php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-24 00:02:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
139,454 Commits 545 Branches 1,479 Tags
8156a89eff41e4602d676bbe17f08c7b0f960bb4
Commit Graph

139454 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Niels Dossche
8156a89eff Fix incorrectly merged bug75535.phpt 
Co-authored-by: Jakub Zelenka <bukka@php.net>
 2025-03-11 23:06:28 +01:00
Tim Düsterhus
a8d3a80067 Fix GHSA-p3x9-6h7p-cgfc: libxml streams wrong content-type on redirect 
libxml streams use wrong content-type header when requesting a
redirected resource.
 2025-03-11 22:58:39 +01:00
Ben Ramsey
109230d0da Merge branch 'PHP-8.3' into PHP-8.4 2025-03-11 16:43:28 -05:00
Ben Ramsey
4d4205675a Merge branch 'PHP-8.2' into PHP-8.3 2025-03-11 16:43:07 -05:00
Ben Ramsey
b6d61f5ec0 Merge branch 'PHP-8.1' into PHP-8.2 2025-03-11 16:42:29 -05:00
Ben Ramsey
858c378930 PHP-8.1 is now for PHP 8.1.33-dev 2025-03-11 16:34:23 -05:00
Jakub Zelenka
6976fb6ba7 Merge branch 'PHP-8.3' into PHP-8.4 2025-03-11 22:23:09 +01:00
Ilija Tovilo
ef2c459941 Use-after-free for ??= due to incorrect live-range calculation 
Fixes GHSA-rwp7-7vc6-8477
 2025-03-11 22:10:21 +01:00
Jakub Zelenka
acf2f4988a Merge branch 'PHP-8.2' into PHP-8.3 2025-03-11 22:09:00 +01:00
Jakub Zelenka
4af1830356 Merge branch 'PHP-8.1' into PHP-8.2 2025-03-11 21:57:33 +01:00
Jakub Zelenka
74d548bf58 Update NEWS with entries for security fixes 2025-03-11 21:50:17 +01:00
Niels Dossche
0e715e71d9 Fix GHSA-wg4p-4hqh-c3g9 2025-03-11 21:50:17 +01:00
Tim Düsterhus
b6004a043c Fix GHSA-p3x9-6h7p-cgfc: libxml streams wrong content-type on redirect 
libxml streams use wrong content-type header when requesting a
redirected resource.
 2025-03-11 21:50:17 +01:00
Jakub Zelenka
41d49abbd9 Fix GHSA-hgf5-96fm-v528: http user header check of crlf 2025-03-11 21:50:16 +01:00
Jakub Zelenka
ac1a054bb3 Fix GHSA-52jp-hrpf-2jff: http redirect location truncation 
It converts the allocation of location to be on heap instead of stack
and errors if the location length is greater than 8086 bytes.
 2025-03-11 21:50:16 +01:00
Jakub Zelenka
0548c4c175 Fix GHSA-pcmh-g36c-qc44: http headers without colon 
The header line must contain colon otherwise it is invalid and it needs
to fail.

Reviewed-by: Tim Düsterhus <tim@tideways-gmbh.com>
 2025-03-11 21:50:16 +01:00
Jakub Zelenka
d20b4c97a9 Fix GHSA-ghsa-v8xr-gpvj-cx9g: http header folding 
This adds HTTP header folding support for HTTP wrapper response
headers.

Reviewed-by: Tim Düsterhus <tim@tideways-gmbh.com>
 2025-03-11 21:50:16 +01:00
Eric Mann
175b962f55 Fix NEWS versions for posterity 2025-03-11 12:06:18 -07:00
Gina Peter Banyard
bb4174e6bc [skip ci] Update NEWS 2025-03-11 11:10:19 +00:00
Christian Schneider
4ca6bde32f Fix bug and add test for dba_open same file twice (#17979) 
Co-authored-by: Christian Schneider <schneider@search.ch>
 2025-03-11 11:08:53 +00:00
Niels Dossche
09189026e6 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix test GH-16535 for libxml2 2.14
  Fix tests for libxml2 2.14
 2025-03-10 20:23:43 +01:00
Niels Dossche
1befdce0e6 Merge branch 'PHP-8.2' into PHP-8.3 
* PHP-8.2:
  Fix test GH-16535 for libxml2 2.14
  Fix tests for libxml2 2.14
 2025-03-10 20:23:36 +01:00
Niels Dossche
b5471300d2 Fix test GH-16535 for libxml2 2.14 2025-03-10 20:23:23 +01:00
Niels Dossche
239b01db7c Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Fix tests for libxml2 2.14
 2025-03-10 20:22:27 +01:00
Niels Dossche
f209eb448e Fix tests for libxml2 2.14 
See GH-18009.
 2025-03-10 20:22:11 +01:00
Ilija Tovilo
dfdf52eb9f Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Increase CircleCI no_output_timeout
 2025-03-10 13:38:16 +01:00
Ilija Tovilo
cfc7652a28 Merge branch 'PHP-8.2' into PHP-8.3 
* PHP-8.2:
  Increase CircleCI no_output_timeout
 2025-03-10 13:38:01 +01:00
Ilija Tovilo
9842508580 Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Increase CircleCI no_output_timeout
 2025-03-10 13:37:46 +01:00
Ilija Tovilo
ee7fcf2a07 Increase CircleCI no_output_timeout 
Closes GH-18002
 2025-03-10 13:37:24 +01:00
Ilija Tovilo
3b9b26f760 Merge branch 'PHP-8.3' into PHP-8.4 2025-03-10 11:28:43 +01:00
Ilija Tovilo
33c75d98c9 Merge branch 'PHP-8.2' into PHP-8.3 2025-03-10 11:28:29 +01:00
Ilija Tovilo
d6172ce37a [skip ci] Ignore snmp test on asan that frequently times out 
Not sure why this happens only on master.

Cherry-picked from becf207d0c
No longer happens just on master. ;)
 2025-03-10 11:24:27 +01:00
Niels Dossche
aa6e58f82a Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix weird unpack behaviour in DOM
  Fix GH-17989: mb_output_handler crash with unset http_output_conv_mimetypes
 2025-03-09 11:21:27 +01:00
Niels Dossche
9be9f70caa Fix weird unpack behaviour in DOM 
Engine pitfall: the iter index is only updated by foreach opcodes, so
the existing code that used it as an index for the nodes w.r.t. the
start did not work properly. Fix it by using our own counter.

Closes GH-18004.
 2025-03-09 11:17:03 +01:00
Niels Dossche
c7d3dc6fab Fix GH-17989: mb_output_handler crash with unset http_output_conv_mimetypes 
The INI option can be NULL or invalid, resulting in a NULL global.
So we have to add a NULL check.

Closes GH-17996.
 2025-03-09 11:16:33 +01:00
Ilija Tovilo
efb08feb85 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Suppress snmp lib memory leak, skip ASAN tests
 2025-03-08 16:12:24 +01:00
Ilija Tovilo
d6ee360f7b Merge branch 'PHP-8.2' into PHP-8.3 
* PHP-8.2:
  Suppress snmp lib memory leak, skip ASAN tests
 2025-03-08 16:12:17 +01:00
Ilija Tovilo
084446418f Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Suppress snmp lib memory leak, skip ASAN tests
 2025-03-08 16:11:33 +01:00
Ilija Tovilo
b0858427aa Suppress snmp lib memory leak, skip ASAN tests 
I don't know enough about this library to fix those :(

Cherry-picked from:
be4db6b550
ba1d9d0ab2
 2025-03-08 16:10:59 +01:00
Ilija Tovilo
8254e8de31 Fix lazy proxy calling set hook twice 
Writing to an uninitialized lazy proxy will initialize the underlying
object and then call zend_std_write_property() on it. If this happens
inside a hook, zend_std_write_property() should not call the hook again
but directly write to the property slot. This didn't previously work
because zend_should_call_hook() would compare the parent frame
containing the proxy to the underlying object. This is now handled
explicitly.

Fixes GH-18000
Closes GH-18001
 2025-03-08 12:38:27 +01:00
Ilija Tovilo
9acfe6e11c Fix skipped lazy init on primed SIMPLE_WRITE 
Go through the normal assignment path, which includes an IS_UNDEF check.

Fixes GH-17998
Closes GH-17999
 2025-03-08 12:32:18 +01:00
Ilija Tovilo
868959350f Fix incorrect handling of hooked props without get hook in get_object_vars() 
Fixes GH-17988
Closes GH-17997
 2025-03-08 12:27:28 +01:00
Niels Dossche
8950c241b3 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix uninitialized memory accesses in DOM iterator
 2025-03-08 11:12:34 +01:00
Niels Dossche
2634622d3d Fix uninitialized memory accesses in DOM iterator 2025-03-08 11:12:24 +01:00
Niels Dossche
38e8725bec Fix GH-17941: Stack-use-after-return with lazy objects and hooks 
zend_std_write_property() can return the variable pointer, but the code
was using a local variable, and so a pointer to a local variable could
be returned. Fix this by using the value pointer instead of the backup
value was written.
This can be more efficient on master by using the safe_assign helper.

Closes GH-17947.
 2025-03-08 00:00:01 +01:00
Niels Dossche
6083dc09a3 Fix GH-17991: Assertion failure dom_attr_value_write 
Closes GH-17995.
 2025-03-07 22:43:38 +01:00
David Carlier
6004063206 Merge branch 'PHP-8.3' into PHP-8.4 2025-03-07 18:31:14 +00:00
David Carlier
fc09eb21db [skip ci] fix NEWS entry 2025-03-07 18:31:00 +00:00
David Carlier
bc55177832 Merge branch 'PHP-8.3' into PHP-8.4 2025-03-07 18:07:48 +00:00
David Carlier
07ceadf7d9 Fix GH-17984: gd calls with array arguments. 
close GH-17985
 2025-03-07 18:07:14 +00:00