script hangs after max_execution_time 
If aborted via timer expiration, don't try to call any unixODBC function
which may hangs because of internal locks
 2016-03-17 13:38:45 +01:00
Xinchen Hui
8e2f658f49 Fixed bug #71843 (null ptr deref ZEND_RETURN_SPEC_CONST_HANDLER) 2016-03-17 19:54:19 +08:00
Xinchen Hui
6d4aec029a Fixed test script 2016-03-17 17:06:56 +08:00
Xinchen Hui
ead7632cf9 Fixed test script 2016-03-17 15:23:44 +08:00
Xinchen Hui
6f241f5fad Fixed bug #71840 (Unserialize accepts wrongly data) 2016-03-17 15:15:28 +08:00
Remi Collet
478c807128 fix #ifdef usage 2016-03-16 07:17:49 +01:00
Derick Rethans
ddc62f2e8b Updated to version 2016.2 (2016b) 2016-03-15 09:14:09 +00:00
Anatol Belski
beda05269c fix test 
Many warnings won't appear with libxml2 >= 2.9.3 because in many
cases libxml2 2.9.3 will just abort processing.
 2016-03-14 15:53:02 +01:00
Thomas Punt
f3f5a07aa5 Fix DatePeriod::getEndDate() segfault 2016-03-11 14:08:48 +01:00
Anatol Belski
8cd903ea68 fix error condition, part of bug #71753 2016-03-10 11:35:50 +01:00
Xinchen Hui
915a3762ef Fixed typo (partially fix for #71753) 2016-03-10 15:22:34 +08:00
Anatol Belski
a1d1f54b42 fix directory separator 2016-03-09 14:16:29 +01:00
Anatol Belski
8ca02bb233 fix regression introduced in 5683b6fa39 
Test extended. Basically, both iterator type and next node have
to be checked.
 2016-03-08 12:59:59 +01:00
Anton Blanchard
ccd215a517 Additional improvements to crypt() detection code 
Reformat to normalize tabs vs spaces, return 1 if crypt.h not
defined, fix C99 compliance.
 2016-03-03 17:28:34 +01:00
Michael Orlitzky
08fce8e2c5 ext/standard/config.m4: fix crypt() test segfaults in >=glibc-2.17. 
Starting with glibc-2.17, the crypt() function will report an EINVAL
and return NULL when the format of the "salt" parameter is
invalid. The current tests for crypt() pass its result to strcmp(),
causing segfaults when the value returned from crypt() is NULL.

This commit modifies the test programs to exit with failure when
crypt() returns NULL.

Reference: https://bugs.gentoo.org/show_bug.cgi?id=518964
 2016-03-03 17:12:57 +01:00
Anatol Belski
2399c64eaf show correct MINFO with libpq >= 9.5.x 2016-03-02 17:03:20 +01:00
Stanislav Malyshev
b3bb1aacfe Merge branch 'PHP-5.6.19' into PHP-5.6 
* PHP-5.6.19:
  fix test file
  Fix version
  Update NEWS
 2016-03-01 22:56:08 -08:00
Stanislav Malyshev
6e6a556b8c Merge branch 'PHP-5.5' into PHP-5.6.19 
* PHP-5.5:
  fix test file
  Fix version
  Update NEWS
 2016-03-01 22:55:49 -08:00
Stanislav Malyshev
3c8ccdd9d3 fix test file 2016-03-01 22:55:02 -08:00
Stanislav Malyshev
ae3f132be1 Merge branch 'PHP-5.6.19' into PHP-5.6 
* PHP-5.6.19:
  update NEWS
  Fix bug #71498: Out-of-Bound Read in phar_parse_zipfile()
  fix ts buld
  prep for 5.6.19RC1
  Fixed bug #71587 - Use-After-Free / Double-Free in WDDX Deserialize
 2016-03-01 22:42:16 -08:00
Stanislav Malyshev
91990bbde0 Merge branch 'PHP-5.5.33' into PHP-5.6.19 
* PHP-5.5.33:
  Fix bug #71498: Out-of-Bound Read in phar_parse_zipfile()
  Fixed bug #71587 - Use-After-Free / Double-Free in WDDX Deserialize
 2016-03-01 22:40:00 -08:00
Xinchen Hui
20add1e530 Merge branch 'PHP-5.6-bug_69757' of https://github.com/wayfair/php-src into PHP-5.6 
* 'PHP-5.6-bug_69757' of https://github.com/wayfair/php-src:
  limit size of result set so unit test runs reliably
 2016-03-02 14:26:34 +08:00
Nikita Popov
471540d285 Fix intermittent failure of bug_68819_002.phpt 
The test used rand(32, 127) to select the character, however
chr(127) results in "data" instead of the expected result, so this
test would fail in something like 1% of the runs.

Replace rand() with fixed character "a".
 2016-03-02 00:34:36 +01:00
mpyw
0bbea60524 Fix bug #71694 
Exports contants CURLM_ADDED_ALREADY.
 2016-03-01 23:31:58 +01:00
Adam Baratz
2e18d438b0 limit size of result set so unit test runs reliably 2016-03-01 17:15:36 -05:00
Jos Elstgeest
50b4cafd28 Fixed bugs #71317 and #71504 
If there are duplicate filenames in tar, the last one wins.
 2016-02-29 22:34:35 +01:00
Anatol Belski
d78220fb2c add test for bug #68957 2016-02-29 18:43:03 +01:00
Anatol Belski
53c036b30b Fixed #54648 PDO::MSSQL forces format of datetime fields 
adopted patch by steven dot lambeth at gmx dot de
 2016-02-29 17:04:49 +01:00
Anatol Belski
7816698580 remove unneeded free parts 
See bug #71667, free_statement already does the job
 2016-02-29 16:26:46 +01:00
Anatol Belski
d7fd614cc6 fix leaks and add one more NULL check 2016-02-29 15:38:42 +01:00
Anatol Belski
a310c3b484 add NULL check 2016-02-29 15:26:57 +01:00
Anatol Belski
efaafd45b4 fix C89 compat 2016-02-29 15:24:31 +01:00
Anatol Belski
35be4398d1 fix arg type 2016-02-29 15:23:53 +01:00
Anatol Belski
90ad6e3c6c add test for bug #47803 2016-02-24 11:49:02 +01:00
Anatol Belski
ff115e285a Fixed bug #47803 
Executing prepared statements is succesfull only for the first two statements

The reworked patch descends to the bug #69526 which is fixed by
this as well. The broken logic in the current code was, that
SQLDescribeParam was executed in odbc_execute every time. This piece
is now moved into odbc_prepare and the results are carried on in an
additional structure.

Since the ext/odbc headers are not being currently installed and the
corresponding structs like odbc_result are not used outside ext/odbc,
the binary compatibility persists. Executing SQLDescribeParam only once
in odbc_prepare is also an optimization as the filds usually won't
change that fast and thus requestind the descriptions on every
execution is not required.
 2016-02-24 11:40:35 +01:00
Anatol Belski
9623d2dd83 make ext/odbc test credentials configurable 2016-02-23 14:21:04 +01:00
Remi Collet
d20f1d8f1f cleanup $Id 2016-02-22 09:26:00 +01:00
Stanislav Malyshev
a6fdc5bb27 Fix bug #71498: Out-of-Bound Read in phar_parse_zipfile() 2016-02-21 16:51:05 -08:00
Anatol Belski
688b914217 add test for bug #71625 2016-02-18 19:38:39 +01:00
Anatol Belski
0445abd547 Fixed bug #71625 Crash in php7.dll with bad phar filename 2016-02-18 19:32:08 +01:00
Anatol Belski
343307000e yet two test fixes in openssl in 5.6 2016-02-16 08:28:10 +01:00
Anatol Belski
974dea5e88 improve test 2016-02-16 08:05:16 +01:00
Anatol Belski
11102e2653 Fix timelib compat with PHP5 
Windows builds in PHP5 are always using long which is 32-bit even
in 64-bit build. Thus in PHP5, timelib_long and the company have
to always evaluate to a 32-bit.
 2016-02-15 16:50:42 +01:00
Anatol Belski
633fb2d0e8 Backported fix for bug #71525 2016-02-15 15:14:23 +01:00
Stanislav Malyshev
c11b23c465 Fix bug #71540 - NULL pointer dereference in xsl_ext_function_php() 2016-02-15 00:08:18 -08:00
Anatol Belski
a3927fa7f5 fix dir separator in test 2016-02-15 08:58:20 +01:00
Stanislav Malyshev
b1bd4119bc Fixed bug #71587 - Use-After-Free / Double-Free in WDDX Deserialize 2016-02-14 22:34:39 -08:00
Xinchen Hui
5e152f54ae Merge branch 'PHP-5.6' of git.php.net:/php-src into PHP-5.6 
* 'PHP-5.6' of git.php.net:/php-src:
  update NEWS
  Fixed bug #71559 Built-in HTTP server, we can downlaod file in web by bug
  Check length of string before comparing to :memory:
  Fix bounds check in strip_tags()
  Fix test description
  FIx bug #71569
 2016-02-15 10:29:28 +08:00
Nikita Popov
fece24f8f4 Check length of string before comparing to :memory: 2016-02-13 18:01:50 +01:00
Nikita Popov
4e0134c661 Fix bounds check in strip_tags() 2016-02-13 17:47:30 +01:00
Nikita Popov
adcdb4f7ba Fix test description 2016-02-13 17:46:24 +01:00
Nikita Popov
bc419fee5c FIx bug #71569 
convert_to_string() may result in an interned string.
 2016-02-13 15:17:51 +01:00
Yussuf Khalil
35f6f9b0db Fix use-after-free of ZCG(cwd) in Zend Optimizer 2016-02-10 10:33:57 +01:00
Xinchen Hui
c339d5217a Merge branch 'PHP-5.6' of git.php.net:/php-src into PHP-5.6 2016-02-09 23:33:30 +08:00
Xinchen Hui
f45752eb83 Fixed bug #71561 (NULL pointer dereference in Zip::ExtractTo) 2016-02-09 23:32:20 +08:00
Lior Kaplan
6772fbff62 Align spacing in make install messages 2016-02-08 20:27:19 +02:00
Xinchen Hui
5fdfab743d Fixed bug #71523 (Copied handle with new option CURLOPT_HTTPHEADER crashes while curl_multi_exec) 2016-02-05 19:49:26 +08:00
Jakub Zelenka
feab5e6fa0 Split and clean up OpenSSL X509 tests 2016-02-04 16:51:36 +00:00
Jakub Zelenka
1f3906c1ce Rename and clean up OpenSSL tests 2016-02-03 16:20:27 +00:00
Julien Pauli
6b0b29edd6 Fix #70720 2016-02-02 18:09:54 +01:00
Anatol Belski
b837f205ca Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  add error check to sysconf call
  Going for 5.5.33 now

Conflicts:
	configure.in
	main/php_version.h
 2016-02-02 14:22:31 +01:00
Anatol Belski
377d353c9f add error check to sysconf call 2016-02-02 14:19:10 +01:00
Derick Rethans
43fee6c6a1 Updated to version 2016.1 (2016a) 2016-02-02 10:34:03 +00:00
Stanislav Malyshev
41be90d95b Merge branch 'PHP-5.6.18' into PHP-5.6 
* PHP-5.6.18:
  fix tests
  fix NEWS
  Update NEWS
  update NEWS
  Fixed bug #71488: Stack overflow when decompressing tar archives
  update NEWS
  add missing headers for SIZE_MAX
  backport the escapeshell* functions hardening branch
  add tests
  Fix bug #71459 - Integer overflow in iptcembed()
  prepare 5.6.18RC1
  Fixed bug #71323 - Output of stream_get_meta_data can be falsified by its input
  Fix bug #71391: NULL Pointer Dereference in phar_tar_setupmetadata()
  Fixed bug #71331 - Uninitialized pointer in phar_make_dirstream()
  Fix bug #71335: Type Confusion in WDDX Packet Deserialization
  Fix bug #71354 - remove UMR when size is 0

Conflicts:
	configure.in
	main/php_version.h
 2016-02-01 19:16:34 -08:00
Stanislav Malyshev
24167095a5 Merge branch 'PHP-5.5' into PHP-5.6.18 
* PHP-5.5:
  fix tests
  fix NEWS
  update NEWS
 2016-02-01 19:15:19 -08:00
Stanislav Malyshev
2a7d8c0a06 fix tests 2016-02-01 18:58:02 -08:00
Stanislav Malyshev
309ead112f Merge branch 'PHP-5.5.32' into PHP-5.6.18 
* PHP-5.5.32:
  Fixed bug #71488: Stack overflow when decompressing tar archives
  update NEWS
  add missing headers for SIZE_MAX
  backport the escapeshell* functions hardening branch
  add tests
  Fix bug #71459 - Integer overflow in iptcembed()
  Fixed bug #71323 - Output of stream_get_meta_data can be falsified by its input
  Fix bug #71391: NULL Pointer Dereference in phar_tar_setupmetadata()
  Fix bug #71335: Type Confusion in WDDX Packet Deserialization
  Fix bug #71354 - remove UMR when size is 0
 2016-02-01 18:32:31 -08:00
Stanislav Malyshev
2f1ce4f209 Merge branch 'PHP-5.5' into PHP-5.6.18 
* PHP-5.5:
  Upgrade bundled PCRE to 8.38
  Fixed NEWS file entry
  fix the fix for bug #70976 (imagerotate)
 2016-02-01 18:32:14 -08:00
Stanislav Malyshev
5bde5a0a2e Merge remote-tracking branch 'origin/PHP-5.6.18' into PHP-5.6.18 
* origin/PHP-5.6.18:
  prepare 5.6.18RC1
  Fix test when run with openssl < 1.0.2 (reorder so no more SSLv2 message) Fix skip message to work
  improve fix for bug #71201
  fork test
  fix test
  fork test
  fork test for win32
  fork test
  Use SUCCESS/FAILURE
  Fixed bug #65720 ext/mbstring/libmbfl/filters/mbfilter_cp5022x.c:281: bad if test
  Fix header file include
  Fixed bug #69111 (Crash in SessionHandler::read()). Made session save handler abuse much harder than before.
 2016-02-01 18:31:57 -08:00
Stanislav Malyshev
b5ef8ed168 Merge branch 'PHP-5.5' into PHP-5.5.32 
* PHP-5.5:
  Upgrade bundled PCRE to 8.38
  Fixed NEWS file entry
 2016-02-01 18:28:49 -08:00
Stanislav Malyshev
00788f9cfb Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Upgrade bundled PCRE to 8.38
  Fixed NEWS file entry
  fix the fix for bug #70976 (imagerotate)
 2016-01-31 21:06:31 -08:00
Stanislav Malyshev
ca02d9c2d6 Upgrade bundled PCRE to 8.38 2016-01-31 20:37:47 -08:00
Stanislav Malyshev
07c7df68bd Fixed bug #71488: Stack overflow when decompressing tar archives 2016-01-31 19:37:56 -08:00
Jakub Zelenka
ef356912b3 Rewrite OpenSSL SPKI tests to speed them up 
Also fix some CS issue and naming
 2016-01-31 14:28:13 +00:00
Jakub Zelenka
e93ab05489 Add private RSA keys with 2048 and 4096 bit long modulus 2016-01-31 13:57:00 +00:00
Jakub Zelenka
148d013323 Rename private.key to private_rsa_1024.key 2016-01-31 13:54:16 +00:00
Anatol Belski
b7dadfae87 add XFAIL 2016-01-29 20:36:11 +01:00
Anatol Belski
40b9f52c2c Revert "fix leak in 5.6" 
This reverts commit fa548e5ca9.
 2016-01-29 20:33:39 +01:00
Derick Rethans
1a86825688 Use the new timelib function for comparing times 2016-01-29 15:28:11 +01:00
Willem-Jan
2aeef4e539 Test + support for negative timestamps with microtime 2016-01-29 15:22:22 +01:00
Willem-Jan
1bbbc47e79 Also test against equality 2016-01-29 15:22:22 +01:00
Willem-Jan
5879721936 Compare agaist fraction when sse are equal 2016-01-29 15:22:22 +01:00
Willem-Jan
a0237259e9 Added test for comparing dates with microseconds 2016-01-29 15:22:22 +01:00
Derick Rethans
822ca45220 Merge in changes in timelib 2016.01 2016-01-29 15:21:55 +01:00
Anatol Belski
fa548e5ca9 fix leak in 5.6 2016-01-29 13:56:11 +01:00
Anatol Belski
4b0feeb8fa add test for bug #69111 2016-01-29 12:27:35 +01:00
Anatol Belski
25108babdb refix bug #69111, crash in 5.6 only 2016-01-29 11:24:19 +01:00
Anatol Belski
ae6e139c77 reset the ext/session to the state of 5.6.17 2016-01-29 08:33:09 +01:00
Anatol Belski
686a17893a add missing headers for SIZE_MAX 2016-01-28 13:46:34 +01:00
Anatol Belski
f4d7bbf4ac backport the escapeshell* functions hardening branch 2016-01-28 13:45:43 +01:00
Anatol Belski
828364e59c add tests 2016-01-28 13:27:26 +01:00
Stanislav Malyshev
54c210d2ea Fix bug #71459 - Integer overflow in iptcembed() 2016-01-26 17:26:52 -08:00
Jakub Zelenka
a63d0f55da Fix memory leak with not freeing OpenSSL errors 2016-01-25 16:50:16 +00:00
Xinchen Hui
47e7662a13 Update libmagic.patch for PHP-5.6 2016-01-25 11:25:04 +08:00
Xinchen Hui
a458a4fdc1 Fixed bug #7143 (finfo throws notice for specific python file) 
There seems be a bug while it was changed from regexec to
preg_match_impl:
https://github.com/php/php-src/commit/46906925#diff-56e765972d18c84894ea061cfe58076aR1757
 2016-01-25 11:24:44 +08:00
Remi Collet
3c8f287d58 Fix test when run with openssl < 1.0.2 (reorder so no more SSLv2 message) 
Fix skip message to work
 2016-01-20 13:08:58 +01:00
Anatol Belski
508d1dae25 improve fix for bug #71201 2016-01-20 09:44:28 +01:00
Anatol Belski
fa0dd6006d fork test 2016-01-18 16:59:17 +01:00
Anatol Belski
adf0be7680 fork test 2016-01-18 16:45:35 +01:00
Anatol Belski
f0e2fe8e75 fork test for win32 2016-01-18 16:37:04 +01:00
Anatol Belski
f0b02f2351 fork test 2016-01-18 16:34:20 +01:00
Yasuo Ohgaki
ee1dd4949a Use SUCCESS/FAILURE 2016-01-18 13:33:47 +09:00
Yasuo Ohgaki
f9c595f3c0 Fixed bug #65720 ext/mbstring/libmbfl/filters/mbfilter_cp5022x.c:281: bad if test 2016-01-18 10:54:07 +09:00
Stanislav Malyshev
6297a117d7 Fixed bug #71323 - Output of stream_get_meta_data can be falsified by its input 2016-01-16 22:10:54 -08:00
Stanislav Malyshev
1c1b8b6998 Fix bug #71391: NULL Pointer Dereference in phar_tar_setupmetadata() 2016-01-16 20:43:43 -08:00
Jason Young
d1401f6059 Fix header file include 2016-01-15 08:43:00 +01:00
Stanislav Malyshev
4c2424eb24 Fixed bug #71331 - Uninitialized pointer in phar_make_dirstream() 2016-01-14 22:58:40 -08:00
Yasuo Ohgaki
bfb9307b2d Fixed bug #69111 (Crash in SessionHandler::read()). 
Made session save handler abuse much harder than before.
 2016-01-15 15:50:14 +09:00
Yasuo Ohgaki
d7f8d9e3a9 Fix typo 2016-01-15 15:21:18 +09:00
Yasuo Ohgaki
31ae802736 Fix uninitialized read in rfc1867 handler reported by valgrind. Only in PHP 5.6. 
This commit fixes initialized read, but calling php_session_initialize() directly
is problematic because configuration could be invalid. Invalid config may result
in segfault. This will be addressed later.
 2016-01-15 15:18:00 +09:00
Yasuo Ohgaki
8c37a086c7 Improved fix for bug #68063 (Empty session IDs do still start sessions). 2016-01-15 09:45:08 +09:00
Anatol Belski
4308c868f9 Fixed bug #70979 crash with bad soap request 
The error handler is overloaded with the SOAP one. However the SOAP
handler eventually wants to access some of its globals. This won't
work as long as the SOAP globals aren't initialized. The use case
is when an error is thrown before RINIT went through. As the call
order is arbitrary, the safest is to wait when all the modules
called their RINIT.
 2016-01-14 17:42:28 +01:00
Stanislav Malyshev
285cd3417f Fix bug #71335: Type Confusion in WDDX Packet Deserialization 2016-01-13 16:43:04 -08:00
Stanislav Malyshev
635ba1f2c3 Merge branch 'bug71354' into PHP-5.5.32 
* bug71354:
  Fix bug #71354 - remove UMR when size is 0
 2016-01-13 16:33:37 -08:00
Stanislav Malyshev
13ad4d3e97 Fix bug #71354 - remove UMR when size is 0 2016-01-13 16:32:29 -08:00
Remi Collet
aa8d3a8cc6 fix the fix for bug #70976 (imagerotate) 2016-01-12 14:03:35 +01:00
Remi Collet
14e4d393cf fix the fix for bug #70976 (imagerotate) 2016-01-12 13:52:27 +01:00
Yasuo Ohgaki
63c77ee4b1 Use php_session_abort() 2016-01-12 20:39:33 +09:00
Yasuo Ohgaki
a15e9ccba8 Fixed Bug #71038 session_start() returns TRUE on failure 2016-01-12 19:09:49 +09:00
Julien Pauli
86f48881a4 Removed unecessary string dup 2016-01-06 10:51:36 +01:00
Julien Pauli
810452f68e Moved buffer from heap to stack 2016-01-06 10:51:36 +01:00
Stanislav Malyshev
13750cb0a1 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Update NEWS
  Improve fix for bug #70976
  Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization)
  Fixed bug #70741: Session WDDX Packet Deserialization Type Confusion Vulnerability
  Fixed #70728
  Fixed bug #70755: fpm_log.c memory leak and buffer overflow
  Fix bug #70976: fix boundary check on gdImageRotateInterpolated
  typofix
 2016-01-05 19:38:29 -08:00
Lior Kaplan
53fb2f1e5c Happy new year (Update copyright to 2016) 2016-01-03 01:44:37 +02:00
Xinchen Hui
3537e95dae bump year which is missed in rev 49493a2 2016-01-02 17:51:24 +08:00
Anatol Belski
a7b1ea3c84 sync with new tests from 7.0 for ICU 55_1 and 56_1 compat 2016-01-01 20:25:36 +01:00
Anatol Belski
6bcf4b4f40 sync skipifs for ext/intl for ICU 55_* and 56_* compat 2016-01-01 20:13:35 +01:00
Lior Kaplan
49493a2dcf Happy new year (Update copyright to 2016) 2016-01-01 19:21:47 +02:00
Stanislav Malyshev
2baeb167a0 Improve fix for bug #70976 2015-12-28 23:44:14 -08:00
Stanislav Malyshev
dcf3c9761c Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization) 2015-12-28 14:46:35 -08:00
Stanislav Malyshev
1785d2b805 Fixed bug #70741: Session WDDX Packet Deserialization Type Confusion Vulnerability 2015-12-28 12:44:10 -08:00
Julien Pauli
d73d9fecf6 Fixed and improved tests 2015-12-24 14:08:44 +01:00
marcosptf
7f31a88bb8 test to function socket_getopt(); 2015-12-24 13:23:00 +01:00