php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-30 03:33:17 +02:00
Code Issues Packages Projects Releases Wiki Activity
94,138 Commits 549 Branches 1,487 Tags
bef124513e04df99ebc098ceb59e20d49508c4d6
Commit Graph

1185 Commits

Author SHA1 Message Date
Yasuo Ohgaki c200e8e1a2 Merge branch 'PHP-7.0' 
* PHP-7.0:
  Fixed Bug #71038 session_start() returns TRUE on failure
 2016-01-12 19:53:14 +09:00
Yasuo Ohgaki 224aaf94af Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fixed Bug #71038 session_start() returns TRUE on failure
 2016-01-12 19:52:54 +09:00
Yasuo Ohgaki a15e9ccba8 Fixed Bug #71038 session_start() returns TRUE on failure 2016-01-12 19:09:49 +09:00
Lior Kaplan 3d5438bf7b Merge branch 'PHP-7.0' 
* PHP-7.0:
  Update header to PHP Version 7
  Happy new year (Update copyright to 2016)
  Happy new year (Update copyright to 2016)
 2016-01-01 20:04:31 +02:00
Lior Kaplan ed35de784f Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Happy new year (Update copyright to 2016)
 2016-01-01 19:48:25 +02:00
Lior Kaplan 49493a2dcf Happy new year (Update copyright to 2016) 2016-01-01 19:21:47 +02:00
Yasuo Ohgaki 0cf7143441 Add session module test 2015-12-20 11:39:57 +09:00
Yasuo Ohgaki 57be57ac94 Fix ZTS build 2015-12-16 11:10:39 +09:00
Yasuo Ohgaki 707e1c4710 Fixed test 2015-12-16 09:35:45 +09:00
Yasuo Ohgaki 714f28d8e4 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fixed bug #71122 Session GC may not remove obsolete session data
 2015-12-16 09:34:41 +09:00
Yasuo Ohgaki e8f1c29cc9 Fixed bug #71122 Session GC may not remove obsolete session data 2015-12-16 09:15:05 +09:00
Yasuo Ohgaki 8161230505 Fixed Bug #71122 Session GC may not remove obsolete session data 2015-12-15 10:27:28 +09:00
Yasuo Ohgaki 1e042ae4a7 Fix merge conflict 2015-12-15 10:30:16 +09:00
Anatol Belski 56e7903131 fix path separator in test 2015-12-09 11:18:25 +01:00
Yasuo Ohgaki a03786f773 Use distinguishable error messages. 2015-11-13 21:25:10 +09:00
Xinchen Hui de8bfb32bd Use defined macro 2015-11-07 07:43:18 -08:00
Xinchen Hui e9fd8ad446 Fixed bug #70876 (Segmentation fault when regenerating session id with strict mode) 2015-11-07 07:30:31 -08:00
Xinchen Hui 148bb622fa Revert "Fixed bug #70876 Segmentation fault when regenerating session id with strict mode" 
This reverts commit 0bf3ebb4ba.
 2015-11-07 07:17:43 -08:00
Reeze Xia 0bf3ebb4ba Fixed bug #70876 Segmentation fault when regenerating session id with strict mode 
The comment *mod_data always be non-NULL is not true.
The same as this FIXME: https://github.com/php/php-src/blob/master/ext/session/mod_files.c#L676
 2015-11-07 21:46:21 +08:00
Anatol Belski bfd2637068 fix test 2015-09-29 13:04:06 +02:00
Yasuo Ohgaki 2f7cc862d7 Fixed bug #70529 Session read causes "String is not zero-terminated" error 2015-09-19 11:26:14 +09:00
Xinchen Hui d42d0460f8 RETURN_FALSE 2015-09-18 16:33:33 +08:00
Matteo Beccati cc875d1a25 Skip session_regenerate_id_cookie.phpt when there's no cgi 2015-09-18 07:51:46 +02:00
Yasuo Ohgaki e341eb94cb Add test for #70516 session_regenerate_id() does not send session ID cookie 2015-09-17 05:36:47 +09:00
Remi Collet 286b157a5f fix regressio introduce in 22e23e7cb8 2015-09-16 14:32:05 +02:00
Xinchen Hui 066c05e51f Suppressed warning about this function is not used 2015-09-15 08:54:14 -07:00
Yasuo Ohgaki 3bf9bd5e92 Fix typo in comment. 2015-09-08 18:52:31 +09:00
Yasuo Ohgaki f4c9deb452 Add URL rewrite issue note. 2015-09-08 18:50:40 +09:00
Yasuo Ohgaki ab0e347f26 Add more test cases 2015-09-08 18:44:23 +09:00
Yasuo Ohgaki aa352a34fd Make sure closing save handler. 2015-09-07 04:55:08 +09:00
Yasuo Ohgaki f34b858ed0 Fix #70013: Reference to $_SESSION is lost after a call to session_regenerate_id() 2015-09-07 03:57:03 +09:00
Anatol Belski ebb6f5eae6 fix dir separators in test 2015-09-02 17:26:35 +02:00
Anatol Belski 2d72a17ab9 use correct api 2015-09-02 17:25:00 +02:00
Anatol Belski 45a72785b5 fix leak 2015-09-02 17:20:24 +02:00
Stanislav Malyshev 6640aded24 fix memory leak 2015-09-02 01:21:47 -07:00
Stanislav Malyshev 9b1a224d4e Merge branch 'PHP-5.6' 
* PHP-5.6: (21 commits)
  fix unit tests
  update NEWS
  add NEWS for fixes
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix bug ##70284 (Use after free vulnerability in unserialize() with GMP)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  ...

Conflicts:
	ext/exif/exif.c
	ext/gmp/gmp.c
	ext/pcre/php_pcre.c
	ext/session/session.c
	ext/session/tests/session_decode_variation3.phpt
	ext/soap/soap.c
	ext/spl/spl_observer.c
	ext/standard/var.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	ext/xsl/xsltprocessor.c
 2015-09-02 00:37:20 -07:00
Stanislav Malyshev a6c063d663 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  More fixes for bug #70219
 2015-09-01 12:51:48 -07:00
Stanislav Malyshev c19d59c550 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  update NEWS
  add NEWS for fixes
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  5.4.45 next

Conflicts:
	ext/pcre/php_pcre.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	ext/zip/php_zip.c
 2015-09-01 12:06:41 -07:00
Stanislav Malyshev 33d3acaae7 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  5.4.45 next

Conflicts:
	configure.in
	ext/pcre/php_pcre.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	main/php_version.h
 2015-09-01 11:42:19 -07:00
Stanislav Malyshev fc8eff897b More fixes for bug #70219 2015-08-28 21:50:21 -07:00
Stanislav Malyshev 24dda816d0 Merge branch 'PHP-5.4.45' into PHP-5.5.29 
* PHP-5.4.45:
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  5.4.45 next

Conflicts:
	configure.in
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	main/php_version.h
 2015-08-25 23:08:49 -07:00
Stanislav Malyshev df4bf28f9f Fix bug #70219 (Use after free vulnerability in session deserializer) 2015-08-23 19:56:12 -07:00
Anatol Belski 6065b29fe4 Reverted ad4533fdba 
The E_ERROR to E_RECOVERABLE_ERROR should be readded with the
proper tests.
 2015-07-21 11:18:36 +02:00
Yasuo Ohgaki ad4533fdba Change E_ERROR and some E_WARNING to E_RECOVERABLE_ERROR. 2015-07-21 12:59:23 +09:00
Dmitry Stogov 4a2e40bb86 Use ZSTR_ API to access zend_string elements (this is just renaming without semantick changes). 2015-06-30 04:05:24 +03:00
Dmitry Stogov 4bd22cf1c1 Improved zend_string API (Francois Laupretre) 
Squashed commit of the following:

commit d96eab8d79
Author: Francois Laupretre <francois@tekwire.net>
Date:   Fri Jun 26 01:23:31 2015 +0200

    Use the new 'ZSTR' macros in the rest of the code.

    Does not change anything to the generated code (thanks to compat macros) but cleaner.

commit b352643910
Author: Francois Laupretre <francois@tekwire.net>
Date:   Thu Jun 25 13:45:06 2015 +0200

    Improve zend_string API

    Add missing methods
 2015-06-29 16:44:54 +03:00
Bob Weinand b477aa1fad Fix bug #69952 (Dereferencing issue in session_start()) 2015-06-28 16:30:58 +02:00
Aaron Piotrowski 110e0a5a2c Merge branch 'master' into throwable-interface 
# Conflicts:
#	Zend/zend_language_scanner.c
#	Zend/zend_language_scanner.l
#	ext/simplexml/tests/SimpleXMLElement_xpath.phpt
 2015-06-14 18:53:11 -05:00
Dmitry Stogov 1c754f0b71 Get rid of more ZVAL_ZVAL() macros 2015-06-12 13:33:14 +03:00
Aaron Piotrowski e97d5fab35 Update exception names in tests after formatting changes. 2015-05-17 17:31:43 -05:00