php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-22 07:28:09 +02:00
Code Issues Packages Projects Releases Wiki Activity
71,032 Commits 549 Branches 1,485 Tags
0ea75af9be8a40836951fc89f723dd5390b8b46f
Commit Graph

29851 Commits

Author SHA1 Message Date
Stanislav Malyshev 0ea75af9be Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER) 2015-04-11 16:53:21 -07:00
Stanislav Malyshev f938112c49 Fix bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault) 2015-04-11 16:53:21 -07:00
Xinchen Hui 920a0afbf8 Fixed bug #68901 (use after free) 2015-04-11 16:28:07 -07:00
Xinchen Hui 9a404df382 Fixed bug #68740 (NULL Pointer Dereference) 
(cherry picked from commit 124fb22a13)
 2015-04-05 22:48:10 -07:00
Stanislav Malyshev 5ae20c6247 Fix bug #66550 (SQLite prepared statement use-after-free) 2015-04-05 22:36:26 -07:00
Remi Collet bd31cb7563 Better fix for #68601 for perf 
https://bitbucket.org/libgd/gd-libgd/commits/81e9a993f2893d651d225646378e3fd1b7465467
 2015-04-05 17:36:47 -07:00
Remi Collet afbf725e73 Fix bug #68601 buffer read overflow in gd_gif_in.c 2015-04-05 17:33:52 -07:00
Dmitry Stogov 75f40ae1f3 Fixed bug #69293 2015-03-27 18:40:58 +03:00
Stanislav Malyshev 968fbc6acf Bacport fix bug #68741 - Null pointer dereference 2015-03-22 18:30:05 -07:00
Stanislav Malyshev fb83c76dee Check that the type is correct 2015-03-22 18:17:47 -07:00
Dmitry Stogov 51856a76f8 Fixed bug #69152 2015-03-19 11:36:01 +03:00
Stanislav Malyshev ef8fc4b53d Fix bug #69253 - ZIP Integer Overflow leads to writing past heap boundary 2015-03-17 21:59:56 -07:00
Stanislav Malyshev fb04dcf6db Fix bug #69248 - heap overflow vulnerability in regcomp.c 
Merged from https://github.com/garyhouston/regex/commit/70bc2965604b6b8aaf260049e64c708dddf85334
 2015-03-17 17:04:57 -07:00
Stanislav Malyshev 8b14d3052f add test for bug #68976 2015-03-17 17:03:46 -07:00
Stanislav Malyshev 646572d6d3 Fixed bug #68976 - Use After Free Vulnerability in unserialize() 2015-03-17 13:20:22 -07:00
Stanislav Malyshev 9ba4db5e5d fix tests 2015-03-17 12:55:35 -07:00
Stanislav Malyshev 1291d6bbee Fix bug #69207 - move_uploaded_file allows nulls in path 2015-03-17 12:47:58 -07:00
Dmitry Stogov c8eaca013a Added type checks 2015-03-03 10:43:48 +03:00
Dmitry Stogov 0c136a2abd Added type checks 2015-03-03 09:44:46 +03:00
Dmitry Stogov d5248f67b5 Check variable type before its usage as IS_ARRAY. 2015-03-02 12:27:36 +03:00
Stanislav Malyshev bdfe457a2c Port for for bug #68552 2015-02-17 06:53:02 +01:00
Stanislav Malyshev 7b18981830 Fix bug #68942 (Use after free vulnerability in unserialize() with DateTimeZone) 
Conflicts:
	ext/date/php_date.c
 2015-02-17 06:43:51 +01:00
Felipe Pena 8f9ab04d93 - Fixed bug #67827 (broken detection of system crypt sha256/sha512 support) 2015-02-17 00:23:47 -02:00
Felipe Pena e08bef442c - Fixed bug #67427 (SoapServer cannot handle large messages) patch by: brandt at docoloc dot de 2015-02-16 13:07:26 -02:00
Yasuo Ohgaki a8722f5330 Add NULL byte protection to exec, system and passthru 2015-02-14 05:25:04 +09:00
Stanislav Malyshev f001c63073 Update header handling to RFC 7230 2015-02-05 20:08:12 -08:00
Stanislav Malyshev 7efbd70b03 fix sizeof size 2015-02-01 12:40:38 -08:00
Stanislav Malyshev 94d6cb4a78 fix TSRM 2015-01-31 23:34:14 -08:00
Stanislav Malyshev b30a6d6018 Use better constant since MAXHOSTNAMELEN may mean shorter name 2015-01-31 21:46:56 -08:00
Stanislav Malyshev 0f9c708229 Add mitigation for CVE-2015-0235 (bug #68925) 2015-01-31 19:08:13 -08:00
Stanislav Malyshev e63f7b47e1 Merge branch 'bug68710' into PHP-5.4 
* bug68710:
  Fix for bug #68710 (Use After Free Vulnerability in PHP's unserialize())
 2015-01-20 01:02:26 -08:00
Stanislav Malyshev fc6aa939f5 Merge branch 'bug68799' into PHP-5.4 
* bug68799:
  Fix bug #68799: Free called on unitialized pointer
 2015-01-20 01:00:11 -08:00
Daniel Lowrey e2fe8e164f Fixed bug #55618 (use case-insensitive cert name matching) 2015-01-14 18:02:50 +01:00
Stanislav Malyshev 2fc178cf44 Fix bug #68799: Free called on unitialized pointer 2015-01-11 00:51:05 -08:00
Anatol Belski ebb98e7aeb updated libmagic.patch in 5.4 2015-01-04 17:04:13 +01:00
Anatol Belski ede59c8feb Fixed bug #68735 fileinfo out-of-bounds memory access 2015-01-04 14:20:21 +01:00
Remi Collet 919abf0cb1 removed dead code 2015-01-04 09:40:19 +01:00
Stanislav Malyshev b585a3aed7 Fix for bug #68710 (Use After Free Vulnerability in PHP's unserialize()) 2015-01-01 16:19:05 -08:00
Stanislav Malyshev b75867fff0 add missing test file 2014-12-16 10:15:17 -08:00
Stanislav Malyshev 630f9c33c2 Fix bug #68594 - Use after free vulnerability in unserialize() 2014-12-16 10:15:17 -08:00
Andrea Faulds 034e6decb3 Fix undefined behaviour in strnatcmp 2014-12-13 22:27:10 +00:00
Anatol Belski 0323f66fa2 move the test to the right place 2014-12-11 10:39:47 -08:00
Anatol Belski 13f1c276ab Fixed bug #68545 NULL pointer dereference in unserialize.c 2014-12-11 10:39:37 -08:00
Dmitry Stogov dd791cd717 Fixed possible read after end of buffer and use after free. 2014-12-08 12:18:27 +03:00
Chris Christoff 0e985d3726 Revert unintentional docblock change 
Revert unintentional docblock change

It looks like commit dd8e59da8f
introduced an unintended docbloc change. I have reverted this
change in this commit.
 2014-12-05 13:57:03 -08:00
Stanislav Malyshev 84be568366 update news 2014-11-30 21:37:39 -08:00
Leigh 7e870c596d Bug fixes in light of failing bcrypt tests 
Conflicts:
	ext/standard/crypt.c
 2014-11-30 21:06:39 -08:00
Leigh 2d9d10fbbf Add tests from 1.3. Add missing tests. 
3 of the missing tests fail. // TODO
 2014-11-30 21:05:40 -08:00
Leigh 29f51e1ca9 Upgrade crypt_blowfish to version 1.3 2014-11-30 21:05:32 -08:00
Matteo Beccati 2323e95df9 Fixed bug #66584 Segmentation fault on statement deallocation 2014-11-11 16:25:31 -08:00