php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-18 05:21:02 +02:00
Code Issues Packages Projects Releases Wiki Activity
101,479 Commits 547 Branches 1,483 Tags
4e407b87774a02cd03de2ec453f4c0b84f11cd13
Commit Graph

858 Commits

Author SHA1 Message Date
Anatol Belski
dfc07f038b Sync test with newer output 
Czech Republic vs. newer Czechia
 2018-03-16 18:54:55 +01:00
Remi Collet
c449057808 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  From documentation, only the sign of returned value is relevant
 2017-08-24 10:29:44 +02:00
Remi Collet
b7e96f8e0e From documentation, only the sign of returned value is relevant 
With recent glibc, memcmp sometime return a negative value instead of -1
 2017-08-24 10:27:38 +02:00
Xinchen Hui
4f8e703854 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Fixed bug #75075 (unpack with X* causes infinity loop)
 2017-08-15 12:34:37 +08:00
Xinchen Hui
d8c80af71e Fixed bug #75075 (unpack with X* causes infinity loop) 2017-08-15 12:34:13 +08:00
Stanislav Malyshev
0ba04f7737 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Improve fix for #74145
  Fix wddx
  Fix tests
  Fixed bug #74111
  Fix bug #74603 - use correct buffer size
  Fix bug #74651 - check EVP_SealInit as it can return -1
  Update NEWS
  Fix bug #74087
  Fixed parsing of strange formats with mixed month/day and time strings
  Fix bug #74145 - wddx parsing empty boolean tag leads to SIGSEGV
  Fixed bug #74111
  Fix #74435: Buffer over-read into uninitialized memory
  Fix bug #74603 - use correct buffer size
  Fix bug #74651 - check EVP_SealInit as it can return -1
  Update NEWS
  Fix bug #73807
 2017-07-04 21:18:10 -07:00
Stanislav Malyshev
f76a6cd023 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fix tests
 2017-07-04 21:05:06 -07:00
Stanislav Malyshev
e46d589624 Fix tests 2017-07-04 20:12:57 -07:00
Nikita Popov
8660e95b4c Fixed bug #74041 2017-02-03 17:54:39 +01:00
Nikita Popov
9cc34c4e3e Merge branch 'PHP-7.0' into PHP-7.1 2017-01-10 00:09:02 +01:00
Nikita Popov
69058f35f8 Un-XFAIL serialization test 2017-01-10 00:07:38 +01:00
Joe Watkins
ff4e330eae Merge branch 'pull-request/1905' 
* pull-request/1905:
   pack()/unpack() for Big Endian float/double and Little Endian float/double
 2017-01-03 10:50:19 +00:00
Joe Watkins
e42a01bcd5 Merge branch 'pull-request/1905' 
* pull-request/1905:
   pack()/unpack() for Big Endian float/double and Little Endian float/double
 2017-01-03 10:49:53 +00:00
Anatol Belski
9c7540d357 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  improve skipif
 2016-12-01 13:33:42 +01:00
Anatol Belski
043d8e2fe1 improve skipif 2016-12-01 13:32:10 +01:00
Nikita Popov
9c1c8be7a2 Merge branch 'PHP-7.0' into PHP-7.1 2016-10-08 01:10:37 +02:00
Nikita Popov
159de7723e Merge branch 'PHP-5.6' into PHP-7.0 2016-10-08 01:06:02 +02:00
Nikita Popov
bc3a0b82b8 Revert "Fixed test" 
This reverts commit a10d03ac16.
 2016-10-08 00:43:36 +02:00
Stanislav Malyshev
56e19b7c75 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fixed test
  Added validation to parse_url() to prohibit restricted characters inside login/pass components based on RFC3986
  Apparently negative wordwrap is a thing and should work as length = 0.
 2016-10-04 21:56:28 -07:00
Ilia Alshanetsky
a10d03ac16 Fixed test 2016-10-04 21:20:38 -07:00
Nikita Popov
4c0804c07d Ensure symtable exists before checking it 2016-09-28 19:20:17 +02:00
Xinchen Hui
6617e87700 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Fixed skip
 2016-09-21 17:20:35 +08:00
Xinchen Hui
56e3ec93a9 Fixed skip 2016-09-21 17:20:02 +08:00
Remi Collet
3c117d4136 fix test (32bits) 2016-09-15 15:32:39 +02:00
Stanislav Malyshev
dad0e9d1a3 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0: (22 commits)
  Fix bug #72293 - Heap overflow in mysqlnd related to BIT fields
  I don't think 8cceb012a7 is needed
  Fix test
  Add check in fgetcsv in case sizeof(unit) != sizeof(size_t)
  Fix bug #73065: Out-Of-Bounds Read in php_wddx_push_element of wddx.c
  Fix bug #73035 (Out of bound when verify signature of tar phar in phar_parse_tarfile)
  Fix bug #73052 - Memory Corruption in During Deserialized-object Destruction
  Fix bug #73029 - Missing type check when unserializing SplArray
  Fix bug #72860: wddx_deserialize use-after-free
  Fix bug #73007: add locale length check
  Fix bug #72928 - Out of bound when verify signature of zip phar in phar_parse_zipfile
  sync NEWS
  Revert "Merge branch 'PHP-5.6' into PHP-7.0"
  Merge branch 'PHP-5.6' into PHP-7.0
  Merge branch 'PHP-5.6' into PHP-7.0
  Revert "Revert "Merge branch 'PHP-5.6' into PHP-7.0""
  fix version
  sync NEWS
  Fix bug #72957
  set versions
  ...
 2016-09-12 21:10:34 -07:00
Stanislav Malyshev
07c6bdb85d Merge branch 'PHP-7.0.11' into PHP-7.0 
* PHP-7.0.11: (22 commits)
  Fix bug #72293 - Heap overflow in mysqlnd related to BIT fields
  I don't think 8cceb012a7 is needed
  Fix test
  Add check in fgetcsv in case sizeof(unit) != sizeof(size_t)
  Fix bug #73065: Out-Of-Bounds Read in php_wddx_push_element of wddx.c
  Fix bug #73035 (Out of bound when verify signature of tar phar in phar_parse_tarfile)
  Fix bug #73052 - Memory Corruption in During Deserialized-object Destruction
  Fix bug #73029 - Missing type check when unserializing SplArray
  Fix bug #72860: wddx_deserialize use-after-free
  Fix bug #73007: add locale length check
  Fix bug #72928 - Out of bound when verify signature of zip phar in phar_parse_zipfile
  sync NEWS
  Revert "Merge branch 'PHP-5.6' into PHP-7.0"
  Merge branch 'PHP-5.6' into PHP-7.0
  Merge branch 'PHP-5.6' into PHP-7.0
  Revert "Revert "Merge branch 'PHP-5.6' into PHP-7.0""
  fix version
  sync NEWS
  Fix bug #72957
  set versions
  ...
 2016-09-12 21:09:30 -07:00
Anatol Belski
65bf5e88c7 Revert "Merge branch 'PHP-5.6' into PHP-7.0" 
This reverts commit 946335ba70, reversing
changes made to 3437dbfa00.
 2016-09-11 12:59:43 +02:00
Anatol Belski
435048935e Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Bug #73058 crypt broken when salt is 'too' long
 2016-09-10 02:49:30 +02:00
Anatol Belski
e539ea439b Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Bug #73058 crypt broken when salt is 'too' long
 2016-09-10 02:44:21 +02:00
Anatol Belski
669fda00b7 Bug #73058 crypt broken when salt is 'too' long 2016-09-10 02:39:28 +02:00
Christoph M. Becker
727b422ad9 Fix #72948: Uncatchable "Catchable" fatal error for class to string conversions 
E_RECOVERABLE errors are reported as "Catchable fatal error". This is
misleading, because they actually can't be caught via try-catch statements.
Therefore we change the wording to "Recoverable fatal error" as suggested by
Nikita.
 2016-09-03 13:05:37 +02:00
Anatol Belski
22a825db85 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Fixed bug #72703 Out of bounds global memory read in BF_crypt triggered by password_verify
 2016-08-29 20:34:44 +02:00
Anatol Belski
946335ba70 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fixed bug #72703 Out of bounds global memory read in BF_crypt triggered by password_verify
 2016-08-29 20:32:55 +02:00
Anatol Belski
295303b590 Fixed bug #72703 Out of bounds global memory read in BF_crypt triggered by password_verify 2016-08-29 20:25:34 +02:00
Anatol Belski
526e6bf818 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  fix tests
 2016-08-17 12:41:38 +02:00
Anatol Belski
05c8a0771d fix tests 
The 70436 test is just a bonus for the hardening in 72633.
 2016-08-17 12:39:35 +02:00
Xinchen Hui
ce6ad9bdd9 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0: (48 commits)
  Update NEWs
  Unused label
  Fixed bug #72853 (stream_set_blocking doesn't work)
  fix test
  Bug #72663 - part 3
  Bug #72663 - part 2
  Bug #72663 - part 1
  Update NEWS
  BLock test with memory leak
  fix tests
  Fix TSRM build
  Fix bug #72850 - integer overflow in uuencode
  Fixed bug #72849 - integer overflow in urlencode
  Fix bug #72848 - integer overflow in quoted_printable_encode caused heap corruption
  Fix bug #72838 - 	Integer overflow lead to heap corruption in sql_regcase
  Fix bug #72837 - integer overflow in bzdecompress caused heap corruption
  Fix bug #72836 - integer overflow in base64_decode caused heap corruption
  Fix for bug #72807 - do not produce strings with negative length
  Fix for bug #72790 and bug #72799
  Fix bug #72730 - imagegammacorrect allows arbitrary write access
  ...

Conflicts:
	ext/standard/var_unserializer.c
 2016-08-17 17:14:30 +08:00
Stanislav Malyshev
0d13325b66 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6: (24 commits)
  Update NEWS
  BLock test with memory leak
  fix tests
  Fix TSRM build
  Fix bug #72850 - integer overflow in uuencode
  Fixed bug #72849 - integer overflow in urlencode
  Fix bug #72848 - integer overflow in quoted_printable_encode caused heap corruption
  Fix bug #72838 - 	Integer overflow lead to heap corruption in sql_regcase
  Fix bug #72837 - integer overflow in bzdecompress caused heap corruption
  Fix bug #72836 - integer overflow in base64_decode caused heap corruption
  Fix for bug #72807 - do not produce strings with negative length
  Fix for bug #72790 and bug #72799
  Fix bug #72730 - imagegammacorrect allows arbitrary write access
  Fix bug#72697 - select_colors write out-of-bounds
  Fixed bug #72627: Memory Leakage In exif_process_IFD_in_TIFF
  Fix bug #72750: wddx_deserialize null dereference
  Fix bug #72771: ftps:// opendir wrapper is vulnerable to protocol downgrade attack
  Improve fix for #72663
  Fix bug #70436: Use After Free Vulnerability in unserialize()
  Fix bug #72749: wddx_deserialize allows illegal memory access
  ...

Conflicts:
	Zend/zend_API.h
	ext/bz2/bz2.c
	ext/curl/interface.c
	ext/ereg/ereg.c
	ext/exif/exif.c
	ext/gd/gd.c
	ext/gd/tests/imagetruecolortopalette_error3.phpt
	ext/gd/tests/imagetruecolortopalette_error4.phpt
	ext/session/session.c
	ext/snmp/snmp.c
	ext/standard/base64.c
	ext/standard/ftp_fopen_wrapper.c
	ext/standard/quot_print.c
	ext/standard/url.c
	ext/standard/uuencode.c
	ext/standard/var.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	ext/wddx/tests/bug72790.phpt
	ext/wddx/tests/bug72799.phpt
	ext/wddx/wddx.c
	sapi/cli/generate_mime_type_map.php
 2016-08-17 00:43:33 -07:00
Stanislav Malyshev
4bf5c3187f BLock test with memory leak 2016-08-16 22:55:44 -07:00
Stanislav Malyshev
639f7fde6a Improve fix for #72663 2016-08-16 22:55:20 -07:00
Stanislav Malyshev
95d09e4b5e Fix bug #70436: Use After Free Vulnerability in unserialize() 2016-08-16 22:55:20 -07:00
Stanislav Malyshev
448c9be157 Fix bug #72663 - destroy broken object when unserializing 2016-08-16 22:54:42 -07:00
Christoph M. Becker
f0c77ee7f8 Merge branch 'PHP-7.0' into PHP-7.1 2016-08-13 12:06:11 +02:00
Christoph M. Becker
a93c62aafa Merge branch 'PHP-5.6' into PHP-7.0 2016-08-13 11:47:20 +02:00
Christoph M. Becker
ae3b2078ea Fix #72823: strtr out-of-bound access 
If php_strtr_array_prepare_repls() reports pattern_len == 0, we return
early to avoid OOB accesses, and because there is nothing to replace anyway.
 2016-08-13 11:40:33 +02:00
Nikita Popov
e52c1f3ca9 Merge branch 'PHP-7.0' into PHP-7.1 2016-08-07 18:50:27 +02:00
Lauri Kenttä
e616bc8694 Fix bug #55451 
Make substr_compare ignore the length if it's NULL. This allows to
use the last parameter (case_insensitivity) with the default length.
 2016-08-07 18:48:36 +02:00
Lauri Kenttä
3104759915 base64_decode: fix bug #72264 ('VV= =' shouldn't fail in strict mode) 2016-07-07 01:27:23 +02:00
Lauri Kenttä
c1ac081bf1 base64_decode: fix bug #72263 (skips char after padding) 2016-07-07 01:27:23 +02:00
Lauri Kenttä
b9c9be13cc base64_decode: fix bug #72152 (fail on NUL bytes in strict mode) 
This added check is actually for NOT failing in NON-strict mode.
The ch == -2 check later causes the desired failure in strict mode.
 2016-07-07 01:27:23 +02:00