archived-php-src

mirror of https://github.com/php/php-src.git synced 2026-04-17 21:11:02 +02:00

Author	SHA1	Message	Date
Stanislav Malyshev	d3aeb8a204	Merge branch 'PHP-5.4.40' into PHP-5.4 * PHP-5.4.40: update NEWS Fix bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode) fix memory leak & add test Fix tests fix CVE num Fix bug #69337 (php_stream_url_wrap_http_ex() type-confusion vulnerability) Fix test Additional fix for bug #69324 More fixes for bug #69152 Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions) Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar) Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER) Fix bug #68486 and bug #69218 (segfault in apache2handler with apache 2.4) Fix bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault)	2015-04-14 00:26:53 -07:00
Stanislav Malyshev	f59b67ae50	Fix bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode)	2015-04-14 00:03:50 -07:00
Remi Collet	ff70b40dc9	fix type in fix for #69085	2015-04-13 14:41:39 +02:00
Stanislav Malyshev	45facd15fb	fix memory leak & add test	2015-04-12 22:38:34 -07:00
Stanislav Malyshev	a643ccfb90	Fix tests	2015-04-12 20:55:35 -07:00
Stanislav Malyshev	d82d68742c	Fix bug #69337 (php_stream_url_wrap_http_ex() type-confusion vulnerability)	2015-04-12 01:30:33 -07:00
Stanislav Malyshev	1defbb25ed	Fix test	2015-04-12 00:56:02 -07:00
Stanislav Malyshev	12d3bdee3d	Additional fix for bug #69324 Not so happy about duplication but needed due to bug #69429	2015-04-11 16:53:22 -07:00
Stanislav Malyshev	a894a8155f	More fixes for bug #69152	2015-04-11 16:53:22 -07:00
Stanislav Malyshev	4435b9142f	Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions)	2015-04-11 16:53:22 -07:00
Stanislav Malyshev	9faaee66fa	Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar)	2015-04-11 16:53:21 -07:00
Stanislav Malyshev	0ea75af9be	Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER)	2015-04-11 16:53:21 -07:00
Stanislav Malyshev	f938112c49	Fix bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault)	2015-04-11 16:53:21 -07:00
Xinchen Hui	920a0afbf8	Fixed bug #68901 (use after free)	2015-04-11 16:28:07 -07:00
Xinchen Hui	9a404df382	Fixed bug #68740 (NULL Pointer Dereference) (cherry picked from commit `124fb22a13`)	2015-04-05 22:48:10 -07:00
Stanislav Malyshev	5ae20c6247	Fix bug #66550 (SQLite prepared statement use-after-free)	2015-04-05 22:36:26 -07:00
Remi Collet	bd31cb7563	Better fix for #68601 for perf `81e9a993f2`	2015-04-05 17:36:47 -07:00
Remi Collet	afbf725e73	Fix bug #68601 buffer read overflow in gd_gif_in.c	2015-04-05 17:33:52 -07:00
Dmitry Stogov	75f40ae1f3	Fixed bug #69293	2015-03-27 18:40:58 +03:00
Stanislav Malyshev	968fbc6acf	Bacport fix bug #68741 - Null pointer dereference	2015-03-22 18:30:05 -07:00
Stanislav Malyshev	fb83c76dee	Check that the type is correct	2015-03-22 18:17:47 -07:00
Dmitry Stogov	51856a76f8	Fixed bug #69152	2015-03-19 11:36:01 +03:00
Stanislav Malyshev	ef8fc4b53d	Fix bug #69253 - ZIP Integer Overflow leads to writing past heap boundary	2015-03-17 21:59:56 -07:00
Stanislav Malyshev	fb04dcf6db	Fix bug #69248 - heap overflow vulnerability in regcomp.c Merged from `70bc296560`	2015-03-17 17:04:57 -07:00
Stanislav Malyshev	8b14d3052f	add test for bug #68976	2015-03-17 17:03:46 -07:00
Stanislav Malyshev	646572d6d3	Fixed bug #68976 - Use After Free Vulnerability in unserialize()	2015-03-17 13:20:22 -07:00
Stanislav Malyshev	9ba4db5e5d	fix tests	2015-03-17 12:55:35 -07:00
Stanislav Malyshev	1291d6bbee	Fix bug #69207 - move_uploaded_file allows nulls in path	2015-03-17 12:47:58 -07:00
Dmitry Stogov	c8eaca013a	Added type checks	2015-03-03 10:43:48 +03:00
Dmitry Stogov	0c136a2abd	Added type checks	2015-03-03 09:44:46 +03:00
Dmitry Stogov	d5248f67b5	Check variable type before its usage as IS_ARRAY.	2015-03-02 12:27:36 +03:00
Stanislav Malyshev	bdfe457a2c	Port for for bug #68552	2015-02-17 06:53:02 +01:00
Stanislav Malyshev	7b18981830	Fix bug #68942 (Use after free vulnerability in unserialize() with DateTimeZone) Conflicts: ext/date/php_date.c	2015-02-17 06:43:51 +01:00
Felipe Pena	8f9ab04d93	- Fixed bug #67827 (broken detection of system crypt sha256/sha512 support)	2015-02-17 00:23:47 -02:00
Felipe Pena	e08bef442c	- Fixed bug #67427 (SoapServer cannot handle large messages) patch by: brandt at docoloc dot de	2015-02-16 13:07:26 -02:00
Yasuo Ohgaki	a8722f5330	Add NULL byte protection to exec, system and passthru	2015-02-14 05:25:04 +09:00
Stanislav Malyshev	f001c63073	Update header handling to RFC 7230	2015-02-05 20:08:12 -08:00
Stanislav Malyshev	7efbd70b03	fix sizeof size	2015-02-01 12:40:38 -08:00
Stanislav Malyshev	94d6cb4a78	fix TSRM	2015-01-31 23:34:14 -08:00
Stanislav Malyshev	b30a6d6018	Use better constant since MAXHOSTNAMELEN may mean shorter name	2015-01-31 21:46:56 -08:00
Stanislav Malyshev	0f9c708229	Add mitigation for CVE-2015-0235 (bug #68925 )	2015-01-31 19:08:13 -08:00
Stanislav Malyshev	e63f7b47e1	Merge branch 'bug68710' into PHP-5.4 * bug68710: Fix for bug #68710 (Use After Free Vulnerability in PHP's unserialize())	2015-01-20 01:02:26 -08:00
Stanislav Malyshev	fc6aa939f5	Merge branch 'bug68799' into PHP-5.4 * bug68799: Fix bug #68799: Free called on unitialized pointer	2015-01-20 01:00:11 -08:00
Daniel Lowrey	e2fe8e164f	Fixed bug #55618 (use case-insensitive cert name matching)	2015-01-14 18:02:50 +01:00
Stanislav Malyshev	2fc178cf44	Fix bug #68799 : Free called on unitialized pointer	2015-01-11 00:51:05 -08:00
Anatol Belski	ebb98e7aeb	updated libmagic.patch in 5.4	2015-01-04 17:04:13 +01:00
Anatol Belski	ede59c8feb	Fixed bug #68735 fileinfo out-of-bounds memory access	2015-01-04 14:20:21 +01:00
Remi Collet	919abf0cb1	removed dead code	2015-01-04 09:40:19 +01:00
Stanislav Malyshev	b585a3aed7	Fix for bug #68710 (Use After Free Vulnerability in PHP's unserialize())	2015-01-01 16:19:05 -08:00
Stanislav Malyshev	b75867fff0	add missing test file	2014-12-16 10:15:17 -08:00

1 2 3 4 5 ...

29862 Commits