clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-25 11:57:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
79,569 Commits 493 Branches 1,366 Tags 849 MiB
bdb0cee222
Commit Graph

79569 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Timm Friebe
bdb0cee222 Initial implementation 2014-04-19 14:01:16 +02:00
Anatol Belski
0cdc57b3cf Merge branch 'PHP-5.6' 
* PHP-5.6:
  updated libs versions
 2014-04-18 16:09:02 +02:00
Anatol Belski
1bca3ecacc updated libs versions 2014-04-18 16:08:42 +02:00
Anatol Belski
2bb7f3adfc Merge branch 'PHP-5.6' 
* PHP-5.6:
  added some notes about the win build system
 2014-04-18 16:05:11 +02:00
Anatol Belski
620d7207ef added some notes about the win build system 2014-04-18 16:04:15 +02:00
Anatol Belski
5745a513c7 Merge branch 'PHP-5.6' 
* PHP-5.6:
  UPGRADING note about bug #67072
  UPGRADING note about bug #67072
  UPGRADING note about bug #67072
 2014-04-18 15:55:12 +02:00
Anatol Belski
b93d040dc5 UPGRADING note about bug #67072 2014-04-18 15:54:49 +02:00
Anatol Belski
f09f7f22d8 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  UPGRADING note about bug #67072
  UPGRADING note about bug #67072
 2014-04-18 15:54:17 +02:00
Anatol Belski
3586d14b61 UPGRADING note about bug #67072 2014-04-18 15:50:15 +02:00
Anatol Belski
fae4f64865 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  UPGRADING note about bug #67072
 2014-04-18 15:44:18 +02:00
Anatol Belski
53c68811ba UPGRADING note about bug #67072 2014-04-18 15:43:05 +02:00
Anatol Belski
f5f1abdc29 Merge branch 'PHP-5.6' 
* PHP-5.6:
  refixed the test related to bug #67072
  Improved the fix for bug #67072, thanks Nikita
 2014-04-18 15:17:39 +02:00
Anatol Belski
cfd20c90a5 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  refixed the test related to bug #67072
  Improved the fix for bug #67072, thanks Nikita
 2014-04-18 15:17:12 +02:00
Anatol Belski
d963cf94a5 refixed the test related to bug #67072 2014-04-18 15:16:09 +02:00
Anatol Belski
7c400dc867 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Improved the fix for bug #67072, thanks Nikita
 2014-04-18 15:14:42 +02:00
Anatol Belski
c2acdbdd3d Improved the fix for bug #67072, thanks Nikita 2014-04-18 15:13:32 +02:00
Stanislav Malyshev
c2b20c467f Merge branch 'pull-request/646' 
* pull-request/646:
  Fixed test case for 5328d42
 2014-04-17 17:37:17 -07:00
Stanislav Malyshev
3405d799f8 Merge branch 'PHP-5.6' 
* PHP-5.6:
  Fixed test case for 5328d42
 2014-04-17 17:37:05 -07:00
Stanislav Malyshev
ce4c78dd07 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed test case for 5328d42
 2014-04-17 17:36:26 -07:00
Tjerk Meesters
5e988a888a Fixed test case for 5328d42 2014-04-17 17:36:03 -07:00
Tjerk Meesters
bb565de5cc Fixed test case for 5328d42 2014-04-18 08:29:32 +08:00
Bob Weinand
1bc0dbba7b Merge branch 'PHP-5.6' 2014-04-17 17:37:31 +02:00
Bob Weinand
c02003e6b8 Merge branch 'PHP-5.5' into PHP-5.6 2014-04-17 17:23:05 +02:00
Bob Weinand
0ec122b804 Merge branch 'PHP-5.4' into PHP-5.5 2014-04-17 17:21:21 +02:00
Levi Morrison
6e1e98d7b8 These links to ~helly don't work anymore. 2014-04-17 17:20:24 +02:00
Levi Morrison
0193895bb4 These links to ~helly don't work anymore. 2014-04-17 08:46:38 -06:00
Anatol Belski
a381cc3c40 Merge branch 'PHP-5.6' 
* PHP-5.6:
  updated NEWS
  updated NEWS
  Fixed bug #67072 Echoing unserialized "SplFileObject" crash
 2014-04-17 11:08:45 +02:00
Anatol Belski
00bef4b1c7 updated NEWS 2014-04-17 11:08:27 +02:00
Anatol Belski
f9a1eab435 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  updated NEWS
  Fixed bug #67072 Echoing unserialized "SplFileObject" crash
 2014-04-17 11:07:22 +02:00
Anatol Belski
de6f297e7c updated NEWS 2014-04-17 11:06:55 +02:00
Anatol Belski
dc407c2402 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed bug #67072 Echoing unserialized "SplFileObject" crash

Conflicts:
	ext/standard/var_unserializer.c
 2014-04-17 11:05:21 +02:00
Anatol Belski
5328d42899 Fixed bug #67072 Echoing unserialized "SplFileObject" crash 
The actual issue lays in the unserializer code which doesn't honor
the unserialize callback. By contrast, the serialize callback is
respected. This leads to the situation that even if a class has
disabled the serialization explicitly, user could still construct
a vulnerable string which would result bad things when trying
to unserialize.

This conserns also the classes implementing Serializable as well
as some core classes disabling serialize/unserialize callbacks
explicitly (PDO, SimpleXML, SplFileInfo and co). As of now, the
flow is first to call the unserialize callback (if available),
then call __wakeup. If the unserialize callback returns with no
success, no object is instantiated. This makes the scheme used
by internal classes effective, to disable unserialize just assign
zend_class_unserialize_deny as callback.
 2014-04-17 10:48:14 +02:00
Anatol Belski
7d9e161fa7 Merge branch 'PHP-5.6' 
* PHP-5.6:
  updated UPGRADING
  updated UPGRADING
 2014-04-16 20:49:35 +02:00
Anatol Belski
542a7aceb1 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  updated UPGRADING
 2014-04-16 20:49:21 +02:00
Anatol Belski
05dac1d0a5 updated UPGRADING 2014-04-16 20:48:31 +02:00
Anatol Belski
ba03830241 updated UPGRADING 2014-04-16 20:47:17 +02:00
Anatol Belski
3456b73656 Merge branch 'PHP-5.6' 
* PHP-5.6:
  correct the bug #67081 fix
 2014-04-16 15:08:46 +02:00
Anatol Belski
9d39177943 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  correct the bug #67081 fix
 2014-04-16 15:08:34 +02:00
Anatol Belski
947b20bc67 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  correct the bug #67081 fix
 2014-04-16 15:08:08 +02:00
Anatol Belski
7a5f1663c6 correct the bug #67081 fix 2014-04-16 15:06:57 +02:00
Anatol Belski
8a985edfb2 Merge branch 'PHP-5.6' 
* PHP-5.6:
  updated NEWS
  updated NEWS
  Fixed bug #67081 DOMDocumentType->internalSubset returns entire DOCTYPE tag, not only the subset
 2014-04-16 14:16:56 +02:00
Anatol Belski
e74a03fa43 updated NEWS 2014-04-16 14:16:36 +02:00
Anatol Belski
801d312507 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  updated NEWS
  Fixed bug #67081 DOMDocumentType->internalSubset returns entire DOCTYPE tag, not only the subset
 2014-04-16 14:15:52 +02:00
Anatol Belski
228a3537d3 updated NEWS 2014-04-16 14:15:26 +02:00
Anatol Belski
444690eca8 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed bug #67081 DOMDocumentType->internalSubset returns entire DOCTYPE tag, not only the subset
 2014-04-16 14:14:52 +02:00
Anatol Belski
5224614f23 Fixed bug #67081 DOMDocumentType->internalSubset returns entire DOCTYPE tag, not only the subset 2014-04-16 14:13:45 +02:00
Anatol Belski
0ffdcfe756 Merge branch 'PHP-5.6' 
* PHP-5.6:
  updated NEWS
  Fixed bug #67079 Missing MIME types for XML/XSL files
 2014-04-16 09:50:24 +02:00
Anatol Belski
d0e10dbde0 updated NEWS 2014-04-16 09:49:48 +02:00
Anatol Belski
b4c238c8cf Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed bug #67079 Missing MIME types for XML/XSL files
 2014-04-16 09:48:31 +02:00
Anatol Belski
9eb726b3ab Fixed bug #67079 Missing MIME types for XML/XSL files 2014-04-16 09:47:49 +02:00