clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-22 18:37:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
102,515 Commits 491 Branches 1,363 Tags 839 MiB
c0e9c21e98
Commit Graph

506 Commits

Author SHA1 Message Date
Nikita Popov
06a0340162 Deprecate each() 2017-02-03 21:02:52 +01:00
Sammy Kaye Powers
9e29f841ce Update copyright headers to 2017 2017-01-02 09:30:12 -06:00
Anatol Belski
bfb9be9bd4 Merge branch 'PHP-7.1' 
* PHP-7.1:
  remove TSRMLS_*
 2016-11-22 00:33:29 +01:00
Anatol Belski
d61db8d602 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  remove TSRMLS_*
 2016-11-22 00:32:42 +01:00
Anatol Belski
5e9b4c26a5 remove TSRMLS_* 2016-11-21 23:53:37 +01:00
Joe Watkins
54fbc27270 Merge branch 'master' of git.php.net:/php-src 2016-11-13 05:40:49 +00:00
Joe Watkins
f77be645bc news entry for #1787 2016-11-13 05:37:49 +00:00
Nikita Popov
547ad56b31 Fix build 2016-11-12 22:17:21 +01:00
Edgar R. Sandi
81e9a0d075 fixed bug generated by fixes bug #73135 2016-11-12 17:49:25 +00:00
Joe Watkins
147f1f2e3b fix news 2016-11-12 17:46:40 +00:00
Edgar R. Sandi
72be8de39f fixed bug generated by fixes bug #73135 2016-11-12 17:43:16 +00:00
Edgar R. Sandi
1631c61feb phpt file to bug #73135 2016-11-12 17:43:16 +00:00
Edgar R. Sandi
319822b050 fixes bug #73135 2016-11-12 17:43:16 +00:00
Andrea Faulds
1a512eed44 Move utf8_encode and utf8_decode to ext/standard 2016-10-17 15:39:02 +01:00
Christoph M. Becker
9988863d37 Merge branch 'PHP-7.0' into PHP-7.1 2016-08-20 12:50:48 +02:00
Christoph M. Becker
39172d44d8 Merge branch 'PHP-5.6' into PHP-7.0 2016-08-20 12:46:08 +02:00
Christoph M. Becker
52793c14d9 Improvements to fix #72714, suggested by nikic 2016-08-20 12:44:20 +02:00
Christoph M. Becker
76c796fb27 Merge branch 'PHP-7.0' into PHP-7.1 2016-08-20 02:28:18 +02:00
Christoph M. Becker
db1ef5cb00 Merge branch 'PHP-5.6' into PHP-7.0 2016-08-20 02:14:49 +02:00
Christoph M. Becker
9164dc11e2 Fix #72714: _xml_startElementHandler() segmentation fault 
The issue is caused by an integer overflow when the `long` passed as
XML_OPTION_SKIP_TAGSTART is assigned to `xml_parser::toffset` which is
declared as `int`. We can simply work around this issue, by clipping
resulting negative values to 0 (and raising a notice in this case), because
the reasonable range for this value is certainly catered to by positive
`int`s.

However, there still remains the issue that `xml_parser::toffset` is later
added to `char *`s, which can cause OOB reads, so we make sure that the
upper bound never exceeds the strlen(). We eschew optimizing `SKIP_TAGSTART`
wrt. to the potentially duplicate strlen() call, because that code path is
unexpected anyway.
 2016-08-20 01:58:08 +02:00
Xinchen Hui
f3231a7c76 Unused var 2016-08-17 11:16:48 +08:00
Christoph M. Becker
1d24ac46ab Merge branch 'PHP-7.0' into PHP-7.1 2016-08-17 01:23:22 +02:00
Christoph M. Becker
6202b47e63 Merge branch 'PHP-5.6' into PHP-7.0 2016-08-17 01:22:11 +02:00
Christoph M. Becker
1bb92d5212 #72085: SEGV on unknown address zif_xml_parse 
We better make sure that the ZVALs we're accessing as arrays are indeed
arrays.
 2016-08-17 00:42:45 +02:00
Stanislav Malyshev
0ac5144836 Fix bug #72099: xml_parse_into_struct segmentation fault 2016-06-28 01:23:24 -07:00
Dmitry Stogov
adc95c5114 Fixed compilation warnings 2016-06-23 12:47:06 +03:00
Xinchen Hui
8c41df5480 Unused var 2016-06-14 21:29:02 +08:00
Joe Watkins
4a42fbbbc7 fix #72206 (xml_parser_create/xml_parser_free leaks mem) 2016-05-14 08:11:18 +01:00
Joe Watkins
b165114013 fix #72206 (xml_parser_create/xml_parser_free leaks mem) 2016-05-14 08:10:16 +01:00
Dmitry Stogov
f0a2e8eb13 Removed "zend_fcall_info.function_table". It was assigned in many places, but is never used. 2016-04-27 13:46:38 +03:00
Anatol Belski
1a154c7db5 Merge branch 'PHP-7.0' 
* PHP-7.0:
  fix merge
  Fix memory leak
  Fix bug #72099: xml_parse_into_struct segmentation fault
  5.5.36 now
  Fix bug #72094 - Out of bounds heap read access in exif header processing
  Fix bug #72093: bcpowmod accepts negative scale and corrupts _one_ definition
  Fix bug #72061 - Out-of-bounds reads in zif_grapheme_stripos with negative offset
  Fix for bug #71912 (libgd: signedness vulnerability)
  Typo in NEWS
 2016-04-27 12:30:34 +02:00
Anatol Belski
33d41da347 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fix memory leak
  Fix bug #72099: xml_parse_into_struct segmentation fault
  5.5.36 now
  Fix bug #72094 - Out of bounds heap read access in exif header processing
  Fix bug #72093: bcpowmod accepts negative scale and corrupts _one_ definition
  Fix bug #72061 - Out-of-bounds reads in zif_grapheme_stripos with negative offset
  Fix for bug #71912 (libgd: signedness vulnerability)
  Typo in NEWS
 2016-04-27 11:45:29 +02:00
Stanislav Malyshev
e315a162da Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fix memory leak
  Fix bug #72099: xml_parse_into_struct segmentation fault
  5.5.36 now
  Fix bug #72094 - Out of bounds heap read access in exif header processing
  Fix bug #72093: bcpowmod accepts negative scale and corrupts _one_ definition
  Fix bug #72061 - Out-of-bounds reads in zif_grapheme_stripos with negative offset
  Fix for bug #71912 (libgd: signedness vulnerability)
  Typo in NEWS

Conflicts:
	configure.in
	main/php_version.h
 2016-04-26 23:48:41 -07:00
Stanislav Malyshev
dccda88f27 Fix bug #72099: xml_parse_into_struct segmentation fault 2016-04-26 22:46:28 -07:00
Nikita Popov
f57c0b3249 Merge branch 'PHP-7.0' 2016-03-03 16:50:47 +01:00
Nikita Popov
1ac152938c Move semicolon into TSRMLS_CACHE_EXTERN/DEFINE 
Also re bug #71575.
 2016-03-03 16:50:01 +01:00
Dmitry Stogov
c67c166f93 Removed zend_fcall_info.symbol_table 2016-03-02 17:50:55 +03:00
Stanislav Malyshev
2e874114a2 Merge branch 'PHP-7.0' 
* PHP-7.0: (25 commits)
  Update NEWS
  update NEWS
  fix test file
  Fix version
  update NEWS
  Update NEWS
  Fix bug #71610: Type Confusion Vulnerability - SOAP / make_http_soap_request()
  Fix bug #71637: Multiple Heap Overflow due to integer overflows
  extend check for add_flag
  Fixed another segfault with file_cache_only now
  set version
  fix nmake clean in phpize mode
  Fixed segfault with file_cache_only
  Fixed possible crash at PCRE on MSHUTDOWN
  Fixed more synchronisation issues during SHM reload
  Set proper type flags (REFCOUNTED and COPYABLE) according to interned or regular string
  sync with improvements in NEWS
  Fixed process synchronisation problem, that may cause crashes after opcache restart
  Fix bug #71610: Type Confusion Vulnerability - SOAP / make_http_soap_request()
  Fix bug #71637: Multiple Heap Overflow due to integer overflows
  ...
 2016-03-01 23:11:42 -08:00
Stanislav Malyshev
57b997ebf9 Fix bug #71637: Multiple Heap Overflow due to integer overflows 2016-02-21 23:14:29 -08:00
Nikita Popov
93dc91b386 Remove version checks 
PHP_VERSION_ID
PHP_API_VERSION
ZEND_MODULE_API_NO
PHP_MAJOR_VERSION, PHP_MINOR_VERSION
ZEND_ENGINE_2

I've left litespeed alone, as it seems to genuinely maintain support
for many PHP versions.
 2016-01-30 15:35:28 +01:00
Lior Kaplan
3d5438bf7b Merge branch 'PHP-7.0' 
* PHP-7.0:
  Update header to PHP Version 7
  Happy new year (Update copyright to 2016)
  Happy new year (Update copyright to 2016)
 2016-01-01 20:04:31 +02:00
Lior Kaplan
ed35de784f Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Happy new year (Update copyright to 2016)
 2016-01-01 19:48:25 +02:00
Lior Kaplan
49493a2dcf Happy new year (Update copyright to 2016) 2016-01-01 19:21:47 +02:00
Xinchen Hui
145b68c834 Merge branch 'PHP-7.0' 2015-12-12 22:52:51 -08:00
Xinchen Hui
4171a8f6c6 Internal function argumensts cleanup (strict_types) 2015-12-12 22:52:37 -08:00
Nikita Popov
fc2cedfb1d Make 2nd arg of xml_set_object by value 
The argument is not being modified. Probably holdover from PHP 4
days.
 2015-12-10 23:35:25 +01:00
Christoph M. Becker
502b70c50c Merge branch 'PHP-5.6' 
* PHP-5.6:
  Skip test for old glibc iconv
 2015-09-09 04:33:28 +02:00
Christoph M. Becker
71da4f1f7f Skip test for old glibc iconv 
bug32001.phpt has a high failure rate for the submitted reports. According to
several samples it seems the iconv implementation of glibc 2.12 (released
2010-05) is the culprit. It seems appropriate to skip the test for such old
versions.
 2015-09-09 04:27:28 +02:00
Anatol Belski
4e66cce87c switch to the unified globals accessor where appropriate 2015-07-29 13:26:35 +02:00
Dmitry Stogov
4a2e40bb86 Use ZSTR_ API to access zend_string elements (this is just renaming without semantick changes). 2015-06-30 04:05:24 +03:00