php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-27 18:23:26 +02:00
Code Issues Packages Projects Releases Wiki Activity
94,751 Commits 549 Branches 1,485 Tags
a2a2ea18feea8945be7a7f02f384f015fa47076a
Commit Graph

1233 Commits

Author SHA1 Message Date
Nikita Popov 2194690625 Ensure session GC is not run during variation6.phpt 
The implemented gc() handler simply deletes all sessions, including
the current one. This may cause a subsequent unlink() warning.
Avoid this by preventing GC from running.
 2016-07-24 00:07:54 +02:00
Anatol Belski 958fa34c16 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  fix test
 2016-07-23 21:03:45 +02:00
Anatol Belski 80fee637f4 fix test 2016-07-23 20:55:39 +02:00
Stanislav Malyshev b00f8f2a5b Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  fix #72519, possible OOB using imagegif
  fix #72512, invalid read or write for palette image when invalid transparent index is used
  Apparently some envs miss SIZE_MAX
  Fix tests
  Fix bug #72618: NULL Pointer Dereference in exif_process_user_comment
  Partial fix for bug #72613 - do not treat negative returns from bz2 as size_t
  Fix bug #72606: heap-buffer-overflow (write) simplestring_addn simplestring.c
  Fix for bug #72558, Integer overflow error within _gdContributionsAlloc()
  Fix bug #72603: Out of bound read in exif_process_IFD_in_MAKERNOTE
  Fix bug #72562 - destroy var_hash properly
  Fix bug #72533 (locale_accept_from_http out-of-bounds access)
  Fix fir bug #72520
  Fix for bug #72513
  Fix for bug #72513
  CS fix and comments with bug ID
  Fix for HTTP_PROXY issue.
  5.6.24RC1
  add tests for bug #72512
  Fixed bug #72512 gdImageTrueColorToPaletteBody allows arbitrary write/read access
  Fixed bug #72479 - same as #72434

Conflicts:
	Zend/zend_virtual_cwd.c
	ext/bz2/bz2.c
	ext/exif/exif.c
	ext/session/session.c
	ext/snmp/snmp.c
	ext/standard/basic_functions.c
	main/SAPI.c
	main/php_variables.c
 2016-07-19 01:39:28 -07:00
Stanislav Malyshev 4d0565b5ba Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  fix #72519, possible OOB using imagegif
  fix #72512, invalid read or write for palette image when invalid transparent index is used
  Apparently some envs miss SIZE_MAX
  Fix tests
  Fix bug #72618: NULL Pointer Dereference in exif_process_user_comment
  Partial fix for bug #72613 - do not treat negative returns from bz2 as size_t
  Fix bug #72606: heap-buffer-overflow (write) simplestring_addn simplestring.c
  Fix for bug #72558, Integer overflow error within _gdContributionsAlloc()
  Fix bug #72603: Out of bound read in exif_process_IFD_in_MAKERNOTE
  Fix bug #72562 - destroy var_hash properly
  Fix bug #72533 (locale_accept_from_http out-of-bounds access)
  Fix fir bug #72520
  Fix for bug #72513
  CS fix and comments with bug ID
  Fix for HTTP_PROXY issue.
  add tests for bug #72512
  Fixed bug #72512 gdImageTrueColorToPaletteBody allows arbitrary write/read access
  Fixed bug #72479 - same as #72434

Conflicts:
	ext/bz2/bz2.c
	main/SAPI.c
	main/php_variables.c
 2016-07-19 00:53:08 -07:00
Stanislav Malyshev 3798eb6fd5 Fix bug #72562 - destroy var_hash properly 2016-07-12 23:27:45 -07:00
Xinchen Hui 6744737577 Fixed bug #72531 (ps_files_cleanup_dir Buffer overflow) 2016-07-03 09:30:33 +08:00
Christoph M. Becker 07a793810f Merge branch 'PHP-5.6' into PHP-7.0 2016-06-09 15:35:28 +02:00
Raphaël Tournoy 1dfdae6de4 fix typo 2016-06-03 17:18:14 +02:00
Xinchen Hui 05d53dee7d Fixed bug #71972 (Cyclic references causing session_start(): Failed to decode session object) 2016-04-15 21:08:51 -07:00
Yasuo Ohgaki 6467a4eb36 Fixed Bug #71974 Trans sid will always be send, even if cookies are available 2016-04-07 10:26:05 +09:00
Yasuo Ohgaki 50fca7a02a Fixed Bug #71683 Null pointer dereference in zend_hash_str_find_bucket 2016-03-12 08:15:47 +09:00
Nikita Popov 1ac152938c Move semicolon into TSRMLS_CACHE_EXTERN/DEFINE 
Also re bug #71575.
 2016-03-03 16:50:01 +01:00
Nikita Popov a4e56194d7 Fix intermixed SKIPIF and XFAIL sections in test 2016-03-03 16:38:05 +01:00
Antony Dovgal 6f81e95c33 check length first, prevent out-of-bounds read 2016-02-03 14:49:16 +03:00
Anatol Belski b947aff98d yet one revert 2016-01-29 21:43:14 +01:00
Anatol Belski ac22f71477 Revert "adjust test for 7.0" 
This reverts commit 7fdb019e66.
 2016-01-29 21:27:22 +01:00
Anatol Belski 6891e6abdf Revert "refix #69111 and one related test" 
This reverts commit 80f7b01258.

Conflicts:
	ext/session/mod_files.c
 2016-01-29 20:59:58 +01:00
Anatol Belski 3d90531d1e Revert "fix yet another leak" 
This reverts commit 39084ccc68.
 2016-01-29 20:58:00 +01:00
Anatol Belski d1d3c0832e add XFAIL 2016-01-29 20:57:05 +01:00
Anatol Belski ebcfe7618d Revert "refix #69111 and one related test" 
This reverts commit 80f7b01258.
 2016-01-29 20:50:14 +01:00
Anatol Belski 7f977c13dc Revert "fix tests" 
This reverts commit d964ccba40.
 2016-01-29 20:49:52 +01:00
Anatol Belski 57d9797b6f Revert "fix leak in 7.0" 
This reverts commit ee49df011c.
 2016-01-29 20:46:47 +01:00
Anatol Belski b7dadfae87 add XFAIL 2016-01-29 20:36:11 +01:00
Anatol Belski 40b9f52c2c Revert "fix leak in 5.6" 
This reverts commit fa548e5ca9.
 2016-01-29 20:33:39 +01:00
Anatol Belski 80f7b01258 refix #69111 and one related test 
It is the least evil as the test just reduces the fail path. 5.6 seems
still broken in this regard, a backport should follow if travis is happy.
 2016-01-29 19:55:50 +01:00
Anatol Belski d964ccba40 fix tests 2016-01-29 16:32:27 +01:00
Anatol Belski 39084ccc68 fix yet another leak 2016-01-29 16:03:33 +01:00
Anatol Belski d2c752d7e9 fix wrong gc sequence 2016-01-29 15:18:59 +01:00
Anatol Belski ee49df011c fix leak in 7.0 2016-01-29 14:48:05 +01:00
Anatol Belski fa548e5ca9 fix leak in 5.6 2016-01-29 13:56:11 +01:00
Anatol Belski d9eea2c209 revert the API string as well 2016-01-29 12:52:41 +01:00
Anatol Belski 7fdb019e66 adjust test for 7.0 2016-01-29 12:29:41 +01:00
Anatol Belski a068047f62 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  add test for bug #69111
 2016-01-29 12:29:05 +01:00
Anatol Belski 4b0feeb8fa add test for bug #69111 2016-01-29 12:27:35 +01:00
Anatol Belski 25108babdb refix bug #69111, crash in 5.6 only 2016-01-29 11:24:19 +01:00
Anatol Belski b858224b88 reset ext/session to the state of 7.0.2 2016-01-29 08:37:27 +01:00
Anatol Belski ae6e139c77 reset the ext/session to the state of 5.6.17 2016-01-29 08:33:09 +01:00
Yasuo Ohgaki d7fc3be99e Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Use SUCCESS/FAILURE
 2016-01-18 13:35:01 +09:00
Yasuo Ohgaki ee1dd4949a Use SUCCESS/FAILURE 2016-01-18 13:33:47 +09:00
Yasuo Ohgaki 3b2d98a625 Fixed bug #71394 (session_regenerate_id() must close opened session on errors) 2016-01-17 17:11:47 +09:00
Yasuo Ohgaki 00eaaca18a Remove unnecessary warning by warning reorder. 2016-01-17 17:08:44 +09:00
Yasuo Ohgaki 9f2240963f Add test for Bug #70133 (Extended SessionHandler::read is ignoring $session_id when calling parent) 2016-01-16 05:29:19 +09:00
Anatol Belski 93db2dac48 PS(id) is zend_string *, use appropriate API 2016-01-15 15:47:09 +01:00
Yasuo Ohgaki 34ff7bbeb1 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fixed bug #69111 (Crash in SessionHandler::read()). Made session save handler abuse much harder than before.
 2016-01-15 16:24:22 +09:00
Yasuo Ohgaki bfb9307b2d Fixed bug #69111 (Crash in SessionHandler::read()). 
Made session save handler abuse much harder than before.
 2016-01-15 15:50:14 +09:00
Yasuo Ohgaki d7f8d9e3a9 Fix typo 2016-01-15 15:21:18 +09:00
Yasuo Ohgaki 31ae802736 Fix uninitialized read in rfc1867 handler reported by valgrind. Only in PHP 5.6. 
This commit fixes initialized read, but calling php_session_initialize() directly
is problematic because configuration could be invalid. Invalid config may result
in segfault. This will be addressed later.
 2016-01-15 15:18:00 +09:00
Yasuo Ohgaki 132d919c85 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Improved fix for bug #68063 (Empty session IDs do still start sessions).
 2016-01-15 10:19:01 +09:00
Yasuo Ohgaki 8c37a086c7 Improved fix for bug #68063 (Empty session IDs do still start sessions). 2016-01-15 09:45:08 +09:00