php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-23 16:08:35 +02:00
Code Issues Packages Projects Releases Wiki Activity
93,638 Commits 549 Branches 1,485 Tags
afedd4fd59afa73ebebb46caf6ddfa8aa338bea6
Commit Graph

314 Commits

Author SHA1 Message Date
Anatol Belski b947aff98d yet one revert 2016-01-29 21:43:14 +01:00
Anatol Belski ac22f71477 Revert "adjust test for 7.0" 
This reverts commit 7fdb019e66.
 2016-01-29 21:27:22 +01:00
Anatol Belski d1d3c0832e add XFAIL 2016-01-29 20:57:05 +01:00
Anatol Belski ebcfe7618d Revert "refix #69111 and one related test" 
This reverts commit 80f7b01258.
 2016-01-29 20:50:14 +01:00
Anatol Belski 7f977c13dc Revert "fix tests" 
This reverts commit d964ccba40.
 2016-01-29 20:49:52 +01:00
Anatol Belski 80f7b01258 refix #69111 and one related test 
It is the least evil as the test just reduces the fail path. 5.6 seems
still broken in this regard, a backport should follow if travis is happy.
 2016-01-29 19:55:50 +01:00
Anatol Belski d964ccba40 fix tests 2016-01-29 16:32:27 +01:00
Anatol Belski 7fdb019e66 adjust test for 7.0 2016-01-29 12:29:41 +01:00
Anatol Belski a068047f62 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  add test for bug #69111
 2016-01-29 12:29:05 +01:00
Anatol Belski 4b0feeb8fa add test for bug #69111 2016-01-29 12:27:35 +01:00
Anatol Belski b858224b88 reset ext/session to the state of 7.0.2 2016-01-29 08:37:27 +01:00
Anatol Belski ae6e139c77 reset the ext/session to the state of 5.6.17 2016-01-29 08:33:09 +01:00
Yasuo Ohgaki 9f2240963f Add test for Bug #70133 (Extended SessionHandler::read is ignoring $session_id when calling parent) 2016-01-16 05:29:19 +09:00
Yasuo Ohgaki 34ff7bbeb1 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fixed bug #69111 (Crash in SessionHandler::read()). Made session save handler abuse much harder than before.
 2016-01-15 16:24:22 +09:00
Yasuo Ohgaki bfb9307b2d Fixed bug #69111 (Crash in SessionHandler::read()). 
Made session save handler abuse much harder than before.
 2016-01-15 15:50:14 +09:00
Yasuo Ohgaki 132d919c85 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Improved fix for bug #68063 (Empty session IDs do still start sessions).
 2016-01-15 10:19:01 +09:00
Yasuo Ohgaki 8c37a086c7 Improved fix for bug #68063 (Empty session IDs do still start sessions). 2016-01-15 09:45:08 +09:00
Yasuo Ohgaki 224aaf94af Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fixed Bug #71038 session_start() returns TRUE on failure
 2016-01-12 19:52:54 +09:00
Yasuo Ohgaki a15e9ccba8 Fixed Bug #71038 session_start() returns TRUE on failure 2016-01-12 19:09:49 +09:00
Yasuo Ohgaki 707e1c4710 Fixed test 2015-12-16 09:35:45 +09:00
Yasuo Ohgaki 714f28d8e4 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fixed bug #71122 Session GC may not remove obsolete session data
 2015-12-16 09:34:41 +09:00
Yasuo Ohgaki e8f1c29cc9 Fixed bug #71122 Session GC may not remove obsolete session data 2015-12-16 09:15:05 +09:00
Anatol Belski 56e7903131 fix path separator in test 2015-12-09 11:18:25 +01:00
Xinchen Hui e9fd8ad446 Fixed bug #70876 (Segmentation fault when regenerating session id with strict mode) 2015-11-07 07:30:31 -08:00
Xinchen Hui 148bb622fa Revert "Fixed bug #70876 Segmentation fault when regenerating session id with strict mode" 
This reverts commit 0bf3ebb4ba.
 2015-11-07 07:17:43 -08:00
Reeze Xia 0bf3ebb4ba Fixed bug #70876 Segmentation fault when regenerating session id with strict mode 
The comment *mod_data always be non-NULL is not true.
The same as this FIXME: https://github.com/php/php-src/blob/master/ext/session/mod_files.c#L676
 2015-11-07 21:46:21 +08:00
Anatol Belski bfd2637068 fix test 2015-09-29 13:04:06 +02:00
Matteo Beccati cc875d1a25 Skip session_regenerate_id_cookie.phpt when there's no cgi 2015-09-18 07:51:46 +02:00
Yasuo Ohgaki e341eb94cb Add test for #70516 session_regenerate_id() does not send session ID cookie 2015-09-17 05:36:47 +09:00
Yasuo Ohgaki ab0e347f26 Add more test cases 2015-09-08 18:44:23 +09:00
Yasuo Ohgaki f34b858ed0 Fix #70013: Reference to $_SESSION is lost after a call to session_regenerate_id() 2015-09-07 03:57:03 +09:00
Anatol Belski ebb6f5eae6 fix dir separators in test 2015-09-02 17:26:35 +02:00
Stanislav Malyshev 9b1a224d4e Merge branch 'PHP-5.6' 
* PHP-5.6: (21 commits)
  fix unit tests
  update NEWS
  add NEWS for fixes
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix bug ##70284 (Use after free vulnerability in unserialize() with GMP)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  ...

Conflicts:
	ext/exif/exif.c
	ext/gmp/gmp.c
	ext/pcre/php_pcre.c
	ext/session/session.c
	ext/session/tests/session_decode_variation3.phpt
	ext/soap/soap.c
	ext/spl/spl_observer.c
	ext/standard/var.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	ext/xsl/xsltprocessor.c
 2015-09-02 00:37:20 -07:00
Stanislav Malyshev c19d59c550 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  update NEWS
  add NEWS for fixes
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  5.4.45 next

Conflicts:
	ext/pcre/php_pcre.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	ext/zip/php_zip.c
 2015-09-01 12:06:41 -07:00
Stanislav Malyshev 33d3acaae7 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  5.4.45 next

Conflicts:
	configure.in
	ext/pcre/php_pcre.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	main/php_version.h
 2015-09-01 11:42:19 -07:00
Stanislav Malyshev df4bf28f9f Fix bug #70219 (Use after free vulnerability in session deserializer) 2015-08-23 19:56:12 -07:00
Anatol Belski 6065b29fe4 Reverted ad4533fdba 
The E_ERROR to E_RECOVERABLE_ERROR should be readded with the
proper tests.
 2015-07-21 11:18:36 +02:00
Yasuo Ohgaki ad4533fdba Change E_ERROR and some E_WARNING to E_RECOVERABLE_ERROR. 2015-07-21 12:59:23 +09:00
Aaron Piotrowski e97d5fab35 Update exception names in tests after formatting changes. 2015-05-17 17:31:43 -05:00
Nikita Popov 3ae995f03c Tweak uncaught exception message display 
This implements a reduced variant of #1226 with just the following
change:

-Fatal error: Uncaught exception 'EngineException' with message 'Call to private method foo::bar() from context ''' in %s:%d
+Fatal error: Uncaught EngineException: Call to private method foo::bar() from context '' in %s:%d

The '' wrapper around messages is very weird if the exception
message itself contains ''. Futhermore having the message wrapped
in '' doesn't work for the "and defined" suffix of
TypeExceptions.
 2015-05-17 18:47:06 +02:00
Nikita Popov c9f27ee422 Display EngineExceptions like ordinary exceptions 
TypeException stays as-is for now because it uses messages that are
incompatible with the way exception messages are displayed.

closure_038.phpt and a few others now show that we're generating
too many exceptions for compound operations on undefined properties
-- this needs to be fixed in a followup.
 2015-05-15 23:40:32 +02:00
Nikita Popov 8d00385871 Reclassify E_STRICT notices 
Per RFC https://wiki.php.net/rfc/reclassify_e_strict

While reviewing this, found that there are still three E_STRICTs
left in libraries - need to discuss those.
 2015-04-01 11:17:55 +02:00
Nikita Popov 6ef9216269 Finish PHP 4 constructor deprecation 2015-03-31 17:55:27 +02:00
Andrea Faulds db76b708cf Deprecate PHP 4 constructors 2015-03-31 17:55:27 +02:00
Anatol Belski b680ccb2b0 the test shouldn't fail when unlink failed 2015-03-13 17:33:47 +01:00
Dmitry Stogov 1c94ff0595 Implement engine exceptions 
RFC: https://wiki.php.net/rfc/engine_exceptions_for_php7

Pending changes regarding naming of BaseException and whether it
should be an interface.
 2015-03-09 14:01:32 +01:00
Anatol Belski 2895912756 fix dir separator in test 2015-02-11 15:10:48 +01:00
Yasuo Ohgaki 5afe554d32 Merge branch 'PHP-5.6' 
* PHP-5.6:
  Fixed bug #68063 Empty session IDs do still start sessions

Conflicts:
	ext/session/session.c
	ext/session/tests/bug61470.phpt
 2015-02-03 13:49:14 +09:00
Yasuo Ohgaki 2983ef3c48 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed bug #68063 Empty session IDs do still start sessions
 2015-02-03 13:41:31 +09:00
Yasuo Ohgaki 853ae39d6e Fixed bug #68063 Empty session IDs do still start sessions 2015-02-03 13:38:49 +09:00