php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-21 15:08:16 +02:00
Code Issues Packages Projects Releases Wiki Activity
96,269 Commits 547 Branches 1,483 Tags
4ef9f536ba90113b3cd2afca01f09cddfc76f99a
Commit Graph

360 Commits

Author SHA1 Message Date
Fabien Villepinte 2dee44c74c Fix Bug #74386 Phar::__construct(): wrong number of parameters by reflection 2017-05-29 08:29:30 +01:00
Mitch Hagstrand d9a05807d2 Fix of Bug #74383: Wrong reflection on Phar::running 2017-04-10 06:32:15 +01:00
Anatol Belski aaaef22db6 fix remaining tests for Opcache runs 
The fail reason here is the TMP change while both top and test
run same binary with opcache enabled.
 2017-01-13 17:16:15 +01:00
Christoph M. Becker 995ecffbb2 Fix #70417: PharData::compress() doesn't close temp file 
According to the comment, it has not been deemed necessary to close compressed
files. However, we don't want to keep unclosed file handles to save ressources.
So we're also closing compressed archives, if they're not aliased.
 2017-01-05 14:12:31 +01:00
Stanislav Malyshev 7f0de1a138 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fix bug #73737 FPE when parsing a tag format
  Fix bug #73773 - Seg fault when loading hostile phar
  Fix bug #73825 - Heap out of bounds read on unserialize in finish_nested_data()
  Fix bug #73768 - Memory corruption when loading hostile phar
  Fix int overflows in phar (bug #73764)
 2017-01-02 21:01:35 -08:00
Stanislav Malyshev b28b8b2fee Fix bug #73768 - Memory corruption when loading hostile phar 2016-12-30 15:57:24 -08:00
Stanislav Malyshev ca46d0acbc Fix int overflows in phar (bug #73764) 2016-12-30 15:39:48 -08:00
Stanislav Malyshev f5a9592ad8 Fix bug #73035 (Out of bound when verify signature of tar phar in phar_parse_tarfile) 2016-09-12 21:04:23 -07:00
Stanislav Malyshev 223266e4e4 Fix bug #72928 - Out of bound when verify signature of zip phar in phar_parse_zipfile 2016-09-12 21:04:23 -07:00
Stanislav Malyshev c5f34c9eca Fix bug #73035 (Out of bound when verify signature of tar phar in phar_parse_tarfile) 
(cherry picked from commit 75ebf471ff46ec6e5ee279b3650c11d51ebaf9e3)
 2016-09-12 17:54:32 +02:00
Stanislav Malyshev 0bfb970f43 Fix bug #72928 - Out of bound when verify signature of zip phar in phar_parse_zipfile 
(cherry picked from commit 19484ab77466f99c78fc0e677f7e03da0584d6a2)
 2016-09-12 17:04:19 +02:00
Anatol Belski 1d5a4520be Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  fix test
 2016-06-21 16:22:51 +02:00
Anatol Belski e3bd360ec9 fix test 
There is a difference between TS and NTS warning message, since
virtual_mkdir vs glibc directly is used. This has no effect for
the actual fix functionality.
 2016-06-21 16:20:03 +02:00
Stanislav Malyshev 2a65544f78 Merge branch 'PHP-5.6.23' into PHP-7.0.8 
* PHP-5.6.23: (24 commits)
  iFixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
  update NEWS
  fix tests
  fix build
  Fix bug #72455:  Heap Overflow due to integer overflows
  Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize
  Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize
  Fix bug #72407: NULL Pointer Dereference at _gdScaleVert
  Fix bug #72402: _php_mb_regex_ereg_replace_exec - double free
  Fix bug #72298	pass2_no_dither out-of-bounds access
  Fixed #72339 Integer Overflow in _gd2GetHeader() resulting in heap overflow
  Fix bug #72262 - do not overflow int
  Fix bug #72400 and #72403 - prevent signed int overflows for string lengths
  Fix bug #72275: don't allow smart_str to overflow int
  Fix bug #72340: Double Free Courruption in wddx_deserialize
  update NEWS
  Fix #66387: Stack overflow with imagefilltoborder
  Fix bug #72321 - use efree() for emalloc allocation
  5.6.23RC1
  Fix bug #72140 (segfault after calling ERR_free_strings())
  ...

Conflicts:
	configure.in
	ext/mbstring/php_mbregex.c
	ext/mcrypt/mcrypt.c
	ext/spl/spl_array.c
	ext/spl/spl_directory.c
	ext/standard/php_smart_str.h
	ext/standard/string.c
	ext/standard/url.c
	ext/wddx/wddx.c
	ext/zip/php_zip.c
	main/php_version.h
 2016-06-21 00:24:32 -07:00
Stanislav Malyshev d144590d38 Fix bug #72321 - use efree() for emalloc allocation 2016-06-12 21:35:13 -07:00
Anatol Belski c7f7139985 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  fix dir separator in test
 2016-03-29 14:20:30 +02:00
Anatol Belski 23d0065744 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  fix dir separator in test
 2016-03-29 14:19:35 +02:00
Anatol Belski 551423c642 fix dir separator in test 2016-03-29 14:18:25 +02:00
Stanislav Malyshev 62da5cdf3d Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed bug #71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut
  Fix bug #71798 - Integer Overflow in php_raw_url_encode
  Fix bug #71860: Require valid paths for phar filenames
  Going for 5.5.34

Conflicts:
	configure.in
	ext/phar/tests/create_path_error.phpt
	main/php_version.h
 2016-03-28 23:21:15 -07:00
Stanislav Malyshev 72281f29dd Fix bug #71860: Require valid paths for phar filenames 2016-03-20 21:33:11 -07:00
Stanislav Malyshev 1e9b175204 Fix bug #71860: Require valid paths for phar filenames 2016-03-20 21:24:12 -07:00
Anatol Belski a2022fd82a Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  fix directory separator
 2016-03-09 14:17:30 +01:00
Anatol Belski a1d1f54b42 fix directory separator 2016-03-09 14:16:29 +01:00
Stanislav Malyshev 22d8e9aced Merge branch 'PHP-7.0.4' into PHP-7.0 
* PHP-7.0.4: (21 commits)
  update NEWS
  fix test file
  Fix version
  update NEWS
  Update NEWS
  Fix bug #71610: Type Confusion Vulnerability - SOAP / make_http_soap_request()
  Fix bug #71637: Multiple Heap Overflow due to integer overflows
  extend check for add_flag
  Fixed another segfault with file_cache_only now
  set version
  fix nmake clean in phpize mode
  Fixed segfault with file_cache_only
  Fixed possible crash at PCRE on MSHUTDOWN
  Fixed more synchronisation issues during SHM reload
  Set proper type flags (REFCOUNTED and COPYABLE) according to interned or regular string
  sync with improvements in NEWS
  Fixed process synchronisation problem, that may cause crashes after opcache restart
  Fix bug #71498: Out-of-Bound Read in phar_parse_zipfile()
  fix ts buld
  prep for 5.6.19RC1
  ...

Conflicts:
	configure.in
	main/php_version.h
 2016-03-01 23:08:19 -08:00
Stanislav Malyshev 90a0cbd594 Merge branch 'PHP-5.6.19' into PHP-7.0.4 
* PHP-5.6.19:
  fix test file
  Fix version
  update NEWS
  Update NEWS
  Fix bug #71498: Out-of-Bound Read in phar_parse_zipfile()
  fix ts buld
  prep for 5.6.19RC1
  5.6.20 is next
  Fixed bug #71587 - Use-After-Free / Double-Free in WDDX Deserialize

Conflicts:
	configure.in
	ext/wddx/wddx.c
	main/php_version.h
 2016-03-01 23:01:48 -08:00
Stanislav Malyshev b3bb1aacfe Merge branch 'PHP-5.6.19' into PHP-5.6 
* PHP-5.6.19:
  fix test file
  Fix version
  Update NEWS
 2016-03-01 22:56:08 -08:00
Stanislav Malyshev 6e6a556b8c Merge branch 'PHP-5.5' into PHP-5.6.19 
* PHP-5.5:
  fix test file
  Fix version
  Update NEWS
 2016-03-01 22:55:49 -08:00
Stanislav Malyshev 3c8ccdd9d3 fix test file 2016-03-01 22:55:02 -08:00
Stanislav Malyshev ae3f132be1 Merge branch 'PHP-5.6.19' into PHP-5.6 
* PHP-5.6.19:
  update NEWS
  Fix bug #71498: Out-of-Bound Read in phar_parse_zipfile()
  fix ts buld
  prep for 5.6.19RC1
  Fixed bug #71587 - Use-After-Free / Double-Free in WDDX Deserialize
 2016-03-01 22:42:16 -08:00
Stanislav Malyshev 91990bbde0 Merge branch 'PHP-5.5.33' into PHP-5.6.19 
* PHP-5.5.33:
  Fix bug #71498: Out-of-Bound Read in phar_parse_zipfile()
  Fixed bug #71587 - Use-After-Free / Double-Free in WDDX Deserialize
 2016-03-01 22:40:00 -08:00
Nikita Popov a6afaa9a85 Merge branch 'PHP-5.6' into PHP-7.0 
Conflicts:
	ext/phar/tar.c
 2016-02-29 22:44:46 +01:00
Jos Elstgeest 50b4cafd28 Fixed bugs #71317 and #71504 
If there are duplicate filenames in tar, the last one wins.
 2016-02-29 22:34:35 +01:00
Stanislav Malyshev a6fdc5bb27 Fix bug #71498: Out-of-Bound Read in phar_parse_zipfile() 2016-02-21 16:51:05 -08:00
Anatol Belski b3df715f50 add test for bug #71625, 7 variant 2016-02-18 19:40:17 +01:00
Anatol Belski 688b914217 add test for bug #71625 2016-02-18 19:38:39 +01:00
Anatol Belski c94ee2e0c8 fix dir separator in test 2016-02-15 09:00:07 +01:00
Anatol Belski a3927fa7f5 fix dir separator in test 2016-02-15 08:58:20 +01:00
Stanislav Malyshev 0fca0d9f42 fix tests 2016-02-01 20:23:21 -08:00
Stanislav Malyshev e231830f16 Merge branch 'PHP-5.6.18' into PHP-7.0.3 
* PHP-5.6.18:
  fix tests
  fix NEWS
  Update NEWS
  update NEWS
  Fixed bug #71488: Stack overflow when decompressing tar archives
  update NEWS
  add missing headers for SIZE_MAX
  backport the escapeshell* functions hardening branch
  add tests
  Fix bug #71459 - Integer overflow in iptcembed()
  prepare 5.6.18RC1
  Fix test when run with openssl < 1.0.2 (reorder so no more SSLv2 message) Fix skip message to work
  improve fix for bug #71201
  Fixed bug #71323 - Output of stream_get_meta_data can be falsified by its input
  Fix bug #71391: NULL Pointer Dereference in phar_tar_setupmetadata()
  Fixed bug #71331 - Uninitialized pointer in phar_make_dirstream()
  Fix bug #71335: Type Confusion in WDDX Packet Deserialization
  Fix bug #71354 - remove UMR when size is 0

Conflicts:
	configure.in
	ext/phar/dirstream.c
	ext/phar/phar_object.c
	ext/phar/tar.c
	ext/standard/exec.c
	ext/standard/iptc.c
	ext/standard/math.c
	ext/standard/streamsfuncs.c
	ext/wddx/wddx.c
	main/php_version.h
	main/streams/memory.c
 2016-02-01 20:00:01 -08:00
Stanislav Malyshev 309ead112f Merge branch 'PHP-5.5.32' into PHP-5.6.18 
* PHP-5.5.32:
  Fixed bug #71488: Stack overflow when decompressing tar archives
  update NEWS
  add missing headers for SIZE_MAX
  backport the escapeshell* functions hardening branch
  add tests
  Fix bug #71459 - Integer overflow in iptcembed()
  Fixed bug #71323 - Output of stream_get_meta_data can be falsified by its input
  Fix bug #71391: NULL Pointer Dereference in phar_tar_setupmetadata()
  Fix bug #71335: Type Confusion in WDDX Packet Deserialization
  Fix bug #71354 - remove UMR when size is 0
 2016-02-01 18:32:31 -08:00
Stanislav Malyshev 07c7df68bd Fixed bug #71488: Stack overflow when decompressing tar archives 2016-01-31 19:37:56 -08:00
Stanislav Malyshev 1c1b8b6998 Fix bug #71391: NULL Pointer Dereference in phar_tar_setupmetadata() 2016-01-16 20:43:43 -08:00
Stanislav Malyshev 4c2424eb24 Fixed bug #71331 - Uninitialized pointer in phar_make_dirstream() 2016-01-14 22:58:40 -08:00
Stanislav Malyshev 13ad4d3e97 Fix bug #71354 - remove UMR when size is 0 2016-01-13 16:32:29 -08:00
Julien Pauli a60105d7a4 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fixed test
  5.5.31 now
 2015-09-30 13:19:37 +02:00
Julien Pauli 0fd71d1184 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed test
  5.5.31 now

Conflicts:
	configure.in
	main/php_version.h
 2015-09-30 13:19:18 +02:00
Julien Pauli d7fb43e30d Fixed test 2015-09-30 13:18:16 +02:00
Anatol Belski 208ed0a010 fix test 
cutting out the '/' is not critical, but allows to avoid forking
 2015-09-29 09:11:52 +02:00
Stanislav Malyshev 4c6f4863fa Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  fix memory leak
  FIx bug #70433 - Uninitialized pointer in phar_make_dirstream when zip entry filename is "/"

Conflicts:
	ext/phar/dirstream.c
 2015-09-28 20:45:02 -07:00
Stanislav Malyshev 51b23cd0f0 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  fix memory leak
  FIx bug #70433 - Uninitialized pointer in phar_make_dirstream when zip entry filename is "/"

Conflicts:
	ext/phar/dirstream.c
 2015-09-28 20:44:28 -07:00