clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-24 03:17:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
71,007 Commits 491 Branches 1,363 Tags 846 MiB
c8eaca013a
Commit Graph

29834 Commits

Author SHA1 Message Date
Dmitry Stogov
c8eaca013a Added type checks 2015-03-03 10:43:48 +03:00
Dmitry Stogov
0c136a2abd Added type checks 2015-03-03 09:44:46 +03:00
Dmitry Stogov
d5248f67b5 Check variable type before its usage as IS_ARRAY. 2015-03-02 12:27:36 +03:00
Stanislav Malyshev
bdfe457a2c Port for for bug #68552 2015-02-17 06:53:02 +01:00
Stanislav Malyshev
7b18981830 Fix bug #68942 (Use after free vulnerability in unserialize() with DateTimeZone) 
Conflicts:
	ext/date/php_date.c
 2015-02-17 06:43:51 +01:00
Felipe Pena
8f9ab04d93 - Fixed bug #67827 (broken detection of system crypt sha256/sha512 support) 2015-02-17 00:23:47 -02:00
Felipe Pena
e08bef442c - Fixed bug #67427 (SoapServer cannot handle large messages) patch by: brandt at docoloc dot de 2015-02-16 13:07:26 -02:00
Yasuo Ohgaki
a8722f5330 Add NULL byte protection to exec, system and passthru 2015-02-14 05:25:04 +09:00
Stanislav Malyshev
f001c63073 Update header handling to RFC 7230 2015-02-05 20:08:12 -08:00
Stanislav Malyshev
7efbd70b03 fix sizeof size 2015-02-01 12:40:38 -08:00
Stanislav Malyshev
94d6cb4a78 fix TSRM 2015-01-31 23:34:14 -08:00
Stanislav Malyshev
b30a6d6018 Use better constant since MAXHOSTNAMELEN may mean shorter name 2015-01-31 21:46:56 -08:00
Stanislav Malyshev
0f9c708229 Add mitigation for CVE-2015-0235 (bug #68925) 2015-01-31 19:08:13 -08:00
Stanislav Malyshev
e63f7b47e1 Merge branch 'bug68710' into PHP-5.4 
* bug68710:
  Fix for bug #68710 (Use After Free Vulnerability in PHP's unserialize())
 2015-01-20 01:02:26 -08:00
Stanislav Malyshev
fc6aa939f5 Merge branch 'bug68799' into PHP-5.4 
* bug68799:
  Fix bug #68799: Free called on unitialized pointer
 2015-01-20 01:00:11 -08:00
Daniel Lowrey
e2fe8e164f Fixed bug #55618 (use case-insensitive cert name matching) 2015-01-14 18:02:50 +01:00
Stanislav Malyshev
2fc178cf44 Fix bug #68799: Free called on unitialized pointer 2015-01-11 00:51:05 -08:00
Anatol Belski
ebb98e7aeb updated libmagic.patch in 5.4 2015-01-04 17:04:13 +01:00
Anatol Belski
ede59c8feb Fixed bug #68735 fileinfo out-of-bounds memory access 2015-01-04 14:20:21 +01:00
Remi Collet
919abf0cb1 removed dead code 2015-01-04 09:40:19 +01:00
Stanislav Malyshev
b585a3aed7 Fix for bug #68710 (Use After Free Vulnerability in PHP's unserialize()) 2015-01-01 16:19:05 -08:00
Stanislav Malyshev
b75867fff0 add missing test file 2014-12-16 10:15:17 -08:00
Stanislav Malyshev
630f9c33c2 Fix bug #68594 - Use after free vulnerability in unserialize() 2014-12-16 10:15:17 -08:00
Andrea Faulds
034e6decb3 Fix undefined behaviour in strnatcmp 2014-12-13 22:27:10 +00:00
Anatol Belski
0323f66fa2 move the test to the right place 2014-12-11 10:39:47 -08:00
Anatol Belski
13f1c276ab Fixed bug #68545 NULL pointer dereference in unserialize.c 2014-12-11 10:39:37 -08:00
Dmitry Stogov
dd791cd717 Fixed possible read after end of buffer and use after free. 2014-12-08 12:18:27 +03:00
Chris Christoff
0e985d3726 Revert unintentional docblock change 
Revert unintentional docblock change

It looks like commit dd8e59da8f
introduced an unintended docbloc change. I have reverted this
change in this commit.
 2014-12-05 13:57:03 -08:00
Stanislav Malyshev
84be568366 update news 2014-11-30 21:37:39 -08:00
Leigh
7e870c596d Bug fixes in light of failing bcrypt tests 
Conflicts:
	ext/standard/crypt.c
 2014-11-30 21:06:39 -08:00
Leigh
2d9d10fbbf Add tests from 1.3. Add missing tests. 
3 of the missing tests fail. // TODO
 2014-11-30 21:05:40 -08:00
Leigh
29f51e1ca9 Upgrade crypt_blowfish to version 1.3 2014-11-30 21:05:32 -08:00
Matteo Beccati
2323e95df9 Fixed bug #66584 Segmentation fault on statement deallocation 2014-11-11 16:25:31 -08:00
Remi Collet
7740edae36 Fix bug #63595 GMP memory management conflicts with other libraries using GMP 
Drop use of php memory allocators as this raise various conflicts
with other extensions and libraries which use libgmp.

No other solution found.
We cannot for ensure correct use of allocator with shared lib.

Some memory can allocated before php init
Some memory can be freed after php shutdown

Known broken run cases
- php + curl + gnutls + gmp
- mod_gnutls + mod_php + gnutls + gmp
- php + freetds + gnutls + gmp
- php + odbc + freetds + gnutls + gmp
- php + php-mapi (zarafa) + gnutls + gmp
 2014-11-03 11:42:15 -08:00
Stanislav Malyshev
c351b47ce8 Initialize the offset table - PCRE may sometimes miss offsets 2014-11-03 11:31:02 -08:00
Remi Collet
1803228597 Fix bug #68283: fileinfo: out-of-bounds read in elf note headers 
Upstream commit
39c7ac1106

CVE -2014-3710
 2014-10-22 15:37:04 +02:00
Stanislav Malyshev
287c91c1f0 Fix bug #68113 (Heap corruption in exif_thumbnail()) 2014-10-13 23:17:45 -07:00
Stanislav Malyshev
ab0939e5e5 Fix bug #68089 - do not accept options with embedded \0 
Conflicts:
	ext/curl/interface.c
 2014-10-13 23:16:06 -07:00
Stanislav Malyshev
56754a7f9e Fixed bug #68044: Integer overflow in unserialize() (32-bits only) 2014-10-13 23:14:25 -07:00
Stanislav Malyshev
88412772d2 Fix bug #68027 - fix date parsing in XMLRPC lib 2014-10-13 23:12:11 -07:00
Matthew Daley
fcbe20d357 Set an LDAP error code when failing ldap_bind due to null bytes 
Some applications check a LDAP link's error code after seeing ldap_bind
fail due to a null byte bind attempt and hence incorrectly receive the
last set error code.

Fix by setting an LDAP error code before returning in this case.
 2014-09-28 12:23:52 -07:00
Derick Rethans
16e2d954fc - Updated to version 2014.8 (2014h) 2014-09-26 16:26:59 +01:00
Stanislav Malyshev
408b172017 Revert xp_ssl.c to the state of 5.4.32 due to regressions 2014-09-26 00:44:24 -07:00
Ard Biesheuvel
e64da8c20d Fixed bug #66242 (don't assume char is signed) 
This fixes a bug in libmagic where a cast to 'char' is assumed to result
in sign extension to occur. However, unqualified 'char' is unsigned on
architectures such as ARM, so the cast needs to be to 'signed char'
explicitly.

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
 2014-09-20 16:39:48 -07:00
Matteo Beccati
00525b824a Fixed freetype test on multiple environments 
Some environments, apparently regardless to the freetype version, output 155, while others 156. I guess we can accept both ;)

This reverts commit 592df89027.
 2014-09-16 10:19:29 +02:00
Daniel Lowrey
372844918a Bug #41631: Fix regression from first attempt (6569db8) 2014-09-09 09:01:42 -06:00
Daniel Lowrey
f86b2193a4 Bug #67965: Fix blocking behavior in non-blocking crypto streams 2014-09-09 07:37:57 -06:00
Matteo Beccati
592df89027 Fixed test with freetype >= 2.4.12 2014-09-03 09:43:29 +02:00
Derick Rethans
e665a07ab9 - Updated to version 2014.7 (2014g) 2014-09-01 16:40:49 +01:00
Chris Wright
32be79dcfa Fix stream_select() issue with OpenSSL buffer 
Ensure data from OpenSSL internal buffer has been
transfered to PHP stream buffer before a select()
emulation operation is performed

Addresses bug #65137
https://bugs.php.net/bug.php?id=65137

Conflicts:
	ext/openssl/xp_ssl.c
 2014-08-27 13:25:50 +01:00