php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-12 18:43:37 +02:00
Code Issues Packages Projects Releases Wiki Activity
77,286 Commits 547 Branches 1,483 Tags
41fc3c76e97a36ff3b505da7d704ca17bb171fdf
Commit Graph

77286 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stanislav Malyshev
41fc3c76e9 Add check for string overflow to all string add operations 2016-05-09 22:17:20 -07:00
Stanislav Malyshev
abd159cce4 Fix bug #72114 - int/size_t confusion in fread 2016-05-09 21:55:29 -07:00
Julien Pauli
95ed19ae28 Updated NEWS 2016-05-02 16:52:58 +02:00
Julien Pauli
a4abd2bed9 Backport of fixed for bug #71331 - Uninitialized pointer in phar_make_dirstream() 2016-05-02 16:49:47 +02:00
Lior Kaplan
5c571626e3 Update PHP 5.5 NEWS entries with CVE info 2016-05-01 13:14:57 +02:00
Julien Pauli
6058b78878 Added CVE 2016-04-29 09:12:27 +02:00
Stanislav Malyshev
9649ca1630 Fixed bug #71331 - Uninitialized pointer in phar_make_dirstream() 2016-04-28 20:57:44 +03:00
Julien Pauli
008f983ba6 Updated NEWS 2016-04-27 11:55:05 +02:00
Stanislav Malyshev
61c7a06e7c Fix memory leak 2016-04-26 22:54:58 -07:00
Stanislav Malyshev
dccda88f27 Fix bug #72099: xml_parse_into_struct segmentation fault 2016-04-26 22:46:28 -07:00
Julien Pauli
f856734c67 5.5.36 now 2016-04-26 22:34:00 +02:00
Stanislav Malyshev
082aecfc3a Fix bug #72094 - Out of bounds heap read access in exif header processing 2016-04-24 19:33:52 -07:00
Stanislav Malyshev
d650063a04 Fix bug #72093: bcpowmod accepts negative scale and corrupts _one_ definition 
We can not modify result since it can be copy of _zero_ or _one_, etc. and
"copy" in bcmath is just bumping the refcount.
 2016-04-24 18:33:32 -07:00
Stanislav Malyshev
fd9689745c Fix bug #72061 - Out-of-bounds reads in zif_grapheme_stripos with negative offset 2016-04-24 13:15:17 -07:00
Stanislav Malyshev
b15f0ecc0f Fix for bug #71912 (libgd: signedness vulnerability) 2016-04-18 22:24:16 -07:00
Julien Pauli
8a4d164c2b Typo in NEWS 2016-03-31 17:45:07 +02:00
Anatol Belski
4b0b1cec00 fix borked mainstream patch 2016-03-31 01:33:38 +02:00
Julien Pauli
f0120ff878 5.5.35 now 2016-03-29 18:11:03 +02:00
Anatol Belski
551423c642 fix dir separator in test 2016-03-29 14:18:25 +02:00
Anatol Belski
fe13566c93 Fixed bug #71527 Buffer over-write in finfo_open with malformed magic file 
The actual fix is applying the upstream patch from
6713ca45e7
 2016-03-29 13:10:39 +02:00
Anatol Belski
9c19a08b9d Fixed bug #71704 php_snmp_error() Format String Vulnerability 
Conflicts:
	ext/snmp/snmp.c
 2016-03-28 23:42:19 -07:00
Stanislav Malyshev
3dd82caf57 Merge branch 'PHP-5.5.34' into PHP-5.5 
* PHP-5.5.34:
  Fixed bug #71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut
 2016-03-28 23:29:45 -07:00
Stanislav Malyshev
f8dd10508b Fixed bug #71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut 2016-03-28 23:15:16 -07:00
Stanislav Malyshev
64f42c73ef Fixed bug #71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut 2016-03-28 01:22:37 -07:00
Stanislav Malyshev
95433e8e33 Fix bug #71798 - Integer Overflow in php_raw_url_encode 2016-03-27 14:22:19 -07:00
Stanislav Malyshev
72281f29dd Fix bug #71860: Require valid paths for phar filenames 2016-03-20 21:33:11 -07:00
Julien Pauli
914d33c40e Going for 5.5.34 2016-03-02 11:02:42 +01:00
Stanislav Malyshev
3c8ccdd9d3 fix test file 2016-03-01 22:55:02 -08:00
Stanislav Malyshev
54df59b729 Fix version 2016-03-01 22:47:27 -08:00
Stanislav Malyshev
153a44d6bb Update NEWS 2016-03-01 22:37:23 -08:00
Stanislav Malyshev
a6fdc5bb27 Fix bug #71498: Out-of-Bound Read in phar_parse_zipfile() 2016-02-21 16:51:05 -08:00
Stanislav Malyshev
b1bd4119bc Fixed bug #71587 - Use-After-Free / Double-Free in WDDX Deserialize 2016-02-14 22:34:39 -08:00
Anatol Belski
377d353c9f add error check to sysconf call 2016-02-02 14:19:10 +01:00
Julien Pauli
7d875fb9df Going for 5.5.33 now 2016-02-02 10:42:49 +01:00
Stanislav Malyshev
2a7d8c0a06 fix tests 2016-02-01 18:58:02 -08:00
Stanislav Malyshev
e7051cb47a fix NEWS 2016-02-01 18:47:56 -08:00
Stanislav Malyshev
0d86a98c31 update NEWS 2016-02-01 18:44:33 -08:00
Stanislav Malyshev
b5ef8ed168 Merge branch 'PHP-5.5' into PHP-5.5.32 
* PHP-5.5:
  Upgrade bundled PCRE to 8.38
  Fixed NEWS file entry
 2016-02-01 18:28:49 -08:00
Stanislav Malyshev
ca02d9c2d6 Upgrade bundled PCRE to 8.38 2016-01-31 20:37:47 -08:00
Stanislav Malyshev
07c7df68bd Fixed bug #71488: Stack overflow when decompressing tar archives 2016-01-31 19:37:56 -08:00
Anatol Belski
a1c675e3f2 update NEWS 2016-01-28 13:57:44 +01:00
Anatol Belski
686a17893a add missing headers for SIZE_MAX 2016-01-28 13:46:34 +01:00
Anatol Belski
f4d7bbf4ac backport the escapeshell* functions hardening branch 2016-01-28 13:45:43 +01:00
Anatol Belski
828364e59c add tests 2016-01-28 13:27:26 +01:00
Julien Pauli
df78eacc2f Fixed NEWS file entry 2016-01-28 12:47:53 +01:00
Stanislav Malyshev
54c210d2ea Fix bug #71459 - Integer overflow in iptcembed() 2016-01-26 17:26:52 -08:00
Stanislav Malyshev
6297a117d7 Fixed bug #71323 - Output of stream_get_meta_data can be falsified by its input 2016-01-16 22:10:54 -08:00
Stanislav Malyshev
1c1b8b6998 Fix bug #71391: NULL Pointer Dereference in phar_tar_setupmetadata() 2016-01-16 20:43:43 -08:00
Stanislav Malyshev
285cd3417f Fix bug #71335: Type Confusion in WDDX Packet Deserialization 2016-01-13 16:43:04 -08:00
Stanislav Malyshev
635ba1f2c3 Merge branch 'bug71354' into PHP-5.5.32 
* bug71354:
  Fix bug #71354 - remove UMR when size is 0
 2016-01-13 16:33:37 -08:00