php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-20 22:41:20 +02:00
Code Issues Packages Projects Releases Wiki Activity
91,853 Commits 547 Branches 1,483 Tags
685fee75a593e3f4fbb9679b2df612ea7ba1c5fb
Commit Graph

39497 Commits

Author SHA1 Message Date
Dmitry Stogov
2d475eb943 Fixed tests on 32-bit systems 2015-08-17 12:54:33 +03:00
Derick Rethans
cdaf057adb Updated to version 2015.6 (2015f) 2015-08-16 21:26:12 +01:00
Jakub Zelenka
f3abea9f91 Fix some int overflows in openssl 
There might be more. I just did a quick check for enc/dec, rand
and one BN call.
 2015-08-16 15:43:00 +01:00
Anatol Belski
46101dbec5 fix incompatible types 
namely between hash_data_type and st_data_t
 2015-08-15 12:03:47 +02:00
Anatol Belski
3689b44453 add SIZEOF_SIZE_T to oniguruma 2015-08-15 11:39:06 +02:00
Anatol Belski
228eaf5bc4 fix pointer truncation cases 2015-08-15 11:27:07 +02:00
Tjerk Meesters
0bd7d7a369 Merge branch 'PHP-5.6' 
* PHP-5.6:
  Updated NEWS for #70157
  Fixed #70157 parse_ini_string() segmentation fault with INI_SCANNER_TYPED
 2015-08-15 16:49:30 +08:00
Tjerk Meesters
0d7159d26d Fixed #70157 parse_ini_string() segmentation fault with INI_SCANNER_TYPED 2015-08-15 15:10:34 +08:00
Christoph M. Becker
c63b505573 Merge branch 'PHP-5.6' 
* PHP-5.6:
  fixed wrong params in proto
 2015-08-15 02:27:09 +02:00
Christoph M. Becker
a4e0539188 fixed wrong params in proto 2015-08-15 02:23:56 +02:00
Anatol Belski
38c19d43c1 fix array size calculation for range, related to bug #70239 2015-08-14 14:34:48 +02:00
Anatol Belski
86984d7ade add range() tests 2015-08-14 14:34:48 +02:00
Anatol Belski
01ee09f3f7 Fixed bug #70239 Creating a huge array doesn't result in exhausted, but segfault 2015-08-14 14:34:47 +02:00
Christoph M. Becker
5e93fe3c57 Merge branch 'PHP-5.6' 
* PHP-5.6:
  Fix #70266 (DateInterval::__construct.interval_spec is not supposed to be optional)
 2015-08-14 14:25:19 +02:00
Christoph M. Becker
e66bf11638 Fix #70266 (DateInterval::__construct.interval_spec is not supposed to be optional) 
The required_num_args argument of ZEND_BEGIN_ARG_INFO_EX() has to be 1.
 2015-08-14 14:19:12 +02:00
Christoph M. Becker
1ec40e84d4 Merge branch 'PHP-5.6' 
* PHP-5.6:
  Fix #70232: Incorrect bump-along behavior with \K and empty string match

Resolved conflicts:
	ext/pcre/php_pcre.c
 2015-08-13 14:28:16 +02:00
Christoph M. Becker
b9f23c2152 Fix #70232: Incorrect bump-along behavior with \K and empty string match 
To do global matching (/g), for every empty match we have to do a second match
with PCRE_NOTEMPTY turned on. That may fail, however, when the \K escape
sequence is involved. For this purpose libpcre 8.0 introduced the
PCRE_NOTEMPTY_ATSTART flag, which we will use if available, and otherwise fall
back to the old (possibly buggy) behavior.
 2015-08-13 14:20:04 +02:00
Dmitry Stogov
715d5d2855 Get rid of implicit type casting in GC_*() macros in Zend/zend_types.h. 
This prevented compilation warnings and disclosed few incorrect usages in Zend/zend_vm_def.h and ext/dom/xpath.c.
Now explicit type casting may be required on call site.
This may break some C extension code, but it shoulfn't be a problem to add explicit casting.
 2015-08-13 13:56:29 +03:00
Derick Rethans
f94bcb1026 Of course, we support v2 in PHP 5.6 as well. 2015-08-13 11:07:16 +01:00
Derick Rethans
159bc6ecdc Updated to version 2015.6 (2015f) 2015-08-13 10:54:06 +01:00
Derick Rethans
890204fa45 Updated to version 2015.6 (2015f) 2015-08-13 10:54:03 +01:00
Derick Rethans
3ddd826684 Tell timelib we support v2 2015-08-13 10:50:28 +01:00
Xinchen Hui
793d8dcffd Merge branch 'master' of git.php.net:php-src 2015-08-13 13:30:50 +08:00
Xinchen Hui
dc5c6ab774 Fixed bug #70250 (extract() turns array elements to references) 2015-08-13 13:30:25 +08:00
Christopher Jones
4672aac0a7 Merge branch 'PHP-5.6' 2015-08-13 15:01:24 +10:00
Christopher Jones
5cfbfbc73c PDO_OCI is not experimental 2015-08-13 15:01:01 +10:00
Xinchen Hui
adf0e49912 zend_hash_resize seems useless, use zend_hash_extend 2015-08-13 12:19:35 +08:00
Xinchen Hui
e17b1266db Revert "Updated to version 2015.6 (2015f)" 
This reverts commit 7b476a600b.
 2015-08-13 11:55:30 +08:00
Derick Rethans
7b476a600b Updated to version 2015.6 (2015f) 2015-08-12 22:00:15 +01:00
Derick Rethans
a1c06f10dd Updated to version 2015.6 (2015f) 2015-08-12 22:00:13 +01:00
Christoph M. Becker
3b874086e2 Fix #70245: strtotime does not emit warning when 2nd parameter is object or string 
Caused by a refactoring strtotime() called
zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET, ...) instead of
zend_parse_parameters().
 2015-08-12 19:01:04 +02:00
Anatol Belski
2366a070c8 improve condition 
same as CSPRNG, break by EOF
 2015-08-12 14:50:43 +02:00
Christopher Jones
b7031ba743 Further PHP 7 compat for OCI8 2015-08-12 21:57:16 +10:00
Anatol Belski
cbcacbb2da improve condition 
read() == 0 is EOL
 2015-08-12 10:20:26 +02:00
Anatol Belski
80bc2133cd fix bug #69833 mcrypt fd caching not working 2015-08-11 16:49:28 +02:00
Xinchen Hui
79cd9a18b5 Fixed bug #70237 (Empty while and do-while segmentation fault with opcode on CLI enabled). 2015-08-11 21:01:56 +08:00
Stanislav Malyshev
eb7ba73079 virtual_file_ex uses emalloc in 5.6+ 2015-08-04 16:31:57 -07:00
Stanislav Malyshev
ed709d5aa0 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  update NEWS
  fix test
  update NEWS
  Fix bug #70019 - limit extracted files to given directory
  Do not do convert_to_* on unserialize, it messes up references
  Fix #69793 - limit what we accept when unserializing exception
  Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList)
  Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject
  ignore signatures for packages too
  Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage
  Fixed bug #69892
  Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes
  Improved fix for Bug #69441
  Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items)
  Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref)
  Fix bug #70081: check types for SOAP variables

Conflicts:
	ext/soap/php_http.c
	ext/spl/spl_observer.c
 2015-08-04 15:29:13 -07:00
Stanislav Malyshev
69ed3969dd Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix bug #70019 - limit extracted files to given directory
  Do not do convert_to_* on unserialize, it messes up references
  Fix #69793 - limit what we accept when unserializing exception
  Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList)
  Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject
  ignore signatures for packages too
  Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage
  Fixed bug #69892
  Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes
  Improved fix for Bug #69441
  Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items)
  Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref)
  Fix bug #70081: check types for SOAP variables

Conflicts:
	.gitignore
	ext/date/php_date.c
	ext/spl/spl_array.c
	ext/spl/spl_observer.c
 2015-08-04 14:10:57 -07:00
Stanislav Malyshev
dda81f0505 Fix bug #70019 - limit extracted files to given directory 2015-08-04 14:02:31 -07:00
Stanislav Malyshev
0e09009753 Do not do convert_to_* on unserialize, it messes up references 2015-08-04 13:59:56 -07:00
Stanislav Malyshev
4d2278143a Fix #69793 - limit what we accept when unserializing exception 2015-08-01 22:02:26 -07:00
Stanislav Malyshev
863bf294fe Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList) 2015-08-01 22:01:51 -07:00
Stanislav Malyshev
7381b6accc Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject 2015-08-01 22:01:40 -07:00
Stanislav Malyshev
c7d3c027d5 ignore signatures for packages too 2015-08-01 22:01:32 -07:00
Stanislav Malyshev
c2e197e4ef Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage 2015-08-01 22:01:17 -07:00
Christoph M. Becker
8d31e463a0 fixed test 2015-08-01 23:52:35 +02:00
Christoph M. Becker
6576d809a5 test fails with old libxml2; skip in this case 2015-07-31 19:52:42 +02:00
Christoph M. Becker
cdabbd9542 test requires imagejpeg(); skip otherwise 2015-07-31 13:51:49 +02:00
Stanislav Malyshev
16023f3e3b Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes 2015-07-26 17:43:16 -07:00