php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-22 07:28:09 +02:00
Code Issues Packages Projects Releases Wiki Activity
101,156 Commits 549 Branches 1,485 Tags
6eb4daabeb69cc426fe2c19c473acb35af05502a
Commit Graph

385 Commits

Author SHA1 Message Date
Anatol Belski 4d31ee9043 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Fixed bug #75055 Out-Of-Bounds Read in timelib_meridian()
  Apply upstream patch for CVE-2016-1283
 2017-10-24 13:44:03 +02:00
Anatol Belski 5efbcd1882 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fixed bug #75055 Out-Of-Bounds Read in timelib_meridian()
  Apply upstream patch for CVE-2016-1283
 2017-10-24 13:38:48 +02:00
Anatol Belski a7815e63bd Fixed bug #75055 Out-Of-Bounds Read in timelib_meridian() 2017-10-24 11:28:17 +02:00
Christoph M. Becker 207105b1a3 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Fixed bug #73793 (WDDX uses wrong decimal seperator)
 2017-08-13 21:03:45 +02:00
Christoph M. Becker f64be0b013 Fixed bug #73793 (WDDX uses wrong decimal seperator) 
The WDDX specification[1] requires to serialize floats with a decimal
point, but `snprintf()` is locale-dependent and may use a decimal
comma. We fix that afterwards by replacing an eventual comma with a
point.

[1] <http://xml.coverpages.org/wddx0090-dtd-19980928.txt>
 2017-08-13 20:51:53 +02:00
Christoph M. Becker de5a5f6fdc Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Skip this test if ext/session is not available
 2017-08-13 18:07:42 +02:00
Christoph M. Becker 472b25921e Skip this test if ext/session is not available 2017-08-13 18:05:45 +02:00
Stanislav Malyshev 0ba04f7737 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Improve fix for #74145
  Fix wddx
  Fix tests
  Fixed bug #74111
  Fix bug #74603 - use correct buffer size
  Fix bug #74651 - check EVP_SealInit as it can return -1
  Update NEWS
  Fix bug #74087
  Fixed parsing of strange formats with mixed month/day and time strings
  Fix bug #74145 - wddx parsing empty boolean tag leads to SIGSEGV
  Fixed bug #74111
  Fix #74435: Buffer over-read into uninitialized memory
  Fix bug #74603 - use correct buffer size
  Fix bug #74651 - check EVP_SealInit as it can return -1
  Update NEWS
  Fix bug #73807
 2017-07-04 21:18:10 -07:00
Stanislav Malyshev f269cdcd4f Improve fix for #74145 2017-07-04 21:10:08 -07:00
Stanislav Malyshev 6b18d956de Fix wddx 2017-07-04 20:19:34 -07:00
Stanislav Malyshev 0496f5407f Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Update NEWS
  Fix bug #74087
  Fixed parsing of strange formats with mixed month/day and time strings
  Fix bug #74145 - wddx parsing empty boolean tag leads to SIGSEGV
  Fixed bug #74111
  Fix #74435: Buffer over-read into uninitialized memory
  Fix bug #74603 - use correct buffer size
  Fix bug #74651 - check EVP_SealInit as it can return -1
  Update NEWS
  Fix bug #73807
 2017-07-04 19:44:51 -07:00
Stanislav Malyshev 2aae60461c Fix bug #74145 - wddx parsing empty boolean tag leads to SIGSEGV 2017-07-04 19:06:42 -07:00
Nikita Popov e938cfc921 Merge branch 'PHP-7.0' into PHP-7.1 2017-06-25 20:17:26 +02:00
Nikita Popov 604827b694 Fixed bug #73173 
Patch by tloi at fortinet dot com.
 2017-06-25 20:17:06 +02:00
Nikita Popov 6af1d7ad01 Merge branch 'PHP-7.0' into PHP-7.1 2017-06-03 15:08:59 +02:00
Nikita Popov 585c9f3c4b Fix leak in WDDX serialization 2017-06-03 15:08:42 +02:00
Sammy Kaye Powers dac6c639bb Update copyright headers to 2017 2017-01-04 11:23:42 -06:00
Sammy Kaye Powers 478f119ab9 Update copyright headers to 2017 2017-01-04 11:14:55 -06:00
Stanislav Malyshev ca72faa2c5 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Fix #73832 - leave the table in a safe state if the size is too big.
  Fix bug #73831 - NULL Pointer Dereference while unserialize php object
 2017-01-02 21:37:06 -08:00
Stanislav Malyshev 8d2539fa0f Fix bug #73831 - NULL Pointer Dereference while unserialize php object 2016-12-31 20:14:20 -08:00
Anatol Belski c89306ac52 fix leak, take 2 2016-12-06 16:12:39 +01:00
Anatol Belski 4e3f728701 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  fix leak, take on 7.x
 2016-12-06 14:44:04 +01:00
Anatol Belski 9b1430140a fix leak, take on 7.x 2016-12-06 14:42:59 +01:00
Anatol Belski b04d60626d fix leak, take on 5.6 2016-12-06 14:34:27 +01:00
Stanislav Malyshev 28fc49a53f Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  This still leaks memory, I don't have enough knowledge in WDDX code to fix them :(
 2016-12-05 22:33:42 -08:00
Stanislav Malyshev 183b4d78aa Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  This still leaks memory, I don't have enough knowledge in WDDX code to fix them :(
 2016-12-05 22:33:33 -08:00
Stanislav Malyshev d7ce944cf1 This still leaks memory, I don't have enough knowledge in WDDX code to fix them :( 2016-12-05 22:32:59 -08:00
Stanislav Malyshev 4ae4ca45aa Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Fix bug #73631 - Invalid read when wddx decodes empty boolean element
 2016-12-05 21:59:10 -08:00
Stanislav Malyshev 6292fe84d3 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fix bug #73631 - Invalid read when wddx decodes empty boolean element
 2016-12-05 21:58:55 -08:00
Stanislav Malyshev 266ecb6d0a Fix bug #73631 - Invalid read when wddx decodes empty boolean element 2016-12-05 21:40:55 -08:00
Anatol Belski 59f2f14aea Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  fix memory leak
 2016-11-08 12:17:39 +01:00
Anatol Belski e87daf363b Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  fix memory leak
 2016-11-08 12:16:39 +01:00
Anatol Belski d6d08f97cd fix memory leak 2016-11-08 12:12:58 +01:00
Anatol Belski 9b81342352 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Fixed bug #73418 Integer Overflow in "_php_imap_mail" leads to crash
  Fixed bug #73418 Integer Overflow in "_php_imap_mail" leads to crash
  Fix #72696: imagefilltoborder stackoverflow on truecolor images
  Fix #72482: Ilegal write/read access caused by gdImageAALine overflow
  Fix bug #73144 and bug #73341 - remove extra dtor
  remove unreferenced var came in with merge
  Fix bug #73331 - do not try to serialize/unserialize objects wddx can not handle
  Fix #72696: imagefilltoborder stackoverflow on truecolor images
  Fix #72482: Ilegal write/read access caused by gdImageAALine overflow
  fix version
  set versions
  Fix bug #73144 and bug #73341 - remove extra dtor
  Fix bug #73331 - do not try to serialize/unserialize objects wddx can not handle
 2016-11-08 11:15:06 +01:00
Anatol Belski 6b21c28b0e remove unreferenced var came in with merge 2016-11-01 12:55:05 +01:00
Stanislav Malyshev 8c67460a10 Fix bug #73331 - do not try to serialize/unserialize objects wddx can not handle 
Proper soltion would be to call serialize/unserialize and deal with the result,
but this requires more work that should be done by wddx maintainer (not me).

(cherry picked from commit 6045de69c7)

Conflicts:
	ext/wddx/wddx.c
 2016-11-01 12:50:33 +01:00
Stanislav Malyshev 6045de69c7 Fix bug #73331 - do not try to serialize/unserialize objects wddx can not handle 
Proper soltion would be to call serialize/unserialize and deal with the result,
but this requires more work that should be done by wddx maintainer (not me).
 2016-10-23 20:09:23 -07:00
Stanislav Malyshev dad0e9d1a3 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0: (22 commits)
  Fix bug #72293 - Heap overflow in mysqlnd related to BIT fields
  I don't think 8cceb012a7 is needed
  Fix test
  Add check in fgetcsv in case sizeof(unit) != sizeof(size_t)
  Fix bug #73065: Out-Of-Bounds Read in php_wddx_push_element of wddx.c
  Fix bug #73035 (Out of bound when verify signature of tar phar in phar_parse_tarfile)
  Fix bug #73052 - Memory Corruption in During Deserialized-object Destruction
  Fix bug #73029 - Missing type check when unserializing SplArray
  Fix bug #72860: wddx_deserialize use-after-free
  Fix bug #73007: add locale length check
  Fix bug #72928 - Out of bound when verify signature of zip phar in phar_parse_zipfile
  sync NEWS
  Revert "Merge branch 'PHP-5.6' into PHP-7.0"
  Merge branch 'PHP-5.6' into PHP-7.0
  Merge branch 'PHP-5.6' into PHP-7.0
  Revert "Revert "Merge branch 'PHP-5.6' into PHP-7.0""
  fix version
  sync NEWS
  Fix bug #72957
  set versions
  ...
 2016-09-12 21:10:34 -07:00
Stanislav Malyshev c4cca4c20e Fix bug #73065: Out-Of-Bounds Read in php_wddx_push_element of wddx.c 2016-09-12 21:04:23 -07:00
Stanislav Malyshev b88393f08a Fix bug #72860: wddx_deserialize use-after-free 2016-09-12 21:04:23 -07:00
Stanislav Malyshev 9528ce7315 Fix bug #73065: Out-Of-Bounds Read in php_wddx_push_element of wddx.c 
(cherry picked from commit bbaf784f8d213e201baf67e861f20b38c6e87d3b)

Conflicts:
	ext/wddx/wddx.c
 2016-09-12 18:13:04 +02:00
Stanislav Malyshev 060ab26cfe Fix bug #72860: wddx_deserialize use-after-free 
(cherry picked from commit ee552853ff4d72f626102025133e2cd1575043ee)

Conflicts:
	ext/wddx/wddx.c
 2016-09-12 17:33:32 +02:00
Anatol Belski 2103e9f21f fix test 
The improvements to the base64 functionality allows now to loosen
strictness. Strict mode still can be activated later, if there are
any issues.
 2016-08-18 00:18:26 +02:00
Anatol Belski f7231acadf Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  fix char * vs zend_string *
 2016-08-17 13:23:31 +02:00
Anatol Belski 06c0540b90 fix char * vs zend_string * 2016-08-17 13:22:02 +02:00
Xinchen Hui 0fd0328933 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Avoid duplicating string
 2016-08-17 18:19:59 +08:00
Xinchen Hui 195d7618e7 Avoid duplicating string 2016-08-17 18:19:14 +08:00
Anatol Belski afa832b5a6 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Revert "fix tests"
 2016-08-17 12:07:39 +02:00
Anatol Belski 7d4c5a0dc9 Revert "fix tests" 
This reverts commit a47df5be19.

Looks like some environment issue, as some system throws the notice,
some don't. Revert for now.
 2016-08-17 12:04:03 +02:00
Anatol Belski 60f1ec1c32 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  fix leak
 2016-08-17 11:53:00 +02:00