php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-17 13:01:02 +02:00
Code Issues Packages Projects Releases Wiki Activity
96,274 Commits 547 Branches 1,483 Tags
e5beb4e828b2b9b3d79642bd407813c824950310
Commit Graph

818 Commits

Author SHA1 Message Date
Stanislav Malyshev
f76a6cd023 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fix tests
 2017-07-04 21:05:06 -07:00
Stanislav Malyshev
e46d589624 Fix tests 2017-07-04 20:12:57 -07:00
Nikita Popov
69058f35f8 Un-XFAIL serialization test 2017-01-10 00:07:38 +01:00
Joe Watkins
ff4e330eae Merge branch 'pull-request/1905' 
* pull-request/1905:
   pack()/unpack() for Big Endian float/double and Little Endian float/double
 2017-01-03 10:50:19 +00:00
Anatol Belski
043d8e2fe1 improve skipif 2016-12-01 13:32:10 +01:00
Nikita Popov
159de7723e Merge branch 'PHP-5.6' into PHP-7.0 2016-10-08 01:06:02 +02:00
Nikita Popov
bc3a0b82b8 Revert "Fixed test" 
This reverts commit a10d03ac16.
 2016-10-08 00:43:36 +02:00
Stanislav Malyshev
56e19b7c75 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fixed test
  Added validation to parse_url() to prohibit restricted characters inside login/pass components based on RFC3986
  Apparently negative wordwrap is a thing and should work as length = 0.
 2016-10-04 21:56:28 -07:00
Ilia Alshanetsky
a10d03ac16 Fixed test 2016-10-04 21:20:38 -07:00
Xinchen Hui
56e3ec93a9 Fixed skip 2016-09-21 17:20:02 +08:00
Remi Collet
3c117d4136 fix test (32bits) 2016-09-15 15:32:39 +02:00
Stanislav Malyshev
07c6bdb85d Merge branch 'PHP-7.0.11' into PHP-7.0 
* PHP-7.0.11: (22 commits)
  Fix bug #72293 - Heap overflow in mysqlnd related to BIT fields
  I don't think 8cceb012a7 is needed
  Fix test
  Add check in fgetcsv in case sizeof(unit) != sizeof(size_t)
  Fix bug #73065: Out-Of-Bounds Read in php_wddx_push_element of wddx.c
  Fix bug #73035 (Out of bound when verify signature of tar phar in phar_parse_tarfile)
  Fix bug #73052 - Memory Corruption in During Deserialized-object Destruction
  Fix bug #73029 - Missing type check when unserializing SplArray
  Fix bug #72860: wddx_deserialize use-after-free
  Fix bug #73007: add locale length check
  Fix bug #72928 - Out of bound when verify signature of zip phar in phar_parse_zipfile
  sync NEWS
  Revert "Merge branch 'PHP-5.6' into PHP-7.0"
  Merge branch 'PHP-5.6' into PHP-7.0
  Merge branch 'PHP-5.6' into PHP-7.0
  Revert "Revert "Merge branch 'PHP-5.6' into PHP-7.0""
  fix version
  sync NEWS
  Fix bug #72957
  set versions
  ...
 2016-09-12 21:09:30 -07:00
Anatol Belski
65bf5e88c7 Revert "Merge branch 'PHP-5.6' into PHP-7.0" 
This reverts commit 946335ba70, reversing
changes made to 3437dbfa00.
 2016-09-11 12:59:43 +02:00
Anatol Belski
e539ea439b Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Bug #73058 crypt broken when salt is 'too' long
 2016-09-10 02:44:21 +02:00
Anatol Belski
669fda00b7 Bug #73058 crypt broken when salt is 'too' long 2016-09-10 02:39:28 +02:00
Anatol Belski
946335ba70 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fixed bug #72703 Out of bounds global memory read in BF_crypt triggered by password_verify
 2016-08-29 20:32:55 +02:00
Anatol Belski
295303b590 Fixed bug #72703 Out of bounds global memory read in BF_crypt triggered by password_verify 2016-08-29 20:25:34 +02:00
Anatol Belski
05c8a0771d fix tests 
The 70436 test is just a bonus for the hardening in 72633.
 2016-08-17 12:39:35 +02:00
Stanislav Malyshev
0d13325b66 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6: (24 commits)
  Update NEWS
  BLock test with memory leak
  fix tests
  Fix TSRM build
  Fix bug #72850 - integer overflow in uuencode
  Fixed bug #72849 - integer overflow in urlencode
  Fix bug #72848 - integer overflow in quoted_printable_encode caused heap corruption
  Fix bug #72838 - 	Integer overflow lead to heap corruption in sql_regcase
  Fix bug #72837 - integer overflow in bzdecompress caused heap corruption
  Fix bug #72836 - integer overflow in base64_decode caused heap corruption
  Fix for bug #72807 - do not produce strings with negative length
  Fix for bug #72790 and bug #72799
  Fix bug #72730 - imagegammacorrect allows arbitrary write access
  Fix bug#72697 - select_colors write out-of-bounds
  Fixed bug #72627: Memory Leakage In exif_process_IFD_in_TIFF
  Fix bug #72750: wddx_deserialize null dereference
  Fix bug #72771: ftps:// opendir wrapper is vulnerable to protocol downgrade attack
  Improve fix for #72663
  Fix bug #70436: Use After Free Vulnerability in unserialize()
  Fix bug #72749: wddx_deserialize allows illegal memory access
  ...

Conflicts:
	Zend/zend_API.h
	ext/bz2/bz2.c
	ext/curl/interface.c
	ext/ereg/ereg.c
	ext/exif/exif.c
	ext/gd/gd.c
	ext/gd/tests/imagetruecolortopalette_error3.phpt
	ext/gd/tests/imagetruecolortopalette_error4.phpt
	ext/session/session.c
	ext/snmp/snmp.c
	ext/standard/base64.c
	ext/standard/ftp_fopen_wrapper.c
	ext/standard/quot_print.c
	ext/standard/url.c
	ext/standard/uuencode.c
	ext/standard/var.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	ext/wddx/tests/bug72790.phpt
	ext/wddx/tests/bug72799.phpt
	ext/wddx/wddx.c
	sapi/cli/generate_mime_type_map.php
 2016-08-17 00:43:33 -07:00
Stanislav Malyshev
4bf5c3187f BLock test with memory leak 2016-08-16 22:55:44 -07:00
Stanislav Malyshev
639f7fde6a Improve fix for #72663 2016-08-16 22:55:20 -07:00
Stanislav Malyshev
95d09e4b5e Fix bug #70436: Use After Free Vulnerability in unserialize() 2016-08-16 22:55:20 -07:00
Stanislav Malyshev
448c9be157 Fix bug #72663 - destroy broken object when unserializing 2016-08-16 22:54:42 -07:00
Christoph M. Becker
a93c62aafa Merge branch 'PHP-5.6' into PHP-7.0 2016-08-13 11:47:20 +02:00
Christoph M. Becker
ae3b2078ea Fix #72823: strtr out-of-bound access 
If php_strtr_array_prepare_repls() reports pattern_len == 0, we return
early to avoid OOB accesses, and because there is nothing to replace anyway.
 2016-08-13 11:40:33 +02:00
Lauri Kenttä
e616bc8694 Fix bug #55451 
Make substr_compare ignore the length if it's NULL. This allows to
use the last parameter (case_insensitivity) with the default length.
 2016-08-07 18:48:36 +02:00
Lauri Kenttä
3104759915 base64_decode: fix bug #72264 ('VV= =' shouldn't fail in strict mode) 2016-07-07 01:27:23 +02:00
Lauri Kenttä
c1ac081bf1 base64_decode: fix bug #72263 (skips char after padding) 2016-07-07 01:27:23 +02:00
Lauri Kenttä
b9c9be13cc base64_decode: fix bug #72152 (fail on NUL bytes in strict mode) 
This added check is actually for NOT failing in NON-strict mode.
The ch == -2 check later causes the desired failure in strict mode.
 2016-07-07 01:27:23 +02:00
Anatol Belski
ed10168b30 fix two remaining tests 2016-06-21 17:24:08 +02:00
Stanislav Malyshev
2a65544f78 Merge branch 'PHP-5.6.23' into PHP-7.0.8 
* PHP-5.6.23: (24 commits)
  iFixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
  update NEWS
  fix tests
  fix build
  Fix bug #72455:  Heap Overflow due to integer overflows
  Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize
  Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize
  Fix bug #72407: NULL Pointer Dereference at _gdScaleVert
  Fix bug #72402: _php_mb_regex_ereg_replace_exec - double free
  Fix bug #72298	pass2_no_dither out-of-bounds access
  Fixed #72339 Integer Overflow in _gd2GetHeader() resulting in heap overflow
  Fix bug #72262 - do not overflow int
  Fix bug #72400 and #72403 - prevent signed int overflows for string lengths
  Fix bug #72275: don't allow smart_str to overflow int
  Fix bug #72340: Double Free Courruption in wddx_deserialize
  update NEWS
  Fix #66387: Stack overflow with imagefilltoborder
  Fix bug #72321 - use efree() for emalloc allocation
  5.6.23RC1
  Fix bug #72140 (segfault after calling ERR_free_strings())
  ...

Conflicts:
	configure.in
	ext/mbstring/php_mbregex.c
	ext/mcrypt/mcrypt.c
	ext/spl/spl_array.c
	ext/spl/spl_directory.c
	ext/standard/php_smart_str.h
	ext/standard/string.c
	ext/standard/url.c
	ext/wddx/wddx.c
	ext/zip/php_zip.c
	main/php_version.h
 2016-06-21 00:24:32 -07:00
Stanislav Malyshev
7dde353ee7 Merge branch 'PHP-5.5' into PHP-5.6.23 
* PHP-5.5:
  Fixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
  update NEWS
  fix tests
  fix build
  Fix bug #72455:  Heap Overflow due to integer overflows
  Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize
  Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize
  Fix bug #72407: NULL Pointer Dereference at _gdScaleVert
  Fix bug #72402: _php_mb_regex_ereg_replace_exec - double free
  Fix bug #72298	pass2_no_dither out-of-bounds access
  Fixed #72339 Integer Overflow in _gd2GetHeader() resulting in heap overflow
  Fix bug #72262 - do not overflow int
  Fix bug #72400 and #72403 - prevent signed int overflows for string lengths
  Fix bug #72275: don't allow smart_str to overflow int
  Fix bug #72340: Double Free Courruption in wddx_deserialize
  update NEWS
  Fix #66387: Stack overflow with imagefilltoborder
  Skip test which is 64bits only
  5.5.37 now

Conflicts:
	configure.in
	ext/mcrypt/mcrypt.c
	ext/spl/spl_directory.c
	main/php_version.h
 2016-06-21 00:01:48 -07:00
Stanislav Malyshev
f6aef68089 Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize 2016-06-20 21:35:22 -07:00
Stanislav Malyshev
3f627e580a Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize 2016-06-20 21:26:33 -07:00
Dmitry Stogov
8f0ceb97cf Fixed bug #72100 (implode() inserts garbage into resulting string when joins very big integer). (Mikhail Galanin) 2016-04-26 13:04:06 +03:00
Xinchen Hui
e95782ed5e Fixed bug #71969 (str_replace returns an incorrect resulting array after a foreach by reference) 2016-04-06 10:19:24 +08:00
Joe Watkins
034e8ec02e fix #71287 (substr_replace bug when length type is string) 2016-03-31 17:10:12 +01:00
Nikita Popov
02743f43c2 Fixed bug #71806 2016-03-11 22:45:38 +01:00
Dmitry Stogov
afedd4fd59 Fixed test (sizeof(zend_string) is different on 32 and 64-bit systems) 2016-03-02 13:01:42 +03:00
Julien Pauli
0d1d814e1a Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Updated NEWS
  Fix #70720

Conflicts:
	ext/standard/string.c
	ext/standard/tests/strings/bug70720.phpt
 2016-02-02 18:17:16 +01:00
Julien Pauli
6b0b29edd6 Fix #70720 2016-02-02 18:09:54 +01:00
Anatol Belski
47af41b785 Revert "Fix #70720" 
This reverts commit ff7ed9021c.
 2016-01-29 12:41:43 +01:00
Julien Pauli
332b778d68 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fix #70720
  Align NEWS entry format
 2015-12-22 16:26:30 +01:00
Julien Pauli
ff7ed9021c Fix #70720 2015-12-22 16:25:51 +01:00
Xinchen Hui
d63ae2c382 Fixed bug #71190 (substr_replace converts integers in original $search array to strings) 2015-12-22 12:13:28 +08:00
Xinchen Hui
3524849f77 Fixed #71188 (str_replace converts integers in original $search array to strings) 2015-12-22 11:07:30 +08:00
Dmitry Stogov
9af07e7119 Fixed bug #70667 (strtr() causes invalid writes and a crashes) 2015-10-08 14:30:43 +03:00
Nikita Popov
ab74d80247 Fix bug #70487 
Switch to * instead of + in zpp.
 2015-09-14 15:04:43 +02:00
Anatol Belski
ebdd9cf6e8 fix test 2015-08-28 11:29:38 +02:00
Anatol Belski
5786f86656 fix test 
backported from master
 2015-08-23 17:27:50 +02:00