9103c9eb4f
Merge branch 'bug67250' into PHP-5.4
...
* bug67250:
Fix bug #67250 (iptcparse out-of-bounds read)
2014-05-13 16:43:10 -07:00
3e276d6728
- Updated to version 2014.3 (2014c)
2014-05-13 16:36:58 +01:00
6ef8e0f088
fix test - output can be chunked
2014-05-12 10:54:16 -07:00
3e9cb6a4a5
Fix bug #67250 (iptcparse out-of-bounds read)
2014-05-11 19:09:19 -07:00
2b475eebbe
Fix bug #67247 spl_fixedarray_resize integer overflow
2014-05-11 17:54:27 -07:00
14dd6c2d54
fix news
2014-05-11 17:43:28 -07:00
62b2eb666d
Updated NEWS
2014-05-11 15:13:40 +02:00
5bf6a093ad
Fix Linux specific fail in error traces (cherry-picked and fix for bug #67245 )
...
Linux apparently does not like memcpy in overlapping regions...
2014-05-11 15:11:03 +02:00
fb3b8de98d
- Fixed off-by-one in phar_build (patch by crrodriguez at opensuse dot org)
2014-05-11 09:45:17 -03:00
c575ab0c88
- Move checking
2014-05-10 11:55:42 -03:00
345f6d90d5
- Fixed missing NULL check in SimpleXMLElement::xpath()
2014-05-10 11:53:40 -03:00
5bd443a452
- Fixed missing NULL check
2014-05-10 11:39:08 -03:00
4392339c3e
oops, 5.4 and 5.5 use malloc in TSRM
2014-05-08 01:59:39 -07:00
0cc18fdfba
Fix memory leak in TSRM
2014-05-08 01:00:34 -07:00
8517001b25
Fixed test (it requires ext/hash)
2014-05-07 00:52:49 +02:00
f880013c4d
Fixed tests (they might fail from time to time because of session GC)
2014-05-07 00:37:56 +02:00
f7cb87f333
Fix author name on the #63228 patch.
2014-05-02 10:23:09 -07:00
941c39bd06
Use the right path for the suggested PHP invocation in ext_skel.
...
Fixes bug #67160 (ext_skel outputs incorrect information).
2014-05-01 11:22:20 -07:00
1c13ad7c0e
add missing NEWS entry to the correct release where it was added
2014-05-01 10:50:08 +02:00
35ceea928b
Fix bug #67060 : use default mode of 660
2014-04-29 09:14:11 -07:00
2d625b5f81
Fixed bug #66431 Special Character via COM Interface (CP_UTF8)
2014-04-29 13:40:44 +02:00
bb422cb60e
Merge branch 'PHP-5.3' into PHP-5.4
...
* PHP-5.3:
Cleanup ZEND_MODULE_API_NO => 20050922
2014-04-28 12:13:11 +03:00
dbcd6304bb
Cleanup ZEND_MODULE_API_NO => 20050922
2014-04-28 12:12:52 +03:00
d3dcd61623
fixed test
2014-04-25 17:39:53 +02:00
c1aa9baf29
Fixed bug #67118 DateTime constructor crash with invalid data
2014-04-25 17:23:26 +02:00
03c703b8bd
add a test case previously broken by a bad fix
2014-04-24 23:58:38 -07:00
a328803803
Revert "Fixed bug #64604 "
...
This reverts commit b05c088a3a
2014-04-24 23:50:45 -07:00
03be983398
fix dll export
2014-04-24 10:51:42 +02:00
61499bf282
Fix accepting ill-formed UTF-8 characters
...
Conflicts:
ext/phar/phar_path_check.c
2014-04-22 16:55:58 -07:00
ea4cee93c8
Allow valid multi-byte utf-8 characters to be allowed as file names in phar archives.
2014-04-20 17:19:20 -07:00
68283c9f4a
Fix a compiler warning in php_rand.h
2014-04-20 16:35:36 -07:00
49341e992a
Fix #66908 : php-fpm reload leaks epoll_create() file descriptor
...
This patch fixes descriptor leak which could lead to DoS once Max open files is reached
2014-04-20 16:21:49 -07:00
a18cec1b86
Fix bug #65701 : Do not use cache for file file copy
2014-04-20 15:22:44 -07:00
53c68811ba
UPGRADING note about bug #67072
2014-04-18 15:43:05 +02:00
c2acdbdd3d
Improved the fix for bug #67072 , thanks Nikita
2014-04-18 15:13:32 +02:00
6e1e98d7b8
These links to ~helly don't work anymore.
2014-04-17 17:20:24 +02:00
5328d42899
Fixed bug #67072 Echoing unserialized "SplFileObject" crash
...
The actual issue lays in the unserializer code which doesn't honor
the unserialize callback. By contrast, the serialize callback is
respected. This leads to the situation that even if a class has
disabled the serialization explicitly, user could still construct
a vulnerable string which would result bad things when trying
to unserialize.
This conserns also the classes implementing Serializable as well
as some core classes disabling serialize/unserialize callbacks
explicitly (PDO, SimpleXML, SplFileInfo and co). As of now, the
flow is first to call the unserialize callback (if available),
then call __wakeup. If the unserialize callback returns with no
success, no object is instantiated. This makes the scheme used
by internal classes effective, to disable unserialize just assign
zend_class_unserialize_deny as callback.
2014-04-17 10:48:14 +02:00
7a5f1663c6
correct the bug #67081 fix
2014-04-16 15:06:57 +02:00
5224614f23
Fixed bug #67081 DOMDocumentType->internalSubset returns entire DOCTYPE tag, not only the subset
2014-04-16 14:13:45 +02:00
1d34d82231
5.4.29 is next
2014-04-15 16:51:38 -07:00
eea75e7146
Fix test - on CI somebody could create a process in the meantime
2014-04-14 15:44:23 -07:00
24b72e7a27
fix windows build
2014-04-14 23:29:38 +02:00
a186312832
Fix #66942 : openssl_seal() memory leak
...
Fix #66952 : memory leak in openssl_open()
2014-04-14 13:24:14 -07:00
56f9727305
ws fix
2014-04-14 13:16:53 -07:00
ad1b9eef98
Fix null byte in LDAP bindings
2014-04-14 10:44:53 -07:00
40a9316dff
Fix bug #66171 : better handling of symlinks
2014-04-14 10:44:53 -07:00
4268504084
backported some ext/intl tests from 5.6 into 5.4
2014-04-14 16:31:18 +02:00
95c57bb646
Fixed bug #67033 Remove reference to Windows 95
2014-04-14 09:32:31 +02:00
b80243aece
fix NEWS
2014-04-13 20:16:27 -07:00
5e66ce9293
Merge branch 'pull-request/518' into PHP-5.4
...
* pull-request/518:
Fix #66021 (Blank line inside empty array/object)
2014-04-13 18:50:39 -07:00
Stanislav Malyshev