php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-22 15:38:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
114,174 Commits 549 Branches 1,485 Tags
2dddab01ae6a5427d9f6f38770cea4553e93b033
Commit Graph

1657 Commits

Author SHA1 Message Date
Nikita Popov a73f98eda9 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Add SKIPIF to test requiring mbregex
 2020-01-30 11:21:26 +01:00
Nikita Popov 6ccd675776 Add SKIPIF to test requiring mbregex 2020-01-30 11:20:42 +01:00
Nikita Popov 43465768f1 Fix shift ub in mbstring 
Ideally "c" would be an unsigned integer...
 2020-01-30 10:07:25 +01:00
Nikita Popov 9aadcb18e1 Restore digit check in mb_decode_numericentity() 
I replaced it with a multiplication overflow check in
18599f9c52. However, we need both,
because the code for restoring the number can't handle numbers
with many leading zeros right now and I don't feel like teaching it.
 2020-01-30 10:07:01 +01:00
Nikita Popov acc616c455 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Fix mb_ord() crash if internal encoding not supported
 2020-01-29 16:19:14 +01:00
Nikita Popov a62c06c4cf Fix mb_ord() crash if internal encoding not supported 
enc_name can be NULL here. Take the name from the mbfl_encoding
instead.
 2020-01-29 16:18:46 +01:00
Nikita Popov 18599f9c52 Better overflow check for entity decoding 
Check for multiplication overflow rather than number of digits.
 2020-01-29 16:08:46 +01:00
Nikita Popov 085371b299 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Reset MBREX(search_re) in RSHUTDOWN
 2020-01-29 16:05:38 +01:00
Nikita Popov 560ff9725e Reset MBREX(search_re) in RSHUTDOWN 
This is going to cause a segfault if reused in the next request.
To illustrate the issue, run these two scripts in sequence with
the built-in server:

// script1.php
mb_ereg_search_init('foobar');
mb_ereg_search('foo');

// script2.php
var_dump(mb_ereg_search_init("foobar"));
var_dump(mb_ereg_search_pos());
 2020-01-29 16:05:11 +01:00
Nikita Popov b3f07afabc Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Fix use of mb_ereg_search_getregs() after invalid pattern
 2020-01-29 12:50:40 +01:00
Nikita Popov 392ad206a4 Fix use of mb_ereg_search_getregs() after invalid pattern 
This segfaulted because we assumed that if there are matches,
there must be a regular expression as well.
 2020-01-29 12:50:18 +01:00
Nikita Popov 5589bf4d4a Fix length inconsistency in mb_convert_encoding 
Don't mix strlen() and ZSTR_LEN(). If the encoding contains a
NULL byte, this will overflow the buffer.

NULL bytes will still make this behave oddly because the consuming
code will cut off the string there, but let's address that in master...
 2020-01-29 12:19:28 +01:00
Nikita Popov 91f878779c Fix recovery of large entities in mb_decode_numericentity() 
Make sure we don't overflow the integer.
 2020-01-29 11:48:34 +01:00
Nikita Popov 9fcaf25c93 Fix memory leak in mb_str_split 2020-01-28 17:39:49 +01:00
Christoph M. Becker f1bf4bf6eb Don't leak encoding_str 2020-01-22 11:15:16 +01:00
Christoph M. Becker ab846173e2 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Fix #79154: mb_convert_encoding() can modify $from_encoding
 2020-01-22 10:30:25 +01:00
Christoph M. Becker 9be31a582a Fix #79154: mb_convert_encoding() can modify $from_encoding 
We must not modify arrays passed by value.
 2020-01-22 10:28:07 +01:00
Christoph M. Becker 94c9dc498f Fix #79149: SEGV in mb_convert_encoding with non-string encodings 
We must not assume that `hash_entry` `IS_STRING`, but rather use
`encoding_str` which is guaranteed to be.
 2020-01-22 09:43:51 +01:00
Stanislav Malyshev a29c793381 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Update NEWS
  Fix bug #79037 (global buffer-overflow in `mbfl_filt_conv_big5_wchar`)
  Fix #79099: OOB read in php_strip_tags_ex
  Fix #79091: heap use-after-free in session_create_id()
 2020-01-20 22:47:01 -08:00
Stanislav Malyshev 25ec7eb346 Merge branch 'PHP-7.2' into PHP-7.3 
* PHP-7.2:
  Update NEWS
  Fix bug #79037 (global buffer-overflow in `mbfl_filt_conv_big5_wchar`)
  Fix #79099: OOB read in php_strip_tags_ex
  Fix #79091: heap use-after-free in session_create_id()
 2020-01-20 22:46:29 -08:00
Stanislav Malyshev 2bcbc95f03 Fix bug #79037 (global buffer-overflow in mbfl_filt_conv_big5_wchar) 2020-01-20 21:43:42 -08:00
Christoph M. Becker 1979c5d16f Upgrade to Oniguruma 6.9.4 
Oniguruma 6.9.4 fixes several CVEs.
 2019-11-30 14:00:41 +01:00
Christoph M. Becker 8c4b0ddde5 Add missing skip checks 2019-11-29 23:50:05 +01:00
Christoph M. Becker ff2140c49d Partially revert "Adapt test cases for Oniguruma 6.9.4" 
This partially reverts commit c55d09c2f5,
because `MB_ONIGURUMA_VERSION` is only available as of PHP 7.4.0, so
that change made no sense for PHP-7.3; we keep it for PHP-7.4, though.
We also stick with the modification to bug78633.phpt.
 2019-11-29 23:40:30 +01:00
Christoph M. Becker 2b700841c5 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Adapt test cases for Oniguruma 6.9.4
 2019-11-29 17:00:11 +01:00
Christoph M. Becker c55d09c2f5 Adapt test cases for Oniguruma 6.9.4 
Apparently, bug 78633 has now really been fixed; the former fix only
catered to the buffer overflow, but yielded a wrong result.  Also,
the order of the named captures has been fixed.
 2019-11-29 16:59:19 +01:00
Christoph M. Becker 85874af404 Remove obsolete oniguruma.patch 
The proper `SIZEOF_SIZE_T` definitions are available as of Oniguruma
6.9.1; no more need to patch.
 2019-11-05 10:16:22 +01:00
Stanislav Malyshev d517c559fc Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Fix #78633: Heap buffer overflow (read) in mb_eregi
 2019-10-20 23:20:16 -07:00
Christoph M. Becker 4f50d58cab Fix #78633: Heap buffer overflow (read) in mb_eregi 
We backport kkos/oniguruma@15c4228aa2.
 2019-10-20 22:47:38 -07:00
Nikita Popov 5b067163be Limit retry_limit test to oniguruma >= 6.9.3 
This test is somewhat fragile in that it depends on how well a
particular regex is optimized. Apparently on 6.9.1 this regex
would hit the default retry_limit of 1000000 already. I'm limiting
this to 6.9.3 because that's the version that works for me.
 2019-10-07 10:49:34 +02:00
Nikita Popov 6623e7ac51 Add support for mbstring.regex_retry_limit 
This is very similar to the existing mbstring.regex_stack_limit,
but for backtracking. The default value matches pcre.backtrack_limit.
Only used on libonig >= 2.8.0.
 2019-10-06 10:06:33 +02:00
Christoph M. Becker 3d89f92784 Skip tests for old versions instead of marking them XFAIL 
According to commit 0eea9a6[1], these tests fail with old Oniguruma
versions; we are not sure which version of Oniguruma is required to let
them pass, but at least 6.9.3 is sufficient.

[1] <http://git.php.net/?p=php-src.git;a=commit;h=0eea9a642941ab5d4c612f8092f186977afbb73e>
 2019-09-30 14:14:23 +02:00
Christoph M. Becker 70f367d48a Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Fix #78609: mb_check_encoding() no longer supports stringable objects
 2019-09-30 13:06:57 +02:00
Christoph M. Becker 2046b3ce4f Merge branch 'PHP-7.2' into PHP-7.3 
* PHP-7.2:
  Fix #78609: mb_check_encoding() no longer supports stringable objects
 2019-09-30 13:04:54 +02:00
Christoph M. Becker 45db6fa567 Fix #78609: mb_check_encoding() no longer supports stringable objects 
We apply type juggling for other types than array.
 2019-09-30 12:42:04 +02:00
Stanislav Malyshev e7befd38d4 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Fix #78559: Heap buffer overflow in mb_eregi
 2019-09-23 21:51:12 -07:00
Christoph M. Becker 8f949eba80 Fix #78559: Heap buffer overflow in mb_eregi 
We backport kkos/oniguruma@d3e402928b.
 2019-09-23 21:49:55 -07:00
Christoph M. Becker 6dea11acd8 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Fix #78579: mb_decode_numericentity: args number inconsistency
 2019-09-21 16:17:45 +02:00
Christoph M. Becker 698088ca7c Merge branch 'PHP-7.2' into PHP-7.3 
* PHP-7.2:
  Fix #78579: mb_decode_numericentity: args number inconsistency
 2019-09-21 16:16:52 +02:00
Christoph M. Becker 398b308316 Fix #78579: mb_decode_numericentity: args number inconsistency 
mb_decode_numericentity() accepts a fourth optional parameter, which is
unused, however.  Since this parameter doesn't do any harm, and to avoid
the small BC break, we're keeping this parameter for PHP 7, but adjust
the arginfo.

For PHP 8, we will remove this parameter.
 2019-09-21 16:15:23 +02:00
Fabien Villepinte db4f5e44e1 Add missing SKIPIF (mbstring) 2019-09-04 08:51:03 +02:00
Stanislav Malyshev 5748cec3ee Upgrade oniguruma lib to 6.9.3 2019-08-27 23:40:46 -07:00
Stanislav Malyshev d3f2cfe20a Update Oniguruma to 6.9.1 2019-08-25 00:02:32 -07:00
Stanislav Malyshev 5704eca6f7 Merge branch 'PHP-7.2' into PHP-7.3 
* PHP-7.2:
  Fix CVE-2019-13224: don't allow different encodings for onig_new_deluxe()
  set version for release
 2019-08-24 23:16:09 -07:00
Stanislav Malyshev 087cb7bab2 Merge branch 'PHP-7.1' into PHP-7.2 
* PHP-7.1:
  Fix CVE-2019-13224: don't allow different encodings for onig_new_deluxe()
  set version for release
 2019-08-24 23:15:36 -07:00
Stanislav Malyshev 1258303e66 Fix CVE-2019-13224: don't allow different encodings for onig_new_deluxe() 
Backport from https://github.com/kkos/oniguruma/commit/0f7f61ed1b7b697e283e37bd2d731d0bd57adb55
 2019-08-24 23:11:45 -07:00
Nikita Popov 7b152990b6 Don't short-circuit MBFL_OUTPUTFILTER_ILLEGAL_MODE_NONE 
Make sure we always go through mbfl_filt_conv_illegal_output(), so
that the number of illegal characters gets counted.
 2019-08-09 16:33:21 +02:00
Nikita Popov 39e756e7fe Deprecate encoding as 3rd param to mb_strrpos() 2019-07-22 11:39:52 +02:00
Christoph M. Becker 737c1b492c Put oniguruma include path to proper CFLAGS 2019-07-19 20:04:47 +02:00
Christoph M. Becker 504cd03fc3 Move Oniguruma related config stuff to where it belongs 
Oniguruma is exclusively used by ext/mbstring, and only if mbregex is
enabled.  Therefore it is unnecessary and confusing to have Oniguruma
related config stuff scattered elsewhere.

While we're at it, we also remove the referral to the bundled libonig
which is removed as of PHP 7.4.0, and the duplicated call to
`PHP_INSTALL_HEADERS()`.
 2019-07-19 19:30:41 +02:00