f79c774274
Fix #79091 : heap use-after-free in session_create_id()
...
If the `new_id` is released, we must not use it again.
2020-01-20 21:43:42 -08:00
6d5cddabaf
Fix test
2019-12-16 10:03:43 -08:00
c14eb8de97
Fix bug #78793
2019-12-16 01:14:58 -08:00
d348cfb96f
Fixed bug #78910
2019-12-16 00:10:39 -08:00
eb23c60087
Fix #78878 : Buffer underflow in bc_shift_addsub
...
We must not rely on `isdigit()` to detect digits, since we only support
decimal ASCII digits in the following processing.
2019-12-16 00:05:03 -08:00
b771a18133
Fix test
2019-12-16 00:03:18 -08:00
0e6c0654ed
Fix #78862 : link() silently truncates after a null byte on Windows
...
Since link() is supposed to accepts paths (i.e. strings without NUL
bytes), we must not accept arbitrary strings.
2019-12-16 00:03:06 -08:00
a5a15965da
Fix #78863 : DirectoryIterator class silently truncates after a null byte
...
Since the constructor of DirectoryIterator and friends is supposed to
accepts paths (i.e. strings without NUL bytes), we must not accept
arbitrary strings.
2019-12-16 00:02:57 -08:00
600f1f898f
Fix #78814 : strip_tags allows / in tag name => whitelist bypass
...
When normalizing tags to check whether they are contained in the set
of allowable tags, we must not strip slashes, unless they come
immediately after the opening `<`, or immediately before the closing
`>`.
2019-12-02 11:37:25 +01:00
db420cb6a1
Fix #78833 : Integer overflow in pack causes out-of-bound access
...
We check for potential signed integer overflow, and bail out
gracefully, in that case.
2019-12-02 11:18:19 +01:00
9b92c1d154
Fix #78849 : GD build broken with -D SIGNED_COMPARE_SLOW
...
Apparently, this has not been tested for a long time, and might be a
refactoring relict. Anyhow, we have to pass the context to
`GIFNextPixel` as well.
2019-11-21 09:59:26 +01:00
a2c41c0ea6
Fix $x = (bool)$x; for undefined with opcache
...
And `$x = !$x`
Noticed while working on GH-4912
The included test would not emit undefined variable errors in php 8.0
with opcache enabled. The command used:
```
php -d zend_extension=opcache.so --no-php-ini -d error_reporting=E_ALL \
-d opcache.file_cache= -d opcache.enable_cli=1 test.php
```
2019-11-18 11:24:03 +03:00
2c9926f156
Fix bug #78804 - Segmentation fault in Locale::filterMatches
2019-11-11 22:32:35 -08:00
ee243bc471
Remove outdated comments in test
2019-11-07 14:06:23 +01:00
5fa6dcd972
Fixed bug #78759
...
Handle INDIRECT values in array.
2019-11-07 11:15:29 +01:00
4f984a2fdb
Fixed bug #78775
...
Clear the OpenSSL error queue before performing SSL stream operations.
As we don't control all code that could possibly be using OpenSSL,
we can't rely on the error queue being empty.
2019-11-05 12:13:46 +01:00
e29922f054
Fix test cases for libxml2 2.9.10
...
Since the error reporting has been slightly changed, we have to adapt
the two affected test cases.
2019-10-31 16:07:34 +01:00
2bdb13a1f7
Merge branch 'PHP-7.1' into PHP-7.2
...
* PHP-7.1:
Fix libmagic buffer overflow issue (CVE-2019-18218)
bump version
set versions for release
2019-10-28 20:47:30 -07:00
89c327f884
Fix #78751 : Serialising DatePeriod converts DateTimeImmutable
...
When getting the properties of a DatePeriod instance we have to retain
the proper classes, and when restoring a DatePeriod instance we have to
cater to DateTimeImmutable instances as well.
2019-10-28 13:07:28 +01:00
469820048d
Fix libmagic buffer overflow issue (CVE-2019-18218)
...
Ported from https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84
2019-10-27 16:30:38 -07:00
5249993814
Fixed bug #78747
2019-10-25 12:47:18 +02:00
bea2ff88c9
Fix bug #78697 : inaccurate error message
2019-10-21 09:22:09 +02:00
45a7723267
Fix #78694 : Appending to a variant array causes segfault
...
`write_dimension` object handlers have to be able to handle `NULL`
`offset`s; for now we simply throw an exception instead of following
the `NULL` pointer.
2019-10-19 11:47:00 +02:00
d2cde0bfd3
Fix #70153 \DateInterval incorrectly unserialized
...
Added a separate macro for reading 'days' property, so that bool(false)
is correctly converted to the proper internal representation.
2019-10-18 15:31:14 +02:00
e2a6bf482f
Fix checksum calculation for opcache
2019-10-14 16:46:42 +02:00
900bdcbd03
Fix #78665 : Multicasting may leak memory
2019-10-12 14:43:43 +02:00
46561dab6a
Fix leak in phar open
2019-10-10 16:14:21 +02:00
daf1fc6e31
Avoid float to int cast UB in exif
2019-10-09 17:33:29 +02:00
d6ca174d5b
Remove redundant components < 0 check
...
components is an unsigned number, it cannot be smaller than zero.
2019-10-09 14:57:24 +02:00
a8f60ac9dd
Add pcre_get_compiled_regex_cache_ex() with local_aware flag
...
A new function `pcre_get_compiled_regex_cache_ex()` is introduced,
which allows to compile regexp pattern using the "C" locale instead
of a current locale.
This will be needed to replace setlocale() usage in fileinfo,
which is not thread-safe.
2019-10-08 16:11:55 +02:00
46894580b0
Add missing SKIPIFs in exif tests
2019-10-08 14:11:32 +02:00
195c2008e8
Fix #78642 : Wrong libiconv version displayed
...
The high byte of `_libiconv_version` specifies the major version; the
low byte the minor version.
2019-10-08 12:09:11 +02:00
fd3118ffb0
Fix #78641 : addGlob can modify given remove_path value
...
`remove_path` points to the given string, so we must not modify it.
Instead we use a duplicate, if we need the modification.
We may want to switch to `zend_string`s in master.
2019-10-08 09:45:05 +02:00
19e6abebc7
Check for object_init_ex() failure in user filter factory
2019-10-07 17:52:29 +02:00
7d19668f60
Set session.gc_probability=0 in bug78624.phpt
...
We only want to test manually triggered session GC.
Avoid spurious output due to automatic GC.
2019-10-07 16:43:19 +02:00
114c03b9a6
Fix #78623 : Regression caused by "SP call yields additional empty result set"
...
This reverts commit 41a4379cb4
2019-10-07 09:15:51 +02:00
545412a6cd
Split intl tests for ICU 65
2019-10-04 13:53:22 +02:00
abaf9a76dc
Fix #78620 : Out of memory error
...
The integer addition in `ZEND_MM_ALIGNED_SIZE_EX` can overflow, what we
have to catch early.
2019-10-04 09:08:01 +02:00
a6d219630c
fix #78624 : session_gc return value for user defined session handlers
2019-10-04 06:12:02 +02:00
9a2b42a5c1
Fix bug #76809 (SSL settings aren't respected when persistent connection is reused)
2019-10-03 06:56:21 +02:00
05560b67bc
Fix #76859 stream_get_line skips data if used with data-generating filter
...
stream_get-line repeatedly calls php_stream_fill_read_buffer until
enough data is accumulated in buffer. However, when stream contains
filters attached to it, then each call to fill buffer essentially
resets buffer read/write pointers and new data is written over old.
This causes stream_get_line to skip parts of data from stream
This patch fixes such behavior, so fill buffer call will append.
2019-10-03 06:50:43 +02:00
3124129ca8
Fixed test that "fails" from time to time
2019-10-02 00:54:59 +03:00
2fcb5eadbb
Fixed test that "fails" from time to time
2019-10-02 00:48:42 +03:00
209e37db7d
Add missing skip keyword in tests
2019-10-01 11:13:36 +02:00
6fcde56b03
Fixed bug #78612
2019-09-30 15:06:07 +02:00
45db6fa567
Fix #78609 : mb_check_encoding() no longer supports stringable objects
...
We apply type juggling for other types than array.
2019-09-30 12:42:04 +02:00
f6bfbe9553
Fix build for libzip < 0.11.2
...
We must not define method entries, if the actual method definitions or
the arginfo structures are not defined.
2019-09-29 13:33:18 +02:00
37d27e666a
Fix SKIPIF in ext/mysqli
2019-09-27 16:03:20 +02:00
115f6effec
Fix skipif.inc
2019-09-27 12:50:04 +02:00
d2331cc3f2
Fix hash key length in umsg_parse_format()
...
Fix array length passed to zend_hash_str_find_ptr() casting from
UChar array to char array requires mul by sizeof(UChar).
2019-09-25 10:30:33 +02:00
Christoph M. Becker