php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-27 01:48:26 +02:00
Code Issues Packages Projects Releases Wiki Activity
83,678 Commits 549 Branches 1,485 Tags
0e21d8066b940e1228fa840a1539ca3434dc3a3f
Commit Graph

36047 Commits

Author SHA1 Message Date
Remi Collet 0e21d8066b fix test for 32bits (int -> float) 
(cherry picked from commit 0f1ae93bfa)
 2017-02-01 11:49:52 +01:00
Christoph M. Becker d2274b01cb Fix #73869: Signed Integer Overflow gd_io.c 
GD2 stores the number of horizontal and vertical chunks as words (i.e. 2
byte unsigned). These values are multiplied and assigned to an int when
reading the image, what can cause integer overflows. We have to avoid
that, and also make sure that either chunk count is actually greater
than zero. If illegal chunk counts are detected, we bail out from
reading the image.

(cherry picked from commit 5b5d9db3988b829e0b121b74bb3947f01c2796a1)
 2017-01-17 09:30:58 +01:00
Christoph M. Becker f1b2afc9d9 Fix #73868: DOS vulnerability in gdImageCreateFromGd2Ctx() 
We must not pretend that there are image data if there are none. Instead
we fail reading the image file gracefully.

(cherry picked from commit cdb648dc4115ce0722f3cc75e6a65115fc0e56ab)
 2017-01-17 09:30:43 +01:00
Nikita Popov 6477bb724e Add additional serialize tests for fixed bugs 
These have been fixed as a side-effect of the delayed __wakeup
patch.
 2017-01-16 13:24:13 +01:00
Stanislav Malyshev 50b38322b9 Fix typo 2017-01-16 00:23:06 -08:00
Stanislav Malyshev 814966ad33 Fix test 2017-01-15 18:42:22 -08:00
Stanislav Malyshev 0ab1af7d3e Update more functions with path check 2017-01-15 17:31:08 -08:00
Mitch Hagstrand ad9c552b12 Fix glob-wrapper.phpt to not fail in Windows 2017-01-10 23:18:52 +01:00
Sara Golemon 7e49e8e797 Fix open_basedir check for glob:// opendir wrapper 
php_check_open_basedir() expects a local filesystem path,
but we're handing it a `glob://...` URI instead.

Move the check to after the path trim so that we're checking
a meaningful pathspec.
 2017-01-09 11:02:50 -08:00
Remi Collet db890956ec add skip when json not loaded 2017-01-06 06:23:59 +01:00
Nikita Popov 900b17b15f Fix printf modifier 2017-01-05 11:37:06 +01:00
Nikita Popov f697874e3f Add tests for delayed __wakeup() 2017-01-05 00:21:48 +01:00
Nikita Popov 0426b916df Implement delayed __wakeup 2017-01-05 00:21:48 +01:00
Stanislav Malyshev fa2125df67 Merge branch 'PHP-5.6.30' into PHP-5.6 
* PHP-5.6.30:
  Fix bug #73737 FPE when parsing a tag format
  Fix bug #73773 - Seg fault when loading hostile phar
  Fix bug #73825 - Heap out of bounds read on unserialize in finish_nested_data()
  Fix bug #73768 - Memory corruption when loading hostile phar
  Fix int overflows in phar (bug #73764)
 2017-01-02 20:56:32 -08:00
Nikita Popov a65ad951ad FIx bug #70213 2017-01-01 14:10:49 +01:00
Stanislav Malyshev 1cda0d7c2f Fix bug #73737 FPE when parsing a tag format 2016-12-31 19:31:49 -08:00
Stanislav Malyshev e5246580a8 Fix bug #73773 - Seg fault when loading hostile phar 2016-12-31 18:47:50 -08:00
Stanislav Malyshev 16b3003ffc Fix bug #73825 - Heap out of bounds read on unserialize in finish_nested_data() 2016-12-30 16:59:46 -08:00
Stanislav Malyshev b28b8b2fee Fix bug #73768 - Memory corruption when loading hostile phar 2016-12-30 15:57:24 -08:00
Stanislav Malyshev ca46d0acbc Fix int overflows in phar (bug #73764) 2016-12-30 15:39:48 -08:00
Christoph M. Becker 2ba3b27594 Revert "Fix #73530: Unsetting result set may reset other result set" 
This reverts commit eb570294a2.

That commit caused a regression, so it's probably best to revert it, and
to tackle the issue for the next minor release.
 2016-12-29 12:59:04 +01:00
Anatol Belski 79e47aae41 fix C89 compat 2016-12-17 20:43:32 +01:00
Matteo Beccati 0c9324ea9b Skip tests when secure_file_priv dir not writable 2016-12-15 09:31:00 +01:00
Anatol Belski c89306ac52 fix leak, take 2 2016-12-06 16:12:39 +01:00
Anatol Belski b04d60626d fix leak, take on 5.6 2016-12-06 14:34:27 +01:00
Stanislav Malyshev d7ce944cf1 This still leaks memory, I don't have enough knowledge in WDDX code to fix them :( 2016-12-05 22:32:59 -08:00
Stanislav Malyshev 266ecb6d0a Fix bug #73631 - Invalid read when wddx decodes empty boolean element 2016-12-05 21:40:55 -08:00
Stanislav Malyshev c8778eb293 oops, changed in wrong place 2016-11-27 16:11:41 -08:00
Stanislav Malyshev 8856b3a63c Merge branch 'pull-request/1974' into PHP-5.6 
* pull-request/1974:
  Fix #68447: grapheme_extract take an extra trailing character
 2016-11-27 15:34:58 -08:00
Christoph M. Becker 5049ef2f1c Fix #73549: Use after free when stream is passed to imagepng 
If a stream is passed to imagepng() or other image output functions,
opposed to a filename, we must not close this stream.
 2016-11-27 14:51:02 -08:00
Matteo Beccati 2a80758fd5 Fix occasionaly failing test 2016-11-27 10:20:13 +01:00
Stanislav Malyshev bc85678df3 Add more mbfl string size checks (bug #73505) 2016-11-26 14:49:48 -08:00
Christoph M. Becker 7f529e3dee Fix #73582: Failing ext/gd/tests/imagettftext_charmap_order.phpt 
This test is not supposed to work with JIS-mapped Japanese font support
enabled.
 2016-11-25 23:14:08 +01:00
Derick Rethans 6785ea2340 Updated to version 2016.10 (2016j) 2016-11-24 10:40:11 +00:00
Nikita Popov 2d19c92fc2 Make php_url_parse_ex() respect length argument 
This should fix all out-of-bounds reads that could previously
occur if the string passed to php_url_parse_ex() is not NUL
terminated.
 2016-11-22 19:24:24 +01:00
Nikita Popov f0f68c7274 Cleanup parse_url() query/fragment handling 
The query/fragment handling was pretty convoluted, with many parts
being duplicated. Simplify by checking for fragment, then for query,
then for path.
 2016-11-22 19:24:23 +01:00
Nikita Popov 9befad6fc2 Cleanup parse_url() gotos 
Simplify some unnecessarily complicated code. In particular the
length updates are unnecessary (length is only used at the very
start) and we're goto'ing around a bit too much.
 2016-11-22 19:24:21 +01:00
Craig Duncan 644e290fcd Fix bug #73498 
Postgres uses the DELIMITER keyword since 7.3
And WITH is no longer required/used
 2016-11-22 00:42:45 +01:00
Craig Duncan d36d4c70d3 Add a test for bug 73498 2016-11-22 00:42:45 +01:00
Anatol Belski 4805be1db6 add test for bug #73452 2016-11-21 15:25:46 +01:00
Anatol Belski 0da5cb5fb6 Backport 15ac4904 to 5.6 2016-11-21 15:20:03 +01:00
Mitch Hagstrand 55980684f6 Fix the lchwon error test for Travis CI. 
The E_WARNING message from the PHP function lchown is passed
from the system function lchown. The error message returned
from lchown can be filesystem dependent.
 2016-11-18 17:55:44 +01:00
Julien Pauli 49030f2a25 Improvement for bug73297 2016-11-17 11:33:36 +01:00
Rowan Collins eba5e276c7 Simplify ext/standard/tests/http/bug73297.phpt 2016-11-17 11:04:57 +01:00
Rowan Collins aec1a5eccc http_fopen_wrapper.c - bug#73297 Skip past "100 Continue" responses 2016-11-17 11:04:56 +01:00
Rowan Collins 6122526cea Add failing test for bug#73297 2016-11-17 11:04:56 +01:00
Dmitry Stogov 9849c97b1b Accorate handling of too big inodes of chroot directories 2016-11-17 01:08:42 +03:00
Dmitry Stogov 935d922114 "opcache.validate_root" is useless on Windows 2016-11-16 23:15:14 +03:00
Dmitry Stogov 8202b97077 Use full path 2016-11-16 23:01:40 +03:00
Dmitry Stogov a91f3d475e Fixed ZTS build 2016-11-16 16:43:57 +03:00