Pierre Joye
f80125950c
#72337 invalid dimensions can lead to segv
2016-06-07 17:16:40 +07:00
Anatol Belski
2a0ed8a2eb
Add test for bug #53735
2016-06-06 21:06:06 +02:00
Anatol Belski
eaef8f6db2
fix typo
2016-06-06 08:56:40 +02:00
Anatol Belski
1b2afd478b
fix broken skipif and add xfail for now
2016-06-06 08:20:01 +02:00
Anatol Belski
c05b417718
missing return
2016-06-06 07:28:12 +02:00
Jakub Zelenka
d4615d1118
Add new test for openssl_pkey_new
2016-06-05 17:27:47 +01:00
Jakub Zelenka
497fe33d6f
Add test for openssl_error_string
...
This test is important for making sure that the error strings
from OpenSSL works as expected and we can safely add a fix
for storing the strings that is prepared.
2016-06-05 17:23:05 +01:00
Jakub Zelenka
5e9f387175
Remove openssl_x509_parse for OpenSSL 0.9.x
...
The test is unstable and it actually fails with latest 0.9.8
2016-06-05 16:28:50 +01:00
Raphaël Tournoy
1dfdae6de4
fix typo
2016-06-03 17:18:14 +02:00
Anatol Belski
22336db97f
Fixed bug #70484 selectordinal doesn't work with named parameters
2016-06-02 12:17:42 +02:00
Elizabeth Marie Smith
72c9324d70
Fix ODBC bug for varchars returning with length zero
2016-06-02 12:04:10 +02:00
Remi Collet
4dd03651f3
Skip test which is 64bits only
...
Diff from test output
001+ Warning: fread(): Length parameter must be greater than 0 in ...
001- Warning: fread(): Length parameter must be no more than 2147483647 in ...
2016-05-25 16:40:52 +02:00
Remi Collet
ce932f6479
Skip test which is 64bits only
...
Diff from test output
001+ Warning: fread(): Length parameter must be greater than 0 in ...
001- Warning: fread(): Length parameter must be no more than 2147483647 in ...
2016-05-25 16:17:12 +02:00
Anatol Belski
65a2c451bb
fix test portability
2016-05-25 11:19:19 +02:00
Stanislav Malyshev
2464b092eb
Merge branch 'PHP-5.6.22' into PHP-5.6
...
* PHP-5.6.22:
Fix memory leak in imagescale()
Update NEWS
Better fix for bug #72135
Fixed bug #72227 : imagescale out-of-bounds read
Fix bug #72241 : get_icu_value_internal out-of-bounds read
Fix bug #72135 - don't create strings with lengths outside int range
prepare for 5.6.22RC1
Add check for string overflow to all string add operations
Fix bug #72114 - int/size_t confusion in fread
Updated NEWS
Fixed bug #71331 - Uninitialized pointer in phar_make_dirstream()
Conflicts:
configure.in
main/php_version.h
2016-05-24 17:21:22 -07:00
Stanislav Malyshev
544940c48a
Merge branch 'PHP-5.5' into PHP-5.6.22
...
* PHP-5.5:
Fix memory leak in imagescale()
Update NEWS
Better fix for bug #72135
Fixed bug #72227 : imagescale out-of-bounds read
Fix bug #72241 : get_icu_value_internal out-of-bounds read
Fix bug #72135 - don't create strings with lengths outside int range
Add check for string overflow to all string add operations
Fix bug #72114 - int/size_t confusion in fread
Updated NEWS
Fixed bug #71331 - Uninitialized pointer in phar_make_dirstream()
Conflicts:
Zend/zend_operators.c
ext/phar/dirstream.c
ext/phar/tests/bug71331.phpt
2016-05-24 16:56:36 -07:00
Stanislav Malyshev
9a826a3bd9
Fix memory leak in imagescale()
2016-05-24 16:12:01 -07:00
Stanislav Malyshev
e955913115
Better fix for bug #72135
2016-05-24 15:52:15 -07:00
Stanislav Malyshev
7a1aac3343
Fixed bug #72227 : imagescale out-of-bounds read
...
Ported from 4f65a3e4ee
2016-05-23 00:34:35 -07:00
Stanislav Malyshev
97eff7eb57
Fix bug #72241 : get_icu_value_internal out-of-bounds read
2016-05-22 17:49:02 -07:00
Derick Rethans
f43f6fc39b
Fixed bug #63740 (strtotime seems to use both sunday and monday as start of week)
2016-05-18 12:19:11 +01:00
Stanislav Malyshev
0da8b8b801
Fix bug #72135 - don't create strings with lengths outside int range
2016-05-15 23:26:51 -07:00
Dmitry Stogov
90f43caf5b
The "flock" structure has to be writable on AIX.
2016-05-10 17:50:14 +03:00
Stanislav Malyshev
abd159cce4
Fix bug #72114 - int/size_t confusion in fread
2016-05-09 21:55:29 -07:00
Anatol Belski
1cc536af5a
Revert "Backport patch for bug #71820 "
...
This reverts commit 1b632cfe83
.
This fixed bug #72151 , and reverts the fix for bug #71820 .
See also bug #50636 and #49521 for the history.
2016-05-09 17:15:40 +02:00
Anatol Belski
5351151352
add test fo rbug 71805
2016-05-03 19:09:11 +02:00
Stanislav Malyshev
9649ca1630
Fixed bug #71331 - Uninitialized pointer in phar_make_dirstream()
2016-04-28 20:57:44 +03:00
Anatol Belski
a21a997478
fix/improve tests
2016-04-27 13:16:57 +02:00
Stanislav Malyshev
e315a162da
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
Fix memory leak
Fix bug #72099 : xml_parse_into_struct segmentation fault
5.5.36 now
Fix bug #72094 - Out of bounds heap read access in exif header processing
Fix bug #72093 : bcpowmod accepts negative scale and corrupts _one_ definition
Fix bug #72061 - Out-of-bounds reads in zif_grapheme_stripos with negative offset
Fix for bug #71912 (libgd: signedness vulnerability)
Typo in NEWS
Conflicts:
configure.in
main/php_version.h
2016-04-26 23:48:41 -07:00
Stanislav Malyshev
61c7a06e7c
Fix memory leak
2016-04-26 22:54:58 -07:00
Stanislav Malyshev
dccda88f27
Fix bug #72099 : xml_parse_into_struct segmentation fault
2016-04-26 22:46:28 -07:00
Dmitry Stogov
9f389cccfd
Fixed test on 32-bit platforms (split into 32-bit and 64-bit versions)
2016-04-26 13:43:18 +03:00
Stanislav Malyshev
082aecfc3a
Fix bug #72094 - Out of bounds heap read access in exif header processing
2016-04-24 19:33:52 -07:00
Stanislav Malyshev
d650063a04
Fix bug #72093 : bcpowmod accepts negative scale and corrupts _one_ definition
...
We can not modify result since it can be copy of _zero_ or _one_, etc. and
"copy" in bcmath is just bumping the refcount.
2016-04-24 18:33:32 -07:00
Stanislav Malyshev
fd9689745c
Fix bug #72061 - Out-of-bounds reads in zif_grapheme_stripos with negative offset
2016-04-24 13:15:17 -07:00
Stanislav Malyshev
c02301b666
Better fix for #71952
2016-04-19 23:44:00 -07:00
Stanislav Malyshev
f061867fd3
Fix bug #71952 : Corruption inside imageaffinematrixget
2016-04-18 23:33:21 -07:00
Stanislav Malyshev
b15f0ecc0f
Fix for bug #71912 (libgd: signedness vulnerability)
2016-04-18 22:24:16 -07:00
Christopher Jones
d1e81a59a7
Fix old comment cut-n-paste error
2016-04-14 15:08:42 +10:00
Christopher Jones
8f2e6da806
Fixed bug #71422 (Fix ORA-01438: value larger than specified precision allowed for this column)
2016-04-14 13:50:01 +10:00
Lior Kaplan
c1f597d9a1
opcache config.m4: Use = for comparison
2016-04-08 22:38:07 +03:00
Thomas Punt
1aea777349
Use STR_EMPTY_ALLOC macro instead
2016-04-05 11:18:14 +02:00
Thomas Punt
40f14bad33
Fix DateInterval::format segfault
2016-04-05 11:18:14 +02:00
Matteo Beccati
30925cd498
Fixed bug #71447 (Quotes inside comments not properly handled)
2016-04-04 23:50:28 +02:00
Matteo Beccati
9a87108eca
Fixed a few PDO tests to conform to PDO Common standards
2016-04-04 23:43:17 +02:00
Anatol Belski
a00c2b1bf5
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
fix borked mainstream patch
5.5.35 now
2016-03-31 01:36:47 +02:00
Anatol Belski
4b0b1cec00
fix borked mainstream patch
2016-03-31 01:33:38 +02:00
Anatol Belski
ed707a5217
fix test to not to cause false positives
2016-03-31 01:29:05 +02:00
Anatol Belski
23d0065744
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
fix dir separator in test
2016-03-29 14:19:35 +02:00
Anatol Belski
551423c642
fix dir separator in test
2016-03-29 14:18:25 +02:00
Anatol Belski
5272184a1e
Fixed bug #71527 Buffer over-write in finfo_open with malformed magic file
...
The actual fix is applying the upstream patch from
6713ca45e7
2016-03-29 13:11:25 +02:00
Anatol Belski
84990ab346
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
Fixed bug #71527 Buffer over-write in finfo_open with malformed magic file
2016-03-29 13:11:17 +02:00
Anatol Belski
fe13566c93
Fixed bug #71527 Buffer over-write in finfo_open with malformed magic file
...
The actual fix is applying the upstream patch from
6713ca45e7
2016-03-29 13:10:39 +02:00
Stanislav Malyshev
cc7631dd08
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
Fixed bug #71704 php_snmp_error() Format String Vulnerability
2016-03-28 23:45:15 -07:00
Anatol Belski
9c19a08b9d
Fixed bug #71704 php_snmp_error() Format String Vulnerability
...
Conflicts:
ext/snmp/snmp.c
2016-03-28 23:42:19 -07:00
Stanislav Malyshev
62da5cdf3d
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
Fixed bug #71906 : AddressSanitizer: negative-size-param (-1) in mbfl_strcut
Fix bug #71798 - Integer Overflow in php_raw_url_encode
Fix bug #71860 : Require valid paths for phar filenames
Going for 5.5.34
Conflicts:
configure.in
ext/phar/tests/create_path_error.phpt
main/php_version.h
2016-03-28 23:21:15 -07:00
Stanislav Malyshev
f8dd10508b
Fixed bug #71906 : AddressSanitizer: negative-size-param (-1) in mbfl_strcut
2016-03-28 23:15:16 -07:00
Stanislav Malyshev
95433e8e33
Fix bug #71798 - Integer Overflow in php_raw_url_encode
2016-03-27 14:22:19 -07:00
Nikita Popov
54da966883
Fixed bug #67512
2016-03-25 20:18:46 +01:00
Derick Rethans
c4681ec8e1
Updated to version 2016.3 (2016c)
2016-03-24 11:09:05 +00:00
Julien Pauli
d3d64b7c62
Reworked Fix bug #52098
2016-03-21 15:23:18 +01:00
Daniel Persson
e541cd8e6b
Fix bug #52098
2016-03-21 15:04:11 +01:00
Xinchen Hui
056459dc9d
Merge branch 'PHP-5.6' of https://github.com/msierks/php-src into PHP-5.6
...
* 'PHP-5.6' of https://github.com/msierks/php-src :
FIX #71831 : CURLOPT_NOPROXY applied as long instead of string
2016-03-21 16:39:22 +08:00
Stanislav Malyshev
72281f29dd
Fix bug #71860 : Require valid paths for phar filenames
2016-03-20 21:33:11 -07:00
Nikita Popov
cc3cdd0057
Fixed bug #67582
2016-03-20 17:46:12 +01:00
Michael Sierks
efacdc3511
FIX #71831 : CURLOPT_NOPROXY applied as long instead of string
...
The CURLOPT_NOPROXY option value is converted to a long before
being applied as a curl option. This causes the option to have
no effect. This patch changes this conversion to a string.
2016-03-18 07:29:01 -05:00
Anatol Belski
1b632cfe83
Backport patch for bug #71820
...
Rev b4eedd128b
2016-03-17 14:28:58 +01:00
Xinchen Hui
eb405623ec
Merge branch 'PHP-5.6' of git.php.net:/php-src into PHP-5.6
...
* 'PHP-5.6' of git.php.net:/php-src:
fix NEWS
NEWS
Fix Bug #63171 Script hangs after max_execution_time
2016-03-17 21:27:23 +08:00
Remi Collet
407ad28ae5
Fix Bug #63171 Script hangs after max_execution_time
...
If aborted via timer expiration, don't try to call any unixODBC function
which may hangs because of internal locks
2016-03-17 13:38:45 +01:00
Xinchen Hui
8e2f658f49
Fixed bug #71843 (null ptr deref ZEND_RETURN_SPEC_CONST_HANDLER)
2016-03-17 19:54:19 +08:00
Xinchen Hui
6d4aec029a
Fixed test script
2016-03-17 17:06:56 +08:00
Xinchen Hui
ead7632cf9
Fixed test script
2016-03-17 15:23:44 +08:00
Xinchen Hui
6f241f5fad
Fixed bug #71840 (Unserialize accepts wrongly data)
2016-03-17 15:15:28 +08:00
Remi Collet
478c807128
fix #ifdef usage
2016-03-16 07:17:49 +01:00
Derick Rethans
ddc62f2e8b
Updated to version 2016.2 (2016b)
2016-03-15 09:14:09 +00:00
Anatol Belski
beda05269c
fix test
...
Many warnings won't appear with libxml2 >= 2.9.3 because in many
cases libxml2 2.9.3 will just abort processing.
2016-03-14 15:53:02 +01:00
Thomas Punt
f3f5a07aa5
Fix DatePeriod::getEndDate() segfault
2016-03-11 14:08:48 +01:00
Anatol Belski
8cd903ea68
fix error condition, part of bug #71753
2016-03-10 11:35:50 +01:00
Xinchen Hui
915a3762ef
Fixed typo (partially fix for #71753 )
2016-03-10 15:22:34 +08:00
Anatol Belski
a1d1f54b42
fix directory separator
2016-03-09 14:16:29 +01:00
Anatol Belski
8ca02bb233
fix regression introduced in 5683b6fa39
...
Test extended. Basically, both iterator type and next node have
to be checked.
2016-03-08 12:59:59 +01:00
Anton Blanchard
ccd215a517
Additional improvements to crypt() detection code
...
Reformat to normalize tabs vs spaces, return 1 if crypt.h not
defined, fix C99 compliance.
2016-03-03 17:28:34 +01:00
Michael Orlitzky
08fce8e2c5
ext/standard/config.m4: fix crypt() test segfaults in >=glibc-2.17.
...
Starting with glibc-2.17, the crypt() function will report an EINVAL
and return NULL when the format of the "salt" parameter is
invalid. The current tests for crypt() pass its result to strcmp(),
causing segfaults when the value returned from crypt() is NULL.
This commit modifies the test programs to exit with failure when
crypt() returns NULL.
Reference: https://bugs.gentoo.org/show_bug.cgi?id=518964
2016-03-03 17:12:57 +01:00
Anatol Belski
2399c64eaf
show correct MINFO with libpq >= 9.5.x
2016-03-02 17:03:20 +01:00
Stanislav Malyshev
b3bb1aacfe
Merge branch 'PHP-5.6.19' into PHP-5.6
...
* PHP-5.6.19:
fix test file
Fix version
Update NEWS
2016-03-01 22:56:08 -08:00
Stanislav Malyshev
6e6a556b8c
Merge branch 'PHP-5.5' into PHP-5.6.19
...
* PHP-5.5:
fix test file
Fix version
Update NEWS
2016-03-01 22:55:49 -08:00
Stanislav Malyshev
3c8ccdd9d3
fix test file
2016-03-01 22:55:02 -08:00
Stanislav Malyshev
ae3f132be1
Merge branch 'PHP-5.6.19' into PHP-5.6
...
* PHP-5.6.19:
update NEWS
Fix bug #71498 : Out-of-Bound Read in phar_parse_zipfile()
fix ts buld
prep for 5.6.19RC1
Fixed bug #71587 - Use-After-Free / Double-Free in WDDX Deserialize
2016-03-01 22:42:16 -08:00
Stanislav Malyshev
91990bbde0
Merge branch 'PHP-5.5.33' into PHP-5.6.19
...
* PHP-5.5.33:
Fix bug #71498 : Out-of-Bound Read in phar_parse_zipfile()
Fixed bug #71587 - Use-After-Free / Double-Free in WDDX Deserialize
2016-03-01 22:40:00 -08:00
Xinchen Hui
20add1e530
Merge branch 'PHP-5.6-bug_69757' of https://github.com/wayfair/php-src into PHP-5.6
...
* 'PHP-5.6-bug_69757' of https://github.com/wayfair/php-src :
limit size of result set so unit test runs reliably
2016-03-02 14:26:34 +08:00
Nikita Popov
471540d285
Fix intermittent failure of bug_68819_002.phpt
...
The test used rand(32, 127) to select the character, however
chr(127) results in "data" instead of the expected result, so this
test would fail in something like 1% of the runs.
Replace rand() with fixed character "a".
2016-03-02 00:34:36 +01:00
mpyw
0bbea60524
Fix bug #71694
...
Exports contants CURLM_ADDED_ALREADY.
2016-03-01 23:31:58 +01:00
Adam Baratz
2e18d438b0
limit size of result set so unit test runs reliably
2016-03-01 17:15:36 -05:00
Jos Elstgeest
50b4cafd28
Fixed bugs #71317 and #71504
...
If there are duplicate filenames in tar, the last one wins.
2016-02-29 22:34:35 +01:00
Anatol Belski
d78220fb2c
add test for bug #68957
2016-02-29 18:43:03 +01:00
Anatol Belski
53c036b30b
Fixed #54648 PDO::MSSQL forces format of datetime fields
...
adopted patch by steven dot lambeth at gmx dot de
2016-02-29 17:04:49 +01:00
Anatol Belski
7816698580
remove unneeded free parts
...
See bug #71667 , free_statement already does the job
2016-02-29 16:26:46 +01:00
Anatol Belski
d7fd614cc6
fix leaks and add one more NULL check
2016-02-29 15:38:42 +01:00
Anatol Belski
a310c3b484
add NULL check
2016-02-29 15:26:57 +01:00
Anatol Belski
efaafd45b4
fix C89 compat
2016-02-29 15:24:31 +01:00
Anatol Belski
35be4398d1
fix arg type
2016-02-29 15:23:53 +01:00
Anatol Belski
90ad6e3c6c
add test for bug #47803
2016-02-24 11:49:02 +01:00
Anatol Belski
ff115e285a
Fixed bug #47803
...
Executing prepared statements is succesfull only for the first two statements
The reworked patch descends to the bug #69526 which is fixed by
this as well. The broken logic in the current code was, that
SQLDescribeParam was executed in odbc_execute every time. This piece
is now moved into odbc_prepare and the results are carried on in an
additional structure.
Since the ext/odbc headers are not being currently installed and the
corresponding structs like odbc_result are not used outside ext/odbc,
the binary compatibility persists. Executing SQLDescribeParam only once
in odbc_prepare is also an optimization as the filds usually won't
change that fast and thus requestind the descriptions on every
execution is not required.
2016-02-24 11:40:35 +01:00
Anatol Belski
9623d2dd83
make ext/odbc test credentials configurable
2016-02-23 14:21:04 +01:00
Remi Collet
d20f1d8f1f
cleanup $Id
2016-02-22 09:26:00 +01:00
Stanislav Malyshev
a6fdc5bb27
Fix bug #71498 : Out-of-Bound Read in phar_parse_zipfile()
2016-02-21 16:51:05 -08:00
Anatol Belski
688b914217
add test for bug #71625
2016-02-18 19:38:39 +01:00
Anatol Belski
0445abd547
Fixed bug #71625 Crash in php7.dll with bad phar filename
2016-02-18 19:32:08 +01:00
Anatol Belski
343307000e
yet two test fixes in openssl in 5.6
2016-02-16 08:28:10 +01:00
Anatol Belski
974dea5e88
improve test
2016-02-16 08:05:16 +01:00
Anatol Belski
11102e2653
Fix timelib compat with PHP5
...
Windows builds in PHP5 are always using long which is 32-bit even
in 64-bit build. Thus in PHP5, timelib_long and the company have
to always evaluate to a 32-bit.
2016-02-15 16:50:42 +01:00
Anatol Belski
633fb2d0e8
Backported fix for bug #71525
2016-02-15 15:14:23 +01:00
Stanislav Malyshev
c11b23c465
Fix bug #71540 - NULL pointer dereference in xsl_ext_function_php()
2016-02-15 00:08:18 -08:00
Anatol Belski
a3927fa7f5
fix dir separator in test
2016-02-15 08:58:20 +01:00
Stanislav Malyshev
b1bd4119bc
Fixed bug #71587 - Use-After-Free / Double-Free in WDDX Deserialize
2016-02-14 22:34:39 -08:00
Xinchen Hui
5e152f54ae
Merge branch 'PHP-5.6' of git.php.net:/php-src into PHP-5.6
...
* 'PHP-5.6' of git.php.net:/php-src:
update NEWS
Fixed bug #71559 Built-in HTTP server, we can downlaod file in web by bug
Check length of string before comparing to :memory:
Fix bounds check in strip_tags()
Fix test description
FIx bug #71569
2016-02-15 10:29:28 +08:00
Nikita Popov
fece24f8f4
Check length of string before comparing to :memory:
2016-02-13 18:01:50 +01:00
Nikita Popov
4e0134c661
Fix bounds check in strip_tags()
2016-02-13 17:47:30 +01:00
Nikita Popov
adcdb4f7ba
Fix test description
2016-02-13 17:46:24 +01:00
Nikita Popov
bc419fee5c
FIx bug #71569
...
convert_to_string() may result in an interned string.
2016-02-13 15:17:51 +01:00
Yussuf Khalil
35f6f9b0db
Fix use-after-free of ZCG(cwd) in Zend Optimizer
2016-02-10 10:33:57 +01:00
Xinchen Hui
c339d5217a
Merge branch 'PHP-5.6' of git.php.net:/php-src into PHP-5.6
2016-02-09 23:33:30 +08:00
Xinchen Hui
f45752eb83
Fixed bug #71561 (NULL pointer dereference in Zip::ExtractTo)
2016-02-09 23:32:20 +08:00
Lior Kaplan
6772fbff62
Align spacing in make install messages
2016-02-08 20:27:19 +02:00
Xinchen Hui
5fdfab743d
Fixed bug #71523 (Copied handle with new option CURLOPT_HTTPHEADER crashes while curl_multi_exec)
2016-02-05 19:49:26 +08:00
Jakub Zelenka
feab5e6fa0
Split and clean up OpenSSL X509 tests
2016-02-04 16:51:36 +00:00
Jakub Zelenka
1f3906c1ce
Rename and clean up OpenSSL tests
2016-02-03 16:20:27 +00:00
Julien Pauli
6b0b29edd6
Fix #70720
2016-02-02 18:09:54 +01:00
Anatol Belski
b837f205ca
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
add error check to sysconf call
Going for 5.5.33 now
Conflicts:
configure.in
main/php_version.h
2016-02-02 14:22:31 +01:00
Anatol Belski
377d353c9f
add error check to sysconf call
2016-02-02 14:19:10 +01:00
Derick Rethans
43fee6c6a1
Updated to version 2016.1 (2016a)
2016-02-02 10:34:03 +00:00
Stanislav Malyshev
41be90d95b
Merge branch 'PHP-5.6.18' into PHP-5.6
...
* PHP-5.6.18:
fix tests
fix NEWS
Update NEWS
update NEWS
Fixed bug #71488 : Stack overflow when decompressing tar archives
update NEWS
add missing headers for SIZE_MAX
backport the escapeshell* functions hardening branch
add tests
Fix bug #71459 - Integer overflow in iptcembed()
prepare 5.6.18RC1
Fixed bug #71323 - Output of stream_get_meta_data can be falsified by its input
Fix bug #71391 : NULL Pointer Dereference in phar_tar_setupmetadata()
Fixed bug #71331 - Uninitialized pointer in phar_make_dirstream()
Fix bug #71335 : Type Confusion in WDDX Packet Deserialization
Fix bug #71354 - remove UMR when size is 0
Conflicts:
configure.in
main/php_version.h
2016-02-01 19:16:34 -08:00
Stanislav Malyshev
24167095a5
Merge branch 'PHP-5.5' into PHP-5.6.18
...
* PHP-5.5:
fix tests
fix NEWS
update NEWS
2016-02-01 19:15:19 -08:00
Stanislav Malyshev
2a7d8c0a06
fix tests
2016-02-01 18:58:02 -08:00
Stanislav Malyshev
309ead112f
Merge branch 'PHP-5.5.32' into PHP-5.6.18
...
* PHP-5.5.32:
Fixed bug #71488 : Stack overflow when decompressing tar archives
update NEWS
add missing headers for SIZE_MAX
backport the escapeshell* functions hardening branch
add tests
Fix bug #71459 - Integer overflow in iptcembed()
Fixed bug #71323 - Output of stream_get_meta_data can be falsified by its input
Fix bug #71391 : NULL Pointer Dereference in phar_tar_setupmetadata()
Fix bug #71335 : Type Confusion in WDDX Packet Deserialization
Fix bug #71354 - remove UMR when size is 0
2016-02-01 18:32:31 -08:00
Stanislav Malyshev
2f1ce4f209
Merge branch 'PHP-5.5' into PHP-5.6.18
...
* PHP-5.5:
Upgrade bundled PCRE to 8.38
Fixed NEWS file entry
fix the fix for bug #70976 (imagerotate)
2016-02-01 18:32:14 -08:00
Stanislav Malyshev
5bde5a0a2e
Merge remote-tracking branch 'origin/PHP-5.6.18' into PHP-5.6.18
...
* origin/PHP-5.6.18:
prepare 5.6.18RC1
Fix test when run with openssl < 1.0.2 (reorder so no more SSLv2 message) Fix skip message to work
improve fix for bug #71201
fork test
fix test
fork test
fork test for win32
fork test
Use SUCCESS/FAILURE
Fixed bug #65720 ext/mbstring/libmbfl/filters/mbfilter_cp5022x.c:281: bad if test
Fix header file include
Fixed bug #69111 (Crash in SessionHandler::read()). Made session save handler abuse much harder than before.
2016-02-01 18:31:57 -08:00
Stanislav Malyshev
b5ef8ed168
Merge branch 'PHP-5.5' into PHP-5.5.32
...
* PHP-5.5:
Upgrade bundled PCRE to 8.38
Fixed NEWS file entry
2016-02-01 18:28:49 -08:00
Stanislav Malyshev
00788f9cfb
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
Upgrade bundled PCRE to 8.38
Fixed NEWS file entry
fix the fix for bug #70976 (imagerotate)
2016-01-31 21:06:31 -08:00
Stanislav Malyshev
ca02d9c2d6
Upgrade bundled PCRE to 8.38
2016-01-31 20:37:47 -08:00
Stanislav Malyshev
07c7df68bd
Fixed bug #71488 : Stack overflow when decompressing tar archives
2016-01-31 19:37:56 -08:00
Jakub Zelenka
ef356912b3
Rewrite OpenSSL SPKI tests to speed them up
...
Also fix some CS issue and naming
2016-01-31 14:28:13 +00:00
Jakub Zelenka
e93ab05489
Add private RSA keys with 2048 and 4096 bit long modulus
2016-01-31 13:57:00 +00:00
Jakub Zelenka
148d013323
Rename private.key to private_rsa_1024.key
2016-01-31 13:54:16 +00:00
Anatol Belski
b7dadfae87
add XFAIL
2016-01-29 20:36:11 +01:00
Anatol Belski
40b9f52c2c
Revert "fix leak in 5.6"
...
This reverts commit fa548e5ca9
.
2016-01-29 20:33:39 +01:00
Derick Rethans
1a86825688
Use the new timelib function for comparing times
2016-01-29 15:28:11 +01:00
Willem-Jan
2aeef4e539
Test + support for negative timestamps with microtime
2016-01-29 15:22:22 +01:00
Willem-Jan
1bbbc47e79
Also test against equality
2016-01-29 15:22:22 +01:00
Willem-Jan
5879721936
Compare agaist fraction when sse are equal
2016-01-29 15:22:22 +01:00
Willem-Jan
a0237259e9
Added test for comparing dates with microseconds
2016-01-29 15:22:22 +01:00
Derick Rethans
822ca45220
Merge in changes in timelib 2016.01
2016-01-29 15:21:55 +01:00
Anatol Belski
fa548e5ca9
fix leak in 5.6
2016-01-29 13:56:11 +01:00
Anatol Belski
4b0feeb8fa
add test for bug #69111
2016-01-29 12:27:35 +01:00
Anatol Belski
25108babdb
refix bug #69111 , crash in 5.6 only
2016-01-29 11:24:19 +01:00
Anatol Belski
ae6e139c77
reset the ext/session to the state of 5.6.17
2016-01-29 08:33:09 +01:00
Anatol Belski
686a17893a
add missing headers for SIZE_MAX
2016-01-28 13:46:34 +01:00
Anatol Belski
f4d7bbf4ac
backport the escapeshell* functions hardening branch
2016-01-28 13:45:43 +01:00
Anatol Belski
828364e59c
add tests
2016-01-28 13:27:26 +01:00
Stanislav Malyshev
54c210d2ea
Fix bug #71459 - Integer overflow in iptcembed()
2016-01-26 17:26:52 -08:00
Jakub Zelenka
a63d0f55da
Fix memory leak with not freeing OpenSSL errors
2016-01-25 16:50:16 +00:00
Xinchen Hui
47e7662a13
Update libmagic.patch for PHP-5.6
2016-01-25 11:25:04 +08:00
Xinchen Hui
a458a4fdc1
Fixed bug #7143 (finfo throws notice for specific python file)
...
There seems be a bug while it was changed from regexec to
preg_match_impl:
https://github.com/php/php-src/commit/46906925#diff-56e765972d18c84894ea061cfe58076aR1757
2016-01-25 11:24:44 +08:00
Remi Collet
3c8f287d58
Fix test when run with openssl < 1.0.2 (reorder so no more SSLv2 message)
...
Fix skip message to work
2016-01-20 13:08:58 +01:00
Anatol Belski
508d1dae25
improve fix for bug #71201
2016-01-20 09:44:28 +01:00
Anatol Belski
fa0dd6006d
fork test
2016-01-18 16:59:17 +01:00
Anatol Belski
adf0be7680
fork test
2016-01-18 16:45:35 +01:00
Anatol Belski
f0e2fe8e75
fork test for win32
2016-01-18 16:37:04 +01:00
Anatol Belski
f0b02f2351
fork test
2016-01-18 16:34:20 +01:00
Yasuo Ohgaki
ee1dd4949a
Use SUCCESS/FAILURE
2016-01-18 13:33:47 +09:00
Yasuo Ohgaki
f9c595f3c0
Fixed bug #65720 ext/mbstring/libmbfl/filters/mbfilter_cp5022x.c:281: bad if test
2016-01-18 10:54:07 +09:00
Stanislav Malyshev
6297a117d7
Fixed bug #71323 - Output of stream_get_meta_data can be falsified by its input
2016-01-16 22:10:54 -08:00
Stanislav Malyshev
1c1b8b6998
Fix bug #71391 : NULL Pointer Dereference in phar_tar_setupmetadata()
2016-01-16 20:43:43 -08:00
Jason Young
d1401f6059
Fix header file include
2016-01-15 08:43:00 +01:00
Stanislav Malyshev
4c2424eb24
Fixed bug #71331 - Uninitialized pointer in phar_make_dirstream()
2016-01-14 22:58:40 -08:00
Yasuo Ohgaki
bfb9307b2d
Fixed bug #69111 (Crash in SessionHandler::read()).
...
Made session save handler abuse much harder than before.
2016-01-15 15:50:14 +09:00
Yasuo Ohgaki
d7f8d9e3a9
Fix typo
2016-01-15 15:21:18 +09:00
Yasuo Ohgaki
31ae802736
Fix uninitialized read in rfc1867 handler reported by valgrind. Only in PHP 5.6.
...
This commit fixes initialized read, but calling php_session_initialize() directly
is problematic because configuration could be invalid. Invalid config may result
in segfault. This will be addressed later.
2016-01-15 15:18:00 +09:00
Yasuo Ohgaki
8c37a086c7
Improved fix for bug #68063 (Empty session IDs do still start sessions).
2016-01-15 09:45:08 +09:00
Anatol Belski
4308c868f9
Fixed bug #70979 crash with bad soap request
...
The error handler is overloaded with the SOAP one. However the SOAP
handler eventually wants to access some of its globals. This won't
work as long as the SOAP globals aren't initialized. The use case
is when an error is thrown before RINIT went through. As the call
order is arbitrary, the safest is to wait when all the modules
called their RINIT.
2016-01-14 17:42:28 +01:00
Stanislav Malyshev
285cd3417f
Fix bug #71335 : Type Confusion in WDDX Packet Deserialization
2016-01-13 16:43:04 -08:00
Stanislav Malyshev
635ba1f2c3
Merge branch 'bug71354' into PHP-5.5.32
...
* bug71354:
Fix bug #71354 - remove UMR when size is 0
2016-01-13 16:33:37 -08:00
Stanislav Malyshev
13ad4d3e97
Fix bug #71354 - remove UMR when size is 0
2016-01-13 16:32:29 -08:00
Remi Collet
aa8d3a8cc6
fix the fix for bug #70976 (imagerotate)
2016-01-12 14:03:35 +01:00
Remi Collet
14e4d393cf
fix the fix for bug #70976 (imagerotate)
2016-01-12 13:52:27 +01:00
Yasuo Ohgaki
63c77ee4b1
Use php_session_abort()
2016-01-12 20:39:33 +09:00
Yasuo Ohgaki
a15e9ccba8
Fixed Bug #71038 session_start() returns TRUE on failure
2016-01-12 19:09:49 +09:00
Julien Pauli
86f48881a4
Removed unecessary string dup
2016-01-06 10:51:36 +01:00
Julien Pauli
810452f68e
Moved buffer from heap to stack
2016-01-06 10:51:36 +01:00
Stanislav Malyshev
13750cb0a1
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
Update NEWS
Improve fix for bug #70976
Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization)
Fixed bug #70741 : Session WDDX Packet Deserialization Type Confusion Vulnerability
Fixed #70728
Fixed bug #70755 : fpm_log.c memory leak and buffer overflow
Fix bug #70976 : fix boundary check on gdImageRotateInterpolated
typofix
2016-01-05 19:38:29 -08:00
Lior Kaplan
53fb2f1e5c
Happy new year (Update copyright to 2016)
2016-01-03 01:44:37 +02:00
Xinchen Hui
3537e95dae
bump year which is missed in rev 49493a2
2016-01-02 17:51:24 +08:00
Anatol Belski
a7b1ea3c84
sync with new tests from 7.0 for ICU 55_1 and 56_1 compat
2016-01-01 20:25:36 +01:00
Anatol Belski
6bcf4b4f40
sync skipifs for ext/intl for ICU 55_* and 56_* compat
2016-01-01 20:13:35 +01:00
Lior Kaplan
49493a2dcf
Happy new year (Update copyright to 2016)
2016-01-01 19:21:47 +02:00
Stanislav Malyshev
2baeb167a0
Improve fix for bug #70976
2015-12-28 23:44:14 -08:00
Stanislav Malyshev
dcf3c9761c
Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization)
2015-12-28 14:46:35 -08:00
Stanislav Malyshev
1785d2b805
Fixed bug #70741 : Session WDDX Packet Deserialization Type Confusion Vulnerability
2015-12-28 12:44:10 -08:00
Julien Pauli
d73d9fecf6
Fixed and improved tests
2015-12-24 14:08:44 +01:00
marcosptf
7f31a88bb8
test to function socket_getopt();
2015-12-24 13:23:00 +01:00