Antony Dovgal
e8ede1ec08
fix tests
2007-03-11 12:54:54 +00:00
Ilia Alshanetsky
e82c30c845
Re-added check removed by the previous patch
2007-03-10 20:07:50 +00:00
Ilia Alshanetsky
1453879587
Added additional checks for long input arrays inside
...
import_request_variables().
# Missing checks identified by Stefan Esser
2007-03-10 19:20:16 +00:00
Pierre Joye
cb11ba761e
- MFH: CVE-2007-1001, integer overflow with invalid wbmp images
2007-03-10 12:18:36 +00:00
Pierre Joye
547e4760e0
- #40764 , line thickness not respected for horizontal and vertical lines
...
- add test
- NEWS entry
2007-03-10 01:13:19 +00:00
Stanislav Malyshev
1e9fd0f002
add testcase
2007-03-09 18:37:03 +00:00
Dmitry Stogov
c2a71f8eb1
Return HTTP 403 in case of "access denied".
2007-03-09 16:46:07 +00:00
Antony Dovgal
982de65f6e
fix substr()
...
it's perfectly legal to do substr("str", 0, 1000000);
2007-03-09 10:04:59 +00:00
Antony Dovgal
c9ded196b4
fix tests
2007-03-09 09:45:14 +00:00
Ilia Alshanetsky
02fae929af
Fixed bug #40754 (added substr() & substr_replace() overflow checks).
2007-03-09 01:58:34 +00:00
Ilia Alshanetsky
b3b6db3f03
Add _SESSION to checklist
2007-03-09 01:48:56 +00:00
Ilia Alshanetsky
0fa1427c6e
Fixed a possible super-global overwrite inside import_request_variables().
...
# Reported by Stefano Di Paola
2007-03-09 01:42:20 +00:00
Rasmus Lerdorf
5b9ec4828f
Off by ! in the url control char check for file:/// urls
2007-03-09 01:20:34 +00:00
Pierre Joye
1286d9e266
- #40764 , line thickness not respected for horizontal and vertical lines
2007-03-09 01:18:40 +00:00
Stanislav Malyshev
0aa13e923b
more fixes
2007-03-08 22:53:37 +00:00
Stanislav Malyshev
6e460bab4e
fix crash/leak in bug #38710
2007-03-08 22:49:53 +00:00
Stanislav Malyshev
c4423ae27d
add news
2007-03-08 22:44:22 +00:00
Nuno Lopes
95391e4f9c
BFN: gd gif reading
2007-03-08 22:04:33 +00:00
Stanislav Malyshev
8779d1cdd3
fix crash on $x['x']['y'] += 1, patch by Brian Shire
2007-03-08 20:59:31 +00:00
Nuno Lopes
5116b67016
fix thread unsafety in the gif reader code (merge from libgd cvs)
2007-03-08 20:24:53 +00:00
Stanislav Malyshev
79195bfe2e
clarify checks and error messages
2007-03-08 00:47:04 +00:00
Antony Dovgal
af1843f866
MFH: fix #40752 (parse_ini_file() segfaults when a scalar setting is redeclared as an array)
2007-03-08 00:44:23 +00:00
Ilia Alshanetsky
8696c9bc89
Improved length parameter validation
2007-03-08 00:18:10 +00:00
Ilia Alshanetsky
42ff70ede8
Improved offset validation
2007-03-08 00:06:41 +00:00
Stanislav Malyshev
2625be4ed0
fix MOPB#14
...
# The error message seems wrong, so maybe better fix is needed
2007-03-07 18:15:46 +00:00
Antony Dovgal
0628f86e0e
fix small typo
...
add --with-zlib-dir option (and simple automagic zlib detection)
2007-03-07 09:36:22 +00:00
Antony Dovgal
c73225ab61
MFH: fix #40727 (segfault in PDO when failed to bind parameters)
2007-03-07 09:03:07 +00:00
Ilia Alshanetsky
0638ac7651
Fixed calloc wrapper
2007-03-07 00:55:49 +00:00
Ilia Alshanetsky
4a614cd6b1
malloc() -> pemalloc()
2007-03-07 00:52:40 +00:00
Ilia Alshanetsky
f6343f45f2
Add checks around raw allocation code
2007-03-07 00:47:42 +00:00
Derick Rethans
d447facb42
- Updated timezone database to version 2007.3. (Derick)
2007-03-06 21:28:37 +00:00
Antony Dovgal
a806ce9700
MFH
2007-03-06 21:08:05 +00:00
Antony Dovgal
a8f076d7a3
use the aliases and eliminate one more compile warning
2007-03-06 21:04:27 +00:00
Antony Dovgal
db8bbdc2a9
MFH: declare zend_mm_random() only when needed
2007-03-06 20:59:13 +00:00
Uwe Schindler
ad336e432a
remove (large) static buffers for header names and request uri
2007-03-06 18:15:25 +00:00
Uwe Schindler
e25bb8ea04
use slprintf instead of snprintf and remove 0termination things (because slprintf is always available now)
2007-03-06 15:43:49 +00:00
Antony Dovgal
cc49ea3a1e
MFH
2007-03-06 10:13:54 +00:00
Ilia Alshanetsky
37da90248d
Added missing allocation checks
2007-03-06 03:15:41 +00:00
Stanislav Malyshev
896abc5e34
use safe_realloc
2007-03-06 02:17:13 +00:00
Stanislav Malyshev
49a7bcd60b
use safe_realloc
2007-03-06 02:10:25 +00:00
Stanislav Malyshev
ec71493b99
use safe_erealloc
2007-03-06 02:03:28 +00:00
Marcus Boerger
331034afbb
- Revert last part and fix issue under windows
2007-03-06 01:19:47 +00:00
Marcus Boerger
3c21c05e43
- And the sizes too
2007-03-06 01:14:38 +00:00
Marcus Boerger
26ebcdfcb9
- More to go
...
# CVS sucks, you cannot mix -D with -r
# However, thanks edin for reminding me that we have mini version tags
# I still prefer subverison. There we don't have any problem of this kind
2007-03-06 01:13:21 +00:00
Marcus Boerger
638ffdb477
- There you go
2007-03-06 01:00:51 +00:00
Marcus Boerger
03bccc1b15
- MFH Revert back to sprintf (we could define snprintf for windows but we don't)
2007-03-06 00:56:42 +00:00
Ilia Alshanetsky
ff3e825083
Fixed bug #40417 (Allow multiple instances of the same named PDO token in
...
prepared statement emulation code).
2007-03-06 00:52:55 +00:00
Stanislav Malyshev
7508066230
fix broken snprintf code
2007-03-06 00:24:00 +00:00
Stanislav Malyshev
d856029c78
use safe_emalloc
2007-03-05 21:54:46 +00:00
Uwe Schindler
f34ec4f606
snprintf patch
2007-03-05 16:29:18 +00:00