9a404df382
Fixed bug #68740 (NULL Pointer Dereference)
...
(cherry picked from commit 124fb22a13
2015-04-05 22:48:10 -07:00
5ae20c6247
Fix bug #66550 (SQLite prepared statement use-after-free)
2015-04-05 22:36:26 -07:00
bd31cb7563
Better fix for #68601 for perf
...
https://bitbucket.org/libgd/gd-libgd/commits/81e9a993f2893d651d225646378e3fd1b7465467
2015-04-05 17:36:47 -07:00
afbf725e73
Fix bug #68601 buffer read overflow in gd_gif_in.c
2015-04-05 17:33:52 -07:00
75f40ae1f3
Fixed bug #69293
2015-03-27 18:40:58 +03:00
968fbc6acf
Bacport fix bug #68741 - Null pointer dereference
2015-03-22 18:30:05 -07:00
fb83c76dee
Check that the type is correct
2015-03-22 18:17:47 -07:00
51856a76f8
Fixed bug #69152
2015-03-19 11:36:01 +03:00
ef8fc4b53d
Fix bug #69253 - ZIP Integer Overflow leads to writing past heap boundary
2015-03-17 21:59:56 -07:00
fb04dcf6db
Fix bug #69248 - heap overflow vulnerability in regcomp.c
...
Merged from https://github.com/garyhouston/regex/commit/70bc2965604b6b8aaf260049e64c708dddf85334
2015-03-17 17:04:57 -07:00
8b14d3052f
add test for bug #68976
2015-03-17 17:03:46 -07:00
646572d6d3
Fixed bug #68976 - Use After Free Vulnerability in unserialize()
2015-03-17 13:20:22 -07:00
9ba4db5e5d
fix tests
2015-03-17 12:55:35 -07:00
1291d6bbee
Fix bug #69207 - move_uploaded_file allows nulls in path
2015-03-17 12:47:58 -07:00
c8eaca013a
Added type checks
2015-03-03 10:43:48 +03:00
0c136a2abd
Added type checks
2015-03-03 09:44:46 +03:00
d5248f67b5
Check variable type before its usage as IS_ARRAY.
2015-03-02 12:27:36 +03:00
bdfe457a2c
Port for for bug #68552
2015-02-17 06:53:02 +01:00
7b18981830
Fix bug #68942 (Use after free vulnerability in unserialize() with DateTimeZone)
...
Conflicts:
ext/date/php_date.c
2015-02-17 06:43:51 +01:00
8f9ab04d93
- Fixed bug #67827 (broken detection of system crypt sha256/sha512 support)
2015-02-17 00:23:47 -02:00
e08bef442c
- Fixed bug #67427 (SoapServer cannot handle large messages) patch by: brandt at docoloc dot de
2015-02-16 13:07:26 -02:00
a8722f5330
Add NULL byte protection to exec, system and passthru
2015-02-14 05:25:04 +09:00
f001c63073
Update header handling to RFC 7230
2015-02-05 20:08:12 -08:00
7efbd70b03
fix sizeof size
2015-02-01 12:40:38 -08:00
94d6cb4a78
fix TSRM
2015-01-31 23:34:14 -08:00
b30a6d6018
Use better constant since MAXHOSTNAMELEN may mean shorter name
2015-01-31 21:46:56 -08:00
0f9c708229
Add mitigation for CVE-2015-0235 (bug #68925 )
2015-01-31 19:08:13 -08:00
e63f7b47e1
Merge branch 'bug68710' into PHP-5.4
...
* bug68710:
Fix for bug #68710 (Use After Free Vulnerability in PHP's unserialize())
2015-01-20 01:02:26 -08:00
fc6aa939f5
Merge branch 'bug68799' into PHP-5.4
...
* bug68799:
Fix bug #68799 : Free called on unitialized pointer
2015-01-20 01:00:11 -08:00
e2fe8e164f
Fixed bug #55618 (use case-insensitive cert name matching)
2015-01-14 18:02:50 +01:00
2fc178cf44
Fix bug #68799 : Free called on unitialized pointer
2015-01-11 00:51:05 -08:00
ebb98e7aeb
updated libmagic.patch in 5.4
2015-01-04 17:04:13 +01:00
ede59c8feb
Fixed bug #68735 fileinfo out-of-bounds memory access
2015-01-04 14:20:21 +01:00
919abf0cb1
removed dead code
2015-01-04 09:40:19 +01:00
b585a3aed7
Fix for bug #68710 (Use After Free Vulnerability in PHP's unserialize())
2015-01-01 16:19:05 -08:00
b75867fff0
add missing test file
2014-12-16 10:15:17 -08:00
630f9c33c2
Fix bug #68594 - Use after free vulnerability in unserialize()
2014-12-16 10:15:17 -08:00
034e6decb3
Fix undefined behaviour in strnatcmp
2014-12-13 22:27:10 +00:00
0323f66fa2
move the test to the right place
2014-12-11 10:39:47 -08:00
13f1c276ab
Fixed bug #68545 NULL pointer dereference in unserialize.c
2014-12-11 10:39:37 -08:00
dd791cd717
Fixed possible read after end of buffer and use after free.
2014-12-08 12:18:27 +03:00
0e985d3726
Revert unintentional docblock change
...
Revert unintentional docblock change
It looks like commit dd8e59da8f
2014-12-05 13:57:03 -08:00
84be568366
update news
2014-11-30 21:37:39 -08:00
7e870c596d
Bug fixes in light of failing bcrypt tests
...
Conflicts:
ext/standard/crypt.c
2014-11-30 21:06:39 -08:00
2d9d10fbbf
Add tests from 1.3. Add missing tests.
...
3 of the missing tests fail. // TODO
2014-11-30 21:05:40 -08:00
29f51e1ca9
Upgrade crypt_blowfish to version 1.3
2014-11-30 21:05:32 -08:00
2323e95df9
Fixed bug #66584 Segmentation fault on statement deallocation
2014-11-11 16:25:31 -08:00
7740edae36
Fix bug #63595 GMP memory management conflicts with other libraries using GMP
...
Drop use of php memory allocators as this raise various conflicts
with other extensions and libraries which use libgmp.
No other solution found.
We cannot for ensure correct use of allocator with shared lib.
Some memory can allocated before php init
Some memory can be freed after php shutdown
Known broken run cases
- php + curl + gnutls + gmp
- mod_gnutls + mod_php + gnutls + gmp
- php + freetds + gnutls + gmp
- php + odbc + freetds + gnutls + gmp
- php + php-mapi (zarafa) + gnutls + gmp
2014-11-03 11:42:15 -08:00
c351b47ce8
Initialize the offset table - PCRE may sometimes miss offsets
2014-11-03 11:31:02 -08:00
1803228597
Fix bug #68283 : fileinfo: out-of-bounds read in elf note headers
...
Upstream commit
https://github.com/file/file/commit/39c7ac1106be844a5296d3eb5971946cc09ffda0
CVE -2014-3710
2014-10-22 15:37:04 +02:00
Xinchen Hui