Andrey Hristov
ad4b429633
Fixed few buffer overflows reported by Stefan Esser.
2010-04-28 15:35:52 +00:00
Pierre Joye
0688e6ef01
- - Fixed #51128 , imagefill() doesn't work with large images
2010-04-28 14:35:42 +00:00
Pierre Joye
17f5a9d2a2
- fix possible Dechunking Filter Buffer Overflow
2010-04-28 14:10:01 +00:00
Andrey Hristov
1838fcc7b0
const-ify fields
2010-04-28 12:29:13 +00:00
Ilia Alshanetsky
5031bfc395
Fixed a possible arbitrary memory access inside sqlite extension. Reported by Mateusz Kocielski.
2010-04-28 12:10:10 +00:00
Pierre Joye
07446082c8
- Fix #51671 , imagefill does not work correctly for small images
2010-04-28 08:23:44 +00:00
Pierre Joye
eaab2fbc4b
- WS
2010-04-28 08:04:52 +00:00
Ilia Alshanetsky
7174b6ec78
Fixed string format validation inside phar extension. Reported by Stefan Esser
2010-04-27 17:13:24 +00:00
Andrey Hristov
3d900d4cad
Fixed very rare memory leak in mysqlnd, when binding thousands of columns
2010-04-27 12:32:34 +00:00
Andrey Hristov
eba793fa1f
Of course, 64*4 is 256, not 1024
2010-04-27 11:02:51 +00:00
Andrey Hristov
be5920b3e9
Move the macro to mysqlnd_enum_n_def.h, because it can be reused
...
in other places. Also, premultiply the values by 4 and add some
reserve for future releases of the server.
2010-04-27 10:53:27 +00:00
Etienne Kneuss
a5d361e3ea
Fixed #48361 (SplFileInfo::getPathName() should return the parent
2010-04-27 08:56:01 +00:00
Andrey Hristov
8525f7bb02
Test case for the buffer overflow in mysqlnd_change_user
2010-04-27 08:45:23 +00:00
Andrey Hristov
5bb74e6562
Fixed buffer overflow in mysqlnd_change_user
2010-04-27 08:26:24 +00:00
Hannes Magnusson
3283b811eb
- Unifiy that message
...
- Mention php.ini
2010-04-27 08:23:25 +00:00
Hannes Magnusson
257a192095
Fix test
2010-04-27 08:17:17 +00:00
Andrey Hristov
c92c788c85
Fixed possible buffer overflow in mysqlnd_conn__list_fields.
2010-04-27 08:02:08 +00:00
Etienne Kneuss
c200eeeb61
Fix #51374 (Wrongly initialized object properties)
2010-04-27 05:58:39 +00:00
Pierrick Charron
8f128b2b13
Fixed bug #51670 getColumnMeta causes segfault when re-executing query after calling nextRowset
2010-04-27 05:56:56 +00:00
Etienne Kneuss
9f16874a53
Fix #49723 (Skip seek when unnecessary)
2010-04-27 04:57:48 +00:00
Kalle Sommer Nielsen
cb30330800
Merge safe_mode changes into extensions that are in sync in both branches
2010-04-26 23:55:03 +00:00
Ilia Alshanetsky
64f372fae2
Fixed handling of session variable serialization on certain prefix characters. Reported by Stefan Esser
2010-04-26 18:35:54 +00:00
Pierre Joye
0f88851e92
- Fix #51582 , Don't assume UINT64_C it's ever available
2010-04-26 10:34:53 +00:00
Felipe Pena
72ede78ebb
- BFN #51624
2010-04-25 23:25:15 +00:00
Hannes Magnusson
267b5cea14
mention which setting!
2010-04-25 18:55:06 +00:00
Etienne Kneuss
eb88d58e6c
Fix #51532 (Invalid prototype for SplFileInfo::fscanf)
2010-04-25 05:18:42 +00:00
Felipe Pena
1c0ed3433e
- Fixed memory leak
2010-04-24 16:59:09 +00:00
Christopher Jones
eb0a3ff1af
Initialize vars to prevent valgrind warnings in some cases
2010-04-24 00:44:56 +00:00
Andrey Hristov
af6dd192b3
Fix for bug #51647 Certificate file without private key (pk in another file) doesn't work
2010-04-23 13:54:40 +00:00
Felipe Pena
a5142d18cb
- Fixed compiler warnings
2010-04-23 13:32:03 +00:00
Felipe Pena
e86710ce11
- Fixed bug #51435 (Missing ifdefs / logic bug in crypt code cause compile errors)
2010-04-22 20:54:35 +00:00
Andrey Hristov
4842f96e2d
Change the way the allocator is called - through an abstraction
...
to give the possibility of pluggability. Thanks to the macros
already used the changes are not pervasive.
2010-04-22 16:28:50 +00:00
Andrey Hristov
5431f235db
Fix problem spotted by Felipe.
2010-04-22 16:22:56 +00:00
Antony Dovgal
c996aea40d
revert most of the Andrey's patch that causes segfaults
...
(as agreed with Pierre)
2010-04-22 15:59:44 +00:00
Andrey Hristov
f71444c756
adding what last commit was missing
2010-04-22 15:14:45 +00:00
Andrey Hristov
34e56fea0b
Remove dead code and add possibility to fine tune the size of
...
a mempool (used for result sets).
2010-04-22 15:07:40 +00:00
Andrey Hristov
2556733787
Add the posibility to switch off the compilation of statistics
...
collection, for those who want to optimize the last percent of their
binaries.
2010-04-22 13:03:44 +00:00
Antony Dovgal
a1f753c8e3
initialize variable. this code still segfaults in OpenSSL, no idea why
2010-04-22 11:56:08 +00:00
Pierre Joye
edc961cc66
- Bug #51629 , CURLOPT_FOLLOWLOCATION error message is misleading
2010-04-22 11:49:10 +00:00
Pierre Joye
0fecc8c6a0
- Bug #51629 , CURLOPT_FOLLOWLOCATION error message is misleading
2010-04-22 08:58:07 +00:00
Adam Harvey
592daf8453
Fix for bug #51604 (newline in end of header is shown in start of message).
...
Patch by Daniel Egeberg.
2010-04-22 02:22:49 +00:00
Felipe Pena
ab81ddd1de
- Changed order to FR
2010-04-21 22:30:06 +00:00
Felipe Pena
ee185c604a
- Fixed bug #51627 (script path not correctly evaluated)
...
Patch by: russell dot tempero at rightnow dot com
2010-04-21 22:22:31 +00:00
Felipe Pena
5a7786c63f
- Fixed bug #51562 (query timeout in mssql can not be changed per query)
...
Patch by: ejsmont dot artur at gmail dot com
2010-04-21 14:19:27 +00:00
Felipe Pena
45b68febe9
- Fix mem. leak
2010-04-21 12:52:24 +00:00
Andrey Hristov
691522780f
Hardening the reads of mysqlnd.
...
All packets but the row data packet are read into preallocated buffer,
either on the stack or on the heap (cmd_buffer). The size of the buffer
is always checked to skip buffer overruns. Only up to the size of the
buffer is stored into the buffer but packet->header.size has the size of
all data sent. In this case network layer bails.
This patch hardenes the reads, so if packets are malformed and shorter
than they should be there will be no further reads in the buffer.
In short, detection of malformed packets.
2010-04-20 20:02:32 +00:00
Andrey Hristov
efa0077e08
put the trigger in the right place
2010-04-20 19:09:56 +00:00
Andrey Hristov
804b950562
It is possible that change user tries an user who has old password.
...
Instead of error message that doesn't say much there is more information now.
2010-04-20 18:04:24 +00:00
Felipe Pena
0cbfc91628
- Improve test
2010-04-20 16:45:46 +00:00
Felipe Pena
df43d76e62
- Fixed bug #51615 (PHP crash with wrong HTML in SimpleXML)
2010-04-20 16:24:21 +00:00