php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-18 21:41:22 +02:00
Code Issues Packages Projects Releases Wiki Activity
96,269 Commits 547 Branches 1,483 Tags
4ef9f536ba90113b3cd2afca01f09cddfc76f99a
Commit Graph

875 Commits

Author SHA1 Message Date
Fabien Villepinte
2dee44c74c Fix Bug #74386 Phar::__construct(): wrong number of parameters by reflection 2017-05-29 08:29:30 +01:00
Christian Weiske
c0c0871911 Fixed bug #51918 Phar::webPhar() does not handle requests sent through PUT and DELETE method 
phar: Support DELETE, HEAD and PUT HTTP methods in Phar::webPhar

Up to now only GET and POST requests could be handled with Phar::webPhar(),
which is insufficient for today's REST APIs.
This patch expands the list of supported HTTP methods.
 2017-05-02 14:44:47 +02:00
Mitch Hagstrand
d9a05807d2 Fix of Bug #74383: Wrong reflection on Phar::running 2017-04-10 06:32:15 +01:00
Jakub Zelenka
cdc33251d2 Add OpenSSL 1.1.0 support to PHP 7.0 2017-04-07 19:21:33 +01:00
Anatol Belski
aaaef22db6 fix remaining tests for Opcache runs 
The fail reason here is the TMP change while both top and test
run same binary with opcache enabled.
 2017-01-13 17:16:15 +01:00
Christoph M. Becker
995ecffbb2 Fix #70417: PharData::compress() doesn't close temp file 
According to the comment, it has not been deemed necessary to close compressed
files. However, we don't want to keep unclosed file handles to save ressources.
So we're also closing compressed archives, if they're not aliased.
 2017-01-05 14:12:31 +01:00
Sammy Kaye Powers
478f119ab9 Update copyright headers to 2017 2017-01-04 11:14:55 -06:00
Stanislav Malyshev
7f0de1a138 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fix bug #73737 FPE when parsing a tag format
  Fix bug #73773 - Seg fault when loading hostile phar
  Fix bug #73825 - Heap out of bounds read on unserialize in finish_nested_data()
  Fix bug #73768 - Memory corruption when loading hostile phar
  Fix int overflows in phar (bug #73764)
 2017-01-02 21:01:35 -08:00
Stanislav Malyshev
e5246580a8 Fix bug #73773 - Seg fault when loading hostile phar 2016-12-31 18:47:50 -08:00
Stanislav Malyshev
b28b8b2fee Fix bug #73768 - Memory corruption when loading hostile phar 2016-12-30 15:57:24 -08:00
Stanislav Malyshev
ca46d0acbc Fix int overflows in phar (bug #73764) 2016-12-30 15:39:48 -08:00
Sara Golemon
5004ae2b62 Silence warning from unhandled enum 
(cherry picked from commit 57bbe2c140)
 2016-12-17 00:12:33 +01:00
Anatol Belski
2f9e928af8 fix leaking streams and memory mapped files 
(cherry picked from commit f1ff23095b)
 2016-12-17 00:12:19 +01:00
Stanislav Malyshev
8be94d46f8 Fix more size_t/int implicit conversions 
Now the conversions are explicit and do checks. Not sure it's
the best way but at least we can see them now in the open.
 2016-11-25 15:31:50 -08:00
Stanislav Malyshev
bcc913fa8b Fix int/size_t confusion in isValidPharFilename (bug #73580) 2016-11-25 15:31:50 -08:00
Stanislav Malyshev
07c6bdb85d Merge branch 'PHP-7.0.11' into PHP-7.0 
* PHP-7.0.11: (22 commits)
  Fix bug #72293 - Heap overflow in mysqlnd related to BIT fields
  I don't think 8cceb012a7 is needed
  Fix test
  Add check in fgetcsv in case sizeof(unit) != sizeof(size_t)
  Fix bug #73065: Out-Of-Bounds Read in php_wddx_push_element of wddx.c
  Fix bug #73035 (Out of bound when verify signature of tar phar in phar_parse_tarfile)
  Fix bug #73052 - Memory Corruption in During Deserialized-object Destruction
  Fix bug #73029 - Missing type check when unserializing SplArray
  Fix bug #72860: wddx_deserialize use-after-free
  Fix bug #73007: add locale length check
  Fix bug #72928 - Out of bound when verify signature of zip phar in phar_parse_zipfile
  sync NEWS
  Revert "Merge branch 'PHP-5.6' into PHP-7.0"
  Merge branch 'PHP-5.6' into PHP-7.0
  Merge branch 'PHP-5.6' into PHP-7.0
  Revert "Revert "Merge branch 'PHP-5.6' into PHP-7.0""
  fix version
  sync NEWS
  Fix bug #72957
  set versions
  ...
 2016-09-12 21:09:30 -07:00
Stanislav Malyshev
f5a9592ad8 Fix bug #73035 (Out of bound when verify signature of tar phar in phar_parse_tarfile) 2016-09-12 21:04:23 -07:00
Stanislav Malyshev
223266e4e4 Fix bug #72928 - Out of bound when verify signature of zip phar in phar_parse_zipfile 2016-09-12 21:04:23 -07:00
Stanislav Malyshev
c5f34c9eca Fix bug #73035 (Out of bound when verify signature of tar phar in phar_parse_tarfile) 
(cherry picked from commit 75ebf471ff46ec6e5ee279b3650c11d51ebaf9e3)
 2016-09-12 17:54:32 +02:00
Stanislav Malyshev
0bfb970f43 Fix bug #72928 - Out of bound when verify signature of zip phar in phar_parse_zipfile 
(cherry picked from commit 19484ab77466f99c78fc0e677f7e03da0584d6a2)
 2016-09-12 17:04:19 +02:00
Anatol Belski
7483acf511 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  fix double free
 2016-09-03 00:05:02 +02:00
Anatol Belski
5efd2a33df fix double free 2016-09-03 00:01:04 +02:00
Anatol Belski
1d5a4520be Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  fix test
 2016-06-21 16:22:51 +02:00
Anatol Belski
e3bd360ec9 fix test 
There is a difference between TS and NTS warning message, since
virtual_mkdir vs glibc directly is used. This has no effect for
the actual fix functionality.
 2016-06-21 16:20:03 +02:00
Stanislav Malyshev
2a65544f78 Merge branch 'PHP-5.6.23' into PHP-7.0.8 
* PHP-5.6.23: (24 commits)
  iFixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
  update NEWS
  fix tests
  fix build
  Fix bug #72455:  Heap Overflow due to integer overflows
  Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize
  Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize
  Fix bug #72407: NULL Pointer Dereference at _gdScaleVert
  Fix bug #72402: _php_mb_regex_ereg_replace_exec - double free
  Fix bug #72298	pass2_no_dither out-of-bounds access
  Fixed #72339 Integer Overflow in _gd2GetHeader() resulting in heap overflow
  Fix bug #72262 - do not overflow int
  Fix bug #72400 and #72403 - prevent signed int overflows for string lengths
  Fix bug #72275: don't allow smart_str to overflow int
  Fix bug #72340: Double Free Courruption in wddx_deserialize
  update NEWS
  Fix #66387: Stack overflow with imagefilltoborder
  Fix bug #72321 - use efree() for emalloc allocation
  5.6.23RC1
  Fix bug #72140 (segfault after calling ERR_free_strings())
  ...

Conflicts:
	configure.in
	ext/mbstring/php_mbregex.c
	ext/mcrypt/mcrypt.c
	ext/spl/spl_array.c
	ext/spl/spl_directory.c
	ext/standard/php_smart_str.h
	ext/standard/string.c
	ext/standard/url.c
	ext/wddx/wddx.c
	ext/zip/php_zip.c
	main/php_version.h
 2016-06-21 00:24:32 -07:00
Stanislav Malyshev
d144590d38 Fix bug #72321 - use efree() for emalloc allocation 2016-06-12 21:35:13 -07:00
Anatol Belski
c7f7139985 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  fix dir separator in test
 2016-03-29 14:20:30 +02:00
Anatol Belski
23d0065744 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  fix dir separator in test
 2016-03-29 14:19:35 +02:00
Anatol Belski
551423c642 fix dir separator in test 2016-03-29 14:18:25 +02:00
Stanislav Malyshev
67fbb06311 Merge branch 'PHP-5.5' into PHP-7.0.5 
* PHP-5.5:
  Fixed bug #71704 php_snmp_error() Format String Vulnerability
  Fixed bug #71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut
  Fixed bug #71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut
  Fix bug #71798 - Integer Overflow in php_raw_url_encode
  Fix bug #71860: Require valid paths for phar filenames
  Going for 5.5.34

Conflicts:
	configure.in
	ext/phar/phar_object.c
	ext/phar/tests/badparameters.phpt
	ext/phar/tests/create_path_error.phpt
	ext/phar/tests/pharfileinfo_construct.phpt
	ext/snmp/snmp.c
	ext/standard/url.c
	main/php_version.h
 2016-03-28 23:55:05 -07:00
Stanislav Malyshev
62da5cdf3d Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed bug #71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut
  Fix bug #71798 - Integer Overflow in php_raw_url_encode
  Fix bug #71860: Require valid paths for phar filenames
  Going for 5.5.34

Conflicts:
	configure.in
	ext/phar/tests/create_path_error.phpt
	main/php_version.h
 2016-03-28 23:21:15 -07:00
Stanislav Malyshev
72281f29dd Fix bug #71860: Require valid paths for phar filenames 2016-03-20 21:33:11 -07:00
Stanislav Malyshev
1e9b175204 Fix bug #71860: Require valid paths for phar filenames 2016-03-20 21:24:12 -07:00
Anatol Belski
a2022fd82a Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  fix directory separator
 2016-03-09 14:17:30 +01:00
Anatol Belski
a1d1f54b42 fix directory separator 2016-03-09 14:16:29 +01:00
Nikita Popov
1ac152938c Move semicolon into TSRMLS_CACHE_EXTERN/DEFINE 
Also re bug #71575.
 2016-03-03 16:50:01 +01:00
Stanislav Malyshev
22d8e9aced Merge branch 'PHP-7.0.4' into PHP-7.0 
* PHP-7.0.4: (21 commits)
  update NEWS
  fix test file
  Fix version
  update NEWS
  Update NEWS
  Fix bug #71610: Type Confusion Vulnerability - SOAP / make_http_soap_request()
  Fix bug #71637: Multiple Heap Overflow due to integer overflows
  extend check for add_flag
  Fixed another segfault with file_cache_only now
  set version
  fix nmake clean in phpize mode
  Fixed segfault with file_cache_only
  Fixed possible crash at PCRE on MSHUTDOWN
  Fixed more synchronisation issues during SHM reload
  Set proper type flags (REFCOUNTED and COPYABLE) according to interned or regular string
  sync with improvements in NEWS
  Fixed process synchronisation problem, that may cause crashes after opcache restart
  Fix bug #71498: Out-of-Bound Read in phar_parse_zipfile()
  fix ts buld
  prep for 5.6.19RC1
  ...

Conflicts:
	configure.in
	main/php_version.h
 2016-03-01 23:08:19 -08:00
Stanislav Malyshev
90a0cbd594 Merge branch 'PHP-5.6.19' into PHP-7.0.4 
* PHP-5.6.19:
  fix test file
  Fix version
  update NEWS
  Update NEWS
  Fix bug #71498: Out-of-Bound Read in phar_parse_zipfile()
  fix ts buld
  prep for 5.6.19RC1
  5.6.20 is next
  Fixed bug #71587 - Use-After-Free / Double-Free in WDDX Deserialize

Conflicts:
	configure.in
	ext/wddx/wddx.c
	main/php_version.h
 2016-03-01 23:01:48 -08:00
Stanislav Malyshev
b3bb1aacfe Merge branch 'PHP-5.6.19' into PHP-5.6 
* PHP-5.6.19:
  fix test file
  Fix version
  Update NEWS
 2016-03-01 22:56:08 -08:00
Stanislav Malyshev
6e6a556b8c Merge branch 'PHP-5.5' into PHP-5.6.19 
* PHP-5.5:
  fix test file
  Fix version
  Update NEWS
 2016-03-01 22:55:49 -08:00
Stanislav Malyshev
3c8ccdd9d3 fix test file 2016-03-01 22:55:02 -08:00
Stanislav Malyshev
ae3f132be1 Merge branch 'PHP-5.6.19' into PHP-5.6 
* PHP-5.6.19:
  update NEWS
  Fix bug #71498: Out-of-Bound Read in phar_parse_zipfile()
  fix ts buld
  prep for 5.6.19RC1
  Fixed bug #71587 - Use-After-Free / Double-Free in WDDX Deserialize
 2016-03-01 22:42:16 -08:00
Stanislav Malyshev
91990bbde0 Merge branch 'PHP-5.5.33' into PHP-5.6.19 
* PHP-5.5.33:
  Fix bug #71498: Out-of-Bound Read in phar_parse_zipfile()
  Fixed bug #71587 - Use-After-Free / Double-Free in WDDX Deserialize
 2016-03-01 22:40:00 -08:00
Nikita Popov
a6afaa9a85 Merge branch 'PHP-5.6' into PHP-7.0 
Conflicts:
	ext/phar/tar.c
 2016-02-29 22:44:46 +01:00
Jos Elstgeest
50b4cafd28 Fixed bugs #71317 and #71504 
If there are duplicate filenames in tar, the last one wins.
 2016-02-29 22:34:35 +01:00
Stanislav Malyshev
a6fdc5bb27 Fix bug #71498: Out-of-Bound Read in phar_parse_zipfile() 2016-02-21 16:51:05 -08:00
Anatol Belski
b3df715f50 add test for bug #71625, 7 variant 2016-02-18 19:40:17 +01:00
Anatol Belski
688b914217 add test for bug #71625 2016-02-18 19:38:39 +01:00
Anatol Belski
9a5797976a Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fixed bug #71625 Crash in php7.dll with bad phar filename
 2016-02-18 19:33:27 +01:00
Anatol Belski
0445abd547 Fixed bug #71625 Crash in php7.dll with bad phar filename 2016-02-18 19:32:08 +01:00