php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-23 16:08:35 +02:00
Code Issues Packages Projects Releases Wiki Activity
93,521 Commits 549 Branches 1,485 Tags
5ac8a2cc20110403f4fb7f8a3acd52554a95b9e2
Commit Graph

199 Commits

Author SHA1 Message Date
Xinchen Hui da333bfbd8 Fixed bug #70018 (exec does not strip all whitespace) 
Merge branch 'PHP-5.6'

Conflicts:
	ext/standard/exec.c
 2015-07-08 19:30:58 +08:00
Xinchen Hui 94957a7091 Fixed invalid read 2015-07-08 19:19:37 +08:00
Dmitry Stogov 4a2e40bb86 Use ZSTR_ API to access zend_string elements (this is just renaming without semantick changes). 2015-06-30 04:05:24 +03:00
Christoph M. Becker 00adcbd3e9 Merge branch 'PHP-5.6' 
* PHP-5.6:
  updated NEWS
  Fixed bug #69768 (escapeshell*() doesn't cater to !)
  bump API version to 6.8
 2015-06-24 00:47:18 +02:00
Christoph M. Becker 8da8dc04b6 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  updated NEWS
  Fixed bug #69768 (escapeshell*() doesn't cater to !)
  bump API version to 6.8
 2015-06-24 00:23:39 +02:00
Christoph M. Becker a621781fdb Fixed bug #69768 (escapeshell*() doesn't cater to !) 
When delayed variable substitution is enabled (can be set in the
Registry, for instance), !ENV! works similar to %ENV%, and so ! should
be escaped like %.
 2015-06-24 00:15:55 +02:00
Stanislav Malyshev 563462fbf8 Fixed bug #69646 (OS command injection vulnerability in escapeshellarg) 2015-06-09 21:37:17 -07:00
Stanislav Malyshev 4e2fb47092 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix bug #69646	OS command injection vulnerability in escapeshellarg
  Fix #69719 - more checks for nulls in paths
  fix test description
  Fixed Buf #68812 Unchecked return value.

Conflicts:
	ext/dom/document.c
	ext/gd/gd.c
 2015-06-09 15:31:27 -07:00
Stanislav Malyshev 8036758491 Fix bug #69646 OS command injection vulnerability in escapeshellarg 2015-06-09 10:52:38 -07:00
Dmitry Stogov d146d15003 Optimize zend_string_realloc() add more specialized versions zend_string_extend() and zend_string_truncate() 2015-03-20 02:02:42 +03:00
Yasuo Ohgaki 7d0e3c01e6 Added NULL byte protection to exec, system and passthru. 2015-02-14 05:37:56 +09:00
Yasuo Ohgaki 096fb06dab Merge branch 'PHP-5.6' 
* PHP-5.6:
  Add NULL byte protection to exec, system and passthru
 2015-02-14 05:28:32 +09:00
Yasuo Ohgaki 3ea76a768c Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Add NULL byte protection to exec, system and passthru
 2015-02-14 05:26:54 +09:00
Yasuo Ohgaki a8722f5330 Add NULL byte protection to exec, system and passthru 2015-02-14 05:25:04 +09:00
Xinchen Hui fc33f52d8c bump year 2015-01-15 23:27:30 +08:00
Xinchen Hui 73c1be2653 Bump year 2015-01-15 23:26:03 +08:00
Stanislav Malyshev b7a7b1a624 trailing whitespace removal 2015-01-10 15:07:38 -08:00
Anatol Belski bdeb220f48 first shot remove TSRMLS_* things 2014-12-13 23:06:14 +01:00
Veres Lajos 4b9535341a typo fixes - https://github.com/vlajos/misspell_fixer 2014-11-19 20:23:00 +00:00
Anatol Belski 82c2e3f201 fix build 
ifdef this var declaration to avoid the vs warning
 2014-11-14 22:19:41 +01:00
Anatol Belski dbddbcc950 remove unused var 2014-11-14 17:39:40 +01:00
Anatol Belski 0565a29e4d fix datatype mismatches 2014-10-22 20:46:33 +02:00
Johannes Schlüter d0cb715373 s/PHP 5/PHP 7/ 2014-09-19 18:33:14 +02:00
Anatol Belski bf96ee95ce 's' works with size_t round 4 2014-08-27 20:49:37 +02:00
Anatol Belski 3234480827 first show to make 's' work with size_t 2014-08-27 20:49:31 +02:00
Xinchen Hui a3fd5b6954 Unused variable 2014-08-26 11:50:42 +08:00
Anatol Belski c3e3c98ec6 master renames phase 1 2014-08-25 19:24:55 +02:00
Anatol Belski 745a71be33 yet more fixes to zpp 2014-08-20 14:46:14 +02:00
Anatol Belski cb25136f4e fix macros in the 5 basic extensions 2014-08-16 11:37:14 +02:00
Dmitry Stogov c1965f58d4 Use reference counting instead of zval duplication 2014-06-05 16:04:11 +04:00
Dmitry Stogov 050d7e38ad Cleanup (1-st round) 2014-04-15 15:40:40 +04:00
Dmitry Stogov f0989e332f Fixed char*/zend_string* inconsistency 2014-03-07 18:23:57 +04:00
Xinchen Hui e3de898d98 Paramter are references 2014-03-03 23:14:57 +08:00
Xinchen Hui 70ddc853fd Refactor php_escape_shell_* to return zend_string 2014-03-03 17:33:40 +08:00
Dmitry Stogov fe5c1cc48f Fixed crach because of dereferencing of NULL pointer 2014-02-25 16:25:45 +04:00
Xinchen Hui 5adeaa147d Refactoring php_stream_copy_to_mem to return zend_string 2014-02-24 18:12:30 +08:00
Dmitry Stogov 40e053e7f3 Use better data structures (incomplete) 2014-02-13 17:54:23 +04:00
Xinchen Hui c081ce628f Bump year 2014-01-03 11:08:10 +08:00
Xinchen Hui 47c9027772 Bump year 2014-01-03 11:06:16 +08:00
Xinchen Hui c0d060f5c0 Bump year 2014-01-03 11:04:26 +08:00
Xinchen Hui a666285bc2 Happy New Year 2013-01-01 16:37:09 +08:00
Xinchen Hui 0a7395e009 Happy New Year 2013-01-01 16:28:54 +08:00
Rui Hirokawa 882dca647a MFH: fixed a mistake on reverting my previous patch. 2012-04-09 23:49:18 +09:00
Rui Hirokawa b28231165a fixed a mistake on reverting my previous patch: 
http://git.php.net/?p=php-src.git;a=commitdiff;h=50b2e02c045b61f99e8c72d54e6bec055aee98e4
 2012-04-09 23:32:41 +09:00
Felipe Pena 8775a37559 - Year++ 2012-01-01 13:15:04 +00:00
Felipe Pena 4e19825281 - Year++ 2012-01-01 13:15:04 +00:00
Rui Hirokawa 50b2e02c04 revert changes to fix bug #60116. 2011-11-11 14:58:32 +00:00
Rui Hirokawa 40a951ccad revert changes to fix bug #60116. 2011-11-11 14:52:56 +00:00
Rui Hirokawa db5d9c0b66 MFH: fixed bug #60116 (escapeshellcmd() cannot escape the characters which cause shell command injection). 2011-11-10 14:19:06 +00:00
Rui Hirokawa 71ee976a2d added a test script for bug60116 and fixed behabior of ESCAPE_CMD_END. 2011-10-30 05:57:26 +00:00