php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-29 03:32:20 +02:00
Code Issues Packages Projects Releases Wiki Activity
95,107 Commits 547 Branches 1,481 Tags
941b56dd4a1da83c19d0fc8e99fd0c7fc6feed21
Commit Graph

334 Commits

Author SHA1 Message Date
Anatol Belski
855b8e4f79 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  fix test portability
 2016-09-13 12:02:05 +02:00
Anatol Belski
fc31d6fed4 fix test portability 2016-09-13 12:00:29 +02:00
Yasuo Ohgaki
0e3b30fad1 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fixed Bug #68015 Session does not report invalid uid for files save handler
 2016-09-09 11:32:20 +09:00
Yasuo Ohgaki
38553e853b Fixed Bug #68015 Session does not report invalid uid for files save handler 2016-09-09 11:31:54 +09:00
Yasuo Ohgaki
b5f2f6fbd8 Fixed bug #72940 SID always return "name=ID", even if session cookie exist 2016-08-30 15:58:25 +09:00
Stanislav Malyshev
ed9d916c28 fix test 2016-08-17 01:12:33 -07:00
Stanislav Malyshev
0d13325b66 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6: (24 commits)
  Update NEWS
  BLock test with memory leak
  fix tests
  Fix TSRM build
  Fix bug #72850 - integer overflow in uuencode
  Fixed bug #72849 - integer overflow in urlencode
  Fix bug #72848 - integer overflow in quoted_printable_encode caused heap corruption
  Fix bug #72838 - 	Integer overflow lead to heap corruption in sql_regcase
  Fix bug #72837 - integer overflow in bzdecompress caused heap corruption
  Fix bug #72836 - integer overflow in base64_decode caused heap corruption
  Fix for bug #72807 - do not produce strings with negative length
  Fix for bug #72790 and bug #72799
  Fix bug #72730 - imagegammacorrect allows arbitrary write access
  Fix bug#72697 - select_colors write out-of-bounds
  Fixed bug #72627: Memory Leakage In exif_process_IFD_in_TIFF
  Fix bug #72750: wddx_deserialize null dereference
  Fix bug #72771: ftps:// opendir wrapper is vulnerable to protocol downgrade attack
  Improve fix for #72663
  Fix bug #70436: Use After Free Vulnerability in unserialize()
  Fix bug #72749: wddx_deserialize allows illegal memory access
  ...

Conflicts:
	Zend/zend_API.h
	ext/bz2/bz2.c
	ext/curl/interface.c
	ext/ereg/ereg.c
	ext/exif/exif.c
	ext/gd/gd.c
	ext/gd/tests/imagetruecolortopalette_error3.phpt
	ext/gd/tests/imagetruecolortopalette_error4.phpt
	ext/session/session.c
	ext/snmp/snmp.c
	ext/standard/base64.c
	ext/standard/ftp_fopen_wrapper.c
	ext/standard/quot_print.c
	ext/standard/url.c
	ext/standard/uuencode.c
	ext/standard/var.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	ext/wddx/tests/bug72790.phpt
	ext/wddx/tests/bug72799.phpt
	ext/wddx/wddx.c
	sapi/cli/generate_mime_type_map.php
 2016-08-17 00:43:33 -07:00
Stanislav Malyshev
8763c6090d Fix bug #72681 - consume data even if we're not storing them 2016-08-16 22:54:42 -07:00
Nikita Popov
2194690625 Ensure session GC is not run during variation6.phpt 
The implemented gc() handler simply deletes all sessions, including
the current one. This may cause a subsequent unlink() warning.
Avoid this by preventing GC from running.
 2016-07-24 00:07:54 +02:00
Anatol Belski
958fa34c16 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  fix test
 2016-07-23 21:03:45 +02:00
Anatol Belski
80fee637f4 fix test 2016-07-23 20:55:39 +02:00
Stanislav Malyshev
b00f8f2a5b Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  fix #72519, possible OOB using imagegif
  fix #72512, invalid read or write for palette image when invalid transparent index is used
  Apparently some envs miss SIZE_MAX
  Fix tests
  Fix bug #72618: NULL Pointer Dereference in exif_process_user_comment
  Partial fix for bug #72613 - do not treat negative returns from bz2 as size_t
  Fix bug #72606: heap-buffer-overflow (write) simplestring_addn simplestring.c
  Fix for bug #72558, Integer overflow error within _gdContributionsAlloc()
  Fix bug #72603: Out of bound read in exif_process_IFD_in_MAKERNOTE
  Fix bug #72562 - destroy var_hash properly
  Fix bug #72533 (locale_accept_from_http out-of-bounds access)
  Fix fir bug #72520
  Fix for bug #72513
  Fix for bug #72513
  CS fix and comments with bug ID
  Fix for HTTP_PROXY issue.
  5.6.24RC1
  add tests for bug #72512
  Fixed bug #72512 gdImageTrueColorToPaletteBody allows arbitrary write/read access
  Fixed bug #72479 - same as #72434

Conflicts:
	Zend/zend_virtual_cwd.c
	ext/bz2/bz2.c
	ext/exif/exif.c
	ext/session/session.c
	ext/snmp/snmp.c
	ext/standard/basic_functions.c
	main/SAPI.c
	main/php_variables.c
 2016-07-19 01:39:28 -07:00
Stanislav Malyshev
4d0565b5ba Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  fix #72519, possible OOB using imagegif
  fix #72512, invalid read or write for palette image when invalid transparent index is used
  Apparently some envs miss SIZE_MAX
  Fix tests
  Fix bug #72618: NULL Pointer Dereference in exif_process_user_comment
  Partial fix for bug #72613 - do not treat negative returns from bz2 as size_t
  Fix bug #72606: heap-buffer-overflow (write) simplestring_addn simplestring.c
  Fix for bug #72558, Integer overflow error within _gdContributionsAlloc()
  Fix bug #72603: Out of bound read in exif_process_IFD_in_MAKERNOTE
  Fix bug #72562 - destroy var_hash properly
  Fix bug #72533 (locale_accept_from_http out-of-bounds access)
  Fix fir bug #72520
  Fix for bug #72513
  CS fix and comments with bug ID
  Fix for HTTP_PROXY issue.
  add tests for bug #72512
  Fixed bug #72512 gdImageTrueColorToPaletteBody allows arbitrary write/read access
  Fixed bug #72479 - same as #72434

Conflicts:
	ext/bz2/bz2.c
	main/SAPI.c
	main/php_variables.c
 2016-07-19 00:53:08 -07:00
Stanislav Malyshev
3798eb6fd5 Fix bug #72562 - destroy var_hash properly 2016-07-12 23:27:45 -07:00
Xinchen Hui
05d53dee7d Fixed bug #71972 (Cyclic references causing session_start(): Failed to decode session object) 2016-04-15 21:08:51 -07:00
Yasuo Ohgaki
6467a4eb36 Fixed Bug #71974 Trans sid will always be send, even if cookies are available 2016-04-07 10:26:05 +09:00
Yasuo Ohgaki
50fca7a02a Fixed Bug #71683 Null pointer dereference in zend_hash_str_find_bucket 2016-03-12 08:15:47 +09:00
Nikita Popov
a4e56194d7 Fix intermixed SKIPIF and XFAIL sections in test 2016-03-03 16:38:05 +01:00
Anatol Belski
b947aff98d yet one revert 2016-01-29 21:43:14 +01:00
Anatol Belski
ac22f71477 Revert "adjust test for 7.0" 
This reverts commit 7fdb019e66.
 2016-01-29 21:27:22 +01:00
Anatol Belski
d1d3c0832e add XFAIL 2016-01-29 20:57:05 +01:00
Anatol Belski
ebcfe7618d Revert "refix #69111 and one related test" 
This reverts commit 80f7b01258.
 2016-01-29 20:50:14 +01:00
Anatol Belski
7f977c13dc Revert "fix tests" 
This reverts commit d964ccba40.
 2016-01-29 20:49:52 +01:00
Anatol Belski
b7dadfae87 add XFAIL 2016-01-29 20:36:11 +01:00
Anatol Belski
80f7b01258 refix #69111 and one related test 
It is the least evil as the test just reduces the fail path. 5.6 seems
still broken in this regard, a backport should follow if travis is happy.
 2016-01-29 19:55:50 +01:00
Anatol Belski
d964ccba40 fix tests 2016-01-29 16:32:27 +01:00
Anatol Belski
7fdb019e66 adjust test for 7.0 2016-01-29 12:29:41 +01:00
Anatol Belski
a068047f62 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  add test for bug #69111
 2016-01-29 12:29:05 +01:00
Anatol Belski
4b0feeb8fa add test for bug #69111 2016-01-29 12:27:35 +01:00
Anatol Belski
b858224b88 reset ext/session to the state of 7.0.2 2016-01-29 08:37:27 +01:00
Anatol Belski
ae6e139c77 reset the ext/session to the state of 5.6.17 2016-01-29 08:33:09 +01:00
Yasuo Ohgaki
9f2240963f Add test for Bug #70133 (Extended SessionHandler::read is ignoring $session_id when calling parent) 2016-01-16 05:29:19 +09:00
Yasuo Ohgaki
34ff7bbeb1 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fixed bug #69111 (Crash in SessionHandler::read()). Made session save handler abuse much harder than before.
 2016-01-15 16:24:22 +09:00
Yasuo Ohgaki
bfb9307b2d Fixed bug #69111 (Crash in SessionHandler::read()). 
Made session save handler abuse much harder than before.
 2016-01-15 15:50:14 +09:00
Yasuo Ohgaki
132d919c85 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Improved fix for bug #68063 (Empty session IDs do still start sessions).
 2016-01-15 10:19:01 +09:00
Yasuo Ohgaki
8c37a086c7 Improved fix for bug #68063 (Empty session IDs do still start sessions). 2016-01-15 09:45:08 +09:00
Yasuo Ohgaki
224aaf94af Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fixed Bug #71038 session_start() returns TRUE on failure
 2016-01-12 19:52:54 +09:00
Yasuo Ohgaki
a15e9ccba8 Fixed Bug #71038 session_start() returns TRUE on failure 2016-01-12 19:09:49 +09:00
Yasuo Ohgaki
707e1c4710 Fixed test 2015-12-16 09:35:45 +09:00
Yasuo Ohgaki
714f28d8e4 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fixed bug #71122 Session GC may not remove obsolete session data
 2015-12-16 09:34:41 +09:00
Yasuo Ohgaki
e8f1c29cc9 Fixed bug #71122 Session GC may not remove obsolete session data 2015-12-16 09:15:05 +09:00
Anatol Belski
56e7903131 fix path separator in test 2015-12-09 11:18:25 +01:00
Xinchen Hui
e9fd8ad446 Fixed bug #70876 (Segmentation fault when regenerating session id with strict mode) 2015-11-07 07:30:31 -08:00
Xinchen Hui
148bb622fa Revert "Fixed bug #70876 Segmentation fault when regenerating session id with strict mode" 
This reverts commit 0bf3ebb4ba.
 2015-11-07 07:17:43 -08:00
Reeze Xia
0bf3ebb4ba Fixed bug #70876 Segmentation fault when regenerating session id with strict mode 
The comment *mod_data always be non-NULL is not true.
The same as this FIXME: https://github.com/php/php-src/blob/master/ext/session/mod_files.c#L676
 2015-11-07 21:46:21 +08:00
Anatol Belski
bfd2637068 fix test 2015-09-29 13:04:06 +02:00
Matteo Beccati
cc875d1a25 Skip session_regenerate_id_cookie.phpt when there's no cgi 2015-09-18 07:51:46 +02:00
Yasuo Ohgaki
e341eb94cb Add test for #70516 session_regenerate_id() does not send session ID cookie 2015-09-17 05:36:47 +09:00
Yasuo Ohgaki
ab0e347f26 Add more test cases 2015-09-08 18:44:23 +09:00
Yasuo Ohgaki
f34b858ed0 Fix #70013: Reference to $_SESSION is lost after a call to session_regenerate_id() 2015-09-07 03:57:03 +09:00