This will cause an error in the case where invalid salts are provided for other algorithms. Currently, these invalid salts will silently fall back to STD_DES which is extremely weak. By detecting invalid DES salts, we can alert the user that there is a bug in their code.
The error is currently E_DEPRECATED as this has potential to break currently working (yet insecure) code. In the future it should be changed to an E_WARNING and return *0
zval_add_ref should be used as a copy ctor, after the value was
already copied.
In particular when used with hash insertions, it should be applied
to the return value of the insert function.
* origin/master:
fix unserializer patch
move this entry to the correct version
add missing NEWS entry
add missing NEWS entry
Updated or skipped certain 32-bit tests
add NEWS entry for #68594
5.4.37
add more BC breaks
update news
add CVE
add missing test file
Fix bug #68594 - Use after free vulnerability in unserialize()
Fix typo
Hash value must not zero?
That's the same as in the previous commit. In the TS mode the tsrm
cache pointer might be unavailable or point to a wrong thread, so
the exact globals passed should be freed.
* origin/master:
Revert "Removed useless local variable"
Fix the fix for bug #55415
add BC breaks from PHPNG RFC
add include for definition of php_url_encode
* origin/master:
made the apache ini holders to be zend_bool
Removed useless local variable
Use simpler functions
Fixed test
small fixes to UPGRADING
Reorder to save alignment size (of course, only for common used structs)
* origin/master:
Revert HTTP status codes merger
fixed tests, bugs in status codes merger
Fixed bug #55415 (php_info produces invalid anchor names)
NEWS
Implement feature request #55467 (phpinfo: PHP Variables with $ and single quotes)
NEWS
Change back to use is_int() as function instead of is_integer(), as per Jan Tvrdík's request @github
NEWS
Change is_long() to be an alias of is_integer()
Fix indentation
Share HTTP status codes map
@@ See internals: news.php.net/php.internals/79639
@@ Manual will be updated so that is_int() will be an alias of is_integer()
@@ I picked integer over int for consitentcy as we do not use str instead of string either
* origin/master:
Fix bug #67106 split main fpm config
split fpm config to two parts. PR#903
fix typo
Fix undefined behaviour in strnatcmp
Fix undefined behaviour in strnatcmp
Fixed memory leak introduced by 73458e8f
update NEWS
move the test to the right place
Fixed bug #68545 NULL pointer dereference in unserialize.c
* PHP-5.5:
Fix undefined behaviour in strnatcmp
update NEWS
move the test to the right place
Fixed bug #68545 NULL pointer dereference in unserialize.c
* PHP-5.4:
Fix undefined behaviour in strnatcmp
update NEWS
move the test to the right place
Fixed bug #68545 NULL pointer dereference in unserialize.c
Conflicts:
NEWS
* origin/master: (37 commits)
NEWS
NEWS
Fix bug #68601 buffer read overflow in gd_gif_in.c
Fixed compilation warnings
Removed unnecessary checks
pcntl_signal_dispatch: Speed up by preventing system calls when unnecessary
Merged PR #911.
Removed ZEND_ACC_FINAL_CLASS which is unnecessary. This also fixed some currently defined classes as final which were just not being considered as such before.
Updated NEWS
Updated NEWS
Updated NEWS
Fix bug #68532: convert.base64-encode omits padding bytes
Updated NEWS
Updated NEWS
Updated NEWS
Fixed Bug #65576 (Constructor from trait conflicts with inherited constructor)
Updated NEWS
Updated NEWS
Fix MySQLi tests
Fixed gd test
...
* zppFailOnOverflow:
Fix MySQLi tests
Fixed gd test
Refactor ZEND_LONG_MAX/MIN checks into ZEND_DOUBLE_FITS_LONG()
Fixed copy-and-paste error
Fix more 32-bit tests
Skip buncha tests on 32-bit
skip simplexml
skip posix 32-bit
skip tests on 32-bit
Fixes simplexml test
Fixes posix tests
Fixes iconv tests
Marked tests as 32-bit
Fixed more 32-bit tests
Fixed some 32-bit tests
Mark said ext/date tests as 32-bit only
Fixed ext/date tests broken by zpp error on overflow
Fixed broken tests
Make zpp fail if NaN passed for int, or out-of-range float for non-capping int
Conflicts:
ext/date/tests/getdate_variation7.phpt
ext/date/tests/localtime_variation3.phpt
* origin/master:
updated NEWS
PowerPC64 support for add and sub with overflow check
PowerPC64 support for operators with overflow check
Fixed bug #68583 Crash in timeout thread
Reduced size of zend_op on 64-bit systems.
Make ZEND_INIT_FCALL keep predcalculted size of necessary stack space in opline->op1.num to avoid its recalculation on each execution.
Removed unused variables
Improved array_merge() and array_replace() (1-st array may be added using simple procedure).
Replaced zendi_convert_to_long() with _zval_get_long_func()
Moved zend_is_true() from zend_execute.h/zend_execute_API.c into zend_operators.h/zend_operators.c. Splited the most expensive part of inline i_zend_is_true() into a separate zend_object_is_true(). Replaced zendi_convert_to_long() with cals to zend_is_true().
Revert "Save one xor instr"
Save one xor instr
Conflicts:
Zend/zend_execute_API.c
* master: (23 commits)
move the test to the right place
fix TS build and C89 compat
updated NEWS
Fixed bug #68545 NULL pointer dereference in unserialize.c
Updated NEWS
Updated NEWS
Updated NEWS
NEWS
Fix bug #68526 Implement POSIX Access Control List for UDS
Improved basic zval copying primitives: ZVAL_COPY_VALUE(), ZVAL_COPY(), ZVAL_DUP()
Wrap RETURN_VALUE_USED() with EXPECTED() or UNEXPECTED() macros according to more frequent usage patterns.
Improved ASSIGN_<OP>, ASSIGN_DIM and UNSET_DIM
drop dead/unused code
simplified code
Move ZVAL_DEREF() and make_real_object() into slow paths.
Pass znode_op structure by value (it fits into one word) instead of pointer to structure.
Move checks for references into slow paths.
Improved ASSIGN_DIM and ASSIGN_OBJ
Fixed typo
Move checks for references into slow paths of handlers or helpers. Remove duplicate opcode handlers.
...
* origin/master: (111 commits)
Fix zend_fcall_info_arg*() to use ZVAL_COPY
Fixed#65213 - cannot cast SplFileInfo to boolean
add initial install
switch to C travis project instead of PHP
use the generic TRAVIS environment var to check for travis (see http://docs.travis-ci.com/user/ci-environment/)
fix TS build
add config option to target codegen architectures
updated NEWS
updated NEWS
Fixed bug #55541 errors spawn MessageBox, which blocks test automation
Get rid of duplicate handlers (ZEND_ADD_SPEC_TMP_TMP and ZEND_ADD_SPEC_VAR_VAR are absolutely the same).
Use zend_string* for op_array->arg_info[]->name and op_array->arg_info[]->class_name. For internal functions we still use char*.
Fixed __debugInfo() support
Update UPGRADING for the new variadic functions, and re-sort.
Improved POST INC/DEC
make sure that we don't truncate the stack trace and cause false test failures when the test is executed in a directory with long path
Missed closed folder mark
Revert "Unecessary assignment"
Fixed improper memory release
Unecessary assignment
...
* PHP-5.6:
update news
update news
update NEWS
Apply error-code-salt fix to Windows too
Bug fixes in light of failing bcrypt tests
Add tests from 1.3. Add missing tests.
Upgrade crypt_blowfish to version 1.3
Apply error-code-salt fix to Windows too
Bug fixes in light of failing bcrypt tests
Add tests from 1.3. Add missing tests.
Upgrade crypt_blowfish to version 1.3
Conflicts:
ext/standard/crypt.c
* PHP-5.5:
update news
update news
update NEWS
Apply error-code-salt fix to Windows too
Bug fixes in light of failing bcrypt tests
Add tests from 1.3. Add missing tests.
Upgrade crypt_blowfish to version 1.3
Apply error-code-salt fix to Windows too
Bug fixes in light of failing bcrypt tests
Add tests from 1.3. Add missing tests.
Upgrade crypt_blowfish to version 1.3
* pull-request/868:
Apply error-code-salt fix to Windows too
Bug fixes in light of failing bcrypt tests
Add tests from 1.3. Add missing tests.
Upgrade crypt_blowfish to version 1.3
This is done by reverting some parts to the state of pre 7, whereby
that means all the size_t potential isn't exhausted. This might be
a subject of the subsequent fix, the functionality can be ensured
with the supplied test.
* origin/master: (102 commits)
fix dir separator in test
fix TS build
fix TS build
Better fix for bug #68446
Revert "Merge remote-tracking branch 'origin/PHP-5.6'"
Revert NEWS and set test to XFAIL
Revert "Fix bug #68446 (bug with constant defaults and type hints)"
Improved zend_hash_clean() and added new optimized zend_symtable_clean()
Use inline version of zval_ptr_dtor()
Added new optimized zend_array_destroy() function
Moved i_zval_ptr_dtor() from zend_execute.h to zend_variables.h
fix REGISTER_NS_*_CONSTANT macros
Removed useless assert. EG(uninitialized_zval) can't be refcounted.
Use specialized destructors when types of zvals are known.
move tests into proper place
Improved assignment to object property
Reuse zend_assign_to_variable() in zend_std_write_property()
cleanup comments from svn/cvs era
fix dir separator in test
fork test for windows
...
* PHP-5.6:
test to function addcslashes
test
Test PHP Init Fail Without Params
Add my information to this test
Add a test for the exception cases of readline_read_history
added some tests to datetime and dateinterval functions
added various tests for XSLTProcessor and one test for iconv extension
teste basico da funcao timezone_version_get
NTS mode should additionally use _putenv to satisfy libs like gettext
relying on _getenv. As _putenv isn't thread safe, it wouldn't bring
much for the TS mode as it would change locale across all the threads
and require locking to avoid random fails with concurrent _getenv
calls.
* origin/master: (36 commits)
NEWS
adapt test for error message introduce in fix for #68463
Fix bug #68463 listen.allowed_clients can silently result in no allowed access
run a few request in this test
fix test
fix test
added info about some other macro changes
added note about toolset and phpize
added note about the response files
split msgfmt_format_intlcalendar_variant*.phpt for ICU 54.1
split formatter_format*.phpt for ICP 54.1
split dateformat_timezone_arg_variations*.phpt for ICU 54.1
split dateformat_get_set_timezone_variant*.phpt for ICU 54.1
fix icu version to test
split ext/intl/tests/dateformat_get_set_calendar_variant*.phpt for 54.1
split dateformat_formatObject_datetime_variant*.phpt for ICU 54.1
split dateformat_formatObject_calendar_variant*.phpt for ICU 54.1
split dateformat_create_cal_arg_variant2.phpt for ICU 53.1 and 54.1
clone dateformat_calendars_variant3.phpt for ICU 54.1
split collator_get_sort_key_variant3.phpt for icu 54.1
...
* origin/master: (398 commits)
NEWS
add test for bug #68381
Fixed bug #68381 Set FPM log level earlier during init
proper dllexport
move to size_t where zend_string is used internally
fix some datatype mismatches
return after the warning, to fix uninitialized salt usage
fix datatype mismatches
add missing type specifier
fix datatype mismatches
fix unsigned check
"extern" shouldn't be used for definitions
joined identical conditional blocks
simplify fpm tests
SEND_VAR_NO_REF optimization
Add test for bug #68442
Add various tests for FPM - covering recent bugs (68420, 68421, 68423, 68428) - for UDS - for ping and status URI - for multi pool and multi mode
Include small MIT FastCGI client library from https://github.com/adoy/PHP-FastCGI-Client
Get rid of zend_free_op structure (use zval* instead). Get rid of useless TSRMLS arguments.
Add new FPM test for IPv4/IPv6
...
Conflicts:
win32/build/config.w32
* PHP-5.6:
fix output globals importing
export output globals
use portable strndup implementation
unix sockets aren't available on windows
dll export APIs needed by phpdbg
fix sapi/phpdbg/config.w32
Don't treat warnings as failures in the junit output
* origin/master: (214 commits)
fix datatype mismatch warnings
fix datatype mismatches
fix datatype mismatches
fix datatype mismatches
fix datatype mismatch warnings
fix datatype mismatch warnings
fix datatype mismatch warnings
fix datatype mismatch warning
fix datatype mismatches
fix datatype mismatch warnings
Re-add phpdbg to travis
Added some NEWS
Make xml valid (missing space between attrs)
Fix info classes file name in xml
Add note about <eval> tag for errors in xml.md
Name the tag <eval> if the error id during ev cmd
Do not print out xml as PHP print...
Fix output to wrong function
Fixed parameter order on %.*s
Too much copypaste...
...