php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-24 08:28:26 +02:00
Code Issues Packages Projects Releases Wiki Activity
83,584 Commits 549 Branches 1,485 Tags
43ccf23d700ae780451e257f5a66d4210f82f026
Commit Graph

83584 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sara Golemon 43ccf23d70 Clear FG(user_stream_current_filename) when bailing out 
If a userwrapper opener E_ERRORs then FG(user_stream_current_filename)
would remain set until the next request and would not be pointing
at unallocated memory.

Catch the bailout, clear the variable, then continue bailing.

Closes https://bugs.php.net/bug.php?id=73188
 2016-10-11 21:55:01 -07:00
Stanislav Malyshev 689a9b8def Merge branch 'PHP-5.6.27' into PHP-5.6 
* PHP-5.6.27:
  Fix tests
  fix tsrm
  Fix bug #73284 - heap overflow in php_ereg_replace function
  Fix bug #73276 - crash in openssl_random_pseudo_bytes function
  Fix bug #73293 - NULL pointer dereference in SimpleXMLElement::asXML()
  fix bug #73275 - crash in openssl_encrypt function
  Fix for #73240 - Write out of bounds at number_format
  Bug #73218: add mitigation for ICU int overflow
  Add more locale length checks, due to ICU bugs.
  Fix bug #73208 - another missing length check
  Fix bug #73190: memcpy negative parameter _bc_new_num_ex
  Fix bug #73189 - Memcpy negative size parameter php_resolve_path
  Fixed bug #73174 - heap overflow in php_pcre_replace_impl
  Fix bug #73150: missing NULL check in dom_document_save_html
  Fix bug #73147: Use After Free in PHP7 unserialize()
  Fix bug #73082
  Fix bug #73073 - CachingIterator null dereference when convert to string
 2016-10-11 16:26:35 -07:00
Stanislav Malyshev 082d1f2375 Fix tests 2016-10-11 16:18:08 -07:00
Stanislav Malyshev c1112ff323 fix tsrm 2016-10-11 14:39:16 -07:00
Stanislav Malyshev 21452a5401 Fix bug #73284 - heap overflow in php_ereg_replace function 2016-10-11 14:16:51 -07:00
Stanislav Malyshev 85a22a0af0 Fix bug #73276 - crash in openssl_random_pseudo_bytes function 2016-10-11 13:37:47 -07:00
Stanislav Malyshev 96a8cf8e1b Fix bug #73293 - NULL pointer dereference in SimpleXMLElement::asXML() 2016-10-11 13:30:52 -07:00
Stanislav Malyshev 8822f7c9f0 fix bug #73275 - crash in openssl_encrypt function 2016-10-11 13:19:20 -07:00
Stanislav Malyshev 8259130b6b Fix for #73240 - Write out of bounds at number_format 2016-10-10 23:42:50 -07:00
Anatol Belski 4165d97606 update NEWS 2016-10-10 20:55:44 +02:00
Anatol Belski 256b150a96 add test for bug #73037 2016-10-10 15:59:52 +02:00
Christoph M. Becker fc989fc6e7 Fix #73279: Integer overflow in gdImageScaleBilinearPalette() 
The color components are supposed to be in range 0..255, so we must not
cast them to `signed char`, what can be the default for `char`.

Port of <https://github.com/libgd/libgd/commit/77c8d359>.
 2016-10-10 11:41:39 +02:00
Christoph M. Becker b92216b97d Fix #73272: imagescale() affects imagesetinterpolation() 
We must not permanently change the interpolation method, but rather
have to restore the old method after we're done with scaling the image.
 2016-10-09 15:10:34 +02:00
Anatol Belski 3c5742ebd7 fix leak 2016-10-08 19:07:35 +02:00
Nikita Popov b061fa909d Fix bug #73192 2016-10-08 01:04:22 +02:00
Nikita Popov bc3a0b82b8 Revert "Fixed test" 
This reverts commit a10d03ac16.
 2016-10-08 00:43:36 +02:00
Nikita Popov 1c468ee044 Revert "Added validation to parse_url() to prohibit restricted characters inside login/pass components based on RFC3986" 
This reverts commit 085dfca02b.
 2016-10-08 00:43:17 +02:00
Anatol Belski 07546496b1 Fix bug #73037, second round 2016-10-05 14:54:06 +02:00
Stanislav Malyshev d946d10293 Bug #73218: add mitigation for ICU int overflow 2016-10-04 22:40:43 -07:00
Stanislav Malyshev d3eb58332a Add more locale length checks, due to ICU bugs. 2016-10-04 21:28:40 -07:00
Ilia Alshanetsky a10d03ac16 Fixed test 2016-10-04 21:20:38 -07:00
Ilia Alshanetsky 085dfca02b Added validation to parse_url() to prohibit restricted characters inside login/pass components based on RFC3986 2016-10-04 21:20:31 -07:00
Stanislav Malyshev 8ea01d5f19 Apparently negative wordwrap is a thing and should work as length = 0. 
I'll leave it as is for now.
 2016-10-03 19:17:42 -07:00
Stanislav Malyshev 631173aa5c Really fix bug #73017 2016-10-03 18:07:21 -07:00
Stanislav Malyshev ef801b9bf9 Fix bug #73208 - another missing length check 2016-10-03 00:12:14 -07:00
Stanislav Malyshev 40e7baab3c Fix bug #73190: memcpy negative parameter _bc_new_num_ex 2016-10-03 00:09:02 -07:00
Nikita Popov f9d4b1a3f1 Fix leak in zend_exception_error 
Only occurs if a non-fatal severity level is used, e.g. when using
interactive mode.
 2016-10-01 19:04:31 +02:00
Christoph M. Becker 9acfb1a3a5 Fix #73213: Integer overflow in imageline() with antialiasing 
We port the respective fixes <https://github.com/libgd/libgd/commit/eca37d620>
and <https://github.com/libgd/libgd/commit/837b7327> to our bundled libgd.
 2016-09-30 23:38:13 +02:00
Derick Rethans c0219b323e Fixed tests due to changes in underlaying data 2016-09-30 20:49:44 +01:00
Derick Rethans 91fd4bf000 Fixed parsing of AM/PM without all the expected dots in place 2016-09-30 20:21:48 +01:00
Christoph M. Becker e72165bb86 Fix #73203: passing additional_parameters causes mail to fail 
We make sure that there's no unsigned underflow, which happened for `y==0`.
 2016-09-30 11:38:09 +02:00
Stanislav Malyshev da7e89cde8 Fix bug #73189 - Memcpy negative size parameter php_resolve_path 2016-09-28 23:30:48 -07:00
Stanislav Malyshev 29e2a204fb Fixed bug #73174 - heap overflow in php_pcre_replace_impl 2016-09-28 22:29:59 -07:00
Ferenc Kovacs 703c247c7d 5.6.28 is next 2016-09-29 00:55:36 +02:00
Derick Rethans 6a544f2d1e Updated to version 2016.7 (2016g) 2016-09-28 23:30:26 +01:00
Nikita Popov 1f5412982c Handle resource keys in constexpr arrays 2016-09-28 23:11:02 +02:00
Nikita Popov 40b8105cca Fix the constant array case as well 2016-09-28 23:05:21 +02:00
Nikita Popov 99bf19c177 Check next_index_insert failure in ADD_ARRAY_ELEMENT 2016-09-28 22:35:27 +02:00
Christoph M. Becker 4f0960a800 Fix #53745: cgi.discard_path option is missing from php.ini 
Also cgi.check_shebang_line has been missing.
 2016-09-26 18:41:09 +02:00
Anatol Belski 66baefec44 update libs_versions.txt 2016-09-26 15:39:01 +02:00
Stanislav Malyshev 1c0e9126fb Fix bug #73150: missing NULL check in dom_document_save_html 2016-09-25 21:25:01 -07:00
Stanislav Malyshev 0e6fe3a4c9 Fix bug #73147: Use After Free in PHP7 unserialize() 2016-09-25 19:53:59 -07:00
Stanislav Malyshev e1709b7e58 Fix bug #73082 2016-09-25 16:07:14 -07:00
Christoph M. Becker c696bc8cfa Fix test_image_equals_file() wrt. palette images 
The recently introduced test_image_equals_file() doesn't properly work for
palette images, because in this case only the palette indexes are compared,
what can lead to false positives and negatives as shown in the added test.

To fix that we convert palette images to truecolor, what is supposed to be
faster than calling imagecolorsforindex() for each pixel.

We furthermore rely on PHP's refcounting to free unused images; after all,
this is not C.
 2016-09-25 10:34:03 +02:00
Christoph M. Becker c596b02a5b Merge branch 'pull-request/2120' into PHP-5.6 2016-09-24 17:52:15 +02:00
Christoph M. Becker 8f5eda4bf6 Fix #73161: imagecreatefromgd2() may leak memory 2016-09-24 12:36:54 +02:00
Christoph M. Becker 709731797c Fix #73159: imagegd2(): unrecognized formats may result in corrupted files 
We must not apply the format correction twice for truecolor images.
 2016-09-24 11:28:20 +02:00
Christoph M. Becker c7936ead8f Fix #73155: imagegd2() writes wrong chunk sizes on boundaries 2016-09-24 10:33:49 +02:00
Christoph M. Becker 1da79a6c6e Fix #73157 (again): imagegd2() ignores 3rd param if 4 are given 
Obviously, there was a bad merge.
 2016-09-24 00:35:24 +02:00
Anatol Belski 075aa911ff Revert "Fixed bug #73037 SoapServer reports Bad Request when gzipped" 
This reverts commit f9a699f6c3.
 2016-09-23 18:45:03 +02:00