clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-24 11:27:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
35,689 Commits 491 Branches 1,363 Tags 847 MiB
bc1f7356d7
Commit Graph

18966 Commits

Author SHA1 Message Date
Ilia Alshanetsky
bc1f7356d7 Fixed CRLF injection inside ftp_putcmd(). 
# Reported on BugTraq by loveshell[at]Bug.Center.Team
 2007-03-24 16:25:42 +00:00
Nuno Lopes
88f48476f9 regenerate to fix gcov build. plus use re2c bitvectors 2007-03-23 20:28:40 +00:00
Stanislav Malyshev
0af75d6b1a fix MOPB-29 - unserialize modifier S does not calculate length correctly 
# reported by Stefan Esser
 2007-03-23 20:15:22 +00:00
Wez Furlong
cbb0db124b export the module guy in the external dll version of the build 2007-03-23 14:30:00 +00:00
Ilia Alshanetsky
57a88f71d5 Added -- test case 2007-03-22 23:34:14 +00:00
Douglas Goldstein
4b39efa0ee Replaced all instances of ldap_get_values() with ldap_get_values_len(), which returns back the length of the data so on non-NULL terminated data we don't crash in a strlen(). Removed the PHP function ldap_get_values() since it's the same thing as ldap_get_values_len() now and made it alias ldap_get_values_len(). This should fix some random PHP<->LDAP crashes 2007-03-22 21:50:34 +00:00
Wez Furlong
76329a99f0 Add php_pdo_sqlite_external.dll to windows build. 
This allows the user to provide their own version of sqlite3.dll.
The php_pdo_sqlite.dll is still there, and will continue to be there.
It is built from the bundled sources.
[[DOC]]
 (this should cc: phpdoc, if it's wrong, please let the docs folks know :-)
 2007-03-22 01:00:23 +00:00
Derick Rethans
b7a791827c - Revert this patch, as the code was incorrect. 
- It was also not committed to HEAD.
 2007-03-21 09:40:33 +00:00
Ilia Alshanetsky
5abffb51b6 Fixed bug #40861 (Multiple +/- on relative units breaks strtotime()). 2007-03-21 00:25:55 +00:00
Marcus Boerger
4c1c431a38 - MFH Fix Bug #40872 (inconsistency in offsetSet, offsetExists treatment 
of string enclosed integers)
 2007-03-20 20:28:08 +00:00
Marcus Boerger
6081c2284e - MFH Optional dependency for SPL must be specified in header 2007-03-20 20:00:27 +00:00
Dmitry Stogov
3ee54ce924 Added ability to encode arrays with "SOAP-ENC:Array" type instead of WSDL type. To activate the ability use "feature"=>SOAP_USE_XSI_ARRAY_TYPE option in SoapClient/SoapServer constructors. 2007-03-20 09:52:14 +00:00
Dmitry Stogov
ef06bfa3ec Fixed bug #36226 (Inconsistent handling when passing nillable arrays) 2007-03-20 07:51:32 +00:00
Ilia Alshanetsky
13aac95bfc Fixed bug #40854 (imap_mail_compose() creates an invalid terminator for 
multipart e-mails).
 2007-03-19 22:56:57 +00:00
Antony Dovgal
ddc07c90b6 new test 2007-03-19 08:11:14 +00:00
Rob Richards
b172d3f8cd MFH: fix bug #40836 (Segfault in ext/dom) 
add test
 2007-03-18 21:31:05 +00:00
Wez Furlong
16fc958508 fixes #40848 2007-03-18 20:20:23 +00:00
Ilia Alshanetsky
89939e13d6 Fixed MOPB-26-2007 mb_parse_str() can be used to activate register_globals 
# Discovered by Stefan Esser
 2007-03-18 16:36:13 +00:00
Antony Dovgal
8e67ec8225 MFH: fix #40794 (ReflectionObject::getValues() may crash when used with dynamic properties) 2007-03-17 23:00:49 +00:00
Stanislav Malyshev
7b7dcc89f3 fix spprintf usage 2007-03-16 21:59:23 +00:00
Stanislav Malyshev
a424d65e0b add test 2007-03-16 19:55:21 +00:00
Stanislav Malyshev
90eff54400 Fix UMR in array_user_key_compare() (MOPB24 by Stefan Esser) 2007-03-16 19:38:58 +00:00
Sebastian Bergmann
d3cb98caf0 Fugbix typo. 2007-03-16 06:41:24 +00:00
Antony Dovgal
6a45f716ae fix #40805 (Failure executing function ibase_execute()) 2007-03-15 22:33:04 +00:00
Antony Dovgal
f6536ed2b2 MFH: remove unnecessary warning in case of exception 2007-03-14 23:47:44 +00:00
Ilia Alshanetsky
7aab16c333 Fixed MOPB-22-2007:PHP session_regenerate_id() Double Free Vulnerability 
# Discovered by Stefan Esser
 2007-03-14 19:37:07 +00:00
Antony Dovgal
f9d54cbb75 MFH: fix #40750 (openssl stream wrapper ignores default_stream_timeout) 2007-03-14 19:22:14 +00:00
Ilia Alshanetsky
5ed63dd8a9 Fixed a possible memory leak on open_basedir validation 2007-03-14 15:02:20 +00:00
Pierre Joye
fc3a62ed48 - MFH: openbasedir and safemode check in ::open() 2007-03-14 12:06:20 +00:00
Timm Friebe
b9bc7c55d4 - Changed message handler also to handle message #11021 
- Adjusted expected output
# Seems newer Sybase versions yielf different error codes for getdate(NULL)
 2007-03-14 11:57:45 +00:00
Timm Friebe
ca75503c8f - Fixed segmentation fault in sybase_connect() 
# This was introduced by changing sprintf -> spprintf and resulted
# from passing a char* to spprintf() instead of a char**
 2007-03-14 11:48:49 +00:00
Timm Friebe
142357d445 - Changed expected output 
# select getdate() returns something like "Mar 14 2007 12:44PM", we
# were checking for one additional (nonexistant) whitespace after "Mar"
# which was wrong. Don`t know when and how this changed
 2007-03-14 11:46:06 +00:00
Timm Friebe
d8ed658b78 - Changed expected output 
# Due to var_export() & __set_state() changes
 2007-03-14 11:44:24 +00:00
Pierre Joye
b40b5b5305 - MFH: Fixed possible relative path issues in zip_open in TS mode (old API) 2007-03-14 11:32:25 +00:00
Pierre Joye
1c0b8e6f15 - rename SAFEMODE_CHECKFILE to OPENBASEDIR_CHECKPATH (can be used without 
confusing in head without confusion)
- Add safemode and open basedir checks in zip:// wrapper (revert Ilia's
  patch). Bug found by Stefan Esser in his MOPB-20-2007
 2007-03-14 11:08:57 +00:00
Pierre Joye
4f5303ab92 - add more cases for getComment 2007-03-14 11:02:29 +00:00
Martin Kraemer
9c62ddde34 Typo 2007-03-14 09:58:14 +00:00
Ilia Alshanetsky
6d70aa1f4e Added missing open_basedir & safe_mode checks to zip:// and bzip:// 
wrappers.

Issues idendtified by MOPB-20 and MOPB-21
 2007-03-14 03:50:18 +00:00
Stanislav Malyshev
c3e4a2854a fix odbc resource handling, patch by Dave Lawson 2007-03-13 00:04:38 +00:00
Antony Dovgal
81f99c721b return false instead of empty string when -length is greater than (len - offset) 2007-03-12 23:42:26 +00:00
Ilia Alshanetsky
c829314963 malloc() -> pemalloc() 2007-03-12 23:21:41 +00:00
Antony Dovgal
165f44c9c3 MFH 2007-03-12 20:55:15 +00:00
Antony Dovgal
5088614ea1 synchronize iconv_substr() behavior with substr() 
no MFB so far, since substr() changes are not MFBed either
 2007-03-12 19:34:26 +00:00
Ilia Alshanetsky
f96245f8b4 malloc() -> pemalloc() 2007-03-11 18:42:19 +00:00
Antony Dovgal
80616688db MFH 2007-03-11 12:56:44 +00:00
Antony Dovgal
e8ede1ec08 fix tests 2007-03-11 12:54:54 +00:00
Ilia Alshanetsky
e82c30c845 Re-added check removed by the previous patch 2007-03-10 20:07:50 +00:00
Ilia Alshanetsky
1453879587 Added additional checks for long input arrays inside 
import_request_variables().

# Missing checks identified by Stefan Esser
 2007-03-10 19:20:16 +00:00
Pierre Joye
cb11ba761e - MFH: CVE-2007-1001, integer overflow with invalid wbmp images 2007-03-10 12:18:36 +00:00
Pierre Joye
547e4760e0 - #40764, line thickness not respected for horizontal and vertical lines 
- add test
 - NEWS entry
 2007-03-10 01:13:19 +00:00