php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-27 01:48:26 +02:00
Code Issues Packages Projects Releases Wiki Activity
143,645 Commits 549 Branches 1,485 Tags
c24d51e59cd59dfd73c0c7bf9a1c19100e18c360
Commit Graph

17696 Commits

Author SHA1 Message Date
Ilija Tovilo e66e9059df Merge branch 'PHP-8.4' into PHP-8.5 
* PHP-8.4:
  Fix dumping function signature with dynamic class const lookup default argument
 2025-12-08 16:19:53 +01:00
Ilija Tovilo 61eca669d9 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix dumping function signature with dynamic class const lookup default argument
 2025-12-08 16:19:35 +01:00
Ilija Tovilo 26c0cbd93c Fix dumping function signature with dynamic class const lookup default argument 
Fixes OSS-Fuzz #465488618
Closes GH-20651
 2025-12-08 16:19:06 +01:00
David Carlier 83b36de67d Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-20620: bzcompress() overflow on large source size.
 2025-12-05 22:31:14 +00:00
David Carlier 1f1147a666 Fix GH-20620: bzcompress() overflow on large source size. 
close GH-20621
 2025-12-05 22:30:51 +00:00
David Carlier 2c2852ae8e Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-20622: imagestring/imagestringup overflow/underflow.
 2025-12-04 23:14:01 +00:00
David Carlier 9f654decdc Fix GH-20622: imagestring/imagestringup overflow/underflow. 
close GH-20623
 2025-12-04 23:13:29 +00:00
Alexandre Daubois d74085bf8c Merge branch 'PHP-8.4' into PHP-8.5 
* PHP-8.4:
  Fix GH-20370: forbid user stream filters to violate typed property constraints (#20373)
 2025-12-04 09:11:52 +01:00
Alexandre Daubois 175548e868 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-20370: forbid user stream filters to violate typed property constraints (#20373)
 2025-12-04 09:11:09 +01:00
Alexandre Daubois 77f2d12849 Fix GH-20370: forbid user stream filters to violate typed property constraints (#20373) 2025-12-04 09:09:30 +01:00
Oblivionsage 6a0da6dc2e Fix GH-20631: Integer underflow in exif HEIF parsing 
When pos.size is less than 2, the subtraction pos.size - 2 causes
an unsigned integer underflow, resulting in a ~4GB allocation attempt.

Add minimum size check (pos.size >= 2) to prevent the underflow.

Closes GH-20630.
 2025-12-03 22:30:12 +01:00
Saki Takamachi 2ec8c29fda PHP-8.4 is now for PHP 8.4.17-dev 2025-12-03 14:52:20 +09:00
Eric Mann e10f6d702f PHP-8.3 is now for PHP 8.3.30-dev 2025-12-02 09:05:38 -08:00
Volker Dusch d8fbe40efb PHP-8.5 is now for PHP 8.5.2-dev 2025-12-02 12:14:28 +01:00
Daniel Scherzer aa795a6aa3 Merge branch 'PHP-8.4' into PHP-8.5 
* PHP-8.4:
  Fix GH-20426: fix Spoofchecker::setRestrictionLevel() error (#20427)
 2025-12-01 13:40:23 -08:00
Daniel Scherzer 355d296baa Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-20426: fix Spoofchecker::setRestrictionLevel() error (#20427)
 2025-12-01 13:39:38 -08:00
Daniel Scherzer c343ede18d Fix GH-20426: fix Spoofchecker::setRestrictionLevel() error (#20427) 2025-12-01 13:37:49 -08:00
Niels Dossche 6afe2cef78 Merge branch 'PHP-8.4' into PHP-8.5 
* PHP-8.4:
  Fix GH-20614: SplFixedArray incorrectly handles references in deserialization
 2025-11-30 10:43:27 +01:00
Niels Dossche 9734ba4d21 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-20614: SplFixedArray incorrectly handles references in deserialization
 2025-11-30 10:42:19 +01:00
Niels Dossche 366ed4c750 Fix GH-20614: SplFixedArray incorrectly handles references in deserialization 
All other code caters to dereferencing array elements, except the
unserialize handler. This causes references to be present in the fixed
array even though this seems not intentional as reference assign is
otherwise impossible.
On 8.5+ this causes an assertion failure. On 8.3+ this causes references
to be present where they shouldn't be.

Closes GH-20616.
 2025-11-30 10:41:32 +01:00
David Carlier 1701589884 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-20601: ftp_connect() timeout argument overflow.
 2025-11-29 23:05:37 +00:00
David Carlier 4312a446d0 Fix GH-20601: ftp_connect() timeout argument overflow. 
close GH-20603
 2025-11-29 23:05:14 +00:00
David Carlier 6d5490861f Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-20602: imagescale() overflow with large height values.
 2025-11-29 13:31:38 +00:00
David Carlier c8e13af455 Fix GH-20602: imagescale() overflow with large height values. 
close GH-20605
 2025-11-29 13:30:49 +00:00
Niels Dossche 1279bc60e7 Merge branch 'PHP-8.4' into PHP-8.5 
* PHP-8.4:
  Fix GH-20584: Information Leak of Memory
  Fix GH-20583: Stack overflow in http_build_query via deep structures
 2025-11-28 18:39:50 +01:00
Niels Dossche 159a75c93c Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-20584: Information Leak of Memory
  Fix GH-20583: Stack overflow in http_build_query via deep structures
 2025-11-28 18:39:27 +01:00
Niels Dossche 8fe7930533 Fix GH-20584: Information Leak of Memory 
The string added had uninitialized memory due to
php_read_stream_all_chunks() not moving the buffer position, resulting
in the same data always being overwritten instead of new data being
added to the end of the buffer.

Closes GH-20592.
 2025-11-28 18:38:48 +01:00
Niels Dossche 292a7f73ba Fix GH-20583: Stack overflow in http_build_query via deep structures 
Closes GH-20590.
 2025-11-28 18:38:18 +01:00
Niels Dossche d13b5ebc08 Merge branch 'PHP-8.4' into PHP-8.5 
* PHP-8.4:
  Fix GH-20286: use-after-destroy during userland stream_close()
 2025-11-23 17:52:42 +01:00
Niels Dossche eb733a3127 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-20286: use-after-destroy during userland stream_close()
 2025-11-23 17:51:35 +01:00
Niels Dossche 27f17c3322 Fix GH-20286: use-after-destroy during userland stream_close() 
Closes GH-20493.

Co-authored-by: David Carlier <devnexen@gmail.com>
 2025-11-23 17:46:28 +01:00
David Carlier 1787765696 Fix GH-20546: Zend preserve_none attribute config check on macOs issue. 
This attribute fails on macOs due to the inline assembly test.
Due to an old Darwin C ABI convention, symbols are prefixed with an
underscore so we need to take in account also for x86_64.

close GH-20559
 2025-11-22 23:10:08 +00:00
David Carlier 30cb1998ae Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-20551: imagegammacorrect out of range gamma value.
 2025-11-22 22:22:50 +00:00
David Carlier f88d247ce2 Fix GH-20551: imagegammacorrect out of range gamma value. 
close GH-20552
 2025-11-22 22:22:27 +00:00
Remi Collet e2219488ba NEWS 2025-11-21 09:21:03 +01:00
Remi Collet 74c4510da9 NEWS 2025-11-21 09:20:22 +01:00
Remi Collet 769f319867 NEWS 2025-11-21 09:19:38 +01:00
Niels Dossche 10ac41f158 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-20492: mbstring compile warning due to non-strings
  Fix GH-20491: SLES15 compile error with mbstring oniguruma
 2025-11-20 19:23:36 +01:00
Niels Dossche 159ef1401c Fix GH-20492: mbstring compile warning due to non-strings 
This is a partial backport of ea69276f, but without changing public
headers as that's not allowed at this point.

Closes GH-20494.
 2025-11-20 19:17:55 +01:00
Niels Dossche a1912e3cdd Fix GH-20491: SLES15 compile error with mbstring oniguruma 
The issue is specific to SLES15.
Arguably this should be reported to them as it seems to me they meddled
with the oniguruma source code.

The definition in oniguruma.h on that platform looks like this (same as upstream):
```c
ONIG_EXTERN
int onig_error_code_to_str PV_((OnigUChar* s, int err_code, ...));
```

Where `PV_` is defined as (differs):
```c
#ifndef PV_
#ifdef HAVE_STDARG_PROTOTYPES
# define PV_(args) args
#else
# define PV_(args) ()
#endif
#endif
```

So that means that `HAVE_STDARG_PROTOTYPES` is unset.
This can be set if we define `HAVE_STDARG_H`,
which we can do because PHP requires at least C99 in which the header
is always available.
We could also use an autoconf check, but this isn't really necessary as
it will always succeed.
 2025-11-20 19:17:17 +01:00
Máté Kocsis 9743977f92 Fix GH-20366 ext/uri: Do not throw ValueError on null-byte (#20489) 2025-11-19 20:41:27 +01:00
Niels Dossche a21783c73c Merge branch 'PHP-8.4' into PHP-8.5 
* PHP-8.4:
  zip: Don't truncate return value of zip_fread() with user sizes
 2025-11-18 20:31:31 +01:00
Niels Dossche 4eacb6de83 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  zip: Don't truncate return value of zip_fread() with user sizes
 2025-11-18 20:31:15 +01:00
Niels Dossche 2f05830a5f zip: Don't truncate return value of zip_fread() with user sizes 
The return type has been zip_int64_t since 2009, so we shouldn't
truncate to an int because the user may have requested a size that won't
fit in an int.

Closes GH-20509.
 2025-11-18 20:30:42 +01:00
Niels Dossche 39dc317f1f Merge branch 'PHP-8.4' into PHP-8.5 
* PHP-8.4:
  libxml: Fix some deprecations regarding input buffer/parser handling
 2025-11-18 18:54:03 +01:00
Niels Dossche 4401b03aa9 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  libxml: Fix some deprecations regarding input buffer/parser handling
 2025-11-18 18:53:44 +01:00
Niels Dossche 6054a900ff libxml: Fix some deprecations regarding input buffer/parser handling 
Closes GH-20514.
 2025-11-18 18:53:17 +01:00
Tim Düsterhus 7610527d75 lexbor: Cherry pick "URL: fixed "use-after-poison" for an empty path entry." 
see lexbor/lexbor@9259b169e3

Fixes php/php-src#20502
Fixes php/php-src#20521
 2025-11-18 17:32:07 +01:00
Volker Dusch 1ff90c4b1e [ci skip] Consolidate NEWS for PHP 8.5.0 2025-11-18 00:28:47 +01:00
Tim Düsterhus 8e6d375966 lexbor: Cherry pick "URL: the cloning function does not copy the type for IPv4 and IPv6." 
see lexbor/lexbor@dcfcd645c6

Fixes php/php-src#20501
 2025-11-17 19:29:23 +01:00