49493a2dcf
Happy new year (Update copyright to 2016)
2016-01-01 19:21:47 +02:00
51218b3b9d
Fixed bug #70852 Segfault getting NULL offset of an ArrayObject.
2015-11-05 13:46:03 +08:00
925412ee1c
Do not edit the zval cause it might be in shared memory
2015-10-03 19:50:38 -07:00
484b92919b
Fix #70303 : Incorrect constructor reflection for ArrayObject
...
The first parameter of ArrayObject::__construct() is optional. Reflection
should reflect this.
2015-08-19 16:23:16 +02:00
ed709d5aa0
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
update NEWS
fix test
update NEWS
Fix bug #70019 - limit extracted files to given directory
Do not do convert_to_* on unserialize, it messes up references
Fix #69793 - limit what we accept when unserializing exception
Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList)
Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject
ignore signatures for packages too
Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage
Fixed bug #69892
Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes
Improved fix for Bug #69441
Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items)
Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref)
Fix bug #70081 : check types for SOAP variables
Conflicts:
ext/soap/php_http.c
ext/spl/spl_observer.c
2015-08-04 15:29:13 -07:00
69ed3969dd
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Fix bug #70019 - limit extracted files to given directory
Do not do convert_to_* on unserialize, it messes up references
Fix #69793 - limit what we accept when unserializing exception
Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList)
Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject
ignore signatures for packages too
Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage
Fixed bug #69892
Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes
Improved fix for Bug #69441
Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items)
Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref)
Fix bug #70081 : check types for SOAP variables
Conflicts:
.gitignore
ext/date/php_date.c
ext/spl/spl_array.c
ext/spl/spl_observer.c
2015-08-04 14:10:57 -07:00
7381b6accc
Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject
2015-08-01 22:01:40 -07:00
b7fa67742c
Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items)
2015-07-26 17:25:25 -07:00
0579e8278d
bump year
2015-01-15 23:26:37 +08:00
73c1be2653
Bump year
2015-01-15 23:26:03 +08:00
51c38a0997
Fixed bug #67539 (ArrayIterator use-after-free due to object change during sorting)
2014-07-24 22:54:14 -07:00
f48f311533
Merge branch 'PHP-5.5' into PHP-5.6
2014-07-02 17:58:11 +08:00
22882a9d89
Fixed bug #67539 (ArrayIterator use-after-free due to object change during sorting)
2014-07-02 17:57:42 +08:00
b03993dde9
Fix bug #67492 : unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion
2014-06-24 10:29:26 -07:00
e2ed4874b5
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
5.4.30
Better fix for bug #67072 with more BC provisions
Fix bug #67498 - phpinfo() Type Confusion Information Leak Vulnerability
update CVE
Fix bug #67492 : unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion
Fix bug #67397 (Buffer overflow in locale_get_display_name->uloc_getDisplayName (libicu 4.8.1))
Fix bug #67349 : Locale::parseLocale Double Free
add CVEs
Fix potential segfault in dns_get_record()
Fix bug #66127 (Segmentation fault with ArrayObject unset)
5.4.30 rc1
Conflicts:
ext/intl/locale/locale_methods.c
2014-06-24 10:25:09 -07:00
88223c5245
Fix bug #67492 : unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion
2014-06-21 19:46:16 -07:00
ea466a316f
Fix Request #67453 Allow to unserialize empty data.
...
SplDoublyLinkedList, SplObjectStorage and ArrayObject have empty
constructor (no arg), so it make sense to allow to unserialize empty
data.
This allow the hack (used in various place, including PHPUnit) to
instanciate class without call to constructor to work.
2014-06-17 09:38:54 +02:00
2b04d68972
Fix bug #66127 (Segmentation fault with ArrayObject unset)
2014-06-10 23:24:11 -07:00
2ed66ed21c
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
Fix bug #66127 (Segmentation fault with ArrayObject unset)
5.4.31 next
2014-06-10 23:20:07 -07:00
f11bba4929
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Fix bug #66127 (Segmentation fault with ArrayObject unset)
5.4.31 next
Conflicts:
configure.in
main/php_version.h
2014-06-10 23:19:21 -07:00
317bcb96d0
Fix bug #66127 (Segmentation fault with ArrayObject unset)
2014-06-10 23:17:30 -07:00
b8042acdde
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
Check for zero-length keys in spl_array_skip_protected and don't skip them.
added CVEs in NEWS
2014-05-29 17:56:32 +00:00
43e3a83d51
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Check for zero-length keys in spl_array_skip_protected and don't skip them.
2014-05-29 17:53:28 +00:00
b5d9983ff4
Check for zero-length keys in spl_array_skip_protected and don't skip them.
...
Fixes bug #67360 (Missing element after ArrayObject::getIterator).
2014-05-29 17:49:32 +00:00
d4295eb26a
Prevent recursion in ZF2 Parameters class
2014-05-16 16:49:47 +08:00
5dee3c11fe
Call offsetGet() when called with isset() on ArrayObject derivatives
2014-03-25 18:15:18 +08:00
c081ce628f
Bump year
2014-01-03 11:08:10 +08:00
47c9027772
Bump year
2014-01-03 11:06:16 +08:00
c0d060f5c0
Bump year
2014-01-03 11:04:26 +08:00
39612afc72
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Reduce (some) compile noise of 'unused variable' and 'may be used uninitialized' warnings.
Conflicts:
ext/dba/libinifile/inifile.c
2013-08-14 20:43:25 -07:00
9ad97cd489
Reduce (some) compile noise of 'unused variable' and 'may be used uninitialized' warnings.
2013-08-14 20:36:50 -07:00
9126909c08
Merge branch 'PHP-5.4' into PHP-5.5
2013-07-25 22:44:19 +08:00
9909c4d4c4
Fixed bug #65328 (Segfault when getting SplStack object Value)
2013-07-25 22:43:41 +08:00
f5bf90ef34
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
- Fixed bug #62672 (Error on serialize of ArrayObject) patch by: lior dot k at zend dot com
- BFN
2013-06-25 21:18:34 -03:00
04db57066d
- Fixed bug #62672 (Error on serialize of ArrayObject) patch by: lior dot k at zend dot com
2013-06-25 21:18:09 -03:00
28634bf603
Forgot to remove some now unused variables
2013-03-12 17:39:20 +01:00
fcc6611de9
Add support for non-scalar Iterator keys in foreach
...
RFC: https://wiki.php.net/rfc/foreach-non-scalar-keys
2013-03-12 17:27:31 +01:00
207d0ee08a
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Bug #52861 : unset fails with ArrayObject and deep arrays
2013-02-26 22:13:01 -08:00
7c08232509
Merge branch 'PHP-5.3' into PHP-5.4
...
* PHP-5.3:
Bug #52861 : unset fails with ArrayObject and deep arrays
2013-02-26 22:12:36 -08:00
61099f8585
Bug #52861 : unset fails with ArrayObject and deep arrays
...
When checking to make into a reference write, readwrite are checked but not unset
2013-02-26 22:11:52 -08:00
0c6d903ce7
fix bug #49348 - issue notice on get_property_ptr_ptr when used for read
2013-02-18 20:56:02 -08:00
f540e086e2
Fixed bug #64106 : Segfault on SplFixedArray[][x] = y when extended
2013-01-30 20:40:02 +01:00
bb4d11b405
Merge branch 'PHP-5.3' into PHP-5.4
2013-01-30 20:25:59 +01:00
321f4f18e5
Fixed bug #64106 : Segfault on SplFixedArray[][x] = y when extended
2013-01-30 20:23:39 +01:00
a666285bc2
Happy New Year
2013-01-01 16:37:09 +08:00
0a7395e009
Happy New Year
2013-01-01 16:28:54 +08:00
a2045ff332
Happy New Year~
2013-01-01 16:02:16 +08:00
6284ef112e
Fixed bug #63236 (Executable permission on various source files)
2012-10-09 13:28:31 +08:00
e4a8fa6a15
Merge branch 'PHP-5.3' into PHP-5.4
2012-10-09 13:29:51 +08:00
f3108b5f81
Remove extra blank in notice message, should act as same as vm
2012-09-01 14:37:45 +08:00
Lior Kaplan