clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-29 05:46:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
100,685 Commits 494 Branches 1,367 Tags 786 MiB
efb1be547c
Commit Graph

1348 Commits

Author SHA1 Message Date
Yasuo Ohgaki
aff4c7d826 Add tests 2016-08-31 21:03:10 +09:00
Yasuo Ohgaki
7ee9f81c54 Merge RFC https://wiki.php.net/rfc/session-create-id 2016-08-31 20:34:20 +09:00
Yasuo Ohgaki
f5cd6e5710 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Fixed bug #72940 SID always return "name=ID", even if session cookie exist
 2016-08-30 15:58:55 +09:00
Yasuo Ohgaki
b5f2f6fbd8 Fixed bug #72940 SID always return "name=ID", even if session cookie exist 2016-08-30 15:58:25 +09:00
Yasuo Ohgaki
1cf179e415 Implement RFC Add session_gc() https://wiki.php.net/rfc/session-gc 2016-08-29 05:57:37 +09:00
Yasuo Ohgaki
7d703a0060 Adjust test so that it passes on more restrictive filesystems 2016-08-22 17:01:07 +09:00
Xinchen Hui
1eb4851fa2 Remove leftover of previous change 2016-08-18 15:44:33 +08:00
Xinchen Hui
a3740dadec Remove outdate checks 2016-08-18 15:37:15 +08:00
Xinchen Hui
ce6ad9bdd9 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0: (48 commits)
  Update NEWs
  Unused label
  Fixed bug #72853 (stream_set_blocking doesn't work)
  fix test
  Bug #72663 - part 3
  Bug #72663 - part 2
  Bug #72663 - part 1
  Update NEWS
  BLock test with memory leak
  fix tests
  Fix TSRM build
  Fix bug #72850 - integer overflow in uuencode
  Fixed bug #72849 - integer overflow in urlencode
  Fix bug #72848 - integer overflow in quoted_printable_encode caused heap corruption
  Fix bug #72838 - 	Integer overflow lead to heap corruption in sql_regcase
  Fix bug #72837 - integer overflow in bzdecompress caused heap corruption
  Fix bug #72836 - integer overflow in base64_decode caused heap corruption
  Fix for bug #72807 - do not produce strings with negative length
  Fix for bug #72790 and bug #72799
  Fix bug #72730 - imagegammacorrect allows arbitrary write access
  ...

Conflicts:
	ext/standard/var_unserializer.c
 2016-08-17 17:14:30 +08:00
Xinchen Hui
b172f43caa Unused label 2016-08-17 16:56:20 +08:00
Stanislav Malyshev
ed9d916c28 fix test 2016-08-17 01:12:33 -07:00
Nikita Popov
e0f9fbdfa6 Bug #72663 - part 3 
When using the php_serialize session serialization handler, do
not use the result of the unserialization if it failed.
 2016-08-17 01:01:03 -07:00
Stanislav Malyshev
0d13325b66 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6: (24 commits)
  Update NEWS
  BLock test with memory leak
  fix tests
  Fix TSRM build
  Fix bug #72850 - integer overflow in uuencode
  Fixed bug #72849 - integer overflow in urlencode
  Fix bug #72848 - integer overflow in quoted_printable_encode caused heap corruption
  Fix bug #72838 - 	Integer overflow lead to heap corruption in sql_regcase
  Fix bug #72837 - integer overflow in bzdecompress caused heap corruption
  Fix bug #72836 - integer overflow in base64_decode caused heap corruption
  Fix for bug #72807 - do not produce strings with negative length
  Fix for bug #72790 and bug #72799
  Fix bug #72730 - imagegammacorrect allows arbitrary write access
  Fix bug#72697 - select_colors write out-of-bounds
  Fixed bug #72627: Memory Leakage In exif_process_IFD_in_TIFF
  Fix bug #72750: wddx_deserialize null dereference
  Fix bug #72771: ftps:// opendir wrapper is vulnerable to protocol downgrade attack
  Improve fix for #72663
  Fix bug #70436: Use After Free Vulnerability in unserialize()
  Fix bug #72749: wddx_deserialize allows illegal memory access
  ...

Conflicts:
	Zend/zend_API.h
	ext/bz2/bz2.c
	ext/curl/interface.c
	ext/ereg/ereg.c
	ext/exif/exif.c
	ext/gd/gd.c
	ext/gd/tests/imagetruecolortopalette_error3.phpt
	ext/gd/tests/imagetruecolortopalette_error4.phpt
	ext/session/session.c
	ext/snmp/snmp.c
	ext/standard/base64.c
	ext/standard/ftp_fopen_wrapper.c
	ext/standard/quot_print.c
	ext/standard/url.c
	ext/standard/uuencode.c
	ext/standard/var.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	ext/wddx/tests/bug72790.phpt
	ext/wddx/tests/bug72799.phpt
	ext/wddx/wddx.c
	sapi/cli/generate_mime_type_map.php
 2016-08-17 00:43:33 -07:00
Stanislav Malyshev
8763c6090d Fix bug #72681 - consume data even if we're not storing them 2016-08-16 22:54:42 -07:00
Yasuo Ohgaki
3467526a65 Merge RFC: Session ID without hashing 
https://wiki.php.net/rfc/session-id-without-hashing
 2016-08-12 12:31:02 +09:00
Yasuo Ohgaki
a53a6b3fb4 Fix URL rewriter issues 2016-08-11 08:31:48 +09:00
Nikita Popov
42e995e0d3 Merge branch 'PHP-7.0' into PHP-7.1 2016-07-24 00:08:18 +02:00
Nikita Popov
2194690625 Ensure session GC is not run during variation6.phpt 
The implemented gc() handler simply deletes all sessions, including
the current one. This may cause a subsequent unlink() warning.
Avoid this by preventing GC from running.
 2016-07-24 00:07:54 +02:00
Anatol Belski
b238211732 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  fix test
 2016-07-23 21:04:52 +02:00
Anatol Belski
958fa34c16 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  fix test
 2016-07-23 21:03:45 +02:00
Anatol Belski
80fee637f4 fix test 2016-07-23 20:55:39 +02:00
Stanislav Malyshev
70d6ce3368 Merge branch 'PHP-7.0' 
* PHP-7.0: (27 commits)
  fix #72519, possible OOB using imagegif
  fix #72512, invalid read or write for palette image when invalid transparent index is used
  Apparently some envs miss SIZE_MAX
  Fix tests
  Fix bug #72618: NULL Pointer Dereference in exif_process_user_comment
  Partial fix for bug #72613 - do not allow reading past error read
  Partial fix for bug #72613 - do not treat negative returns from bz2 as size_t
  Fix bug #72606: heap-buffer-overflow (write) simplestring_addn simplestring.c
  Fix for bug #72558, Integer overflow error within _gdContributionsAlloc()
  Fix bug #72603: Out of bound read in exif_process_IFD_in_MAKERNOTE
  update NEWS
  Fixed bug #72570 Segmentation fault when binding parameters on a query without placeholders
  Fix bug #72562 - destroy var_hash properly
  Fix bug #72551 and bug #72552 - check before converting size_t->int
  Fix bug #72541 - size_t overflow lead to heap corruption
  Fix bug #72533 (locale_accept_from_http out-of-bounds access)
  Fix fir bug #72520
  Fix for bug #72513
  Fix for bug #72513
  CS fix and comments with bug ID
  ...

Conflicts:
	ext/standard/basic_functions.c
 2016-07-19 01:44:14 -07:00
Stanislav Malyshev
b00f8f2a5b Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  fix #72519, possible OOB using imagegif
  fix #72512, invalid read or write for palette image when invalid transparent index is used
  Apparently some envs miss SIZE_MAX
  Fix tests
  Fix bug #72618: NULL Pointer Dereference in exif_process_user_comment
  Partial fix for bug #72613 - do not treat negative returns from bz2 as size_t
  Fix bug #72606: heap-buffer-overflow (write) simplestring_addn simplestring.c
  Fix for bug #72558, Integer overflow error within _gdContributionsAlloc()
  Fix bug #72603: Out of bound read in exif_process_IFD_in_MAKERNOTE
  Fix bug #72562 - destroy var_hash properly
  Fix bug #72533 (locale_accept_from_http out-of-bounds access)
  Fix fir bug #72520
  Fix for bug #72513
  Fix for bug #72513
  CS fix and comments with bug ID
  Fix for HTTP_PROXY issue.
  5.6.24RC1
  add tests for bug #72512
  Fixed bug #72512 gdImageTrueColorToPaletteBody allows arbitrary write/read access
  Fixed bug #72479 - same as #72434

Conflicts:
	Zend/zend_virtual_cwd.c
	ext/bz2/bz2.c
	ext/exif/exif.c
	ext/session/session.c
	ext/snmp/snmp.c
	ext/standard/basic_functions.c
	main/SAPI.c
	main/php_variables.c
 2016-07-19 01:39:28 -07:00
Stanislav Malyshev
4d0565b5ba Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  fix #72519, possible OOB using imagegif
  fix #72512, invalid read or write for palette image when invalid transparent index is used
  Apparently some envs miss SIZE_MAX
  Fix tests
  Fix bug #72618: NULL Pointer Dereference in exif_process_user_comment
  Partial fix for bug #72613 - do not treat negative returns from bz2 as size_t
  Fix bug #72606: heap-buffer-overflow (write) simplestring_addn simplestring.c
  Fix for bug #72558, Integer overflow error within _gdContributionsAlloc()
  Fix bug #72603: Out of bound read in exif_process_IFD_in_MAKERNOTE
  Fix bug #72562 - destroy var_hash properly
  Fix bug #72533 (locale_accept_from_http out-of-bounds access)
  Fix fir bug #72520
  Fix for bug #72513
  CS fix and comments with bug ID
  Fix for HTTP_PROXY issue.
  add tests for bug #72512
  Fixed bug #72512 gdImageTrueColorToPaletteBody allows arbitrary write/read access
  Fixed bug #72479 - same as #72434

Conflicts:
	ext/bz2/bz2.c
	main/SAPI.c
	main/php_variables.c
 2016-07-19 00:53:08 -07:00
Stanislav Malyshev
3798eb6fd5 Fix bug #72562 - destroy var_hash properly 2016-07-12 23:27:45 -07:00
Aaron Piotrowski
24237027bc Merge branch 'throw-error-in-extensions' 2016-07-05 02:08:39 -05:00
Xinchen Hui
72ec312f23 Merge branch 'PHP-7.0' 
* PHP-7.0:
  Fixed bug #72531 (ps_files_cleanup_dir Buffer overflow)
 2016-07-03 09:30:48 +08:00
Xinchen Hui
6744737577 Fixed bug #72531 (ps_files_cleanup_dir Buffer overflow) 2016-07-03 09:30:33 +08:00
Dmitry Stogov
323b2733f6 Fixed compilation warnings 2016-06-22 00:40:50 +03:00
Dmitry Stogov
ccf4ae95bd Restored signed format specifier 2016-06-21 20:12:04 +03:00
Dmitry Stogov
a0df06fc4b Revert "sync tests with the latest format fixes" 
This reverts commit ef7116d55b.
 2016-06-21 20:10:44 +03:00
Anatol Belski
ef7116d55b sync tests with the latest format fixes 2016-06-21 19:06:28 +02:00
Dmitry Stogov
1616038698 Added ZEND_ATTRIBUTE_FORMAT to some middind functions. 
"%p" replaced by ZEND_LONG_FMT to avoid compilation warnings.
Fixed most incorrect use cases of format specifiers.
 2016-06-21 16:00:37 +03:00
Aaron Piotrowski
7d53864574 E_RECOVERABLE_ERROR -> thrown Error 2016-06-14 13:18:43 -05:00
Aaron Piotrowski
771e5cc247 Replace zend_ce_error with NULL and replace more E_ERROR with thrown Error 2016-06-13 09:02:17 -05:00
Aaron Piotrowski
e3c681aa5c Merge branch 'master' into throw-error-in-extensions 2016-06-10 22:02:23 -05:00
Christoph M. Becker
74c06a64f0 Merge branch 'PHP-7.0' 2016-06-09 15:45:54 +02:00
Christoph M. Becker
07a793810f Merge branch 'PHP-5.6' into PHP-7.0 2016-06-09 15:35:28 +02:00
Raphaël Tournoy
1dfdae6de4 fix typo 2016-06-03 17:18:14 +02:00
Xinchen Hui
d5914d19eb Merge branch 'PHP-7.0' 2016-04-15 21:09:05 -07:00
Xinchen Hui
05d53dee7d Fixed bug #71972 (Cyclic references causing session_start(): Failed to decode session object) 2016-04-15 21:08:51 -07:00
Yasuo Ohgaki
dc9ae10bc4 Remove debug code 2016-04-07 17:13:05 +09:00
Yasuo Ohgaki
60b144134a Merge branch 'PHP-7.0' 
* PHP-7.0:
  Fixed Bug #71974 Trans sid will always be send, even if cookies are available
 2016-04-07 10:26:32 +09:00
Yasuo Ohgaki
6467a4eb36 Fixed Bug #71974 Trans sid will always be send, even if cookies are available 2016-04-07 10:26:05 +09:00
Yasuo Ohgaki
01579ae0a6 Merge branch 'PHP-7.0' 
* PHP-7.0:
  Fixed Bug #71683 Null pointer dereference in zend_hash_str_find_bucket
 2016-03-12 08:33:04 +09:00
Yasuo Ohgaki
50fca7a02a Fixed Bug #71683 Null pointer dereference in zend_hash_str_find_bucket 2016-03-12 08:15:47 +09:00
Xinchen Hui
4c388004d4 Merge branch 'PHP-7.0' 
* PHP-7.0:
  Fixed bug #71754 (Regression in PHP7.0: trivial script segfaults php-cgi)
  Bug #71756 (Call-by-reference widens scope to uninvolved functions when used in switch)
  tsrm_win32_get_path_sid_key might returns NULL (Partially fix bug #71752)
 2016-03-10 15:03:25 +08:00
Xinchen Hui
98c625a31c Fixed bug #71754 (Regression in PHP7.0: trivial script segfaults php-cgi) 2016-03-10 15:02:10 +08:00
Nikita Popov
f57c0b3249 Merge branch 'PHP-7.0' 2016-03-03 16:50:47 +01:00
Nikita Popov
1ac152938c Move semicolon into TSRMLS_CACHE_EXTERN/DEFINE 
Also re bug #71575.
 2016-03-03 16:50:01 +01:00
Nikita Popov
a4e56194d7 Fix intermixed SKIPIF and XFAIL sections in test 2016-03-03 16:38:05 +01:00
Rouven Weßling
a61029b155 Replace usage of php_int32 and php_uint32 with int32_t and uint32_t 2016-02-04 11:57:41 +01:00
Antony Dovgal
6f81e95c33 check length first, prevent out-of-bounds read 2016-02-03 14:49:16 +03:00
Antony Dovgal
64e8cfadf5 check length first, prevent out-of-bounds read 2016-02-03 14:48:38 +03:00
Anatol Belski
1df334b75c revert test to the previous master state 2016-01-29 22:37:37 +01:00
Anatol Belski
620f4169a7 Merge branch 'PHP-7.0' 
* PHP-7.0:
  yet one revert
  Revert "adjust test for 7.0"

Conflicts:
	ext/session/tests/bug69111.phpt
 2016-01-29 21:46:15 +01:00
Anatol Belski
b947aff98d yet one revert 2016-01-29 21:43:14 +01:00
Anatol Belski
ac22f71477 Revert "adjust test for 7.0" 
This reverts commit 7fdb019e66.
 2016-01-29 21:27:22 +01:00
Anatol Belski
58b2344759 Merge branch 'PHP-7.0' 
* PHP-7.0:
  Revert "refix #69111 and one related test"
  Revert "fix yet another leak"
  add XFAIL
  Revert "refix #69111 and one related test"
  Revert "fix tests"
  Revert "fix leak in 7.0"
  add XFAIL
  Revert "fix leak in 5.6"

Conflicts:
	ext/session/tests/rfc1867_sid_invalid.phpt
 2016-01-29 21:07:19 +01:00
Anatol Belski
6891e6abdf Revert "refix #69111 and one related test" 
This reverts commit 80f7b01258.

Conflicts:
	ext/session/mod_files.c
 2016-01-29 20:59:58 +01:00
Anatol Belski
3d90531d1e Revert "fix yet another leak" 
This reverts commit 39084ccc68.
 2016-01-29 20:58:00 +01:00
Anatol Belski
d1d3c0832e add XFAIL 2016-01-29 20:57:05 +01:00
Anatol Belski
ebcfe7618d Revert "refix #69111 and one related test" 
This reverts commit 80f7b01258.
 2016-01-29 20:50:14 +01:00
Anatol Belski
7f977c13dc Revert "fix tests" 
This reverts commit d964ccba40.
 2016-01-29 20:49:52 +01:00
Anatol Belski
57d9797b6f Revert "fix leak in 7.0" 
This reverts commit ee49df011c.
 2016-01-29 20:46:47 +01:00
Anatol Belski
b7dadfae87 add XFAIL 2016-01-29 20:36:11 +01:00
Anatol Belski
40b9f52c2c Revert "fix leak in 5.6" 
This reverts commit fa548e5ca9.
 2016-01-29 20:33:39 +01:00
Anatol Belski
1a9402c6ec Merge branch 'PHP-7.0' 
* PHP-7.0:
  refix #69111 and one related test

Conflicts:
	ext/session/tests/rfc1867_sid_invalid.phpt
 2016-01-29 19:59:26 +01:00
Anatol Belski
80f7b01258 refix #69111 and one related test 
It is the least evil as the test just reduces the fail path. 5.6 seems
still broken in this regard, a backport should follow if travis is happy.
 2016-01-29 19:55:50 +01:00
Anatol Belski
6cc01882fb Merge branch 'PHP-7.0' 
* PHP-7.0:
  fix tests
 2016-01-29 16:33:19 +01:00
Anatol Belski
d964ccba40 fix tests 2016-01-29 16:32:27 +01:00
Anatol Belski
f1dc4a4e10 Merge branch 'PHP-7.0' 
* PHP-7.0:
  fix yet another leak
 2016-01-29 16:04:13 +01:00
Anatol Belski
39084ccc68 fix yet another leak 2016-01-29 16:03:33 +01:00
Anatol Belski
15ba618a69 Merge branch 'PHP-7.0' 
* PHP-7.0:
  fix wrong gc sequence
 2016-01-29 15:19:40 +01:00
Anatol Belski
d2c752d7e9 fix wrong gc sequence 2016-01-29 15:18:59 +01:00
Anatol Belski
55fd320b31 Merge branch 'PHP-7.0' 
* PHP-7.0:
  fix leak in 7.0
 2016-01-29 14:48:36 +01:00
Anatol Belski
ee49df011c fix leak in 7.0 2016-01-29 14:48:05 +01:00
Anatol Belski
fa548e5ca9 fix leak in 5.6 2016-01-29 13:56:11 +01:00
Anatol Belski
d9eea2c209 revert the API string as well 2016-01-29 12:52:41 +01:00
Anatol Belski
7fdb019e66 adjust test for 7.0 2016-01-29 12:29:41 +01:00
Anatol Belski
a068047f62 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  add test for bug #69111
 2016-01-29 12:29:05 +01:00
Anatol Belski
4b0feeb8fa add test for bug #69111 2016-01-29 12:27:35 +01:00
Anatol Belski
25108babdb refix bug #69111, crash in 5.6 only 2016-01-29 11:24:19 +01:00
Anatol Belski
b858224b88 reset ext/session to the state of 7.0.2 2016-01-29 08:37:27 +01:00
Anatol Belski
ae6e139c77 reset the ext/session to the state of 5.6.17 2016-01-29 08:33:09 +01:00
Yasuo Ohgaki
99101ba310 Update error message. Missed to include in previous commit 46d4a37105 2016-01-28 15:06:55 +09:00
Mikko
46d4a37105 Session regenerate id seems to malfunction with 3rd party session handlers 
Fixed bug #71472 session_regenerate_id malfunctions with certain session handlers
 2016-01-28 13:30:10 +09:00
Yasuo Ohgaki
2dce532a90 Merge branch 'PHP-7.0' 
* PHP-7.0:
  Use SUCCESS/FAILURE
 2016-01-18 13:35:43 +09:00
Yasuo Ohgaki
d7fc3be99e Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Use SUCCESS/FAILURE
 2016-01-18 13:35:01 +09:00
Yasuo Ohgaki
ee1dd4949a Use SUCCESS/FAILURE 2016-01-18 13:33:47 +09:00
Yasuo Ohgaki
05e87fa418 Fixed bug #71070 Custom session handler write method returns false, warning message misleading 
This is commited to master only.
If you have better error message suggestion, feel free to improve it.
 2016-01-18 12:03:41 +09:00
Yasuo Ohgaki
1277846228 Merge branch 'PHP-7.0' 
* PHP-7.0:
  Fixed bug #71394 (session_regenerate_id() must close opened session on errors)
 2016-01-17 17:12:49 +09:00
Yasuo Ohgaki
3b2d98a625 Fixed bug #71394 (session_regenerate_id() must close opened session on errors) 2016-01-17 17:11:47 +09:00
Yasuo Ohgaki
00eaaca18a Remove unnecessary warning by warning reorder. 2016-01-17 17:08:44 +09:00
Yasuo Ohgaki
82a0c47712 Merge branch 'PHP-7.0' 
* PHP-7.0:
  Remove unnecessary warning by warning reorder.
 2016-01-17 16:21:48 +09:00
Yasuo Ohgaki
dbba4418d8 Remove unnecessary warning by warning reorder. 2016-01-17 16:21:01 +09:00
Yasuo Ohgaki
691bade4be Merge branch 'PHP-7.0' 
* PHP-7.0:
  Add test for Bug #70133 (Extended SessionHandler::read is ignoring $session_id when calling parent)
 2016-01-16 05:37:26 +09:00
Yasuo Ohgaki
9f2240963f Add test for Bug #70133 (Extended SessionHandler::read is ignoring $session_id when calling parent) 2016-01-16 05:29:19 +09:00
Anatol Belski
e514492c3b Merge branch 'PHP-7.0' 
* PHP-7.0:
  PS(id) is zend_string *, use appropriate API
  Update NEWS
 2016-01-15 15:48:24 +01:00
Anatol Belski
93db2dac48 PS(id) is zend_string *, use appropriate API 2016-01-15 15:47:09 +01:00