php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-14 19:41:05 +02:00
Code Issues Packages Projects Releases Wiki Activity
70,583 Commits 547 Branches 1,483 Tags
7e5de3a1ce0ec5e2efc84cea67e82d487cd0bf54
Commit Graph

29626 Commits

Author SHA1 Message Date
Michael Wallner
7ab5c593f7 Fix bug #66182 exit in stream filter produces segfault 
Unfortunately, a segv caused by exit cannot be tested reliably.
 2014-04-03 09:07:35 +02:00
Michael Wallner
1ec83d44a1 Fixed bug #61019 (Out of memory on command stream_get_contents) 2014-04-02 15:36:39 +02:00
Michael Wallner
91a9d24aa3 Fix bug #64330 
stream_socket_server() creates wrong Abstract Namespace UNIX sockets
 2014-04-02 11:09:26 +02:00
Anatol Belski
fca1501ed6 added test for bug #53965 2014-04-01 10:08:08 +02:00
Anatol Belski
3cb056f523 Fixed bug #53965 <xsl:include> cannot find files w/ relative paths when loaded w/ "file://" 2014-04-01 10:07:18 +02:00
Remi Collet
2c204a55af Fixed Bug #66987 Memory corruption in fileinfo ext (bigendian) 
On little endian:
	map->p == php_magic_database
	map->magic[i] = pointer into the map

	map->p == NULL
	map->magic[i] = pointer to allocated memory

On big endian (ppc64, s390x, ...):
	map->p != php_magic_database and map->p != NULL
        map->magic[i] = pointer into a copy of the map

Trying to efree pointer in the later cause memory corruption
Thanks to dkatulek / Red Hat for the report.
 2014-03-31 16:50:47 +02:00
Derick Rethans
170cf3ec00 - Updated to version 2014.2 (2014b) 2014-03-25 12:17:14 +00:00
Remi Collet
4374a52e9d Fixed bug #66946 extensive backtracking in awk rule regular expression 
CVE-2013-7345

Applied upstream patch:
ef2329cf71

Add the magicdata.patch to track patches applied to upstream data file.
 2014-03-25 11:00:33 +01:00
Remi Collet
1df558c6a0 Fixed bug #66946 extensive backtracking in awk rule regular expression 
CVE-2013-7345

Applied upstream patch:
ef2329cf71

Add the magicdata.patch to track patches applied to upstream data file.
 2014-03-25 10:58:50 +01:00
Derick Rethans
b30304fb78 - Updated to version 2014.1 (2014a) 2014-03-18 14:48:55 +00:00
Mateusz Kocielski
497b918e62 Merge branch 'PHP-5.3' into PHP-5.4 
* PHP-5.3:
  Fixed off-by-one in php_url_parse_ex

Conflicts:
	ext/standard/url.c
 2014-03-18 08:54:57 +01:00
Mateusz Kocielski
46566b78c9 Fixed off-by-one in php_url_parse_ex 
Change order of condition, previously pointer could be derefrenced before
bound check was done.
 2014-03-18 08:48:41 +01:00
Remi Collet
17f6391bf8 Fixed Bug #66833 Default digest algo is still MD5 
Switch to SHA1, which match internal openssl hardcoded algo.

In most case, won't even be noticed
- priority on user input (default_md)
- fallback on system config
- fallback on this default value

Recent system reject MD5 digest, noticed in bug36732.phpt failure.

While SHA1 is better than MD5, SHA256 is recommenced,
and defined as default algo in provided configuration on
recent system (Fedora 21, RHEL-7, ...). But the idea is to
keep in sync with openssl internal value for PHP internal value.
 2014-03-14 09:50:15 +01:00
Michael Meyer
737c187013 Typo fix: sicret -> secret 2014-03-13 12:37:25 +02:00
Tjerk Meesters
ddd7ed9b24 Removed bogus loops 2014-03-11 19:08:18 +08:00
Anatol Belski
1a624e27a6 restored the old code in 5.4/5 related to bug #66872 
The crash is reproducable in 5.6+ only, so 5.4 and 5.5 are fine
with the old code.
 2014-03-11 11:50:14 +01:00
Pierre Joye
8391277fb8 Merge branch 'PHP-5.4' of git.php.net:php-src into PHP-5.4 
# By Anatol Belski
# Via Anatol Belski
* 'PHP-5.4' of git.php.net:php-src:
  updated libmagic.patch
 2014-03-10 16:31:09 +01:00
Anatol Belski
b9d494a33b updated libmagic.patch 2014-03-10 14:12:20 +01:00
Pierre Joye
af41914e15 fix #66872, invalid argument crashes gmp_testbit 2014-03-10 12:06:40 +01:00
Dmitry Panin
e2fc6b52f0 Fix HTML entity table generation 2014-03-06 23:10:31 +01:00
Remi Collet
721b9a7c8d Set default Digest Message to use SHA1 instead of MD5 in openssl tests 
as MD5 signature are now rejected by newer openssl Version.

Noticed in RHEL-7 and Fedora 21 build.
 2014-03-06 10:14:08 +01:00
Remi Collet
a33759fd27 Fixed Bug #66820 out-of-bounds memory access in fileinfo 
Upstream fix:
447558595a

Notice, test changed, with upstream agreement:
-define OFFSET_OOB(n, o, i)	((n) < (o) || (i) >= ((n) - (o)))
+define OFFSET_OOB(n, o, i)	((n) < (o) || (i) >  ((n) - (o)))
 2014-03-04 20:32:52 +01:00
Remi Collet
731013ee8e Improves fix for memory leak, keep in sync with upstream. 
Previous fix:
http://git.php.net/?p=php-src.git;a=commitdiff;h=10eb0070700382f966bf260e44135e1f724a15d2

Upstream fix:
c0c0032b9e
 2014-03-04 13:41:37 +01:00
Tjerk Meesters
e73c05b75e proc_open(): separate environment values that aren't strings 
Added a test case
 2014-03-03 05:49:52 +08:00
Tjerk Meesters
eca13f7909 Fixed test case title 2014-02-28 22:27:32 +08:00
Tjerk Meesters
79b3c2a744 [bug 66535] X-PHP-Originating-Script adds newline if no custom headers are given 
A newline is added to the mail headers when mail.add_x_header is used and no other headers are passed to mail().

The scenario in which custom headers are used was already fixed in #48620, back in 2009.
 2014-02-28 22:22:07 +08:00
Remi Collet
816a5d2072 test for bug #66762 2014-02-27 08:48:01 +01:00
Remi Collet
9137acc7ec Fixed Bug #66762 Segfault in mysqli_stmt::bind_result() when link closed 
Each new mysqli_stmt now increase the refcount of the link object.
So the link is really destroy after all statements.

Only implemented with libmysqlclient, as mysqlnd already implement
this internally.

So, libmysqlclient and mysqlnd have the same behavior.
 2014-02-27 08:45:16 +01:00
Ferenc Kovacs
bd961f3e87 fix tests broken by 633f898f15 2014-02-27 02:31:42 +01:00
Christopher Jones
ee7671afb5 Reduce test noise on cross Oracle client <-> server version tests. 
This fix is already in PHP 5.6+
 2014-02-24 17:01:30 -08:00
Christopher Jones
8cdefd3d10 Reduce test noise in cross Oracle client <-> server version testing. 
This change is already in PHP 5.6+
 2014-02-24 16:33:41 -08:00
Johannes Schlüter
756ee95605 We can't dereference dbh if it is NULL 2014-02-23 14:18:24 +01:00
Anatol Belski
ce1fd72776 updated libmagic.patch in 5.4/5 2014-02-20 19:00:05 +01:00
Anatol Belski
10eb007070 fixed leak introduced after CVE/upgrade 2014-02-20 18:53:53 +01:00
Daniel Lowrey
633f898f15 Skip failing tests when EC unavailable (RHEL) 2014-02-19 03:57:37 -07:00
Anatol Belski
a289b37f48 updated libmagic.patch 2014-02-18 19:08:16 +01:00
Remi Collet
89f864c547 Fixed Bug #66731 file: infinite recursion 
Upstream commit (available in file-5.17)

3c081560c2
cc9e74dfec
 2014-02-18 13:54:33 +01:00
Daniel Lowrey
a80cec1190 Fixed broken build when EC unavailable 2014-02-17 18:55:39 -05:00
Julien Pauli
786234d351 Export JsonSerializable Interface (bug #65753) 2014-02-17 10:25:40 +01:00
Yasuo Ohgaki
f275fdcf00 Fixed possbile injections against pg_insert()/pg_delete()/pg_update()/pg_select() 2014-02-16 10:45:15 +09:00
Yasuo Ohgaki
6f14b5ab41 Refactor build_tablename() 2014-02-16 07:51:27 +09:00
Yasuo Ohgaki
9f251548ae Revise encoding blacklist 2014-02-16 06:21:39 +09:00
Felipe Pena
9d84f6c06e - Fix ZTS build when HAVE_PQESCAPELITERAL is not set 2014-02-15 11:04:49 -02:00
Yasuo Ohgaki
832c21cabf Refactor and cleanup. WS is cleaned up. Use -b if it is needed. 
Added compatibility macros, PQescapeStringConn, PGSQLescapeLiteral/Identifier, PGSQLfree.
 2014-02-15 18:20:58 +09:00
mk-j
19524fc6fe Fix for bug66501 - "key type not supported in this PHP build" 2014-02-14 18:11:46 -07:00
Veres Lajos
35101e9ef4 a few typofixes 2014-02-14 14:51:10 +02:00
Anatol Belski
71ebc0a7f3 adapt test to curl 7.35.0 upgrade 
which is a security one and should be performed as in
http://curl.haxx.se/docs/adv_20140129.html
 2014-02-05 15:15:34 +01:00
Stanislav Malyshev
770aeeb40c tests still failing, so xfail for now until fixed 2014-01-29 23:48:07 -08:00
Yasuo Ohgaki
f5e097d1ed Fixed bug data->fd not set to -1 for open_basedir failure. 2014-01-30 14:15:29 +09:00
Yasuo Ohgaki
d941ac5b4f Fixed zend.multibyte tests partially 2014-01-29 15:41:30 +09:00