php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-21 15:08:16 +02:00
Code Issues Packages Projects Releases Wiki Activity
82,613 Commits 547 Branches 1,483 Tags
c19d59c550053ffa797fce59aadf7bc79727390c
Commit Graph

1562 Commits

Author SHA1 Message Date
Stanislav Malyshev ed709d5aa0 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  update NEWS
  fix test
  update NEWS
  Fix bug #70019 - limit extracted files to given directory
  Do not do convert_to_* on unserialize, it messes up references
  Fix #69793 - limit what we accept when unserializing exception
  Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList)
  Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject
  ignore signatures for packages too
  Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage
  Fixed bug #69892
  Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes
  Improved fix for Bug #69441
  Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items)
  Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref)
  Fix bug #70081: check types for SOAP variables

Conflicts:
	ext/soap/php_http.c
	ext/spl/spl_observer.c
 2015-08-04 15:29:13 -07:00
Stanislav Malyshev 69ed3969dd Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix bug #70019 - limit extracted files to given directory
  Do not do convert_to_* on unserialize, it messes up references
  Fix #69793 - limit what we accept when unserializing exception
  Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList)
  Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject
  ignore signatures for packages too
  Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage
  Fixed bug #69892
  Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes
  Improved fix for Bug #69441
  Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items)
  Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref)
  Fix bug #70081: check types for SOAP variables

Conflicts:
	.gitignore
	ext/date/php_date.c
	ext/spl/spl_array.c
	ext/spl/spl_observer.c
 2015-08-04 14:10:57 -07:00
Stanislav Malyshev 51f9a00b47 Merge branch 'PHP-5.4' into PHP-5.4.44 
* PHP-5.4:
  Fixed bug #69892
  Adjust Git-Rules
 2015-08-04 14:04:24 -07:00
Nikita Popov 7fc04937f5 Fixed bug #69892 2015-08-01 20:47:43 -07:00
Stanislav Malyshev e488690d95 Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref) 2015-07-26 17:10:24 -07:00
Bob Weinand 37e03f6b32 Fix test; this should properly emit a fatal error, just as every other by-ref assignment to an overloaded object 2015-07-16 09:29:43 +02:00
Xinchen Hui ca30d5bf39 Fixed bug #70012 (Exception lost with nested finally block) 2015-07-08 17:14:19 +08:00
Julien Pauli c22da81b71 Fixed double ZEND_TICKS opcode generation for declare() 2015-07-07 14:56:05 +02:00
Nikita Popov e09d3155a1 Merge branch 'PHP-5.5' into PHP-5.6 2015-06-20 16:40:53 +02:00
Nikita Popov 5fe078abba Fixed bug #69892 2015-06-20 16:40:14 +02:00
Nikita Popov 8405265578 Fix bug #69740 2015-06-11 17:40:10 +02:00
Anatol Belski ca467d5117 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  updated NEWS
  fixed bug, where a linebreak immediately after an opening quote of a value caused a segfault
  made failing test more meaningful
  added failing test
 2015-06-10 10:43:23 +02:00
Christoph M. Becker 2ba9681e8e made failing test more meaningful 2015-06-10 10:39:36 +02:00
Christoph M. Becker 616b932ab0 added failing test 2015-06-10 10:39:35 +02:00
Dmitry Stogov f863d89b5c Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed bug #69732 (can induce segmentation fault with basic php code).

Conflicts:
	Zend/zend_vm_execute.h
 2015-06-01 12:17:32 +03:00
Dmitry Stogov 9031a902e3 Fixed bug #69732 (can induce segmentation fault with basic php code). 2015-06-01 11:40:14 +03:00
Nikita Popov e7d0ca39e5 Preserve VARIADIC flag for Closure::__invoke() 
The 13 arguments are for the benefit of PHP 7, where the first
twelve use the bitmask.
 2015-05-29 11:07:23 +02:00
Nikita Popov e1cb22a23e Fix bug #69599 2015-05-12 15:08:12 +02:00
Xinchen Hui 9d9ba493a2 Merge branch 'PHP-5.5' into PHP-5.6 2015-04-21 22:37:00 +08:00
Xinchen Hui c667c26f61 Fixed Bug #69467 (Wrong checked for the interface by using Trait) 2015-04-21 22:36:32 +08:00
Nikita Popov ed7e6d4758 Merge branch 'PHP-5.5' into PHP-5.6 2015-04-14 16:36:36 +02:00
Nikita Popov 95650d0942 Fixed bug #69419 2015-04-14 16:35:23 +02:00
Dmitry Stogov e8fb5201ba Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Bug #63336 is not a bug
 2015-04-14 17:16:57 +03:00
Dmitry Stogov dc024f0bdc Bug #63336 is not a bug 2015-04-14 17:15:50 +03:00
Xinchen Hui fa0608077b Merge branch 'PHP-5.5' into PHP-5.6 2015-04-10 22:48:36 +08:00
Xinchen Hui 429f411eb3 Fixed bug #69420 (Invalid read in zend_std_get_method) 2015-04-10 22:47:06 +08:00
Dmitry Stogov 1f5f78d4aa Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed bug #67314 (Segmentation fault in gc_remove_zval_from_buffer)
  Fixed bug #67314 (Segmentation fault in gc_remove_zval_from_buffer)
 2015-04-08 21:24:24 +03:00
Dmitry Stogov 174b9ee634 Fixed bug #67314 (Segmentation fault in gc_remove_zval_from_buffer) 2015-04-08 21:20:35 +03:00
Nikita Popov 7e9a1c1e3f Merge branch 'PHP-5.5' into PHP-5.6 
Conflicts:
	Zend/zend_compile.c
	Zend/zend_compile.h
 2015-04-06 22:06:48 +02:00
Nikita Popov cc70a46525 Fix bug #60022 2015-04-06 22:03:04 +02:00
Dmitry Stogov 812106d0c6 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed bug #68652 (segmentation fault in destructor)

Conflicts:
	NEWS
 2015-04-06 18:16:08 +03:00
Dmitry Stogov 21bb33cc72 Fixed bug #68652 (segmentation fault in destructor) 2015-04-06 18:11:41 +03:00
Ferenc Kovacs 978128b446 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fix typo: unitialized -> uninitialized
 2015-04-01 18:05:57 +02:00
Lior Kaplan 87cc7caa10 Fix typo: unitialized -> uninitialized 2015-04-01 18:19:09 +03:00
Nikita Popov 4b930e156f Merge branch 'PHP-5.5' into PHP-5.6 2015-03-13 16:25:21 +01:00
Nikita Popov a9d73f0646 Fixed bug #69221 
A generator iterator can be created from different zvals - use
the object handle to manage references instead.
 2015-03-13 16:23:53 +01:00
Xinchen Hui d4f727d0f8 Merge branch 'PHP-5.5' into PHP-5.6 2015-03-11 08:20:03 +08:00
Xinchen Hui 675606f1a6 Improve test script for #69212 2015-03-11 08:19:34 +08:00
Nikita Popov 49bd45a2c1 Merge branch 'PHP-5.5' into PHP-5.6 2015-03-10 18:19:27 +01:00
Nikita Popov bc9f2fb8df Fixed bug #69212 2015-03-10 18:17:56 +01:00
Xinchen Hui b5589d3fb4 Merge branch 'PHP-5.5' into PHP-5.6 2015-03-10 17:06:05 +08:00
Xinchen Hui 6f4af2da29 Fixed test 2015-03-10 17:05:47 +08:00
Xinchen Hui abb09693ac Merge branch 'PHP-5.5' into PHP-5.6 2015-03-10 15:37:14 +08:00
Xinchen Hui 6a6c273893 Fixed bug #66609 (php crashes with __get() and ++ operator in some cases) 2015-03-10 15:36:42 +08:00
Stanislav Malyshev b0d1e23646 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Add missing value for error_reporting directive
 2015-03-08 17:05:51 -07:00
Stanislav Malyshev d7931f8f66 Merge branch 'pull-request/1130' into PHP-5.5 
* pull-request/1130:
  Add missing value for error_reporting directive
 2015-03-08 17:05:37 -07:00
Xinchen Hui 168be6f250 Merge branch 'PHP-5.5' into PHP-5.6 2015-03-05 18:40:06 +08:00
Xinchen Hui f039225597 Fixed bug #69174 (leaks when unused inner class use traits precedence) 2015-03-05 18:39:50 +08:00
Lior Kaplan 1a35c959a9 Add missing value for error_reporting directive 2015-03-01 15:16:53 +02:00
Xinchen Hui 3ae88e023c Merge branch 'PHP-5.5' into PHP-5.6 2015-02-12 11:28:30 +08:00