php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-14 11:32:11 +02:00
Code Issues Packages Projects Releases Wiki Activity
106,438 Commits 547 Branches 1,483 Tags
6b8ffdbdeb167b6eae68f9beb934268fac90fa83
Commit Graph

47622 Commits

Author SHA1 Message Date
Christoph M. Becker
ff577b04c0 Fix #79877: getimagesize function silently truncates after a null byte 
We have to check for NUL bytes if `getimagesize()` has been called.
 2020-08-02 15:33:24 -07:00
Christoph M. Becker
7355ab8176 Fix #79797: Use of freed hash key in the phar_parse_zipfile function 
We must not use heap memory after we freed it.
 2020-08-02 15:31:29 -07:00
Sara Golemon
cf083535f8 Update CREDITS for PHP 7.2.30 2020-04-14 15:16:26 +00:00
dinosaur
13842eda37 Fixed bug #79468 
Close the stream filter resources when removing them from the stream.
 2020-04-14 10:27:28 -04:00
Stanislav Malyshev
9d6bf8221b Fix bug #79465 - use unsigneds as indexes. 2020-04-13 21:08:37 -07:00
Stanislav Malyshev
14fcc81394 Fix bug #79330 - make all execution modes consistent in rejecting \0 2020-04-13 21:08:30 -07:00
Stanislav Malyshev
2c081b7e26 Fix test 2020-03-15 17:55:28 -07:00
Stanislav Malyshev
0d139c5b94 Fix bug #79329 - get_headers should not accept \0 2020-03-15 17:30:44 -07:00
Stanislav Malyshev
41f66e2a2c Fixed bug #79282 2020-03-15 17:26:00 -07:00
Nikita Popov
2826364298 Mark bug76348.phpt as online test 2020-02-16 22:40:25 -08:00
Stanislav Malyshev
e5c95234d8 Fix bug #79082 - Files added to tar with Phar::buildFromIterator have all-access permissions 2020-02-16 22:38:38 -08:00
Stanislav Malyshev
d76f7c6c63 Fix bug #79221 - Null Pointer Dereference in PHP Session Upload Progress 2020-02-15 20:52:19 -08:00
Christoph M. Becker
8308196c97 Fix typo in recent bugfix 2020-02-14 09:21:13 +01:00
Christoph M. Becker
cec8b24c84 Fix #77569: Write Acess Violation in DomImplementation 
We must not assume that the zval IS_STRING.
 2020-02-13 15:13:26 +01:00
Stanislav Malyshev
2dc170e25d More checks for php_strip_tags_ex 2020-01-22 22:37:30 -08:00
Stanislav Malyshev
2bcbc95f03 Fix bug #79037 (global buffer-overflow in mbfl_filt_conv_big5_wchar) 2020-01-20 21:43:42 -08:00
Stanislav Malyshev
0f79b1bf30 Fix #79099: OOB read in php_strip_tags_ex 2020-01-20 21:43:42 -08:00
Christoph M. Becker
f79c774274 Fix #79091: heap use-after-free in session_create_id() 
If the `new_id` is released, we must not use it again.
 2020-01-20 21:43:42 -08:00
Stanislav Malyshev
6d5cddabaf Fix test 2019-12-16 10:03:43 -08:00
Stanislav Malyshev
c14eb8de97 Fix bug #78793 2019-12-16 01:14:58 -08:00
Stanislav Malyshev
d348cfb96f Fixed bug #78910 2019-12-16 00:10:39 -08:00
Christoph M. Becker
eb23c60087 Fix #78878: Buffer underflow in bc_shift_addsub 
We must not rely on `isdigit()` to detect digits, since we only support
decimal ASCII digits in the following processing.
 2019-12-16 00:05:03 -08:00
Stanislav Malyshev
b771a18133 Fix test 2019-12-16 00:03:18 -08:00
Christoph M. Becker
0e6c0654ed Fix #78862: link() silently truncates after a null byte on Windows 
Since link() is supposed to accepts paths (i.e. strings without NUL
bytes), we must not accept arbitrary strings.
 2019-12-16 00:03:06 -08:00
Christoph M. Becker
a5a15965da Fix #78863: DirectoryIterator class silently truncates after a null byte 
Since the constructor of DirectoryIterator and friends is supposed to
accepts paths (i.e. strings without NUL bytes), we must not accept
arbitrary strings.
 2019-12-16 00:02:57 -08:00
Christoph M. Becker
600f1f898f Fix #78814: strip_tags allows / in tag name => whitelist bypass 
When normalizing tags to check whether they are contained in the set
of allowable tags, we must not strip slashes, unless they come
immediately after the opening `<`, or immediately before the closing
`>`.
 2019-12-02 11:37:25 +01:00
Christoph M. Becker
db420cb6a1 Fix #78833: Integer overflow in pack causes out-of-bound access 
We check for potential signed integer overflow, and bail out
gracefully, in that case.
 2019-12-02 11:18:19 +01:00
Christoph M. Becker
9b92c1d154 Fix #78849: GD build broken with -D SIGNED_COMPARE_SLOW 
Apparently, this has not been tested for a long time, and might be a
refactoring relict.  Anyhow, we have to pass the context to
`GIFNextPixel` as well.
 2019-11-21 09:59:26 +01:00
Tyson Andre
a2c41c0ea6 Fix $x = (bool)$x; for undefined with opcache 
And `$x = !$x`

Noticed while working on GH-4912

The included test would not emit undefined variable errors in php 8.0
with opcache enabled. The command used:

```
php -d zend_extension=opcache.so --no-php-ini -d error_reporting=E_ALL \
    -d opcache.file_cache= -d opcache.enable_cli=1  test.php
```
 2019-11-18 11:24:03 +03:00
Stanislav Malyshev
2c9926f156 Fix bug #78804 - Segmentation fault in Locale::filterMatches 2019-11-11 22:32:35 -08:00
Nikita Popov
ee243bc471 Remove outdated comments in test 2019-11-07 14:06:23 +01:00
Nikita Popov
5fa6dcd972 Fixed bug #78759 
Handle INDIRECT values in array.
 2019-11-07 11:15:29 +01:00
Nikita Popov
4f984a2fdb Fixed bug #78775 
Clear the OpenSSL error queue before performing SSL stream operations.
As we don't control all code that could possibly be using OpenSSL,
we can't rely on the error queue being empty.
 2019-11-05 12:13:46 +01:00
Christoph M. Becker
e29922f054 Fix test cases for libxml2 2.9.10 
Since the error reporting has been slightly changed, we have to adapt
the two affected test cases.
 2019-10-31 16:07:34 +01:00
Stanislav Malyshev
2bdb13a1f7 Merge branch 'PHP-7.1' into PHP-7.2 
* PHP-7.1:
  Fix libmagic buffer overflow issue (CVE-2019-18218)
  bump version
  set versions for release
 2019-10-28 20:47:30 -07:00
Christoph M. Becker
89c327f884 Fix #78751: Serialising DatePeriod converts DateTimeImmutable 
When getting the properties of a DatePeriod instance we have to retain
the proper classes, and when restoring a DatePeriod instance we have to
cater to DateTimeImmutable instances as well.
 2019-10-28 13:07:28 +01:00
Stanislav Malyshev
469820048d Fix libmagic buffer overflow issue (CVE-2019-18218) 
Ported from 46a8443f76
 2019-10-27 16:30:38 -07:00
Nikita Popov
5249993814 Fixed bug #78747 2019-10-25 12:47:18 +02:00
Fabien Villepinte
bea2ff88c9 Fix bug #78697: inaccurate error message 2019-10-21 09:22:09 +02:00
Christoph M. Becker
45a7723267 Fix #78694: Appending to a variant array causes segfault 
`write_dimension` object handlers have to be able to handle `NULL`
`offset`s; for now we simply throw an exception instead of following
the `NULL` pointer.
 2019-10-19 11:47:00 +02:00
m.yakunin
d2cde0bfd3 Fix #70153 \DateInterval incorrectly unserialized 
Added a separate macro for reading 'days' property, so that bool(false)
is correctly converted to the proper internal representation.
 2019-10-18 15:31:14 +02:00
Mitch Hagstrand
e2a6bf482f Fix checksum calculation for opcache 2019-10-14 16:46:42 +02:00
Christoph M. Becker
900bdcbd03 Fix #78665: Multicasting may leak memory 2019-10-12 14:43:43 +02:00
Nikita Popov
46561dab6a Fix leak in phar open 2019-10-10 16:14:21 +02:00
Nikita Popov
daf1fc6e31 Avoid float to int cast UB in exif 2019-10-09 17:33:29 +02:00
Nikita Popov
d6ca174d5b Remove redundant components < 0 check 
components is an unsigned number, it cannot be smaller than zero.
 2019-10-09 14:57:24 +02:00
Sergei Turchanov
a8f60ac9dd Add pcre_get_compiled_regex_cache_ex() with local_aware flag 
A new function `pcre_get_compiled_regex_cache_ex()` is introduced,
which allows to compile regexp pattern using the "C" locale instead
of a current locale.

This will be needed to replace setlocale() usage in fileinfo,
which is not thread-safe.
 2019-10-08 16:11:55 +02:00
Fabien Villepinte
46894580b0 Add missing SKIPIFs in exif tests 2019-10-08 14:11:32 +02:00
Christoph M. Becker
195c2008e8 Fix #78642: Wrong libiconv version displayed 
The high byte of `_libiconv_version` specifies the major version; the
low byte the minor version.
 2019-10-08 12:09:11 +02:00
Christoph M. Becker
fd3118ffb0 Fix #78641: addGlob can modify given remove_path value 
`remove_path` points to the given string, so we must not modify it.
Instead we use a duplicate, if we need the modification.

We may want to switch to `zend_string`s in master.
 2019-10-08 09:45:05 +02:00