php-src

mirror of https://github.com/php/php-src.git synced 2024-09-24 03:17:26 +00:00

Author	SHA1	Message	Date
Joe Watkins	e42a01bcd5	Merge branch 'pull-request/1905' * pull-request/1905: pack()/unpack() for Big Endian float/double and Little Endian float/double	2017-01-03 10:49:53 +00:00
Anatol Belski	9c7540d357	Merge branch 'PHP-7.0' into PHP-7.1 * PHP-7.0: improve skipif	2016-12-01 13:33:42 +01:00
Anatol Belski	043d8e2fe1	improve skipif	2016-12-01 13:32:10 +01:00
Nikita Popov	9c1c8be7a2	Merge branch 'PHP-7.0' into PHP-7.1	2016-10-08 01:10:37 +02:00
Nikita Popov	159de7723e	Merge branch 'PHP-5.6' into PHP-7.0	2016-10-08 01:06:02 +02:00
Nikita Popov	bc3a0b82b8	Revert "Fixed test" This reverts commit `a10d03ac16`.	2016-10-08 00:43:36 +02:00
Stanislav Malyshev	56e19b7c75	Merge branch 'PHP-5.6' into PHP-7.0 * PHP-5.6: Fixed test Added validation to parse_url() to prohibit restricted characters inside login/pass components based on RFC3986 Apparently negative wordwrap is a thing and should work as length = 0.	2016-10-04 21:56:28 -07:00
Ilia Alshanetsky	a10d03ac16	Fixed test	2016-10-04 21:20:38 -07:00
Nikita Popov	4c0804c07d	Ensure symtable exists before checking it	2016-09-28 19:20:17 +02:00
Xinchen Hui	6617e87700	Merge branch 'PHP-7.0' into PHP-7.1 * PHP-7.0: Fixed skip	2016-09-21 17:20:35 +08:00
Xinchen Hui	56e3ec93a9	Fixed skip	2016-09-21 17:20:02 +08:00
Remi Collet	3c117d4136	fix test (32bits)	2016-09-15 15:32:39 +02:00
Stanislav Malyshev	dad0e9d1a3	Merge branch 'PHP-7.0' into PHP-7.1 * PHP-7.0: (22 commits) Fix bug #72293 - Heap overflow in mysqlnd related to BIT fields I don't think `8cceb012a7` is needed Fix test Add check in fgetcsv in case sizeof(unit) != sizeof(size_t) Fix bug #73065: Out-Of-Bounds Read in php_wddx_push_element of wddx.c Fix bug #73035 (Out of bound when verify signature of tar phar in phar_parse_tarfile) Fix bug #73052 - Memory Corruption in During Deserialized-object Destruction Fix bug #73029 - Missing type check when unserializing SplArray Fix bug #72860: wddx_deserialize use-after-free Fix bug #73007: add locale length check Fix bug #72928 - Out of bound when verify signature of zip phar in phar_parse_zipfile sync NEWS Revert "Merge branch 'PHP-5.6' into PHP-7.0" Merge branch 'PHP-5.6' into PHP-7.0 Merge branch 'PHP-5.6' into PHP-7.0 Revert "Revert "Merge branch 'PHP-5.6' into PHP-7.0"" fix version sync NEWS Fix bug #72957 set versions ...	2016-09-12 21:10:34 -07:00
Stanislav Malyshev	07c6bdb85d	Merge branch 'PHP-7.0.11' into PHP-7.0 * PHP-7.0.11: (22 commits) Fix bug #72293 - Heap overflow in mysqlnd related to BIT fields I don't think `8cceb012a7` is needed Fix test Add check in fgetcsv in case sizeof(unit) != sizeof(size_t) Fix bug #73065: Out-Of-Bounds Read in php_wddx_push_element of wddx.c Fix bug #73035 (Out of bound when verify signature of tar phar in phar_parse_tarfile) Fix bug #73052 - Memory Corruption in During Deserialized-object Destruction Fix bug #73029 - Missing type check when unserializing SplArray Fix bug #72860: wddx_deserialize use-after-free Fix bug #73007: add locale length check Fix bug #72928 - Out of bound when verify signature of zip phar in phar_parse_zipfile sync NEWS Revert "Merge branch 'PHP-5.6' into PHP-7.0" Merge branch 'PHP-5.6' into PHP-7.0 Merge branch 'PHP-5.6' into PHP-7.0 Revert "Revert "Merge branch 'PHP-5.6' into PHP-7.0"" fix version sync NEWS Fix bug #72957 set versions ...	2016-09-12 21:09:30 -07:00
Anatol Belski	65bf5e88c7	Revert "Merge branch 'PHP-5.6' into PHP-7.0" This reverts commit `946335ba70`, reversing changes made to `3437dbfa00`.	2016-09-11 12:59:43 +02:00
Anatol Belski	435048935e	Merge branch 'PHP-7.0' into PHP-7.1 * PHP-7.0: Bug #73058 crypt broken when salt is 'too' long	2016-09-10 02:49:30 +02:00
Anatol Belski	e539ea439b	Merge branch 'PHP-5.6' into PHP-7.0 * PHP-5.6: Bug #73058 crypt broken when salt is 'too' long	2016-09-10 02:44:21 +02:00
Anatol Belski	669fda00b7	Bug #73058 crypt broken when salt is 'too' long	2016-09-10 02:39:28 +02:00
Christoph M. Becker	727b422ad9	Fix #72948 : Uncatchable "Catchable" fatal error for class to string conversions E_RECOVERABLE errors are reported as "Catchable fatal error". This is misleading, because they actually can't be caught via try-catch statements. Therefore we change the wording to "Recoverable fatal error" as suggested by Nikita.	2016-09-03 13:05:37 +02:00
Anatol Belski	22a825db85	Merge branch 'PHP-7.0' into PHP-7.1 * PHP-7.0: Fixed bug #72703 Out of bounds global memory read in BF_crypt triggered by password_verify	2016-08-29 20:34:44 +02:00
Anatol Belski	946335ba70	Merge branch 'PHP-5.6' into PHP-7.0 * PHP-5.6: Fixed bug #72703 Out of bounds global memory read in BF_crypt triggered by password_verify	2016-08-29 20:32:55 +02:00
Anatol Belski	295303b590	Fixed bug #72703 Out of bounds global memory read in BF_crypt triggered by password_verify	2016-08-29 20:25:34 +02:00
Anatol Belski	526e6bf818	Merge branch 'PHP-7.0' into PHP-7.1 * PHP-7.0: fix tests	2016-08-17 12:41:38 +02:00
Anatol Belski	05c8a0771d	fix tests The 70436 test is just a bonus for the hardening in 72633.	2016-08-17 12:39:35 +02:00
Xinchen Hui	ce6ad9bdd9	Merge branch 'PHP-7.0' into PHP-7.1 * PHP-7.0: (48 commits) Update NEWs Unused label Fixed bug #72853 (stream_set_blocking doesn't work) fix test Bug #72663 - part 3 Bug #72663 - part 2 Bug #72663 - part 1 Update NEWS BLock test with memory leak fix tests Fix TSRM build Fix bug #72850 - integer overflow in uuencode Fixed bug #72849 - integer overflow in urlencode Fix bug #72848 - integer overflow in quoted_printable_encode caused heap corruption Fix bug #72838 - Integer overflow lead to heap corruption in sql_regcase Fix bug #72837 - integer overflow in bzdecompress caused heap corruption Fix bug #72836 - integer overflow in base64_decode caused heap corruption Fix for bug #72807 - do not produce strings with negative length Fix for bug #72790 and bug #72799 Fix bug #72730 - imagegammacorrect allows arbitrary write access ... Conflicts: ext/standard/var_unserializer.c	2016-08-17 17:14:30 +08:00
Stanislav Malyshev	0d13325b66	Merge branch 'PHP-5.6' into PHP-7.0 * PHP-5.6: (24 commits) Update NEWS BLock test with memory leak fix tests Fix TSRM build Fix bug #72850 - integer overflow in uuencode Fixed bug #72849 - integer overflow in urlencode Fix bug #72848 - integer overflow in quoted_printable_encode caused heap corruption Fix bug #72838 - Integer overflow lead to heap corruption in sql_regcase Fix bug #72837 - integer overflow in bzdecompress caused heap corruption Fix bug #72836 - integer overflow in base64_decode caused heap corruption Fix for bug #72807 - do not produce strings with negative length Fix for bug #72790 and bug #72799 Fix bug #72730 - imagegammacorrect allows arbitrary write access Fix bug#72697 - select_colors write out-of-bounds Fixed bug #72627: Memory Leakage In exif_process_IFD_in_TIFF Fix bug #72750: wddx_deserialize null dereference Fix bug #72771: ftps:// opendir wrapper is vulnerable to protocol downgrade attack Improve fix for #72663 Fix bug #70436: Use After Free Vulnerability in unserialize() Fix bug #72749: wddx_deserialize allows illegal memory access ... Conflicts: Zend/zend_API.h ext/bz2/bz2.c ext/curl/interface.c ext/ereg/ereg.c ext/exif/exif.c ext/gd/gd.c ext/gd/tests/imagetruecolortopalette_error3.phpt ext/gd/tests/imagetruecolortopalette_error4.phpt ext/session/session.c ext/snmp/snmp.c ext/standard/base64.c ext/standard/ftp_fopen_wrapper.c ext/standard/quot_print.c ext/standard/url.c ext/standard/uuencode.c ext/standard/var.c ext/standard/var_unserializer.c ext/standard/var_unserializer.re ext/wddx/tests/bug72790.phpt ext/wddx/tests/bug72799.phpt ext/wddx/wddx.c sapi/cli/generate_mime_type_map.php	2016-08-17 00:43:33 -07:00
Stanislav Malyshev	4bf5c3187f	BLock test with memory leak	2016-08-16 22:55:44 -07:00
Stanislav Malyshev	639f7fde6a	Improve fix for #72663	2016-08-16 22:55:20 -07:00
Stanislav Malyshev	95d09e4b5e	Fix bug #70436 : Use After Free Vulnerability in unserialize()	2016-08-16 22:55:20 -07:00
Stanislav Malyshev	448c9be157	Fix bug #72663 - destroy broken object when unserializing	2016-08-16 22:54:42 -07:00
Christoph M. Becker	f0c77ee7f8	Merge branch 'PHP-7.0' into PHP-7.1	2016-08-13 12:06:11 +02:00
Christoph M. Becker	a93c62aafa	Merge branch 'PHP-5.6' into PHP-7.0	2016-08-13 11:47:20 +02:00
Christoph M. Becker	ae3b2078ea	Fix #72823 : strtr out-of-bound access If php_strtr_array_prepare_repls() reports pattern_len == 0, we return early to avoid OOB accesses, and because there is nothing to replace anyway.	2016-08-13 11:40:33 +02:00
Nikita Popov	e52c1f3ca9	Merge branch 'PHP-7.0' into PHP-7.1	2016-08-07 18:50:27 +02:00
Lauri Kenttä	e616bc8694	Fix bug #55451 Make substr_compare ignore the length if it's NULL. This allows to use the last parameter (case_insensitivity) with the default length.	2016-08-07 18:48:36 +02:00
Lauri Kenttä	3104759915	base64_decode: fix bug #72264 ('VV= =' shouldn't fail in strict mode)	2016-07-07 01:27:23 +02:00
Lauri Kenttä	c1ac081bf1	base64_decode: fix bug #72263 (skips char after padding)	2016-07-07 01:27:23 +02:00
Lauri Kenttä	b9c9be13cc	base64_decode: fix bug #72152 (fail on NUL bytes in strict mode) This added check is actually for NOT failing in NON-strict mode. The ch == -2 check later causes the desired failure in strict mode.	2016-07-07 01:27:23 +02:00
Nikita Popov	441d44c2eb	Merge branch 'PHP-7.0'	2016-07-05 16:57:32 +02:00
Lauri Kenttä	3380acbdd4	base64_decode: fix bug #72264 ('VV= =' shouldn't fail in strict mode)	2016-07-05 16:51:36 +02:00
Lauri Kenttä	6d17ee744f	base64_decode: fix bug #72263 (skips char after padding)	2016-07-05 16:51:36 +02:00
Lauri Kenttä	260c07db85	base64_decode: fix bug #72152 (fail on NUL bytes in strict mode) This added check is actually for NOT failing in NON-strict mode. The ch == -2 check later causes the desired failure in strict mode.	2016-07-05 16:51:36 +02:00
Anatol Belski	bdd127528e	Merge branch 'PHP-7.0' * PHP-7.0: fix two remaining tests	2016-06-21 17:25:12 +02:00
Anatol Belski	ed10168b30	fix two remaining tests	2016-06-21 17:24:08 +02:00
Stanislav Malyshev	3e0397c25c	Merge branch 'PHP-7.0' * PHP-7.0: iFixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow update NEWS fix tests fix build Fix bug #72455: Heap Overflow due to integer overflows Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize Fix bug #72407: NULL Pointer Dereference at _gdScaleVert Fix bug #72402: _php_mb_regex_ereg_replace_exec - double free Fix bug #72298 pass2_no_dither out-of-bounds access Fixed #72339 Integer Overflow in _gd2GetHeader() resulting in heap overflow Fix bug #72262 - do not overflow int Fix bug #72400 and #72403 - prevent signed int overflows for string lengths Fix bug #72275: don't allow smart_str to overflow int Fix bug #72340: Double Free Courruption in wddx_deserialize Fix bug #72321 - use efree() for emalloc allocation 5.6.23RC1 fix NEWS set versions	2016-06-21 00:27:01 -07:00
Stanislav Malyshev	2a65544f78	Merge branch 'PHP-5.6.23' into PHP-7.0.8 * PHP-5.6.23: (24 commits) iFixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow update NEWS fix tests fix build Fix bug #72455: Heap Overflow due to integer overflows Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize Fix bug #72407: NULL Pointer Dereference at _gdScaleVert Fix bug #72402: _php_mb_regex_ereg_replace_exec - double free Fix bug #72298 pass2_no_dither out-of-bounds access Fixed #72339 Integer Overflow in _gd2GetHeader() resulting in heap overflow Fix bug #72262 - do not overflow int Fix bug #72400 and #72403 - prevent signed int overflows for string lengths Fix bug #72275: don't allow smart_str to overflow int Fix bug #72340: Double Free Courruption in wddx_deserialize update NEWS Fix #66387: Stack overflow with imagefilltoborder Fix bug #72321 - use efree() for emalloc allocation 5.6.23RC1 Fix bug #72140 (segfault after calling ERR_free_strings()) ... Conflicts: configure.in ext/mbstring/php_mbregex.c ext/mcrypt/mcrypt.c ext/spl/spl_array.c ext/spl/spl_directory.c ext/standard/php_smart_str.h ext/standard/string.c ext/standard/url.c ext/wddx/wddx.c ext/zip/php_zip.c main/php_version.h	2016-06-21 00:24:32 -07:00
Stanislav Malyshev	7dde353ee7	Merge branch 'PHP-5.5' into PHP-5.6.23 * PHP-5.5: Fixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow update NEWS fix tests fix build Fix bug #72455: Heap Overflow due to integer overflows Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize Fix bug #72407: NULL Pointer Dereference at _gdScaleVert Fix bug #72402: _php_mb_regex_ereg_replace_exec - double free Fix bug #72298 pass2_no_dither out-of-bounds access Fixed #72339 Integer Overflow in _gd2GetHeader() resulting in heap overflow Fix bug #72262 - do not overflow int Fix bug #72400 and #72403 - prevent signed int overflows for string lengths Fix bug #72275: don't allow smart_str to overflow int Fix bug #72340: Double Free Courruption in wddx_deserialize update NEWS Fix #66387: Stack overflow with imagefilltoborder Skip test which is 64bits only 5.5.37 now Conflicts: configure.in ext/mcrypt/mcrypt.c ext/spl/spl_directory.c main/php_version.h	2016-06-21 00:01:48 -07:00
Stanislav Malyshev	f6aef68089	Fix bug #72434 : ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize	2016-06-20 21:35:22 -07:00
Stanislav Malyshev	3f627e580a	Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize	2016-06-20 21:26:33 -07:00
Dmitry Stogov	8eeedb6e48	Merge branch 'PHP-7.0' * PHP-7.0: Fixed bug #72100 (implode() inserts garbage into resulting string when joins very big integer). (Mikhail Galanin)	2016-04-26 13:06:16 +03:00

1 2 3 4 5 ...

846 Commits