php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-11 10:03:18 +02:00
Code Issues Packages Projects Releases Wiki Activity
83,675 Commits 547 Branches 1,483 Tags
f1b2afc9d9e77edf41804f5dfc4e2069d8a12975
Commit Graph

3409 Commits

Author SHA1 Message Date
Adrien Crivelli
cf2496140d Fix minor typo 2016-12-03 14:15:52 +01:00
Dmitry Stogov
c2d6ffb85f Fixed test 2016-11-17 15:57:40 +03:00
Julien Pauli
a22175b06f Formatting. Fix possible memory corruption in FPM SHM management 2016-09-23 13:52:58 +02:00
tom916
807004a446 fix every work call mmap 
fix fpm_scoreboard_free
 2016-09-23 13:52:58 +02:00
George Wang
56fa36b0a8 Fix wrong year in previous commit. 2016-09-19 10:46:46 -04:00
Anatol Belski
b1f33db39f backport 59444347 and 3d7343f6 2016-09-08 17:46:53 +02:00
George Wang
c73bcbefbd Added .user.ini support. 
Added LSPHPRC support.
update LiteSpeed SAPI version to 6.10 .
 2016-08-28 21:49:30 -04:00
Stanislav Malyshev
d6a43a8562 Fix bug #72836 - integer overflow in base64_decode caused heap corruption 2016-08-16 22:55:41 -07:00
Christoph M. Becker
6e886f07a8 Fix #72676: Test cli_process_title_unix fails on AIX 
Patch provided by matthieu dot sarter dot external at atos dot net.
 2016-07-28 16:51:45 +02:00
Remi Collet
fb4a6dc0f1 FPM: add test for CVE-2016-5385 2016-07-22 09:35:09 +02:00
gooh
fb49f137ec Fix #72575: using --allow-to-run-as-root should ignore missing user 
directive

Trying to start PHP-FPM with the --allow-to-run-as-root flag will not
work when the user directive is not given in the FPM worker pool
configuration. Parsing the config will fail. Consequently, FPM cannot
start.

The check is in place to prevent FPM from getting started with root
privileges by accident. Prior to #61295 the check would also prevent
any non-root user to start PHP-FPM without a user directive present.

This patch adds an additional check to the config parser, checking for
the --allow-to-run-as-root flag to be present. If so, parsing will no
longer abort for root users even if the user directive is missing.

I will also update the PHP docs since they still state the user
directive is a mandatory setting which it is not since #61295.
 2016-07-12 10:36:17 +02:00
Julien Pauli
2552cf248d Remove needless zeroing of anonymously mmap'd memory 2016-07-11 14:58:12 +02:00
Michael McConville
9dd5d96332 Remove needless zeroing of anonymously mmap'd memory 
All existing systems zero anonymously mmapped memory, and if I
understand correctly POSIX will be specifying this soon. Many projects
already rely on it, so no reasonable system would return memory of
unspecified value.
 2016-07-11 14:56:17 +02:00
Adam Harvey
54eb659032 Fix typo in phpdbg help. 
Sorry, I would have included this in the last push had I spotted it a
minute earlier.
 2016-05-25 12:47:35 -05:00
Adam Harvey
e623e91e27 Add missing newlines to phpdbg's help for the run command. 
This is not at all related to needing screenshots for a talk I'm giving
in two days. No sir. Not at all.
 2016-05-25 12:38:41 -05:00
Ferenc Kovacs
3a16f511d9 mark frequent intermittent fpm test with XFAIL 2016-04-18 09:04:27 +02:00
Christoph M. Becker
2d4ad66ff2 Fixed bug #69953 
Added support for MKCALENDAR request method in CLI web server.
 2016-03-03 19:22:38 +01:00
Nikita Popov
bdd578fcbb Disable upload_2G test on travis 2016-03-03 16:35:45 +01:00
Anatol Belski
a329dc70e9 fix ts buld 2016-02-18 07:11:36 +01:00
Anatol Belski
ce4a2f0fc6 Fixed bug #71559 Built-in HTTP server, we can downlaod file in web by bug 2016-02-14 20:47:23 +01:00
Lior Kaplan
6772fbff62 Align spacing in make install messages 2016-02-08 20:27:19 +02:00
Remi Collet
07d2dcdf09 Fixed Bug #62172 FPM not working with Apache httpd 2.4 balancer/fcgi setup 
Only needed with Apache version < 2.4.12 (ex RHEL-7)
 2016-01-29 10:20:42 +01:00
Anatol Belski
5673ede6e9 fix test 2016-01-18 16:52:48 +01:00
Adam Harvey
f301a0b23c Simplify code per Anatol. 2016-01-11 21:36:55 +01:00
Adam Harvey
3217c033a5 Insert bug number. 2016-01-11 21:36:53 +01:00
Adam Harvey
c895dc5b5b Use strtoll() when apr_off_t is 64 bits. 2016-01-11 21:36:51 +01:00
Stanislav Malyshev
13750cb0a1 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Update NEWS
  Improve fix for bug #70976
  Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization)
  Fixed bug #70741: Session WDDX Packet Deserialization Type Confusion Vulnerability
  Fixed #70728
  Fixed bug #70755: fpm_log.c memory leak and buffer overflow
  Fix bug #70976: fix boundary check on gdImageRotateInterpolated
  typofix
 2016-01-05 19:38:29 -08:00
Lior Kaplan
53fb2f1e5c Happy new year (Update copyright to 2016) 2016-01-03 01:44:37 +02:00
Lior Kaplan
49493a2dcf Happy new year (Update copyright to 2016) 2016-01-01 19:21:47 +02:00
Julien Pauli
ea12ff149c Added support for HTTP 451 2015-12-23 11:31:18 +01:00
George Wang
00ed55005a Bumped SAPI version to 6.9 2015-12-09 00:28:08 -05:00
George Wang
0d84097d44 Added "mod_auth_basic" to apache module list. 2015-12-09 00:27:55 -05:00
George Wang
08080c18f5 Add sanitizing checks for request data. 2015-12-09 00:26:41 -05:00
George Wang
c60d4b9770 Clear secret after use. 2015-12-09 00:26:24 -05:00
George Wang
84fd8ffa2a Fixed __DIR__ in CLI mode. 2015-12-09 00:25:48 -05:00
Stanislav Malyshev
be19dbcb84 Fixed bug #70755: fpm_log.c memory leak and buffer overflow 2015-12-08 00:10:07 -08:00
Lior Kaplan
d6b78a3511 Fixed bug #61751 (SAPI build problem on AIX: Undefined symbol: php_register_internal_extensions) 2015-11-23 18:40:47 +02:00
Xinchen Hui
f72c7edfa4 Ensure the test fails 2015-11-11 14:55:33 +01:00
Nuno Lopes
36311ee4fd unbreak coverage data: fix #line directives in phpdbg parser 2015-10-24 18:12:24 -04:00
Anatol Belski
22af88274b Fix globals initialization in sapi/cgi 
Basically backport 8430ec17
 2015-10-23 13:56:40 +02:00
Xinchen Hui
37d814b84c Add test XFAIL for bug #70470 2015-09-11 13:45:18 +08:00
Christoph M. Becker
fd94c92171 Fix #68291: 404 on urls with '+' 
URI paths have to be treated according to RFC 3986 by the CLI web server, not
as application/x-www-form-urlencoded.
 2015-09-05 14:34:08 +02:00
Bob Weinand
272cccd175 Fix phpdbg_break_next() 2015-08-23 12:07:14 +01:00
Christoph M. Becker
9c805a6cb3 Fix #70264: CLI server directory traversal 
On Windows the built-in webserver doesn't prevent directory traversal when
backslashes are used as path component separators. Even though that is not a
security issue (the CLI webserver is meant for testing only), we fix that by
replacing backslashes in the path with slashes on Windows, because backslashes
may be valid characters for file names on other systems, but not on Windows.
 2015-08-14 17:05:31 +02:00
Christoph M. Becker
48c71cd94b Fix #69487: SAPI may truncate POST data 
If SG(request_info).request_body can't be completely written (e.g. due to a
full drive), only parts of the POST data will be available. This patch changes
this, so that SG(request_info).request_body will be reset in this case, and a
warning will be thrown.
 2015-08-11 01:32:13 +02:00
wusuopu
72976e2497 Fix #66606: Sets HTTP_CONTENT_TYPE but not CONTENT_TYPE 
The patch will store Content-Type header value in both HTTP_CONTENT_TYPE field and CONTENT_TYPE field.
 2015-08-09 02:37:16 +02:00
Christoph M. Becker
1b4a80332c added tests for bug #66606 2015-08-09 02:36:58 +02:00
Stanislav Malyshev
54187fa4b9 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  fix test
 2015-08-04 16:45:55 -07:00
Stanislav Malyshev
2425f88afd Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  fix test
 2015-08-04 16:45:32 -07:00
Stanislav Malyshev
da5321013c fix test 2015-08-04 16:45:20 -07:00