clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-24 03:17:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
83,483 Commits 491 Branches 1,363 Tags 846 MiB
dc09f30933
Commit Graph

132 Commits

Author SHA1 Message Date
Lior Kaplan
49493a2dcf Happy new year (Update copyright to 2016) 2016-01-01 19:21:47 +02:00
Stanislav Malyshev
3fe509443c Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  fix unit tests
 2015-09-01 12:24:14 -07:00
Stanislav Malyshev
4aeff30337 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  fix unit tests
 2015-09-01 12:23:55 -07:00
Stanislav Malyshev
1922c650ba fix unit tests 2015-09-01 12:23:22 -07:00
Stanislav Malyshev
c19d59c550 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  update NEWS
  add NEWS for fixes
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  5.4.45 next

Conflicts:
	ext/pcre/php_pcre.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	ext/zip/php_zip.c
 2015-09-01 12:06:41 -07:00
Stanislav Malyshev
33d3acaae7 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  5.4.45 next

Conflicts:
	configure.in
	ext/pcre/php_pcre.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	main/php_version.h
 2015-09-01 11:42:19 -07:00
Stanislav Malyshev
1390a5812b Fix bug #70312 - HAVAL gives wrong hashes in specific cases 2015-09-01 01:16:30 -07:00
Stanislav Malyshev
5776fceb16 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5: (27 commits)
  fix non-standard C
  update NEWS
  5.4.41 next
  fix CVE num
  update NEWS
  Fix bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode)
  fix test
  fix type in fix for #69085
  fix memory leak & add test
  Fix tests
  fix CVE num
  Fix bug #69337 (php_stream_url_wrap_http_ex() type-confusion vulnerability)
  Fix test
  Additional fix for bug #69324
  More fixes for bug #69152
  Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions)
  Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar)
  Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER)
  Fix bug #68486 and bug #69218 (segfault in apache2handler with apache 2.4)
  Fix bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault)
  ...

Conflicts:
	ext/standard/http_fopen_wrapper.c
 2015-04-14 01:05:01 -07:00
Stanislav Malyshev
0cb9d75cb6 Merge branch 'PHP-5.4.40' into PHP-5.5.24 
* PHP-5.4.40:
  Additional fix for bug #69324
  More fixes for bug #69152
  Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions)
  Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar)
  Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER)
  Fix bug #68486 and bug #69218 (segfault in apache2handler with apache 2.4)
  Fix bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault)
  Fixed bug #68901 (use after free)
  Fixed bug #68740 (NULL Pointer Dereference)
  Fix bug #66550 (SQLite prepared statement use-after-free)
  Better fix for #68601 for perf 81e9a993f2
  Fix bug #68601 buffer read overflow in gd_gif_in.c
  Revert "Merge branch 'PHP-5.4' of https://git.php.net/repository/php-src into PHP-5.4"
  Fixed bug #69293
  Add ZEND_ARG_CALLABLE_INFO to allow internal function to type hint against callable.
 2015-04-11 16:56:12 -07:00
Stanislav Malyshev
4435b9142f Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions) 2015-04-11 16:53:22 -07:00
Xinchen Hui
0579e8278d bump year 2015-01-15 23:26:37 +08:00
Xinchen Hui
73c1be2653 Bump year 2015-01-15 23:26:03 +08:00
Rouven Weßling
2148a88b3d Add hash_equals() to perform string comparisons that are not vulnerable to timing attacks. 2014-03-17 09:37:28 +01:00
Nikita Popov
e617dfbdf3 Merge branch 'PHP-5.5' into PHP-5.6 2014-03-12 14:16:58 +01:00
Nikita Popov
06bbb657ad Fix hash_pbkdf2() with missing $length argument 
Also change the type of some string length variables to ensure
that the zpp call works correctly on platforms where sizeof(int)
!= sizeof(long).
 2014-03-12 14:16:18 +01:00
Michael M Slusarz
b88387d341 Fix #66698: Add fnv1a32 and fnv1a64 hash options 2014-03-06 23:38:51 +01:00
Xinchen Hui
c081ce628f Bump year 2014-01-03 11:08:10 +08:00
Xinchen Hui
47c9027772 Bump year 2014-01-03 11:06:16 +08:00
Xinchen Hui
c0d060f5c0 Bump year 2014-01-03 11:04:26 +08:00
Manuel Mausz
7dbb1bba64 fix failing tests 2013-09-05 09:32:12 +02:00
Manuel Mausz
0be6ecb862 fix indention 2013-09-05 01:19:00 +02:00
Manuel Mausz
8ca43527e8 Add support for CryptoPro S-box for GOST 
This adds a new hash identifier "gost-crypto" which uses the CryptoPro
S-box tables as specified by RFC 4357, section 11.2.
 2013-09-05 01:04:25 +02:00
Michael Wallner
611122c22e Merge branch '2Guploads' 
* 2Guploads:
  add NEWS entry; add simple test
  more precise condition
  make this work in vc11 too
  Use int64_t and atoll() after discussion with johannes
  ws
  Patch for https://bugs.php.net/bug.php?id=44522 to allow uploading files above 2G.
  unify stdint type usage
 2013-08-09 11:47:25 +02:00
Michael Wallner
14caf174ff unify stdint type usage 
if you need C99 stdint types, just include "php_stdint.h"
 2013-08-06 22:49:56 +02:00
Christopher Jones
4c3c9d1fe5 Merge branch 'PHP-5.5' 
* PHP-5.5:
  Fix long-standing visual pain point: the misalignment of './configure help' text. Whitespace changes and a couple of grammar fixes.
 2013-08-06 11:09:12 -07:00
Christopher Jones
c6d977dd39 Fix long-standing visual pain point: the misalignment of './configure help' text. 
Whitespace changes and a couple of grammar fixes.
 2013-08-06 11:06:09 -07:00
Stanislav Malyshev
02457554a3 Merge branch 'PHP-5.5' 
* PHP-5.5:
  backward compatibility
  HASH_KEY_NON_EXISTANT fix
 2013-07-21 20:10:31 -07:00
Veres Lajos
4749457a49 HASH_KEY_NON_EXISTANT fix 2013-07-21 20:09:53 -07:00
Veres Lajos
e9a95d78ef typo fixes 2013-07-15 00:23:03 -07:00
Veres Lajos
1b06e0be96 typo fixes 2013-07-15 00:19:49 -07:00
Veres Lajos
72085b0e5f typo fixes 2013-07-15 00:18:57 -07:00
Stanislav Malyshev
8ac131503d Merge branch 'PHP-5.5' 
* PHP-5.5:
  Merge branch 'pull-request/341'
  Merge branch 'pull-request/341'
 2013-06-10 14:31:57 -07:00
Stanislav Malyshev
02e4d7a290 Merge branch 'pull-request/341' 
* pull-request/341: (23 commits)
  typofixes
 2013-06-10 14:30:59 -07:00
Stanislav Malyshev
ac40c0b562 Merge branch 'pull-request/341' 
* pull-request/341: (23 commits)
  typofixes
 2013-06-10 14:20:18 -07:00
Anthony Ferrara
2129c70896 Merge branch 'PHP-5.5' 
* PHP-5.5:
  Fix #64745 hash_pbkdf2 truncation issue
 2013-05-28 15:38:11 -04:00
Anthony Ferrara
540a5a52e8 Fix #64745 hash_pbkdf2 truncation issue 
When using hash_pbkdf2 with hex output and 0 length (auto), it incorrectly
truncates the result to 1/2 the expected result.
 2013-05-28 15:30:45 -04:00
Sara Golemon
6aefaad46e Fix race condition when ext/hash/tests run in parallel 2013-04-30 16:28:37 -07:00
Xinchen Hui
a666285bc2 Happy New Year 2013-01-01 16:37:09 +08:00
Xinchen Hui
0a7395e009 Happy New Year 2013-01-01 16:28:54 +08:00
Anthony Ferrara
03536e889a More cleanup of documentation and comments, as well as code formatting 2012-06-12 15:05:44 -04:00
Anthony Ferrara
2f1cd2cb13 Fix tests to use proper casing 2012-06-12 14:52:43 -04:00
Anthony Ferrara
43eb8dc04a Remove un-needed memset, and replacing stray spaces 2012-06-12 14:32:21 -04:00
Anthony Ferrara
df3d351cad Update error messages to be more inline with PHP standards 2012-06-12 14:10:35 -04:00
Anthony Ferrara
4918acccc6 refactor away un-necessary casts in hashing routines 2012-06-12 14:09:16 -04:00
Anthony Ferrara
6387498823 Create hash_pbkdf2 function addition 2012-06-12 09:57:11 -04:00
Michael Wallner
260e77709d fix tests failing due to corrected hash tiger 
mhash_00{1,3}.phpt were failing because of the corrected hash tiger byte
output order

fixes bug #60922:
 tests fail for mhash() and mhash_keygen_s2k() functions and MHASH_TIGER
 2012-03-19 21:49:47 +01:00
Michael Wallner
6a7bbb1561 merge ext/hash from trunk 2012-01-18 09:15:34 +00:00
Felipe Pena
4e19825281 - Year++ 2012-01-01 13:15:04 +00:00
Xinchen Hui
42fd7352fb Add skipif 2011-09-06 09:29:04 +00:00
Felipe Pena
4b30846b50 - Make usage of new PHP_FE_END macro 2011-07-25 11:35:02 +00:00