clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-22 02:17:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
82,802 Commits 491 Branches 1,363 Tags 837 MiB
a57a08e791
Commit Graph

1015 Commits

Author SHA1 Message Date
Yasuo Ohgaki
57be57ac94 Fix ZTS build 2015-12-16 11:10:39 +09:00
Yasuo Ohgaki
e8f1c29cc9 Fixed bug #71122 Session GC may not remove obsolete session data 2015-12-16 09:15:05 +09:00
Yasuo Ohgaki
8161230505 Fixed Bug #71122 Session GC may not remove obsolete session data 2015-12-15 10:27:28 +09:00
Anatol Belski
56e7903131 fix path separator in test 2015-12-09 11:18:25 +01:00
Stanislav Malyshev
a6c063d663 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  More fixes for bug #70219
 2015-09-01 12:51:48 -07:00
Stanislav Malyshev
c19d59c550 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  update NEWS
  add NEWS for fixes
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  5.4.45 next

Conflicts:
	ext/pcre/php_pcre.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	ext/zip/php_zip.c
 2015-09-01 12:06:41 -07:00
Stanislav Malyshev
33d3acaae7 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  5.4.45 next

Conflicts:
	configure.in
	ext/pcre/php_pcre.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	main/php_version.h
 2015-09-01 11:42:19 -07:00
Stanislav Malyshev
fc8eff897b More fixes for bug #70219 2015-08-28 21:50:21 -07:00
Stanislav Malyshev
24dda816d0 Merge branch 'PHP-5.4.45' into PHP-5.5.29 
* PHP-5.4.45:
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  5.4.45 next

Conflicts:
	configure.in
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	main/php_version.h
 2015-08-25 23:08:49 -07:00
Stanislav Malyshev
df4bf28f9f Fix bug #70219 (Use after free vulnerability in session deserializer) 2015-08-23 19:56:12 -07:00
Yasuo Ohgaki
02ff308e27 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Set NULL after efree
 2015-04-24 16:05:50 +09:00
Yasuo Ohgaki
4c711200b4 Set NULL after efree 2015-04-24 16:04:01 +09:00
Julien Pauli
2a50877428 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fix flaws in session module
 2015-03-16 16:01:12 +01:00
Julien Pauli
4dba99c226 Fix flaws in session module 2015-03-16 16:00:46 +01:00
Yasuo Ohgaki
4dd7851208 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed Bug #66623 no EINTR check on flock(LOCK_EX)
 2015-02-03 14:04:03 +09:00
Yasuo Ohgaki
b41a6c6f05 Fixed Bug #66623 no EINTR check on flock(LOCK_EX) 2015-02-03 14:02:58 +09:00
Yasuo Ohgaki
2983ef3c48 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed bug #68063 Empty session IDs do still start sessions
 2015-02-03 13:41:31 +09:00
Yasuo Ohgaki
853ae39d6e Fixed bug #68063 Empty session IDs do still start sessions 2015-02-03 13:38:49 +09:00
Yasuo Ohgaki
665997bf16 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Bug #61470 is fixed only in master
 2015-02-03 12:26:25 +09:00
Yasuo Ohgaki
17beba686e Bug #61470 is fixed only in master 2015-02-03 12:26:01 +09:00
Adam Harvey
05d591dfdf Merge branch 'PHP-5.5' into PHP-5.6 2015-02-02 11:31:54 +00:00
Adam Harvey
9d8b1170aa Let's not assume bash is always /bin/bash. 2015-02-02 11:31:10 +00:00
Yasuo Ohgaki
675a12bbcf Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Add test for bug #61470. It is already fixed.
 2015-02-02 18:39:48 +09:00
Yasuo Ohgaki
fb803ff819 Add test for bug #61470. It is already fixed. 2015-02-02 18:39:07 +09:00
Yasuo Ohgaki
d9a9afa499 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed typo in comment
 2015-02-01 05:14:56 +09:00
Yasuo Ohgaki
c8a12508c7 Fixed typo in comment 2015-02-01 05:14:27 +09:00
Yasuo Ohgaki
7b06cc8d22 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Use bash rather than sh
 2015-01-29 15:27:08 +09:00
Yasuo Ohgaki
d463ddd3c7 Use bash rather than sh 2015-01-29 15:21:17 +09:00
Yasuo Ohgaki
5f28622e09 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed Bug #68941 mod_files.sh is a bash-script
 2015-01-29 09:29:11 +09:00
Yasuo Ohgaki
abf9e2ea09 Fixed Bug #68941 mod_files.sh is a bash-script 2015-01-29 09:25:28 +09:00
Xinchen Hui
0579e8278d bump year 2015-01-15 23:26:37 +08:00
Xinchen Hui
73c1be2653 Bump year 2015-01-15 23:26:03 +08:00
Yasuo Ohgaki
9e072d9565 Remove unneeded md5 hashing from PHP-5.6 branch. 
It's removed from master already by my previous commit.
 2014-11-12 13:43:54 +09:00
Yasuo Ohgaki
4dd3fbfcd2 Fixed bug #68331 - This was partial patch for https://wiki.php.net/rfc/session-lock-ini 2014-11-06 13:06:29 +09:00
Adam Harvey
0cbfdc9df5 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fix bug #67972 (SessionHandler Invalid memory read create_sid()).
  Update LSAPI to 6.7, added support for 'filter_input'. Fixed a crash in CLI mode.
  5.5.18 now

Conflicts:
	configure.in
	main/php_version.h
 2014-09-08 19:28:15 +00:00
Adam Harvey
bc44eb6172 Fix bug #67972 (SessionHandler Invalid memory read create_sid()). 
SessionHandler::create_sid() didn't check if PS(default_mod) was initialised
before attempting to call its create_sid() handler.
 2014-09-08 19:25:14 +00:00
Tjerk Meesters
ce9bdae33f Fixed #67694: Regression in session_regenerate_id() 2014-08-23 09:18:02 +08:00
Stanislav Malyshev
c41ca94824 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fix missing type checks in various functions

Conflicts:
	ext/openssl/openssl.c
 2014-07-28 00:37:32 -07:00
Stanislav Malyshev
531be9662f Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix missing type checks in various functions
 2014-07-28 00:34:27 -07:00
Stanislav Malyshev
b4a4db467b Fix missing type checks in various functions 2014-07-27 02:42:49 -07:00
Xinchen Hui
9bef96d96e Merge branch 'PHP-5.5' into PHP-5.6 2014-07-19 13:12:36 +08:00
Yasuo Ohgaki
f83a6c33b4 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed bug #66827 Session raises E_NOTICE when session name variable is array
 2014-07-19 09:53:04 +09:00
Yasuo Ohgaki
e946de29d2 Fixed bug #66827 Session raises E_NOTICE when session name variable is array 2014-07-19 09:52:31 +09:00
Ferenc Kovacs
f63ca453e0 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed test (it requires ext/hash)
 2014-05-07 01:00:01 +02:00
Ferenc Kovacs
8e2d396b52 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed test (it requires ext/hash)
 2014-05-07 00:55:05 +02:00
Dmitry Stogov
8517001b25 Fixed test (it requires ext/hash) 2014-05-07 00:52:49 +02:00
Ferenc Kovacs
d2f283884f Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed tests (they might fail from time to time because of session GC)
  Fix author name on the #63228 patch.
 2014-05-07 00:38:57 +02:00
Ferenc Kovacs
579898e338 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed tests (they might fail from time to time because of session GC)
  Fix author name on the #63228 patch.
 2014-05-07 00:38:32 +02:00
Dmitry Stogov
f880013c4d Fixed tests (they might fail from time to time because of session GC) 2014-05-07 00:37:56 +02:00
Anatol Belski
634e6b61d9 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  fix windows build
 2014-04-14 23:34:50 +02:00