php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-24 08:28:26 +02:00
Code Issues Packages Projects Releases Wiki Activity
92,134 Commits 549 Branches 1,485 Tags
dbbc0e4ced9a809cf72f2f7f3d5c60f44355e33d
Commit Graph

200 Commits

Author SHA1 Message Date
Stanislav Malyshev 9b1a224d4e Merge branch 'PHP-5.6' 
* PHP-5.6: (21 commits)
  fix unit tests
  update NEWS
  add NEWS for fixes
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix bug ##70284 (Use after free vulnerability in unserialize() with GMP)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  ...

Conflicts:
	ext/exif/exif.c
	ext/gmp/gmp.c
	ext/pcre/php_pcre.c
	ext/session/session.c
	ext/session/tests/session_decode_variation3.phpt
	ext/soap/soap.c
	ext/spl/spl_observer.c
	ext/standard/var.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	ext/xsl/xsltprocessor.c
 2015-09-02 00:37:20 -07:00
Stanislav Malyshev c19d59c550 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  update NEWS
  add NEWS for fixes
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  5.4.45 next

Conflicts:
	ext/pcre/php_pcre.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	ext/zip/php_zip.c
 2015-09-01 12:06:41 -07:00
Stanislav Malyshev 33d3acaae7 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  5.4.45 next

Conflicts:
	configure.in
	ext/pcre/php_pcre.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	main/php_version.h
 2015-09-01 11:42:19 -07:00
Stanislav Malyshev f9c2bf73ad Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories 2015-08-30 00:38:08 -07:00
Anatol Belski 026b41ba66 improve error message 2015-08-19 15:23:23 +02:00
Anatol Belski 545b364d56 remove TSRMLS_* 
either remains or merged in from PHP5
 2015-08-02 13:42:01 +02:00
Dmitry Stogov 4a2e40bb86 Use ZSTR_ API to access zend_string elements (this is just renaming without semantick changes). 2015-06-30 04:05:24 +03:00
Nikita Popov 5d3cf577aa Make convert_to_* safe with rc>1 
This only involves switching zval_dtor to zval_ptr_dtor for arrays
and making the convert_to_object for arrays a bit more generic.

All the other changes outside zend_operators.c just make use of
this new ability (use COPY instead of DUP).

What's still missing: Proper references handling. I've seen many
convert_to* calls that will break when a reference is used.

Also fixes bug #69788.
 2015-06-11 23:23:57 +02:00
Christoph M. Becker c3c87e4996 return FALSE instead of NULL from ZipArchive::getStream when php_stream_zip_open() fails (fixes #67161) 2015-05-12 14:32:05 +02:00
Remi Collet 3a55ea02aa add ZipArchive::setCompressionName and ZipArchive::setCompressionIndex methods 2015-05-06 15:16:43 +02:00
Remi Collet 3638ac2300 don't use deprecated libzip call 2015-05-06 15:16:43 +02:00
Nikita Popov 40e465e357 Clean up some type conversions 
While at it also fix some type checks in iconv and drop dead and
unported code in standard/filters.
 2015-04-27 18:50:08 +02:00
Lior Kaplan 59c2a55ec7 Fix typo: unitialized -> uninitialized 2015-04-01 18:17:53 +03:00
Rasmus Lerdorf 4d10e15845 Fix a couple of warnings 2015-03-20 23:32:07 -07:00
Dmitry Stogov 8633685675 Use specialized macro for string zval creation 2015-03-12 16:53:51 +03:00
Dmitry Stogov 9e70d7672d Move zend_object->guards into additional slot of zend_object->properties_table[]. As result size of objects without __get/__set/__unset/__isset magic methods is reduced. 2015-02-04 15:24:13 +03:00
Xinchen Hui 942809909e Cleanup resource handling APIs 2015-02-02 13:23:16 +08:00
Xinchen Hui fc33f52d8c bump year 2015-01-15 23:27:30 +08:00
Xinchen Hui 0579e8278d bump year 2015-01-15 23:26:37 +08:00
Xinchen Hui 73c1be2653 Bump year 2015-01-15 23:26:03 +08:00
Anatol Belski bdeb220f48 first shot remove TSRMLS_* things 2014-12-13 23:06:14 +01:00
Veres Lajos 06fdf359e3 typo fixes - https://github.com/vlajos/misspell_fixer 2014-11-23 14:52:47 -08:00
Veres Lajos 4dc994571d typo fixes - https://github.com/vlajos/misspell_fixer 
Conflicts:
	ext/ftp/ftp.h
	ext/pcre/pcrelib/pcre_printint.c
	ext/pcre/pcrelib/sljit/sljitLir.c
	ext/pcre/pcrelib/sljit/sljitLir.h
	ext/pcre/pcrelib/sljit/sljitNativeARM_32.c
	ext/pcre/pcrelib/sljit/sljitNativeTILEGX_64.c
	ext/pgsql/pgsql.c
	ext/phar/func_interceptors.c
	ext/soap/soap.c
	ext/standard/image.c
 2014-11-23 14:33:43 -08:00
Johannes Schlüter d0cb715373 s/PHP 5/PHP 7/ 2014-09-19 18:33:14 +02:00
Anatol Belski 454548e440 make it safer for an array underrun 2014-09-14 15:03:52 +02:00
Anatol Belski b6b376efe5 avoid repeated strlen() usage 2014-09-14 12:59:31 +02:00
Anatol Belski 7ea780dd6e fix type 2014-09-12 21:35:19 +02:00
Anatol Belski bf96ee95ce 's' works with size_t round 4 2014-08-27 20:49:37 +02:00
Anatol Belski 6db8d4f829 's' works with size_t round 3 2014-08-27 20:49:36 +02:00
Anatol Belski 3234480827 first show to make 's' work with size_t 2014-08-27 20:49:31 +02:00
Anatol Belski 202e8db1dc fixed several long vs zend_long casts 2014-08-26 11:26:53 +02:00
Anatol Belski af59e92b24 master renames phase 7 2014-08-25 21:51:49 +02:00
Anatol Belski c3e3c98ec6 master renames phase 1 2014-08-25 19:24:55 +02:00
Anatol Belski 094a78eb69 ported ext/zip 2014-08-19 11:47:21 +02:00
Anatol Belski 63d3f0b844 basic macro replacements, all at once 2014-08-19 08:07:31 +02:00
Dmitry Stogov 2ed8a17045 Refactored run_time_cache usage in object handlers 2014-07-07 20:54:31 +04:00
Dmitry Stogov c1965f58d4 Use reference counting instead of zval duplication 2014-06-05 16:04:11 +04:00
Dmitry Stogov 9dd66e4d53 Merge branch 'master' into phpng 
* master:
  Fixed issue #183 (TMP_VAR is not only used once)
  Fix broken Junit output with --disable-cgi
  Added folder mark
  Further test fixes for the fdb2709 breakage.
  Fix broken test caused by fdb2709.
  Added tests for ZipArchive::addGlob() and ZipArchive::addPattern()
  Fix run-tests.php with Valgrind >= 3.10.0.
  Add microseconds to the serialised form of DateTime objects.
  Improved test for bug #62479
  fix typo in ODBC code
  gcov: tentative fix for broken coverage data after fix for opcache coverage slightly hackish, but works. The idea is that we want to give priority to .gcda files in .libs dirs vs the files in the upper level dir
  5.5.14 now
  Fix bug #67060: use default mode of 660

Conflicts:
	ext/date/php_date.c
 2014-05-26 10:52:43 +04:00
Nikita Popov 4d22be992c Fix ZTS 2014-05-05 17:28:22 +02:00
Xinchen Hui c73c6526ef clean up 2014-05-05 18:09:15 +08:00
Xinchen Hui 39c521c056 Finish Zip (all tests pass) 2014-05-05 17:48:49 +08:00
Xinchen Hui 356824df4c Romove unnecessary proxy macro 2014-05-05 17:44:07 +08:00
Xinchen Hui 7e3989f301 Fixed memory leak in prop_handlers registering 2014-05-05 14:04:52 +08:00
Xinchen Hui ea33fbd833 Don't use this (keyword) 2014-05-05 10:56:18 +08:00
Xinchen Hui bea30846bb Refactor Zip (1 test failed) 2014-05-05 10:49:27 +08:00
Dmitry Stogov f9927a6c97 Merge mainstream 'master' branch into refactoring 
During merge I had to revert:
	Nikita's patch for php_splice() (it probably needs to be applyed again)
	Bob Weinand's patches related to constant expression handling (we need to review them carefully)
	I also reverted all our attempts to support sapi/phpdbg (we didn't test it anyway)

Conflicts:
	Zend/zend.h
	Zend/zend_API.c
	Zend/zend_ast.c
	Zend/zend_compile.c
	Zend/zend_compile.h
	Zend/zend_constants.c
	Zend/zend_exceptions.c
	Zend/zend_execute.c
	Zend/zend_execute.h
	Zend/zend_execute_API.c
	Zend/zend_hash.c
	Zend/zend_highlight.c
	Zend/zend_language_parser.y
	Zend/zend_language_scanner.c
	Zend/zend_language_scanner_defs.h
	Zend/zend_variables.c
	Zend/zend_vm_def.h
	Zend/zend_vm_execute.h
	ext/date/php_date.c
	ext/dom/documenttype.c
	ext/hash/hash.c
	ext/iconv/iconv.c
	ext/mbstring/tests/zend_multibyte-10.phpt
	ext/mbstring/tests/zend_multibyte-11.phpt
	ext/mbstring/tests/zend_multibyte-12.phpt
	ext/mysql/php_mysql.c
	ext/mysqli/mysqli.c
	ext/mysqlnd/mysqlnd_reverse_api.c
	ext/mysqlnd/php_mysqlnd.c
	ext/opcache/ZendAccelerator.c
	ext/opcache/zend_accelerator_util_funcs.c
	ext/opcache/zend_persist.c
	ext/opcache/zend_persist_calc.c
	ext/pcre/php_pcre.c
	ext/pdo/pdo_dbh.c
	ext/pdo/pdo_stmt.c
	ext/pdo_pgsql/pgsql_driver.c
	ext/pgsql/pgsql.c
	ext/reflection/php_reflection.c
	ext/session/session.c
	ext/spl/spl_array.c
	ext/spl/spl_observer.c
	ext/standard/array.c
	ext/standard/basic_functions.c
	ext/standard/html.c
	ext/standard/mail.c
	ext/standard/php_array.h
	ext/standard/proc_open.c
	ext/standard/streamsfuncs.c
	ext/standard/user_filters.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	main/php_variables.c
	sapi/phpdbg/phpdbg.c
	sapi/phpdbg/phpdbg_bp.c
	sapi/phpdbg/phpdbg_frame.c
	sapi/phpdbg/phpdbg_help.c
	sapi/phpdbg/phpdbg_list.c
	sapi/phpdbg/phpdbg_print.c
	sapi/phpdbg/phpdbg_prompt.c
 2014-04-26 00:32:51 +04:00
Dmitry Stogov 050d7e38ad Cleanup (1-st round) 2014-04-15 15:40:40 +04:00
Remi Collet 7946c5a235 add OPSYS_Z_CPM missing constant 2014-03-07 14:10:16 +01:00
Xinchen Hui c0aba2c641 Refactor basename using zend_string 2014-02-23 18:08:35 +08:00
Xinchen Hui c081ce628f Bump year 2014-01-03 11:08:10 +08:00