Stanislav Malyshev
91990bbde0
Merge branch 'PHP-5.5.33' into PHP-5.6.19
...
* PHP-5.5.33:
Fix bug #71498 : Out-of-Bound Read in phar_parse_zipfile()
Fixed bug #71587 - Use-After-Free / Double-Free in WDDX Deserialize
2016-03-01 22:40:00 -08:00
Stanislav Malyshev
b1bd4119bc
Fixed bug #71587 - Use-After-Free / Double-Free in WDDX Deserialize
2016-02-14 22:34:39 -08:00
Stanislav Malyshev
e231830f16
Merge branch 'PHP-5.6.18' into PHP-7.0.3
...
* PHP-5.6.18:
fix tests
fix NEWS
Update NEWS
update NEWS
Fixed bug #71488 : Stack overflow when decompressing tar archives
update NEWS
add missing headers for SIZE_MAX
backport the escapeshell* functions hardening branch
add tests
Fix bug #71459 - Integer overflow in iptcembed()
prepare 5.6.18RC1
Fix test when run with openssl < 1.0.2 (reorder so no more SSLv2 message) Fix skip message to work
improve fix for bug #71201
Fixed bug #71323 - Output of stream_get_meta_data can be falsified by its input
Fix bug #71391 : NULL Pointer Dereference in phar_tar_setupmetadata()
Fixed bug #71331 - Uninitialized pointer in phar_make_dirstream()
Fix bug #71335 : Type Confusion in WDDX Packet Deserialization
Fix bug #71354 - remove UMR when size is 0
Conflicts:
configure.in
ext/phar/dirstream.c
ext/phar/phar_object.c
ext/phar/tar.c
ext/standard/exec.c
ext/standard/iptc.c
ext/standard/math.c
ext/standard/streamsfuncs.c
ext/wddx/wddx.c
main/php_version.h
main/streams/memory.c
2016-02-01 20:00:01 -08:00
Stanislav Malyshev
309ead112f
Merge branch 'PHP-5.5.32' into PHP-5.6.18
...
* PHP-5.5.32:
Fixed bug #71488 : Stack overflow when decompressing tar archives
update NEWS
add missing headers for SIZE_MAX
backport the escapeshell* functions hardening branch
add tests
Fix bug #71459 - Integer overflow in iptcembed()
Fixed bug #71323 - Output of stream_get_meta_data can be falsified by its input
Fix bug #71391 : NULL Pointer Dereference in phar_tar_setupmetadata()
Fix bug #71335 : Type Confusion in WDDX Packet Deserialization
Fix bug #71354 - remove UMR when size is 0
2016-02-01 18:32:31 -08:00
Stanislav Malyshev
285cd3417f
Fix bug #71335 : Type Confusion in WDDX Packet Deserialization
2016-01-13 16:43:04 -08:00
Stanislav Malyshev
13750cb0a1
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
Update NEWS
Improve fix for bug #70976
Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization)
Fixed bug #70741 : Session WDDX Packet Deserialization Type Confusion Vulnerability
Fixed #70728
Fixed bug #70755 : fpm_log.c memory leak and buffer overflow
Fix bug #70976 : fix boundary check on gdImageRotateInterpolated
typofix
2016-01-05 19:38:29 -08:00
Anatol Belski
cf1c50957b
re-apply the patch from 1785d2b805
...
too many conflicts to cherry-pick
2016-01-04 17:52:37 +01:00
Stanislav Malyshev
bc4baf608b
Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization)
...
Conflicts:
ext/wddx/wddx.c
2016-01-04 17:10:29 +01:00
Lior Kaplan
ed35de784f
Merge branch 'PHP-5.6' into PHP-7.0
...
* PHP-5.6:
Happy new year (Update copyright to 2016)
2016-01-01 19:48:25 +02:00
Lior Kaplan
49493a2dcf
Happy new year (Update copyright to 2016)
2016-01-01 19:21:47 +02:00
Stanislav Malyshev
dcf3c9761c
Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization)
2015-12-28 14:46:35 -08:00
Stanislav Malyshev
1785d2b805
Fixed bug #70741 : Session WDDX Packet Deserialization Type Confusion Vulnerability
2015-12-28 12:44:10 -08:00
Dmitry Stogov
ad4fa8f758
Fixed incorrect usage of HASH_OF() macro. Replaced HASH_OF() with more appropriate Z_ARRVAL_P() or Z_OBJPROP_P().
2015-09-24 22:39:59 +03:00
Rasmus Lerdorf
3760cb6a59
wddx_add_vars() returns a bool
2015-07-19 07:05:03 -07:00
Nikita Popov
0039a3e96f
Fixed signed/unsigned warnings in wddx
...
Also added extra const annotation to zend_memnstr.
2015-07-17 17:19:23 +02:00
Dmitry Stogov
4a2e40bb86
Use ZSTR_ API to access zend_string elements (this is just renaming without semantick changes).
2015-06-30 04:05:24 +03:00
Dmitry Stogov
4bd22cf1c1
Improved zend_string API (Francois Laupretre)
...
Squashed commit of the following:
commit d96eab8d79
Author: Francois Laupretre <francois@tekwire.net>
Date: Fri Jun 26 01:23:31 2015 +0200
Use the new 'ZSTR' macros in the rest of the code.
Does not change anything to the generated code (thanks to compat macros) but cleaner.
commit b352643910
Author: Francois Laupretre <francois@tekwire.net>
Date: Thu Jun 25 13:45:06 2015 +0200
Improve zend_string API
Add missing methods
2015-06-29 16:44:54 +03:00
Anatol Belski
becfdeb2ff
improve searchability for libxml2 headers
...
and bring the configs inline with the current libxml2 build
2015-05-10 22:22:03 +02:00
Nikita Popov
40e465e357
Clean up some type conversions
...
While at it also fix some type checks in iconv and drop dead and
unported code in standard/filters.
2015-04-27 18:50:08 +02:00
Anatol Belski
663074b6b1
cleanup mod version macros and mod defs, round x
2015-03-23 21:30:22 +01:00
Anatol Belski
567565b24f
more fixes to the shared compilation
2015-03-23 15:09:09 +01:00
Dmitry Stogov
d146d15003
Optimize zend_string_realloc() add more specialized versions zend_string_extend() and zend_string_truncate()
2015-03-20 02:02:42 +03:00
Dmitry Stogov
8633685675
Use specialized macro for string zval creation
2015-03-12 16:53:51 +03:00
Dmitry Stogov
e10e151e9b
Merged zend_array and HashTable into the single data structure.
...
Now each HashTable is also zend_array, so it's refcounted and may be a subject for Copy on Write
zend_array_dup() was changed to allocate and return HashTable, instead of taking preallocated HashTable as argument.
2015-02-13 22:20:39 +03:00
Anatol Belski
371db55871
Merge branch 'PHP-5.6'
...
* PHP-5.6:
Fix another invalid free of CG(interned_empty_string)
add tests for #68996
Fixed #68790 (Missing return)
Invalid free of CG(interned_empty_string)
Conflicts:
ext/soap/soap.c
ext/wddx/wddx.c
main/main.c
sapi/litespeed/lsapi_main.c
2015-02-08 12:43:22 +01:00
manuel
3550cc5fd9
add tests for #68996
2015-02-07 18:52:26 +01:00
manuel
13fc7f20a4
Invalid free of CG(interned_empty_string)
...
On failure php_escape_html_entities returns STR_EMPTY_ALLOC which is an
alias of CG(interned_empty_string) if interned strings are enabled.
Make sure we don't free this.
2015-02-06 16:53:01 +01:00
Xinchen Hui
efc75061ed
Ported wddx
2015-02-03 12:02:28 +08:00
Xinchen Hui
fc33f52d8c
bump year
2015-01-15 23:27:30 +08:00
Xinchen Hui
0579e8278d
bump year
2015-01-15 23:26:37 +08:00
Xinchen Hui
73c1be2653
Bump year
2015-01-15 23:26:03 +08:00
Stanislav Malyshev
b7a7b1a624
trailing whitespace removal
2015-01-10 15:07:38 -08:00
Anatol Belski
bdeb220f48
first shot remove TSRMLS_* things
2014-12-13 23:06:14 +01:00
Anatol Belski
075fc1ff1a
fix some datatype mismatches
2014-11-18 13:19:52 +01:00
Nikita Popov
e33f3d3b7c
Move smart_str implementation into Zend/
...
So we can use it there as well...
For now I've retained the zend_smart_str_public.h header, though
it would probably be better to just move that one struct into
zend_types.h.
2014-09-21 20:49:39 +02:00
Johannes Schlüter
d0cb715373
s/PHP 5/PHP 7/
2014-09-19 18:33:14 +02:00
Nikita Popov
079409bbc2
Switch (un)mangle property name to size_t and zend_string
...
Also use the _ex variants where possible.
2014-09-16 00:31:27 +02:00
Anatol Belski
e68788745a
fix type
2014-09-12 21:35:21 +02:00
Anatol Belski
a1a4a6101c
fix typo
2014-08-27 22:47:13 +02:00
Anatol Belski
2ee3ec999b
fixed php_wddx_packet_start signature
2014-08-27 22:45:19 +02:00
Anatol Belski
6db8d4f829
's' works with size_t round 3
2014-08-27 20:49:36 +02:00
Anatol Belski
3234480827
first show to make 's' work with size_t
2014-08-27 20:49:31 +02:00
Nikita Popov
28e7beea66
Fix zend_longo_str
2014-08-25 22:47:04 +02:00
Anatol Belski
c3e3c98ec6
master renames phase 1
2014-08-25 19:24:55 +02:00
Anatol Belski
63d3f0b844
basic macro replacements, all at once
2014-08-19 08:07:31 +02:00
Dmitry Stogov
6bf24f4dd0
Removed EG(active_symbol_table) and use corresponding value from EG(current_execute_data)
2014-07-04 18:03:45 +04:00
Dmitry Stogov
b3b616cf7e
Introduced immutable arrays. They don't need to be copyed and may be used directly from SHM.
2014-05-29 18:21:56 +04:00
Nikita Popov
9e2bc83fdb
Use zend_long_to_str in wddx
2014-05-28 18:55:51 +02:00
Pierre Joye
684506c4c8
fix ts build
2014-05-15 10:36:09 +02:00
Dmitry Stogov
a08a1ae2c0
Fixed reference counting, IS_REFERENCE and IS_INDIRECT support
2014-05-13 17:27:37 +04:00
Dmitry Stogov
0eeeaa1a23
Terminate string
...
Useproper hash function
2014-05-13 16:40:05 +04:00
Dmitry Stogov
b8b8c497c4
In most user extensions functions like mysql_close() should use zend_list_close() instead of zend_list_delete(). This closes the actual connection and frees extension specific data structures, but doesn't free zend_reference structure that might be referenced from zval(s). This also doesn't decrement the resource reference counter.
2014-05-13 13:18:00 +04:00
Xinchen Hui
b2b508a279
Fixed reference handling
2014-05-12 11:39:55 +08:00
Xinchen Hui
fca5af618f
Fixed IS_INDRICT handling
2014-05-12 10:52:37 +08:00
Xinchen Hui
618d6e273c
Fixed fields handling
2014-05-12 10:46:19 +08:00
Xinchen Hui
8d87e3b841
Refactoring wddx (incompleted, is there any one use it? )
2014-05-11 22:04:45 +08:00
Rouven Weßling
417dbfbacc
Declare a number of functions as variadic.
2014-02-16 00:07:55 +01:00
Xinchen Hui
c081ce628f
Bump year
2014-01-03 11:08:10 +08:00
Xinchen Hui
47c9027772
Bump year
2014-01-03 11:06:16 +08:00
Christopher Jones
c6d977dd39
Fix long-standing visual pain point: the misalignment of './configure help' text.
...
Whitespace changes and a couple of grammar fixes.
2013-08-06 11:06:09 -07:00
Anatol Belski
95ea1e7ca7
fixed variable corruption under win x64
2013-05-11 02:47:48 +02:00
Xinchen Hui
a666285bc2
Happy New Year
2013-01-01 16:37:09 +08:00
Xinchen Hui
e081c55fb5
Merge branch 'PHP-5.3' into PHP-5.4
2012-10-10 10:31:31 +08:00
Xinchen Hui
610c7fbe7b
Remove executable permission on phpt
2012-10-10 10:27:49 +08:00
Matt Ficken
a18cede1c5
Fix bug #62271 test bug - ext/wddx/tests/bug48562.phpt
2012-06-11 17:00:36 +02:00
Felipe Pena
e4ca0ed09f
- Year++
2012-01-01 13:15:04 +00:00
Felipe Pena
4e19825281
- Year++
2012-01-01 13:15:04 +00:00
Dmitry Stogov
4a25a7740d
Fixed ZE specific compile warnings (Bug #55629 )
2011-09-13 13:29:35 +00:00
Pierre Joye
5d62cd1530
- add skipif
2011-09-05 13:52:24 +00:00
Pierre Joye
493808af3d
- add skipif
2011-09-05 13:52:24 +00:00
Pierre Joye
07fae45eb7
- add skipif
2011-09-05 13:41:01 +00:00
Pierre Joye
6b424c19ce
- add skipif
2011-09-05 13:41:01 +00:00
Felipe Pena
23e438594d
- Make usage of new PHP_FE_END macro
2011-07-25 11:42:53 +00:00
Felipe Pena
4b30846b50
- Make usage of new PHP_FE_END macro
2011-07-25 11:35:02 +00:00
Felipe Pena
927bf09c29
- Year++
2011-01-01 02:19:59 +00:00
Felipe Pena
0203cc3d44
- Year++
2011-01-01 02:17:06 +00:00
Felipe Pena
6150174941
- Fixed bug #52468 (wddx_deserialize corrupts integer field value when left empty)
2010-08-01 17:34:09 +00:00
Felipe Pena
88b087bedd
- Fixed bug #52468 (wddx_deserialize corrupts integer field value when left empty)
2010-08-01 17:34:09 +00:00
Sebastian Bergmann
9ba1e81665
sed -i "s#1997-2009#1997-2010#g" **/*.c **/*.h **/*.php
2010-01-03 09:23:27 +00:00
Felipe Pena
c353601a3f
- MFH: Fixed bug #48562 (Reference recursion causes segfault when used in wddx_serialize_vars())
2009-06-16 02:54:26 +00:00
Sebastian Bergmann
08659c2dcd
MFH: Bump copyright year, 3 of 3.
2008-12-31 11:15:49 +00:00
Mark Karpeles
75b07963e3
- MFH: ext/wddx: classes providing __sleep() are stored without properties (fixed)
...
- ext/wddx: fixed wddx_add_vars() ignoring first var in php 5.3
2008-11-20 15:55:00 +00:00
Felipe Pena
8258b703c5
- MFH: Fixed memory leak in wddx_add_vars()
2008-11-20 14:48:41 +00:00
Mark Karpeles
995deb9aef
- MFH: #46496 , wddx_serialize treats input as ISO-8859-1 (Mark Karpeles)
2008-11-20 14:14:05 +00:00
Felipe Pena
fc2fb50d09
- MFH: Added 'static' into ZEND_BEGIN_ARG_INFO_EX macro
2008-11-17 11:28:01 +00:00
Felipe Pena
7a37fa2d6b
- Revert ZEND_BEGIN_ARG_INFO change
2008-11-02 21:19:39 +00:00
Felipe Pena
df10005563
- MFH: Added 'static' into ZEND_BEGIN_ARG_INFO_EX macro
2008-10-24 14:35:40 +00:00
Rob Richards
94fd10cd79
MFH: fix bug #45901 (wddx_serialize_value crash with SimpleXMLElement object)
...
add test
2008-09-11 14:17:31 +00:00
Felipe Pena
473019a9b5
- MFH: CS
2008-08-24 04:02:49 +00:00
Felipe Pena
55f7368408
- Fixed types
...
- Fixed protos
2008-07-01 11:26:10 +00:00
Antony Dovgal
2f2953760b
fix typo
2008-07-01 07:56:24 +00:00
Felipe Pena
2526420e34
- Added arginfo
2008-06-27 14:33:12 +00:00
Felipe Pena
f23acf749d
- New parameter parsing API
2008-06-20 19:57:25 +00:00
Dmitry Stogov
2ecf4bb0a7
Lazy EG(active_symbol_table) initialization
2008-04-29 08:15:20 +00:00
Derick Rethans
f81134a9f2
- MFH: Fixed tests on 64bit platform.
2008-02-25 22:32:59 +00:00
Ilia Alshanetsky
73d031a390
Optimize wddx boolean encoding
2008-01-20 15:33:24 +00:00
Sebastian Bergmann
d1dded8751
MFH: Bump copyright year, 2 of 2.
2007-12-31 07:17:19 +00:00
Antony Dovgal
05b536f251
one more fix
2007-10-07 08:33:38 +00:00
Dmitry Stogov
6c810b0d4c
Improved memory usage by movig constants to read only memory. (Dmitry, Pierre)
2007-09-27 18:00:48 +00:00
Ilia Alshanetsky
f3ad3a770e
Fixed test
2007-06-11 15:09:41 +00:00
Ilia Alshanetsky
b6762a8991
Fixed bug #41527 (WDDX deserialize numeric string array key).
2007-06-11 15:08:43 +00:00
Antony Dovgal
ffd09c0961
fix tests
2007-05-18 11:29:55 +00:00
Ilia Alshanetsky
c70105610a
Fixed bug #41283 (Bug with serializing array key that are doubles or
...
floats).
2007-05-05 15:14:56 +00:00
Martin Kraemer
9c62ddde34
Typo
2007-03-14 09:58:14 +00:00
Stanislav Malyshev
2ad036da3a
ik, make it memcpy
2007-03-04 04:38:43 +00:00
Stanislav Malyshev
b2673ab004
fix wrong code
...
# noticed by Stefan Esser
2007-03-04 02:23:47 +00:00
Ilia Alshanetsky
efad70c2cc
snprintf() -> slprintf()
2007-02-27 03:28:17 +00:00
Ilia Alshanetsky
9783f5f1f3
strncpy() -> strlcpy()
2007-02-24 18:00:56 +00:00
Marcus Boerger
50ea26760d
- Avoid sprintf, even when checked copy'n'paste or changes lead to errors
2007-02-24 02:17:47 +00:00
Antony Dovgal
84a827e0d4
MFH
2007-01-18 16:21:32 +00:00
Ilia Alshanetsky
96a8399e2f
Added key_length intialization for intergers
2007-01-09 15:20:45 +00:00
Sebastian Bergmann
4223aa4d5e
MFH: Bump year.
2007-01-01 09:36:18 +00:00
Ilia Alshanetsky
a055e93a27
optimize out strlen() calls
...
# Patch by Matt Wilmas
2006-12-13 15:31:47 +00:00
Antony Dovgal
5f6145b0fd
fix ZTS build
2006-08-02 22:03:47 +00:00
Ilia Alshanetsky
4eecfca79c
Fixed bug #38213 , #37611 , #37571 (wddx encoding fails to handle certain
...
characters).
2006-08-02 15:44:33 +00:00
foobar
0bf6b23cb8
MFH: fix phpize build
2006-07-27 01:18:55 +00:00
Marcus Boerger
d0f2f6cd04
- MFH zend_unmangle_property_name(), drop zend_unmangle_property_name_ex()
2006-07-24 18:03:45 +00:00
Antony Dovgal
3aaf62d159
there is no Unicode in 5_2
2006-07-11 12:15:11 +00:00
Hannes Magnusson
aaa1d62614
MFH: fix/add SKIPIF
2006-06-27 00:09:43 +00:00
Ilia Alshanetsky
a400d8908d
Convert E_ERROR to E_RECOVERABLE_ERROR
2006-05-30 02:40:33 +00:00
Ilia Alshanetsky
b882f9f37e
Fixed bug #37569 (WDDX incorrectly encodes high-ascii characters)
2006-05-25 22:54:16 +00:00
Marcus Boerger
ec79dd793d
- MFH Bugfix 37587
2006-05-25 09:59:25 +00:00
Ilia Alshanetsky
a1bbdf831c
Fixed bug #37162 (wddx does not build as a shared extension).
...
#Patch By: jdolecek at NetBSD dot org
2006-04-23 16:02:05 +00:00
Frank M. Kromann
329198a955
Add header so WDDX builds as shared
2006-01-28 06:15:25 +00:00
foobar
5bd93221a8
bump year and license version
2006-01-01 12:51:34 +00:00
foobar
d09ad216a0
MFH: prevent compile failure with --disable-all
2005-12-21 14:22:26 +00:00
Antony Dovgal
604990d6a5
fix test, add test for 64bit platform
2005-12-21 12:16:20 +00:00
Antony Dovgal
b7d5d7047b
fix test
2005-12-21 11:46:26 +00:00
Antony Dovgal
c92ae847c7
add missing skipif conditions
...
fix existing ones
2005-12-21 11:42:06 +00:00
foobar
3e669bc950
MFH: nuke php3 legacy
2005-12-06 02:28:41 +00:00
Ilia Alshanetsky
c60079862b
Fixed bug #35410 (wddx_deserialize() doesn't handle large ints as keys
...
properly).
2005-11-30 18:10:19 +00:00
Rob Richards
e1791bedd5
MFH: use sizeof instead of define
2005-10-06 18:48:19 +00:00
Derick Rethans
f42742f796
- MFH: Fixed Windows build (patch by Mike)
2005-10-06 13:03:43 +00:00
Rob Richards
93ffc14028
MFH: fix buffer lengths passed to snprintf
2005-10-05 22:36:10 +00:00
Antony Dovgal
4b9b5505f0
fix #34505 (possible memory corruption when unmangling properties with empty names)
...
2nd part
2005-09-16 17:11:02 +00:00
foobar
307ec8ece4
MFH:- Fixed bug #34306 (wddx_serialize_value() crashes with long array keys)
2005-08-31 14:31:44 +00:00
Ilia Alshanetsky
2a37a0c495
MFH: Fixed bug #34068 (Numeric string as array key not cast to integer in
...
wddx_deserialize()).
2005-08-10 22:45:31 +00:00
foobar
23e671a51e
- Bumber up year
2005-08-03 14:08:58 +00:00
Derick Rethans
3cdc895213
- Added backward compability wrapper "php_parse_date()".
...
- Changed WDDX extension to use new date parsing code.
- Removed all remnants to the old parser.
#- I hope that I didn't break the .dsp's...
2005-06-19 22:15:27 +00:00
foobar
9b57f5ff36
- Fixed bug #33185 (--enable-session=shared does not build)
2005-05-30 15:14:12 +00:00
foobar
a20383ba06
- Unify the "configure --help" texts
2005-05-29 23:17:16 +00:00
Dmitry Stogov
37887f1bd0
Fixed SIGSEGV on serializing data with circular references
2005-04-11 11:58:19 +00:00
Dmitry Stogov
37eee73274
Support for encoding/decoding of private and protected members
2005-04-11 09:27:47 +00:00
Marcus Boerger
016a39195e
- Fix test
2005-03-12 01:52:48 +00:00
Marcus Boerger
f3a5d430fc
- Fix another memleak
2005-03-12 01:46:47 +00:00
Marcus Boerger
6c73805c45
- Fix memleak
2005-03-12 01:44:04 +00:00
Andi Gutmans
56f8195fe5
- Nuke empty_string. It is a reminanent from the time where RETURN_FALSE()
...
used to return "" and not bool(false). It's not worth keeping it because
STR_FREE() and zval_dtor() always have to check for it and it slows down
the general case. In addition, it seems that empty_string has been abused
quite a lot, and was used not only for setting zval's but generally in
PHP code instead of "", which wasn't the intention. Last but not least,
nuking empty_string should improve stability as I doubt every place
correctly checked if they are not mistakenly erealloc()'ing it or
calling efree() on it.
NOTE: Some code is probably broken. Each extension maintainer should
check and see that my changes are OK. Also, I haven't had time to touch
PECL yet. Will try and do it tomorrow.
2004-07-19 07:19:50 +00:00
Ilia Alshanetsky
690ca62dd3
Do not use alloca() where it can be abused through user input.
2004-06-30 01:12:06 +00:00
Moriyoshi Koizumi
7f5950ffb7
- Fix test: Any datetime value that exceeds the unix time range should
...
not be unserialized.
2004-04-04 18:07:36 +00:00
Hartmut Holzgraefe
cc0894b788
more visa to sibira ;)
2004-03-24 18:43:23 +00:00