php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-26 09:12:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
120,978 Commits 547 Branches 1,481 Tags
dddb40313bf8acdf0294deb3b41fbe94de2806e6
Commit Graph

376 Commits

Author SHA1 Message Date
Anatol Belski
f2b40775af Revert "libmagic: Move the allocation on the stack" 
This reverts commit 1d84a58736.

Signed-off-by: Anatol Belski <ab@php.net>
 2020-09-02 20:04:00 +02:00
Anatol Belski
8c31001bf1 libmagic: Constify arg 2020-09-02 17:35:51 +02:00
Anatol Belski
1d84a58736 libmagic: Move the allocation on the stack 2020-09-02 17:35:51 +02:00
Anatol Belski
c676e8f356 libmagic: Fix VS compat 2020-08-29 19:58:26 +02:00
Anatol Belski
f8f288145b libmagic: Remove unneeded includes 
Signed-off-by: Anatol Belski <ab@php.net>
 2020-08-29 19:41:53 +02:00
Anatol Belski
bf93f1d824 fileinfo: Followup fixes 
Signed-off-by: Anatol Belski <ab@php.net>
 2020-08-29 19:03:41 +02:00
Anatol Belski
c3eeab01ba fileinfo: Upgrade to libmagic 5.39 
Signed-off-by: Anatol Belski <ab@php.net>
 2020-08-29 02:05:56 +02:00
George Peter Banyard
1b2ec73c1d Drop various unused macros/APIs 
Also convert_libmagic_pattern() to return a zend_string*

Closes GH-6029
 2020-08-26 12:59:43 +02:00
David Carlier
f32653accc fileinfo build fix proposal for haiku. 
Haiku already defines a unichar type and different than the fileinfo's anyway.

Closed GH-5983
 2020-08-21 16:13:09 +02:00
George Peter Banyard
3f286fa89a Promote Notice to Warning in libmagic 
The current behaviour makes little to no sense, having a notice which starts with 'Warning:' should just be a warning

Closes GH-5824
 2020-07-10 14:43:43 +02:00
George Peter Banyard
f91f72607b Drop unnecessary stdint and inttypes header checks 
These are always available as of C99.

Closes GH-5323

Co-authored-by: "Christoph M. Becker" <cmbecker69@gmx.de>
 2020-04-22 20:18:19 +02:00
George Peter Banyard
457380cae7 Drop wchar header check as always defined since C95 2020-03-31 00:14:56 +02:00
Christoph M. Becker
7702b693b5 Fix #79283: Segfault in libmagic patch contains a buffer overflow 
To solve this, we properly calculate the required string length upfront
instead of allocating an oversized string (`len * 4 + 4`).
 2020-03-16 22:42:15 -07:00
Nikita Popov
d4ba1fd963 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Fix #74170: locale information change after mime_content_type
 2019-12-20 11:24:03 +01:00
Sergei Turchanov
c62cd9a43a Fix #74170: locale information change after mime_content_type 
Some functions in libmagic (distributed with fileinfo extension) perform this sequence of calls:
func() {
setlocale(LC_TYPE, "C")
.. do some work ..
setlocale(LC_TYPE, "")
}

It effectively resets LC_TYPE if it that was set before the function call.

To avoid manipulations with current locale at all, the problematic functions
were modified to use locale-independent functions.
 2019-12-20 11:22:59 +01:00
Stanislav Malyshev
53b1d76144 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Fix libmagic buffer overflow issue (CVE-2019-18218)
  bump version
  set versions for release
 2019-10-28 20:47:50 -07:00
Stanislav Malyshev
8c2b3b0568 Merge branch 'PHP-7.2' into PHP-7.3 
* PHP-7.2:
  Fix libmagic buffer overflow issue (CVE-2019-18218)
  bump version
  set versions for release
 2019-10-28 20:47:44 -07:00
Stanislav Malyshev
2bdb13a1f7 Merge branch 'PHP-7.1' into PHP-7.2 
* PHP-7.1:
  Fix libmagic buffer overflow issue (CVE-2019-18218)
  bump version
  set versions for release
 2019-10-28 20:47:30 -07:00
Stanislav Malyshev
469820048d Fix libmagic buffer overflow issue (CVE-2019-18218) 
Ported from 46a8443f76
 2019-10-27 16:30:38 -07:00
Peter Kokot
f002761e08 Update libmagic patch 
This simplifies the libmagic patch:
- in upstream the HAVE_STRERROR check has been removed
- in upstream library the HAVE_SIGNAL_H has been removed
- indentations syncs with the upstream library
- some irrelevant changes removed from the patch (log comment), upstream
  has this correctly logged already so no need to patch the comment.

Closes GH-4298
 2019-07-08 12:38:47 +02:00
Anatol Belski
5ae0a6b784 Set buffer to NULL to prevent double free (Kamil Dudka at redhat) 
Based on the upstream patch d13204e8da43f1d8a98cf3f74591cde02ecdb2f7.
 2019-06-29 17:13:21 +02:00
Anatol Belski
0c8454c02d Partially reapply ba40f505e5 2019-05-30 02:48:01 +02:00
Anatol Belski
57c23df142 Fix datatype 2019-05-30 02:34:35 +02:00
Anatol Belski
622b10f06e Ported limagic 5.37 2019-05-30 02:22:40 +02:00
Nikita Popov
908660c1d7 Avoid maybe uninit warning in libmagic 
GCC 5 false positive, gone in newer versions.
 2019-04-15 10:59:45 +02:00
Nikita Popov
ba40f505e5 Fix unused variable warnings in libmagic 
These variables are only used in assertions.
 2019-04-12 12:03:26 +02:00
Nikita Popov
b65cb7e2aa Fix libmagic warnings 2019-04-11 15:20:05 +02:00
Nikita Popov
275fa53564 Accept zend_string* instead of char* in php_pcre_match_impl() 2019-03-18 12:32:06 +01:00
Fabien Villepinte
b6f9ade9f2 Remove unused variables 2019-03-17 23:29:51 +01:00
Anatol Belski
93a38b1f7c Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Fix typo in libmagic version
 2019-03-08 21:45:18 +01:00
Fabien Villepinte
d9a3cb0b36 Fix typo in libmagic version 2019-03-08 20:51:09 +01:00
Anatol Belski
c8ebfaa4eb Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Fixed bug #77576 pull the libmagic implementation of gmtime_r
 2019-03-08 20:48:24 +01:00
Anatol Belski
65ffdc2adf Fixed bug #77576 pull the libmagic implementation of gmtime_r 
PHP already has all the checks to handle the *_r function variants.
Thus, reusing it to get right symbols.
 2019-03-08 20:32:15 +01:00
Nikita Popov
27e9c05e81 Remove preg_options param from pcre_get_compiled_regex() 
This parameter is always zero and not necessary to call pcre2_match.

I'm leaving the parameter behind on the _ex() variant, so the preg_flags
are still accessible in some way.
 2018-12-26 17:20:13 +01:00
Anatol Belski
992e4fbc65 Fix regex 2018-11-10 12:13:03 +01:00
Anatol Belski
9d77bf0978 Fix regex 2018-11-10 12:11:02 +01:00
Anatol Belski
22f71a66ec Sync one more upstream libmagic piece 2018-11-10 00:19:42 +01:00
Anatol Belski
29dcf19f8b Declare function proto in header 2018-11-05 21:29:35 +01:00
Anatol Belski
0e33c2822c Declare function proto in header 2018-11-05 21:28:04 +01:00
Anatol Belski
c621182c42 Backport 7f5f4601 for 7.2 2018-11-04 16:57:55 +01:00
Anatol Belski
7f5f46013b Rework places in libmagic regarding previous CVE-2014-3538 fixes 
CVE-2014-3538 was fixed upstream, but the old patch was still kept in
the PHP port. This patch causes performance regressions when PCRE JIT is
not enabled. This is fixed by applying the relevant original code from
the newer libmagic, which makes the old patch obsolete as the
CVE-2014-3538 tests still pass.
 2018-11-04 13:11:28 +01:00
Anatol Belski
e1af7a794a Fix possible stack buffer overflow 2018-08-04 16:56:08 +02:00
Anatol Belski
6f24d75b56 Remove unnecessary decls, php.h is included 2018-06-03 12:45:37 +02:00
Anatol Belski
4363588f2f Align the ported place with libmagic 2018-06-03 12:14:42 +02:00
Dmitry Stogov
5eb1f92f31 Use zend_string_release_ex() instread of zend_string_release() in places, where we sure about string persistence. 2018-05-28 16:27:12 +03:00
Anatol Belski
94699d2ade Use suitable datatypes 2018-04-30 14:27:11 +02:00
Anatol Belski
f603ab57fc Reuse the struct timespec based pieces in libmagic 2018-04-30 12:02:47 +02:00
Anatol Belski
cf45479a19 Reuse strcasestr implementation from libmagic 2018-04-29 19:39:57 +02:00
Anatol Belski
09db1ae4b7 Fix C89 compat 2018-04-29 16:18:59 +02:00
Anatol Belski
e2182a1ba7 Port libmagic 5.33 2018-04-29 16:02:08 +02:00